Email
Access mail@ucsf
VPN
HelpUCSF Campus Report May 2005
UC Information Technology Leadership Council
May 24-25, 2005
Administrative Systems Advisory Committee (ASAC) Project: UCSF Link
Work continues on this campus-wide initiative that includes research administration, distributed processing of selected financial functions, and asset management.
For more information on the Link project, please visit the Link website at http://ucsflink.ucsf.edu or contact Mara Fellouris, Project Leader, at mara.fellouris@ucsf.edu. or Zoanne Nelson, Deputy Project Leader, at zoanne.nelson@ucsf.edu.
Data Center Consolidation
Studies regarding the proposal to co-locate the Campus and Medical Center Data Centers have been completed and the decision was made not to consolidate the centers at this time. After a space inventory of current and projected use, space was identified for the Campus Data Center on the third floor of UCSF’s Mission Center Building, directly below the Medical Center Data Center. A survey of environmentals (ventilation, cooling, electricity) shows that there is adequate capacity in the building. The new proposal allows for sharing infrastructure (electrical, mechanical, fire protection, and security) with the Medical Center’s Data Center, but avoids the ~$1 million in expenses associated with the earlier plan for consolidation that would have necessitated relocation of non-data center personnel. The current plan also includes space to house servers for campus departments - particularly research units.
Enhanced Network Monitoring and Management Systems
ITS-Enterprise Network Services has deployed several new network monitoring probes in order to closely monitor traffic flow across the UCSF local, metropolitan, and wide area networks. These probes enable us to monitor traffic flows and quickly find offending MAC addresses during security events before they can adversely impact overall network performance. Network traffic probes are currently installed at the Parnassus Heights campus, Mission Center Building, and Laurel Heights. There are plans to add additional probes at Parnassus Heights and Mission Bay.
Environmental Monitoring System:
The Environmental Monitoring System (EMS) allows the monitoring of wire rooms to ensure that we have adequate warning of excessive heat, humidity, and flooding-all elements that could impact critical network devices. The project is nearing completion with the exception of one site where we are awaiting the arrival of additional hardware.
HIPAA
ITS Enterprise Information Security (EIS) facilitated the HIPAA Security Rule compliance efforts. Considerable work was carried out throughout UCSF to meet with the Rule's requirements by April 2005. Efforts included the coordination of mandated policies and procedures; development and implementation of basic and advanced "Security of Electronic Information" training modules - including over 30 live training sessions; and the documentation of UCSF-wide efforts to date in order to demonstrate compliance. Post the April 2005 compliance date; this work will lay the groundwork for a broader ITS-EIS policy, training, and compliance program to address overall security for confidential, electronic information.
Information Security
ITS Enterprise Information Security (EIS) has received budget approval for four specific security projects:
- Perimeter Security - Will implement firewalls at our to main Internet points of presence. These firewalls are intended to be the UCSF first layer of defense.
- Enhanced Data Center Security - Will implement another layer of enhanced firewalls and networking to separate and protect the data center by way of four specific VLANS for production, development, internet facing and VPN.
- Enhanced Anti-Virus - Will enhance our current implementation of Sophos, provide greater centralized support, and provide support for home users
- Spyware Defense - The pilot implementation of the SpySweeper anti-spyware product was successful. Licensing has been acquired to roll out the product to the greater enterprise environment.
ITS-EIS has acquired a one-year subscription for PGP encryption. This product will provide encryption capability for laptops, desktops and removable media. We anticipate the product to be available to users who require storing confidential information at the local level by the end of June.
We continue to deploy the Sygate personal firewall to organizations as requested. As of this report, the use of a personal firewall at the local level is not a mandate.
Mission Bay Campus
Progress on the construction of the Mission Bay campus continues:
- QB3 (The California Institute for Quantitative Biomedical Research) opened in April. The majority of the current tenants have moved into QB3, and the network was up and running as of April 2005. The moves are scheduled to complete by the end of May 2005.
- The Mixed Residence Housing facility consists of 750 apartments. Two of the four towers are scheduled for occupancy in August 2005. Occupancy of the remaining two towers will begin 30-60 days afterwards. ITS-ENS is in the planning phase for implementation of the network for this facility.
- The construction of the Community Center is in the final stages. This building includes a fitness center, conference facilities, a swimming pool, and the second Network Operation Center for the campus. The planned date for occupancy is September 2005. An RFP for network equipment is in process.
- A second MPOE (minimum point of entry) for the Mission Bay campus is in the early planning stages and will be incorporated into the design of a future building. It is intended to provide diverse and redundant voice and data service routes and facilities to the Mission Bay campus buildings.
NGMAN: Next Generation Metropolitan Area Network
Work on the NGMAN project continues. The single protocol (IP only) NGMAN will be DWDM with 10 Gigabit Ethernet at the core. A collaborative effort is underway to select the best option in terms of vendor equipment and fiber solutions. The procurement of the layer 2 and 3 network equipment is pending the outcome of this effort. We are also determining the state of our building distribution facilities (BDFs) for the implementation of the NGMAN. An installation team has been formed to explore this. Migration to the new network is expected to begin in 2006.
Parnassus Heights Renovations
Work continues on twelve Parnassus Heights renovation projects. Improvements in network infrastructure associated with these projects include new voice and data infrastructure in some of the older the buildings on the Parnassus campus.
The MSB/Moffitt Seismic Cut project is underway. This project will physically separate the Medical Sciences Building and Moffitt Long Hospital on the Parnassus Heights campus to meet state earthquake standards. The cut is planned to go through all the wire rooms in MSB. Work is in progress to determine if the existing wire rooms will be retrofitted or new wire rooms will be built. We expect the cut to be completed in January 2006.
Voice Communications Consulting Services
UCSF exercised our option for a two-year renewal of the Centrex contract. We have gathered information to assist us in considering options for future voice systems. UCSF management is currently reviewing these options to determine financial and operational feasibility.