GETS Transformation Kick Off Active Directory e Mail

GETS Transformation Kick Off Active Directory e. Mail and Blackberry Migration Firewall and Network Changes 04/21/2010 1 -877 -GTA-3233 1 -877 -opin. GTA Consolidated Service Desk Your Opinion Counts Georgia Technology Authority

GETS Transformation Kick Off Active Directory Ray Louder 04/21/2010 1 -877 -GTA-3233 1 -877 -opin. GTA Consolidated Service Desk Your Opinion Counts Georgia Technology Authority

GETS Integrated Projects 3 Georgia Technology Authority

Active Directory (AD) Project Overview • AD is a Security and Authentication Database that provides security and authentication for any object that subscribes to the service ▪ Users, workstations, servers and applications are examples • The AD services consolidation project will ensure a highly robust directory services platform ▪ Dynamic in nature to allow for changes in Federal and State guidelines and regulations such as FIPS and NIST Standards 4 Georgia Technology Authority

Active Directory (AD) Project Overview • Multiple directory services will be consolidated into a single, enterprise directory ▪ Coinciding with the implementation of a well-managed resource access (security) plan ▪ Flexibility to integrate various applications and other directory services within the environment • Agencies will retain their separate identity within the enterprise directory via Organizational Units (OU), benefiting from improved reliability, operational efficiencies and security Organizational Units (OU) – A grouping of like objects. Servers, workstations, groups/user accounts are Agency OU examples. 5 Georgia Technology Authority

AD Organizational Units (OU) 6 Georgia Technology Authority

Active Directory – During Transformation • Central Active Directory established at the NADC ▪ Disaster Recovery facility located in Boulder • Trusts are established between agencies and the central Active Directory Trusts allow current activity to continue and will support Application Remediation • ▪ After Application Remediation, the server use of Active Directory will reside at the NADC • Trusts will remain until all End User Computing Re-IPing is complete for an agency Trusts: Lines of communication between two Active Directory domains. In this project, established trusts are between legacy agency and new Active Directory 7 Georgia Technology Authority

Active Directory – Commonly Asked Questions • Will my password change? ▪ Existing agency password policies will be maintained during and after transformation to the new Active Directory environment. • Will I need to be re-authenticated for any applications? ▪ No. Application Remediation will/should account for this transfer of the existing application authentication to the new Active Directory environment. 8 Georgia Technology Authority

Active Directory – Commonly Asked Questions • Will the extranet user have management rights into the new AD? ▪ No. Management Tools will be put in place to allow the segregation of duties and rights to these Forests. 9 Georgia Technology Authority

GETS Transformation Kick Off e. Mail and Blackberry Migration Ray Louder 04/21/2010 1 -877 -GTA-3233 1 -877 -opin. GTA Consolidated Service Desk Your Opinion Counts Georgia Technology Authority

e. Mail and Blackberry Migration • This project will consolidate separate agency email systems into a single, enterprise Microsoft Exchange system ▪ Over 400 email servers will be reduced to 28 • Outdated Exchange, Groupwise and Blackberry servers will be replaced to provide benefits including: ▪ ▪ ▪ 11 High availability Enterprise-wide email and address book Increased support and reliability Flexible, scalable messaging environment Improved security Georgia Technology Authority

e. Mail and Blackberry Migration • Mail box and attachment size limits have been defined to: ▪ Manage growth and assist agencies in controlling budgets ▪ Speed time to recovery – ensure that servers can be backed up within allocated time windows and quickly restored in the event of a failure • 500 MB mailbox limit for standard users, 1 G for VIPs • 10 MB attachment size limit • Agencies will be given 90 days for pre-migration activities ▪ Mailbox clean-up and size reduction, archiving 12 Georgia Technology Authority

e. Mail Migration – Commonly Asked Questions • When will we be moving to a enterprise email system? ▪ Migrations will take place over the next year beginning in July • Is there a migration plan for email from one system to another? ▪ Yes. Each agency will receive detailed instructions to migrate their users based on their existing email system • Will distribution lists, both Group. Wise and Exchange, be converted into the new system? ▪ Yes. Both Group. Wise and Exchange distribution lists will be migrated whether they are local or server based 13 Georgia Technology Authority

Draft e. Mail/Blackberry Timelines 14 Georgia Technology Authority

Current DRAFT EMAIL/Blackberry Timeline Migration dates for first four agencies baselined as of 02/12/2010 15 Georgia Technology Authority

Current DRAFT EMAIL/Blackberry Timeline* *Baseline Migration dates will be established as IP remediation timeline is finalized 16 Georgia Technology Authority

Current DRAFT EMAIL/Blackberry Timeline* (*) Baseline Migration dates will be established as IP remediation timeline is finalized 17 Georgia Technology Authority

Current DRAFT EMAIL/Blackberry Timeline* *Baseline Migration dates will be established as IP remediation timeline is finalized 18 Georgia Technology Authority

GETS Transformation Kick Off Network and Firewall Jeff Collins April 21, 2010 1 -877 -GTA-3233 1 -877 -opin. GTA Consolidated Service Desk Your Opinion Counts Georgia Technology Authority

AT&T Transformation Strategy Network and Firewall Migration • Move to new, standard platforms to reduce intervals for orders, changes, and incidents • Increased capacity, scalability of services, and additional options for agencies • Increased redundancy and disaster recovery capabilities • Better tools to enhance network and security visibility 20 Georgia Technology Authority

WAN, Security and Internet Cutover Definition • • • Implementation of Security Nodes – Managed Network-Based Firewall, Intrusion Detection and Prevention, URL Filtering, and routing of interagency traffic AT&T will implement logical separation of all Enterprise agency traffic on Capitol Hill network Traffic isolation is a predecessor to firewall migration, consolidation of services to NADC, and Capitol Hill redesign Agency Impacts • • Firewall rules from remote sites and headend site are consolidated. As IP’s change during SCON, firewall rules will need updating for Internetfacing devices Benefits • 21 Increased capacity/redundancy, reduced intervals for changes, more efficient traffic routing Georgia Technology Authority

DNS/DHCP and IP Address Management Definition • • • Primary DNS/DHCP will be at NADC, secondary servers in Boulder IP address management will be consolidated into single database for Enterprise agencies DNS information and DHCP scopes will be loaded in advance and verified prior to cutover Agency Impacts • • DNS server IP addressing will change after migration Server IP address changes will need to include DNS updates Active Directory services integrated with AT&T DNS Agency end user device IP addresses may change after migrations Benefits • Increased redundancy, faster provisioning, better control of IP addressing and DNS environment 22 Georgia Technology Authority

Questions? Find presentations from today’s Transformation Kick-off and much more GETS-related info on GTA’s Web site: www. gta. georgia. gov 23 Georgia Technology Authority