California State University, Long Beach

Beach-CERT Home | OUCH! | Security Tools | Network Support Tools | Resources | Contact Us

Minutes of the Meeting of Beach-CERT, Wednesday, 7/14/2005 @ 2:00pm in LA5-352

1. Next Meeting: Wednesday, August 17, 2005 @ 2:00pm (location TBD) - Steve mentioned that because of the physical constraints of the current meeting room for the Beach-CERT meetings, that the next meeting may be in Foundation, 204. The proposed room is larger and more comfortable for our growing group.

2. Major Topic: Identity Management System - Steve stated that the IBM TIM (Tivoli Identity Management) is a middleware application that enables a user to authenticate onto the CSULB systems without having to remember multiple user names and passwords. Currently, The Portal, Blackboard, People Soft, and Wireless Authentication are handled by TIM which is managed by Eric Ham.

The next step after this is, provisioning. Meaning staff has different level of access versus a campus visitor. Also integration with Active Directory is another step that can be taken in conjunction with further rolling out of the Identity Management System.

3. Progress Report: NAV development - Steve announced that we have received a copy of NAV10.0.1 which is a fix for some of the difficulties we've had with NAV. It is still undergoing testing by Eli Shubin. For this fiscal year Steve would like to sponsor a more advanced version of NAV that would provide a personal firewall as well as intrusion detection on your desktop. For the first phase, 600-1000 users will be included. Within this group will be all of the Beach-CERT members and some of the members they would like to include. The requirement for being part of the test phase is feedback.

Some members voiced concern that Macs were also going to be supported in this and Steve let them know that vendors have a tendency to release Mac versions last. Steve told them that further investigation of the issue is required and that he would get back to them.

Liem stated that they are currently using version 1.0 in their area and it works pretty well.

4. Progress Report: Email Security development - Steve stated that $160K was spent to bring in IronPort to enhance email performance and security to protect campus users from email viruses and phishing scams. Matt Black gave a brief overview of the application and how it works. The biggest feature is a virus outbreak feature that enables IronPort to react swiftly to any behaviors that seem to mimic any outbreaks by temporarily quarantining the files until IronPort comes out with a definition. If a definition is not forthcoming within a few hours, it releases the files to the recipient.

He further explained how to utilize a workaround for e-mail rate limiting using SMTP Auth. Dan Olsen stated that directions to configure your e-mail client are on the THD website.

5. Progress Report: VPN - Steve announced that in order to encourage greater usage of VPN, he was going to launch a Web based VPN project this summer. It is a more simplified version of VPN and will hopefully result in more users taking advantage of VPN.

6. Progress Report: Data Storage Development - Steve stated that the one of the goals of this project is to be able to use a Web browser and SSL to access your data securely from anywhere. A practical application could be when a faculty user accesses CMS data, store it on the secure website and not have to risk keeping sensitive information locally. This is another project that will be piloted this summer. The hardware has already been installed and Jesse Santana will be managing it.

7. Progress Report: Wireless Network - Craig Kleen stated that wireless is 100% powered outdoors. Craig will be delivering a sitemap to Steve before school starts that show outdoor coverage.

8. Discussion: Document Sharing - SharePoint -Steve stated that Microsoft Document server has a feature called Sharepoint which is similar to a document portal and allows multiple people to work collectively on a document. He further stated that this is a direction that we will be moving in, in the near future.

9. Discussion: WebAdapt2Me Project - Steve discussed IBM's solution to ADA compliance on the clients desktop. The responsibility of ADA compliance has historically rested on the shoulders of the web server. The issue of ADA compliance only applies within the US so if you go to a web server outside the US it is not required to comply. The campus has bought into it and THD and Jesse Santana will manage it.

10. Presentation: Campus Identify Management System - TIM (Eric Ham) - Eric discussed the upcoming upgrade to TIM. Mainly the changes will be transparent to the user and only apply to making Eric's life a little easier from a management standpoint. He stated that it is currently being used for: MyCSULB, Beachboard, the Horn Center printer, ACS lab check in, Contribute Help Desk, BeachNet, Technology Center, and the Campus Search Page. As time goes on more services are to be integrated into the one ID, one password scenario. NameMaster will eventually go away and its responsibilities folded into TIM as well. In conclusion, anything that understands LDAP can now use TIM for authentication.