Duke ITAC - May 8, 2003 Minutes

DUKE ITAC - May 8, 2003 Minutes

Minutes: May 8, 2003

Members present: Ed Anapol, Mike Baptiste, Pakis Bessias, John Board, Paul Conway, Dick Danner, Angel Dronsfield, David Ferriero, John G. representing Nevin Fouts, Tracy Futhey, Alfred Trozzo representing Paul Harrod, Billy Herndon, Bob Newlin representing David Jamieson-Drake, David Jarmul, Scott Lindroth, Roger Loyd, Melissa Mills, Caroline Nisbet, George Oberlander, Lynne O'Brien, Rafael Rodriguez, Molly Tamarkin, Robert Wolpert, Steve Woody

Guests: Chris Cramer, Bob Currier, Dan McCarriar

Agenda:

I.   Review of minutes and annoucements
II.   Data privacy policy
III.   Bandwidth for ResNet
IV.   Reports from cable modem early adopters
V.   IVY+ updates
VI.   Other business

Call to order: Meeting called to order 4:07 p.m.

back to top

I. Review of minutes and announcements

Robert Wolpert welcomes everyone and congratulates them on finding where he hid the meeting this time. He asks if there are any corrections to the minutes. No one comments and the minutes are approved and will be posted.

May 22 ITAC meeting cancelled
Robert also announces that the ITAC meeting two weeks from today (May 22, 2003) is cancelled due to so many people planning to be out of town. The next ITAC meeting will be held June 5, 2003.

National Light Rail, new hire
Tracy Futhey reminds members that she sent a notice via e-mail earlier in the week regarding the status of the National Light Rail research network. Also, in the search for a Senior Manager to lead the Office of Web Services, Cheryl Crupi will start in that role within the next few weeks. She will be working for Dan McCarriar who will oversee the creation and operation of the new department.

back to top

II. Data privacy policy

Presented by Robert Wolpert and Chris Cramer

A draft policy is distributed to members present.

Robert Wolpert points out that the draft policy is based on the law school data privacy policy. The idea is to put in place privacy policy, the purpose of which is to indemnify systems administrators and others who may be required to hand out information. This policy will supersede all other university privacy policies.

George Oberlander says Auxiliary Services has drafted and approved a privacy policy very different from this. He is concerned that some users may get confused between the two. He asks why is there a registration process.

Robert Wolpert says the answer is to prevent that kind of confusion. This policy supercedes other university policy.

John Board says this policy does not consider the circumstance of machines owned and used by different entities.

George Oberlander asks what constitutes "private files."

Robert Wolpert answers that is not spelled out in this draft policy.

Molly Tamarkin asks if this takes place of the acceptable use policy. She suggests that this policy should reference the acceptable use policy. She also summarizes the policy as saying if you want to look at someone’s file for any reason, you must ask permission.

Robert Wolpert says there is at present no university acceptable use policy. The only thing close is the security and privacy use policy.

Molly Tamarkin says she thought there was such a policy referenced by many different Duke Web pages.

Chris Cramer says there are acceptable use policies for specific systems on campus. He also uses acpub as an example of a university resource used by many groups and he thinks that those groups would use this policy.

Mike Baptiste says that he, as someone who has root access, thinks he would be in violation of this policy just by trying to fix things on a computer system. He suggests that from an IT point of view this policy may represent some challenges by the letter of it, but not by the spirit of it.

Chris Cramer thinks that if someone like a root user is trying to diagnose a problem for another user, the other user should be available to get permission from if the root user needs to look into computer files.

Mike Baptiste uses the scenario of someone calling him about a Web site that is not working. If he goes in and fixes a file without asking permission from the owner, he just violated this policy.

Robert Wolpert wants to hear comments about whether current faculty can access ex-faculty files for any purpose. He asks, what if a colleague disappears, and I am about to teach a course he was teaching, and all the information I need is there in the system; can I use it?

Caroline Nisbet says she has experienced cases where an employee was taken to the hospital and she didn’t want to call them for permission to get a file off their machine. She suggests ITAC come up with a policy that tells employees they must keep all work-related documents in an area accessible by a supervisor.

Melissa Mills suggests ITAC circulate this draft policy for a certain period to give others a chance to write their own policies.

She also suggests that we need to have an explicit statement about when this policy applies for an account or file that is not stored in a private space.

Steven Gallager asks that if this says upon termination a supervisor can look through an employees files, can the supervisor also look through the employee's e-mail?

Chris Cramer says one thing a user can do to avoid that is to use a private email account.

Mike Baptiste says as a manager he generally needs to have access to his employees’ files. He thinks it would be better to say a supervisor has the right to access your files so employees understand that up front.

Robert Wolpert thinks ITAC should come back to this issue in a few weeks.

back to top

III. Bandwidth for ResNet

Presented by Tracy Futhey and Bob Currier

Tracy introduces the topic: As you know we’ve been experiencing for a while a continuous increase in bandwidth demands. We put limits to traffic out of ResNet and that has helped in some ways and hurt in others. Now students are having some contention getting access to even basic uses. We’re challenged how to do this because we want to give them considerable bandwidth, but we can’t afford to give them all they want.

Bob Currier says the top bandwidth users are ResNet machines. He says his team is keeping up with top talkers and ports. They grab traffic every fifteen minutes and put it into a database. One suggestion for addressing the problem is to generate e-mail that says, “you’re in the top 10 percent of bandwidth consumers. Go here to learn about responsible use.” Another is to disconnect them. Right now ResNet is flat. That will change this summer. The downside is that it is hard to keep track of.

John Board suggests an additional component could be to identify the top X number of users and throttle them to a certain bandwidth.

Bob Currier verifies that that we have the capability to do this.

Tracy asks how easy or complicated is John’s suggestion.

Bob says it is easy to do.

Robert Wolpert asks if most people do this without knowing that it is inappropriate.

Bob Currier says originally it was unintentional, but now it looks like everyone is looking at how to get around the bandwidth cap.

Tracy Futhey says the first thing is to educate users to be good citizens and understand that they are taking bandwidth away from fellow students.

Molly Tamarkin says she likes the idea of some sort of traffic ticket.

Chris Cramer wants to ask ITAC how we identify the top abusers. Do we want to say X number?

John Board asks what kind of data we have. Is it 50 people who are causing trouble or is it 2000?

Chris Cramer says we have accurate data and can easily determine the numbers.

Tracy Futhey says by start of the next fall semester we need to have some better mechanisms in place so we don’t have the same problem. Think about traffic tickets, think about throttling back, think about education.

back to top

IV. Reports from cable modem early adopters

Presented by Robert Currier
Related url: http://www.oit.duke.edu/remote_access/index.html

Robert Wolpert says most of the Duke ADSL users have switched over to Road Runner by now and he asks ITAC members to share their experiences of switching.

Bob Newlin says he switched over last semester. He has tested and found his speed has dropped dramatically since September. It did not improve when he went from residential class to business class service. Bob says David Jamieson-Drake went to enhanced business class and resulting speed is slower than Bob’s. Bob’s tests have shown DSL speed is better than both.

Scott Lindroth found he can’t run VPN clients simultaneously on two machines from home at the same time.

Mike Baptiste says that’s a firewall issue.

Scott also says unless he runs a VPN client he can’t send to non-Duke domains.

Bob Newlin says you can use the outbound Road Runner SMTP and it works.

Scott suggests that should move up on the FAQ.

back to top

V. IVY+ updates

Presented by Tracy Futhey and Billy Herndon

A summary of the main topics discussed at last weeks IVY+ meeting was presented by Billy and Tracy.

back to top

VI. Other business

Robert Wolpert reminds members that ITAC will reconvene in four weeks.

Tracy Futhey thanks all for her first complete year through ITAC.

End of year reception followed meeting.

back to top