DUKE ITAC - September 11, 2003 Minutes
September 11, 2003
Members present: Ed Anapol, Pakis Bessias, John Board, Paul Conway, Dick Danner represented by Wayne Miller, Angel Dronsfield, Brian Eder represented by David Kass, David Ferriero, Nevin Fouts, Tracy Futhey, Linda Goodwin, Patrick Halpin, Billy Herndon, David Jamieson-Drake represented by Bob Newlin, Kyle Johnson, Eileen Kuo, Roger Loyd, Greg McCarthy, Melissa Mills, Caroline Nisbet, George Oberlander, Lynne O'Brien, Mike Pickett, Rafael Rodriguez, Molly Tamarkin, Robert Wolpert, Steve Woody, Robert Zimmerman
Guests present: Brad Murray, NSEES; Tom Wall, Perkins Library; Chris Cramer, OIT; Dan McCarriar, OIT; Ginny Cake, OIT; Phil Lemmons, News Services
I. Minutes and announcements
Chris Cramer announces that starting tonight the ResNet bandwidth consumption procedures discussed at the last ITAC meeting will be implemented. This should mean better performance for students using the residential network (ResNet).
Introduction to school representatives
Robert Wolpert announces the start of a new feature at ITAC meetings. A school representative will speak about the school-specific IT initiatives.
(Around the room introductions of guests and members)
II. Network threats prevention and incidence response
Mike Pickett and Chris Cramer
According to Mike Pickett: Recently we've been struggling with worms and viruses at the university and the Health System. At a recent directors meeting, the question was asked, if on Sept. 11 the payload from a virus or worm was released, what would our response be? Last week we had a meeting of CLAC members and other IT VIPs, and we posed the question to them.
One need that we came up with is some method to communicate if e-mail is down. We decided to set up a security mailing list, a security paging list, a telephone bridge (conference call) so that if the security officer declares and emergency people can call the bridge number and get the latest information.
We talked about access to local copy of patches and McAfee virus DAT files.
In the longer term we want to have network patch software capable of centralized patches for network machines.
Chris Cramer would like to get a scan of vulnerable machines on the network and notify machine owners about them.
Roger Lloyd asks if the handout can be distributed to the technical people in the Divinity school.
Mike Pickett responds that if they are in CLAC they have it already.
Robert Wolpert asks if we are doing patches currently.
Chris Cramer says not yet.
George Oberlander recognizes Arts & Sciences and their patching efforts that currently support about 3,000 machines with their own BigFix server. They let other groups have free access to that.
Robert Wolpert asks what the follow up from this is?
John Board asks if this is being tested now? Is it working? Is it being implemented?
Chris Cramer answers not yet, but if we have an emergency it will come up fast.
Mike Pickett adds that we knew this was an exercise. We wanted to take advantage of the past few weeks and what everyone learned from the latest problems and share best practices.
III. Update from schools - NSEES (first of a series)
Molly Tamarkin and Brad Murray
Background: IT at Nicholas used to be three separate staffs with different support practices supporting each of the three divisions:
- EOS at Old Chemistry (1 FTE) (100% stand-alone computers)
- 2. ESP at LSRC (2.5 FTE) (60% client/server network)
- 3. CSSP at the Marine Lab (1.50 FTE) (80% client/server network)
In 2001-2002 we merged into one an "official" IT department, looking like this:
- Durham (EOS/ESP) (5 FTE) with about 80% of staff and faculty participating in our network
- Beaufort (Marine Lab) has 1.75 FTE; no real changes in domain participation
- Note: of roughly 7 staff members, only one has been here longer than 3 years
- Re-engineered and unified backup systems reducing seven to two.
- Incorporated many research groups into the Nicholas domain
- Added EOS staff to our network
- Created a Web site (www.nicholas.duke.edu/it).
- Expanded staff; building server room
- Formed NICTAC committee of faculty and staff to advise IT policy and practice. The first meeting is next week
New and continual challenges:
- Security issues due to network openness, plethora of operating systems (8), and cultural attitudes.
- Need some policies regarding support and security.
- Improving connections (both physical and mental) to the Marine Lab.
- Budgeting for faculty desktop support.
- Supporting, to varying degrees, high-performance computing.
- Continue incorporating research groups into our network when possible.
Brad Murray, faculty from Earth and Ocean Sciences, shares his point of view. It would be easy if there were a small number of operating systems. I use Silicon Graphics machines for modeling. Before Molly's group came along Earth and Ocean Sciences was sort of on our own. We would like to phase out all those operating systems but that is hard to do. We share lots of info and use lots machines for modeling programs. Ideally we would switch everything over from SGIs to something more common; however, I don't have funding to buy a whole new system for the entire group.
Molly Tamarkin says in addition to support issues, the SGI networked machines pose a security risk. We could set up a firewall and let them putter around on their modeling. But that makes an issue for us to do backups and other system things.
Another option would be to provide some sort of centralized support. Perhap when the high-performance computing cluster is created, it might be useful to provide help and run modeling on that system.
John Board asks if Molly is comfortable with her overall staffing? Do you have the staff you need to do the job?
Molly Tamarkin says yes. The latest security problem was difficult, but the dean has been supportive. One problem with adding staff is that we have no space to house them. We are building a server room. I think we are moving in the right direction.
IV. Library systems plans - Ex Libris
Background: The current computing system used by Perkins library for cataloging, archiving, search and retrieval, etc. is actually two systems that are incompatible with each other and with other library systems, and they are obsolete. The overall system contains a lot of custom code to link the two systems together. There is also a problem with necessary batch processing to and from Duke enterprise systems. For these and other reasons, Perkins has been researching a replacement.
On 29 August 2003, Duke University finalized a set of contracts with Ex Libris (USA), Inc. to acquire software tools that offer notable opportunities for improved user services and library operations. Ex Libris (USA), Inc. is one of a number of excellent, highly competitive integrated library system software companies. Ex Libris is based in Israel, with offices in Chicago and Boston. Its customers include an impressive list of major American and foreign universities, including Harvard, MIT, Michigan, Minnesota, and Maryland.
Ex Libris software integrates the acquisition and processing of library materials, provides much better management of library resources and financial operations, incorporates new and developing information technologies for search and retrieval, and empowers users to manage their library accounts directly.
The expectation is that in July 2004 the library will go live with three new tools:
- ALEPH 500 - the technical services system and online public access catalog
- MetaLib - tools supporting federated searching of the catalog in combination with databases and the catalogs of other libraries and organizations
- SFX - context linking tools based on the Open Archives Initiative protocols, that provide "one click" linkages between a catalog record and the appropriate full-text source, with authentication
This will offer a possible Shibboleth-compliant authentication and authorization at Duke and within Research Triangle universities.
The immediate benefits to end users include the following:
- More accurate and available bibliographic records (especially in-process records)
- Significant advances in search and retrieval tools
- Integration of library information resources
- More interesting and useful public access gateway
- Full integration of the information gateway (MetaLib) with library Web-based information services
- Retrieve and check status on materials in Library Service Center
- Ability to manage library account directly (renew books, view and pay fines, etc.)
A goal is to integrate the content management system and integrated library system as well as to have a search, recovery, retreival system for Duke archived materials.
David Ferriero says Duke built its own system in the 80s and migrated to two systems in the 90s. Now was a good time to think about what is next in the long term. This is a campus initiative not just a Perkins initiative.
John Board poses the question, the first time we did an electronic catalog the issue was getting data in electronic format, is that part easy now? And does this system work with other universities' systems?
Paul Conway answers that next summer the system will be able to work with RTP libraries seamlessly and other libraries around the country and world. We want to find the right mix in July and set up a steering committee to help augment the core effort.
Chris Cramer asks if we can assume this system does the proper thing with social security numbers, i.e., does not store them?
Paul Conway answers yes.
Robert Wolpert asks if the system is scriptorium compatible?
Paul Conway says we plan for it to be, but I am reluctant to promise that by July.
Robert Wolpert asks if school libraries (medical center, law) were involved from day one?
Paul Conway says yes.
Molly Tamarkin asks how Paul sees this affecting the library Web site? Will it be like a portal for the library?
Paul Conway answers yes, if all the stars align. Perkins is one of the early implementations of Zope (the CMS software). We have some work to do with the CMS first.
Robert Wolpert asks to what extent are you working with other area universities?
David Ferriero answers we started working with them and shared information on vendors and systems, then we went our separate ways.
V. E-Reserves planning
Tom Wall gives some background: We have a legacy system that has e-reserves open to the world. Copyright law requires that there be authentication and access relative to the particular course that reserves the material. Other institutions have the same issue. We looked into whether there was some sort of courseware that just e-reserves could go into without having classroom materials there.
The latest statistics show that over 9,000 students are using Blackboard to access course materials. The best way to reach people is at the point of need. If they know where to get materials the point of need is to give them access from anywhere. Since so many people already know how to use Blackboard, we thought about setting up a parallel system.
We found the idea is not only viable, but also desirable. We're running parallel systems this fall, both traditional e-reserves and blackboard e-reserves to get more feedback. There are some faculty who have misunderstood the intent and moved their course information into the Blackboard e-reserves. That is not what we are trying to do. We are trying to get seamless interface for students who are used to Blackboard.
David Ferriero says we have 149 faculty members who are using e-reserves but not Blackboard.
Robert Wolpert asks if there are alternatives that can do authentication by course?
David Ferriero says Ex-Libris has a system that is on the horizon.
Paul Conway says these steps are a much-needed interim solution.
Robert Wolpert says there is alarm about this. Part of it is the seamlessness that you are striving for. Blackboard is pushing to become the only solution.
Molly Tamarkin asks if we could have used OIT Webauth?
Paul Conway says no because that does not work on the course level. Although Ex-Libris will work with SISS, authentication by itself does not satisfy the legalities of copyright. A given document has to be limited to classroom use.
Tracy Futhey asks if we have a sense from the faculty using the system how big the contingency is that think this is a terrible thing versus those who don't really like it but will use it?
Tom Wall says the problems faculty have are logistical things but not philosophical.
John Board points out the more we use Blackboard the more pressure there is to use it for everything.
Eileen Kuo asks if this new system means students can't view materials from other professors' courses.
Tom Wall says yes, but all students need to do is ask the professor for permission to view the courses.
VI. Other business