Virtual Desktop Infrastructure — (VDI)

What is VDI?

  • Virtual desktop infrastructure (VDI) is a collection of desktop operating systems, hosted on a collection of virtualized servers.

What does the VDI infrastructure look like?

  • There is a collection of 400 virtualized Windows 7 desktops ready to be accessed
  • Current utilization is 100 – 130 concurrent users
  • If desktop utilization becomes greater than 350, then 25 additional Windows 7 desktops are automatically built, giving us 425.  This will be repeated as concurrent user demand increases.  Build time for the 25 additional desktops is 15 – 20 minutes
  • When you logout of a desktop, the image is destroyed and rebuilt from the golden image  (no more virus worries!)
  • There are 7 virtual servers dedicated to VDI.
  • VDI runs on Solid State Drives
  • VDI is load balanced across two gateways
  • VDI servers are located, both in the Data Center and DeVolder

How can VDI be accessed?

  • At various locations on campus, including the Hamersly Library, Wyse terminals are directly connected to VDI.
  • IMG_0217
  • VDI can be acessed with a web browser
    • https://wouvdi.wou.edu
      • Select the icon on the right side of the screen labeled, VMware Horizon HTML Access
      • Use your Pawprint login credentials to authenticate
      • Select the “Lab Stations” icon to connect to Windows 7

Will I have access to my network drives?

  • Yes, H:, I:, J:, P:, etc are all accessible

What software is available on the Windows 7 virtual desktop?

  • Microsoft Office Suite, Chrome, Internet Explorer, Firefox
  • ArcGIS, BlueJ, eclipse, Fathom, Foxit Reader,Geo Gebra
  • GS View, Ghostscript, Green Globs, Escape!, GSP
  • SPSS,Kinovea, LEGO Mindstorms, Maple, MatLab, TeXworks
  • Printkey, Python, QuickBooks, QuickTime, RealNetworks Suite
  • Subversion, VLC,  WinDirStat, WinEdit, WinRAR

Additional Functionality?

  • Select the down arrow in the top middle of the screen.
    • This will display a down arrow.  Select the down arrow to display menu options
      • Options include
        • Send control-alt-delete message to Windows
        • Toggle to full screen
        • Paste text
        • Disconnect
        • Help
  • Transfer data to and from USB drive attached to local computer
    • Install VMware Horizon Client on your local computer  (an alternative to the web client
    • Select Connection, then USB from the VMware Horizon Client menu
      • Select Automatically connect when inserted (you will now be able to copy files to / from networks drives from / to local USB storage

 

 

WordPress update

What is WordPress?

  • Website content management system (CMS)
  • Open source website creation tool
  • Written in PHP
  • A tool that can be used to maintain your website using a web-browser on your desktop or handheld device

 

Who uses WordPress?

 

How did WOU select WordPress?

  • Recruitment expressed interest in a revamping of the WOU website, with a redesign that focused on new students
  • Graduate Programs hired Stamats to design a website that was in alignment with their mission
    • Included in the design specifications, was a recommendation to utilize WordPress to implement the new design
      • Included in the specifications:
        • Search engine optimization
        • Mobile friendly site
        • X-platform video integration
  • HighEdWeb conference was attended by Public Relations, Graduate Programs and University Computing Services
    • Other universities shared their success with an online CMS (WordPress)
    • Several universities highly recommended utilizing WordPress
    • There were several presentations where universities demonstrated many features that WordPress incorporates

 

Why WordPress?

  • Vast amounts of resources are available for the management and maintenance of WordPress
  • Easy to use plug-ins, which allow for unlimited possibilities, are available
  • Mobile friendly
    • Google pushes mobile friendly sites up to the top of search results
  • Better integration for blog and social media feeds
  • Cohesive look throughout the whole website which will give end users a better experience navigating the website as well as a more professional feel
  • Relevant and up to date content (old outdated pages/sites will be deleted and no longer searchable through Google)

 

How do I get WordPress support?

  • Contact Danielle Gauntz at 503-838-8215 or gauntz@wou.edu
  • Support provided thru:
    • Training sessions
    • One on one sessions
    • Danielle or one of her staff will convert your site for you

 

WordPress — Summer Resources

Danielle Gauntz, Web Desinger, had her baby daughter on July 3, 2015.  She will be back, providing full time web support on September 8, 2015.  Her tentative plans include working 10 hours per week, starting July 20,

Shandelle Pepper is the technician providing Word Press support through December.  Don’t hesitate to give her a call.  She is glad to meet with you one-on-one or as a group. Her contact information is:

  • e-mail  peppers@wou.edu
  • phone 503-838-8493

WordPress resources can be found here.

 

 

The Demise of Windows XP

Windows XP support has ended, as of April 8, 2014.  Microsoft suggest that you are five times more vulnerable to security risks and viruses, which means you could get hacked and have your personal information stolen, if you continue to run Windows XP.

By default, Windows XP computers will be blocked from operating on the WOU network, after July 1, 2015.  If you have a critical need that requires Windows XP, please send me a note and I will design an alternative operating path for you.

If you don’t know which operating system you are using, contact the Service Request Desk at 88925 and they will help you identify the OS.

 

 

Security Cameras

  • Deployment of cameras began approximately twelve years ago
  • Currently 170 cameras installed
  • Located in smart classrooms, computer labs, parking lots, building entrances, ball fields, …
  • Cameras record on motion, no sound is recorded
  • Recordings are stored 7 – 10 days
  • The newer cameras are HD 5 megapixel cameras
  • Review of camera footage is most often done after a theft or damage to property, but includes inclement weather, construction progress, classroom support, …
  • Three UCS employees and Public Safety can directly access video recordings

Wireless Infrastructure

Utilization

Rogues and Interferers

802.11 a/b/g/n/ac

  • Example wireless statistics for MacBook Air
  • 802.11 a/b/g/n are available in all WOU wireless locations
  • 802.11 ac deployment was begun in new locations in December 2014.
  • To take advantage of the higher speeds available with 802.11 n/ac, multiple antennas are required.  This is referred to as MIMO (multiple input, multiple output)
  • Frequency
    • 802.11 b/g/n — 2.4Ghz
    • 802.11 a/n/ac — 5.0Ghz
  • Channels
    • 802.11 b/g/n
      • Available channels include 1 – 11
      • The effective channels include — 1, 6, 11.  Utilizing other channels in the 2.4Ghz range will cause interference to the channels on either side.
    • 802.11 a/n/ac — The effective channels include — 36, 40, 44, 48, 52, 56, 60, 64,100, 104, 108, 112, 116, 132, 136, 140, 149, 153, 157, 161, 165
  • Speed — theoretical
    • Wireless is a shared resource.  Each user shares the bandwidth with every other user using an access point.  If there is a slow user connected to an access point, that slows down access for every other user.
  • 802.11 n — 300Mb/s — 100Mb/s per antenna  (MIMO)
  • 802.11 ac — 1.3Gb/s — 400Mb/s per antenna (MIMO) on 5Ghz
  • 802.11 ac — 450Mb/s — on 2.4Ghz
  • 802.11 a — 54Mb/s
  • 802.11 b — 11Mb/s
  • 802.11 g — 54Mb/s
  • Year developed
    • 802.11 b — 1999
    • 802.11 a — 1999
    • 802.11 g — 2002
    • 802.11 n — 2009
    • 802.11 ac — approved January 2014

Security Infrastructure

Phase 1

Phase 2

 

Network Outage

Summary:

The core WOU network router pair failed to pass traffic beginning at 9:30am on January 14, 2015.  Partial network throughput was restored at 12:40pm and a full recovery occured at 9:00pm January 14, 2015.

Timeline:

  • Campus network outage began at approximately 9:30am on January 14, 2015
  • UCS responded immediately and went into diagnostic mode
  • Cisco TAC support was engaged at 10:30am
  • High CPU utilization was identified as an issue on the core campus router pair at 11:00am
  • Call placed to local Cisco representative for additional support at 11:30
  • Call placed to NERO (the WOU ISP) engineer at 12:30
  • NERO diagnostics led to finding a server that was identified as pushing an excessive amount of ARP request to the router.  The server was removed from the network at 12:40pm
  • Several networks were pulled out from behind the firewall, allowing network traffic to flow again
  • CPU utilization went from 99% to 86% after server was removed from the network
  • About 12:50 the CPU utilization had climbed back to 99% even though the server had not been reconnected to the network
  • Additional Cisco support provided about 1:00pm — at this point we had three Cisco engineers on the phone and connected to our router pair via a Webex call.
  • By late afternoon, I requested additional on-site support from Mt. States Networking.
  • A Mt. States engineer was on site by 6:00pm
  • At ~8:15pm, the router netflow process was identified as a culprit in the high CPU utilization.  After the netflows were removed, the CPU utilization fell from 99% to 23%
  • All networks were moved behind the firewall and traffic continued to flow properly.
  • The suspect host that was removed in the morning was returned to service and the CPU utilization on the router immediately climbed to 99%
  • The suspect host was removed

Forensics:

  • February 15, 2015
    • Our unix systems administrator has been reviewing the suspect servers logs and discovered the server had been compromised.  This server is running openstack OS.
    • We know that whoever compromised the server did not gain direct access to it via ssh or telnet
    • Forensics work continues…

E-mail ramblings

This rambling includes e-mail security/insecurity, archiving and content filtering.

 

The University of Washington has posted the following information on their web site:  (http://www.washington.edu/itconnect/connect/email/)

  • Privacy:  The UW email systems are provided to support UW activities and are subject to state laws and UW policy.
  • Do not send sensitive information by email. This includes personnel data, patient records, student information, and financial information.
  • Email messages can be kept and forwarded. Never assume email is private, even when using encryption technologies. The message you send to one person can easily spread to many more.

 

What e-mail security infrastructure is in place at WOU?

  • SSL is the predecessor to TLS
  • What is TLS?
    • Transport layer security is an encryption protocol that is implemented by e-mail systems and other services to prevent eavesdropping and tampering.
  • Always choose TLS rather than SSL, if TLS is an option
  • What does Google say about TLS?  Why should I use TLS?
    • This encryption makes it more difficult for hackers to intercept and read messages.
  • Transport Layer Security is available for incoming and outgoing WOU mail accounts.
    • TLS is on by default when you use the web-based mail client.
    • If you are using an external mail program such as Macmail, Outlook or a mobile device, confirm that TLS or SSL is turned on for both inbound and outbound mail.
  • When mail is sent from a WOU mail account to another WOU mail account the transmission will utilize TLS/SSL, as long as sender and recipient have TLS/SSL turned on.
  • When sending mail to a non-WOU account, all bets are off.
  • You can ensure encryption on the mail receiver end by using active encryption
    • Information regarding active encryption can be found here.

 

Is WOU e-mail filtered?

  • Spam, anti-virus and content filtering is configured.
    • Examples of content filtering include:
      • Nigerian get rich schemes, etc.
      • When there is content with malicious intent that gets through the content management system, we manually enter a rule into the system.  This would include the “Your Mailbox Is Full” email.

 

Do you have trouble finding your e-mails on occasion?

  • They may be in your spam folder
  • All unfiltered e-mails are sent to the mail archiver.
    • The archiver currently contains about three years of e-mail.
    • Your mail that ended up in trash, was deleted or sent to the spam bucket, can be found on the mail archiver.
    • The archiver is located at https://archive.wou.edu
    • Use your Pawprint credentials to login to the archiver.
    • I recommend that you click on the Advanced Search link.