ARCHITECTURE  &  INFRASTRUCTURE  COMMITTEE  MEETING  AGENDA  FRIDAY,  October  11,  2013  

9:00-­‐10:30  AM  FAC  228D  

 I.  9:00-­‐9:15  Administrative  Systems—Update  (Mary  Knight)              II.  9:15-­‐9:35  Priorities  Finalization—Endorse                III.  9:35-­‐9:50  Retirement  of  Web  Space-­‐Communication  Plan—Endorse  (Dave  Moss)              IV.  9:50-­‐10:05  Web  Infrastructure  Project—Endorse    (Dave  Moss)            V.  10:05-­‐10:30  Shared  Services—Update  and  Input  (Achim  Welter  and  Heather  Hanna)      

1  IT  Architecture  and  Infrastructure  Committee  2013-­‐2014  Priorities,  V.1.      

2013-­‐2014  AIC  Priorities    

Shared  Services  Provide  faculty  input  and  advice  on  the  transition  to  a  shared  service  mode  with  special  attention  toward  the  development  of  metrics  to  evaluate  customer  service  and  satisfaction.    

Cloud  Strategy    Build  a  framework  to  outline  how  the  university  will  move  to  more  cloud-­‐based  services,  what  infrastructure  is  needed,  how  monitoring  occurs,  what  services  are  appropriate  for  the  University,  and  how  those  services  will  be  implemented  and  evaluated.  This  strategy  should  be  supported  by  information  gathered  from  an  assessment  of  what  our  peers  are  doing  in  this  space  and  a  best  practices  and  lessons  learned  library  should  be  maintained.    

ERP  Integration  Strategy    Develop  and  disseminate  best  practices  and  detailed  plans  for  departments  that  will  need  to  interface  with  new  ERP  system.  In  tandem,  develop  guidelines  and  best  practices  for  departments  tackling  the  question  of  how  to  replace  a  wealth  of  fully  functioning  mainframe  systems,  outside  of  the  new  administrative  system,  with  either  commercially  available  administrative  software  packages,  in-­‐house  solutions  using  newer  or  different  technology,  or  a  combination  of  both.  Clarify  integration  strategy.    Email  Strategy    Develop  a  matrix  that  helps  users  understand  the  capacities  and  differences  between  email  systems  so  that  they  can  choose  which  email  system  is  most  appropriate  for  individual  use.  Consider  an  institutional  email  solution.  

Program  Planning  and  Accountability  Create  a  plan  that  offers  guidance  on  adjusting  priorities  as  new  priorities  are  submitted  to  the  committee  for  consideration.  Develop  a  master  list  of  priorities  and  a  calendar  of  associated  projects.  Track  how  projects  are  related  to  each  other  and  project  dependencies.    Develop  guidance  on  how  to  analyze  resource  constraints  when  more  than  one  project  affects  the  university  simultaneously.  Track  major  milestones  and  when  those  milestones  are  met  and  celebrate  major  milestones  and  project  achievement.    

System  Standards    Create  and  minimum  system  management  standards  (server,  desktop,  laptop,  etc)  to  improve  information  security  and  reduce  costs.  Successes  and  challenges  may  be  understood  by  calculating  the  delta  in  system  breaches,  loss  of  unencrypted  systems,  productivity,  and  in  savings.        

   

2  IT  Architecture  and  Infrastructure  Committee  2013-­‐2014  Priorities,  V.1.      

2013-­‐2014  AIC  Subcommittee  Priorities        

Web  Infrastructure  Subcommittee  Priorities    UT  Web    Implement  a  new,  modern  web  infrastructure  (“UT  Web”)  to  meet  the  needs  of  the  campus  web  publishing  community.    Centralized  Web  Tools    Select  and  implement  a  suite  of  centralized  web  tools  for  campus  web  publishers  (e.g.  university-­‐  branded  web  templates,  search,  analytics  and  quality  assurance  tools,  maps).    Emergency  Web  Site    Implement  an  off-­‐campus,  emergency  web  site  that  is  CMS-­‐driven  with  distributed  authorization  for  content  management.    

Identity  Management  Subcommittee  Priorities    Identity  Management  Roadmap  Implementation    Adjust  schedule  or  apply  resources  to  areas  that  will  need  to  convert  once  it  is  released.    CASI/UTLogin  Transition  Fully  implement  UTLogin  and  retire  the  legacy  Central  Web  Authentication/Fat  Cookie  system.  IAM  Technology  Selection  Select  the  technology  footprint  to  enable  new  and  improved  IAM  services.  IAM  Cloud  Integration  Guidelines    Provide  guidelines  to  help  campus  plan  for  and  address  IAM  functions  when  implementing  cloud  services.  Implement  Level  of  Assurance  Framework  &  Multi-­‐Factor  Authentication  Develop  an  objective  risk-­‐based  assurance  framework  and  provide  multi-­‐factor  authentication  services  for  high-­‐risk  transactions.  Implement  BYO-­‐ID  &  Lightweight  Authentication  Provide  “bring  your  own  identity”  and  lightweight  authentication  options  for  low-­‐risk  transactions.  Improve  Redundancy  of  Authentication  Services  Leverage  cloud-­‐based  solutions  to  improve  the  resiliency  of  central  authentication  services  and  reduce  their  dependence  on  campus-­‐based  infrastructure.  

Streaming  Task  Force  Priorities    To  make  recommendations  for  a  service  that  provides  appropriate  hosting  solution(s)  for  publicly  available  rich  media,  restricted  content  as  well  as  lecture  recordings.  If  the  solution(s)  include  on  premise  hosting  then  make  recommendations  on  storage  options.      

AIC

Taskforces

VOIP

Office 365

Enterprise Chat

Projects

VOIP

CASI UTLogin

ASMP Tech Environment

Standards and Methodology

Virtual Desktop

Wireless Network

Cloud Identifier

Box Implementation

Upgrade Web Infrastructure

Implement Digital Strategy Web

Network

Inventory/Netcontacts/ISORA

Committees

Network Standards

Cloud Services

Qualtrics Steering Committee

Box Steering Committee

Web Technology and Infrastructure

Streaming Media Subcommittee

 PROPOSED  WEBSPACE  RETIREMENT  PLAN  –  OCTOBER  2013  

   

 ! Proposed  WebSpace  Retirement  Plan  –  October  2013  

 

Executive  Summary  

Information  Technology  Services  (ITS),  in  conjunction  with  the  Information  Security  Office  (ISO),  seeks  approval  from  the  IT  Architecture  &  Infrastructure  Committee  to  retire  WebSpace,  a  legacy  online  file  storage  and  sharing  service  with  less  than  1,000  active  users  (and  the  top  100  users  accounting  for  98%  of  traffic)  in  May  2014.  Retiring  WebSpace  would  include  a  comprehensive  communication  plan  as  well  as  working  directly  with  users  to  migrate  content  to  alternatives  solutions  such  as  UTBox  or  Google  Drive/Sites.  

Business  Need/Background  

Over  the  past  year,  several  security  vulnerabilities  were  discovered  in  the  application  platform  used  by  WebSpace,  which  were  not  addressed  by  the  vendor  in  a  timely  manner.  This  required  drastic  measures  by  ITS  and  ISO  to  protect  the  university’s  sensitive  data,  causing  great  inconvenience  to  users.  Confidence  is  low  that  when  new  vulnerabilities  are  discovered  that  they  will  be  addressed  satisfactorily  by  the  vendor,  so  moving  away  from  WebSpace  helps  the  university  avoid  future  data  loss  and  further  service  disruption  to  users.  

Alternatives  to  WebSpace  

Under  the  auspices  of  campus  IT  governance,  ITS  is  asked  to  re-­‐evaluate  major  service  offerings  and  look  for  better  solutions.  Because  of  the  risks  associated  with  WebSpace,  more  robust  and  secure  alternatives  are  now  available.  

• File  Sharing  o Current  faculty  and  staff  are  eligible  to  use  the  new  UTBox  cloud  based  file  sharing  service  for  business  use.  

UTBox  is  approved  secure  by  ISO  and  offers  25  GB  (gigabyte)  of  storage.  o Students  can  use  Google  Drive  (a  feature  of  UTmail  accounts)  for  file  sharing,  collaboration  and  storage,  

which  also  offers  25  GB  of  storage.  • Web  Publishing  Options  

o Account  holders  using  WebSpace  for  web  publishing  can  use  Google  Drive  and  Google  Sites  associated  with  UTmail  accounts  to  host  web  pages.  The  University  Blog  Service  also  provides  web  publishing  using  the  WordPress  platform.  

• Green  Output  o Austin  Disk  will  be  the  new  default  destination  for  Green  Output  beginning  October  14,  2013.  

Communication  Plan  

• Update  on  WebSpace  service  page  and  no  new  accounts  provisioned.  • Update  and  “countdown  clock”  on  WebSpace  login  page.  • Periodic  email  messages  and  reminders  to  all  WebSpace  account  holders  regarding  the  impending  retirement  and  

migration  plan.  • Comprehensive  “how  to”  documentation  and  “high  touch”  support  available  to  WebSpace  customers  who  need  

assistance  with  content  migration.  • “FYI”  session  will  be  scheduled.  

For  More  Information  

• Full  draft  communication  plan:  https://utexas.box.com/s/yclh1kqyuz6lma92hmfr  • UTBox  service  page:  http://www.utexas.edu/its/cloudstorage/  • UTmail  service  page:  http://www.utexas.edu/its/email/  

1  AIC/BSC  Green  Output  Update—October  2013      

Green  Output  Update    

From  the  WebSpace  service  page  

Note:  WebSpace  is  a  legacy  online  file  storage  and  sharing  service.  No  new  accounts  are  available  at  this  time;  however,  exceptional  business  needs  (e.g.  mainframe  Green  Output)  can  be  discussed  with  the  ITS  Help  Desk.  Existing  accounts  and  user  materials  will  continue  to  operate  as  normal.  A  retirement  date  for  the  service  will  be  determined  after  IT  governance  approves  a  transition  plan.  

With  this  in  mind,  mainframe  Green  Output  will  change  its  default  destination  from  WebSpace  to  Austin  Disk  beginning  October  14,  2013.  There  is  nothing  analysts  or  Green  Output  recipients  need  to  do  other  than  begin  retrieving  their  output  from  a  different  location.  Green  Output  Report  Delivery  Notices  will  continue  to  be  sent  to  recipients  and  the  new  location  will  be  reflected  in  the  link  provided  in  the  email  for  each  report.  (Note:  There  will  be  some  overlap  in  delivery  between  the  old  and  new  locations  depending  on  when  the  mainframe  job  that  produced  the  output  was  actually  submitted.  Thus,  Green  Output  may  be  delivered  to  a  user’s  WebSpace  account  one  last  time  over  the  night  of  October  14.)  

Beginning  October  14,  when  output  from  the  Mainframe  is  sent  to  Green  Output,  it  will  be  placed  in  an  eReports  folder  on  Austin  Disk  within  a  sub-­‐folder  named  with  the  recipient’s  EID.  If  this  folder  does  not  yet  exist,  Green  Output  will  create  and  configure  this  folder  automatically.  Folders  on  Austin  Disk  can  be  securely  accessed  as  a  mapped  network  drive  from  Windows  desktops,  using  the  Connect  to  Server  feature  in  Mac  OS,  or  simply  from  a  web  browser.  Instructions  for  accessing  the  new  Green  Output  destination  are  available  at  http://www.utexas.edu/its/help/green-­‐output/194  

Users  of  the  new  Green  Output  folders  on  Austin  Disk  will  have  Read  and  Delete  authorizations  but  not  Write  access  to  their  individual  folder.  This  new  Green  Output  destination  is  not  intended  for  general  use  storage  –  campus  file  storage  and  sharing  options  are  outlined  at  http://www.utexas.edu/its/webspace/  

Questions  or  concerns  may  be  sent  to  the  ITS  Help  Desk  or  to  robert.trent@austin.utexas.edu.  

The  University  of  Texas  Aus3n      UT  Web  Project  Update  IT  Architecture  &  Infrastructure  Commi?ee      October  2013  

2  

Program  Overview  Abbr.   Service  Offering   Descrip3on   Avail   EOL  WC   Web  Central   UT  Aus1n’s  central  web  hos1ng  service  

and  Unix  1me  share  environments  Today    

Q4  2014  

UT  Web  

UT  Web   Panel-­‐based  shared  web  hos3ng  plaKorm  

Q2  2014  

SM   Self-­‐Managed  Web  Hos1ng    

Web  environments  that  are  owned  by  or  operated  on  behalf  of  non-­‐ITS  en11es  (e.g.  department-­‐owned  web  servers  on  UT-­‐V)  

Today  

MD   Managed  Drupal   Project  to  be  ini1ated  by  ITS  Applica1ons  that  will  provide  a  common  build  and  University  Communica1ons  approved  theme  for  users  looking  for  a  Drupal  op1on  requiring  minimal  setup  

Est.  2014  

Blogs   Blogs  (WordPress)   Provides  a  common  build  and  University  Communica1ons  approved  theme  for  users  looking  for  a  WordPress  op1on  requiring  minimal  setup  

Today  

Note:  All  dates  are  calendar  year,  not  fiscal  year.  

3  

Web  Hos3ng  Cost/Flexibility  Considera3ons  

FLEXIBILITY

CO

ST

Managed Drupal & Blogs

UT Web

Self Managed Web Hosting

4  

UT  Aus3n  Network  

Solu3on  Diagram    

UT  Web  

       Internet  

Rackspace  www.utexas.edu Emergency Presence

On-Campus UTWeb

www.utexas.edu Request

Apache Reverse Proxy

Web  Central  

www.utexas.edu

Nginx Reverse Proxy

On-Campus UTWeb Other

Domain Request

Off-Campus UTWeb

www.utexas.edu Request

Off-Campus UTWeb Other

Domain Request

5  

File  System  Layer  

UT  Web  Detail  

Networking  Layer  

Applica1on  Layer  

Database  Layer  

Storage  Layer  

Red  Hat  Instance  GlusterFS  w/  NFS  

Red  Hat  Instance  GlusterFS  w/  NFS  

MySQL  Clustered  Instances  

MySQL  Clustered  Instances  

VMin  1  

VMin  2  

VMin  n  

Nginx URL Preservation & Load Balancer

CMin    1  

CMin  n  

Red Hat Instances VirtualMin Cluster

Red Hat Instances CloudMin Cluster

VMWare ESX Shared Storage Infrastructure

*Min Metadata

User Content

Other  Available  

UT-­‐Au

s1n  Re

sources  

Oracle  Instances  

UT Login

DNS

6  

Risk  /  Constraints  §  New  technology  components  are  being  implemented  

§  Implica1on:  Schedule/budget  impact;  ability  to  support  §  Mi1ga1on:  Proof-­‐of-­‐concept  will  be  done  to  validate  complex  

components;  Knowledge  transfer  to  ITS  resources    

§  Site  administrators  may  not  have  the  capacity  to  handle  migra3ons  prior  to  Fat  Cookie  target  re3rement  date  of  June  2014  §  Implica1on:  UT  Login  project  impact  §  Mi1ga1on:  Checkpoints  will  be  scheduled  throughout  build  

(technical  readiness)  and  migra1on  (customer  readiness)  phases;  Create  mi1ga1on  plan  for  UT  Login  dependency;  Early  communica1on  of  migra1on  plan  

   

7  

UT  Web  Project  Planned  Timeline  Oct

2013

Feb

2014

June

2014

Sep

2014

Web Central

UT Web

Self Managed Web Hosting

University Blogs Service (WordPress)

Wikis

Fat Cookie Retirement

Digital Experience Design

w/ Templates

Managed Drupal

Digital Experience Templates

WWW on

UT Web

Naming Standards Policy

Go/No Go on UT Login

Proof of Concept

Available

Environment Available for Migrations

Dec

2013

Jan

2014

Tentative Dates

No New Sites

Begin Build Phase

Technical Readiness Checkpoint

8  

Next  Steps  §  Ini3ate  Communica3on  Plan  

§  IT  Governance  §  Update  on  Web  Central  service  page  (and  related  pages)  §  Emails  to  it-­‐talk,  it-­‐updates,  webpub,  etc.  §  “FYI”  session  scheduled  for  October  23  §  Comprehensive  “how  to”  documenta1on  and  support  will  be  

available  to  Web  Central  customers  who  need  assistance  with  migra1on,  including  scheduled  “office  hours”  

§  Ini3ate  Build  Phase  §  Finalize  technical  design  §  Develop  proof-­‐of-­‐concept  to  test  the  design  §  Technical  readiness  checkpoints