California State University, Long Beach

Beach-CERT Home | OUCH! | Security Tools | Network Support Tools | Resources | Contact Us

Minutes of the Meeting of Beach-CERT, Wednesday, 5/18/2005 @ 2:00pm in LA5-352

1. Next Meeting: Wednesday, June 15, 2005 @ 2:00pm in LA5-352

2. Review: Campus desktop security
Steve stated that we haven't had any level 3 virus activity for quite until recently. The Sober worm and its variants hit our campus hard on the first week of May. Our Intrusion Prevention and AntiVirus Systems did a great job of keeping these worms out of our network. We stopped a lot of attacks on day zero! Our IPS blocked more than 50,000 attacks on one day.

Eric Ham discussed how the campus is now using an Iron Ports box to filter e-mails and how effective this particular device has been in blocking the Sober virus.

Craig Kleen discussed how the campus IDS is blocking zip files with pif attachments within further protecting the campus from infections from viruses. He further stated that he would post a graph from the IDS on the Beach-CERT website that showed how many viruses were blocked.

 

3. Progress Report: AntiSpyware development
Steve communicated that the Anti-Spyware program has been funded and we have signed a 3 year contract with Symantec for Norton Anti-Virus NAV version 10. This is an all inclusive suite that includes a firewall, IPS, anti-spyware, and anti-virus and will protect Macs as well as PCs. Additionally, this version of NAV can legally be installed on your home machine. While discussing this Steve mentioned that he had been using an application called Security Task Manager that works similarly to Windows Task Manager except that it was more robust and offered greater features. He said that he would e-mail the URL to the group so they could try it as shareware.

 

4. Progress Report: Email Security development –
Steve stated that Eric and Matt had been working really hard on e-mail security. They have deployed a new e-mail security tool that is extremely fast and effective called IronPort. Steve has been able to acquire this product for the campus and plans to fully deploy it to the entire campus by Fall 2005. One of the main features of this software is in the modular design. The Ironport allows you to changed engines if you want to. In other words, if you are unhappy with the performance of the present AntiVirus engine from Sophos, you can exchange it for another AntiVirus from Symantec.

 

5. Progress Report: Data Storage development
Steve stated that he is planning on getting around 7 TB of data storage for the campus. He discussed some possible uses for the storage space, such as desktop imaging. The new storage system will be integrating with Active Directory using a front-end web-enabled system from Xythos. Xythos allows users to access their files securely over the Internet using SSL. The main reason we develop this project is to help securing data transfer for CMS users. CMS users have been accessing files over VPN and finding the process cumbersome. With the use of SSL it should streamline matters for them.

 

6. FYI: Scheduled Power Outage
Brotman Hall, Saturday 5/21 from 6:00am-6:00pm – Craig Kleen stated that because a lot of critical services are supplied out of the server room in Brotman Hall, two large generators will be parked outside the building. However, because this is the first time this is being tried, we're keeping our fingers crossed for an uneventful power outage. Craig also stated that any TC that serviced anyone in Brotman Hall should let their users know that they should shut down their computers before going home on Friday.

 

7. Update: Campus Access Infrastructure (CAI) Project
Redundant Gigabit Link for CSULB – Steve stated that this project essentially entails asking the Chancellors office for another Internet connection for the Campus. It has been funded because it has been shown through operator error on other campuses how devastating it can be when a campus's single connection to the Internet is broken. Steve further stated that this WAN redundant link should be established by October 2005.

 

8. Update: ITRP Project
Craig Kleen stated that Phase Two of ITRP is complete except for the Purchasing, CBA, SPA and Foundation. He requested that any TCs that needed any additional outlets please open a work order with ITS. He also stated that the goal is to have a one data jack to one device relationship. This allows finer control over the Network.

Steve and Craig discussed a recently purchased Cisco product that will enable Network Services to see what type of traffic is moving between campus machines and to automatically stop inappropriate traffic. This product should be deployed during the summer months.

 

9. Update: BeachBoard operation
Steve stated that after July 1 st , Network Services will no longer be responsible for Beach Board and that it will be moved off Campus.

 

10. Update: Current and future projects
Steve mentioned using Netflow to help plan the direction of future expansion.

Steve also mentioned an Intrusion Prevention Product that will allow us to search for rogue Access Points that invade our Wireless Network.

Steve said that he is looking into products that will allow us to monitor different elements of an environment. For instance if someone leaves a door open, or the temperature is too warm for the machines or there is water on the floor. We would be notified of such events and take appropriate action.

 

11. Technical Training
Steve said that we established training through Quickstart and that anyone who would like to attend should go on their website and see what is available. E-mail Steve with your requests. If enough people (8+) want a specific class, Steve would like to bring the trainers on Campus rather than have people go out for training.