Presentation is loading. Please wait.

Presentation is loading. Please wait.

Technology Update TSAG Meeting 8/8/02. Announcements: Account Cleanup  Number of Accounts: 41,338  Number of Faculty/Staff:~ 3,000  Number of Students:~30,000(~

Similar presentations


Presentation on theme: "Technology Update TSAG Meeting 8/8/02. Announcements: Account Cleanup  Number of Accounts: 41,338  Number of Faculty/Staff:~ 3,000  Number of Students:~30,000(~"— Presentation transcript:

1 Technology Update TSAG Meeting 8/8/02

2 Announcements: Account Cleanup  Number of Accounts: 41,338  Number of Faculty/Staff:~ 3,000  Number of Students:~30,000(~ 8K ???) Mandatory Password Changes Coming in October! Disk Quota: Mail and Data DataMail Faculty/Staff:30MB10MB Student:10MB 5MB Other: 5MB 5MB Security Self-Assessment Wireless Update

3 Topics for Discussion Directory (NET) Initiative Update Mail/Calendaring Update DNS Cleanup Plans Network Access Control Training for TSAG members

4 Directory Initiative Update Peoplesoft Authentication via the directory  Go Live Date for HR and Financials: 10/9  Authenticate via: Account name:sfitzger PS OperatorID:E (current method)  Password updates via Account naming updates:  ECS and Admin&Finance  Individual Accounts: Your task: Have you local account naming convention unified with the campus directory.

5 New Mail/Calendaring System Activities We have been exploring possible replacement for our:  mail system (Messaging Direct)  calendaring system (Meeting Maker) Current major contenders are:  Microsoft Exchange,  Sun One Messaging (formally iPlanet),  Mirapoint Message Server,  Or combination thereof Non-evaluation efforts, (i.e., cleanup):  Elm (Electronic Mail) Is not IMAP compatible and is not supported We plan to purge all $HOME/.elm directories! (Comments?)

6 Related DNS Naming and Cleanup Preferred/Supported DNS names: imap, pop, pop3, and smtp Deprecated DNS names to be removed Nov 15: , mail1, mailsrv1, hp9k2, krusty, huey, exec, dewey, … (total of 14 CNAMES) References to the mail servers via hard-code IP address are not supported! Your task:  Update mail clients to use the service-naming convention  Review and update all web pages for bogus “mailto:” links (e.g,

7 Majordomo Cleanup Reason for Cleanup:  Spring cleaning  Preparing for “list serve” functionality to be supported by the Campus Directory  To minimize Campus exposure to SPAM Some Stats: JulyAugust  Previous number of lists: > 4000  Current number of lists:  Current number of entries: 39,39827,436 Future Activities:  Probe messages to all members of OPEN lists  Probe messages to owners/moderator of CLOSED lists  Probe messages for “[m-z]*-l” lists have not been sent yet

8 .forward files Many accounts are being used solely as reflectors “.forward” file will not work with any of the potential mail solutions Needs:  To eliminate accounts used just for reflectors  To move such reflectors to an appropriate alternative, e.g., Mail alias Majordomo-style list Etc.

9 Antivirus Mail Filtering To be put into production shortly, we’re finalizing testing. System supports LDAP-based mail routing! Architecture designed around future campus mail solution Goals for the new mail solution:  Redundancy  Scalability  Flexibility (e.g., to support different SPAM policies?)

10 Proposed: Antivirus/Mail Architecture krustytest1test2 Internet Firewalls Routers AntiVirus Mail Routers Mail Servers mx=10 Primary: imap, pop Secondary: smtp mx=20 Primary: smtp Secondary: imap pop

11 DNS Cleanup Plans Recent survey of DNS should >650 defunct DNS names Proposed process/timeline to cleanup  Send periodic ICMP ping probes to all DNS entries (8/26- 9/13)  Correlate data obtained from probes (9/16-9/19)  Inform TSAG of DNS names to be deleted (9/20)  Purge all defunct DNS names (9/23) Your Task:  Ensure your printers, servers are on line and respond to ICMP pings  Otherwise inform helpdesk that you wish to retain your DNS name

12 Network Access Control: We have made lots of progress – still more to do! Recent Changes:  Blocking the following ports: 1-19  Blocking the following protocols on the default ports: Jet Direct Flexlmnetbios-ssn loc-srvsvrloc ldapldaps  Blocking all inbound network connections to: Subnet 31 (Library East Wing) Subnet 57 (Library Open Labs) We need to information on Internet Servers! Internet Server: A server that provides one or more services to individuals not located on the campus network

13 Proposed Edge ACL Changes Block all inbound ports in the range: (1-19 done)  Exceptions: ftp (port 20, 21) ssh (port 22)telnet (port 23) smtp (port 25)pop3 (port 110) imap (port 143) (for only identified hosts) http/s (port 80, 443) Block all inbound ports for the following protocols:  printer (port 515)x11 (ports )  socks (port 1080) x font-service (port 7100)  print_agent (ports 3396) mindprint (port 8033)  jprinter (port 5309)xprint-server (port 8100) Target date: September 6

14 Training for TSAG members TSAG has recommend that the Campus adopt XP as the preferred Microsoft-based desktop OS. Training for XP and.NET has been arranged. First week of training held 7/29-8/2 Impressions? Your task: Inform Chris Sales as to your participation.


Download ppt "Technology Update TSAG Meeting 8/8/02. Announcements: Account Cleanup  Number of Accounts: 41,338  Number of Faculty/Staff:~ 3,000  Number of Students:~30,000(~"

Similar presentations


Ads by Google