IFAS COMPUTER COORDINATORS
(ICC)
NOTES FROM January 18th 2005 REGULAR MEETING
A meeting of the ICC was held on Tuesday, January 18th, 2005. The meeting was chaired and called to order by Steve Lasley, at 10:01 a.m. in the ICS conference room.
PRESENT: Twenty-one members participated. Remote participants: Marcus Cathey, Nik McCue and Joel Parlin. On-site participants: Mike Armstrong, David Bauldree, Dennis Brown, Dan Cromer, Marion Douglas, Joe Hayden, Kevin Hill, Chris Hughes, Dwight Jesseman, Nancy Johnson, Joe Joyce, Jack Kramer, Winnie Lante, Chris Leopold, Steve Lasley, Helena Niblack, Mark Ross and Joe Spooner.
STREAMING AUDIO: here
COMMENTS FROM REMOTE PARTICIPANTS
NOTES:
Agendas were distributed and the meeting was called to order by Steve Lasley at 10:01 am.
There were three new ICC members that were introduced in their absence:
- Ryan Mills works for Cheri Brodeur with the Department of Agricultural Education and Communication. He is a web designer, but doesn't manage the AEC page (although he did help design it). Ryan does manage the PDEC and Extension websites. Ryan has been at AEC for three years, but has only TEAMS the last 5 months. He is the go-to guy for all things computer at AEC and can do just about anything with MS Office. Ryan is often called to troubleshoot operating system malfunctions and client-end networking problems and also makes webforms as well as designs and touches-up graphics. He runs weird SQL queries on databases to make unusual reports and helps the programmers of FAS2 with ASP.NET. Ryan really likes the variety in his job, but probably his favorite thing to do is writing Perl scripts, which he uses for some webforms. His second love would be messing with pictures in Photoshop.
- Stephen Reese works for Brian Sevier at Food and Resource Economics. He recently started working there after a move from Jacksonville. Stephen received his AA from Santa Fe and will soon be working on his CIS degree. He has a pretty strong background with Linux and a few variants from his work with servers for a few small companies in Jacksonville. Also, Cisco products seem to occupy his off-time for fun. To-date, he has mainly cleaned up the FRED site and added a few subtle design additions, but a majority of that site was designed by Chris Hehn whom Stephen replaced. FRED hosts their our own site on a Redhat machine, "Wilma". They also have several other servers, one being a 2000 server which Stephen looks forward to replacing with a new Dell and 2003 before FRED's migration to Windows XP during spring break.
- Last but not least, Allen Bond is the new OPS IT support person for West Florida REC at both the Milton Campus and the Jay Research Farm.
As usual, Steve would like to point out that he always includes notes to the last ICC meeting on the agendas to encourage members to recap where we are in our discussions. Continuity and followup are becoming more and more important, as evidenced by the new and growing section "Progress on standing issues" which has been added as a standard feature to our meeting agendas.
At this meeting we had the distinct pleasure of a visit from Dr. Joe Joyce, the Excecutive Associate Vice President for Agriculture and Natural Resources.
Dr. Joyce began by providing us with an overview of how the IFAS budget cycle works: When the money comes in from the legislature, the first thing that comes off the top is fixed costs. That portion includes utilities, but especially salaries, which generally run 80-85% of our budget. The state money, counting teaching, is about $140 million. We get around another $100 million in contracts, grants, share funds, federal government and those kinds of things. The overall IFAS budget is thus about $250 million per year. What is left over after paying the fixed costs goes to programs--which means the offices that support the Vice President's office. IT is one of those. IT gets a budget which is basically enough to pay their salaries, basic operations such as maintenance contracts, paying communication lines, and those kinds of things.
We have another pool of money called "carried forward money" and "indirect costs" money that sits in other accounts. Carried forward money is money we don't spend the year before. By state law, IFAS can carry over up to 5% of their non-expended budget. IFAS budgets its money tightly enough that our number is generally 1-1.5%; this is something of which Dr. Joyce is proud. This is the type of funds that was used to purchase all the servers necessary for the migration, for example. It was used in re-doing Bldg 120 and it was used to purchase software for the migration. This particular year, carry forward money is looking extremely thin. What has happened to us this year are the hurricanes. We have a $3 million damage repair bill for which we will probably eventually get 75% recovered from state insurance.This comes at a particularly bad time because we just came off a faculty hiring freeze and recently had 70 people (40 county and 30 state) attend a new faculty orientation session. For the state faculty, those on campus and at the centers, we have a startup package. We were going to use carried forward money for the startup packages. The money that was promised to faculty for startup was cut in half by the hurricanes and we hope we are going to pay them back. The point is, the pool of money from which we pay for extra IT expenses or for Greg Rivers or for anyone else has pretty well dried up this year.
approx. 8 minute point in stream
Dan Cromer, Acting Director of IFAS IT, now has the entire cost savings from Pete Kearney's position (former Assistant Director of Business Systems), including the fringe benefits portion, as a continuing funding source for the fixed costs of IT operations. This was extremely welcome news, as the approx. $20 thousand portion that were Pete's fringe benefits had until very recently been in doubt; with those restored, we can now proceed with the MOM implementation that is critical for the necessary monitoring of our servers. However, funds beyond this simply don't exist at this time.
Mark Ross, IT support for Plant Pathology, pointed out that much of the services that IT provide belong in the fixed cost category in terms of funding. Dr. Joyce agreed completely and pointed out that these were funded in that manner--that they came out of the budget right off the top before the Deans get their operational money.
Chris Leopold, manager of the IT/SA group, asked how we can go about addressing a need for increases in the IT fixed costs. Chris wants to do a major infrastructure upgrade of all the networking throughout the state, involving the purchase of many switches at a cost of many thousands of dollars. Dr. Joyce encouraged Chris to put the request in, but cautioned that the Deans will always be there first with their requirements for new faculty hires. That's just a fact of life in IFAS; the faculty are the engine that drives IFAS and this entire university process and we are all just support. Mark Ross pointed out that unless we have the infrastructure there, however, faculty can't do their jobs.
Chris Hughes, the AD lead with IT/SA, asked if there was any way of funding the IT budget as a fixed cost rather than out of "carried forward funds". Dr. Joyce responded that the operational cost already was, but that he saw the migration as a special need rather than a fixed cost issue. Dr. Joyce said that if there is a special need it will just have to be submitted for consideration among all the other special needs. Those requests, quite frankly come in two categories: faculty requests (i.e., program dollars) and facility dollars. When those things are critical, we do manage to find the money to support them. Dr. Joyce said he wasn't trying to be pessimistic, but he pointed out that any re-vamping of the IT infrastructure would be competing with a $57 million deferred maintenance bill of our facilities. Getting the support of the Deans and department heads for any IT infrastructure improvement needs is by far the best way to assure success.
Chris Hughes asked if there was any possibility of funding things like computer purchases from the top rather than within departments. The problem Chris sees is that the current model leads to a wide discrepancy in IT facilities among departments. In response, Dr. Joyce spoke a bit about how the program money flows out of the VPs office. We pay the salaries off the top. (And here we are just talking about program dollars--we pay all the utilities off-the-top too, state-wide.) Then we give money to the Deans for "funding programs". The Deans send the units program dollars. The department chair or center director gets those program dollars, which is for things like travel, test tubes or whatever for faculty members. When these unit heads get these dollars in, they do the exact same thing at their level that Joe does at his. They look at their operational costs for the year and they pool together with this dean or that dean, their own indirect operational money, and money gotten from faculty off grants--all to pay for department operations. Those are the dollars that unit IT staff compete for at the unit level.
Dr. Joyce said he realized that we would all like uniformity across IFAS as that would make so many aspects of our jobs easier. The reality, however, is that it would require that the deparments have some of their operational budgets held back for that. Unless that was supported at the unit level, it just couldn't happen. In the business world you can make edicts from the top to improve overall functioning and efficiency, but that's just not the reality of the academic world.
Mark Ross noted, however that the Microsoft Campus Agreement was an example where monies for software were paid at the top (IFAS contributed $83 thousand) leading to cost and operational efficiences across UF. That sort of model could have similar beneficial results with hardware (desktop and laptop computers) across IFAS.
Jack Kramer, IT support at Ft. Lauderdale, said that there are two categories of hardware though. There is that which supports the administrative functions of IFAS and that which is used in the faculty labs to run various research equipment and the like. Jack feels that the former lends itself to uniform specifications but the latter category must remain exempt from that in order to meet specific research needs.
Kevin Hill, ICC-AD subcommittee chair, District IT support and IT support at SWFREC, remarked that funding IT infrastucture off the top as a cost center (an accounting term used to refer to a department in a business that incurs expenses but does not generate revenue directly) just as we do with utilities may indeed be something to consider. Of course, it would require proper oversight and accountability measures as part of that package. In response, Dr. Joyce asked, "What is it about our IT structure that is crumbling?" (note: Joe wasn't given a direct answer, but the primary component there would have to be the layer 2 networking--managed switches and building wiring.) Kevin said that things like the AD migration are ongoing IT maintenance costs and not special needs. They were only seen as special needs because the proper infrastructure maintenance costs have not traditionally been incorporated into the budget. Instead we make little leaps when things get so bad that something simply has to be done, and then we sit and wait for things to decay again. It is wrong to categorize these items as special needs as that leaves their funding in jeopardy when emergencies arise such as the hurricanes. Kevin pointed out as an example that everyone's phone bills still got paid even though there was a hurricane. Dr. Joyce responded that the AD migration was funded in such a way. Kevin said that portions of that allocation had been in danger and Joe replied that this was due to the fact that Dan had not yet gotten the fringe benefits portion of Pete's salary savings, but that had now been remedied.
approx. 20 minute point in stream
Dan Cromer said that there is still a portion of the IT infrastructure that is not funded on the fixed cost basis, and that is our networking infrastructure. We have many network switches and topologies across IFAS that are extremely out-dated and need to be replaced in order to maintain our network infrastructure in support of UF network security policy. Dan mentioned that the ICC is preparing a service level agreement (SLA) as part of an IT Charter that addresses those functions that IFAS IT should provide. It would require support from the unit level on up, but if that is successful, then this is one way that this could be incorporated into a fixed cost funding model.
When Chris Hughes mentioned that a new model could support replacement of unit desktop and laptop machines on a schedule, Dr. Joyce said he just did not see the VP's office buying computers for units. Chris then explained the problems he is having currently with Windows 98 machines and how it is either preventing the support of features for all or costing him considerable time which could otherwise be spent in that support.
Dr. Joyce sympathized that we are uncomfortable with the fact that we can't count on the money we need for IT infrastructure, but he pointed out that he can't count on money either. If we want the things we are talking about to come to fruition, we have to convince the unit heads that this is a priority.
. . .
Note: The majority of the remaining discussion was a rehash of the same points. The key issue is we have critical IT infrastructure needs that are not currently budgeted as fixed costs but which need to be addressed centrally. We need to realize, however, that faculty drive our entire operation. If we can get faculty behind us, we will get the support of the unit heads. If we have the support of the unit heads, we will get the support of the deans. That is the way we must approach the entire matter. While we would love Dr. Joyce to push for this on our behalf, we are the ones who really know the details of how the IT infrastructure works (or doesn't) and we are the ones who need to evangelize this out to our faculty. That is why the ICC is so important in the entire process. In the meantime, Dr. Joyce has shown that he will support well justified special needs as he is able; for those, the most important thing is for us to carefully prioritize and communicate those needs.
. . .
approx. 43 minute point in stream
It was pointed out by Dr. Joyce that faculty salaries are paid off the top from the VP's office while staff salaries are handled at the unit level. Some departments hold staff positions vacant and use that money to fund operating expenses. This amounts to very little in departments like Plant Pathology, but places like CREC have a larger number of positions which they handle in this fashion due to the large infrastructure which they must support. This allows CREC to divert funds into other things such as IT infrastructue; some departments can and some can't. The VP level carried forward money basically comes from vacant faculty positions that we have carried over from previous years. So the source of discretionary funds is similar at both the IFAS and unit levels.
Kevin Hill mentioned, with the IT Charter, we should get someone involved--possibly a unit head--who understands these sorts of issues and who can help package the charter in a way that could be palatable to the majority of the unit heads. Dr. Joyce thought that was a good idea.
approx. 51 minute point in stream
In talking about the ICC recommendaion for Acquiring a Microsoft Support Contract for IFAS ITAS yearly that failed to pass ITPAC, Chris Hughes asked about other possible methods of increasing the fixed portion of the IT budget. He wondered if a request could be packaged for presentation to the legislature for additional funding so funds wouldn't have to held back from unit operational funds. Joe Joyce said that there is already a process in place this year for asking for more funding from the state legislature; but we want to be fairly low-key about it because the legislature does not generally like to add new funding. This effort is called the Workload Increase for IFAS and will make a request this year at the $1.6 million level. This would provide funds for research and extension in a fashion similar to what now happens with instruction--where when the student population goes up, the funding for instruction rises. There is nothing like that currently for research and extension.
approx. 56 minute point in stream
Dr. Joyce pointed out that we have about 135 FTEs in teaching (spead over about 350 faculty) amounting to about only 20% of our budget. That's all we would have if we were like the rest of the university. Mike Armstrong, IT support at CREC, noted that a good portion of research is moving to private industry and asked how vital our research and extension arms might be for the long term. Dr. Joyce said that this question is asked all the time. He noted, however, that Florida has a unique climate, geography and terrain that leads us to supporting numerous and unique commodities (numbering around 280). This is what gives us a unique competitive advantage in relation to many other land grant institutions. The biggest threat to our institution is what is happening to agriculture as this state is being developed. There are, however, a number of environmental groups out there that are trying to help the farmer stay in business with the idea that compared to condos, citrus orchards are a good thing.
Chris Hughes asked how we would go about getting figures on how much each unit spends on IT. Dr. Joyce said that this information would reside within the individual units. He has no easy way of getting such figures, although he would often like them on various issues.
Dwight Jesseman, Exchange and backup support for IT/AS, asked if faculty could be charged back for things such as web services. Dr. Joyce said it was possible--that it was done for other things within IFAS. Chris Hughes pointed out that then there is an additional administrative cost involved in the service and that paying at the top was more efficient overall. Jack Kramer pointed out that we would also then have to be competitive on that service. As an example, he pointed out that many of his users were quite happy with Gatorlink for e-mail. Kevin Hill mentioned that there is one major problem with having services as a cost center; it removes discretion from the unit--and that makes it a very difficult sell.
Dr. Joyce spoke on the wallplate initiative saying that CNS is justifying the $5 port cost by saying that this cost also reflects going to VOIP and when that is factored in, the cost is more reasonable. The problem there is that units with PBX-type systems already are saving per phone costs and rather pay, for the most part, by the number of outside lines they have. This number is much less than the number of phones (unlike with Centrex service). Also, VOIP will not eliminate long-distance charges to outside parties. Consequently, the amount of phone communication costs that might be recouped by moving to VOIP are often greatly exaggerated.
approx. 1 hour 20 minute point in stream
There was a discussion about the ability to tax grants to pay for IT infrastructure in some cases. Those would come out of grant indirect costs, but the problem with IFAS in that regard is that our grant sources often do not include the high indirect costs (43%) that federal grants such as NSF, NIH and DOE do. IFAS does have, however, a very high level of unit staff support compared to many such institutions. 40% of our faculty are off-campus in support of the uniquely broad commodity base which we service.
Dwight asked for Dr. Joyce's recommendation on what to do about getting new services like Sharepoint and document management funded. Dr. Joyce said that Jimmy Cheek, our new VP, has already asked about the IFAS website. It is known that the IFAS web presence is extremely important and currently poorly handled. But again, Dr. Joyce believes it has to come up through the system. Jack Kramer thought that Sharepoint is one feature that really lends itself to a charge-back model (the other is centralized backup). Currently the content out there is primarily static. If we could get a program together with document management, with dynamic database driven capabilities and programmatic aspects then we would really have a valuable product we could sell on a charge-back model. Joe Spooner, IT head for CALS, said that this could start with an SLA for the basic services and then use a cost back model to support service beyond that. Charge back does indeed have an administrative cost, but this would better match how the funds tend to flow within IFAS currently. Dr. Joyce said that, currently, charge-back is not the model IFAS tends to use. Joe Hayden, IT support for Fac Ops said that charge back is a poor model that they are trying to get away from.
approx. 1 hour 37 minute point in stream
Prior exit procedure discussion. At this point we moved on to the first of the agenda items beneath the "Progress on standing issues" section, namely the items in need of administrative action. Chris Hughes raised the question of hire-fire procedures where certain processes within IT require participation and action by personnel people--the UF Directory Coordinators. How can we go about getting these people to do certain job functions that are required for IT? Dr. Joyce said that if it is not getting done and nobody is saying anything about it, then it won't get done. To this, Dan Cromer responded that there is an IMM pending on this that will go through the IMM review. Kevin Hill mentioned that the difficulty is in getting this into the daily task list of the directory liaisons. Chris Hughes asked, how do we find out when someone is hired and more importantly fired at IFAS? Dr. Joyce thought that was pretty easy. We have a new director of personnel in IFAS, and we need to figure out a formal link between the personnel office on the comings and goings. Chris then asked how do we get past just talking about it to doing it. Joe Joyce asked if a proposal had been brought to the VPs office on this? Chris responded that action had always been blocked by Dan Cromer who insisted this was an administrative issue and not an IT issue. Joe Joyce agreed this is an IT issue. Dan Cromer responded that there is a UF-wide plan to implement such a procedure because it is not only an IFAS issue; this is going on at Mike Conlin's level. Dan said that it is a large issue to say that all UF Directory coordinators need to do their job. Joe Joyce asked about the process whereby a new hire gets an e-mail account. It was noted that it only happens when that person requests it--it is not an integral part of the hiring process as it should be. But incoming is not nearly the problem that leaving is. Chris Hughes said that there is a specific part of this process that will not be handled at the UF level and that we have been specifically told is an IFAS problem. That is because UF can only catch people if they leave the university. People, however, transfer in and out of IFAS within the university and even between units within IFAS. Those relocations and the handling of their computer and user accounts is strictly an IFAS problem. Joe Joyce recommended that we figure out how we want to do this and talk with Mary Anne Gularte about getting that implemented.
Chris Hughes reported that another problem issue is getting all IFAS IT staff to cooperate with the necessary changes that are being implemented. This caused Chris a lot of problems, not with those in the room--those that participate in the ICC--but with others that do not. Chris asked Joe Joyce, how do we make those who are not participating implement the necessary changes when Dan Cromer does not have a supervisory role over them? Joe said (jokingly) that it would be simple, just give Dan that role. Dan pointed out that while Chris would love that, many would not and everyone got a good chuckle. On a more serious note, Joe Joyce asked Chris to provide him with the names of the trouble units and he would see what he could do to get them more involved. Dan Cromer said that he was hoping to get an IMM on that which states to a unit head that they need to make sure that their IT program is supported and that they have a technical contact for IT and that their IT personnel are participating in the ICC. Then this would become a matter on which a unit head could be evaluated by their supervisors. That is the only way Dan felt that we can put teeth into any such effort. Joe Joyce agreed.
This led Jack Kramer to say that getting the distance conferencing equipment working correctly would be a very important part of this. Jack, among others, has made a monumental effort to travel long distances to the ICC meetings, but many simply cannot.
Mike Ross stated that the videoconferencing system simply does not work, if an entire room of network administrators cannot get it going more than occasionally. Dan Cromer took exception to this saying that it was functioning for DE, but Joe Joyce agreed that as a system, it is not working. Unit heads want to be able to use this system for their state-wide meetings and for graduate student committee meetings and the like. Mark Ross gave an example of how this project was implemented by saying that a Polycom unit was simply dropped off at Fifield without telling anyone and since it wasn't secured, the TV portion was stolen. There was no plan for where to store it or who was going to run it (as Fifield has multiple units with multiple IT staff within it). Joe noted that there are components of the system, different microphones and lights that are not yet in place. But bigger than that, there are no administrative procedures to stitch this thing together. There is no procedures manual for the system telling what to do and who to call to operate or troubleshoot the system. Chris Hughes asked who was working on that. Joe Joyce responded "exactly, but we are fixing to ratchet it up Chris. The deans want this system working." note from the future: I received an e-mail on the 20th from Jonathan Evans of Video Services saying that Patrick Pettus asked him to locate, document, and label the polycom and projector units in my building, that there was a minor rush on this, and that I was to call him at my earliest possible convenience. The other issue with this system, according to Joe Joyce, was the way in which it was purchased. It was done because we had some money and quickly went out and bought it. We did the bare-bones to get the thing in place, knowing full well that was not going to be the end of it. (Note: unfortunately, this has been standard operating procedure for IFAS IT projects (through no fault of IT); until that changes, IT will continue to look bad to our faculty.)
Jennifer Xu, manager of IT WAN systems, spoke briefly on the payment of the WAN communications. The costs from BellSouth are handled through CNS as that arrangement of pooling our costs saves UF money overall. Mark Ross was concerned that we might not see monies that CNS possibly gets back from BellSouth under any SLAs. Jennifer noted that she can't tell what is happening with that as CNS is the middle man who would see such things. We have to pay whatever they send over as charges to us. Dan Cromer down-played this issue saying it was only a small number of circuits. DSL upgrades take an additional chunk of our WAN budget.
approx. 1 hour 58 minute point in stream
Steve Lasley asked to take control of the last 60 seconds of the meeting in an attempt to address the remaining agenda items. We thanked Dr. Joyce as he went off to his next appointment.
Steve went quickly through the standing issues. Provisioning all Gatorlink users has already happened. The display name fix is coming shortly, as reported by Chris Hughes. Those will help with the incomplete GAL issue. Joe Joyce spoke to the hire/fire procedures and "network managed by" issue. There isn't really any movement on getting another FTE for UFAD, though it was brought up in a meeting about a week ago according to Chris Hughes.
On the Office adminstrative install point, John Sawyer is the one earmarked to do that. Chris Leopold reported that it is just a matter of planning how we need to be doing it. John had put out an e-mail about this issue that generated some discussion at the time. There is also the question of who it is deployed for. Steve suggested that perhaps we could continue that discussion over the ICC-L due to time constraints.
Methods for end-user notification is getting more and more important all the time. We aren't going to drop that, but we have to move on at this time.
Should IFAS-ALL be restricted as to who can post? This is a decision that affects us and one on which we can make recommendations. It is not our decision, however.
Chris Hughes said we will be having a meeting again this Thursday with Fran McDonnell about the status of the Remedy trouble ticket system for IFAS. The goal is to make it an IFAS-wide solution where any technical support incident IFAS-wide will be in the system. It will be distributed out to the departments based on the technical support contact on record, which for some units will be the HelpDesk. Dwight reported that the UF HelpDesk is making modifications in their website to support this. Kevin Hill wanted to know the details of the system because he already has a system in place and wants to assure that this new system would have at least the same functionality as what he has currently.
Interviews are being held later this week for the new hire for IT/SA.
The issue of making the ICC security group a distribution list was deferred for now.
The IFAS IT Charter committee is on a little bit of hold, but we expect some movement on that in a few weeks.
The report from the AD Committee will be deferred until tomorrow's meeting due to time constraints.
John Sawyer was not available to give a security status report, but Steve asked Dan Cromer if anyone had responded to ITAC-NI Request for Comment on CNS responsibilities for providing core network services. Dan said he had: then Steve asked if there was any way that Dan could share his reponse with us as we would appreciate knowing the details of what Dan was doing on this matter. Note: when Dan does things without our knowledge, the tendency (rightly or wrongly) is to assume that he is doing nothing at all; a little proactive communication on his part could do wonders for the perception held of him by the ICC. That said, Dan is a busy man and must make his own decisions on how best to allocate his scarce resources.
There is soon to be an announcement on plans for IT/SA to hold weekly meetings to plan, develop, and document IT/SA services and to which the ICC will be invited. Chris Leopold said these will be "how we do it" meetings in answer to the ICC's "should we do it" meetings. Chris expects this to begin the 28th of January. Steve Lasley related that it was his understanding that these meetings would actually produce documentation. When Chris concurred Steve asked for a thunderous round of applause!
Chris Hughes has done a lot of work making the UF L2TP IPSec VPN easy to implement for users. The program which Chris wrote for Windows XP clients that automatically configures this is available on the IFAS Software Site. There is a procedure for Windows 2000, but is it a bit difficult to implement:
Download and install: the Internet Protocol Security Policies Tool.
Then run the following from the command prompt while
in the c:\program files\Resource Kit directory (without the wrappint):
ipsecpol -r "Gatorlink VPN"
-f 0:1701+128.227.166.116::UDP 0:1701+128.227.166.117::UDP
-n INPASS ESP[3DES,SHA] -aPRESHARE:"gator+vpn!"
-x -p "Gatorlink VPN" -w REG
Then run the Gatorlink VPN installer.
This will make a functional VPN.
It looks like we are going to have the IFAS VPN available, however, for quite a while--for various reasons. Note, that the Cisco VPN and the new UF L2TP IPSec VPN are not compatible and cannot be used on the same system; the Cisco client disables IPsec. The IFAS VPN does something that the UF L2TP IPSec VPN does not do, however. When you login from machines not on the domain (as many faculty will be from home), it validates your credentials against UFAD and you then have access to network resources. Mark Ross insists that two methods for VPN are needed, because, in his experience, it often happens (for whatever reason) that one way of connecting will fail while the other works--and vice versa. Chris Leopold stated that the UF L2TP IPSec VPN solution using IPsec, should be more generally useful in situations where firewalls and the like might be causing problems with allowing a VPN connection via the IFAS VPN--as the latter uses a PPTP connection without GRE.
Chris Hughes wanted to raise a proposal to move all IFAS machines and printers to DHCP from static addressing--allowing for reservations. This discussion is deferred to the ICC-L due to time constraints.
Chris Hughes also had a proposal to upgrade all of IFAS to Windows XP SP2 and Windows 2003 Server by June 1, 2005. While some of this was discussed while Joe Joyce was present, major discussion will again have to be deferred to the ICC-L due to time constraints.
Dwight wanted to make sure that folks know where to go to find the status of a server within IFAS. Steve has put links to these on the peer support page of the ICC website. They are the IFAS IT/SA Real-time Server Status and IFAS IT/SA Server Status page (for end users). If you want Dwight to include your own servers on that list, contact him and he will add you so that you will be e-mailed if your site goes down.
Dwight then mentioned that webstats is now on a new server. He tried to move every website there in the migration, but it wasn't pretty. If any of your users have problems, please have them contact Dwight.
Finally, Dwight related that the word on the e-mail outage over the holidays apparently did not make it to everyone. One of our high profile users came in to work and tried to use the system during that time and was very upset. Dwight wants everyone to keep considering what we can do to better advertise things. Kevin Hill pointed out that all reasonable steps had been taken and that Dwight should not waste any time worrying over this. Chris Hughes said, however, that this is the sort of thing that continues to give IFAS IT a black eye. Chris Leopold thinks the key is consistency in how we make notifications and that eventually people will know how and where to go for important information.
Kevin said that all these important notices should be on the HelpDesk website. Dan Cromer says he has been telling them to do that for a long time, but it doesn't happen--they say they don't have the people to do it. Perhaps IT/SA should take over that website from the HelpDesk?
Kevin also expressed his appreciation to Chris Hughes and crew for a very smooth migration to which all the ICC concurred with a generous round of applause. Hear, hear!
Mike Armstrong said it was great having Joe Joyce here and that we should get other visitors from the IFAS community for future meetings to get feedback on what they think about the way IT is doing their job--senior administrators, faculty members or deans. Mark Ross mentioned that the personnel director would be one good choice. Chris Leopold said we also need to work on getting some input into department chair meetings. He proposed that the ICC have a representative sit in on those meetings and get IT matters on the agenda at those. Joe Hayden believes that their meetings are monthly, but that they schedule a more open meeting every six months or so.
The meeting ran late and was adjourned at roughly 12:30pm. Discussion was continued over lunch by nine of the ICC members. We hope such lunches can become a more usual occurrence, so keep your lunch plans open for the next meeting!
COMMENTS FROM REMOTE PARTICIPANTS
From Nik McCue:
I think that pulling funding from our local unit [WFREC] to centrally manage workstations and software is not the solution. I am glad to help disseminate policies, practices, and procedures as defined by IFAS Central IT and I eagerly look for guidance in terms of how I should be conducting business on your behalf here at the WFREC; however, more often than not I have difficulty getting real-time support from Central IT due to the already limited personnel. In addition, I understand and agree with the economies of scale with central IT but I must be a part of the small percentage that has to lose so the whole team wins. First of all, I have yet to feel confident that the EPO and Patchlink services are being properly implemented at our local site. Also, I cannot imagine that central IT’s efficiency could overcome our faculty’s need for immediacy…those folks don’t give much notice…I can provide many examples if anyone wants. Actually, we are able to meet many needs locally and keep much demand off of the already overworked IFAS IT; and actually, as the Coordinator of Media/Communications I am not even designated for IT (specifically, 20% of my job description). I really appreciate all resources and assistance from Central IT and would like more, but think that giving them all of my local resources in the name of efficiency is not effective. There must be a balance.
We have rules that speak to many of the issues that plagues IFAS statewide IT…it seems to me that policy enforcement and accountability is the larger issue. Is there a solution for that?
Regarding the Polycom statewide system, we run 4-5 classes every week at 2-3 hours each with minimal trouble. The biggest problem in my mind is that there was an underestimation of the staffing needs involved with the new systems. It is not hands-off. It is not fool-proof. Each endpoint needs someone to take ownership of how to use, maintain, and troubleshoot the system. Most of the major problems that I have seen could have been avoided by more hands-on management. Bad-mouthing the system is apparently very uncool when it comes to the “higher-ups”, does not address the real issue of accountability, and does not help to make the system better.
Since the system did, in fact, fail to work for this meeting I was not able to interject via NM chat; so here it is all at once. I look forward to your thoughts.
I’m with you on the goals…I am also painfully aware of the reality of meeting faculty expectations. There is an expectation that anything can be done and while that is ridiculous (or would be ridiculously expensive) I think that those of us on the front lines are more responsive to those last minute wants/demands. Is that a good thing? No, personally I think that it is a terrible way to do business, but this isn’t business…it’s something far less efficient than that…academia. We produce what business cannot afford to, but we are effective.
back to the point. My concern is that you have a valid argument and if you convince my boss that you should get my IT budget then I am far less able to make the improbable happen without those last minute completely inefficient purchases that I sometimes have to make. I want to see IFAS IT successful in their mission, but I would like to see other ways of funding…that are less likely to put my little bit of budget in danger.
I think that the Dell Premier site with it’s IFAS standard config system and Microsoft licensing goes a long way toward meeting your goal and frankly, I don’t see how a center could not find ways to meet your recommended software and hardware requirements given all of the potential solutions that the ICC has come up with. I do, however, think that there still needs to be money at the bottom to patch the little holes we find from time to time and it seems that is the same funding that you guys are considering.
Please don’t misunderstand that I am very much for your goals.
From Joel Parlin:
I think that Nik has a valid point. At the REC's, there are other expenses aside from IT that have to come out of our budget. We have an entire facility to operate. Ultimately though, someone has to put up the funding for all of the necessary equipment, but I think that a fee may not be the best way to go for everyone. In the past GCREC has paid for a file server and at least one switch (before the new facility was being built) and maybe it would have been cheaper for us to pay a yearly fee, but once the initial expense was taken care of, we didn't have to worry about next years payment. It may work out better for some facilities to be responsible for some of their equipment instead of centralizing everything and then trying to recover the cost. I think that we should investigate both avenues before making a decision.
You are correct. Keeping current is a huge problem to deal with. Also, once somebody lays out a large chunk of money, they may tend to be reluctant to do so again in three years. I don't disagree totally with the pay per view method of funding, I just want to consider other alternatives before we jump in with both feet.
Responses from Chris Hughes:
The real problem comes in 3 years, when the equipment needs to be replaced. It is the equipment that is not kept up to date that becomes a large support problem. The real problem is a lack of budgeting for timely equipment replacement.
We are not after your IT budget. We are after ensuring that funds are budgeted for timely equipment replacement, of servers, network, and workstations and centrally supported services. While your center may not have a problem budgeting funds for replacement equipment, that is not the case throughout IFAS. This disparity is what causes difficulties. This should not encompass the entire local unit IT budget, unless local unit support could always use their p-card against the IT funds to fill in any holes and resolve emergencies. What we are looking for is for IT resources to have a well defined replacement cycle that is funded.
|