ARCHITECTURE & INFRASTRUCTURE COMMITTEE MEETING AGENDA FRIDAY, October 11, 2013
9:00-‐10:30 AM FAC 228D
I. 9:00-‐9:15 Administrative Systems—Update (Mary Knight) II. 9:15-‐9:35 Priorities Finalization—Endorse III. 9:35-‐9:50 Retirement of Web Space-‐Communication Plan—Endorse (Dave Moss) IV. 9:50-‐10:05 Web Infrastructure Project—Endorse (Dave Moss) V. 10:05-‐10:30 Shared Services—Update and Input (Achim Welter and Heather Hanna)
1 IT Architecture and Infrastructure Committee 2013-‐2014 Priorities, V.1.
2013-‐2014 AIC Priorities
Shared Services Provide faculty input and advice on the transition to a shared service mode with special attention toward the development of metrics to evaluate customer service and satisfaction.
Cloud Strategy Build a framework to outline how the university will move to more cloud-‐based services, what infrastructure is needed, how monitoring occurs, what services are appropriate for the University, and how those services will be implemented and evaluated. This strategy should be supported by information gathered from an assessment of what our peers are doing in this space and a best practices and lessons learned library should be maintained.
ERP Integration Strategy Develop and disseminate best practices and detailed plans for departments that will need to interface with new ERP system. In tandem, develop guidelines and best practices for departments tackling the question of how to replace a wealth of fully functioning mainframe systems, outside of the new administrative system, with either commercially available administrative software packages, in-‐house solutions using newer or different technology, or a combination of both. Clarify integration strategy. Email Strategy Develop a matrix that helps users understand the capacities and differences between email systems so that they can choose which email system is most appropriate for individual use. Consider an institutional email solution.
Program Planning and Accountability Create a plan that offers guidance on adjusting priorities as new priorities are submitted to the committee for consideration. Develop a master list of priorities and a calendar of associated projects. Track how projects are related to each other and project dependencies. Develop guidance on how to analyze resource constraints when more than one project affects the university simultaneously. Track major milestones and when those milestones are met and celebrate major milestones and project achievement.
System Standards Create and minimum system management standards (server, desktop, laptop, etc) to improve information security and reduce costs. Successes and challenges may be understood by calculating the delta in system breaches, loss of unencrypted systems, productivity, and in savings.
2 IT Architecture and Infrastructure Committee 2013-‐2014 Priorities, V.1.
2013-‐2014 AIC Subcommittee Priorities
Web Infrastructure Subcommittee Priorities UT Web Implement a new, modern web infrastructure (“UT Web”) to meet the needs of the campus web publishing community. Centralized Web Tools Select and implement a suite of centralized web tools for campus web publishers (e.g. university-‐ branded web templates, search, analytics and quality assurance tools, maps). Emergency Web Site Implement an off-‐campus, emergency web site that is CMS-‐driven with distributed authorization for content management.
Identity Management Subcommittee Priorities Identity Management Roadmap Implementation Adjust schedule or apply resources to areas that will need to convert once it is released. CASI/UTLogin Transition Fully implement UTLogin and retire the legacy Central Web Authentication/Fat Cookie system. IAM Technology Selection Select the technology footprint to enable new and improved IAM services. IAM Cloud Integration Guidelines Provide guidelines to help campus plan for and address IAM functions when implementing cloud services. Implement Level of Assurance Framework & Multi-‐Factor Authentication Develop an objective risk-‐based assurance framework and provide multi-‐factor authentication services for high-‐risk transactions. Implement BYO-‐ID & Lightweight Authentication Provide “bring your own identity” and lightweight authentication options for low-‐risk transactions. Improve Redundancy of Authentication Services Leverage cloud-‐based solutions to improve the resiliency of central authentication services and reduce their dependence on campus-‐based infrastructure.
Streaming Task Force Priorities To make recommendations for a service that provides appropriate hosting solution(s) for publicly available rich media, restricted content as well as lecture recordings. If the solution(s) include on premise hosting then make recommendations on storage options.
AIC
Taskforces
VOIP
Office 365
Enterprise Chat
Projects
VOIP
CASI UTLogin
ASMP Tech Environment
Standards and Methodology
Virtual Desktop
Wireless Network
Cloud Identifier
Box Implementation
Upgrade Web Infrastructure
Implement Digital Strategy Web
Network
Inventory/Netcontacts/ISORA
Committees
Network Standards
Cloud Services
Qualtrics Steering Committee
Box Steering Committee
Web Technology and Infrastructure
Streaming Media Subcommittee
PROPOSED WEBSPACE RETIREMENT PLAN – OCTOBER 2013
! Proposed WebSpace Retirement Plan – October 2013
Executive Summary
Information Technology Services (ITS), in conjunction with the Information Security Office (ISO), seeks approval from the IT Architecture & Infrastructure Committee to retire WebSpace, a legacy online file storage and sharing service with less than 1,000 active users (and the top 100 users accounting for 98% of traffic) in May 2014. Retiring WebSpace would include a comprehensive communication plan as well as working directly with users to migrate content to alternatives solutions such as UTBox or Google Drive/Sites.
Business Need/Background
Over the past year, several security vulnerabilities were discovered in the application platform used by WebSpace, which were not addressed by the vendor in a timely manner. This required drastic measures by ITS and ISO to protect the university’s sensitive data, causing great inconvenience to users. Confidence is low that when new vulnerabilities are discovered that they will be addressed satisfactorily by the vendor, so moving away from WebSpace helps the university avoid future data loss and further service disruption to users.
Alternatives to WebSpace
Under the auspices of campus IT governance, ITS is asked to re-‐evaluate major service offerings and look for better solutions. Because of the risks associated with WebSpace, more robust and secure alternatives are now available.
• File Sharing o Current faculty and staff are eligible to use the new UTBox cloud based file sharing service for business use.
UTBox is approved secure by ISO and offers 25 GB (gigabyte) of storage. o Students can use Google Drive (a feature of UTmail accounts) for file sharing, collaboration and storage,
which also offers 25 GB of storage. • Web Publishing Options
o Account holders using WebSpace for web publishing can use Google Drive and Google Sites associated with UTmail accounts to host web pages. The University Blog Service also provides web publishing using the WordPress platform.
• Green Output o Austin Disk will be the new default destination for Green Output beginning October 14, 2013.
Communication Plan
• Update on WebSpace service page and no new accounts provisioned. • Update and “countdown clock” on WebSpace login page. • Periodic email messages and reminders to all WebSpace account holders regarding the impending retirement and
migration plan. • Comprehensive “how to” documentation and “high touch” support available to WebSpace customers who need
assistance with content migration. • “FYI” session will be scheduled.
For More Information
• Full draft communication plan: https://utexas.box.com/s/yclh1kqyuz6lma92hmfr • UTBox service page: http://www.utexas.edu/its/cloudstorage/ • UTmail service page: http://www.utexas.edu/its/email/
1 AIC/BSC Green Output Update—October 2013
Green Output Update
From the WebSpace service page
Note: WebSpace is a legacy online file storage and sharing service. No new accounts are available at this time; however, exceptional business needs (e.g. mainframe Green Output) can be discussed with the ITS Help Desk. Existing accounts and user materials will continue to operate as normal. A retirement date for the service will be determined after IT governance approves a transition plan.
With this in mind, mainframe Green Output will change its default destination from WebSpace to Austin Disk beginning October 14, 2013. There is nothing analysts or Green Output recipients need to do other than begin retrieving their output from a different location. Green Output Report Delivery Notices will continue to be sent to recipients and the new location will be reflected in the link provided in the email for each report. (Note: There will be some overlap in delivery between the old and new locations depending on when the mainframe job that produced the output was actually submitted. Thus, Green Output may be delivered to a user’s WebSpace account one last time over the night of October 14.)
Beginning October 14, when output from the Mainframe is sent to Green Output, it will be placed in an eReports folder on Austin Disk within a sub-‐folder named with the recipient’s EID. If this folder does not yet exist, Green Output will create and configure this folder automatically. Folders on Austin Disk can be securely accessed as a mapped network drive from Windows desktops, using the Connect to Server feature in Mac OS, or simply from a web browser. Instructions for accessing the new Green Output destination are available at http://www.utexas.edu/its/help/green-‐output/194
Users of the new Green Output folders on Austin Disk will have Read and Delete authorizations but not Write access to their individual folder. This new Green Output destination is not intended for general use storage – campus file storage and sharing options are outlined at http://www.utexas.edu/its/webspace/
Questions or concerns may be sent to the ITS Help Desk or to [email protected].
The University of Texas Aus3n UT Web Project Update IT Architecture & Infrastructure Commi?ee October 2013
2
Program Overview Abbr. Service Offering Descrip3on Avail EOL WC Web Central UT Aus1n’s central web hos1ng service
and Unix 1me share environments Today
Q4 2014
UT Web
UT Web Panel-‐based shared web hos3ng plaKorm
Q2 2014
SM Self-‐Managed Web Hos1ng
Web environments that are owned by or operated on behalf of non-‐ITS en11es (e.g. department-‐owned web servers on UT-‐V)
Today
MD Managed Drupal Project to be ini1ated by ITS Applica1ons that will provide a common build and University Communica1ons approved theme for users looking for a Drupal op1on requiring minimal setup
Est. 2014
Blogs Blogs (WordPress) Provides a common build and University Communica1ons approved theme for users looking for a WordPress op1on requiring minimal setup
Today
Note: All dates are calendar year, not fiscal year.
3
Web Hos3ng Cost/Flexibility Considera3ons
FLEXIBILITY
CO
ST
Managed Drupal & Blogs
UT Web
Self Managed Web Hosting
4
UT Aus3n Network
Solu3on Diagram
UT Web
Internet
Rackspace www.utexas.edu Emergency Presence
On-Campus UTWeb
www.utexas.edu Request
Apache Reverse Proxy
Web Central
www.utexas.edu
Nginx Reverse Proxy
On-Campus UTWeb Other
Domain Request
Off-Campus UTWeb
www.utexas.edu Request
Off-Campus UTWeb Other
Domain Request
5
File System Layer
UT Web Detail
Networking Layer
Applica1on Layer
Database Layer
Storage Layer
Red Hat Instance GlusterFS w/ NFS
Red Hat Instance GlusterFS w/ NFS
MySQL Clustered Instances
MySQL Clustered Instances
VMin 1
VMin 2
VMin n
Nginx URL Preservation & Load Balancer
CMin 1
CMin n
Red Hat Instances VirtualMin Cluster
Red Hat Instances CloudMin Cluster
VMWare ESX Shared Storage Infrastructure
*Min Metadata
User Content
Other Available
UT-‐Au
s1n Re
sources
Oracle Instances
UT Login
DNS
6
Risk / Constraints § New technology components are being implemented
§ Implica1on: Schedule/budget impact; ability to support § Mi1ga1on: Proof-‐of-‐concept will be done to validate complex
components; Knowledge transfer to ITS resources
§ Site administrators may not have the capacity to handle migra3ons prior to Fat Cookie target re3rement date of June 2014 § Implica1on: UT Login project impact § Mi1ga1on: Checkpoints will be scheduled throughout build
(technical readiness) and migra1on (customer readiness) phases; Create mi1ga1on plan for UT Login dependency; Early communica1on of migra1on plan
7
UT Web Project Planned Timeline Oct
2013
Feb
2014
June
2014
Sep
2014
Web Central
UT Web
Self Managed Web Hosting
University Blogs Service (WordPress)
Wikis
Fat Cookie Retirement
Digital Experience Design
w/ Templates
Managed Drupal
Digital Experience Templates
WWW on
UT Web
Naming Standards Policy
Go/No Go on UT Login
Proof of Concept
Available
Environment Available for Migrations
Dec
2013
Jan
2014
Tentative Dates
No New Sites
Begin Build Phase
Technical Readiness Checkpoint
8
Next Steps § Ini3ate Communica3on Plan
§ IT Governance § Update on Web Central service page (and related pages) § Emails to it-‐talk, it-‐updates, webpub, etc. § “FYI” session scheduled for October 23 § Comprehensive “how to” documenta1on and support will be
available to Web Central customers who need assistance with migra1on, including scheduled “office hours”
§ Ini3ate Build Phase § Finalize technical design § Develop proof-‐of-‐concept to test the design § Technical readiness checkpoints
Top Related