IT Briefing July 2006 IT Briefing Agenda 51806

IT Briefing July 2006

IT Briefing Agenda 5/18/06 • EOL Updates • Karen Jenkins • Web. Talk • Lee Clontz • IT Website • Norman Hulme • AAIT Video Services • Brenda Rockswold & Jim Kruse • Oracle Updates • Evan Ehrenhalt • e. Submissions • Graydon Kirk • Net. Com Q&A • Paul Petersen 1

EOL Fall 2006 • Given CAT, Net. Reg, and Software Express … new goal for EOL – Prepare Student computers for connectivity to Emory networks • EOL functionality – – – Install Symantec Install Spybot Turn on Windows firewall Configure for Emory Un. Plugged (new) Test for recent Windows updates/patches (and hopefully install) (new) – Prompt user to plug into the wired network (new) – Run the CAT executable (new) • Screen shot demo in August • Invite testing participants (john. maxwell@emory. edu) 2

Web. Talk Demo Lee Clontz

IT Website Norman Hulme

AAIT Video Services Brenda Rockswold Jim Kruse

Mission Statement The goals of the Video Services team are to enhance communication, collaboration, and information access through a wide range of services including videoconferencing, cable television, audio/video streaming, and webcasting. The team offers consulting, research, and support for these services to members of the Emory academic, research, and healthcare communities. 6

Customers • • • Vary by service Emory Faculty and Staff Emory Students Emory Affiliates Emory Healthcare 7

Streaming Content Support • Streaming within ECIT • Streaming outside of ECIT 8

Streaming Content Support • Streaming server capacity • Supported media formats 9

Live Event Broadcasting • Webcasting • Cable television 10

Live Event Broadcasting • Commencement • Orientation • Town Halls 11

Video Conferencing • IP & ISDN • Consult on desktop solutions • Single and Multi-site support (MSU) 12

Cable Television • • 78 Channels Unified Channel Lineup Cable Broadcast of Special Events Satellite Downlinking 13

Video Editing and Production • • Centers support i. Movie and Final Cut Class support for video production Independent projects – faculty/students AAIT production - Africa 14

For More Information media. service. emory. edu Brenda Rockswold brenda. rockswold@emory. edu 7 -5233 Jim Kruse james. kruse@emory. edu 7 -7656 Jack Mc. Kinney jack. mckinney@emory. edu 404 -272 -1945 15

Video Services ? Questions 16

Oracle Lets Talk ADS-DBA Team AAIT *

Talk About 10 g • The new 10 g version of WEB/EBO • Oracle Internet Directory (OID) • Advance Security Option (SSL ? ) 18

10 g • The new environment for the WEB/EBO databases will be more robust. • 10 g allows us to add processing power during heavy use periods. • When a box fails, the database will not fail. It just moves to another box. • This feature is available with 10 g clients using OID. 19

Who is Moving? • Most developers who use the WEB and EBO databases are AAIT. • This does not address developers using SLF 1, SLF 2, DPT 1 or DPT 2. • If you are not sure which database you are attaching to, contact your web admin or the help desk. 20

WEB/EBO DBs go 10 g • Please start testing the 10 g version of the database now. • Oracle 9 i clients will work, but… • Install the 10 g client to use the advanced features, such as failover. • Use OID to access the “AAITWEBD” service. 21

Talk about OID • The new 10 g version of WEB/EBO • Oracle Internet Directory • Advance Security Option (SSL ? ) 22

OID: How do I get there from here? 1784 N. Decatur RD TNS – Old, lists machine TNS - Manual Change 1784 N. Decatur Rd, luna. cc. emory. edu 1762 Clifton Rd Triton. cc. emory. edu OID Web Server OID - Do Nothing, let us work for you! 23

OID vs TNS: How do I get there from here? TNSNAMES requires you to specify the database server, the port, and the database name. If anything changes, then you must manually change the file. How many PC’s do you support? How do you know about every change? OID puts the burden on the DBAs. They make the changes when a database moves. You don’t have to. There is no reason not to move to OID as soon as you can. 24

So How Do I Switch to OID? First we will add a few lines to your sqlnet. ora file in your network admin folder. Then we create a new file, the ldap. ora in the same folder. First lets add lines to sqlnet. ora # Naming entries for sqlnet. ora NAMES. DIRECTORY_PATH= (TNSNAMES, LDAP) NAMES. DEFAULT_DOMAIN = cc. emory. edu NAME. DEFAULT_ZONE = cc. emory. edu %Oracle Home%/network/admin/sqlnet. ora Both files are available on the web. 25

So How Do I Switch to OID? Now we place a new file, ldap. ora in the same directory. DEFAULT_ADMIN_CONTEXT = "dc=emory, dc=edu" DIRECTORY_SERVERS=(oranamesrvr 0. cc. emory. edu: 389: 636, oranamesrvr 2. cc. emory. edu: 389: 636) DIRECTORY_SERVER_TYPE = OID %Oracle Home%/network/admin/ldap. ora Both files are available on the web. 26

Can I Copy the Files From Somewhere? Sure! Go to: http: //it. emory. edu/ and search for database. The Self Service Database FAQ has examples for both ldap. ora and sqlnet. ora. Or go to: http: //www. it. emory. edu/showdoc. cfm? docid=1547&fr=1086#faqs 27

Talk About ASO • The new 10 g version of WEB/EBO • Oracle Internet Directory • Advance Security Option (SSL ? ) 28

What is the problem? ASO Web Server Bounce or Your PC Database Server Hackers Unprotected connection Sniff 29

What about the Core? • The Administrative Core is a good concept. It keeps out most of the hackers. • The core does not protect against staff members (or student workers) with curiosity or malice. 30

So what is the solution? • Implement ASO, which is the Oracle equivalent to SSL. • We will start requesting use of ASO. • Over time we may move to requiring it, depending on our security needs. 31

How to use ASO • Oracle Advance Security is configured in the sqlnet. ora file. • Most machines already have what they need. If not one module (ASO) may need to be installed. • Changing a few lines in the sqlnet. ora file should do it. 32

Can I Copy the Files From Somewhere? Sure! Go to: http: //it. emory. edu/ and search for database. The Self Service Database FAQ has examples for both ldap. ora and sqlnet. ora. Or go to: http: //www. it. emory. edu/showdoc. cfm? docid=1547&fr=1086#faqs If you don’t write at 90 MPH, the slides will be available. 33

SQLNET. ORA The security portion of the SQLNET. ORA looks like this: SQLNET. CRYPTO_CHECKSUM_TYPES_CLIENT= (MD 5) SQLNET. ENCRYPTION_TYPES_CLIENT= (RC 4_40, RC 4_56) SQLNET. CRYPTO_SEED = qwertyuiop 1234567890. ORA =. ora SQLNET. CRYPTO_CHECKSUM_CLIENT = requested SQLNET. ENCRYPTION_CLIENT = requested 34

The Future • Over time we would like all communication to be encrypted. • All servers will be set to required if possible, or to requested for servers with unusual clients. • There is no timeline at this point. 35

Questions about any of this • The new 10 g version of WEB/EBO • Oracle Internet Directory • Advance Security Option (SSL ? ) http: //www. it. emory. edu/showdoc. cfm? docid=1547&fr=1086#faqs or http: //it. emory. edu/ then search for database to find the self service FAQ. 36

e. Submissions Graydon Kirk

Emory Backbone Upgrade Status and Timeline July 20, 2006 Paul Petersen Director, Architecture/Engineering Network Communications

Agenda • Preparation Work – Creating Router Redundancy – Engineering VLANs – Replacing Routers • Timelines – LAN Migrations – Border & Firewall • Challenges & Unknowns 39

Creating Router Redundancy . 1 . 2. 3. 2 40

Engineering VLANs 41

Replacing Routers Replacement Schedule: 6/15 – Cox Hall 7/05 – North 7/10 – NDB 7/13 – Clairmont 7/24 – EUH 8/14 - Crawford 42

Timeline: Router Migration Date: LANs Migrated: 07/20 07/24 Move 2 LANs: Anatomy Basement & FM 07/27 Move (16 -20) of the Academic Core LANs at Cox Hall Switch Room 07/31 Move (16 -20) of the Academic Core LANs at Clairmont Campus and North Campus 08/03 Move (16 -20) of the Academic Core and Secure Admin Core at North Campus and NDB 08/07 08/10 Move Res. Net Core (11 LANs) Move (16 -20) of the Academic Core LANs at Cox Hall Switch Room Move (16 -20) of the Academic Core LANs at NDB 43

Timeline: Firewall Migration Week: Firewalls Migrated: 07/31 New Firewalls installed and manageable. Res. Net Firewall Migrated. 08/07 Two week change freeze on Academic Border Firewalls. 08/14 Academic Border Firewalls Migrated to new hardware. 09/11 Two week change freeze on Secure Academic and DMZ Firewalls. 09/18 Secure Academic and DMZ Firewalls Migrated to new hardware. 44

Challenges & Unknowns • LAN Challenges – Fast Ethernet LANs – Multi-net LANs/Default Gateway Changes – Custom Configurations • Data Center/DMZ • Communication 45

Net. Com ? Questions 46