COMTECH November 15 / 2007

Welcome

AgendaCIO Update Image Baby Image! Making PC Cloning More Efficient Security Officer Report Electronic Communications Update Call Centre Anywhere Networking Update CANHEIT Closing - Questions and Answers

CIO UPDATE

Image Baby Image! Making PC Cloning More Efficient

Carol Sin / Danny Wong For ACM SIGUCCS 2007 Fall Conference

INFORMATION TECHNOLOGIESBefore the presentation

Does your computer have an image problem?Do you have a need to work around the pre-installed OS?Do you control your PCs? Whos your Daddy?

BartPE is the answer.

INFORMATION TECHNOLOGIES

What is BartPE?BartPE is a pre-installation environment which runs Windows regardless of the OS which is installed on the PCBased on Microsofts WinPE

INFORMATION TECHNOLOGIES

What can BartPE do?Boot via CD, USB key, hard drive or networkNetwork connectivity / DiagnosticsInventory collection / Remote managementGhost

and much much more (especially with custom plugins)

INFORMATION TECHNOLOGIES

BartPE IT Labs ScenarioNew Machine (at least 512MB RAM)Boot from USB key into RAM DriveBartPE starts by loading network driverPre-flight check (starts Famatech RServer)Inventory collection begins new machine!Network speed verificationGhostcast session beginsINFORMATION TECHNOLOGIES

BartPE ScreenshotUCIT Customized version of BartPEINFORMATION TECHNOLOGIES

Post-imaging tasks and timesaversPre-sysprepDeletes most AD created profilesDisables CTRL-ALT-DEL to prepare for autoadmin logonSysprepJoins workgroupDeclone.exe runs to rename the computerWrites machine info to hard drive for later use by scripts

INFORMATION TECHNOLOGIES

More post-imagingAutoadminlogon #1 & #2Netdom joins the domainSetup task scheduler for daily reboot and profile cleanupSetup default logon parameters for the domain user

INFORMATION TECHNOLOGIES

HighlightsEntire post-imaging setup is automated.The machine operates unattended until ghosting and post-imaging configuration are complete. Compare using Ghost Console to name machines and perform per machine configuration. Everything is standalone, and potential faults with Ghost Console will not affect the process.INFORMATION TECHNOLOGIES

PXE BOOTING!!The New Revolution INFORMATION TECHNOLOGIES

PXE BootingShutdown computers with a scriptPXE boot using Wake-On-LANLoad BartPE from tftp server

INFORMATION TECHNOLOGIES

PXE Booting (Where Are We?)Can be done across subnets with centralized PXE and tftp serversStill in pilot stageWorking on automating the Ghost process so that it is unattendedINFORMATION TECHNOLOGIES

PXE Booting - ScreenshotPXE Server / TFTP Server on a Windows 2003 ServerINFORMATION TECHNOLOGIES

PXE BootingVideo Clip of Elbow Room LabUniversity of CalgaryINFORMATION TECHNOLOGIES

ConclusionOur imaging solution has stood the test of time. Barts boot disk was first used in 2003. In 2007, BartPE offers an open and flexible development platform that could potentially be used for other pre-boot applications. Provided that the network is at least 100Mbps and reliable, this solution is ideal in a Windows-based lab environment.

INFORMATION TECHNOLOGIES

INFORMATION TECHNOLOGIESAfter the presentation

INFORMATION TECHNOLOGIESImage, Baby, Image! Making PC Cloning More Efficient

Full Presentation and Videohttp://www.ucalgary.ca/itlabs/image.htmlAbstracthttp://www.ucalgary.ca/it/computing/labs/SIGUCCS/2007/docs/p314.pdf

Carol Sin - csin@ucalgary.ca

Danny Wong - danny.wong@ucalgary.ca

Information Security Officer's Update

Dennis Tracz CISSP-ISSMP, CISMInformation Security Officer

ContentsBackground Vision & MandatePolicyQuestionsQuiz

Information Security isThe process of protecting information from a wide range of threats in order to ensure business continuity, minimize business damage, and maximize return on investments and business opportunities.

The process of protecting the information assets of an organization.

Why do we need Security?Regulatory & Legal ComplianceHIPAA (Health Insurance Portability and Accountability Act) PIPEDA (Personal Information Protection and Electronic Documents Act)FOIP (Freedom of Information & Protection Act)HIA (Health Information Act of Alberta) Many More

Good Business PracticeOngoing effective management of information systems and information assets.Customer confidence has a direct impact on revenue.

MembersInherent expectation that confidential data is appropriately protected.

Managing Security RiskAbsolute Security is impossible! Given enough time and effort any security safeguard can be overcome.

The challenge is therefore to mitigate the risk to an acceptable level. To accomplish this:

Information Security must work jointly with the Faculties, Schools, Units and other business partner.

Information Security risks need to be identified and managed like any other business risk.

Current Security Threats

Deliberate Disgruntled EmployeesHackers/Malicious CodeCyber-Terrorists/warfareIndustrial EspionageNatural DisastersFloodsFiresEarthquakesHurricanesAccidentalEmployee AccidentsPower FailuresHardware & Software Failures

Evolving Security Threats

Information Security VisionEnable the attainment of the University's goals by ensuring the appropriateness of the Information Security controls surrounding the Confidentiality, Integrity,Availability of the Universitys information assets.

Information Security MandatePolicies and Standards Develop, implement, review and revise Information Security Policies, Standards and procedures.

Information Security Governance, Establish and maintain a framework to provide assurance that information security strategies are aligned with University objectives and consistent with applicable laws and regulations.

Security Awareness, Develop, implement and maintain an effective security awareness program.

Information Security Mandate (Cont..)Security Architecture, Ensure the appropriateness of the technical infrastructure and application-related security controls within the U of C computing environment.

Security Incident Management, Ensure that all security related incidents and violations are properly documented, investigated and correctly resolved in a timely fashion.

Business Continuity, Provide input to existing Business Continuity Plans (BCP), make necessary adjustments to the Master Disaster Recovery Plan (MDRP) and Service Availability and Recovery plans (SARPs) as the BCP changes, and provide effective security direction in the event of a disaster.

Information Management & Compliance ProgramAcceptable Use of Information AssetCommon Sense (legal and courteous) Information Identification & ClassificationMostly UCLASS includes a security classificationInformation Asset Security MonitoringUofC will conduct appropriate monitoringInformation Asset Protectionprotection is commensurate with classification Information Asset ManagementRisk Identification, Assessment & Management

The Official Policies

My QuestionsApproximately how many computers on the Internet are infected with spyware?a. 25% b. 45% c. 60% d. 80%

What is the best protection against spyware? a. Disable Active-X in Internet Explorerb. A firewall c. Install anti-spyware and keep it updated d. Only browse websites that you know and trust Source: SANS

What do these institutions have in common?Bates CollegeNevada University64,098 Records Compromised1, 20018, 00023,0005, 09827950816, 000

How are Passwords are like bubblegum?Strongest when freshShould be used by and individual not a groupIf left laying around will create a sticky mess

Electronic Communications UpdateWolfgang Neumann/Adil Kurji

New WEB Interface

Enterprise-Centric FMCWi-Fi side of the phone is homed to the PBX PBX forwards calls to cellular number when phone is out of Wi-Fi coverage Sometimes used with cellular data channel for presence & signaling when in cellular coverage User experience is like a PBX extension whether inside or outside Wi-Fi coverage

Status Today WiFi Voice using U of C ePBXForward call to cell number when out of reach on WiFi.Send all Voice-Mail to ePBX.Send Voice-Mail notification via E-Mail.

What is the Supernet? Alberta SuperNet is a high-speed, high-capacity broadband network linking government offices, schools, health-care facilities and libraries, including approximately 4,200 connections in 429 communities.

http://www.albertasupernet.ca/supercommap/index.cfm

VideoconferencingSupernet locations can enable video communication through installation of a Video Edge Device (VED)The VED acts as a gateway which translates video and routes it over the supernetVideo packets are given higher priority through QoS

ImplementationCourse: English 504.01 offered remotely to Red Deer College. Hosted at the TLC and linked over the commercial internetAudio/Video quality & connection issuesEC & TLC registered an endpoint to the VEDConference quality greatly increasedhttp://www.ucalgary.ca/connectivity/vol2/issue11/reddeer

Electronic CommunicationsFor more information Contact:MS733ec@ucalgary.ca210-7717

Call Centre Anywhere Ian Whitehead

TELUS CallCentreAnywhere&University of CalgaryInformation Technologies

Ian M. WhiteheadIT Support CentreIncident Coordinator

CallCentreAnywhereon CampusIn 2006, Enrollment services launched the use of CallCentreAnywhere as their call centre solution for handling the high volume of calls coming into the University of Calgary, Registrars office.

In June 2007, the IT Support Centre, the PeopleSoft Support Centre and IT Client Relations & Communications celebrated the successful collaborative effort with Enrolment Services through jointly handling a high volume of calls for Fall 2007 open registration.

CallCentreAnywhereImplemented at both IT Support Centres

In August 2007, the IT Support Centre and the PeopleSoft Support Centre migrated from their old call centre technology to TELUS CallCentreAnywhere

What is CallCentreAnywhere?Customer contact centre and management solutionWeb-basedHosted entirely on the TELUS network

References from TELUS CallCentreAnywhere Enterprise & Industry Contact Centre Solutions web site: http://promo.telus.com/tm/05/q3/cca/faq.html#q1

What doesCallCentreAnywhere do?

Manages inbound or outbound telephone callsAccommodates Web chat sessions & e-mailAllows for Web collaborationVoice mail service and queue handlingInteractive voice response (IVR)

What are the benefits CallCentreAnywhere ?Fast and easy to install and use.Flexible and versatileAgents can log in to the phone queue from anywhere, providing they have a computer, network connection and a phone. Changes can be made on-the-fly to agents and workgroups.Supervisors can alter workflow and messaging from anywhereChanges take effect in "real time", with no service interruptions.

CallCentreAnywhere Quality Assurance & Metrics

Real-time and historical call data can be accessed quicklyAll contact centre operations can be monitoredFrom an Internet browser, supervisors can:listen in on calls without detectionwhisper-coach agentsobserve desktop interactions listen to recordings of or view past customer interactions

The IT Support Centre can control:

Call flow logicInteractive voice response (IVR) promptsAgent skills, workgroups and projects

The IT Support Centre can determine:How customer interactions are routedWhat customers hearWhich agents handle certain customersHow calls are funneledHow products are addressed

Closing MessageCallCentreAnywhere has enabled the IT Support Centre along with the PeopleSoft Support Centre to quickly shift from a traditional telephony-based infrastructure to integrated voice and data contact centre functionality.

Customer ServiceOur new call centre technology boasts the potential of revolutionizing our IT Support model at the University of Calgary and offers us greater flexibility in being able to quickly monitor phone queues and manage our primary customer contact tool more effectively. My goal is that as the IT Support Centre becomes more adept at leveraging the power of CallCentreAnywhere, our level of Customer Service will begin to make noticeable improvements as we learn how to more effectively control the calls that arrive at the IT Support Centre.

The FutureI anticipate that with the success of TELUS CallCentreAnywhere in Enrollment Services and Information Technologies that perhaps a campus wide implementation may be in order to further communication strategies across campus in all departments and faculties.

Learn more about CallCentreAnywhereInternet Search: TELUS CallCentreAnywhereContact: Ian M. Whitehead Phone: 220-4427Email: Ian.Whitehead@ucalgary.ca

?Questions?IT Support Centre 220-5555

Network & Voice Services UpdateDoug Doran

What is Network and Voice Services?Network ServicesVoice ServicesRouting GroupElectronic CommunicationsTechnical Writing

Network and Voice Services ProjectsBreak in the new guyQatar connectivityWirelessVoIPInternet BandwidthNetwork Core UpdateContinuous operations modelWorking together to meet department needs

Break in the New GuyFantastic teamLook and learnNow I know just enough to be dangerous

Qatar ConnectivityChallenge - cost effectively provide connectivity to main campus for the new University of Calgary Qatar campusThe best commercial connection offer was 2Mbps for $60K/monthFurther research enabled us to leverage existing research network connections to achieve a 8x faster connection for 1/20th of the costU of C - Netera CANet Internet II Qatar Foundation QTEL UC-Q

WirelessWireless Phase II expansion of coverage areas was completedThis summers updatesIncremental quality improvements moving forward

Wireless FuturePilot for WiFi voicePlanning for encrypted wireless SSIDWe continue to look for new applications of our WiFi network.Please talk to us if you have specific needs

Voice ServicesVoIP

Internet BandwidthCurrently 300 Mbps Internet connection with a 100 Mbps backupIncreasing to 400 Mbps and our backup connection to 200 MbpsHigher level of reliability in our Internet connection

Network Core

Safety ProcessesReviewing our riser rooms and work areasEvaluating our safety processesBob Chomany is becoming our internal safety go to guy

Continuous OperationsThe goal of improving our systems and procedures to operate continuouslyDecrease in downtime both scheduled and unscheduled

Working Together

Contact UsYou can contact us through the UCIT Support Centre at 220-5555

Or you can email me, Doug Doran at dgdoran@ucalgary.ca

CANHEIT 2008 Riding the Edge of Technology Stephanie Weir - Conference Chair

What is CANHEIT?Canadian Higher Education and Information Technology Conference (CANHEIT)

Primary objective:to focus on those IT issues that are of Canadian significance and of primary interest to universities and community colleges.

We expect over 350 people to attendThis conference brings together senior administrators, managers, and staff who are responsible for the management and evolution of their campus information systems, learning systems, and infrastructure.

CANHEIT in CalgaryThe sixth annual CANHEIT conference will be held in Calgary, Alberta from June 14th-18th, 2008.

Conference ThemeRiding the EDGE of Technology

Planning CommitteeStephanie Weir, Conference Chair Kevan Austen, Sponsorship Committee ChairDavid Buhler, Keynote Committee ChairHeather Weiland, Communications Committee ChairTheresa Mueller, Program Committee ChairKeith Mills, Com/Media Committee ChairNancy Brooks, CIO Meeting Committee ChairHarold Esche, CIO

What to Expect?Stimulating technical program Suggested presentation streamsSecurityGreen Computing

Unique keynote presentations

Excellent networking opportunities

Evening entertainmentHeritage ParkCOP

How you can help?VolunteervolunteervolunteerWelcome/registrationRoversSecuritySignageInformation personnelEquipment crewCom/media

If interested, send an email to me (sdweir@ucalgary.ca)

For more information.www.canheit.ucalgary.ca

Questions & Answers Harold Esche

*To add the All Caps title to the Identification bar on the bottom go to View Header and Footer and add the title to the footer box. Then click apply to allInformation security these days is becoming quite a scary proposition for most businesses. It is moving so rapidly, it is often associated with bad publicity, it is only understood by a small percentage of the population and if not implemented correctly can put even the largest corporate out of business.

The media constantly covers breaking news stories about sites being hacked, credit card numbers being stolen and virus infections causing millions of dollars of damages.

Network Services Cabling project coordination, switch and wireless deployment, and project team membersVoice Services Campus telephone services from the installation of the phone to the management of our phone switch.Routing Group, Internet connectivity management, network core projects, DNS, network architecture.Electronic Communications R & D, new communications technology, network based video conference technology, VoIP developments.Technical Writing Produces articles for UCIT web site, user documentation, and lots of other documentation projects.I started Jan 16, 2007.Fantastic team who largely have humored me until they could break me in.Terry tries to keep me off balance by sending me more email than I can possible respond to so that I will hopefully leave him alone. It works some of the time.Ive gone through the look and learn phase so now Im starting to get dangerous as I know enough to get into lots of trouble.

One of my first challenges was trying to figure out how to cost effectively provide connectivity to the new University of Calgary Qatar campus.The best commercial connection offer was 2Mbps for $60K/month.It was not going to be possible to do data and video connections on a link this slow reliably.Further research enabled us to leverage existing research network connections to achieve a 8x faster connection for 1/20th of the cost.U of C - Netera CANet Internet II Qatar Foundation QTEL UC-QThe challenge was not really technical however since the traffic routing is quite dynamic but finding and making the connections with the right people took awhile.

Wireless Phase II expansion of coverage areas was completed this year after significant delays due largely to asbestos hold ups and rotating personal shortages for our contractors.Further work this summer saw significant OS upgrades, improvements in our systems reliability, and some fill in for high density areas. We continue to deal with some management issues but are working for incremental quality improvements moving forward.

Pilot currently underway for WiFi voice usage using desk phone number for mobile workersWe are working towards implementing a encrypted wireless SSID option in the next yearAnalysis continues for other new applications of our WiFi network. Please talk to us if you have specific needs.

-VoIP pilot using Asterisk moved into production mode-Over 300 VoIP telephones have now been deployed-Network upgrades have been required to insure proper QOS and power during outages-Partially because of the overlap between Voice and data Voice Services was recombined with Network Services in July-There continues to be a learning curve in this area but we really do have a very professional team that strive to achieve very high standards

In addition to our various research network connections and peering relationships we currently have a 300 Mbps Internet connection through Telus.We are approaching this level of traffic so in the next few months we will be increasing our primary Internet connection to 400 Mbps and our backup connection to 200 Mbps.Along with this bandwidth increase will come a higher level of reliability in our Internet connection.-Our current network core is over 7 years old and has served the University very well.-The Barney as sometimes they are refered too has proven to be a very reliable platform and even after 7 years we have still not tapped its total bandwidth potential. -It is getting older however and we are seeing an increase in failure rates especially recently.-There are also some architecture limitations that prevent us from doing everything we would like to with it.-With that in mind then we have recently gone out to RFP to update our network core technology.-One of the major UCIT themes is moving to Continuous Operations and increasing the level of redundancy in our network core is a key component of achieving this goal.-That RFP is currently at the shortlist stage and if all goes well we hope to begin deployment next summer of a new core. Our goal will be that for the most part you will never know it happened.Several of the projects we have recently undertaken have been with the goal of improving our ability to operate in a continuos operations mode.As we move into this model and build redundancy into more of our systems you should see a decrease in downtime both scheduled and unscheduled.

-Given the size of the campus and the reality of not unlimited funding we can not do as much as quickly as we would like.-Often we are approached by various departments that have specific problems that they need fixed. By working together we can often achieve solutions to these problems that neither group on their own is able to resolve. Often this may involve a shared cost model where we chip in what we can and the department chips in what they can.-Some examples of this include projects that are currently underway with Nursing, Engineering, and Residence Services.