Present: Debbie Anglin, Art Battson, Ken Bowers, Glenn Davis, Bill Doering, Rick Johnson, Bill Koseluk, Tom Lawton, Tom Marazita, Elise Meyer, Alan Moses, Larry Murdock, Stan Nicholson, Kevin Schmidt, Jamie Sonsini, John Vasi
Not Present: Kevin Barron, George Gregg, Phil Handley, Sonia Johnston, Pam Lombardo, Bill McTague, Ed Mehlschau, Joan Murdoch, Vince Sefcik, Pamela Webb
Given that ITPG is charged with scanning the horizon for new and future IT issues, co-chair Elise Meyer introduced a new regular agenda item: a request for new topics to add to ITPG's list of discussion topics. The following issues were offered:
- It was asked if any restrictions should be placed on the open access workstations. That is, can anyone do anything they want (e.g., play games or display sexually explicit materials) for as long as they want? There was a short discussion of experiences in various units.
- It was suggested that ITPG become concerned with copyright issues and, specifically, MP3 piracy and distribution. Not all agreed that this was an appropriate topic for ITPG.
- Advice on handling interdisciplinary competition for resources in computing labs was requested. Lab management doesn't feel comfortable turning down some of the requests that come in, but doesn't have sufficient resources to address all of them. Perhaps an ITPG subcommittee might be formed to review current and possible allocation mechanisms and make a recommendation either to lab managers or to ITB.
- It was reported that Microsoft would like to change its method of providing educational discounts on popular software to one in which UC would acquire a single site-license for all students, faculty and staff. Extrapolating from results in Indiana and Texas and from the recent agreement between Microsoft and CSU suggests that UCSB might be expected to pay approximately $800K per year for such a license. What should our position be in these discussions?
- Finally, one wag asked whether ITPG should introduce a companion to the recommendation that students own their own computers in which we recommend that faculty own their own laptops (grin). Apparently, there is a serious question regarding whether the campus can afford to provide classroom workstations for all instructors who desire them. This motion died for lack of a second.
Returning to current business, it was noted that the final draft of our recommendations on student access to workstations has been posted on the ITB web page.
The chair of the Security Subcommittee reported on two meetings in which the following points emerged.
Interest in a Secure Shell Client for the Macintosh was expressed.
On one hand, firewalls are thought to be impractical for UCSB because they would require too many holes to conduct current business, they don't work well with asymmetric routing and OC-12 traffic would likely overrun their capacity. Thus, those departments needing firewalls are advised to develop their own.
On the other hand, intrusion detection and logging have been quite useful and are encouraged.
Good practices for password assignment and strength testing were also discussed at the first meeting.
The problem with open spam relays received significant attention at the second Security Subcommittee meeting. The problem is that spam relayed through an open UCSB site looks like it comes from UCSB and results in that site and sometimes other sites on campus being blacklisted on web sites that track spam origins. Tracking sites include IMRSS, RBL and WebTV. It was estimated that we have 800 SMTP relays on campus and a large fraction of them will relay anything presented to them without restriction.
Some policy support will likely be required because of the large number of "rogue boxes" presently on our network. Many of these are Linux boxes that come up wide open and are managed by people who haven't learned how to close the holes. These are prime targets for hackers and spam artists. Moreover, operating systems must be kept current to keep holes closed as new ones are found and exploited.
War stories included a "Back Orifice" attack that resulted in an inappropriately modified term paper and tales of a national telephone company that has run amok (this story is so scary that we hesitate to name the country in print).
While many campus sites are wide open to spam relays, others are closing down so tightly that broadcast mechanisms like the campus emergency distribution list no longer work correctly. For example, some campus units are installing "host-registration filters" to reject communications coming from sites that have failed to register their DNS. This trend of locking down systems may increase difficulty communicating within the campus.
Still other units may know of the problems but are waiting to act until a knowledgeable group provides guidance.
At the next Security Subcommittee meeting the group will begin listing vulnerabilities and drafting a definition of the problems for posting on a planned web site (SECWG).
Another group met to explore the "Authenticate-before-SMTP" technique for preventing spam relays. With this method, users log into a campus mail server that has been modified to communicate successful authentication information to its SMTP layer. Then, requests for relays can be honored for legitimate users even if they are coming in through remote ISPs while requests from non-authenticated others may be rejected. This technique appears to resolve the outstanding issue with the GTE ISP service. Thus, ITPG agreed to table the idea of issuing a new RFP for ISP service. It was suggested, nevertheless, that we encourage COX Cable to introduce cable modem service in our area.
The CalREN-2 Subcommittee reported that the Cabletron switches have been installed and all (but one) research units have submitted connection request packets. Fiber has also been allocated for the connection to Physics. We are currently waiting on delivery of the GSR router.
An invitation to see the new GauchoNet service was issued by Student Affairs. The demonstration will be held in the Human Resources Learning Center on Friday, April 2, at 10:00 a.m.
The Backbone Engineering Group (BEG) reported on its meeting of March 19. Old Business included the following:
The NOC has selected new equipment for the connection of Ring 4 sites to the FDDI network. Two boxes will be purchased - a production unit from the Broadband Migration budget and a spare from the FDDI Maintenance budget.
All customers of the broadband data network will be moved to the FDDI network by July 1 at which time the broadband data equipment will be powered down. (Two channels of video will also move from the broadband to the CATV or fiber cables and the broadband cable plant will then become obsolete.) The router administrators for each broadband site needing to submit FDDI connection requests were present at the BEG meeting and each agreed to contact their respective customers. In addition, Communications Services agreed to write a letter alerting department heads of all units affected by the termination of broadband service.
The process for obtaining connections to the FDDI network was reviewed and it was decided that all future requests would be routed to the NOC. The NOC will then forward requests for fiber allocation to Communications Services. This provides a single point of contact for all those moving off of the broadband and others desiring future connection to the FDDI network.
Requests from buildings not presently served by fiber will use the same process. If no fiber is available, the NOC will forward the request to BEG. If there is no funding available to connect the building, BEG will forward the request to ITPG. Central Stores, Parking Services and University House were listed as buildings that might need fiber service in the future.
A VLAN ID assignment procedure was ratified by voice vote at the BEG meeting. This procedure uses naming conventions that are analogous to the IP address conventions. Documentation will be forwarded to the CSF and Netman discussion lists.
Under the heading of "New Old Business", BEG discussed the need for additional bandwidth for ResNet as their current T1 line reaches saturation. The campus has available bandwidth and it might be good to pool resources with Housing. Issues are 1) how to limit the sometimes-infinite peak demand from ResNet sites and, 2) how to allocate costs to Housing & Residential Services for a fair share of the campus bandwidth. Communications Services will coordinate with H&RS and produce a proposal.
Communications Services also agreed to draft a proposal for the phased replacement of modems in the campus modem pool.
New business discussed by the BEG centered on planning for future campus backbone requirements. It was noted that BEG's charge is to design the next generation campus backbone and that ITPG had also referred this issue to BEG for consideration.
BEG has outlined an aggressive schedule for working through design issues this spring. Everyone is assuming that the CalREN-2 network will serve as the prototype and maybe the core of the new campus network, but this assumption must be reviewed in light of the requirements generated by scaling up the CalREN-2 network to campus proportions.
It was noted that requests for attachment to the Next Generation BackBone (NGBB) should be handled in the same way as requests for attachment to the FDDI network - a formal request should be sent to the NOC. Such requests are encouraged because they will be important in securing funding for future increments to the network.
A discussion of the plans to add ISP service to the CalREN-2 network ensued. Some observed that it would take at least 90 days for CalREN-2 to implement ISP service while others felt that access might be provided via the UCNet ISPs in the interim. Thus, plans for campus connections must be matched to CalREN-2 rollout dates. Careful coordination might permit some funds that might otherwise be spent on expensive FDDI ports to be redirected to NGBB switches instead.
Although the Student Access Survey Group did not meet, progress was made on the generation of questions for submission to ITB. Questions were generated in two categories (Instructional & Non-instructional) and drafts were circulated at the meeting. The process for selecting survey recipients was discussed and it was proposed that we randomly select courses in which to conduct the surveys. Stan Nicholson volunteered to generate a random sample of courses and the group agreed to share the work of contacting the instructors of the courses selected. It is expected that a 5-10 minute data collection session during class time would be required. Stan also volunteered to help process the data that is collected and his offer was gratefully accepted.
Techniques for "item sampling" in which different questions are posed to different recipient groups were described and the possible use of a Scantron form was considered. A pilot test in which test students verbalize their thoughts while attempting to answer survey questions was also suggested.
In summary, we need to think through the "hot topics" that we want to cover with the survey. Getting the data we need in the class time available will be a challenge. Those designing the ITB survey of faculty are also facing the issue of how much technical detail they can collect without turning those less interested in technology away.
Bill Koseluk will circulate draft questions. After comments are processed, the resulting set of draft questions will be conveyed to ITB (probably at their April 21st meeting).
Elise reported on data collected via online quiz questions in the Physics 1 course. Students were asked if they owned a computer, whether they had adequate access to the web and where they obtained access. Of the 80% of the students in the course who elected to take the web quizzes, 90% reported that they own a computer. This means that a minimum of 72% of the students in this course own their own equipment. Few, if any, of the students responding to the questions reported problems in accessing the network.
It was reported that the recommended changes to the campus modem pool were implemented on March 24. Communications Services received calls from a dozen students who either had not read or not understood the directions on the new welcome banner telling them to "c umail" to reach the student email service.
Data from, "Campus Computing 1998, The Ninth National Survey of Desktop Computing and Information Technology in Higher Education", were reviewed by the group. Some 570 institutions participate in this survey. Notable statistics include the finding that 63.6% of the institutions do not currently require or recommend microcomputer ownership by students while 32.7% recommend it and 3.6% require it. Also, a quick division of the total headcount by the total number workstations in labs, clusters and classrooms revealed an overall average of 10.9 students per workstation. ITPG members thought that these data should be conveyed to the ITB. (Note: Dennis Hengstler of Institutional Research also provided data from a 1996 survey in which UCSB students were asked several questions on computer usage and ownership. We can review these data at our next meeting.)
Finally, the chair queried the group regarding what else the ITPG might be do on the topic of student access beyond waiting for the ITB to review our draft policy statements and continuing to press forward on the student surveys. ITPG members agreed that this is all we should do on this topic until we have a response from ITB and that we should return to the master list of ITPG issues to select the next topic of discussion.
Back to ITPG Meeting Schedule
