Interim Director
Projects & Initiatives
Contact Information
Formation of the OIT

Departmental Directory
UCSB Directory Service
Directory Assistance
UCSB Website Directory
UC Directories

Network Description
Report Trouble
Policy & Procedures
DMCA Reporting

Monitoring and Statistics
Network Time Services
SSL Certificates
VPN Service
Organizations
Report Trouble

Datasets Signoff Process
Computer Security Guide
Securing & Protecting
News, Advisories, & Alerts
Report an Incident
Recover from Intrusion
Other Security Sites
Mailing Lists
Policies

For Students
For Faculty & Staff

Email
Supercomputing
Software

EduCause

IT Board (ITB)
IT Planning Group (ITPG)
Campus Network (CNC)
Acad. Technology (ATWG)
Backbone Engineering (BEG)
DECAF
UC Committees

Current Openings
How to Apply

OIT Home > Committees > ITPG > Meetings > ITPG Meeting Minutes 03/15/00

ITPG Meeting Minutes March 15, 2000

Present: Arlene Allen, Debbie Anglin, Glenn Davis, Bill Doering, Chuck Haines, Gail Johnson, Rick Johnson, Bill Koseluk, Tom Lawton, Elise Meyer, Alan Moses, Joan Murdoch, Stan Nicholson, Kevin Schmidt, Deborah Scott, Bob Sugar, John Vasi

Not Present: Kevin Barron, Art Battson, Ken Bowers, George Gregg, Phil Handley, Tom Marazita, Ed Mehlschau, Larry Murdock, Vince Sefcik, Jamie Sonsini

Bill K. presented data showing that UCSB’s rank among UC campuses on several measures, including number of IT staff, total staff, compensation, and equipment expenditures, lags our rank in number of students. Further, the cost of living in Santa Barbara is not recognized. Consequently, a strong argument can be made that IT activities on this campus are underfunded relative to the rest of the UC system. This study was based on UCOP corporate systems for 1998 and 1999 and on information presented on their website. After some validation has taken place, the data will be presented to ITB. The Library and Housing indicated that the numbers of IT staff on other campuses in their respective areas exceeds the number at UCSB. It was also noted that there are different salary scales in use across the UC systems and that UCSB tends to fall in the lower tier. Moreover, we seem to have a relatively narrow hiring range on positions such as Development Engineer. Bob will request that the data be posted on the ITB web page. In preparation for a meeting with ITB we might ponder the impact of these statistics. How does this impede our ability to move forward on IT initiatives?

The CalREN-2 group reported that two additional sites (CREATE & Multimedia) are very close to connection. Superweb, however, has run into a wall (literally). High Energy Physics, Alexandria and ITP are currently connected and it was announced at the meeting that ICESS/Bren had just made their connection. The ninth original CalREN-2 project (Arts) has left campus.

The Survey group is busy entering test data in anticipation of recruiting volunteers to key student response forms.

The Security Working Group met and discussed several items: First, if Secure Shell software were made generally available for university users, SWG might recommend switching to it and disabling all non-encrypted log-ins. Secondly, plans for an upcoming class in how to secure a Unix box and another in general awareness for MSOs and unit heads were discussed. It was suggested that the quarterly Administrative Services meeting for MSOs might be a good place to introduce security topics. It was also suggested that the class might include citations (and translations) of relevant security policies.

The job description for the new security position was circulated for comment. It was noted that a process for speedy completion of background checks has not yet been established. The new position will report to the OIT with Bob Sugar listed as unit head in the recruiting package. The group reached consensus on the wording in the job description and endorsed sending it to HR to initiate recruiting. As a general security note, it was observed that while attacks on Unix boxes have be prevalent for years, the incidence of attacks on Microsoft platforms has been increasing lately.

Auth/Dir reported that conversion to Netscape Directory Server 4.11 has been accomplished and the new software is in production use in support of CorporateTime. The new implementation has authentication turned on, meaning that one must login using a correct password to search the directory and review attributes other than name. An additional attribute, commonly used first-name (Ucsbcufn), which is used in the CorporateTime implementation, has been added with access control set to allow people to edit their own entries.

It was noted that we have submitted our first feed of student data to UCOP for inclusion in UCdir. Current plans are to send subsequent feeds on the first Wednesday of each month. Our first LDAP extract containing all of the entries we have collected has also been sent. Fields transmitted were given name, surname, ucnetid, and business 1 email address. This feed will allow UCOP to update UCdir in support of rolling out self-service applications that depend on the availability of email addresses to provide feedback to users.

Recent announcements that LDAP directory servers are being bundled with operating systems offered by Sun and IBM bear investigation. Although we have already paid Netscape license fees for faculty, staff and student entries in our main LDAP server, we might be able to avoid yearly license costs for these entries and additional license costs for the publicly accessible (non-authenticated) LDAP server that is planned.

It was noted that the name@ucsb.edu email address re-write project has now been restarted and will be integrated with the new LDAP service.

Proxy service is under investigation by the Library and IS&C. Although a few localized proxy experiments have been done, the lack of a campus directory server has prevented their widespread deployment as general services. Further, we currently believe that a Netscape proxy server is capable of dynamically loading into browsers only three destinations to be proxied. Given that there are hundreds of potential content providers currently authenticating on IP address, some method of deciding which destinations to load and how to change them when necessary must be developed. Possibilities are: (1) the Netscape limitation of three might be only superficial and, therefore, easily changed, (2) Apache proxy servers do not have this limitation, and (3) a web server might be customized to dynamically load the appropriate destinations into browsers at the point they are selected by the user. UCI has tried alternative number 3 and is now moving to alternative number 2. Investigation into the appropriate configuration for the Library continues.

It was noted that all nine campuses either have a proxy server in place or are building one. However, most of the others are being implemented as general campus services rather than services specific to the Library.

A kickoff meeting of the group discussing guidelines for acquisition of personal computers by students was reported. Initial feelings are that the group should avoid specifying a brand name and should concentrate on communicating required functionality instead. Macintosh remains an issue because students continue to acquire Macs although back-level browser problems prevent their usage with newer administrative systems such as BARC. Apple has been contacted regarding the browser problems and some hope that this problem can be remedied or circumvented exists.

In response to a question from Communications Services, the group reached consensus on configuration of the new campus modem service. In short, there will be two modem numbers to dial. One number will provide access to 16 modems configured to run at 56Kbps with a two-hour time limit. The other number will provide access to about 112 modems also configured to run at 56Kpbs, but with a 30 minutes time limit. The new configuration should provide the data we need to make appropriate adjustments to parameters as we go along.

Berkeley’s experience with Napster and the Search for Extra-Terrestrial Intelligence (SETI) project was reported. Each of these activities consumes about 1/3 of the ISP bandwidth charged to UCB, leaving the remaining third for the other 40,000 users on their network. Restrictions have now been placed on the UCB residence halls and the SETI project has voluntarily scaled back its usage. Nevertheless, these examples show that unrestricted demand for network bandwidth can generate large expenditures for a campus and that fixed port pricing might not be sufficient to manage demand.

It was noted that the GTE contract for unlimited hours of ISP service for a reduced charge will expire in September. Communications Services would like to know whether or not there is interest in negotiating a new contract for reduced-rate ISP service.

Advertising for the new Associate Director of the OIT is expected to hit the streets soon. Candidates for this position and for the ½ time faculty Director position are being recruited, as are people to populate the search committees.

Space for the OIT has also been identified in North Hall. The goal is to relocate current occupants and reconfigure the space in time to begin OIT operations on July 1.

The OIT Transition Team has compiled a draft mission statement and a draft service list for the new organization. Refinements will follow as will a discussion of which services should be free and which should be recharged. This document will be offered as advice to the incoming OIT directors.

The major discussion topic of the meeting revolved around the issue of virus protection software contracts. UCOP had negotiated a potential deal with NAI. Moreover, our current agreement with Symantec expires in May. One difficulty is raising the $31k required to participate in the UCOP deal in the time available (a few days at most). A larger issue is finding some rational way of paying for campus software licenses other than "passing the hat". For example, a goal of acquiring this site license would be encourage students and researchers to use virus protection software at no cost and, thus, improve network security on campus in general. However, no unit has a budget for making such acquisitions that are in the general interest of the campus.

At the end of the discussion we agreed not to pursue the NAI contract. Before doing so we would need to answer questions such as: (1) Is NAI the right product for UCSB? (2) What are the alternatives? (3) Is there a budget available? (4) Who should pay? (5) Who would be eligible to use the product?

Secondly, we agreed that virus protection for servers was a different issue that would be pursued independently by service providers.

Thirdly, we agreed to invite Laurice Kennel of the UCSB Software Depot to attend a future ITPG meeting to help us explore the alternatives.

The meeting closed with an announcement that the campus Usenet service had recently been moved to new hardware.

The next meeting of ITPG is scheduled for Wednesday, April 12, at 10:00 a.m. in North Hall 1131.

Back to ITPG Meeting Schedule



	Copyright © 2003-2025 The Regents of the University of California, All Rights Reserved Web contact • Terms of Use • Accessibility Last modified: 10/19/2007