Duke ITAC - February 25, 1999 Minutes

DUKE ITAC - February, 25 1999 Minutes

Minutes

February, 25 1999

Call to Order: Meeting called to order by John Sigmon, Temporary ITAC Chair.

Review of Minutes and Announcements:

  •  
  • The Minutes of the 11 February Meeting were approved with a minor spelling amendment.
  • Betty Leydon Commented on correspondence with Robert Wolpert while he is on sabbatical.
  • Mike Pickett announced the SAP Go/No Go roll-out of 2500 user ID's for the following Monday and stated that the focus would be on nursing / procurement inventory systems.

Review of Proposed Network Principles and Process for expansion/upgrade

  1.  
    Draft of Network Principles and Responsibilities February 23, 1999 The Duke University Network (DukeNet) is a shared and vital resource of this institution. In support of this resource, members of the Duke University community, including the network users and administrators, recognize the following principles: All users should have access to a robust, reliable, and secure network and the network should be used in a responsible manner. The replacement and upgrade cycle needs to be flexible, taking into account: Users' needs Growth rate Network utilization Technology changes The implementation of new technology and the use of the collective network need to take into account the effect and impact upon local, enterprise, and wide-area network infrastructures. In order to implement a reliable and secured network the following responsibilities have been agreed upon: OIT Data Communications in consultation and collaboration with local network and departmental administrators will develop a proposed plan for expansion and/or upgrade to departmental and school network segments. This plan will be reviewed annually and adjusted based on the principles above. Departments and schools developing, upgrading or expanding network segments that directly attach to the DukeNet backbone should consult with OIT Data Communications to ensure compatibility with existing hardware and protocols. A "state of the network" report will be presented at least once per academic term to TASC and ITAC by OIT. This report should include technology and vendor recommendations and should be available to the campus community at large through a web interface. Local network administrators have the responsibility to maintain their own segments of the network and will have access to their closets. At the request of the department or school management, OIT will perform this function. Local network administrators have a responsibility to maintain secure systems and need to contact the University IT Security Officer if they suspect that the security of their systems have been compromised. OIT has the responsibility to assist local system administrators, if requested, to determine the extent of the security compromise, to implement appropriate recovery plans, and to maintain secure systems. Timely network management information will be made available electronically by OIT to facilitate the business and technology planning efforts of network and departmental administrators, and for troubleshooting and routine administration. OIT is responsible for all backbone electronics and for OIT-installed closet electronics. Local network administrators are responsible for segment and closet electronics installed by the department or school. OIT has the responsibility to assist local system administrators, if requested, in identifying malfunctioning equipment and network problems.
    1.  
    2. outlining OIT's responsibilities
    3. outlining the University's responsibilities
    •  
    • The right things were covered,
    • the document should be viewed as a framework
    • the discussion should not be a wordsmithing session.
  2. John Sigmon introduced the discussion on the Draft Network Principles and Responsibilities document with an emphasis on defining responsibilities.
    John stated that the discussion should assure that:

    The Document follows:


    George Obelander commented that the document did not appear to relate to the mission of OIT, but instead related to the results. George suggested that the document should layout the responsibilities of OIT in relation to the mission and to best management practices.
    Betty Leydon responded by stating that the document was supposed to represent University principles not just OIT.
    Kyle Johnson suggested that the document could be split into two documents: Betty Leydon suggested that the document should stress partnership and collaboration between OIT and the University.
    Lynne O'Brien suggested that the document was brief and did a sufficient job providing an overview of principles.
    Betty Leydon commented that the document was intended to be a framework.
    John Sigmon suggested that the framework should cover only important responsibilities and should only cover details as need using best judgement.
    John Board suggested that the spirit of partnership should be preserved and inquired if the bullets in the document were content complete.
    George Obelander suggested that BMP standards and OIT responsibilities and leadership should be laid out explicitly.
    Betty Leydon commented that the document was a working document at this time.
    John Sigmon suggested adding a phrase to the preamble stating that the document was not solely outlining OIT responsibilities.
    George Obelander suggested that in issues such as capacity planning etc. OIT has a leadership role.
    Rafael Rodriguez noted that points 2 and 3 in the document cover these issues.
    Betty Leydon stated that a phrase could be added addressing OIT's responsibilities.
    Roger Loyd noted that the phrase "we have agreed to..." in the document may not be appropriate.
    John Sigmon suggested changing the phrase to "should adhere to...".
    Melissa Mills suggested that while local systems administrators should agree to maintain secure systems OIT should set general standards. Melissa also suggested that the tone of the document be changed from reactive to proactive wording and promote a minimum level of security standards.
    Charles Register inquired "What is a robust security system?"
    Melissa Mills inquired where will the input come from for network changes.
    John Sigmon closed discussion on the topic by stating that Rafael Rodriguez would make changes and post a revised version of the document.

Review of Technology Directions for Institutional Applications

  1.  
    •  
    • (pg.2) document says system, should say application
    • (pg.3) "with respect to legacy applications"
    • (pg.4) change wording concerning object oriented technology to "such as Java Beans and ActiveX"
  2. Rafael Rodriguez introduced the topic by stating that this was the second update of the 2 year old document. He suggested that the discussion focus on assuring that modifications are valid, and noted that more explicit text concerning Y2K, security issues and systems integrations have been added.
    Rafael went on to identify specific points for clarification:

    Kyle Johnson suggested that platform dependencies should be discussed.
    Rafael Rodriguez commented that these issues are market driven.
    Melissa Mills stated that the document reads wonderfully and suggested that the document contain a description concerning how training would be formally introduced in the design phase.
    John Board suggested that these issues be included in the systems integration section of the document.
    John Sigmon inquired if anything was missing in the document.
    Betty Leydon inquired if the document was only for administrative applications and asked "What about Lynne O'Brien's (technology and teaching) applications."
    Rafael Rodriguez commented that he did not feel that it was in the scope to include non-administrative applications.
    Betty Leydon suggested that we may want to make the document more comprehensive.
    Mike Pickett suggested that the concept of "scaling down" characteristics applicable to departmental and smaller systems should be emphasized.
    Melissa Mills noted that a problems exists where people download freeware programs to load on servers and suggested that there is a need for program guidelines.
    Kyle Johnson noted that the document focuses on "enterprise" systems.
    Rafael Rodriguez stated that the document was originally for administrators only.
    John Sigmon closed the discussion by suggesting that all further comments be directed to Rafael Rodriguez for incorporation into the document.

Roll-out plan for security system (Transarc and Snareworks)

Rafael Rodriguez introduced the topic of the security system rollout by noting that the rollout was set on an aggressive schedule.
Rob Carter distributed the DRAFT Roll-out Overview for SSO, Authentication and Security project (2/25/99) and outlined highlights of this report.
Rob stated that the schedule planned for a beginning of Fall semester end point using a four phase roll-out working with Transarc on the Snareware products.
John Board asked if any development was needed at this time.
Rob Carter noted that Snareworks was a stable product but would require development for modules to work with PeopleSoft and SAP applications.
Betty Leydon inquired about the company vs. product names.
Rob Carter responded that Transarc was the marketing company, Intellisoft was the software company and Snareware was the software product.
Rob Carter emphasized that they want to deploy on OIT servers that are under complete control first.
John Board noted that "first do no harm".
Rob Carter stated that after initial interval deployment OIT would deploy to the larger environment. Rob Carter presented the chronology of deployment (document not available on-line)
John Board asked "if you don't install a client when will things not work?"
Rob Carter replied that If you are a SAP user you will need snare authentication to talk to a server... snare is not a blanket solution... machines not secured will not be secured.
John Board commented that this was not a "magic bullet"
Rafael Rodriguez commented that Web applications do not need to request a client and therefore would not be affected.
Melissa Mills asked how many servers would be covered.
Rob Carter responded that OIT would be acquiring 300 to 400 server licenses and unlimited client licenses.
Melissa Mills inquired about the affect on student applications.
Rob Carter replied that individual, single point applications can be brought on-line early and used as a test. He also commented that OIT had plans for approximately 200 server applications leaving at least 100 remaining from the site license pool.
Kyle Johnson asked what are the client / server requirements for Snareware installs.
Rob Carter responded that OIT would set up a Web page outlining the specific requirements (noting that major platforms except Macintosh would be supported)
Kyle Johnson commented that he would check on Mac applications
Melissa Mills asked if Mac applications would be an issue.
Rafael Rodriguez noted that common Winframe applications would be supported.

Academic Technology Discussion

  1.  
    1.  
    2. minimum screen and overhead
    3. cart - projector / VCR/ Computer
    4. permanent technology.
    1.  
    2. How do we allocate resources for training?
    3. How do we allocate resources for support?
  2. John Sigmon introduced the discussion of academic technology by asking how ITAC can add input to the process.
    Lynne O'Brien began discussion of classroom technology issues by noting that some schools are equipped with technology enhanced classrooms and upgrades are a common issue. She noted that planning should occur at a broad scale while implementation should occur at a local scale where standards are set at a base level with room for additions.
    John Board noted that engineering had established standards where every classroom contained an overhead while two special classrooms contain more advanced equipment.
    Melissa Mills commented that Arts & Sciences had three levels of classroom technology:

    She also noted that they were working with the registrars office to match faculty needs to technology. $180,000/year depreciation budget was established and past years budgets were being used to anticipate the next year's needs.
    Lynne O'Brien noted the distinction between facilities and technology.
    John Sigmon commented that equipment was shared between group and offered the example of the LSRC use of Arts & Sciences equipment noting security concerns.
    Betty Leydon asked that if University participants existed would it make sense to form a committee?
    Lynne O'Brien commented that faculty perceptions were that equipment availability was low, while staff perceptions was that faculty were not prepared to use equipment in a timely manner.
    John Oates noted that there is a usage problem among faculty that need knowledge to use teaching technology effectively and suggested that there is a need to promote teaching technology usage.
    Melissa Mills noted that cost issues are also important and that this adds additional obstacles.
    Kyle Johnson brought up 2 issues He also noted that standards are needed for renovating existing classrooms.
    Nevin Fouts commented that we also need high quality / shared training space separate from general instruction space.

John Sigmon closed the meeting