it briefing
DESCRIPTION
IT Briefing. July 2006. IT Briefing Agenda 5/18/06. EOL Updates WebTalk IT Website AAIT Video Services Oracle Updates eSubmissions NetCom Q&A. Karen Jenkins Lee Clontz Norman Hulme Brenda Rockswold & Jim Kruse Evan Ehrenhalt Graydon Kirk Paul Petersen. EOL Fall 2006. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/1.jpg)
IT Briefing
July 2006
![Page 2: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/2.jpg)
2
IT Briefing Agenda 5/18/06
• EOL Updates
• WebTalk
• IT Website
• AAIT Video Services
• Oracle Updates
• eSubmissions
• NetCom Q&A
• Karen Jenkins
• Lee Clontz
• Norman Hulme
• Brenda Rockswold & Jim Kruse
• Evan Ehrenhalt
• Graydon Kirk
• Paul Petersen
![Page 3: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/3.jpg)
3
EOL Fall 2006
• Given CAT, NetReg, and Software Express … new goal for EOL– Prepare Student computers for connectivity to Emory
networks• EOL functionality
– Install Symantec– Install Spybot– Turn on Windows firewall– Configure for Emory UnPlugged (new)– Test for recent Windows updates/patches (and
hopefully install) (new)– Prompt user to plug into the wired network (new)– Run the CAT executable (new)
• Screen shot demo in August• Invite testing participants
![Page 4: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/4.jpg)
WebTalk Demo
Lee Clontz
![Page 5: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/5.jpg)
IT Website
Norman Hulme
![Page 6: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/6.jpg)
AAIT Video Services
Brenda RockswoldJim Kruse
![Page 7: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/7.jpg)
7
Mission Statement
The goals of the Video Services team are to enhance communication,
collaboration, and information access through a wide range of services
including videoconferencing, cable television, audio/video streaming, and
webcasting. The team offers consulting, research, and support for these services
to members of the Emory academic, research, and healthcare communities.
![Page 8: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/8.jpg)
8
Customers
• Vary by service• Emory Faculty and Staff• Emory Students• Emory Affiliates• Emory Healthcare
![Page 9: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/9.jpg)
9
Streaming Content Support
• Streaming within ECIT• Streaming outside of ECIT
![Page 10: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/10.jpg)
10
Streaming Content Support
• Streaming server capacity• Supported media formats
![Page 11: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/11.jpg)
11
Live Event Broadcasting
• Webcasting• Cable television
![Page 12: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/12.jpg)
12
Live Event Broadcasting
• Commencement• Orientation• Town Halls
![Page 13: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/13.jpg)
13
Video Conferencing
• IP & ISDN• Consult on desktop solutions• Single and Multi-site support (MSU)
![Page 14: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/14.jpg)
14
Cable Television
• 78 Channels• Unified Channel Lineup• Cable Broadcast of Special Events• Satellite Downlinking
![Page 15: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/15.jpg)
15
Video Editing and Production
• Centers support iMovie and Final Cut
• Class support for video production• Independent projects –
faculty/students• AAIT production - Africa
![Page 16: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/16.jpg)
16
For More Information
media.service.emory.edu
Brenda [email protected]
7-5233
7-7656
Jack [email protected]
404-272-1945
![Page 17: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/17.jpg)
17
?Questions
Video Services
![Page 18: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/18.jpg)
Oracle Lets Talk
ADS-DBA TeamAAIT
*
![Page 19: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/19.jpg)
19
Talk About 10g
• The new 10g version of WEB/EBO
• Oracle Internet Directory (OID)
• Advance Security Option (SSL ?)
![Page 20: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/20.jpg)
20
10g
• The new environment for the WEB/EBO databases will be more robust.
• 10g allows us to add processing power during heavy use periods.
• When a box fails, the database will not fail. It just moves to another box.
• This feature is available with 10g clients using OID.
![Page 21: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/21.jpg)
21
Who is Moving?
• Most developers who use the WEB and EBO databases are AAIT.
• This does not address developers using SLF1, SLF2, DPT1 or DPT2.
• If you are not sure which database you are attaching to, contact your web admin or the help desk.
![Page 22: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/22.jpg)
22
WEB/EBO DBs go 10g
• Please start testing the 10g version of the database now.
• Oracle 9i clients will work, but…• Install the 10g client to use the
advanced features, such as failover.• Use OID to access the “AAITWEBD”
service.
![Page 23: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/23.jpg)
23
Talk about OID
• The new 10g version of WEB/EBO
• Oracle Internet Directory
• Advance Security Option (SSL ?)
![Page 24: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/24.jpg)
24
OID: How do I get there from here?
1784 N. Decatur Rd, luna.cc.emory.edu
1762 Clifton Rd Triton.cc.emory.edu
TNS – Old, lists machine
TNS - Manual Change
OIDOID - Do Nothing, let us work for you!
Web Server
1784 N. Decatur RD
![Page 25: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/25.jpg)
25
OID vs TNS: How do I get there from here?
TNSNAMES requires you to specify the database server, the port, and the database name.
If anything changes, then you must manually change the file. How many PC’s do you support?
How do you know about every change?
OID puts the burden on the DBAs. They make the changes when a database moves. You don’t have to.
There is no reason not to move to OID as soon as you can.
![Page 26: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/26.jpg)
26
First we will add a few lines to your sqlnet.ora file in your network admin folder. Then we create a new file, the ldap.ora in the same folder.
So How Do I Switch to OID?
First lets add lines to sqlnet.ora
# Naming entries for sqlnet.ora
NAMES.DIRECTORY_PATH= (TNSNAMES, LDAP)NAMES.DEFAULT_DOMAIN = cc.emory.eduNAME.DEFAULT_ZONE = cc.emory.edu
Both files are available on the web.
%Oracle Home%/network/admin/sqlnet.ora
![Page 27: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/27.jpg)
27
So How Do I Switch to OID?
Now we place a new file, ldap.ora in the same directory.
DEFAULT_ADMIN_CONTEXT = "dc=emory,dc=edu"
DIRECTORY_SERVERS=(oranamesrvr0.cc.emory.edu:389:636, oranamesrvr2.cc.emory.edu:389:636)
DIRECTORY_SERVER_TYPE = OID
Both files are available on the web.
%Oracle Home%/network/admin/ldap.ora
![Page 28: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/28.jpg)
28
Can I Copy the Files From Somewhere?
Sure!
Go to: http://it.emory.edu/ and search for database.
The Self Service Database FAQ has examples for both ldap.ora and sqlnet.ora.
Or go to:
http://www.it.emory.edu/showdoc.cfm?docid=1547&fr=1086#faqs
![Page 29: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/29.jpg)
29
Talk About ASO
• The new 10g version of WEB/EBO
• Oracle Internet Directory
• Advance Security Option (SSL ?)
![Page 30: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/30.jpg)
30
What is the problem?
Database Server
ASOWeb Server
or
Your PC Hackers
Sniff
Bounce
Unprotected connection
![Page 31: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/31.jpg)
31
What about the Core?
• The Administrative Core is a good concept. It keeps out most of the hackers.
• The core does not protect against staff members (or student workers) with curiosity or malice.
![Page 32: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/32.jpg)
32
So what is the solution?
• Implement ASO, which is the Oracle equivalent to SSL.
• We will start requesting use of ASO.
• Over time we may move to requiring it, depending on our security needs.
![Page 33: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/33.jpg)
33
How to use ASO
• Oracle Advance Security is configured in the sqlnet.ora file.
• Most machines already have what they need. If not one module (ASO) may need to be installed.
• Changing a few lines in the sqlnet.ora file should do it.
![Page 34: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/34.jpg)
34
Can I Copy the Files From Somewhere?
Sure!
Go to: http://it.emory.edu/ and search for database.
The Self Service Database FAQ has examples for both ldap.ora and sqlnet.ora.
Or go to:
http://www.it.emory.edu/showdoc.cfm?docid=1547&fr=1086#faqs
If you don’t write at 90 MPH, the slides will be available.
![Page 35: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/35.jpg)
35
SQLNET.ORA
The security portion of the SQLNET.ORA looks like this:
SQLNET.CRYPTO_CHECKSUM_TYPES_CLIENT= (MD5) SQLNET.ENCRYPTION_TYPES_CLIENT= (RC4_40, RC4_56) SQLNET.CRYPTO_SEED = qwertyuiop1234567890 .ORA = .oraSQLNET.CRYPTO_CHECKSUM_CLIENT = requestedSQLNET.ENCRYPTION_CLIENT = requested
![Page 36: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/36.jpg)
36
The Future
• Over time we would like all communication to be encrypted.
• All servers will be set to required if possible, or to requested for servers with unusual clients.
• There is no timeline at this point.
![Page 37: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/37.jpg)
37
Questions about any of this
• The new 10g version of WEB/EBO
• Oracle Internet Directory • Advance Security Option
(SSL ?)http://www.it.emory.edu/showdoc.cfm?docid=1547&fr=1086#faqs or
http://it.emory.edu/ then search for database to find the self service FAQ.
![Page 38: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/38.jpg)
eSubmissions
Graydon Kirk
![Page 39: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/39.jpg)
Emory Backbone Upgrade Status and Timeline
July 20, 2006
Paul PetersenDirector, Architecture/EngineeringNetwork Communications
![Page 40: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/40.jpg)
40
Agenda
• Preparation Work– Creating Router Redundancy– Engineering VLANs– Replacing Routers
• Timelines– LAN Migrations– Border & Firewall
• Challenges & Unknowns
![Page 41: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/41.jpg)
41
Edge
Edge
Edge
Master Switch
Core Router
1
Switch Room
Typical Building
1st
2nd
3rd
4th
.2
Creating Router Redundancy
Core Router
2
.2
.1 .3
![Page 42: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/42.jpg)
42
Engineering VLANs
Edge
Edge
Edge
Master Switch
Core Router
1
Switch Room
Typical Building
1st
2nd
3rd
4th
Core Router
2
Academic Core
HIPAA Core
Voice Core
![Page 43: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/43.jpg)
43
Replacing Routers
Replacement Schedule:
6/15 – Cox Hall
7/05 – North
7/10 – NDB
7/13 – Clairmont
7/24 – EUH
8/14 - Crawford
Cox2
Crawford1
Crawford2
North2
EUH2
EUH1
Clairmont2
NDB2
Cox1 North1
Clairmont1
NDB1
![Page 44: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/44.jpg)
44
Timeline: Router Migration
Date: LANs Migrated:07/20 Move 2 LANs: Anatomy Basement & FM
07/24 Move (16-20) of the Academic Core LANs at Cox Hall Switch Room
07/27 Move (16-20) of the Academic Core LANs at Cox Hall Switch Room
07/31 Move (16-20) of the Academic Core LANs at Clairmont Campus and North Campus
08/03 Move (16-20) of the Academic Core and Secure Admin Core at North Campus and NDB
08/07 Move ResNet Core (11 LANs)
08/10 Move (16-20) of the Academic Core LANs at NDB
![Page 45: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/45.jpg)
45
Timeline: Firewall Migration
Week: Firewalls Migrated:
07/31 New Firewalls installed and manageable. ResNet Firewall Migrated.
08/07 Two week change freeze on Academic Border Firewalls.
08/14 Academic Border Firewalls Migrated to new hardware.
09/11 Two week change freeze on Secure Academic and DMZ Firewalls.
09/18 Secure Academic and DMZ Firewalls Migrated to new hardware.
![Page 46: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/46.jpg)
46
Challenges & Unknowns
• LAN Challenges– Fast Ethernet LANs– Multi-net LANs/Default Gateway Changes– Custom Configurations
• Data Center/DMZ
• Communication
![Page 47: IT Briefing](https://reader036.vdocument.in/reader036/viewer/2022062809/56815737550346895dc4da53/html5/thumbnails/47.jpg)
47
?Questions
NetCom