Technology Update TSAG Meeting 4/8/04
Announcements IPX and Appletalk being phased out Friday June (Last day of academic year)
Telnet & FTP Phase out Next Step in Tighten-up the Network Perimeter Goal: Block all “inbound” network connections to Telnet and FTP servers from the Internet FTP/Telnet phase out: April 15, 2004 Exceptions: suncat.csun.edu:public access to the Library’s on-line catalog ftp.csun.edu: anonymous ftp server (no password logins starting on Oct 15, 2004) ftp.csun.edu csun1.csun.edu: phase out on Oct 15, 2004 Users WILL be able to use the telnet and ftp from their desktops to access servers located on the Internet!
Quotas are being Applied Enforcement is underway for: Over quota == No ! Faculty/Staff maximum storage limits: 100 MB by April 15, 2004 Yearly review of quotas by ATC is Complete Faculty/Staff:100MB [120MB provisioned] (was 30MB) Students: 10MB [ 12MB provisioned] (was 5MB) 100MB == 4,093 average sized messages (25K)
Password Expiration CategoryMaximum Frequenc y Compliance Date ITR and Technical Support90 daysDone PS Administrators90 days2/16..3/15 Individuals with access to Confidential Information 90 days2/26.. 3/25 Faculty/Staff with only self- service roles 180 days4/15..5/15 Students (current & past)180 daysPending All other accounts90 days3/15.. 4/15
Telephone and Voic Update Directory Services added to the VOIP system The “directories” button is now tied to the Campus Directory Caller-ID is currently on an independent system New Voic System is being installed Cutover date is to be determined (May 10?) Voic users, via x3100, will be able to Configure their new voic before the cutover Retrieve old voic after the cutover (for a limited time) On the cutover date, x6500 will be remapped from the old voic to the new voic system
CENIC Conversion The network is used by all UCs and a growing number of CSUs Conversion Dates First Stage occurred last Saturday (4/3) Second Stage will occur this Saturday (4/10) Transfer is being done during off-hours Benefits: Cost Reduction to the CSU system QOS capabilities More direct network paths to other sites Noted problems: We have only on Internet Connection Route flapping (which has been fixed) Firewall Management Issues
Firewall and Internal Security The Firewall has both protected the campus from external attacks protected the Internet from internal attacks During the CENIC conversion Firewall was effectively offline for two days Over 120 messages We have continuing reports of machines on our network attacking each other. What steps should/must TSAG members take to address this problem? ITR/NEO will be shutdown network connections to machines with > 2,000 flows/minute
RIAA Lawsuit RIAA has announced a lawsuit impacting a large number of ISP including many Academic Insitituions CSUN received a subpoena for information Two IP address were used to server up copyright material CSUN has two major legal responsibility as an ISP: e.g., Housing, we cannot be named in the lawsuit as the owner of the computer: e.g., computer in a lab we can be named in the lawsuit Firewall mitigates client-server model Firewall does nothing for peer-to-peer model
Campus AntiVirus Policy All machines attached to the campus network must have antivirus software installed and up-to-date ~8K computers on campus UTBI (University Technology Budget Initiative) 4,000 renewal licenses 4,000 new licenses 36,000? Student and at-home licenses Patch Management Policy All machines attached to the campus network must be up-to-date with all critical OS-level patches