it architecture and infrastructure committee oct packet...it architecture and infrastructure...

IT Architecture and Infrastructure Committee 9:00-10:30am., October 14, 2016, FAC 228D

I. 9:00-9:45 ITS Core Infrastructure Critical Services (Brad Englert,

Julienne VanDerZiel)

II. 9:45-9:50 Co-Chair Election (Charles Soto, Brad Johnson, nominee)

III. 9:50-10:10 Wireless Access Point Upgrade - Endorse (Pug Bainter)

IV. 10:10-10:30 Web Central Service Retirement (Christina

Konstantinidou, Jenn Coast)

IT Architecture and Infrastructure Committee 1

ITS Networking and Telecommunication (10/7/2016, v1.2)

Wireless Access Point Upgrade Endorse

Summary Approximately 1,800 of the uni ersit ’s Wireless Access Points (WAPs) are expected to reach End of

Operations (EoO) in summer of 2017. Units must purchase upgrades through ITS, to be installed

through summer of 2017 [est. $1.2M for WAP portion]. ITS has negotiated additional trade-in

discounts with the vendor for EoO WAPs.

Approach EoO WAPs not replaced will cease operations at a point determined by ITS, in order to

preserve operations of the shared wireless infrastructure. (Expected in summer 2017)

To maintain current wireless coverage levels, Units must replace all EoO WAPs unless ITS

determines that the WAPs coverage is no longer needed. (NetOpsMan 5.2.2)

Given the campus-wide time-delimited scope, this project must operate independently of

most other Unit IT projects (coordination will occur with construction/renovation projects).

ITS has negotiated trade-in discounts from the current vendor for in service EoO WAPs

(114X, 350X only).

ITS will provide each building estimates (WAPs, cables, antennas, switches, installation), and

a due date for account numbers. Multi-unit buildings will determine internally how to

divide costs of the WAPs, and provide ITS account numbers. Should Units not agree to

allocations, ITS will adjudicate the allocations between the Units. (NetOpsMan 4.1.13)

ITS will provide the initial sampling of hazardous materials inspection as required by the

project, but any remediation cost will be charged to the Unit and account provided for the

WAP.

New Power-Over-Ethernet (PoE) switches may also be needed, as the new WAPs consume

more power than previous models. Units will be responsible for purchasing any new PoE

switches needed for their respective upgrades.

TKIP (vulnerable deprecated encryption protocol) will cease to work December 18, 2017.



Background 1. State of the industry for large enterprise Wi-Fi systems is for individual WAPs to be operated

by controllers , hich coordinate user de ice e perience, polic and radio functions across

many WAPs. As support for a particular model of WAP drops from the software run on the

controller, the WAP ceases to operate (End of Operations). New software must be run on

controllers to patch security vulnerabilities, fix bugs and enable new hardware (standards

are evolving, requiring new hardware).

2. Networking estimates it will be required to move the uni ersit ’s controllers to ne software in the summer of 2017 (code stability, vendor release scheduling, or major security

issues could force a move to new code earlier than this date). To avoid loss of service,

approximately 1,800 older WAPs must be replaced (roughly 25% of campus WAPs, 114X and

350X models).

3. The EoO WAPs will have been in operation for 5 to 9 years [Table 1] in most cases,

exceeding lifecycle expectations provided for planning/budgeting (NetOpsMan 5.6.3). The

older WAPs are failing at high rates and are as many as two standards and 5 radio

generations behind in terms of service to end devices (newer models significantly

outperform the EoO models [200% increase from 114X]). Originally EoO was expected fall

of 2015, but Networking was able to obtain support from the vendor for additional software

revisions delaying this upgrade.

4. University was notified via Network Report Card tool, 7/31/2015 (email), 10/23/2016

(Network presentation).

5. Approximately 7,500 WAPs, 21 controllers, 4 enterprise-class routers, and two carrier-class

NAT devices comprise the campus wireless system. ITS estimates the system must grow to

support 4,000 more WAPs to meet coverage/density goals. As use cases continue to

change, so do these requirements. The system now carries over half the Internet traffic for

campus, and has become a critical IT resource to university operations.

6. Networking has remained with one wireless vendor, and plans to continue to do so for this

round of upgrades. Switching vendors of centralized controller architectures is

operationally challenging and incurs high costs.

o Complete replacement of the wireless components on campus is estimated at over

$10M to date.

o Operating two vendors would require additional costs in different controllers,

lab/test equipment, additional staff and training ($600K-900K startup and $300K

recurring costs– in addition to the estimated for this project). It also introduces

interoperability and support problems, since each endor’s approach to criticall important RF management is proprietary – no open standards for wireless

management. Extra labor would be required in this project, for example, to

consolidate WAPs by vendor and building to avoid the more extreme service issues

(clients do not roam between vendor products, for example).

o Only one other vendor has sufficient market segment/share to be considered as a

replacement due to the university’s scale-- default costs/features are comparable

given discounts being leveraged with current vendor. Technically, the two vendors

one-up each other from one generation to the next. The current vendor has 45%

market share; the other has 19% (source: IDC, has more share in the education

market). Networking believes the other vendor may have somewhat better

controller software, but the current vendor has significantly better WAP hardware.

See Gartner quadrant [Figure 1]. While better controller software from the other

vendor could ease ITS operations, the clients benefit more from the better WAP



hardware and units can deploy fewer WAPs with the current vendor [Figure 2].

Both vendors discontinue WAP support based on typical vendor lifecycle

considerations.

7. Temporal Key Integrity Protocol (TKIP) must be removed from the system in order to being

deployment of the new WAPs. This will impact fewer than 300 devices on campus

(approximately 0.2% of devices on the network). The replacement, AES, has been required

by the Wi-Fi Alliance for end client certification since 2006, and WAPs have been disallowed

to support mixed mode AES/TKIP since 2014. The protocol has known exploits.

Table 1

0% 0% 0% 0% 15% 8% 13% 0% 63% 0%

? Lucent 802.11b

2000 Lucent 340/350

2001 3years 340/350 802.11a/g

2002 Ciscotradein-340/350 1220/1230

2003 340/350 1220/1230

2004 340/350 1220/1230

2005 5years 1220/1230 1242

2006 Ciscotradein-1220/1230 1242

2007 1220/1230 1242

2008 1220/1230 1242 802.11n

2009 1220/1230 1242 1142

2010 1220/1230 1242 1142

2011 1220/1230 1242 1142 3500

2012 1220/1230 1242 1142 3500 3600

2013 6-11years 1242 1142 3500 3600 802.11acW1

2014 Ciscotradein- 1242 1142 3500 3600 3700

2015 6-10years 1142 3500 3600 3700 2700

2016 Ciscotradein- 1142 3500 3600 3700 2700 802.11acW2

2017 1142 3500 3600 3700 2700 2800

2018 6-9years 5-7years 3600 3700 2700 2800

2019 Ciscotradein-Ciscotradein- 3600 3700 2700 ????

2020 3600 3700 2700 ????

2021 ???Years 3700 2700 ????

2022 3700 2700 ????

2023 ???Years 2700 ????

2024 ???Years ????

2025 ???Years

2026

2027

2028

2029

AccessPointsLifecycles



Figure 1

Figure 2

of 1

Web Central Services Retirement Project Status Report

Project Summary The Web Central Service Retirement (WCSR) Project is the retirement and decommissioning of the

web sites, email addresses, data and infrastructure that comprises Web Central. Web Central was

hosting more than 2800 websites, over 10 million files, and 500 email addresses. The project required

a detailed migration plan and guidelines to assist users in determining appropriate action for each

website/email account. In August 2016, the Web Central and UNIX Timesharing System (UTS)

services were retired, and all associated servers and storage have been set up for decommissioning.

Major Accomplishments 1. Web Central Websites: 514 website migrations were completed and 2297 websites were

archived. 297 www.utexas.edu redirects were implemented and will be in place until

9/1/2017.

2. UTS Email Service: 113 UTS email accounts were migrated to other email services and 2981

accounts were archived. 202 UTS www email addresses were archived, of which 15 will be

forwarded until 9/1/2017.

3. UTS Websites: 794 UTS websites were archived.

4. WWW.UTEXAS.EDU Domain: The transition of www.utexas.edu to UT CMS2/DEE was

completed and UTCMS 1 is retired.

Next steps Until August 2017, ITS will own all archived files in order to fulfill possible requests to un-archive files

and provide copies as necessary. In September 2017, all files will be transferred to University

Archives.

0

100

200

300

400

500

600

Nu

mb

er

of

Sit

es

End of Month

Websites Migrated

Plan

Actual

http://www.utexas.edu/



Information Technology Services

ITS Service Plan UpdateOctober, 2016

11/11/2016 1

Information Technology Services11/11/2016 2

Table of Contents

ITS 2016 Service Plan

Background

Reviewing the Core Infrastructure

Next Steps


ITS 2016 Service Plan: Background

• ITS has a significant budget deficit • Reviewing every Service Offering to determine net

costs by Service Offering – Includes all Service Centers and Common Good offerings

• Will work with governance to make recommendations on– Changing existing services– Charging for existing Common Good services– Removing services – Increasing budget via core funding and/or annual ITS fee

• Currently prioritizing all 145 Service Offerings


ITS 2016 Service Plan: Reviewing Core Infrastructure

145 Unique Service Offerings

Core Infrastructure

Critical

Major

MinorOverhead

65

3720

176


ITS 2016 Service Plan: Reviewing Core Infrastructure

• Core Infrastructure Definition:– Service Offerings that are required to operate the main

technology components for campus– Examples include the mainframe, the network, the data

center, the identity management system and the ID Center

• Currently 65 Service Offerings are designated as Core Infrastructure

• Want to make sure governance agrees on what is considered Core Infrastructure – Qualtrics survey 1: suggest additions or deletions to the

Core Infrastructure components


ITS 2016 Service Plan: Next Steps

• Review critical core infrastructure services with governance (Current Task)

• Solicit input into critical, major, minor services • Review every Service Offering to determine net costs

by Service Offering• Make recommendations and review with governance• Present recommendations to SITAB and Budget Council• Obtain final budget resolution for all services• Publish results for all governance groups


Current list of ITS Service Offerings

Click to open:

ITS Service Plan 2016

10/14/2016 Page 1 of 13

Service Offering Service or Project Description PriorityAccounts and Access Austin Active Directory Austin Active Directory (Austin AD) provides the authentication infrastructure and Lightweight

Directory Access Protocol (LDAP) for many critical campus services including Office365, Austin Disk, and UT-Virtualization. Austin AD also controls access and authorization for 25,000 computing resources in participating Colleges, Schools and Units (CSU's) and 600,000 students, faculty, staff and affiliates.

Core Infrastructure

Application Development Support (ADS)

PyPE Middleware for Python and Django application development, deployment, and execution environment. Used by 70 departments and over 1,000 applications

Core Infrastructure

Authentication Shibboleth Authentication Service for 50 externally hosted/cloud based systems Core Infrastructure

Authentication Two Factor Authentication Two-factor authentication is required to comply with UT System security mandates and to maintain security for high risk financial applications.

Core Infrastructure

Authentication UTLogin Authentication Service for 150 departmental servers, plus UT Direct and major externally hosted systems like Canvas, UTLearn, and Workday (new integrations growing by 20% per year).

Core Infrastructure

Authorization Apollo Apollo provides authorization management for mainframe applications Core Infrastructure

Authorization DPUSER DPUSER provides user account management and security authorizations for the mainframe environment

Core Infrastructure

Building Access Controls & Security Services: BACS

Building Access Controls & Security Services and Video Security

160 Campus Buildings & UT System Administration with Card Readers, Electronic Doors, Alarm Points, Panic Buttons: Card Readers / Doors growing 10 -15% / year; Cameras & Video growing 50 – 100% / year

Core Infrastructure

Business Systems Mainframe Environment Adabas, Adabas Replicator, Credit Card, Mainframe, Natural, UT Direct, Task Manager, etc. used by most administrative and academic units on campus including Finance and Budgeting, HR, Registration and Student Information.

Core Infrastructure

Cabling and Construction Telecommuncations Construction

Maintenance, construction, and renovation of communication ductbanks, tunnels, conduits and related media pathways and spaces. (Fee for service)

Core Infrastructure

Cabling and Construction Telecommunications Cabling Installation, removal and maintenance of communications cabling (copper and fiber optic -- e.g. Ethernet cable). (Fee for service with recurring maintenance for some)

Core Infrastructure

Learning Management System Canvas Cloud-based Learning Management System used by faculty, staff, and students for collaboration, course materials, and assessment. 93% of all student courses are in Canvas.

Core Infrastructure

Cellular communications Distributed Antenna System (DAS)

Coordination, planning and vendor management of cellular services on campus. Core Infrastructure


10/14/2016 Page 2 of 13

Service Offering Service or Project Description PriorityClassroom Response Systems (clickers)

Iclicker Classroom Response Systems (CRS) are becoming essential technologies for UT classrooms and are especially useful for medium and large-sized classes (50-1,500 students). Classroom Response Systems provide invaluable data, both in real-time and for later analysis, that can simultaneously assist in the refinement of these evolving pedagogies and enhance learning. Most common CRS activities include attendance, ungraded polls, and scored questions.

Core Infrastructure

Classroom Response Systems (clickers)

Learning Catalytics Classroom Response Systems (CRS) are becoming essential technologies for UT classrooms and are especially useful for medium and large-sized classes (50-1,500 students). Classroom Response Systems provide invaluable data, both in real-time and for later analysis, that can simultaneously assist in the refinement of these evolving pedagogies and enhance learning. Most common CRS activities include attendance, ungraded polls, and scored questions.

Core Infrastructure


Poll Everywhere Classroom Response Systems (CRS) are becoming essential technologies for UT classrooms and are especially useful for medium and large-sized classes (50-1,500 students). Classroom Response Systems provide invaluable data, both in real-time and for later analysis, that can simultaneously assist in the refinement of these evolving pedagogies and enhance learning. Most common CRS activities include attendance, ungraded polls, and scored questions.

Core Infrastructure


Squarecap Classroom Response Systems (CRS) are becoming essential technologies for UT classrooms and are especially useful for medium and large-sized classes (50-1,500 students). Classroom Response Systems provide invaluable data, both in real-time and for later analysis, that can simultaneously assist in the refinement of these evolving pedagogies and enhance learning. Most common CRS activities include attendance, ungraded polls, and scored questions.

Core Infrastructure


Top Hat Classroom Response Systems (CRS) are becoming essential technologies for UT classrooms and are especially useful for medium and large-sized classes (50-1,500 students). Classroom Response Systems provide invaluable data, both in real-time and for later analysis, that can simultaneously assist in the refinement of these evolving pedagogies and enhance learning. Most common CRS activities include attendance, ungraded polls, and scored questions.

Core Infrastructure


10/14/2016 Page 3 of 13

Service Offering Service or Project Description PriorityCompute Resources UT Virtual UT Virtual Machine Gateway (UT-VMG) provides cost-effective, reliable, self-provisioned Virtual

Machines (VM) based on the VMware vSphere Virtual Infrastructure suite and vRealize Automation product. UT-VMG is intended to serve departments, colleges, and research units at The University of Texas at Austin with the benefits of server virtualization, including improved server reliability and availability, easier web-based VM administration, lower total operational cost, and smaller carbon footprint through more efficient utilization of physical servers.

Core Infrastructure

Data Center Co-location & Monitoring Fee based data center co-location to campus units and UT System Administration; 53 campus units and UT System in 2016; Annual co-location revenue 2016 $288,000

Core Infrastructure

Data Center Data Center Networks Personnel, architecture, operations required to operate the data center networks. Equipment required for networks (UDC-C and UDC-B)

Core Infrastructure

Data Center General Operations Services & Monitoring

Data Center Operations & Infrastructure: Incident Communications & Coordinating, including after-hours support; Disaster Recover (DR) planning and capacity (COM); Monitoring State WAN/Local Network/Systems/Power & Cooling/Security – 24x7x365

Core Infrastructure

Data Center Network Operations Center (NOC)

Houses core network equipment. Core Infrastructure

Database Hosting MySQL The ITS Systems Database team offers standards-based professionally managed Oracle MySQL database systems including hardware, software, and system administration for University of Texas Customers. This service provides three database environments that include Development, Quality Assurance (QA), and Production. This service includes database/system administration, database backups and recovery, and monitoring.

Core Infrastructure

Database Hosting Oracle The ITS Systems Database team offers standards-based professionally managed Oracle database systems including hardware, software, and system administration for University of Texas Customers. This service provides three database environments that include Development, Quality Assurance (QA), and Production. This service includes database/system administration, database backups and recovery, and monitoring.

Core Infrastructure

Directory Services TED (uTexas Enterprise Directory)

TED provides a restricted access LDAP-compliant directory service to support central authentication services as well as numerous non-mainframe departmental systems

Core Infrastructure

Document Management Legacy Document Management (DocRepo)

Mainframe document repository using custom coded DocRepo application Core Infrastructure

Email Email Filtering Service (Ironports)

The Mail Filtering Service consists of a number of IronPort email security appliances, IronPort Anti-Spam software, Sophos Anti-Virus software and an email filtering programming language that can be used for customized defenses against threats not caught by vendor supplied software. Provides Spam, phishing and other filtering for all ITS provided Email.

Core Infrastructure

Email Office 365 Provides cloud based Email for Faculty and staff with robust calendering solutions. Core Infrastructure


10/14/2016 Page 4 of 13

Service Offering Service or Project Description PriorityEnterprise Management Campus Red Hat Network

Satellite (RHNS)Provides centralized and automated deployment, licensing, configuration, and patch management of Red Hat Enterprise Linux based hosts. Used as part of the Managed Server Support service.

Core Infrastructure

Enterprise Management Configuration Management Tools (SCCM, Puppet, etc)

Provides centralized and automated deployment, configuration, and patch management of Windows-based hosts. Used as part of a managed Server or managed Desktop service.

Core Infrastructure

Enterprise Management Microsoft Key Management Service

Provides automatic activation of Microsoft Windows and Office volume-licensed products over the campus network, without the need to enter in a license key.

Core Infrastructure

Enterprise Monitoring & Metrics Data Center Device Monitoring (Zenoss)

Provides monitoring of individual devices (typically servers), to include status of availability, alerts on status, creation of incidents in the IT Service Management tool, and a web console to view and acknowledge alerts. Used as part of the Managed Server Support service.

Core Infrastructure

Enterprise Monitoring & Metrics Data Collection and Analysis (Splunk)

Provides log collection and analytics for hosts and applications, via Splunk. Splunk is an advanced IT search tool that offers users, administrators, and developers the ability to instantly search all data generated by applications, servers, and network devices in the IT infrastructure. Used as part of the managed Server Support service.

Core Infrastructure

Enterprise Orchestration Workload Automation (Stonebranch)

Provides process and task automation, as well as enterprise job scheduling through a centralized service (Stonebranch).

Core Infrastructure

Facilities Design Telecommunications Engineering

Engineering, design, standards, reviews of: telecommunication cabling, spaces and support infrastructure. Project management for telecommunication systems as part of university construction projects (over $1.2B in process).

Core Infrastructure

ID Center ID Card System Card Issuance & Identity Verification, Lost/Stolen ID Card app, Signature Image app. ID Center collects funds for ID cards but Apps currently handles maintenance of the ID Card System as a common good service.

Core Infrastructure

ID Center ID Center Manage configuration, request and distribution of ID Cards; supplemented with Student Staffing. The ID Center provides remote services during orientation and issues cards at NOA during weekly new hire orientation. The ID Center issues ~35,000 cards per year.

Core Infrastructure

Identity Management TIM (uTexas Identity Manager) TIM provides EID identity administration services and password management. TIM consolidates information from multiple authoritative source systems (HRMS/Workday, SIS, etc.) and distributes that information to multiple downstream systems (TED, Active Directory, Networking, etc.)

Core Infrastructure

Legacy Middleware, Integration and Common Apps

Legacy Common Applications Mainframe Common Applications: *DEFINE, Department Open Records Request (DORR); MCA Command Authorizations; Electronic Office Management (EOM); MCA Configuration; MCA Routing; Electronic Inbox; UT Direct Inline Inbox. Used by over 1,500 mainframe applications

Core Infrastructure

Legacy Middleware, Integration and Common Apps

jEdit, PDF Generator, XML Gateway, DocRepo

Provide mainframe middleware code used across most all mainframe applications: DMG, PDF Generator, PDA Parser, DUFF, Jedit DMG Plugin, XML Gateway, UTForge, Javamail, SCRedirect

Core Infrastructure


10/14/2016 Page 5 of 13

Service Offering Service or Project Description PriorityLegacy Portal Legacy Portal Maintenance

and StewardshipMaintains the current mainframe portal: ERP UI, UT Direct, Application Registry, Sitegen, UT Direct Notifications

Core Infrastructure

Load Balancing Load Balancing (F5, Citrix) Load balancing provides intelligent traffic management for Customer Services through the distribution of workloads across multiple servers hosting applications. These servers can be hosted in one or several data centers to improve performance, security, and resiliency of the Customer Service. Load Balancing helps to ensure availability of a Customer Service and reduce security risk to business operations by allowing component servers to reduce direct exposure to End Users, thus improving Quality of Service.

Core Infrastructure

Network Commodity Internet Connects university to the Internet. (Some portions Fee for Service) Core Infrastructure

Network Core/Backbone Interconnects buildings, data centers and Network Operation Centers. Core Infrastructure

Network Department Networks Management/operations/architecture for wired and wireless networks in buildings. Support of CSU IT staff. In-building equipment funding and moves/adds/changes is the responsibility of units.

Core Infrastructure

Network EERC Network Operation Center

Project to build a new primary Network Operations Center in the new Engineering Education and Research Center building $15M.

Core Infrastructure

Network IP Address Management (IPAM)

Provides Internet Address management (DNS, DHCP,domain registrar, vanity names, etc). Internet addresses are necessary for any device to connect to the network. Names, such as www.utexas.edu, are used by people to navigate. There are millions of records used to manage these relationships and enable the network to function.

Core Infrastructure

Network Network Management Tools Management and monitoring systems used to operate the networks, both locally developed and commercial (e.g. TSC Tools).

Core Infrastructure

Network Point to Point Virtual Private Networks (VPN)

Makes remote sites devices appear as if they were directly attached to the university's network across an encrypted connection (e.g. Mulesoft, Sunguard).

Core Infrastructure

Network Remote Site Connectivity Remote connections to other university properties and leased spaces (e.g. PRC campus, DPRI, LAC). Includes dark fiber and leased services from carriers.

Core Infrastructure

Security Tools AD Certificates Provides Microsoft Active Directory based SSL certificates for hosts, as required by Microsoft-based services such as Austin Disk, SCCM, and other Microsoft host-to-host transactions. Provides secure connections between the Microsoft-based services and the client machines.

Core Infrastructure

Security Tools Certificates (InCommon) Provides InCommon based SSL certificates for hosts. Provids secure communications between users, devices and applications.

Core Infrastructure


10/14/2016 Page 6 of 13

Service Offering Service or Project Description PrioritySoftware Distribution and Sales (SDS)

MATLAB MATLAB is a high-level technical computing language and interactive environment for algorithm development, data visualization, data analysis, and numerical computation. It lets you explore and visualize ideas and collaborate across disciplines including signal and image processing, communications, control systems, and computational finance.

The University of Texas at Austin has licensed MATLAB, Simulink, and 23 companion toolboxes for the campus under the MathWorks Total Academic Headcount (TAH) license.

TAH products are available at no cost to individual faculty, academic staff, and students through a campus cooperative. Individual colleges, schools, and units contribute to the cooperative and annually evaluate whether to continue funding the program for the campus. The request process involves downloading the apporpriate license needed to run the application.

Core Infrastructure

Software Distribution and Sales (SDS)

Microsoft Academic Select 6.0 Program

Microsoft Academic Select volume purchasing agreement with Microsoft, Inc. Under this agreement, departments are able to purchase Microsoft software products at greatly reduced prices. License fees are recovered.

Core Infrastructure


Microsoft Campus Agreement The University of Texas System has participated with Microsoft Corporation through the Microsoft Campus Agreement (MSCA). The MSCA provides students, faculty, and staff access to Microsoft's popular computer software, including operating systems and desktop productivity tools.

Through the MSCA contract, every student, faculty member, and staff employee in the University of Texas System will have access to the latest versions of this important suite of software for use both on campus and at home. License fees are recovered.

Core Infrastructure


Nvivo Used in teaching and learning. NVivo is a "qualitative data analysis" (QDA) software program designed by QSR International Inc, for researchers working with rich text-based and/or multimedia information. NVivo can be used when analyzing documents, pictures, audio and video files. License fees are recovered.

Core Infrastructure


SAS Used in teaching and learning. SAS statistical software provides a powerful tool to analyze, manage, view, and even present complex data in a variety of formats. Applications of the SAS System include executive information systems; data entry, retrieval, and management; report writing and graphics; statistical and mathematical analysis; operations research and project management; statistical quality improvement; computer performance evaluation; and applications development. License fees are recovered.

Core Infrastructure


10/14/2016 Page 7 of 13

Service Offering Service or Project Description PriorityStorage Commodity Storage ITS Data Storage is foundational for ITS and Colleges, Schools and Units (CSUs) at UT. Commodity

Storage consists of 3.5 Petabytes of high-performance, enterprise class storage on multiple physical storage arrays. Critical campus services including the Mainframe, and UT-Virtualization, consume ITS Data Storage at a rate of 85.6 Terabytes each month.

Core Infrastructure

UT Service Desk UT Service Desk The UT Service Desk provides the university community with a centralized point of contact for help with a variety of topics, including questions concerning information technology, business processes, services, and applications. The Service Desk can be contacted via phone, email, ServiceNow or the walkup desk at the FAC. The Service Desk handles ~130,000 contact annually.

Core Infrastructure

Voice Institutional Telephones Common Good funding for Institutional telephones (e.g. elevator, fire, emergency call box, machine room) required by code or for safety (not charged).

Core Infrastructure

Voice Telephones Telephones for faculty, staff, vendors and affiliates (fee for service). Mostly located in the units. Core Infrastructure

Websites and Tools Offsite Emergency Website Site hosted on RackSpace so the University can have a web presence for communications if main site is down

Core Infrastructure

Websites and Tools University Core Site Support of the main university web site: utexas.edu. News.utexas.edu Core Infrastructure

Business Systems Transfer sFTP Server The university's public FTP server, ftp.utexas.edu, provides exact local copies (mirrors) of the content of popular download sites. This mirrored content can be accessed by members of the university community, which helps lessen the demands placed on the university's external Internet.

Core Infrastructure

Accessibility Accessibility Scanning Tools and Support

Support of policy that All Web applications and sites at The University of Texas at Austin must meet the statutory requirements in Texas Administrative Code 206.70 Accessibility Standards (TAC 206.70), which references the U.S. Section 508 standards.

Critical


DevOps: Platform Python and Java code execution environment; Platform and platform as a service support for CSUs

Critical

Authorization Authorization, Group and Role Management

SailPoint IdentityIQ implementation. SailPoint IIQ will provide group- and role-based authorization management services for the University, improving efficiency of onboarding processes and addressing security vulnerabilities caused by delays in removal or authorizations when employees leave the University (or change roles within the University). Sailpoint is integrated with both Workday and ServiceNow

Critical

Authorization Org. Hierarchy System (OHS) Contacts

OHS Contacts supports functional and technical role assignments for mainframe and non-mainframe applications

Critical

Building Access Controls & Security Services: BACS

BACS Remediation Remediation of Electronic Security Devices Critical

Business Systems Green Output Print Mainframe output to files on Austin Disk. Used to store print output from Mainframe systems electronicly eliminating the need to print the output.

Critical


10/14/2016 Page 8 of 13

Service Offering Service or Project Description PriorityBusiness Systems TID Printing Provides ability to send mainframe print output to a network printer accross campus. Eliminates

the need to print all Mainframe print output centrally and distribute manually.Critical

Client Backup UTBackup UTBackup provides an enterprise-level, centralized, and automated digital data backup solution for the UT Austin campus. For end users, UTBackup assures peace of mind that their data is being backed up safely and securely. For computer administrators, UTBackup allows for greater data security and integrity, and reduced technical support and infrastructure costs. UTBackup is available for current UT faculty and staff who have departmental technical support.

Critical

Collaboration Tools University Wikis Service Enterprise wiki service using Atlassian CriticalDatabase Hosting MSSQL The ITS Systems Database team offers standards-based professionally managed Microsoft SQL

Server database systems including hardware, software, and system administration for University of Texas Customers. This service provides three database environments that include Development, Quality Assurance (QA), and Production. This service includes database/system administration, database backups and recovery, and monitoring.

Critical

Directory Services Directory Application Provides main person directory web front-end to campus CriticalDirectory Services WHIPS (Public Directory) WHIPS (White Pages) provides a public access LDAP-compliance directory service for the UT

Directory Application and numerous email clientsCritical

Document Management Document Capture Scan/Capture documents electronically using Kofax CriticalDocument Management Document Management Document Management, Workflow and Repository using Documentum CriticalDocument Management Electronic Signature Ability to electronically send and sign documents securely and legally using Docusign CriticalEmail Group email Allows emails to be sent to large groups with controlled timing and distribution and analytics.

Uses Regroup; a cloud based applicationCritical

Email Secure Messaging Allows emails to be sent securely within and outside of UT - for Confidential data (Cat-1). Plan on retiring this service as other options already exist on campus

Critical

Email Urgent Email Allows email to be sent across campus at a very high priority (bypasses filters, etc.) for emergency communications to campus

Critical

Email UT Lists Provides mailing lists are used for teaching, collaboration, discussion, entertainment, announcements, and more. The Web-based user interface allows users to create mailing lists, subscribe to lists, and otherwise manage their relationship with UT Lists.

Critical

Help and Support Managed Server Support Provides professional management of Windows and Linux servers with defined configuration standards and sysadmin support. Also includes initial consultation to determine and deploy appropriate central infrastructure services along with managed server(s).

Critical

ID Center ID Photos Applications Photo Gateway, Photo Roster, Virtual ID, and supporting infrastructure for the ID Center to create badge ids

Critical

Integration Services ESB, Rabbit MQ and API Registry

Enterprise Service Bus for application integrations in a service-oriented architecture (SOA): Mulesoft ESB, Rabbit MQ, XML Gateway, ESB Registry, Artifactory

Critical


10/14/2016 Page 9 of 13

Service Offering Service or Project Description PriorityInternal ITS Support TRAC TRAC provides IT service provisioning and subscription management services. Its functionality will

be migrated to ServiceNow and TRAC can then be retired. Critical

ISO Cost Overhead Security Services Information Security Office Costs: ISO costs are now being born by ITS Budget CriticalITS Administration Support and Management

Campus Computer Store The Campus Computer Store provides hardware and software sales and services to The University of Texas at Austin community and is an authorized Apple and Dell Service Center. Students, faculty, staff, and university affiliates can purchase software and hardware for educational discounts and can purchase Microsoft software in person under the Microsoft Campus Agreement (MSCA).

Critical

ITS Administration Support and Management

Campus Operator Switchboard operator for UT Austin. Up to 1,600 calls per week are received through the main campus phone number.

Critical

Network Private Networks Virtual private overlay networks (e.g. for elevators, building security, HiPPA, PCI, etc) providing isolation and security across our city of a network. (fee for service)

Critical

Qualtrics Survey Tool Qualtrics Survey Tool Online survey tool used to measure customer satisfaction, obtain feedback and collect employee insight.

Critical

ServiceNow ServiceNow Cloud-based ServiceNow service management solution is used by many Colleges, Schools and departments across campus to track their incoming work and knowledge (knowledgebase). Applications currently in use includes Incident, Change, Request, Service Catalog, Knowledge, Configuration and Project/Software Development Lifecycle Management. End users can submit requests through the self-service portal and track the status of their request.

Critical


CSLG (Hewlett Packard) Under the Texas Campus-wide Software License Grant (CSLG) program, Independent School Districts and institutions of Higher Education in the State of Texas can obtain quarterly license operating system PAKs for covered UNIX and VMS systems. Within UT, these PAKS are utilized by UT Dallas, UT MD Anderson Cancer Center, UT Permian Basin, UT SW Med Ctr Dallas, UT HSC Houston, and UT Medical Branch Galveston.

Joining this program entitles you to CSLG license PAKs only. Software maintenance and consulting are not provided and must be obtained directly from the vendor. Schools can enroll their campus in the CSLG program by purchasing the Annual CSLG Enrollment item. License fees are recovered.

Critical


JMP Used in teaching and learning. JMP, pronounced jump, is a SAS product that uses dynamic data visualization to link your data with graphics on your desktop. JMP produces visual analyses that are easily communicated with others. JMP works well with a variety of formats such as Microsoft Excel, text files, ODBC-compliant databases, and SAS datasets. For complete product description and product features, please see the JMP Software page. License fees are recovered.

Critical


10/14/2016 Page 10 of 13

Service Offering Service or Project Description PrioritySoftware Distribution and Sales (SDS)

SPSS (Statistical Package for the Social Sciences)

Used in teaching and learning. IBM SPSS (Statistical Package for the Social Sciences) is a data management and analysis product produced by IBM SPSS, Inc. in Chicago, Illinois. Among its features are modules for statistical data analysis, including descriptive statistics such as plots, frequencies, charts, and lists, as well as sophisticated inferential and multivariate statistical procedures like analysis of variance (ANOVA), factor analysis, cluster analysis, and categorical data analysis. SPSS is particularly well-suited to survey research, though by no means is it limited to just this topic of exploration. License fees are recovered.

Critical

University Portal University Portal the new myUT Portal using LookingGlass: in production for Student, in development for faculty, staff and researchers. Will replace UT Direct when mainframe retires

Critical

UT Box UT Box Secure cloud-based file storage and sharing for business and academic purposes CriticalUT Print UT Print Student printing on campus. ~4 million pages printed annually. CriticalWeb Hosting UT Web Provides central web hosting platform used by 17 of the 18 colleges and schools and dozens of

units.Critical

Web Publishing Platform DEE Platform Supports the core environment and the main site for www.utexas.edu CriticalApplication Development Support (ADS)

DevOps: Continuous Integration

Code integration and developer tools using ThoughtWorks Go! Major


DevOps: Version Control/GitHub/Artifactory

Non-Mainframe Developer and Platform Tools: Thoughtworks Go, GitHub, Maven, Jama, PaaS for Python/Java, Enterprise Artifactory

Major


Enterprise Project and Issue Tracking

Project Management, issue, action and bug tracking tool using Enterprise JIRA Major

Business Systems Mainframe Print Printed Via Document Solutions. Provides centralized bulk printing of Mainframe print output for CSU's across campus

Major

Collaboration Services SharePoint Site and Services A SharePoint site is a web site that provides a central storage and collaboration space for documents, information, and ideas. A SharePoint site helps groups of people share information and work together. Provides collaboration tools for groups.

Major

Contracts Contract Programming, Development and Maintenance

Contract application development and maintenance services provided by ITS to CSUs across campus. Fully recovered Service Center

Major

Email UTMail Google hosted UT Branded Gmail for Students, Alumni, Faculty and Staff. Supports sign-up and support for Student Email system include web front end/single-sign-on for student email

Major

Enterprise Management Windows Software Update Service (WSUS)

Enables departmental systems administrators to deploy the latest Microsoft product updates to hosts, for both Windows OS and Microsoft Office.

Major


10/14/2016 Page 11 of 13

Service Offering Service or Project Description PriorityHard Drive Destruction Hard Drive Destruction Old, used university computer hard drives may contain sensitive classified data and need to be

securely destroyed. It is not enough to discard this media by simply deleting or erasing it. The most effective way to ensure the complete removal of data on an old hard drive is to physically destroy it. The disk destruction service provides demolition of these materials by certified vendors and the safe removal of the debris. Safe removal is an important step as the particles resulting from smashed equipment can be hazardous or toxic.

Major

Internal ITS Support Service Now process automation

ServiceNow workflows for ITS for automation of help, support, and provisioning of ITS services Major

Internal ITS Support Software Distribution Service (SDS)

SDS supports the purchase and download of software packages by authorized customers. ITS CSS collects fees for the software package licenses, Apps handles maintenance of the SDS system.

Major

Managed IT Support (MITS) MITS Desktop Support The MITS team provides managed technical desktop support for colleges, schools and departments. Support of ~3,500 desktops/laptops including locations such as Wildflower Center, UTPD and the Facilities complex. In addition to providing technical end user support the MITS team assists with tasks such as annual inventory, ISORA, security patching and software installs.

Major

Network Client Virtual Private Networks (VPN)

Makes a client device appear on the university network as if it were direclty connected, across an encrypted connection (Client VPN, vpn.utexas.edu).

Major

Network Research Networks Connects university to research networks (Internet2, ESnet, LEARN, UTRC, etc.) MajorSoftware Developer Training Program

Software Developer Training Program

Mainframe and Python/Django training for new hires. Six Trainees and two Education Team Members; includes SDTP, SY101 and Apprentice Program Management for Continuuing Education

Major

Voice Enhanced Telephone Services Push button call trees (Auto Attendants), Uniform Call Distribution, complex line arrangements, related voice messaging systems (fee for service)

Major

Web Publishing Platform University Blog Services (sites) Supports the blog service used across campus (Wordpress) Major

Websites and Tools IT @ UT / ITS websites IT and ITS main websites MajorWebsites and Tools UT Drupal Kit Provides common branding and themes for Drupal based websites MajorWebsites and Tools UT QuickSites with CMS

Hosting PlatformHosted platform for websites using Pantheon for Drupal websites that provides CSUs a platform for creating and maintaining web site content without the need for technical skills

Major

Collaboration Services Adobe Connect Adobe Connect enables faculty and staff to create and share presentations and online training materials. Meeting organizers create a meeting room, invite individuals to their meeting, then present both audio and video information to attendees. Organizers can share their screens, PowerPoint presentations, or other documents for collaborative or teaching purposes. Participants have access to notes, a chat room, and a whiteboard to further enhance the collaborative experience.

Minor


10/14/2016 Page 12 of 13

Service Offering Service or Project Description PriorityEmail Austin Exchange AEMS 2010 On premise (Campus Datacenter located) legacy Exchange email. A small on premise presence

will need to be maintained for account maintenance until tool parity between O365 Portal and Exchange is achieved.

Minor

Events Event and Media Support Event support, Pubic Address Systems, Television, Intercoms, media electronic repair. (Fee for service)

Minor

Internal ITS Support Methodology and Process Management

Support and enhance ITS application and maintenance methodology and support MS Project Server to track budgets, resources, tasks on projects

Minor

ITS Managed Lab Support ITS Managed Lab Support Professional computer lab management services. Supported customers are Law School, Athletics,International Office and ITS (FAC). Services include imaging, setup and maintenance.

Minor

Laptop Checkout Service Laptop Checkout Service The Faculty Loaner Laptop program offers international travelers and researchers the option of checking-out a temporary laptop (Mac & Windows) for up to 90 days.This service is particularly valuable to Faculty members who travel or research in countries with encryption import restrictions (e.g. Russia, China, and Israel) that regulate or forbid encrypted local media. The new loaner program provides a laptop that meets these restrictive requirements under the condition that the user does not store sensitive information.In addition, the loaner laptops are configured to follow guidelines set forth by the Information Security Office (ISO) that help secure University data from malicious third parties.

Minor

Network Core/Wireless [Resnet's share] Wireless core infrastructure required for 7,500 Wireless Access Points to operate (wireless controllers, management software, architecture)

Minor

Network FTP Archive Mirror Enables faster downloading of large popular open source software packages (such as Linux -- takes download time from hours to minutes).

Minor

Network Personal Network Access (PNA)

Additional network data plans for students (available to staff, affiliates and faculty -- wireless or wired).

Minor

Network Residential Network (Resnet) DHFS staff and student residential network support bringing wireless and wired networks to on campus residence halls. Data plans extend across campus.

Minor

Software & Applications BevoWare BevoWare is a software download site that offers current students, faculty, and staff at The University of Texas at Austin a variety of tools for download, including web browsers, email programs, and other useful utilities for both Macintosh and Windows computers, in one convenient online location. Will be retired

Minor

Storage Austin Disk Austin Disk Services is a highly available, easy to use, and secure online storage and sharing service, available to all current University of Texas at Austin faculty, students, and staff. This service enables users to store and share files from multiple operating systems, synchronize folders, and maintain a consistent interface from Windows machines using redirected folders.

Minor

Television Campus Cable Television Cable Televsion and IP Television to units (not residential). (Fee for service) MinorVoice 800 Number Service Provides toll-free 800 numbers to units to provide their customers that route to their specified

phone numbers.Minor


10/14/2016 Page 13 of 13

Service Offering Service or Project Description PriorityVoice Automatic Call Distribution Advanced Service Desk agent functions (in process of being outsourced, some support and billing

functions will remain in N&T). Enables calls to be routed to different agents based on the agents skill and availabilty.

Minor

Voice R911 Automatically dial all phones in an emergency and play a pre-recorded message. Often called "Reverse 911".

Minor

Voice University Telephone Operator

Equipment supporting the telephone operator. Minor

Internal ITS Support Billing for OTS Handling billing of customers and vendor payments for UT System Office of Telecommunications Services.

Overhead

Internal ITS Support ITS Admin Support Procurement including PCard, mail, office supplies, UT Driver, vehicle logs, training and event coordination, open record requests, ITS on and off boarding, project support and communications and reporting.

Overhead

Internal ITS Support N&T Billing and Work Orders Billing, work orders, inventory control, service desk and related business functions supporting N&T, and some other ITS units (BACS). (includes MySoft billing system)

Overhead

Internal ITS Support N&T Warehouse Warehouse, ordering, receiving functions for N&T and ITS. $1 OverheadITS Financial Management ITS Financial Management Daily monitoring and tracking of all financial transactions for all of ITS, OTS, ISO and ServiceNow.

Collaborate with Financial Accounting on Service Center accounts reporting and rate reviews. Assist with budget and account certifications/reviews. IDTs, deposits, electronic office manager, encumbrances, ProCard reconciliation and eShip vouchers. Backup Administrative Manager.

Overhead

ITS HR Management ITS HR Management Hire, reclassification, separations, recruitment, advertising, how-to/process questions, time sheet reviews, overtime and on-call pay, device allowance, merits/salary update and reporting.

Overhead

it architecture and infrastructure committee oct packet...it architecture and infrastructure...

Documents