Welcome to the Technical Architecture & Security Site

The charge of our subcommittee is to identify three projects in their area that they consider most important. For each project, a Budget Request Proposal form (BRP) should be completed. As the ITS liaison, you are expected to assist and give support to the BRP completion process.

For the February 14th ITSPAC meeting, the subcommittee needs to identify and report on the three projects being proposed. The completed BRPs will be due by March 15th.

The next meeting of this group will be February 8th @ 11:00 am in KSL 212B. The agenda for this meeting will be to review/revise preliminary budget request proposals that Jeff will bring to the meeting.

[edit] Proposed Recommendations

1) Collaboration Suite

Overview - T.Knab, T.Siu, R.Ryan

Oracle Collaboration Suite 10g provides the tools to collaborate securely from within enterprise business processes and applications, utilizing a relational database. Oracle Collaboration Suite consolidates IT infrastructure, offering the opportunity to reduce hardware, software, and administration costs. Features include:

Content Services: Enterprise-scalable and secure content management solution that extends the value of content by making it accessible to all workers, while reducing business risk and facilitating regulatory compliance.

Real-time Collaboration: Secure, presence-aware, integrated solution enabling individuals, teams and entire organizations to detect presence and communicate collaboratively.

Unified Messaging: A unified inbox for email, calendar, voicemail, faxes and threaded discussions. Enterprise-wide Web and mobile access supports diverse work styles and information needs.

Workspaces: A team-based view to track and manage content and communications securely in the context of the business process. Workspaces provide a single place to capture, organize and view documents, meetings, tasks, email, discussions and announcements related to any project or process.

Centrally managed information to ease regulatory compliance: Oracle Collaboration Suite 10g offers an adaptable platform to mitigate risk and strengthen corporate compliance by managing email, electronic documents,instant messages, voicemail, fax, and Web conferences in a database repository. OCS can facilitate establishing process controls across all content with a centralized repository to cost-effectively audit, retain, archive, and manage content for compliance - and to react with agility when new regulattions appear.

Oracle e-Portfolio: Although designed as a stand-alone product, it uses the same database, same portal and same application server Case supports. To the end user, it would just be another window into the online environment they already know. Savings in development, integration, training, support and hardware/software needs at the TCO level would be phenomenal. Sharing the same database as OCS would allow multiple access to your online portfolio besides the ePortfolio Portal (i.e. webDAV, mounted drive, MyCASE, etc.)

Security Risks Addressed: - Inadvertent or Deliberate Disclosure of Sensitive Information: The ability to work collaboratively using networked tools with a select user group while maintaining confidentiality of sensitive information would be provided by the utility of the Oracle Collaboration Suite (OCS). The abilty to encrypt information while in transit between clients and the OCS will reduce the possibility of inadvetent disclosure (currently files are transferred using open text email). The ability to have fine-grained access controls to projects will provide for audit trails and change control. If all sensitive data is managed through OCS, the effort of providing access control to muliple systems in a consistent manner can be redirected to improvments in the authtentication systems to control user credentials. If implemented with specific controls, a PKI solution may become unnecessary from the standpoint of email communications for sensitive data.

Oracle Collaboration Suite FY07 impact:

 -Secure collaborative workspaces with workflow
 -Unified Messaging
 -Email Upgrade
 -Calendar Upgrade
 -Web conferencing
 -Platform for integration with enterprise videoconferencing solution
 -IM
 -Enhanced system security
 -Oracle Real Application Clusters (RAC) deployment
 -Integrated platform for e-Portfolio, Portal and HTMLDB
 -Enterprise platform for Case paperless administrative operations

2) Disk Storage

Overview - N.Lambert
Making disk storage available for the entire campus is a key technical architecture priority that many of the other 2007 ITS priorities will rely upon. While the need is readily understood, there is no clear, affordable plan to implement a campus wide storage system. The biggest obstacle for implementing such a solution will be cost. This sub-committee is willing to discuss and make recommendations regarding an equitable cost model that decentralized and centralized departments can sustain.

Features

  -some entitlement for entire campus
  -ability for departments to purchase more capacity on employee's behalf
  -cost certainty for departments
  -integration of mail, calendar, voice-mail, and data into one employee directory
  -integration with essential data backup services

Security Risks Addressed: - Loss and Destruction of data: archival of data in a centrally managed capability can reduce lost work hours in data recovery and maintain data availability.

3) Security Enhancements

Overview - T.Siu

The desired enhancements to implement security-driven requirements have been added to the overall features of the top priorities. The enterprise-wide risk management methodology drives us to see risks in the implementation of technolgy initiatives as well as identify (and eventually quantify) the risks that these initiatives are driven to address and mitigate.

Features

  -Data Encryption
  -Log Aggregation (MARS)
  -PKI
  -Identity Management

4) Data Center

Overview - J.Gumpf

A new data center is proposed to be located at University West. This data center will make available approximately 8000 square feet of usable floor space, provide tier 2 plus reliability, provide appropriate power and HVAC for modern computer systems, and provide a hoteling space for 3rd party servers. A plan for this data center has been prepared and is ready to go out for RFP. A budget has been prepared for University management for costs associated with creating the data center.

The construction of this new primary data center would allow ITS to vacate the existing data center at Kelvin Smith Library. The KSL data center presents a number of potential risks in its current configuration.

In addition to the construction of the physical data center, a transition plan, including server consolidation was prepared. This would replace some old and outdated servers with new servers that conform to the hardware and operating system platform standards that have been adopted by ITS. This consolidation also includes plans for creating or improving the redundancy of critical applications and enterprise storage across more than one data center.

This new data center would be connected into the University network infrastructure with new additional backbone cabling.

Features

  -Hot read/write storage
  -Server consolidation
  -Network Backbone upgrades
     -National Lambda Rail
     -Carrier traffic -> Outside world
     -Redundant Off-campus connections

Additional items not discussed

  The need to move to Active Directory. This falls under both architecture 
     and security.
  Is there a funding mechanism in place to a lot for the replacement of major 
     hardware as it becomes obsolete and breaks?

Security Risks Addressed: - Physical Access to Data Centers- current impact to data centers is high with inadequate physical access controls, HVAC, power availabilty, and redundancy. The impact of this risk is interuption of service to prime network based applications. Additional impacts include reputation loss, in terms of customer confidence and collaborating institutions (UC, OneCleveland, NLR, etc.)