Macedonian Customs Administration

1

• Macedonian Customs Administration
• IT Survey

2
Equipment

• Description of servers, workstations, laptops and
  similar the type, brand name, approximate date
  of manufacturing, processor architecture/type/spee
  d, RAM, HDD capacity, available interfaces

3
1 Server Compaq ML350 2000 2xP-III 800MHz 512 MB 9 36 GB SCSI 15
2 Server Dell 6300 1997 2x P-II 512 MB SCSI RAID 18 GB 3
3 Server Dell 1300 1997 P-II 64/128 MB 4.5 18 GB SCSI 17
4 Server IBM x205 2004 P-IV 512 MB 36 72 GB 1
5 Server IBM Netfinity 3000 2003 P-IV / / 1
6 Server HP 2004 P-IV 512 MB 1
7 Server IBM x346 2006 P-IV 3
8 Server Alpha ES45 2004 AlphaCPU 1.25GHz 16 GB 36 GB 1
9 Server Alpha ES45 2004 4xAlphaCPU 1.25GHz 32 GB 1872 GB 2
10 Server Compaq DL380 2004 P-III 1.2GHz 1.2 GB 2x18 GB 2
11 Storage Compaq 2004 / / 120 GB 1
12 Storage Compaq Storage Works 4354 2004 / / 10x72 GB 1
4
13 PC Compaq Evo D310/D510 2004 P-IV 1.7/2.0 GHz 512 MB 40 GB 270
14 PC HP dx2000 2006 P-IV 3 GHz 1 GB 80 GB 50
15 PC Compaq 2000 P-III 800 MHz 64 MB 20 GB 130
16 PC Dell, IBM, other 1995 P-II 32 MB 6-20 GB 20
17 PC Fujitsu Siemens 2007 Dual core 512MB 80 GB 260
18 Laptop HP 2007 Core2Duo 1GB 80 GB 15
19 Laptop Compaq, HP 2003 P-IV 256-1 GB 36-72 GB 30
20 Server HP ProLiant DL360 2007 Xeon 3GHz 1-4 GB 146-512GB 3
21 Server HP Integrity rx6600 2007 2xdual core 64 Itanium 2 16 GB 8x73 GB 1
22 PC Online daten 2008 Dual core 1 GB 80 GB 105
5
Equipment

• printers, scanners and all other devices the
  type, brand name, approximate date of
  manufacturing, available interfaces

Type Brand Man. Interfaces
1 Laser printer HP 2200, 1300 2004 Network 70
2 Printer Epson LQ 300, 570, 1070 1997 Serial 100
3 Printer Oliveti, Minolta, other 1997 Different 50
4 Scanner HP ScanJet 5550 2004 USB 20
5 Laser printer Xerox PHASER 2007 USB,Eth 40
6 Scaner Xerox 2007 USB 20
6
Equipment

• purchased from EU-funds?
• 2008, 105 PCs, 30 printers, 18 routers and
  network equipment, projectors, 25 CCTV Speed dome
  cameras...

7
Equipment

• The preventive maintenance is performed in the
  following areas and on the basis of the
  following rules Preventive maintenance of PCs,
  peripheral equipment and network is done by ICT
  Sector staff, on every visit to the customs
  office or department (minimum once in 2 months).
  Servers are monitored on daily basis.
• Corrective actions are performed by our staff

8
Networking and installations

• LANs (Local Are Networks) within MCA 40
• Topology Fastethernet
• Number of nodes 40

9
Type Brand Man. Loc.
1 Router Cisco 1751 2003 Different 22
2 Router Cisco 2811 2007 Different 18
3 Router Cisco 3600 2003 HQ 2
4 Router Cisco 3660 2003 HQ 1
5 Router Cisco 3825 2007 HQ 1
6 Switch Cisco 3750 2006 HQ 8
7 Switch Cisco 2950 2003 Different 20
8 Switch 3-Com, Intel, other 2001 Different 10
9 Firewall ASA 5510 2006 HQ 1failower
10 Firewall Sonicwall G250 2003 HQ 2 (outdated)
11 Firewall Sonicwall SOHO3 2003 Different 30
12 Switch Cisco 2960 2007 Different 9
10
Networking and installations

• Interconnection and connection type.
• - all locations are interconnected
• BCPs and airports through SDH (MoI) and
  FrameRelay for backup
• Inland CO through VPN Internet (IPSec)
• Some locations use PPP connection

11
Networking and installations

• Protection from power breakdown
• UPSes used from different vendors, with different
  year of manufacturing, most of them recharged.
  All critical network and server equipment is
  powered through UPSes, some PCs also.
• Power generators in MCA HQ and also in several
  BCPs.
• In the HQ, there is separate power line for the
  devices mentioned.

12
Software and databases

• OS-es in use
• For servers Tru64UNIX, Unixware, Windows 2000,
  Windows 2003, RedHat Linux, AIX
• For PCs Windows XP and Windows Vista
• software tools in use (office suites, graphic
  editors, etc.),
• - Oracle development tools (form designer,
  reports), Visual Studio, Java tools
• specific software in use ,
• - Asycuda 1.17d- Customs Declaration Processing
  Software
• - Other in-house developed software for next
  purposes
• - Customs offices daily registers,
• - Internal customs warehouses,
• - Quota management
• - Customs guarantee management system

13
Software and databases

• antivirus software in use
• - Trend Micro
• databases in use (type, architecture, users)
• Oracle 9i/Tru64UNIX/8 CPU licenses
• Informix 7.22/Unixware2.1.3/40 server licenses
• MS SQL 2000/Windows 2000/1 server license
• MS Access/WindowsXP/ different number od users

14
Software and databases

• - All PCs are with licensed OS (Microsoft), all
  servers and databases are licensed.
• - Software is localised (i.e. it supports
  Macedonian language, Cyrillic alphabet), where
  applicable, e.g. OS for PCs and customs software
• - For Asycuda system (Unixware, Informix, Asycuda
  server/client) ICT Sector is responsible, for PC
  OS and Office suite also, other software
  installations depend of the software developer.
• - According to ICT general policy, the ICT Sector
  has already started implementation of security
  policy through Active Directory (LDAP) to limit
  the personal user installation.

15
Documentation, Procedures, People and Education
organisational structure
16
(No Transcript)
17
Documentation, Procedures, People and Education)

• The technical support department is responsible
  for any kind of ICT equipment relocation. The
  decisions are made with consensus, the job is
  physically done by department staff, reconnection
  also. For bigger, more complex relocation,
  different companies are engaged.
• About 900 people use IT equipment
• There are about 600 PCs, each employee in HQ uses
  PC, the PCs in customs offices are shared among
  staff.
• The training is organized on demand, by the
  training department.

18
Security of data and communication

• Back Up
• The backups are made on daily and weekly basis
  for the databases.
• The technical support department is responsible
  for ensuring the implementation of an effective
  back-up strategy for server-held software and
  data.

19
Security of data and communication

• Anti-Virus Protection
• As a part of general ICT policy, the antivirus
  application is implemented on each PC in the
  corporate network
• User support unit is responsible for the
  implementation of an effective Anti-Virus
  protection.
• 500 antivirus user licences.

20
Security of data and communication

• Passwords and accounts
• Network, servers (OS), databases, e-mail, are
  password-protected?
• There are restrictions for the passwords
  creation. (minimal length, composition of letters
  numbers etc.)
• User support unit is responsible for creation of
  network and e-mail accounts and system
  permissions
• User support unit, application support unit,
  based on information provided by HR Sector are
  responsible for removing or changing user
  accounts
• There is general policy the access to the system
  and the privileges are defined according to job
  position.

21
Security of data and communication

• Encryption
• On network level (point to point) there is secure
  tunnelling

22
E-mail/Internet

• We have leased line Internet connection with
  5Mbps
• Two pool of public IP addresses
• Two DNS Servers
• -All section in Customs Administration
  Headquarters and heads of Customs Offices have
  access. Content filtering is implemented.
• By using firewalls and intrusion prevention
  system networks are protected from the potential
  attacks from the Internet.

23
E-mail/Internet

• Users have access only for http and https ports
• Restriction for all executable and compressed
  file (exe, bat, rar, zip ect..)
• Restriction for all audio and video file (mp3,
  avi, mov, ect..)
• We use 32 public address for our public services
  (web, smtp, pop3, NAT for Asycuda servers)
• We monitor continually statistics about, but we
  dont research use and content of e-mail
  accounts. There is random examination of users
  Internet activities, performed by IT Security
  staff.

24
Special equipment

• Container examination and X-ray facilities
• Trace-Particle Detectors and/or mass
  spectrometers
• Closed Circuit Tv (CCTV) and (ANPR) There is
  active system with 240 cameras.

25
Questions and Suggestions?