Transcript IT Briefing - Emory Office of Information Technology | Home

Information Technology
IT Briefing
March 2007
Information Technology
IT Briefing March 15, 2007






Announcements/Updates
OIT/AAIT Organization
VoIP Update
Healthcare Exchange
Emory Exchange Design
University Exchange






Karen Jenkins
Karen Jenkins
Paul Petersen
Karen Jenkins
James Reed
Jay Flanagan
1
Information Technology
Announcements
 Remedy v7.0 – working on bug with vendor (help.emory)
 Java TechTalk

Tuesday April 3rd 1:30 – 2:30 NDB Room 225 - Kennesaw
 Security Conference
 March 28, 2007 8:30am – 1:30pm, 3rd Floor Ballroom, Cox Hall
 Registration deadline 3/21 (register online)
 LDAP-Auth
 Need to register use – will eventually limit access to registered
hosts
 Send list of host(s)/IP(s) to [email protected] by
3/30/2007
 Approved Governance Projects
 Google Search Appliance
 Desktop Management email to [email protected]
2
Information Technology
Office of Information Technology
Office of Information
Technology
Richard Mendola
Research and the
Health Sciences
University
Information
Technology
Marc Overcash
Emory Healthcare
Information Services
Information Security
Office
Dee Cantrell
TBD
TBD
Academic &
Administrative
Information
Technology
Network
Communications
Rhonda Fuss
Francene Mangham
3
Information Technology
Academic & Administrative Information
Technology (AAIT)
Richard Mendola
Vice President for
Information Technology &
CIO
Helen Starks
Administrative
Assistant
Linda Erhard
IT Governance
Liaison
Francene Mangham
Interim Assoc VP for
Academic & Administrative
Information Technology
Karen Jenkins
Client Technology
Services (CTS)
Director
Alan Cattier
Academic Technology
Services (ATS)
Director
Byron Nash
Administrative &
Data Services (ADS)
Director
Sebreana Williams
Administrative
Assistant
John Ellis
Infrastructure Technology
Services (ITS)
Director
John Connerat
Office of Finance and
Administration (OFA)
Director
Service Management
Library Services
PeopleSoft Student &
HR Systems
Systems Support
Budget & Finance
Help Desk
Classroom Technologies
Financial & Other
Business Systems
Storage
Contracts & Licensing
Configuration Management
Centers for Educational
Technology
Data Warehousing,
Reporting & Database
Support
Infrastructure Applications
(Email, Security, Identity
Management)
Human Resources
Web & Communications
Interactive Technologies
Development & University
Relations Systems
Data Center Operations
Business Operations
4
Information Technology
Infrastructure Technology Services (ITS)
Felicia Bianchi
Special Projects
John Ellis
Director
Infrastructure Technology
Services
Linda Richardson
Administrative
Assistant
Thomas Jackson
Special Projects
Chip Lawson
IT Technical
Leader
Operations
Rosa Weston
Operations Shift
Manager
Shirley Maddox
Operations Shift
Manager
Jay Flanagan
Manager
Security & Infrastructure
Applications
Russ Norman
Enterprise Storage
Architect
James Fordham
Operations Shift
Manager
MVS Team
Charles Allen
Operations
Harrison Miller
Operations
Bill Choate
Systems
Administration
James Proctor
Operations
Tri Tran
Operations
Len Butera
Systems
Administration
Matthew Merchant
Operations
Sean Deaver
Operations
Storage
Jeffrey Lamothe
Storage
Jim Carr
Storage
Sergey
Kamenetskiy
Storage
Rosey Neal
Operations
Sahadeo Sarju
Operations
Email
Security
Peter Day
Identity
Management
Brett Blake
Systems
Administration
James Reed
Email
Exchange
Alan White
Security
Darrell Durggin
Identity
Management
David Harrison
Systems
Administration
Terry Markert
Email
Learnlink
William Benson
Email
Exchange
Robert Spencer
Operations
Chris Alexander
Identity
Management
Sheldon Anderson
Systems
Administration
ERP Team
Unix Team
Michael Davidson
ERP Admin. &
Support
Amanda Gagnon
Systems
Administration
David Klinger
ERP Admin. &
Support
Curt Tucker
Systems
Administration
Bruce Anderson
Systems
Administration
Bela Gazdy
Systems
Administration
Kevin Kirwan
Systems
Administration
Mike Lewis
Systems
Administration
Juanita Neal
Operations
Kenny Jemison
Operations
Cecilia Peters
Operations
Windows Team
Andy Efting
Security
David Gottschalk
Email
Eagle
Tim Marler
Operations
Identity
Management
Marcus Grier
Email
Exchange
Dennis Dravland
Operations
Lula Walker
Operations
Steve Siegelman
IT Tech Leader
Systems Support
*Denotes Contract Employee
Vincent Tran
Systems
Administration
5
Information Technology
Client Technology Services (CTS)
Felicia Bianchi
Special Projects
Karen Jenkins
Director
Client Technology Services
Sebreana Williams
Administrative
Assistant
Thomas Jackson
Special Projects
Linda Ellis
Call Center Lead
Help Desk
Service
Management
Client Config.
Management
Web &
Communications
Clean Room
Andrew Kincaid
Service
Management
Daniel Palmer
Client Configuration
Management
Donna Price
Communications
Robert Rhodes
Intern
Randy Walton
Help Desk
Al Shelton
Service
Management
John Maxwell
Client Configuration
Management
Norman Hulme
Web Design
Student Employees
Joseph Nash
Help Desk
Lee Clontz
Web Development
*Denotes Contract Employee
Randy Phillips
Help Desk
Karla Fields
Web Infrastructure
Marcus Rodriguez
Help Desk
Mark Eisert
Web Infrastructure
Student Employees
6
Information Technology
Questions
7
Information Technology
VoIP at Emory
Paul Petersen
Information Technology
Agenda
 VoIP at Emory




Background
Single Voice Platform Project
Phase 1 Update
VoIP & IP Telephony in use
 Other Updates
 Firewall Migration Status
 Questions
Information Technology
VoIP at Emory - Background
 The Emory Clinic (TEC) Switch
 Platform – Avaya
 Location – TEC A Building
 Exchange(s) - 778
 Emory Crawford Long (ECLH) Switch
 Platform – Avaya
 Location – ECLH Peachtree Building
 Exchange(s) - 686
 University Switch (includes EUH)
 Platform – Nortel
 Location – Cox Hall Switch Room
 Exchange(s) – 727, 712, 784, 251
Information Technology
VoIP at Emory – Background
 Issues:
 Some faculty, physicians, and staff have
offices on different switches
 The complexity of maintaining three
different switches
 Redundancy
Information Technology
Single Voice Platform
 Single Voice Platform
 Name given to the project which
consolidates Emory’s three phone switches
to one
 This project also sets Emory’s direction for
VoIP/IP Telephony
 Project began March 2006 with a formal
RFQ process
 Avaya was selected
Information Technology
Single Voice Platform
 Phase 1 – Consolidate TEC & ECLH
Switches





Upgrade to the latest Avaya switch
Upgrade to IP Connect (provides redundancy)
Consolidate the TEC & ECLH switch databases
All new buildings will use this new platform
Completely Funded and Approved
 Phase 2 –
Platform
 Phase 3 –
 Phase 4 –
phones to
Convert the rest of EHC to new
Covert WHSC to new Platform
Convert remainder of Nortel
the
Information Technology
Single Voice Platform
 Phase 1 – Update
 VoIP core has been created to separate Voice
traffic from data traffic
 Converting all of the remote cabinet switches to
IP Connect
 Switch database consolidation has begun
 Project Deadline - August
Information Technology
VoIP/IP Telephony
 Gateways & Trunks
 6 remote (with 9 more coming this month)
 IP Trunk lines between TEC & ECLH switches
 IP Phones
 IP Hard phones (NetCom, new SOM Bldg)
 IP Soft Phones (NetCom, Call Center Staff)
 Wireless IP Phones (EUH)
 Computer Telephony Integration (CTI)
 Call Center Applications
 Billing System
Information Technology
Firewall Update
 Academic Firewall Migration – On-Hold
 Due to Resource Allocation issues
 Recent Steps:
 New Lab setup
 Juniper Engineers on-site last week
 Continued Discussion
Information Technology
Questions
17
Information Technology
Healthcare Exchange
Update
Karen Jenkins
Information Technology
Approach
 Migrate all GroupWise users to Exchange
 Migrate SOM GroupWise users that also
have Eagle mail into a single Exchange
account
 Automate migration at server level to
minimize disruption to individual desktops
 Provide dedicated support center during
migration
19
Information Technology
Initial specifics
 300MB high performance storage for all users, archiving
available for all users
 Residents are in scope for the current rollout
 Email/calendaring options are Outlook on Windows or
Entourage on Mac; Will also provide IMAP-S option for other
email clients
 We are still investigating the best way to stage the rollout for
Eagle mail users
 Units that provide their own email services will be
encouraged to migrate to the Exchange offering in the future
 Learnlink will remain for now, but we are investigating
alternatives for FY09
20
Information Technology
Email addresses
 All users, both faculty and staff, that have multiple
Groupwise and Eagle accounts, will be migrated to
one Exchange account
 Incoming email aliases for @emoryhealthcare.org
and @emory.edu will remain. Additional aliases
will be added for firstname.lastname for both
domains.
 Only one outgoing email address is possible. For
faculty & staff that have accounts in both
emoryhealthcare.org as well as emory.edu, the
latter will be set as the default outbound address.
21
Information Technology
PDAs and Smartphones
 There will be a variety of mechanisms for syncing PDAs and
Smartphones with Exchange, although the age of the device
may limit what is possible. Faculty/staff will be able to take
advantage of these options, but will be billed if they choose a
premium service.
 Options will include:
 Cradle or WiFi sync using a product such as MS ActiveSync, MS Mobile
Device Center or Palm HotSync Manager
 For those with a data plan on their SmartPhone, options will include:




Native MS Active sync for Windows XP (no charge)
Native MS Mobile Device Center sync for Windows Vista (no charge)
Blackberry Enterprise Server (premium service with monthly charge)
Motorola Good Mobile Messaging (premium service with monthly charge)
22
Information Technology
Schedule




Begin migration late May
End migration early August
Migrate users Monday - Friday
Use (3) six hour migration windows per day
 Will not migrate during hospital and clinic shift
changes
 Group and schedule each department
sequentially
 Spread department users across migration
windows
23
Information Technology
Communication
 Being discussed at executive leadership
meetings
 General announcement via email, newsletter
articles, internal press release, news item on
IT website
 Full feature Emory Report Article in March
 Postcard mailing will be sent to all GroupWise
users
 Posters will be displayed throughout EHC
locations
 Frequent email reminders to each user
regarding migration date
24
Information Technology
Training
 Multiple open house seminars at various sites
offered throughout the migration period
 Multiple advanced seminars for super users such
as administrative assistants
 Distributed tip sheets, identifying differences
between GroupWise and OutLook
 Online information, user guide, FAQs, tip sheets,
training locations and schedule, migration
schedule
 Other Suggestions?
25
Information Technology
Migration Questions
 Website: http://it.emory.edu/ehc-exchange
 Email: [email protected]
 Project team member will respond to email within 2
business days
 Phone: 8-INFO(4636)
 Leave voicemail message
 Project team member will return call return your call the
next business day
26
Information Technology
Exchange
Design
James Reed
Information Technology
General Specifications
 Exchange 2007
 Sized for the Emory Enterprise
 24,000 users
 13,000 Emory HealthCare accounts
 11,000 Emory University accounts
 Designed to handle potential Eagle mail migration and
potential relay server migration to Exchange
 Sized for 300mb high performance storage within Exchange
databases
 Sized for average user load of 80 messages received / 20
messages sent per day / per user
 Sized for average message size of 60kb
 Archiving will be available – more info coming soon
Information Technology
General Server Overview
 Total of 50 servers ordered for environment
 7 AD Controllers for new Resource Forest
 2 Dedicated for FSMO roles
 5 Dedicated Global Catalogs for Exchange traffic
 2 Mailbox Server Clusters (MS Exchange
Clustering)
 Each cluster contains 4 Active Mailbox servers
 Each Active server will have 3,000 users per server
 Each Active server will have a minimum of 12
Databases
 Maximum Database size will be 100GB each
 Each cluster contains 2 Passive Mailbox servers
Information Technology
General Server Overview (cont’d)
 4 CAS servers




OWA (Outlook Web Access)
ActiveSync
Outlook Anywhere (formerly RPC over HTTPS)
IMAPS
 4 HUB servers
 MTA (Mail Transport)
 SMTPs (requiring authentication)
 4 EDGE servers
 Border Antivirus Hygiene servers
 Will be located in DMZ
Information Technology
General Server Overview (cont’d)
 2 Mobile Device Servers




GoodLink
Blackberry
Will be eventually using VMWare ESX
ActiveSync will be provided via CAS servers
 6 Servers GroupWise migration
 Repurposed post migration for dedicated Exchange testlab
 2 Windows 2003 co-existence servers
 Will help provide Free/Busy data flow
 Will help replicate Public Folder data
 3 Archiving Servers
 Vendor TBD
 2 Monitoring Servers
 MOM
 HP Insight Manager
Information Technology
General Server Overview (cont’d)
 Storage Requirements
 Core exchange databases
 3,000GB per server (8 active servers) for DB’s and Logs
 223GB per Store (DB)
 28GB for logs per Store
 Public Folders – 30 GB total (mostly replicated between
servers)
 EDGE and HUB storage
 Archiving
 Estimated for 24,000 users, averaging 1GB each = 24TB
 Backups
 Exchange databases
 Using mirror clones
 14 days = up to 56TB for Exchange database data
 Snapshots (TBD)
Information Technology
High Availability
 Mailbox servers will user MS Exchange Clustering
 Two 6 node Clusters
 4 Active nodes, 2 Passive nodes in each
 F5 Big IP Network Load Balancers (redundant)




Application traffic hygiene
SSL offloading
Caching
Will be used for:
 CAS servers for OWA and IMAPS
 HUB servers for SMTPS
 Redundant SAN connections
 Redundant Network connections
 Redundant Power
Information Technology
Information Technology
Information Technology
AD Design
 Will use Resource Forest model
 Existing EU and EHC AD forests remain as is
 Provides best approach and potential for other
shared applications / services
 Will require existing Exchange environment
to migrate as well
Information Technology
Information Technology
Network Layout
 Because of security requirements and
needs, will have most servers in HIPAA
core
 Will be server only core
 Will be restricted access
Information Technology
Information Technology
Security
 Weigh Security vs Usability
 Emory HealthCare (currently using
GroupWise)
 Provide solution for EHC to have a secure end to
end email environment
 HIPAA data
 For existing email
 For new email
 Emory University
 Provide groupware functionality
 Shared Calendaring and Collaboration
 FERPA data
Information Technology
Security
 End to End encryption
 Exchange server to Exchange server connects
with TLS connections by default
 Client to server encryption
 Outlook Anywhere for Outlook clients
 No MAPI / RPC calls from Clients to servers
 Formerly called RPC over HTTPS
 Only supports Outlook 2003, and Outlook 2007
 Macintosh connectivity
 Entourage uses DAV protocol (HTTPS)
 Next version of Entourage supposed to use pure
HTTPS
Information Technology
Security (continued)
 IMAPS connectivity
 SSL Required
 SMTPS w/ Authentication required
 Limited functionality compared to Outlook or
Entourage connectivity
 No server side rules
 Contacts will not be saved on server
 Calendaring will not be functional
 User will always show as Free when calendar
viewed by others
 Outlook Web Access
 SSL only connections
 Full functionality with Internet Explorer
 Light Mode functionality with other browsers
 Message level encryption supported
 Supported at least in Outlook
 Configured per client basis, only supported by local
departments
Information Technology
Security (continued)
 Hygiene
 Postini
 EU and now EHC
 Edge Role servers
 Placed in border environment to protect
 Only has very limited access to any AD and Exchange data
 Potential AntiSpam options
 Antivirus
 Will be running Antivirus on ALL servers for Email and
OS
 Symantec Antivirus for OS protection
 Will be running Symantec Mail Security or MS
ForeFront
 ForeFront was formerly known as Sabari
 ForeFront will be running multiple scan engines
Information Technology
IDM and ACM
 Identity Management and Account
Management
 Parallel project working with Emory University and
Emory HealthCare for Account provisioning
 Will have a Phase 0 for Exchange project to
automate core functions





Account Creation
Account Disablement
Name Changes
NetID Changes (maybe)
GAL (Global Address List – like LDAP directory) data
 Phone Number
 Department
Information Technology
Mail Routing (University Only)
 Used to be known as Eagle Mail Forwarding
 @emory.edu will forward to netid@Exchange
environment
 From Addresses will be default
[email protected] (least common
denominator for campus)
 [email protected] (working on automation)
 Clinical Faculty – TBD
Information Technology
How it works
 Outlook Anywhere
 Mobile devices
 Mail Flow (documentation coming soon)
Information Technology
Information Technology
Information Technology
Exchange Design
Questions
49
Information Technology
University Exchange
Update
Jay Flanagan
Information Technology
University Exchange Migration Update




Proposal to IT Governance for approval
Begin migrations in late May / early June
Schools and Departments are already queued up
Check web pages for updates
51
Information Technology
University Exchange
Questions
52