Committee meeting - February 7, 2013

Melissa Conrad
Secretary to the Committee
February 18, 2013

Present:

Dave Wallace (Chair), Melissa Conrad (Secretary), Bill Baer, Bruce Campbell, Andrea Chappell, Marko Dumancic, Erick Engelke, Bob Hicks, Dawn Keenan, Dave Kibble, Robyn Landers, Paul Miskovsky, Terry Stewart, Jason Testart

Guests:

Colin Bell, Sean Mason

Regrets:

Pascal Calarco, Bill Ince, Martin Timmerman


Agenda

  1. Active Directory update (1:30pm-1:50pm; Colin Bell)
  2. Chair’s remarks (1:50pm-2:00pm)
  3. Approval of the minutes of the meeting of January 24, 2013 and business arising (2:00pm-2:10pm)
  4. Simplifying changes to userids, update (2:10-2:25pm; Dave Kibble)
  5. Campus Firewall Project update (2:25pm-2:40pm; Bruce Campbell)
  6. IT Strategy, Enterprise Architecture, and Organize for Success update (2:40-2:50pm; Andrea Chappell, Dave Wallace, Bob Hicks)
  7. Updates (2:50-2:55pm; Various)
    • Email (Martin Timmerman)
    • Green IT (Marko Dumancic)
    • IT security (Jason Testart)
    • Student printing (Bill Baer)
  8. Other business (2:55-3:00pm)
  9. Next Computing Technology and Services Committee (CTSC) meeting
    [Will be held Thursday, February 21, 2013, at 1:30 p.m., in Mathematics & Computing building (MC) 2018A.]

Active Directory update

Colin Bell provided an update on the consolidation of Active Directory. The presentation included:

  • Working high-level Work Breakdown Structure (WBS)
  • Governance
  • Current involvement
    • Executive Steering Group: Dave Wallace (Information Systems & Technology (IST)), Olga Vechtomova (Engineering), Colin Bell (IST), Bruce Campbell (IST), Mark Dumancic (Environment), Erick Engelke (Engineering), Martin Timmerman (IST)
    • Executive Steering Group: Dave Wallace (IST), Olga Vechtomova (Engineering), Colin Bell (IST), Bruce Campbell (IST), Mark Dumancic (Environment), Erick Engelke (Engineering), Martin Timmerman (IST)
    • Governance Subgroup: Colin Bell (IST), Erick Engelke (Engineering), Martin Timmerman (IST).
  • Establish service management (NEXUS/APEX)
  • Document the future
  • Ultimate operational responsibility on IST
  • Meet audit requirements
  • Change management procedure
  • Dates
    • Start: Nov 2nd, 2012
    • MS1: Dec 19, 2012 (completed)
      • Transfer keys > IST in APEX + NEXUS at highest level.
    • MS2: April 30, 2013
      • Work complete > By this point IST is only party working at top-level of APEX + NEXUS. Everything is documented.
    • MS3: June 14, 2013
      • Project complete
    • MS4: June 28, 2013
      • Project closing complete

Bell’s entire presentation is available (PDF).

Regarding the scheduled date for project completion, June is a busy month for vacations; Bell will verify that appropriate resources will be available.
Bell will report back to CTSC on the schedule and timelines for the completion of an audit of the directory entities.

Chair's remarks

New Interim Provost. The Chair met with Geoff McBoyle in his role as Provost. One of McBoyle’s top priorities will be the university-wide strategic plan. Once the plan is done it will need to be communicated out and implemented. IT will be a feeder group.

Test of the emergency system. The current process involves more steps than could be reasonably done by dispatch in Police area. A “one button” interface is being created that ties into all the systems and brings everything up on one screen. This works for everything with the exception of the voice mail “blast”.

At this time, the biggest single criticism is the amount of time it takes to get message out: Voice mail gets in mailbox pretty quickly but lighting up the voice mail indicator takes time; text messaging, can take minutes or hours and is out of our control; Emerge is instantaneous. Adding Twitter and push notifications are other notification mechanisms being considered.
A demonstration of the “one button” interface will be arranged for CTSC.

Approval of the minutes of the meeting of January 24, 2013 and business arising

Subject to a change, the minutes of the meeting of January 24, 2013 were approved.

Simplifying changes to userids, update (Sean Mason)

In the current state, renaming a user could possibly require a coordinated effort from a large number of service administrators to make sure the username change is properly set up on each service.

The subgroup assigned to investigate (Marko Dumancic, Peggy Day, and Sean Mason) recommend that:

  1. A checklist be developed that covers all essential tasks required to successfully rename an account on the campus infrastructure
  2. All renames should be managed centrally by Computing Help & Information Place (CHIP) representatives, who are well equipped to coordinate the changes necessary on both IST, and faculty managed resources.
  3. The rename process should be tracked using the checklist, in a new Request Tracker (RT) queue so that all interested and required parties are able to view and track the progress of the tasks required.

A checklist only helps error avoidance, it does nothing to help make the process easier. To make renaming (along with de-provisioning and moving) easier to perform on campus, a central system (identity and/or access management) would need to provision and de-provision access to all services on campus. This would ensure that the operation of renaming only need be performed in one place (the identity or access management system). The scope of this project would be large as with such diverse system architectures across campus, a one-size-fits-all provisioning strategy would be difficult.

Intermediate approaches to allow for some gains will need to be considered as a complete solution would take a very long time.

Next steps:

  • Jason Testart will document a roadmap for identity and access management at Waterloo by April 18th.
  • The faculties will begin enumerating the systems and services they have, so when asked, it will be easier for them to perform the rename, de-provision, or move operation.
  • The subgroup was asked to document how to move a user, and how to de-provision a user in a similar manner to what was done for renaming a user. The subgroup will report back on March 7th.

Campus Firewall Project update (Bruce Campbell)

  • core restructuring almost complete
    • Some additional fibre to Research Advancement Center (RAC) needed – in progress
    • Border routers in Mathematics & Computing (MC), Physics (PHY), RAC
    • Core routers in MC and RAC
    • Distribution routers in MC and PHY
  • firewall load estimation complete
    • Larger firewall than spare SRX650’s needed
    • Planning to migrate SRX3600’s from wireless (Network Address Translation (NAT)) after wireless core/NAT upgrade complete
  • Exemption planning. Firewall project members preparing spreadsheets of known exemptions and known deny rules, and uploading to web tool prepared for this. Some progress so far.
  • Virtual Private Network (VPN)
    • Peak usage of 200 simultaneous users
    • Considering publicity campaign to encourage use of VPN
  • Next steps
    • Request For Proposal (RFP) for wireless core/NAT upgrade in progress
    • Once that is complete, install the SRX3600’s at building distribution router level, but with all buildings initialing bypassing the firewall
    • Hold next firewall project meeting
    • IST will begin work migrating academic support buildings to be behind the firewall (e.g. Needles Hall (NH), General Services Complex (GSC))
    • Make additional progress with exemptions and deny rule information, and begin migration of faculty buildings.

Campbell reminded the group that the end of the year will approach quickly, and we've committed to have this project complete by then.
An electronic diagram showing border routers, core routers, etc., is available (PDF).

IT Strategy, Enterprise Architecture, and Organize for Success Initiative update (Andrea Chappell, Bob Hicks, Dave Wallace)

IT Strategic Plan

A draft document has been created and distributed to University Committee on Information Systems & Technology (UCIST). Based on feedback from UCIST, the document was shortened to 7 pages and titled “Directions for IT Strategic Plan”. The document will be reviewed by the full governance team on February 13th. It is expected that the draft document will be ready for review by others on campus soon.

Indicators and measurements are now being discussed by the group. The Task Force is presenting suggested measures for the indicators to each other on February 19th. Chappell will present to CTSC on March 7th.

More information on the IT Strategic Plan can be found at the web site.

Enterprise Architecture

Identity management, institutional data, and system integration for the mobile platform from student tech group (at a prototype level) are being aligned into the Enterprise Architecture (EA) framework. A high level design is being developed by members of the EA group. The system integration piece is really important. Like the identity management and institutional data, this first development with EA will be at a preliminary level, but an effective EA is driven by business needs and in stages.

A review session discussion will be held the week after reading week.

Engelke reported that Engineering is rolling out its first mobile application. The application allows students to evaluate their course. Engelke will distribute details so people can try it out.

Organize for Success

  • A report from the consultants is expected this week
  • The second of two initial Fireside Chats was held on January 28th
  • Staff Relations Committee Presentation scheduled for February 8th [Secretary’s note: the university was closed on February 8th due to inclement weather; this has been rescheduled to March 8th]
  • An IST management retreat to discuss possibilities will be held on February 25th
  • Another set of fireside chats to occur on March 6th and 7th.

Updates

Email (Martin Timmerman)

No update.

Green IT (Marko Dumancic)

No update.

IT Security (Jason Testart)

No update.

Student Printing (Bill Baer)

Sent via email:

  1. Review with Procurement (Stephen Cook) on pre-selection process
    • Review of pre-selection process was positive, however time has passed and it was agreed a formal RFP process should be started.
    • RFP will build on the excellent research to date; most criteria and requirements are already defined.
    • RFP submissions will be restricted to vendors that have demonstrated their solutions work with Heartland (i.e., WatCard) systems.
  2. Goals and time line
    • Create a simple environment for students to print (i.e., eliminate the two-step eXtensible Accounting System (XAS) to WatCard printing)
    • Return to a more distributed printing environment
      • Printing through XAS has decreased dramatically
      • Printing without XAS (off-campus & media.doc) is increasing over same time frame
      • Students have voted with action, they don't want to print through a two-step printing process
    • Time line
      • RFP created, released and closed this term
      • Selection, implementation, and testing beginning and middle of spring term
      • Small controlled phase 1 release at end of spring term
        • Currently Environment (ENV) & Applied Health Sciences (AHS) faculties will be part of phase 1
        • Some Retail Services locations will be selected as well for phase 1
  3. Retail Services has offered to attend an upcoming CTSC meeting to discuss the project.

Other business

MC power

Ehvert Engineering’s report will be discussed at the next meeting.


Next meeting

The next meeting will be held on February 21, 2013, at 1:30pm, in MC 2018A.