CITES May 17 | Slide 1 Network Tools Available to IT Professionals • Corey Betka – DNS Service Manager • Chris Skaar – Iris Service Manager • Jon Marks – Emerging Network Technologies Services
CITESMay 17 | Slide 1
Network Tools Available to IT Professionals
• Corey Betka – DNS Service Manager• Chris Skaar – Iris Service Manager• Jon Marks – Emerging Network
Technologies Services
CITESMay 17 | Slide 2
DNS Overview
• Requirements Gathering/Overview• RFP Process/Approximate Timeline• Evaluation Group• What does this mean to me? Users?• New Service?
CITESMay 17 | Slide 3
Requirements Gathering
• CITES Internal• Alliance of Information Technology
Service Providers (IT Alliance)• Network Upgrade Technical Advisory
Group (NUTAG)
CITESMay 17 | Slide 4
Requirements 1000’ View
• External Authentication (RADIUS, LDAP)• Highly configurable Authorization framework• API to develop “glue” to Contact Manager• IPv6 support• BIND Views• Dynamic DNS• Capacity, Capacity, Capacity• A new centralized service?
CITESMay 17 | Slide 5
RFP ProcessApproximate Timeline
• 2/6/07 – “on the street”• 2/27 – “Opened”• 3/5 – 4/10 – RFP Eval
group meetings• May – Vendors in for
demo, Eval equipment in house
• June – Best and Final Offers, decision made
• Board of Trustees? • July/August –
Implementation project begins
CITESMay 17 | Slide 6
RFP Evaluation Group
• CITES– Network Engineering & Services– Network Design & Maintenance– Systems Management– Security
• Unit– Computer Science
CITESMay 17 | Slide 7
What does this mean to me?
• Average user– No noticeable change
• ITPro– Interface improves– “One host registration” tool in portal– New service?
CITESMay 17 | Slide 8
DHCP Service
• CITES has multiple services that can leverage a centralized, managed DHCP service.
• Once this service is stable and proven reliable, CITES plans to offer DHCP services to networks on an opt-in basis.
• No, centralized DHCP will not be forced on anyone. • Architecture will be highly available, redundant,
monitored and managed just like any other critical campus service.
CITESMay 17 | Slide 9
DNS Summary
• We have vendors in the running• Integration with Contact Manager (and others) will take
time• Input during the implementation phase• More Information/Updates
– ITPro Services space on the CITES Wiki– https://wiki.cites.uiuc.edu/wiki/display/itproservices
• If you could change one thing about campus DNS service, what would it be?
• Now, back to Chris for an update on Iris
CITESMay 17 | Slide 10
Iris Upgrades
Iris 5.3– Port Security now supported on all vendor’s
switches– New and improved header bar– Introduction of persistent cookies
CITESMay 17 | Slide 11
Due to the way vendors implement SNMP, there are currently some conditions– Cannot display a filtered intrusion event– Cisco switches will show ‘shutdown’ until an
authorized client starts talking– It may take a day or two before port security is
enabled on newly installed Foundry switches– We are continuing to work with the vendors
vs. , Foundry and CiscoIris
CITESMay 17 | Slide 12
Reduced Header Size
CITESMay 17 | Slide 13
Also New in Iris 5.3
• Persistent cookie• Any change made by a user will re-enable
a shutdown port• Removed support for Cisco Catalyst 2900
switches
CITESMay 17 | Slide 14
Slated for Iris 5.4
• Changing multiple ports at once• IP to MAC mappings• Clarifying speed/duplex settings• Support for firewalled networks• Support for VLAN IDs greater than 1024
CITESMay 17 | Slide 15
CITES Web Portal
• One stop shop for CITES-provided tools• Single authentication• Web portal layout, not just a collection of
links
CITESMay 17 | Slide 16
Common CITES Network Tools
• Status• Netflow statistics• Iris• Security Tickets/IPS Interface• DNS/DHCP host registration
CITESMay 17 | Slide 17
CITESMay 17 | Slide 18
CITESMay 17 | Slide 19
CITES Web Portal
• Planning for a beta release in the fall• We would like your input
CITESMay 17 | Slide 20
Support & Feedback
• For any technical problem reports, please contact the CITES Operations Center– 217.244.1000 or [email protected]
• Feature requests and other feedback:– Iris – [email protected]– Network Tools – [email protected]
CITESMay 17 | Slide 21
System Architecture
Applications
API
Data Store
ExistingSystems
NetworkDevices
ExternalProcess
Data Harvesters Portal GUI
End Users
User Apps
Data Upload / Query / Administration
LocalBusiness
Iris
Enterprise RDBMS RRD Live Devices
CITESMay 17 | Slide 22
Data Store
• Leverage CITES’ investment in Oracle expertise and dedicated hardware
• Capacity for large-volume data history, highly concurrent I/O
• Draw on other technologies for special purpose
Enterprise RDBMS RRD Live Devices
CITESMay 17 | Slide 23
API
• Reusable logic for multiple applications• Integrate data sources for more capability• Formal interface with defined functionality• Online with multiplatform accessibility• [Insert your own application here]
Data Upload / Query / Administration
CITESMay 17 | Slide 24
Applications
• Modularize inputs and client uses• Enter the Portal GUI to
– Authenticate one time, one place– Investigate your network with a useful toolkit of ready-
made CITES apps– Navigate straight to the details, even in other
applications– Integrate the most critical information you need from
CITES into your custom display
Data Harvesters Portal GUI User AppsIris
CITESMay 17 | Slide 25
Thank you!So, what do you think?
• Iris comments, questions, suggestions, (occasionally bug reports): [email protected]
• Network Tools Cheers, concerns, unpatented ideas, dire needs: [email protected]