FY ‘08 NETWORK PLANNING TASK FORCE Fall Agenda Setting and Discussion 09.17.07.
-
Upload
felicia-day -
Category
Documents
-
view
214 -
download
1
Transcript of FY ‘08 NETWORK PLANNING TASK FORCE Fall Agenda Setting and Discussion 09.17.07.
NPTF FY ‘08 Members
■ Robin Beck, ISC■ Michael Palladino, ISC (Chair)■ Mark Aseltine / Mike Lazenka,
ISC■ Gary Delson/Geoff Filinuk, ISC■ Dave Millar, ISC■ Deke Kassabian / Melissa Muth,
ISC■ Chris Bradie /Dave Carrol,
Business Services■ Doug Berger / Manuel Pena,
Housing and Conference Services■ Cathy DiBonaventura/Rick
Haverkamp, School of Design■ Helen Anderson, SEAS■ Brian Doherty, SAS■ John Irwin, GSE■ Ira Winston, SEAS, SAS, Design
■ Deirdre Woods /Dan Alig, Wharton
■ Mary Alice Annecharico /Mike Herzog, SOM
■ Rich Cardona, Annenberg■ Kayann McDonnell, Law■ Donna Milici, Nursing■ Ken McCardle, Vet School■ Jeff Fahnoe, Dental■ Grover McKenzie, Library■ Mary Spada, VPUL■ Marilyn Spicer, College Houses■ Joseph Shannon, Div. of
Finance■ Steve Stines /Dominic
Pasqualino, OAC■ Marilyn Jost, FRES■ Michael Weaver, Budget Mgmt.
Analysis
2
Agenda3
■ Defining the NPTF process for FY ’08■ Topics gathered thus far■ Additional discussion■ Setting the Fall agenda
NPTF Meeting Schedule – FY ‘08
4
■ 1:30-3:00pm in 337A Conference Room, 3rd floor of 3401 Walnut Street
■ Process ■ Intake and Current Status Review – July 16■ Agenda Setting & Discussion - September 17■ Strategy Discussions - October 1■ Security Strategy Discussions - October 15 ■ Strategy Discussions - October 29 ■ Prioritization - November 5 ■ Rate Setting – November 19
NPTF Process Feedback5
■ Too much information is crammed into too short a timeframe. ■ We don’t get enough time to prioritize things in the Fall.■ We don’t get enough time to discuss financial decisions with our
deans before our budgets are due.■ Is it possible to see the projected budget in September so that
we know how much discretionary money there is before we start?
■ Suggestions:■ Finish Fall process in early November.■ Hold fewer meetings in the Fall (3-4 total)■ Hold off-season meetings (2) to discuss strategic items■ Hold off-season meetings (2) for a closer review of operational
items.■ Do a review of where N&T resources are going for services and R&D.
■ Do a survey to get more formal feedback on current services.
■ “Polish” current services like VoIP before spending more time on new ones.
NPTF Security Feedback
■ Security is the “beast” that ate NPTF■ Is NPTF the right place to discuss it?■ Is there other centralized money for it?
■ We need to see a multi-year security strategy■ What is the budget impact of it centrally (charged
by ISC if any) and locally to schools.■ What is the budget impact of various security
policies?
6
FY ‘09 Price Setting7
■ We will re-evaluate pricing for:■ 10 Mbps ($6.03)■ 100 Mbps ($7.03)■ 1000 Mbps ($30)■ vLANs ($2.50)■ Wireless ($27)■ VoIP/ Voicemail/ IM■ Video services■ Analog voice services■ Central Service Fee (headcount and IP addresses)
N&T Operational Initiatives for FY ’08
8
■ Next Generation PennNet■ Gigabit building/subnet connections (router ports)■ Single-mode fiber to buildings (new pathway if
necessary)■ Redundant building/subnet connections
■ Customer Service■ Online, self-service intake for voice and data orders/
Service Order Intake (SOI)■ Always striving for better communications and
feeling the urgency in your requests■ Wireless■ Expand 802.1x authentication to all wireless
PennNet areas where current web authentication exists for wireless-PennNet. (Dual SSIDs)
Strategic Discussions for FY ’08
9
■ Communication Names■ Develop infrastructure necessary to implement
Communication Names in order to support longer and more meaningful user names for email and other electronic communications.
■ Complete name space clean up■ Augment PennNames to support Communication Names■ Develop application to create Communication Names■ Create web interface to allow authorized users to lookup,
add, modify and delete Communication Names■ Create API to allow authorized applications to lookup, add,
modify and delete Communication Names■ Modify Penn Community to store Communication Names■ Should we do cost estimates on this project?
■ Wireless■ Seamless roaming■ 802.1x only (visitors)■ Earthlink as wireless overlay. Outsource outside?
Strategic Discussions for FY ’08 (Contd.)
10
■ Integrated Communications■ VoIP■ Softphones■ IM■ VoIP redundancy & scheduled down-time
■ Video Strategy■ Digital video■ Desktop teleconferencing
■ File sharing and archiving/Flexible method for sharing data■ How broadly and on what time line should PennNet Gateway
(scan and block) be deployed once it is fully ready? Or as desktop/laptop operating systems with automated security updates become common, does PennNet Gateway become a lower priority?
■ What should the timing be for a single campus-wide network access control for both wired and wireless networks?
■ Can we enhance perimeter intrusion detection?■ UPS on all network electronics■ Cell phone coverage in buildings
FY ‘08 Security Goals11
■ Compliance: Roll out the Security and Privacy Impact Assessment (SPIA) process, in conjunction with Penn’s Privacy Office to better manage University-wide IT security and privacy risk to 8-12 schools & centers.
■ Prevention: Establish Penn LSP security training & certification (computer based training and testing) and conduct security technology training for 3 – 5 topics. New employee online security and privacy awareness training.
■ Identity Management■ Security Assessment: Engage with Oracle Corporation to review
database security and identity management infrastructure to ensure timely and secure access to Penn enterprise IT resources
■ Develop a plan for next generation PennKey.■ Implement Shibboleth for federated identity.■ Build and deploy a central authorization system to minimize the
risk of exposing sensitive data and/or violation of policy or law
FY ‘08 Security Goals (Continued)
■ Select a recommended product for stored data encryption■ Should we do centralized key escrow?
■ Limit SSN availability through Data Warehouse
■ Develop strategy documents: ■ Develop logging best practices in conjunction with HARTS team■ Beyond passwords, next steps for authentication ■ Personal device security■ Subnet level intrusion detection
■ Pennnet Gateway: Help prevent compromised systems from spreading malware on the network and avoid increased support needs for incidence response■ Pilot deployment for College Houses, Sansom Place and
GreekNet wireless areas and possibly two other schools and centers.
12
Possible FY ‘09 Security Goals
13
■ Year three of four-year SPIA rollout.■ Identity Management
■ Extend Authorization system’s group management capability to include privilege management.
■ Online provisioning for Penn administrative applications.■ Implement first phase of Next Generation PennKey■ Implement security event logging■ Logging policy (protecting against brute force attacks)
■ Pilot Critical Host Vulnerability Management agent and Compliance Reporting.
■ PennNet Gateway: full roll out to residential system ■ Review campus A/V strategy vs. Host-Based Intrusion
Prevention. Compare Symantec with alternatives.■ Campus-wide all staff (then faculty) security and privacy
awareness online training.
Additional Discussion14
■ What have we missed that is critical to be done in FY ‘08 or planned for now to do in FY’09 and beyond?
■ What can we eliminate?■ Bluesocket wireless authentication. ■Can we move 100% to 802.1x by Fall ’08?
■Netnews