Title: University Infrastructure Group
1University Infrastructure Group Julian
Lintell-Smith May 2008
2Our Aims
- To provide high quality, secure and reliable
services to support teaching and learning,
research and administration - Improve existing services and provide new
services for the university - Reducing complexity
- and making difficult things look easy
- Automating time consuming processes
- Looking to the future
3The Infrastructure Group
4The Infrastructure Group
Desktop Team
Lan Team
Information Security
Networks Team
Systems Team
5Senior Manager Julian Lintell-Smith
Robert Blatt Mike Meredith Sharif Salah Peter
Westron
Jeanette Connelly Dave Early Naeem Khan Arron
Knight James Holland Toby Ricketts Paul Sims
Chris Beakes Paul Bundey Phil Davies Ben
Ladd Mike Reid Mary Withers
Phil Brown Phil Burland June Colton Jacqui
Cox Peter Johnson Jackie Storey Martin Sutherland
6Where we fit in to IS ?
CUSTOMERS / USERS
Service Management
Project/Programme Management
Service Delivery
Programme Office
Applications Management
Infrastructure Management
University Applications Group
University Infrastructure Group
Security Management
7Work in progress
- Disaster Recovery Project
- Telephone System Replacement
- Windows Vista
- Linux Desktop
- Athens replacement
- HR/Payroll
- Victory
- Laptop Encryption
8ITIL Change Management
9ITIL Change Management
- Not a barrier to change
- A method of managing and controlling the way
changes are initiated, assessed, planned for,
scheduled and implemented. - Ensures higher service availability
- with published change windows
10Most Popular websites
By number of requests
11Futures
12Information ServicesUIG Desktop Team
13Responsibilities
- Development, delivery and maintenance of the
following products and services - Standard operating system builds Imaging
service. Windows XP images (4986 PCs) -
XP1.13, XP2.3.1, XPLAPTOP (Specials). Basic
Vista image - Project work this summer. Project
to develop Linux desktop started. - Hardware evaluation Proposed purchases of
desktop PCs and laptops to ensure
compatibility with services.
14Responsibilities
- Core and departmental applications Currently
1527 active application objects both Teaching
and Corporate (154 objects). - Anti-virus software Sophos 7.3.1. Windows
internal and external distributions. Also
support for Linux, MAC, Unix, Solaris. - Policies Workstation (Novell and
Windows). Student, Staff, Staff-Admin,
No-restrictions.
15Responsibilities
- Central licence servers - Moscow-Blue,
Moscow-Violet, Moscow-Indigo. - 20 Applications
transferred. - Approx 20 more to be transferred
- will be phased in as licences expire or
summer 2008 at the latest. - Licence monitoring and compliance - Software
evaluated ZAM, Softrack, Keyserver,
Express Meter. - KeyServer purchased and
installed to monitor applications used on
MACs. NAL application logging is being
used for Windows applications. - ZCM may offer
more robust facilities.
16Linux Desktop
Projects
- A project is being initiated to distribute a
standard Linux build to selected PCs.
17Vista/ZCM
- A project is being initiated to distribute a
standard build Vista Enterprise desktop supported
by ZCM.(ZCM ZenWorks Configuration Manager -
Zen 10) - The project will aim to distribute a build to
student desktops during Summer 2009 with a staff
distribution to follow (in parallel with XP). - This setup may open interesting opportunities for
supporting virtual desktops including Linux and
XP (if still needed for special applications).
18Problem Solving suggested steps
- Ask the Desktop Team at any stage if in doubt.
- Application Problems
- 1. verify the application.
- 2. Delete the user profile.
- 3. Re-image the PC. (Usual checks)
- 4. Pass it on to the Desktop Team.
- Windows problems (not application specific)
- 1. If it only occurs on one PC and is user
specific then try deleting the user profile. - 2. Re-image the PC.
- 3. Pass it on to the Desktop Team.
19UIG LAN TEAM
20WHAT DO WE DO?
- Manage all file print (N drives, L drive,
iPrint, GPAS etc) - LDAP Authentication
- GroupWise Email
- GroupWise Mobile
- Backups
- SAN Management
- eGuide
- Managed Server (Virtual Infrastructure)
- ZENworks Services
- Remote Access (Secure FTP, NetStorage)
- iFolder
21SERVER PROCUREMENT
- FOR WHEN YOU HAVE TIME ON YOUR HANDS
22SPECIFICATION
Processor Memory Storage Networking
23PLUS A BIT EXTRA JUST IN CASE!
24OBTAIN QUOTE
CAN TAKE A FEW DAYS
25OBTAIN QUOTE
CAN TAKE WEEKS IF TENDERING
26RAISE ORDER
IS ADMIN gt FINANCE gt SUPPLIER
27NOW WHAT HAPPENS?
TICKTOCKTICKTOCKTICKTOCK
28NOW WHAT HAPPENS?
WAIT FOR 2-3 WEEKS ON AVERAGE
29SERVER ARRIVES
HURRAH!
30SERVER ARRIVES
IN A NICE BIG BOX
31INSTALL INTO RACK
32INSTALL OPERATING SYSTEM
33PATCH OPERATING SYSTEM
34SECURE OPERATING SYSTEM
35READY FOR SERVICE INSTALLATION
FINALLY!
36HOW LONG?
SPECIFY 1 DAY
QUOTE 2 DAYS
RAISE ORDER 2 DAYS
AWAIT DELIVERY 14 DAYS
INSTALL HARDWARE ½ DAY
INSTALL OS ½ DAY
PATCH OS ½ DAY
SECURE OS ½ DAY
37HOW LONG?
21 DAYS
38WHAT IF?
SERVER IS OVER SPECIFIED
39WHAT IF?
SERVER IS UNDER SPECIFIED
40WHY?
DO WE PUT UP WITH IS
41WHY?
CANT WE DO IT FASTER
42WHATS THE SOLUTION?
VIRTUALISATION
43WHAT ARE WE WORKING ON?
- Desktop Virtualisation
- ePayments
- Windows Server Management
- Standard Linux Desktop
- JANET Roaming Services
- Identity Management
- Major Backup Review
- Document Management
- and many many more
44Areas of Responsibility
Nigel Jeffries Security Architect
45- Project Overview and business case - May 2007
- Solution Proposal and Purchase February 2008
- Configuration - May 2008
- Planning and Testing Phase May 2008
- Policy, Documentation and SLA with Service Desk
Team prior to phased Roll Out June 2008
46- Why are we doing this?
- Does this apply to my laptop?
- What is encryption?
- Questions
47- There is no formal encryption policy
- Recent thefts of laptops from the university
- Internal System Audit Rules
- Compliancy with the UK Law and Legislation e.g.
Data Protection Act 1998 - Data security, confidentiality and integrity are
an absolute priority for large enterprises - To protect business sensitive and personal data
from theft or leakage and to mitigate risk from
any subsequent investigation and/or damage to our
reputation - Its the right thing to do
48- Yes but that depends!
- All university laptops are considered a
controlled asset and are therefore subject to
all university policies and procedures. Any
university laptop from any centrally managed
source that contains data of a personal or
business critical nature - The recommendation will be that all university
laptops will be encrypted
49- Definition encryption is the process of
obscuring information to make it unreadable
without special knowledge. - Full Disk Encryption (FDE) with Pre-Boot
Authentication will be deployed - How/When/Who?
- Will I need a password?
- What has been accepted?
50UIG Systems
- Robert Blatt
- Jacki Dwyer
- Mike Meredith
- Sharif Salah
- Peter Westron
51Some of our daily responsibilities
- All Sun Servers
- Linux Servers
- DNS
- Setting up web pages for Students,
- Staff and UOP
- Backup and restores
- Support corporate applications with
- other IS teams
52(No Transcript)
53A selection of current projects
Upgrade Finance and Payroll
Replacement HR and Payroll
New Backup solution
Disaster recovery
Maximo
Anti-spam
ITIL
Juno/TUD
WebCT/Victory
54(No Transcript)
55Victory will replace WebCT at the start of
2008-2009 term We have worked alongside UAG, to
make Victory a resilient system
56(No Transcript)
57(No Transcript)
58Brass
Maya - Orange
Live database server
Data-guarded server
59Victory has 800 concurrent users We are
expecting 2,000 concurrent users to be on line in
the new academic year Up to date statistics on
Victory usage can be found on http//mrtg.iso.por
t.ac.uk/cgi-bin/m-mrtgviewer?catagorywebct Than
ks to Robert for the information
60(No Transcript)
61Information ServicesUIG Network Team
62 What are we responsible for?
63Some Current Projects
64A Completed Project
- Requirement from Mobile Media for students in
halls of residence to have access to Freewire
IPTV and IP phones
65Enabling the Network for Freewire TV and VoIP
66Upgrading ResNet Voice and Data on a single
cable
67Upgrading ResNet
68Using Multicast
- Multicast makes efficient use of bandwidth
- Multicast has one stream per group per link from
the server throughout receiving and interlinking
networks - Multicast is Best Efforts delivery only
69Multicast is not just for TV!Multicast
Applications
- Media video/audio content
- Data replication
70Questions?