Transcript ITS Overview for Lt. Governor’s Office

ITS NCID
Next Generation (NG)
Project Overview
February 24, 2010
Agenda
Welcome & Introductions
 NCID Next Generation Overview
 Proposed Migration Schedule
 Administrative Business Process Changes
 Agency Involvement & Level of Effort
 Migration Overview
 Q&A

NCID Next Generation Overview

Purpose & Objectives of NCID NG


Better Reliability
Better Scalability & Performance
 Updated User Interface

Where are we today?






153,000 Active NCID users
55 Integrated Applications
Approximately 3,500 Password Changes on Mondays
DEV environment set to be released end of Q1
Pre-Prod & Production environments being provisioned
What are the remaining project milestones?



Pre-Prod available for Agency Use end of Q2
Production available for Agency Use end of Q3
Agency Applications Finish Migration by 12/31/2010
Proposed Migration Schedule




Application Migration Proposed Schedule will be
sent to current NCID customers this week
Agency Response needed by 3/1/10 for each
application’s migration dates in Dev, Pre-Prod &
Production
Confirm agency contact per application
User and Delegated Administrator Migration
Proposed Schedule will be sent shortly
NG New Business Processes






All accounts will require an email address
Business & Individual accounts will continue to self-register, but
must respond to email link to complete registration
New State & Local Gov’t employees will no longer self-register.
Delegated Admins will create their accounts.
Accounts will auto-unlock after 1 hour. Any combination of 3 wrong
passwords or challenge question responses will lock an account
Account transfer (Agency-to-Agency) will be enabled for State
employees
Lost User ID recovery enabled via email
What is Your Role in NG?
Actively Participate in Scheduling &
Migrating Your Applications
 Have Your Delegated Administrators &
Application Admins Participate in Training
That Will be Provided

Migration Process


NCID & NG Co-Existence
 Synch of Identities between NCID NG & current NCID
 Administrate from current system (until Agency users migrate,
whereupon Administration occurs from NG)
 Single Sign-On from NCID NG to NCID
Transition to NG
 Phased Training & Migration of Delegated Admin Functions
 Phased Migrations of Users to NCID NG self-service functions
 Phased Migrations of Applications to NCID NG
 Users will have to select & answer New Challenge Questions
Migration Impact

Model-2 Applications

Minimal Impact
 Point to new NG infrastructure

Web Services Applications


Minimal Impact
Web Service Calls remain the same
 Point to new NG infrastructure
User GUID’s remain the same, but RDN’s will change

Model-1 Applications



Reverse Proxy Architecture Replaces WebGates
DNS traffic re-routed to Reverse Proxy
SSL Certs Installed on Reverse Proxy
 User GUID’s remain the same, but RDN’s will change
Model-1 Migration Impact
NCID Current Model-1
Public SSL Cert
& DNS Entry
Web Application
WebGate
Oracle API
SSL 1
Oracle Access Service
SSL 2
User Authentication
Redirect
NCID NG Model-1
Private(SelfSigned) SSL Cert
& DNS Entry
Public SSL Cert
Public DNS
Entry
SSL1
Load
Balancer
Reverse Proxy
SSL1
Web Application
SSL3
SSL 2
User Authentication
Redirect
SS
L2
Novell IDP Server
User Relative DN Changes

GUIDs Remain the Same

Relative DN pretext changes
 Current RDN:
Examples:

Examples:
(State)
(External)
cn=User-guid,ou=Internal,ou=People,dc=NC
cn=User-guid,ou=Local Government,ou=External,ou=People,dc=NC
cn=User-guid,ou=Business Users,ou=External,ou=People,dc=NC
cn=User-guid,ou=Individuals,ou=External,ou=People,dc=NC
NG RDN:
(Internal)
(External)
cn=User-guid,ou=State,ou=Internal,ou=People,o=NC
cn=User-guid,ou=Local,ou=Internal,ou=People,o=NC
cn=User-guid,ou=Business,ou=External,ou=People,o=NC
cn=User-guid,ou=Individual,ou=External,ou=People,o=NC
What can you expect from ITS?

Ongoing communication:
 FAQ
Website https://www.ncid.its.state.nc.us/NCID_FAQ2.asp
 Communications Hub –
https://communications.its.state.nc.us/
 Monthly Updates


NCID Integrator collaboration with Agency
Application contacts
Coordination of Applications Moving to Dev
Starting 3/31/2010
Questions and Answers


Chat Questions- noted during presentation
Open Question period