Duke ITAC - January 31, 2008 Minutes
Duke ITAC - January 31, 2008 Minutes
Attendees: Pakis Bessias, Ginny Cake, Bill Cannon, Shailesh Chandrasekharan, Tammy Closs, Ken Hirsh for Dick Danner, Tracy Futhey, Gene Galin, Susan Gerbeth-Jones, Michael Goodman, Billy Herndon, Edward Gomes for Deborah Jakubs, David Jarmul, Pranay Jinna, Alvin Lebeck, Julian Lombardi, Roger Loyd, Robert Nau, Tim Boaunds for Caroline Nisbet, Mark Philips, Jim Roberts, Rafael Rodriquez, Trey Turner III, Justin Wickett Robert Wolpert, Steve Woody
Guests: Klara Jelinkova of OIT, Bob Newlin of Provost, Ned Neeley of ASM, Todd Orr of ASM, Bob Price of OIT, Debbie DeYulia of OIT, Blyth Morrell of OIT, Jackie Gottlieb of SON, Jeffrey Dowell of SON, Jim Siedow of the Provost Office, Pat Driver of OIT
Robert is filling in for John Board since John Board is in Washington for the NCAA meeting.
Phishing scheme: Klara Jelinkova
Klara stepped up to talk about phishing. 30,000 email messages circulated around Duke in asking for Duke employees’ net ID and password information.
Klara noted that Duke it gets phishing attacks all the time but most of these are blocked.
Duke handled this phishing occurrence by posting a message on webmail, security, and helpdesk websites. Duke IT then let the phishers know that Duke knew. The phishing waves kept coming in.
OIT determined that they needed to send out a message to the Duke email users and ask them to forward any phishing messages to OIT so that OIT could block e-mails coming in from the phishers and blocked e-mails going out to the phishers.
After the message went out eight people acknowledged that they did respond to the phishing message. OIT staff walked through the process with them on how to change their NetID passwords. Another ten Duke users were identified as being compromised and the phishers were using that information to try to obtain more information.
Tracy Futhey noted that Duke had received 30,000 messages and at these messages had gotten past the high level setting of the spam filters.
Klara said that Duke could set the filter levels higher.
Tracy mentioned that a year ago in January through June Duke was receiving 10,000 to 15,000 messages every five minutes. Now 200,000 messages come in every five minutes.
Network traffic tickets and RIAA facts:
Kevin Miller and Klara Jelinkova
Klara laid out the basic RIAA process. The process and everything is kicked off by the RIAA test people. They look for IPs pushing through potential copyrighted content. Infringement notices or cease and desist notices go out to providers. A preservation notice goes to a provider (like Duke) and it says, “We want you to preserve information associated with the actual person”. This information goes to legal counsel. The RIAA issues a subpoena to legal counsel and seeks early settlement.
In the last six months, there were 128 infringement notices. Forty-three people at the Duke community received early settlement notices.
There were 97 early settlement notices in 2007.
Kevin Miller mentioned that the network registration system registers everyone using machines on the wireless Duke network. OIT has the ability to identify the primary user of a machine. Net Reg is not used by all departments.
There is a manual process to track these machines.
Traffic tickets are a great tracking tool. Tickets open a door for conversation.
Other schools like the University of Michigan look at signatures of peer-to-peer traffic and send out notices.
At Duke, there were 1278 traffic notices about machines that were sending more than five gigs of data a day. This was tracked to 613 unique machines and 76 students were limited.
There are 180 tickets for 120 unique machines and students and one has been limited.
Presented by Blyth Morrell
Blyth is a manager for Blackwell Interactive. In the last month, Blackwell launched 22 new sites, created nine applications, and had 3750 hours of billable time. There are currently 5.5 staff members.
Robert asked if this was the old West group. Blithe responded that it had formerly been the West group.
One of the goals of Blackwell is to keep web development dollars inside this group and Duke.
What is Blackwell?
Blyth explained that Blackwell is a web services and media services provider.
Steve Toback created a FileMaker Pro system to track production schedule.
There are several challenges.
These include the infrastructure: Blackwell versus non-Blackwell. There are support and maintenance issues when Duke groups use outside vendors who do not know or adhere to Duke standards.
There is a governance question between ownership versus service provider.
The is an evolutionary process as the former West group based in Arts and Sciences transitions to the Blackwell Interactive group within OIT.
Staffing is not at maximum capacity yet.
Publicity has not started because Blackwell is currently at workload capacity with current staffing.
Lynn asked what Blyth meant about the Blackwell versus non-Blackwell infrastructure?
Blyth said that Blackwell is responsible for Duke-based hosting. Many people at Duke are just seeking hosting and not fully aware of how outside hosting may not fit into the Duke hosting network.
The diversity of sites Blackwell works on spreads over many schools and departments.
Robert asked if Blackwell includes web design and hosting. Blyth responded that Blackwell includes web design, development, posting and even hardcopy print output.
The future for Blackwell:
- Need to fill position vacancies
- Continue to develop relationships at Duke, DHTS, ONC, etc.
- Seek qualified subcontractors.
- Launch Blackwell site.
Blyth showed of a quick sneak preview of the new Blackwell site.
Robert asked what financial model Blackwell is using. Blyth responded that the model is basically cost recovery.
Any questions should be addressed to email@example.com
Alvin asked if there is an incentive for Duke departments to use Blackwell.
Blyth responded that Blackwell offers good integration within the Duke environment. Blackwell does work that conforms to Duke standards.
Klara added that there is good integration with password administer or authentication, which many outside vendors are not aware of or do not offer.
Robert mentioned that some recent Duke sites do not need Duke standards.
Blyth responded that Blackwell interactive does meet all Duke standards and that the group helps set standards for these Duke designs. Blackwell staffers know Duke and they know the Duke environment.
Rafael Rodriquez mentioned that he spent this weekend cleaning up the site overwhelmed by inappropriate material. The cost of cleaning up and cost of maintaining the compromised site was considerable.
Ginny asked if Blackwell is working towards creating generic sites for smaller departments.
Blyth responded that they are working toward a strategy that works well overall within the institution.
Julian asked how Blackwell’s rates compare to outside vendors.
Blyth said that some people remarked that Blackwell's cost was too low. In general, they are comparable and reasonable with outside vendors.
Dave Jarmul remarked that he wanted to complement Blackwell on a job well done although they are understaffed they are a pleasure to work with. The buzz is that things are moving in the right direction.
Jackie Gottlieb was happy that their site will be hosted by Blackwell and that Blackwell did what needed to be done correctly. The site was up in a couple of months.
Robert remarked that decisions about policies and standards would benefit from community involvement including faculty. He hopes that there will be input from academic groups.
Blyth mentioned that the Webcom group consists of Duke website developers including Blackwell. She said that there is currently no method in place to get academic input.
Bob Price mentioned that the new Blackwell site would allow for input from the community. The site will also provide cost and contact information for Blackwell.
Blyth added that Blackwell is currently working on putting together a price sheet to provide ballpark pricing for the community.
Bell Building Update:
Rafael Rodriguez and Billy Herndon
Rafael said that the Bell building is the primary data center for the last 30 years for medical center. In 2006, the temperature had to be monitored closely and temperatures soared.
A new major hospital addition will go where the Bell building is. The move has to be done by August 2008. Tallman Trask came to the rescue.
The data center for OIT will be shared by OIT and the medical center. The data center is being built in two phases.
Building a data center turned into a challenge. There were two different facilities groups. Logistics were tough at times. For example, one phase was approved by the Board of Trustees, while another phase was approved by the Board of Directors.
Tracy and Asif worked together on this project.
Billy Herndon mentioned that the vendor had two customers: OIT and DHTS.
Rafael said that there is more significance on reducing risk on the medical center side. Power consumption is going up so fast. Communications about power raised concerns about raised floor space and mechanical room space. Rafael went on to say lessons learned: personal relationships count! Previous decisions must be reviewed when something changes. Communications means that each person must understand the other person. Decisions need to be made on the right level. In this case, every time a decision that was brought to the right level had to be made the right decision was made.
There were budget constraints on phase 1. An additional $250,000 was needed to ensure power would be in place to support hospital operations. Tallman Trask approved the decision in five minutes.
The DHTS has to move 200 applications between now and August. They are going to do it in 14 weeks over seven steps.
They began planning for this move since June 2007. The first step of the move begins on March 15. During the move, operations will also have to take place at the new location.
They moved the mainframe to the Fitzpatrick West. Power outage affected Fitzpatrick. All regulatory rules need to apply the hospital operations.
Documentation is essential.
Billy mentioned that they learned lessons in the North building. There were circuit breaker problems due to add-ons that no one documented. You need to have a good, clean inventory when you move into the new data center to avoid this problem in the future.
A big challenge is that people do not build data centers often. You need to get the right people to the table to make decisions. Financial people know nothing about this type of work.
Tracy said that Duke OIT and DHTS determined that everyone needed to be at the table, i.e. buildings engineers, project managers.
How many racks? Hard to determine need to use more virtualization to determine future needs. Billy mentioned that one of the challenges was also balancing raised floor space versus mechanical room space. For phase 2, the data center will need more mechanical room space for power and cooling.
Robert remarked that the space being used was not architecturally designed for a data center. A data center requires more electricity, heating, and air-conditioning. Do you retrofit the building?
Rafael said that the AC is for the room. A chilled water AC unit is being used. More generators will be used. There are plans to add an additional generator.
Robert asked if there is redundant power.
Rafael responded that the center meets tier 3 level requirements.
Billy mentioned that there are two electrical feeds and two cooling centers.
Tracy said that we now have a data center that is better than just one data center alone. It benefits all because the hospital’s higher standard requirements.
Rafael mentioned everything is digital now and that a data center is of the utmost importance.
Robert jokingly asked if "it is a bad time to be sick?”
Rafael responded that most clinical systems do have redundancy. They are currently using the OIT mainframe as redundant unit for now.
Billy mentioned that the Bell building demolition did affect OIT.
Alvin asked if the redundant systems are collocated.
Billy responded that Duke does have a redundant system that is co-located in the same area. Duke will be looking at another center in the future.
At this `point, the meeting adjourned so that ITAC members could walk over to the new data center for a tour to be conducted by Pat Driver.
Data Center Tour:
Presentation by Pat Driver
See two video clips of the tour at
Data Center Tour Video Clip #1
Data Center Tour Video Clip #2