Fy 08 NETWORK PLANNING TASK FORCE

1
Fy 08 NETWORK PLANNING TASK FORCE

• Fall Agenda Setting and Discussion

09.17.07
2
NPTF FY 08 Members

• Robin Beck, ISC
• Michael Palladino, ISC (Chair)
• Mark Aseltine / Mike Lazenka, ISC
• Gary Delson/Geoff Filinuk, ISC
• Dave Millar, ISC
• Deke Kassabian / Melissa Muth, ISC
• Chris Bradie /Dave Carrol, Business Services
• Doug Berger / Manuel Pena, Housing and Conference
  Services
• Cathy DiBonaventura/Rick Haverkamp, School of
  Design
• Helen Anderson, SEAS
• Brian Doherty, SAS
• John Irwin, GSE
• Ira Winston, SEAS, SAS, Design

• Deirdre Woods /Dan Alig, Wharton
• Mary Alice Annecharico /Mike Herzog, SOM
• Rich Cardona, Annenberg
• Kayann McDonnell, Law
• Donna Milici, Nursing
• Ken McCardle, Vet School
• Jeff Fahnoe, Dental
• Grover McKenzie, Library
• Mary Spada, VPUL
• Marilyn Spicer, College Houses
• Joseph Shannon, Div. of Finance
• Steve Stines /Dominic Pasqualino, OAC
• Marilyn Jost, FRES
• Michael Weaver, Budget Mgmt. Analysis

3
Agenda

• Defining the NPTF process for FY 08
• Topics gathered thus far
• Additional discussion
• Setting the Fall agenda

4
NPTF Meeting Schedule FY 08

• 130-300pm in 337A Conference Room, 3rd floor
  of 3401 Walnut Street
• Process
• Intake and Current Status Review July 16
• Agenda Setting Discussion - September 17
• Strategy Discussions - October 1
• Security Strategy Discussions - October 15
• Strategy Discussions - October 29
• Prioritization - November 5
• Rate Setting November 19

5
NPTF Process Feedback

• Too much information is crammed into too short a
  timeframe.
• We dont get enough time to prioritize things in
  the Fall.
• We dont get enough time to discuss financial
  decisions with our deans before our budgets are
  due.
• Is it possible to see the projected budget in
  September so that we know how much discretionary
  money there is before we start?
• Suggestions
• Finish Fall process in early November.
• Hold fewer meetings in the Fall (3-4 total)
• Hold off-season meetings (2) to discuss strategic
  items
• Hold off-season meetings (2) for a closer review
  of operational items.
• Do a review of where NT resources are going for
  services and RD.
• Do a survey to get more formal feedback on
  current services.
• Polish current services like VoIP before
  spending more time on new ones.

6
NPTF Security Feedback

• Security is the beast that ate NPTF
• Is NPTF the right place to discuss it?
• Is there other centralized money for it?
• We need to see a multi-year security strategy
• What is the budget impact of it centrally
  (charged by ISC if any) and locally to schools.
• What is the budget impact of various security
  policies?

7
FY 09 Price Setting

• We will re-evaluate pricing for
• 10 Mbps (6.03)
• 100 Mbps (7.03)
• 1000 Mbps (30)
• vLANs (2.50)
• Wireless (27)
• VoIP/ Voicemail/ IM
• Video services
• Analog voice services
• Central Service Fee (headcount and IP addresses)

8
NT Operational Initiatives for FY 08

• Next Generation PennNet
• Gigabit building/subnet connections (router
  ports)
• Single-mode fiber to buildings (new pathway if
  necessary)
• Redundant building/subnet connections
• Customer Service
• Online, self-service intake for voice and data
  orders/ Service Order Intake (SOI)
• Always striving for better communications and
  feeling the urgency in your requests
• Wireless
• Expand 802.1x authentication to all wireless
  PennNet areas where current web authentication
  exists for wireless-PennNet. (Dual SSIDs)

9
Strategic Discussions for FY 08

• Communication Names
• Develop infrastructure necessary to implement
  Communication Names in order to support longer
  and more meaningful user names for email and
  other electronic communications.
• Complete name space clean up
• Augment PennNames to support Communication Names
• Develop application to create Communication Names
• Create web interface to allow authorized users to
  lookup, add, modify and delete Communication
  Names
• Create API to allow authorized applications to
  lookup, add, modify and delete Communication
  Names
• Modify Penn Community to store Communication
  Names
• Should we do cost estimates on this project?
• Wireless
• Seamless roaming
• 802.1x only (visitors)
• Earthlink as wireless overlay. Outsource outside?

10
Strategic Discussions for FY 08 (Contd.)

• Integrated Communications
• VoIP
• Softphones
• IM
• VoIP redundancy scheduled down-time
• Video Strategy
• Digital video
• Desktop teleconferencing
• File sharing and archiving/Flexible method for
  sharing data
• How broadly and on what time line should PennNet
  Gateway (scan and block) be deployed once it is
  fully ready? Or as desktop/laptop operating
  systems with automated security updates become
  common, does PennNet Gateway become a lower
  priority?
• What should the timing be for a single
  campus-wide network access control for both wired
  and wireless networks?
• Can we enhance perimeter intrusion detection?
• UPS on all network electronics
• Cell phone coverage in buildings

11
FY 08 Security Goals

• Compliance Roll out the Security and Privacy
  Impact Assessment (SPIA) process, in conjunction
  with Penns Privacy Office to better manage
  University-wide IT security and privacy risk to
  8-12 schools centers.
• Prevention Establish Penn LSP security training
  certification (computer based training and
  testing) and conduct security technology
  training for 3 5 topics. New employee online
  security and privacy awareness training.
• Identity Management
• Security Assessment Engage with Oracle
  Corporation to review database security and
  identity management infrastructure to ensure
  timely and secure access to Penn enterprise IT
  resources
• Develop a plan for next generation PennKey.
• Implement Shibboleth for federated identity.
• Build and deploy a central authorization system
  to minimize the risk of exposing sensitive data
  and/or violation of policy or law 

12
FY 08 Security Goals (Continued)

• Select a recommended product for stored data
  encryption
• Should we do centralized key escrow?
• Limit SSN availability through Data Warehouse
• Develop strategy documents
• Develop logging best practices in conjunction
  with HARTS team
• Beyond passwords, next steps for authentication
• Personal device security
• Subnet level intrusion detection
• Pennnet Gateway Help prevent compromised systems
  from spreading malware on the network and avoid
  increased support needs for incidence response
• Pilot deployment for College Houses, Sansom Place
  and GreekNet wireless areas and possibly two
  other schools and centers.

13
Possible FY 09 Security Goals

• Year three of four-year SPIA rollout.
• Identity Management
• Extend Authorization systems group management
  capability to include privilege management.
• Online provisioning for Penn administrative
  applications.
• Implement first phase of Next Generation PennKey
• Implement security event logging
• Logging policy (protecting against brute force
  attacks)
• Pilot Critical Host Vulnerability Management
  agent and Compliance Reporting.
• PennNet Gateway full roll out to residential
  system
• Review campus A/V strategy vs. Host-Based
  Intrusion Prevention. Compare Symantec with
  alternatives.
• Campus-wide all staff (then faculty) security and
  privacy awareness online training.

14
Additional Discussion

• What have we missed that is critical to be done
  in FY 08 or planned for now to do in FY09 and
  beyond?
• What can we eliminate?
• Bluesocket wireless authentication.
• Can we move 100 to 802.1x by Fall 08?
• Netnews

15
IT Roundtable Topics

• Benchmarking with peers
• Trailing Edge
• Leading Edge
• Data Center/ Facilities Management
• Research Computing
• Email
• Content Management