Skip to the content of the web site.

Planning Documents

IST Annual Plan, 2005-2006

Contents

  1. Executive Summary
  2. Planning, Mission and Guiding Principles
  3. Information Systems
  4. Support Initiatives
  5. Infrastructure
  6. Enhancing our effectiveness

Final update in May, 2006.

1. Executive Summary

This plan is updated annually at the spring IST management retreat and adjusted throughout the year to track progress. Planning is led by the IST managment team, with input from IST staff and the University community through numerous formal and informal information technology committees and discussion forums.

Upgrading the network backbone and upgrading the Human Resources Management system are two significant initiatives for the coming year. The new network backbone will provide increased speeds, core security services and will facilitate UW's distributed network management model. The Human Resources system will be upgraded to version 8.9 of this Peoplesoft application along with an upgrade of the underlying database to Oracle version 10g. Redesigning business processes, enhancing reporting capabilities and adding new functionality are all part of the planned enhancements.

Information systems go through regular upgrades to stay within the vendor's support window. Last year, a major upgrade to the student information system was completed. Developments continue on this version with support for electronic marks submission, recruitment and other functionality. Planned enhancements to the University's financial systems include: electronic month-end financial statements, a web-based purchase requisition system and the implementation of a University procurement card. Changes to the CECS JobMine system include enhancements in scheduling, usability and functionality. (Addition Dec 2005: Administrative Project Milestones)

Last year's plan included a desktop rollover project to manage the orderly replacement of personal computers in the academic support units. With the initial phase of the project now complete, IST will begin to deliver replacements for aging equipment in these units.

Student computing has been changing in recent years. With the installation of wireless capabilities and the declining costs of notebook computers, students are quickly taking advantage of productivity increases made possible by these devices. The student notebook project will examine successful support models at other institutions and consider how the University can best support students in their use of notebook computers.

Supporting the University's move to the new "common look and feel" and identity management and services for life are two of the many other projects described in this plan. But, what are not described, are a multitude of day-to-day activities such as: installing network connections and telephones, repairing computers, assisting our clients and providing information systems and services to the students, faculty and staff of the University.

2. Mission and Guiding Principles

Mission

IST's mission is to provide UW with effective information systems, technology and services for administration, teaching and research. Information systems include the registration systems that students use to enroll in courses, the job search systems used by coop students, the financial systems that UW uses to pay its bills and a multitude of others. The information technology infrastructure includes the campus voice/data network, the central computing facilities, and the related services, support, and training available to students, faculty, and staff.

Guiding principles

  1. Work in partnership with individuals, departments, and the UW community at large to ensure that the systems and technology serve the needs of UW. Recognize the involvement of the UW community, both direct and indirect, as essential to the successful management and evolution of UW's information systems, technology and services.
  2. Establish strategies to manage the increasing complexity and costs of maintaining and managing the evolution UW's portfolio of systems, technology and services.
  3. Focus on sustainable systems:
    • Unless there are compelling reasons to do otherwise, use products supported by open-source organizations or vendors rather than locally developed systems.
    • Stay within the vendor's "currently supported" window.
    • Prefer market leaders over "bleeding edge" technologies and products.
    • Prefer standards over proprietary vendor implementations.
  4. Encourage and facilitate the self-reliance of students, faculty, and staff.
  5. Be selective in the introduction of new services by assessing their value and costs. Be proactive in eliminating systems and services that become under-used in order to free resources and streamline operations.

IST must be instrumental in transforming UW processes in response to changes in technology, requirements of third parties such as governments, and changes motivated by the benefits they can bring.

To that end, new systems and technology must be investigated and the most appropriate acquired and supported as part of UW's current portfolio. Equally important, IST must vigorously assist and promote the elimination of "trailing edge" technology, to ensure that UW's systems and technology remain modern and can be properly maintained.

3. Information Systems

Human Resources and Student Administration

The most recent version of the PeopleSoft's HR and SA systems enable web access, including traditional administrative office functions and newer self-service capabilities. In addition to tracking the evolution of technologies, on-going production support of current ones, and keeping pace with business-dictated changes (taxes, patch bundles, year-end, etc.), we will take advantage of as many web-enabled "self service" opportunities as we can to help reduce data entry, transcription error rates, reports, and simple queries currently requiring staff attention.

We continue the investigation of the impact of version 8.9 of HR and SA as information becomes available from PeopleSoft. PeopleSoft version 8.9 introduces a "Person Model" which may have significant implications in terms of upgrading both HR and SA. In addition to the PeopleSoft functional and technology changes, there (update dec 2005, replace 'may' with) will also be a need to upgrade the underlying environments (e.g., Oracle 10g).

Update Dec 2005: Another key objective of the HR8.9 upgrade is to begin to position the system for the transition to Oracle's new Fusion environment by limiting and reducing existing customizations.

The major areas of focus for continued development of the HR system include the following:

  1. Transfer faculty salary increase business process from Institutional Analysis and Planning to Human Resources, including rewriting the faculty salary increase process using PeopleSoft Tools.
    Timing: fall, 2005
    Update Dec 2005: Completed.
  2. Implement second phase of multiple jobs and faculty information, including multiple jobs for staff and others, biographic data conversion from IAP Faculty system, and related decision support tools.
    Timing: May 2005
    Update Dec 2005: Completed.
  3. Upgrade PeopleSoft HRMS to version 8.9 to sustain maintenance contract/remain on supported version.
    Timing: June, 2006
    Update Dec 2005: underway and on target for June, 2006 completion.
    Update May 2006: go-live July 2006
  4. Implement Budget Rollover functionality for salary budgets (addition, Dec 2005) for FY2005/2006.
    Timing: May, 2005
    Update Dec 2005: completed.
  5. Addition Dec 2005: Implement Budget Rollover functionality for salary budgets for FY2006/2007.
    Timing: May, 2006.
    Update May 2006: completed April 2006
  6. Upgrade SMS/I-Budgets to Oracle 10g and for automated budget rollover.
    Timing: August 2005
    Update Dec 2005: delayed by vendor; upgrade will be to 9i; completion date to be reset once vendor releases upgrade.
    Update May 2006: completed March 2006
  7. Expand the use of reporting and decision-support tools (e.g., Crystall, Cognos, data marts)
    Timing: anticipated 2006.
    Update Dec 2005: ongoing - one faculty datamart now in place; others will follow.
  8. Job Description Project
    Timing: December 2006
    Update Dec 2005: underway; new target completion date is February, 2006 for initial roll-out.
    Update May 2006: target June 2006
  9. Upgrade BenPlus (pension) system off Oracle 8i and investigate
    employee self-service for pension projections
    Timing: no date set

The major areas of focus for continued development of the Quest system include the following:

  1. Implement an electronic marks submission system.
    Timing: August 2005
    Update Dec 2005: Pilot in production August 2005 / Full production November 2005.
    Update May 2006: completed
  2. Implement recruitment functionality (contacts and requests for information).
    Timing: August 2005
    Update Dec 2005: Undergraduate phase I recruitment in production August 2005 - phase II has undefined requirements / implementation date in 2006 + Graduate recruitment in development / testing  - delays in requirements / testing - completion date not defined.
    Update May 2006: Grad Studies go-live target July 2006
  3. Provide applicant access to Quest self-service.
    Timing: October 2005
    Update Dec 2005: in development / testing - ongoing - delays in requirements / testing (also due to other development priorities).
    Update May 2006: go-live target August 2006
  4. Implement a course enrolment management system to capture course demand information that will support timetable development and initial enrolment activities.
    Timing: Begin development Fall 2005
    Update Dec 2005: Incorrect goal - analysis and some level of requirements for Fall 2005. Analysis largely complete now - functional and technical requirements definition / design will start in January (somewhat delayed due to problems in arranging faculty meetings and technical leader addressing other priorities).
    Update May 2006: Assessing buy/build options subject to resolution of functional resource issues.
  5. Develop a Financial Aid Unmet Need Process
    Timing: Begin analysis Summer 2005
    Update Dec 2005: manual process continuing - no development started - this project is a moving target in reference to functional requirements and for changes to file structure / content by the Ministry.
  6. Implement an Academic Calendar Maintenance system.
    Timing: Winter 2006
    Update Dec 2005: custom application for RO / GSO / DE purchased by IST with implementation date of March 2006 - progress on target - server purchased and in place awaiting installation of application in January.
    Update May 2006: go-live May 2006
  7. Implement the ESIS Government Reporting System.
    Timing: TBD
    Update Dec 2005: waiting for functional requirements from IAP
  8. Upgrade PeopleSoft SA to version 8.9 to sustain maintenance contract/remain on supported version.
    Timing: Begin planning Winter 2006
    Update Dec 2005: overall planning directions completed - detailed planning will occur in new year. Upgrade to PS tools version 8.22 will occur in June to November 2006. Detailed upgrade planning for PS SA version 8.9 will start in January 2007 or earlier. Upgrade target for implementing PS SA version 8.9 (or 9.0) will be February 2008.
    Update May 2006: Considering an upgrade project running from Nov. 2006 to Nov. 2007 (with a contingency of Feb. 2008)
  9. (addition May 2006) Upgrade to Ad Astra 6.0 (room bookings)
    Timing: Sept. 2006
  10. (addition May 2006) Implement the new Tuition Fee Policy which allows for tuition fee differentiation based on program and year of study.
    Timing: July 2006

Financial Systems

The upgrade of Oracle Financials completed early in 2004 implemented a web based graphical user interface for the application and provides a solid platform for future enhancements. In addition to many short duration development and maintenance projects, several major initiatives are planned for the 2005/2006 fiscal year including:
  1. Replacement of paper month-end financial statements with electronic versions delivered via the web.
    Timing: Phased implementation ongoing with completion scheduled for Fall, 2005
    Update Dec 2005: all phases complete except Research fund which is scheduled for implementation in Winter 2006.
    Update May 2006: Complete
  2. Implementation of web based purchase requisition entry system
    Timing: August, 2005
    Update Dec 2005: complete
  3. Implementation of the Oracle Assets module.
    Timing: completed in May 2005
    Update Dec 2005: complete
  4. Implementation of a University procurement card
    Timing: Pilot implementation: late 2005 or early 2006
    Update Dec 2005: pilot implementation: April 2006
    Update May 2006: Pilot implementation May 2006
  5. Added Dec 2005: E-commerce credit card processing. 
    Timing: Pilot implementation: April 2006. Other implementations begin: Summer 2006
    Update May 2006: Pilot implementation May 2006
  6. Added Dec 2005: Receiving/Delivery system implementation.
    Timing: Summer 2006
  7. Added Dec 2005: Oracle Financials 11.5.10 upgrade.
    Timing: Winter 2006 - January 2007

Web-server and Application Development Infrastructure

IST will track the development of Web standards and products and continue to enhance the web systems infrastructure to support web-based applications. Where necessary we will make use of business application toolkits (e.g., PS tools 8) to supplement functionality not available in vendor distributed software.

  1. In cooperation with other departments (e.g., Finance) provide the web infrastructure to meet requirements identified in the Report of the Ad-Hoc Committee on Electronic Commerce.
    Update Dec. 2005: this objective have been incorporated in the E-commerce credit card processing project in the Financial Systems section of this document.
  2. Review best practices and strategies for consistency amongst projects and to meet audit requirements, including a review of development standards and methodologies and change management controls.
    Timing: April 2006

CECS (JobMine)

JobMine is the principle CECS application used by coop students and employeers. It provides core recordkeeping for employers, jobs, students and their work terms, as well as employer and student self-service modules, match capabilities, interview scheduling and reporting.

  1. Focus on data integrity, training and procedural issues, interface revisions with SA, access for faculty support staff, application functional and technical documentation and additional help and support information in an online interactive repository.
    Timing: Spring 2005
    Update Dec 2005: priority changes completed Spring 2005.
  2. Program for business process changes that may be made within CECS to help with the current difficulties being experienced in placing coop students.
    Timing: Fall 2005
    Update Dec 2005: completed Fall 2005. Additional changes requested for Winter 2006 now that methodology and program is permanent.
    Update May 2006: Now undergoing a major process examination with Management Sciences. Preliminary recommendations expected in August 2006 and more in January 2007.
  3. Upgrade to PeopleTools 8.4. This may include the introduction of additional portal and workflow functionality.
    Timing: Fall 2005
    Update Dec 2005: Initial work for the upgrade, including development server acquisition has begun. Go-live set for August 2006.
    Update May 2006: More work on documentation, for example, required for the 8.4 upgrade. Development instance available in May 2006. Decision on the move to 8.4 or a deferral in June. Process review described above may impact this.
  4. Implement the first phase of a full decision support framework. This will include a separate database environment, the use of Cognos reporting tools, a repository of statistical and summary information and broader access to reports for field staff and those in other areas of the university.
    Timing: Fall 2005
    Update Dec 2005: Initial statistical reporting set for February 2006. Further design to take place in Winter 2006. Development set for Spring 2006.
    Update May 2006: Impromptu now setup for basic reporting to the production database.
    Initiated a series of studies for a) decision support b) document management c) usability and workflow d) mobile access e) employer services. Reports due in June 2006.
  5. Enhance employer scheduling and staff usability.
    Timing: Winter 2006
    Update Dec 2005: Additional workflow and usability study planned for Winter 2006.

Office of Development and Alumni Affairs

ODAA is responsible for helping alumni maintain their connection with UW and with other alumni and with key fundraising activities, including Campaign Waterloo. The core business is supported by Benefactor from Datatel and was implemented in 1992. Datatel has undertaken a major shift in its product line, with Benefactor no longer existing in its current form after 2008. The department also supports a number of smaller database applications developed by ODAA including a e-community service, Campus Call's call center application.

  1. Upgrade of the Benefactor system from Datatel to current support levels. This includes the acquisition of a new IBM server environment. Benefactor will be upgraded to release 5.1, the Envision toolkit to 4.7.1, AIX to version 5.2 and Unidata to 6.1.3. Implementation of the new "datamart" module will also be included.
    Timing: Spring 2005 (live September 1)
    Update Dec 2005: upgrade began October 2005 with new IBM server running AIX Version 5.2. Go-live set for February 2006.
    Update May 2006: System live in February 2006 (some cleanup and followup in March).
  2. Investigate options for a new information system which would include core functionality and new self-service components, appropriate reporting and data warehousing capabilities and interfaces to external systems such as that used in the Call Center. This includes the completion of a new budget and funding proposal, issuance of an RFP, formation of the project team and initial project start-up.
    Timing: Fall 2005
    Update Dec 2005: RFP creation has begun, to be released January 2006.
    Update May 2006: RFP issued in March 2006. Responses received and evaluation now underway. Decision anticipated in May/June 2006.

Library

  1. Addition Dec 2005: Library Endeavor/Voyager upgrade to release 5 and Unicode set for August 2006.
  2. Update May 2006: Actual dates are August 17 – 19.
  3. Update May 2006: Federated Identity pilot for Shiboleth and ScholarsPortal underway with other Ontario institutions.

Institutional Analysis and Planning

  1. Addition Dec 2005: IAP Count Date and Data Warehouse charter now complete. Project set to begin Winter 2006.
  2. Addition May 2006: IAP staff have begun analysis on additional tables required. Phase I (“count date copies”) to be completed Fall 2006.
  3. Addition May 2006: Phase II (“ data warehouse”) which will include an analysis of all areas to begin Summer 2006. Will impact other IS areas.

Ancillaries

  1. Update May 2006: Housing review – discussions pending – Summer 2006
  2. Update May 2006: Review of other areas – Fall 2006

Support for Departmental Information Systems

With the primary focus of the AT group on institutional information systems, IST has only been able to provide limited support for departmental information systems.

  1. Develop an inventory of client-managed applications.
  2. Develop a proposal for how IST could be more involved in the support of departmental applications to minimize risks to the institution.
    Update Dec 2005: no progress.

Information Systems - the Trailing Edge

Development and production systems for Universe-based applications need to be moved to current, supported hardware/software platforms and a replacement for Student Awards needs to be investigated.

  1. Move the Research Awards application to a current, supported hardware/software platform and begin the investigation of its replacement.
    Timing: August, 2005
    Update Dec 2005: revised to January, 2006.
    Update May 2006: Complete
  2. Upgrade to a more recent version of the Ratex system installed on a current, supported hardware/software platform.
    Timing: Oct, 2005
    Update Dec 2005: a new Sun server, rs2, runs Solaris 9. The timing changed to February 2006.
    Update May 2006: Compete
  3. Addition Dec 2005: Sirius/Orion acquired in Fall 2005 for Audio-Visual to replace Medianet. Go-live set for February/March 2006.
    Update May 2006: Go-live set for May, 2006
  4. Update May 2006: Decommission – Final archive of any remaining data for old systems (e.g. Fixed Assets, CERVIS, etc.). – June 2006

4. Support Initiatives

Student Notebooks

The computing landscape is changing; while the labs containing row-on-row of computers are still extensively used, many students are opting for the convenience of their own notebook computer.

  1. Work with Faculties to develop a statement and recommendations on notebook purchases.
  2. Identify successful models being used by other Universities to support student notebooks.
  3. Many services are already available to students: virus protection (SAV), windows update (SUS), file storage (nexus). Identify and provide the additional services required, e.g., printing, backup services.
    Update May 2006: the mypc web site provides valuable information for students and a CSAG subcommittee has been struck to consider the issue of printing.

Turnover of Desktop Equipment

Develop a program for the regular turnover of desktop equipment in the academic support units of the University.

  1. Develop a partnership with a supplier of desktop equipment.
    Timing: June, 2005
    Update Dec 2005: completed, June 2005.
  2. Develop processes to manage the orderly turnover of equipment in the academic support units.
    Timing: summer, 2005
    Update Dec 2005: initial processes in place and successful. Process review planned for winter, 2006.
    Update May 2006: processes have been refined and are working effectively. A review of our partnership agreement with the supplier is planned for May/June.
  3. Explore how the benefits of the program might be extended into other areas.
    Update May 2006: purchase option has been extended to faculties and staff for personal purchases.
    Update May 2006: IST Hardware Services intends to provide a service level to all UW departments to enable technician to technician dialog on Dell equipment, enhancing the support over the Dell front line support. Dell will continue to provide direct warranty services and detailed technical services.

Technical advancement and support of UW's web space

IST serves on and supports the work of the UW Web Steering Committee and Web Operations Team. The Web Steering Committee has identified the need for the University to select and support technologies that will simplify the task of maintaining the UW Web space and allow us to more easily respond to changing requirements, both internal (e.g., the UW Marketing Committee) and external (e.g., accessibility legislation) to the University.

The IST Web Technical Advancement and Support team will continue to "determine what technical direction and support IST should be providing for the UW web space". To do this we need to identify technological requirements, explore solutions to these requirements, and install and test possible candidates.

  1. Provide training and support for departments in their migration to the new UW Common Look and Feel (CLF).
    Timing: summer and fall, 2005
    Update Dec 2005: 75 % UW organizational units have converted to new CLF.
    Update May 2006: Staff in Client Services have been reorganized to target Web support through the Web Operations Team. Need to establish reputation of team as a campus resource, develop skills and track changes in requirements and technologies.
    Update May 2006: Training programs has been completely revamped to meet requirements of Web developers. 80% have converted to CLF.
    Update May 2006: Guidelines have been developed for developers of dynamic content pages using PHP/MySQL.
  2. Evaluate Contribute Publishing Service
    Timing: Fall, 2005.
    Update Dec 2005: low priority, evaluation deferred until 2006.

Support for Electronic Classrooms

While convergences in industry are driving technologies such as video, audio and data together UW personnel with expertise and responsibilities in those technology areas report to separate departments. Audio-Visual provides data projectors, DVD players, sound systems, etc., and IST provides network drops, wireless, podium computers, and software. Both need to cooperate when equipping classrooms, along with Plant Operations (renovations, specialized furnishings, etc.), Scheduling, Registrar, and Faculty consulting offices.

UW needs to develop a strategy with respect to the next generation of electronic classroom equipment and uses, including the role of IP videoconferencing for connecting internally within the campus as well as with remote sites. There is no established Quality of Service or prioritized network use for the campus network which would guide the installation of new audio visual or data devices needing a slice of the campus network bandwidth. In creating new e-classrooms it is not obvious if or how professors and students are engaged in the process.

Addition Dec 2005: End-to-end Quality of Service is not currently implemented in the campus network; it is however planned for the next-generation network (see bullet 2, Campus Network section). The standards-based QoS model that will be implemented this year provides for the protection and reliable transmission of voice, video, and critical data, while mitigating network denial-of-service attacks.

Addition May 2006: A "QoS design and implementation" plan has been drafted for discussion with CNAG. Implementation will be pursued in the 2006-2007 cycle.

This type of technology convergence is not limited to e-classrooms. There is also some demand for meeting rooms with capabilities to interconnect with other locations, and also for alternative methods to provide broadcasts from various sources, including using internet streaming formats.

  1. The Associate Provost-IST should convene meetings with the Associate VP-Learning Resources and Innovation, and the Associate Provost Academic and Student Affairs to develop options to resolve the coordination challenges mentioned above. (As example, assigning a manager to oversee new e-classroom installations, and or establishing an advisory group to recommend campus directions for e-classroom and other electronic media facilities support.)
    Timing:
    Update Dec 2005: A new group has been established within IST in support of instructional technology and services. Part of its role will be to help converge the IST and AV instructional services.
    Update May 2006: AV is now part of IST's Instructional Technology and Services.

Learning Technologies

IST supports a basic online course management infrastructure (systems, training, documentation, technical expertise), called UW-ACE, in collaboration with the Centre for Learning and Teaching Through Technology (LT3) and Faculty consulting units. Guidance for UW-ACE is provided through the UW-ACE Steering Committee.
Update Dec 2005: A new group has been established within IST in support of instructional technology and services.

  1. Support the transition of online courses offered by Distance Education to UW-ACE, in order to provide seamlessness between DE and on-campus courses, and to encourage reuse.
    Timing: fall, 2005
    Update Dec 2005: completed. DE moved 50 courses to UW-ACE in Fall 2005, and has 57 in Winter 2006. DE and IST still to organize ongoing DE instructor and student support in UW-ACE.
  2. Develop a plan to integrate UW-ACE with the campus student record and course data. Examples include SA data for course schedules and instructors (registering courses in UW-ACE), rosters (registering students in UW-ACE), and final grade submissions from UW-ACE.
    Timing: August, 2005
    Update Dec 2005: Final grades submission completed Fall 2005 (export from course to file format for new Quest grade import).
    Update May 2006:     A project is posted to the SISP group to provide additional data for roster updates (e.g., WD status). Timing: Dependent on SISP group.
    .
  3. Develop an architecture and a process and implementation plan for recovery of UW-ACE systems and data in event of system failures or disasters. (See also the related Availability Management item.)
    Timing: Finalize plan by September 2005.
    Update Dec 2005: Planning completed. Implemented multiple front end web servers, moved data to Net Apps device. Fall-back SQL Server not complete. Systems will be distributed when second server room ready.
    Update May 2006: One of the front-end servers is ready as the back-up SQL Server. SQL database moved to the NetApp. Two front-end servers installed in second server room.

Training and Support

IST provides high-quality training and support programs to the university community in the effective use of information systems and technology.

  1. Collaborate with the Faculties on the management of Web pages describing information technologies at the University.
    Timing: in progress
    Update Dec 2005: some discussion at FACCUS; to be reviewed in winter 2006.
    Update May 2006: IST training materials have been made available to all faculties. Other collaboration activities will continue as appropriate.
  2. Provide advanced training for IT support staff in the academic support units on windows management technologies.
    Timing:
    Update Dec 2005: to be organized for winter, 2006.
    Update May 2006: being planned for August/September.
  3. Refocus training to more advanced topic (added May 2006)
  4. Prepare for training and support of Vista and Office 2007 (added May 2006)

Collaborative Environments

Reseach and academic support activities benefit from a collaborative work environment that provides the tools for communication forums and for the sharing of documents.

  1. Provide a collaborative environment to support research and academic support groups using Windows Sharepoint Services. This will be reviewed at the end of the year.
    Update Dec 2005: Sharepoint server installed in summer, 2005. Is being used by 10 groups from across campus including the previous Webboard users. Webboard will not be supported after Feb. 24, 2006.
    Update May 2006: Sharepoint services is now being used by 20 groups.
  2. Track developments in phpBB that would allow the consolidation of the various bulletin board forums into a single, supported instance.
    Update Dec 2005: multiple instances of phpBB have been installed as required functionality is still not supported.

Enhanced Support for UW Users of RIM Blackberry (Addition, May 2006)

Wireless communication devices such as the BlackBerry from RIM continue to grow in popularity on campus. Users of these devices require the ability to conveniently communicate and synchronize with corporate servers, for example, for email and meeting scheduling with Oracle Calendar ("Bookit").

  1. Recommend a set of services that UW should provide to enhance the use of the RIM BlackBerry on campus. Such a recommendation would come from examination of both the services required and the available options to provide those services.
    Completed May 2006
  2. Implement the recommended service(s) for a pilot group of users, monitor the results and develop recommendations for ongoing support.

5. Infrastructure

Identity Management and Services for Life

An identity-management information system is at the heart of all applications that require information about the people who are authorized to use UW's resources and the various roles they have within the institution. New capabilities must be provided to support the University's interest in maintaining life-long relationships with its constituents.

  1. Enhance the current UWdir facility (technology and processes) to address short-term deficiencies:
    • Change the UWdir query facility to use the LDAP interface to the "ADS" Active Directory, and abandon use of PH/CSO.
      Timing:
    • Move the UWdir data to a relational database.
      Timing:
    • Determine what LDAP-enabled applications require data in addition to what is stored in ADS, and implement a single consolidated LDAP service for those applications (Bookit, the telephone system, mail services cluster, etc?), with back-end proxying to the ADS data.
      Timing:
      Update Dec 2005: The move to LDAP from CSO/PH and move to relational database is in progress. Tentative production date for new service(s) set for February 2006.
      Update May 2006: Go-live for Phase I set for May 15, 2006
  2. Develop a proposal to address long term issues of identity management and services for life.
    Update Dec 2005: phase II now underway (e.g. charter, RFP, vendor demonstrations). Email issues now included under separate project.
    Update May 2006: Consultation with UCIST/campus and IST as required. RFP to be issued late May or early June 2006.

Campus network

The needs for newer technologies continue to evolve, both on campus and between universities in conjunction with UW's connection to Ontario's gigabit-speeds ORION network. Performance-sensitive applications such as IP telephony (VoIP), IP videoconferencing, IP video-distribution multicasting, and other IP multimedia applications will require "Quality of Service" queuing and policy administration. Growing security concerns require sophisticated connection-authentication, firewall, and intrusion-prevention products. Growth in massive-volume applications will eventually introduce the need for beyond-Gigabit speeds in some parts of the network.

  1. Provide better tools for DNS/DHCP administration (DNS component complete, DHCP still required)
    Timing: August, 2005
    Update Dec 2005: Completed
  2. Replace the obsolete backbone-network Cisco Catalyst 55XX devices with "next generation" switch/router devices that will provide QoS policy management for IP voice and video, additional traffic-management and security-policy functions, and will facilitate the "distributed network management" model for the Faculty-managed sections of the network.
    Timing: before end of 2005
    Update Dec 2005: Issued RFP 05-17, selected Cisco. The two Catalyst 6500 switch/router devices to create the new core has arrived and should be in production by March. A redesign of ResNet to replace its 3 C5505s with C3750s is now being planned. Replacement of the other six C5505s is tied to the "security services" item following. Work will then be required to design and implement a "QoS policy" strategy; timing TBD.
    Update May, 2006: The two new core Cisco Catalyst 6509 switch/routers were implemented in March. The two obsolete C5500s were removed and returned to Cisco for credit to offset the cost of the 6509s.
    A "QoS design and implementation" plan has been drafted for discussion with CNAG and will be pursued as part of the 2006-2007 plan.
    We have had an initial discussion with BWalker concerning his visions for a next-generation ResNet, and have deferred replacement of the obsolete ResNet C5505s until the next-generation ResNet requirements have been defined.
    Replacement of the other obsolete C5505 constituency-aggregation switch/router devices will begin once we have completed the assessment of alternatives.
  3. Add core security services to campus network.
    Timing: before end of 2005
    Update Dec 2005: Issued RFI 05-19 and assessed responses. Issued RFP 05-32 for "core and constituency-aggregation security services"; now evaluating responses. By end of February, we hope to complete the assessment and decide on the best solution(s) for each of the constituency-aggregation points: one for the external connections, six to eight for the Faculty/School networks, one for the IST servers, two for the academic-support networks, and one for ResNet. (And we will then be able to determine how and when we can take the six C5505 core-aggregation switches out of service.)
    Update May 2006: The "constituency-aggregation security" (RFP 05-32) assessment concluded at the end of February and we progressed to an "acceptance testing" phase with Nokia hardware and Checkpoint software. We will use two Nokia IP560s for the external-networks constituency, to be in place before the start of the Fall term. The experience from this will determine the sizing and timing of Nokia devices for the campus-internal constituencies (ResNet, the IST central servers, the Faculties, and the academic-support sector) in 2007.
  4. Work to institute a procedure requiring the involvement of IST in the planning of new buildings, building renovations and any other significant changes affecting the campus network.
    Timing:
    Update Dec 2005: improved communications and increased involvement of IST in these processes; this item is now resolved.

Security Management

Support staff throughout the university are expending ever-increasing time dealing with infected computing systems. Improvements to security-architecture practices and infrastructure will reduce the need to repair.

  1. The outcome of the Core Security Services project will equip the new core of the campus network with distributed-management security including per-constituency intrusion prevention. This will enable constituency administrators to change the current "block some protocols, admit all others" rulesets to a much safer "admit some, block all others", both between constituencies and to/from the external connections.
    Update Feb 26: essentially complete, preferred vendor to be announced and purchases to follow for core security appliances. To provide Stateful Firewall, Intrusion Detection/Prevention and Virtual Private Networks (VPN).
    Update May, 2006: (See update in Campus Network, item 3)
  2. Continue to enhance the mail-checking mechanisms provided by the MailServices cluster, and motivate more mail-facility operators to use it.
    Update Feb 26: essentially complete -- a production service that works well with good compliance.
  3. Assist in the 2005 internal-audit review of information-systems practices.
    Update Dec 2005: completed the review components - now to act on suggestions.
  4. Participate in the UCIST initiative to create "best practices" incident-handling procedures for network and computing-system administrators.
    Update Feb 26: stalled.
  5. Continue the implementation of the "enhanced-security subnets" mechanism that rejects incoming traffic to a computer unless it is in response to traffic initiated by that computer.
    Update Feb 26: essentially complete (within Academic Support and Resnet) -- network reorganization and new security appliances delivered during network upgrades will present additional opportunties.
  6. Continue to improve the mechanisms that scan for spyware/malware and other vulnerabilities.
    Update Feb 2006: see Position Paper -- we are using Snort for Intrusion Detection, we archive Flow Data and we scan Resnet and NAA devices for patches.
  7. Continue to pursue the elimination of "clear text" protocols in favour of secure-mode alternatives.
    Update Feb 2006: concept demonstrated internally, now to configure systems we manage and to encourage others to follow
    Update May 2006: POP and SMTP protocols replaced with POPS and SMTPS. IMAPS delayed because of issues with mywaterloo - now resolved.
  8. Continue to track the evolution of edge-switch products that provide health-check admission controls and intrusive-behaviour prevention.
    Update Feb 2006: ongoing, MINUWet (by Nexus lab) is a good demonstration but the attractive features in edge-switch products are still out of reach (focus on VPN and Firewall features).

Availability Management

We intend to relocate critical components of the campus network and information-systems equipment across multiple locations. If a disaster makes one location unavailable, the objective is that the surviving network will continue without interruption and that we will be able to reconfigure the surviving information-systems equipment to provide service (albeit degraded) until replacement equipment can be put into production.

  1. Find a second campus-centric location large enough to contain one of the two core switch/router devices that are to be acquired as part of the "next-generation network" upgrade plus half of each of the servers for the critical network functions (DNS/DHCP, UWdir, ADS Active Directory, MailServices cluster, others TBD). Connect each constitency-aggregation switch/router to both core switch/routers.
    Update Dec 2005: The second C6500 will be located in PHY-211; installation should be complete before end of January. The SHARCNET machine room will be used as the second location for network-critical servers, when it becomes available.
  2. Find an alternate location for half of the information systems for which multiple servers exist, and for "production server here, development server there" distribution of single-server systems. Connect that equipment-room switch to both core switch/routers. If sufficient space can be found, ask the Faculties if they are interested in co-locating some of their critical equipment there.
    Update Dec 2005: The SHARCNET machine room will be used as the second location for critical servers, when it becomes available.

    Update May 2006 relating to the above 2 points: IST has nearly completed the first phase of server equipment moves to PHY 1002. The overall intent has been to address two areas. Those services provided in a "cluster" manner in which a number of servers provide a single function and thereby can provide the overall function should any one be disabled have been distributed in a manner such that some servers remain in MC1061 and some have been moved to PHY1002. The other intent is have enough equipment in a second location such that should our primary location fail we can restore our primary service without the delay associated with acquiring equipment. What this means is that we cannot immediately switch to an alternate Quest service, but there is enough equipment with sufficient capacity to "restore" the production service on different hardware.
  3. Ensure power/AC provisioning and monitoring at each location.
  4. Develop and regularly exercise a program to ensure that the information-systems "emergency reconfiguration" plan works as intended.
  5. Explore the costs of reducing other single points of failure (for example, a failover-bandwidth external connection for the campus network).
    Update Dec 2005: Status: Assessing options and costs for a failover Internet service. Expect completion before end of April. Options for related network-critical single points of failure still need to be assessed (eg: UW's connection to the ORION PoP).
    Update May, 2006: Still awaiting a low-cost or no-cost ORANO/ORION Internet fail-over service. If that doesn't happen, the expensive alternative is to contract with a local ISP.

Presence and Communications Management

The SIP (Session Initiation Protocol) family is the IETF-standards mechanism for multi-vendor interoperability of personal-communication applications and devices across a range of technologies including wired and wireless VoIP, traditional telephony, instant messaging, text pagers, and IP videoconferencing. Fundamental to the process are institutional SIP presence-management and call-completion servers which can used to control how one wishes to be contacted ... by whom and when and how, based on how/when/where the connection is made.

Vendors of telephony systems now claim that they have (or have plans for) SIP-based telephony systems. However, the SIP standards are still evolving. Pure-SIP telephony implementations currently support a few dozen features, whereas proprietary telephone systems offer hundreds of features.

IST has the opportunity to lead the way into this new way of communicating and lay the foundation for an institutional SIP service.

  1. Investigate open-source and commercial SIP servers and user applications/devices, and establish a prototype SIP service to demonstrate the abilities of presence management and vendor-independent integration of voice/VoIP/IM/video communication.
    Priority: low
    Timing: TBD.
    Update Dec 2005: timing, 2006.
  2. Investigate commerically-available SIP servers
    Update Dec 2005: timing, 2006.
  3. Participate in ORION project for VoIP between each participant institution's PBX facility and interaction with the Internet2 SIP project.
    Priority: low
    Timing: depends on the ORION community.

UNIX, Windows, Linux server support

IST will concentrate its server support focus on Sun Solaris, Microsoft Windows and Redhat Fedora Linux choosing the most suitable server platform on an application by application basis. We will maintain currency with vendor software and continue the shift from locally enhanced replacements of vendor software in favour of vendor supplied function whenever possible. We will continue to use the IST departmental Solaris server as first production test platform for Solaris enhancements.
  1. Terminate support for 32 bit archmaster irix65.
    Timing: August, 2005
    Update Dec 2005: completed.
  2. Move remaining AIX systems from machine room. These systems are currently used to support Universe applications and printing.
    Timing: Spring, 2006
    Update Dec 2005: This goes beyond the two services listed in the plan: Universe and printing. Clifford (the majordomo AIX) machine is finally gone. Universe and cosmos should be able to be shutdown once Research Awards moves to Solaris (January 2006). There are some file transfer processes that need to move that may delay that date. As well, there may be some archiving of data for cervis and studinq.
  3. Enhance the delivery and implementation strategies for security patches to the Sun Solaris and Redhat Linux operating systems.
    Timing: May, 2005
  4. Develop a statement describing the terms and conditions for access to and use of IST Unix servers.
    Timing:
    Update Dec 2005: statement written and discussed; requires review and finalization. Expected completion date - end of January.

Backup Services

A new backup server is now in place. Backup schedules and charging rates need to be revised to meet needs of our clients.

  1. Develop proposal to revamp services and charges
    Timing: June, 2005
    Update Dec 2005: upgrades to servers and charges completed in summer, 2005. Charging formula changed to an annual fee.
    Update May 2006: completed

Calendar and Meeting Scheduling

  1. Replace authentication services to make use of UWdir authentication.
    Timing: waiting for next release of Oracle Calendar so that we can work on it without perturbing the current production system.
    Update Dec 2005: server upgraded to Version 10 in Nov, 2005 and updated client programs are available for distribution. The authenticiation mechanisms have not yet been replaced to make use of UWdir.
    Update May 2006: in progress

Printing

  1. Review printing in general and consider Unix vs Windows options for printing. 
  2. Review and cleanup the various Unix based printing (serv1, admhome, penguin).  Note that penguin, an AIX system, provides the forms printing ; it is recognized as a single point of failure.
  3. Review and upgrade the release monitor function (used by I/O staff to release jobs).

Userid/Account Maintenance

A common userid/account maintenance tool is required for Solaris and Linux. This would improve the currency, accuracy and security of the account maintenance task and facilitate the transfer of this function from Production Support (update Dec 2005: Computer System Services) to Client Services.

  1. Develop detail requirement specs and identify staff from Systems, PS and CS (update Dec 2005: NS, CSS and CS) who will participate in project. Investigate the availability of open source or vendor solutions or build on existing solution.
    Timing: Fall, 2005
    Update Dec 2005: no progress
    Update May 2006: userid maintenance tool for Solaris enhanced and implemented on IST and watserv1.

Support for seamless resource accounting

While Nexus has provided a ubiquitous student computing environment on campus, various incompatible print accounting systems have created confusion and have inconvenienced students.

  1. Work with Engineering to achieve an integrated solution either through:
    • amalgamation of Engineering and IST servers, or
    • extension of the XAS system to support multiple instances.
    Timing: summer, 2005
    Update Dec 2005: work completed in Dec 2005.

The struggle against SPAM

The introduction of the Mail Services cluster in early 2004 provided a robust, scalable environment for the handling of email. SPAM detection services (using SpamAssassin) and virus detection software (using CLAM_AV) offered needed relief.

While these services have been effective in detecting a large percentage of SPAM, dealing with the remaining undetected volume represents a significant burden to our clients. This problem will continue to increase in severity; ongoing efforts are required to:

  1. Keep abreast of current, effective infrastructure strategies in detecting, identifying or rejecting SPAM. Introduce greylisting on the mail services cluster.
    Timing: May, 2005
    Update Dec 2005: greylisting and other techniques introduced in spring, 2005 resulting in significant reductions in SPAM.
    Update May 2006: very positive feedback from client groups; we have been successful at "managing" SPAM over the past year although recent experience confirms the need to continue to be vigilant.
  2. Provide training, support and documentation on effective strategies that our clients can use to reduce the negative impact of SPAM.
    Timing: ongoing

Information Technology Infrastructure- the trailing edge

  1. Investigate the termination of the IST modem pool.
    Update Dec 2005: Decided to keep the current service until some event makes it too expensive to continue.
  2. Eliminate the archive service (added May 2006)
    Update May 2006: the archive service was under utilized and phased out.

6. Enhancing our Effectiveness

Problem tracking and resolution

IST and other departments make extensive use of a problem-tracking system called Request Tracker. It provides a convenient way for our clients to request our services and facilitates proper assignment and completion by the various staff groups.

  1. Investigate and make recommendations on changes to procedures to reduce the problem of "stale" requests.
    Timing: August 2005
    Update Dec 2005: no progress
    Update May 2006: changes to organization of queues and help desk review procedures have reduced this problem. Work still required on reminders to ticket and queue owners.
  2. Update application and system software to current supported versions:
    • Version 3 of the Request Tracker
    • Version 4 of MySQL
    • Linux
    Timing: August, 2005
    Update Dec 2005: project completed in August 2005.
  3. Implement an escalation mechanism as an extension of the Request tracker.
    Timing: August, 2005
    Update Dec 2005: some escalation facilities exist in new version; requires further investigation.

IST Internal Documentation

A wide collection of IST internal documentation is scattered across our various web servers. This documentation needs to be identified and organized into a logical structure to increase our awareness of and adherence to established practices. Documentation should include: Update Dec 2005:

Enhance the working environment

IST staff have a long history of professionalism and dedication. IST will continue to enhance the working environment to achieve ambitious organizational goals and to sustain high levels of commitment and job satisfaction.

Training and professional development are critical to moving forward in information systems and technology. IST will attempt to provide all staff with opportunities for training and professional development. Through PDAG, IST groups give periodic updates on group activities or projects.

Effective communications is essential to improving day-to-day change scheduling, documentation, and project management. We will continue to review culture, practices, processes, and technologies to improve communications within IST.

IST has used informal mentoring systems to facilitate the transfer knowledge between junior and senior staff. We will continue to promote the sharing of knowledge within and across organizational lines, particularly in the area of critical-skills availability.

  1. Use the model developed in the desktop rollover project to upgrade equipment used by ist staff
  2. Leverage the cost and materials of off-site training by delivering on-site condensed courses to other staff.
  3. Support the use of Sharepoint services to enhance communications and document sharing.

Update Dec 2005:

IST Internal Systems - The Trailing Edge

Two internal Oracle-based applications are old and require replacement: a billing system for hardware repairs and network installations and a Unix userid managment system.

  1. Eliminate or find a replacement for the Service Request system used for the billing of hardware repairs and network installations.
    Timing: Summer, 2005
    Update Dec 2005: reviewing possible replacement with scaled down, php/MySQL implementation.
    Update May 2006: replacement system is now in final stages of testing and refinement.

Last updated by Paul Snyder (email snyder at UWaterloo.ca), Wednesday, 19-Dec-2007 13:59:05 EST