Q: Can Network Services speed up the delivery of software to user computers as
it is requested? It is inconvenient to wait for the Helpdesk to install.
Can you possibly make software distribution available via the web? You also
need a better web presence.
A: Network Services will be making an effort to maintain a better web
presence. A Microsoft SUS server will assist in software distribution for
the campus.
Q: What type of impact will the planned firewalls have on users? Will this
affect web based forms, etc?
A: Network Services is recommending different layers of firewall security:
- Desktop (host) Firewalls – Network Services will block inbound connections only.
This should protect the user from most malicious attacks.
- Campus Firewall - Network Services will start by blocking only “known” bad ports.
Network Services will poll users for feedback regarding future needs.
Q: Can Network Services provide more communication about what is possible and
what is coming in the future as far as new technologies for departments.
A: Network Services will focus on providing better communication via our
website, meetings like this, etc.
Q: Users are having problems transferring large files that exceed the e-mail
attachment limit. Does Network Services have the means to facilitate
transfers with entities that do not have an FTP server to transfer to, etc.?
A: Network Services hopes to increase the size of mailbox limits. Network
Services can increase attachment size, but the limit may be at the remote
site mail system. Network Services would like to investigate a web storage
system for large files that would allow users to post and password secure.
Potentially a user could put a machine in the DMZ that can act as a
temporary FTP server.
Q: The UTSA libraries would like to get away from the current auto-login policy
on library computers, but would still like to offer “guest” access. Will we
need to have student logins before this can happen?
A: Network Services is moving in that direction. After the SCF is moved AD,
all students will have accounts that they will be able to login with. This
is necessary for TAC 202. The only option for guest access may be a
restricted kiosk machine.
Q: What is your strategy for I: drive growth for the future? Also, users are
told that all files need to be on the I: drive because it is backed up. A
lot of users store their .pst files on the server. Can Network Services
provide an updated policy that gives more detail?
A: Network Services cannot provide unlimited storage. We have purchased a SAN
that will provide increased storage. We hope to have the SAN in place by
the end of year (Oct./Nov.). Departments will not need to pay for the
increased storage space provided by SAN. Network Services suggests only storing items that are
“business important” on the I: drive server. Departments may need to backup
other files to CD media, etc. Network Services can provide recommendations and directions on how to backup to .pst files.
Q: How long will the old non-AD accounts be active? Network Services needs to
make sure that they send out lots of reminders and helpful hints.
A: Non-AD accounts will expire in December. Network Services will be
sending out a barrage of information in anticipation of the account
expirations.
Q: Departments would like to get access to quota information so that they can
police drive space usage.
A: Department heads can request a listing of directory usage.
Q: Is Network Services going to allow instant messaging services on the
wireless network? Messaging both inside and outside UTSA would be
preferred.
A: Microsoft’s messaging server had been an option, but Microsoft no longer
packages this for free. A Microsoft solution would only be for intra-UTSA
usage. Network Services could look into this if there is enough support.
Q: Information in the public folders is out of date. Can Network Services get
more current info out there?
A: Network Services can send out a message to the departments requesting the
updates, but it is really up to the department to keep these items updated.
Q: Departments would like recommendations for removable media, flash drives,
etc. since Zip drives are no longer being included in new rollout machines.
A: Network Services will put out recommendations for removable media, flash
drives, etc.
Q: Will Anti-Spyware software be included on the next round of rollout
machines? Will it be included in the next image?
A: It will not be included in the next rollout. Network Services is looking at
a McAfee option that may be coming out and may possibly look at the
Microsoft option.
Q: Will there be a Portal committee meeting similar to this when the project is
finished?
A: That will be happening once the projects are finalized.
Q: The network has improved by leaps and bounds over the last couple of years,
99% of the problems have been resolved.; Is Network Services going to
continue to enhance network reliability?
A: Network Services has made a concerted effort to improve reliability and will
continue to focus on this area.
Q: When will the main campus firewall be put into place? Can anything be done
to enhance the reliability for the internet connection?
A: The firewall will be in place by the end of the year and will be deployed
with a very open policy. Initially Network Services will block known bad
RFC ports, and then contact users to get feedback on what ports may be
useful. Reliability may be enhanced with the planned dark fiber
interconnect to the LEARN network. Network Services has recently enhanced
Internet connectivity by peering with the TWC network. This will provide a
faster connection for RoadRunner cable modem users and a backup Internet
connection via TWC.
Q: Are there plans for inter-building firewalls?
A: Network Services has firewalls in place in certain areas currently. The
placement of additional firewalls is being studied. Network Services
recommends a layered approach to security –host-based and firewalls.
Q: Are there plans for additional I: drive space for users?
A: Network Services has purchased an 11TB SAN and will provide additional drive
space once we have time to implement the system. This will follow the AD
upgrade. Hopefully this will be implemented this calendar year.
Q: Will the new drive space allocated based on the department still, or on a
per user basis?
A: Network Services is looking at allocating space on a per user basis and then
allocating common drive space for the department.
Q: <Anthony> What are you seeing as far as bandwidth needs?
A: Things have improved since the new Packetshaper has been in place.
Q: When additional network ports are requested, are the contractors using cat 5
or 5e?
A: They should be using cat 5e. There may be issues in some of the older
buildings related to gig to the desktop because of the cabling that was
originally installed.
Q: Concerning departmental firewalls -What is the Network Services
recommendation? PIX-535, blade?
A: Network Services is in the process of deciding. There are pros and cons to
each. One major plus for the blade is the ability to create “virtual”
firewalls for multiple departments.
Q: How is the Anti-spam software working?
A: Applause
Q: Outlook web access –certain messages won’t show that contain special
characters, etc. What can Network Services do to make sure that messages
make it thru?
A: The restrictions are really coming from the IIS web server that the Exchange
server is integrated with. Network Services can help by evaluating messages
that cannot be opened in OWA to try and find out what is causing it. Send
these messages to the helpdesk.
Q: What happens to the spam messages that are intercepted by the Ant-Spam
system?
A: The system holds the messages for 21 days. Users can adjust this retention
policy by logging into the policy manager. Network Services does not
currently have space to store more than 21 days.
Q: Do the intercepted spam messages count against a user’s mailbox quota?
A: No. The messages reside in a completely separate storage area. This is not
true if you are using a Mac or UNIX system because the messages are tagged
with “spam” in the subject line and then delivered to the user’s mailbox.
Q: Can a message be sent back to the spam system if a user decides that it is
actually spam?
A: No, but a user can login to the system and create rules for messages that
they want to block.
Q: Will Exchange mailbox sizes be increased when the new SAN comes online?
A: No. The new SAN will be used for data storage only. Network Services is
looking into a separate SAN to increase the size of mailboxes in the future.
Q: Where does Network Services have intrusion detection systems deployed
currently?
A: Several sensors are currently deployed.–at the Internet connection, at
certain labs and the Engineering building. There is not currently one in
place for the administrative servers -we don’t want to slow down access to
admin resources. Network Services is investigating other possible
locations. OIT is in the process of negotiating a site license for TripWire.
Q: Can tripwire be used by departments?
A: Possibly, Network Services is still in negotiations.
Q: Will Network Services be changing the DHCP scope (superscoping) downtown?
A: Network Services is going to be re-addressing DT much like it was done at
the 1604 campus.
Q: What is the status of the DMZ?
A: It is up and available. Machines can reside in this area and have
additional access from outside hosts. These machines will need to be
protected from the outside and secured by their administrator or will be
shut down.
Q: What can the libraries do about guest users and the potentially infected
devices they bring in?
A: The preferred solution is Wireless. There are multiple layers of access
available depending on the user’s needs and affiliation.
Q: What about a user that comes into the library after hours? –It won’t be
possible for a wireless account to be created for them.
A: Possibly make a kiosk available? Network Services cannot provide anonymous
unrestricted access via wireless. UTSA has to be accountable for computer
usage on the network.
Q: Will printing be made available via the wireless network?
A: There are several problems that will have to be overcome. After the SCF has
been migrated to AD, we will look into tying Printsmart into some type of
printing system.
Q: What is the status of the laptop initiative?
A: This is not a Network Services issue. Our understanding is that the usage
won’t be mandated initially.
Q: Is there a document made available detailing how to create a network account
for visiting faculty?
A: These requests are handled on a case by case basis. An account request form
is filled out and submitted. Usually Andy Trotti or Charlotte Colbert is
then contacted by the department to discuss the request.
Q: Can a generic account be created for a department? It usually takes a
couple days to get temporary accounts created by the helpdesk and the users
cannot access the network.
A: Network Services no longer gives out generic accounts. Submit an account
request as soon as possible to avoid hold-ups for visiting staff. LDAP will
help to automate this process and speed it up in the future.
