NETPDTC AIM Central NETPDTC AIM Central Site and CPM Hosting Site and CPM Hosting 15-17 Feb 11 Bruce Bare, NETC, CIO Denise Green, CNATT N6 Dave Donnelly, CSFE LSO Peg David, NETPDTC Pgm Mgr Jake Aplanalp, NAWCTSD, AIM Pgm Mgr
Jan 14, 2016
NETPDTC AIM Central NETPDTC AIM Central Site and CPM HostingSite and CPM Hosting
15-17 Feb 11
Bruce Bare, NETC, CIODenise Green, CNATT N6Dave Donnelly, CSFE LSO
Peg David, NETPDTC Pgm MgrJake Aplanalp, NAWCTSD, AIM Pgm Mgr
OverviewOverview
•Central Site AIM (AIM I/II)•CPM Migration Plans
Follow-on Actions from May 10 FRBFollow-on Actions from May 10 FRB
• NETC CIO coordination within the organization and with NETPDTC, supported by AIM team– Ongoing AIM II CITRIX implementation for CNATT
– Near-term AIM II implementation for CSFE
– CID, CSCS, and SLC instances in planning stage
• NETC CIO/NETPDTC support for IA Certification and Accreditation (C&A) documentation development and approval – AIM team working on C&A document drafts
• NETC CIO/NETC N7/AIM PM submitted POM-13 data for procurement of hardware/software necessary for enterprise-wide AIM CITRIX access
NETPDTC AIM Central Site / CPM NETPDTC AIM Central Site / CPM HostingHosting
• NMCI and non-NMCI users access AIM application(s) and centralized SQL Server database(s) via Metaframe
• CNATT is the first instance of that architecture which is now operational
• CNATT had dispersed instances of AIM across 15+ sites in the CNATT domain
• Supported by NETC CIO/NETPDTC, consolidating all AIM II curricula data at NETPDTC-hosted Central Site and based on NETC CIO architecture
• Planning begun Sep 09, prototype on-line for testing in Apr 10; full system operation Jan 11; data migration 25% complete (75,000+ hrs)
• AIM team supported CNATT/NETPDTC by:– Implemented new 5-level privilege structure for AIM II w/in
Central Site domain
– Assisted in data migration/consolidation/performance testing
CNATT ImplementationCNATT Implementation
CNATT AIM Central Site Process Flow AIM Process Flow
CN
AT
T H
QO
ther
Rea
d O
nly
CN
AT
T H
Q
Adm
inis
trat
orC
NA
TT
Uni
t F
TS
Cou
rse
Sup
ervi
sor
Inst
ruct
ors
Builds Courses Submits to Course
Supoervisor
Requests Account
Check Course submits to CNATT HQ Curriculum
Management
Approves CourseNotifies FTS of
Approval
Administrators Accounts/ Helps and
Supports
Views TPP and TCCD as needed
Recieves Course Approval and
Forwards to Course Supervisor
Recieves Course Approval and Forwards to
Instructors and Alternate Teaching
Sites
Teaches CourseProcess Begins
Requests Account
Check Course submits to FTS
Requests Account
Requests Account
Requests Account
CNATT HQ InternalProcess Flow
CNATT AIM II Privilege Levels
Role 1 – AIM User
Role 2 – Curriculum Manager FTS
Role 3 – Curriculum Manager HQ
Role 4 – AIM Viewer
Role 5 – AIM Administrator
View all courses YES YES YES YES YES
Edit/Lock YES* YES* YES NO YES
Approve course NO NO YES NO YES
Grant Privilege YES* YES* YES NO YES
Create Rev or Change YES* YES* YES NO YES
Import Course NO NO YES NO YES
Export Course NO YES YES NO YES
Archive Course NO NO YES NO YES
Un-archive Course NO NO YES NO YES
Delete Course NO NO YES NO YES
Modify Dev. Authority/Site Table NO NO NO NO YES
Add Users NO YES* YES NO YES
Use Data Manager NO NO NO NO YES
*For courses in their assigned Developing Agency ONLY
• Based on guidance from NETPDTC, CSFE collecting data for migration and setting up Citrix user accounts
• CSFE reviewing CNATT Central Site business process flow and 5-level privilege structure for applicability to CSFE curriculum business process
• AIM team supporting CSFE in tweaking Central Site privilege as needed to map to CSFE business process and providing end-user assistance
• CSFE applying lesson learned from CNATT implementation: Central Site AIM Admin is experienced AIM user and curriculum manager
CSFE ImplementationCSFE Implementation
• CPM Rel 4.0 currently operational at NAWCTSD on fedsun server accessed via DREN
• Plan to migrate to NETPDTC as NETC enterprise application within NMCI domain
• Request for Information Services (RIS) being staffed among NAWCTSD and NETC N6/NETPDTC
• Schedule for prototype installation and operational transition TBD – contingent on completion of IA C&A documentation and now in work by NAWCTSD and NETPDTC and certification testing
CPM Migration PlansCPM Migration Plans
Questions?Questions?
Backup SlidesBackup Slides
Current fedsun Support at NAWCTSDCurrent fedsun Support at NAWCTSD
• Continued production support for SSP SWS training community– Resolved performance and reliability issues; complete rebuild of
system with new servers
– Lab now has IA (Information Assurance) ATO (Authority to Operate)
• AIM I Rel 4.1 (CPM/LO Module updates) instance added to production SWS AIM I Rel 4.0 instance to support SWS MT Continuum production phase content design and development
NAWCTSD Central Site ArchitectureNAWCTSD Central Site Architecture
Commercial ISPNMCI Community
Citrix SecureGateway Server
Web Server Citrix Metaframe / Application
Server
SQL Server
HTTPS/443
DMZ
Current Configuration
SQL/1433
DATABASE
HTTPS/443
HTTPS/443
HTTPS/443
CITRIX/1494
SQL/1433LICENSE/
27000ICMP
NETPDTC ArchitectureNETPDTC Architecture
AIM/NETC/MEO SQL Servers (Clustered)
File Share
Charlie Odom is Citrix Sys Admin
Terry Lewis is SQL Server Sys Admin
High SpeedSAN Disk
Large SAN Disk
Citrix Web Server
AIM CITRIXServer
AIM CITRIXServer
AIM CITRIXServer
AIM CITRIXServer
AIM CITRIXServer
CNATT Remote Users (CAC)
SSP Remote Users (CAC)
Other Center/SYSCOM Remote User (CAC)
Virtual CPM Web
Server
AIM I/II/LO Module Access
CPM Access
CPM hosting/
access in work
CSFE Remote Users (CAC)