Technology Update TSAG Meeting 2/12/04

Networking Updates Welcome Matt Brown! CENIC (Corporation for Education Network Initiatives in California)  4CNET is being phased out. (our current Backbone Connection)  Coming up real soon…  Transfer will be performed during working hours. Reminder: IPX and Appletalk being phased out Friday June (Last day of academic year)

Desktops Related Activities TSAG Desktop Standards Committee  Minimum Hardware Configuration  Next Steps… Minimum Software Requirements:  Antivirus, MS Office suite, etc. Minimum OS System Configuration  Patch management, etc.

Patch Management New Patch Needed for MS platforms Caution: The vulnerability is huge without the patch!! ITR activities:  patches applied to all Enterprise Servers (Tuesday)  desktop patches tested for one day  deployed patches, via SUS, on desktops

ITR has deployed a hierarchal enterprise-Level SUS Individual Units may either:  Join Hierarchal SUS  Install Local SUS  Use live update COBAE, Library, and SBS have local SUS-es Need registry tweak or Active Directory GPO POC: Barry W. or Dave A. Architectures for SUS SSUS (Untested Patches) MSUS (Untested Patches) PSUS (Tested Patches)

Active Directory Current Deployments:  Comp 100 (three/four Labs)  COBAE Lab (one Lab)  Library (several machines)  ITR (~40%) Learning Experiences  Account-Account  Authorization Defaults (All -> None)  Fresh Installs sometimes needed (NT Kernel and GPOs conflicts)  UID versus Mail Address Logins Documentation Online POC: Dave Aragon

Security Activities AntiVirus Software:  ? Should we obtain a campus-wide license  ? Should we require antivirus on all desktops Password Expiration:  90 days TSAG and ITR (currently)  180 days A&F Feb 16 - Mar 15: first warning sent Feb 26 - Mar 25: passwords start expiring  180 Peoplesoft Users (minus faculty) Mar 8 - Apr 5: first warning sent Mar 8 - Apr 15: passwords start expiring FTP/Telnet phase out: Date? (was 1/1/04)

Spam: An ever growing problem! Steps in progress:  Updating anti-spam tagging (SpamAssassin)  Incorporating Black Lists ( SBL - Spamhaus Block List SBL CBL - Composite Blocking List CBL NJABL - Not Just Another Bogus List NJABL  Need to be concerned about False Positives Bottom line:  Users must decide what is spam and what is not!  Local Tech support is needed to help users to Setup filters via Webmail Utilize antispam features of clients

Proposal Blocking Administrative Lists We have three types of lists  Department/Official Lists  Class Lists  Purpose Lists Goal: to prevent spam on “Administrative” lists Tested with (thanks Ramification:  Only individuals with a campus accounts can send to Administrative Lists  Home users: use Webmail or configure client to use SMTP.csun.edu But “whatif” I don’t want my list blocked!  Transform your list to a -g list (e.g.)  Set up your list to “Reply-to” the owner

Quotas are being Applied Enforcement is underway for:  Over quota == No ! Faculty/Staff maximum storage limits:  300 MB by Feb 15, 2004  200 MB by March 15, 2004  100 MB by April 15, 2004 Yearly review of quotas by ATC is underway

Universal Drive Udrive Available to all User  Released to TSAG summer ‘03  Released to ECS fall ‘03  Formal Announcement Coming Allows users to use “Drag and Drop” for web page publishing Active Directory GPO to automatically map for all users MS users: \\udrive\, e.g., \\udrive\tsag\\udrive\<uid\\udrive\tsag Mac users: smb://smb.csun.edu/tsag

Campus IT Status Page Summary information from Big Brother, MRTG, Spectrum, etc. Provides:  Summary status of Enterprise systems  Pending Maintenance Announcement (if any)  Black Lists: Spammers messages blocked “Irresponsible” ISP or Host Internet connectivity blocked “Compromised” Computers (ports disabled) Network connectivity blocked Consult as part of IT diagnosis process

Sunset SIMS/R Peoplesoft conversion in mop-up stage SIMSR is being retired General steps:  SIMS becomes read-only database  Eliminate all general access to SIMS (only users perform data validation (e.g.) will have access.)  Production Hours reduced: M-F 6am-6pm (?)

Registry of Computer Labs ATC requested Campus-wide Lab Schedule Intent: To allow students to more easy locate IT resources Information Needed:  Location of LabPurpose of the Lab  Provided Equipment (e.g., 24 Windows XP, …)  Supported Users (e.g., only COMP 100 students)  Hours of Operation Restricted Access Open Access  Contact point for more info (e.g., URL) We need you to provide the information

CATS Update