Solutions - users.cis.fiu.eduusers.cis.fiu.edu/~sadjadi/Teaching/IT Automation/Spring 2009/Pr… · Web viewRequirements Analysis Document of University Technology Services . Project

Requirements Analysis Document of University Technology Services

Project Members:Norman Wright (Project Manager)Mike BalewiczLamont MackeyJermaine DixonJean KesnelAdvisor: S. Masoud Sadjadi

April 24, 2009

Version 3

Note: See the Glossary For a list of the abbreviated terms. 1

mailto:[email protected]





Acknowledgements

CHRIS MOOTOO, INFORMATION TECHNOLOGY SECURITY ADMINISTRATOR, IT SECURITY OFFICE

MICHAEL BIROS, COMPUTER SYSTEMS CONTROL COORDINATOR, UTS COMPUTER LABS

MICHAEL KIRGAN, ASSISTANT DIRECTOR, OPERATIONS AND ENTERPRISE SYSTEMS

JOSHUA RIVERA, COMPUTER SYSTEMS CONTROL COORDINATOR, UTS FIELD TEAM

LUIS CRESPO, IT MAJOR, FLORIDA INTERNATIONAL UNIVERSITY



Requirements Analysis Document of University Technology Services (UTS) Table of Contents Page

1. INTRODUCTION

1.1 PURPOSE OF THE SYSTEM………………………………………………………5

1.2 SCOPE OF THE SYSTEM………………………………………………………….7

1.3 OBJECTIVES AND SUCCESS CRITERIA OF THE PROJECT………………….8

2. CURRENT SYSTEM.....................................................................8-11

3. PROPOSED SYSTEM..................................................................12-17

3.1 OVERVIEW

3.2 FUNCTIONAL REQUIREMENTS……………………………………………….14

3.2.1 REMOTE CONTROL………………………………………………………………….14

3.2.2 AUDITING & ASSET MANAGEMENT......................................................................15

3.2.3 MONITORING...............................................................................................................16

3.2.4 PATCH MANAGEMENT.............................................................................................16

3.2.5 BACKUP & DISASTER RECOVERY.........................................................................17

3.2.6 ENDPOINT SECURITY...............................................................................................18

3.2.7 USER STATE MANAGEMENT..................................................................................19

3.2.8 HELP DESK..................................................................................................................19

3.3 NONFUNTIONAL REQUIREMENTS……………………………………………19

3.3.1 USABILITY…………………………………………………….19

3.3.2 RELIABILTY………………………………………………......20

3.3.3 PERFORMANCE………………………………………………20

3.3.4 SUPPORTABILITY……………………………………………20


3.4 AGENT GROUPS.......................................................................................... (Appending)1

3.4.1 ORGANIZATION………………………………………..........

3.4.2 ORGANIZATION UNITS…………………………………….

3.4.3 SUBNETS…………………………………………………......

3.4.4 TREE…………………………………………………………..

3.5 AGENT ROLES……………………………………………... (Appending)2

GLOSSARY……………………………………………………………………………..21-25

1 Data could not be acquired prior to submission

2 Data could not be acquired prior to submission


Requirements Analysis Document of University Technology Services (UTS) at Florida International University (FIU) for Information Technology Management and AutomationUniversity technology services (UTS) is a subsidiary of the Division of Information Technology at Florida International University (FIU). UTS’s primary objective is to provide students, faculty and staff of FIU with a wide variety of technological support and services. These services include, but are not limited to, Network support, Student Lab facilities, Computer Diagnostics and Repair, Media Support and Services(i.e. Audio Visual support), and “Field” (i.e. on campus) Repairs. Under the leadership of the School’s Chief Information Officer (CIO), Dr. Min Yao, UTS’s aim is to support FIU in its pursuit to become a national academic institution by providing leadership, consultation, service and secure access for the use of technology.

Purpose of our System:

Due to recent budget short falls brought on by the economic crisis, FIU has had to make numerous budget cuts, while still trying to provide quality service and support. However, with state funding being cut further than previously forecast, the university is forced to investigate, and invest in alternate ways to provide quality service, at half the cost. U.T.S. was asked to look into IT automation solutions to better provide the following:

Patch Management Troubleshooting hardware/software issues Network security Proactive repair and maintenance of systems Reducing service requests (i.e. “tickets”) System restoration and backup


Diagram Illustrating the current structure of the Department of Information Technology

Administrative


Dr. Min YaoVice President & CIO Martha Castillo

Customer & Employee Relations & Communications

David RobertsAssociate DirectorUser Supp. Svcs.

Debra SheridanDirectorMedia technology services

Maria DrakeDirectorNMS

Robert GrilloAsst. Vice PresidentAdmin SoftwareOES

Julio IbarraAsst. Vice PresidentCIARA

Candice ReeseDirectorBusiness Services office

Cheryl GrantoAssistant DirectorIT Security Office

Jesus ArtasActing Assistant DirectorPMQ/EWS

Penny ButlerAssistant DirectorBBC Operations

Gloria AnasagastiAdmin. Assistant

Heidi AlvarezDirector

John DuranAssociate Director Panthersoft SA

Manuel RodriguezAssociate Director DBA’s

Jose PeresAssociate Director Technical & Legacy Systems

Mike KirganAssociate Director OES

Jack BelloAssociate Director Panthersoft Financials

Odalys DiazVoice Services Management Team

David RotellaNetwork Engineering

Jorge EstayInfrastructure Planning and Design

Helvettela LongortaNetwork Security Systems

Computing LabsUP and BBC

Education tech. services

Resource Center for Educ. tech

Media equipment and engineering

UTS training Centre

Broadcast video production

Instructional Design

Instructional Photo & Graphics

User account management

PC repair and Software Liscencing

Call center

Field teamUP & BBC

CIARA Network Services MediaSupport Center/Field Team

Panthersoft Operations

Web Development

Policy Guideline Development

Incident Response

Security Awareness

Scope of our system:

As previously stated, U.T.S.’s primary purpose is to provide support and services to the various departments, students and staff members on campus. Currently U.T.S. provides support to the school using the following 4-tier system:

o Tier 1-Help Desk/Call Center Support o Tier 2- Field team Technician Supporto Tier 3 – NMS/OES supporto Tier 4- Support from Vendor (Replacement parts/Software patches/Technician support)

Tier 1: When a system on campus breaks down, faculty and staff either go in person to a UTS repair office, or call the UTS help desk, to resolve the issue. If the issue cannot be resolved by help desk staff, a ticket is entered into the Remedy Service Request system..

Tier 2: Once the ticket is assigned, a technician from the Field Team is assigned to handle the service request. Upon assessment of the machine, the department is required to provide a requisition form, reserving funds to be transferred from their budget, and put into UTS’s before repairs can be initiated. Once this is done repairs can take as long as a week (minimum), if the ticket count is high, or if there are serious issues that need to be resolved. If the issue cannot be resolved by the field team, the ticket is updated and reassigned to Network Management Services (NMS) or to the Operations and Enterprise Systems (OES).

Tier 3: The OES and NMS upon being assigned the ticket would coordinate with OES to resolve the ticket. The aforementioned groups manage the campus servers (except in the case where a department has their own IT staff) and networks (this includes the wiring in buildings, as well as network access software) respectively. If the issue cannot be resolved within this time period, or is beyond the ability of the UTS staff members to correct, the manufacturer of the product in question is contacted.

Tier 4: A member of NMS or OES would contact the manufacturer of the product (software/hardware) in question. If the product is under warranty, and the issue cannot be repaired, the product is replaced with a refurbished system, or new software. Otherwise a quote would be given to a representative from UTS. If the initiator of the ticket is willing to accept the cost for repair or replacement, funds are drawn from their department’s funds and sent to the manufacturer to initiate service.

Due to the nature of the work being conducted at each of the tiers listed, there are limitations that prevent a justifiable automation solution from being put in place. After doing further research into how the current system of each department operates, it was decided that the system scope will focus primarily on the OES group.


In implementing an automation solution for the OES group we will include full technical support utilizing automation. Machines and servers at FIU require 24 hour support which is critical to day-to-day operations at the college. This applies to all aspects of the college including students, faculty, and technical staff.

With an improved maintenance, and system support, system, not only benefit the university’s budget in this troubled economy, but it will greatly minimize any emergencies regarding servers, and other machines, on campus.

Objectives and Success Criteria

The primary objective of our group is to carry out a thorough assessment of the current systems in place at the OES. To present a viable IT automation solution which is both cost effective and equally as efficient (if not more so) at handling the tasks handled by the department. Our secondary objectives are as follows:

Ensure remote support throughout the organizations managed computers.

System security is maintained.

The Backup and Disaster recovery of all group systems is maintained.

To reduce/prevent any downtime that the current system may experience.

To ease the work load of the Staff.


Current SystemAt this time the OES department is located in the Primera Casa/Charles Perry Building. The group operates on three floors, each equipped with a fire prevention system, known commonly as a Halon system. This system uses a chemical mixture to absorb the oxygen in the room, in order to suppress the fire. Due to the potential health hazard for some people, there is a “system-stop” button near to an emergency phone, which will prevent the gas from entering the room, and give the person time to leave the room.

Each room has its own heavy duty HVAC system. The OES Server Room has the Air blown threw ventilation docks in the floor in front of each of the servers to facilitate cool air to pass through the front of the servers, pushing hot air to the back of the machine. This facilitates a cool functional environment for the servers, promoting faster processing times.

UPS Storage Room (PC 1st floor):

The UPS room, houses heavy-duty enterprise battery backup systems, including an FPL by-pass system which monitors and controls when the power goes down. In the event of a power failure there is a back-generator, which is stored in a trailer, at the rear of the PC building. The generator is tested once per week to ensure that it is functioning properly. Cables are run underground from the generator trailer to the UPS room, and then the power is routed from the UPS room to the 4th and 5th floors. Back-up systems are monitored via a closed network connection (accessible only from a computer on campus). Multiple UPS systems are stored in the room to ensure fault tolerance (i.e. fans, phones, etc…); if one UPS fails then the other system will pick up the load to provide power to the systems.

Data Center Room (5th floor):

The Data center (or server room) houses all the servers and backup storage systems for the University. Some of the Devices which can found in the Data Center are: SAN’s (equipped with Multimode mode fiber-optic cables), switches and routers, Blade Servers, and a Robotic IBM Tape Back-Up Library. The SANs have a storage capacity of 50 to 60 Terabytes. These systems stores student profiles, including grades, registration, and email information. The Tape Library automatically stores data and information and utilizing a robotics system to move and store backup tapes within the storage unit. The Blade Servers are ultra thin in size and can store multiple thin, modular electronic circuit boards. Each server on its own is dedicated to a single application which uses ticketing. One advantage to the Blade Servers is that they have a unique power source, which consumes less electricity than normal server systems. And some of the newer systems are interconnected using a fiber-optic cable, which can carry data transmissions of up to 4 Gbps from the SANs (Storage Area Network). As a part of security purpose within the Data Center, an authorized person has to use their access card and code to access the room. The authorized person needs to login with their name, date, and time that they enter the Data Center lab.


Operations Room (4th floor):

Most system monitoring is done within the operations room. The UPS power status, CPU Usage, Disk Usage, and Memory Usage within 24 hours, are examined using the MRTG (Multi Router traffic Graphic) and up-time software automation system tools. Nagios, another software automation tool, is used for the system monitoring as well. Microsoft Operation Manager is primarily used to monitor all Microsoft systems on campus. Operations are manned 24 hours a day, 7 days a week. The group utilizes a 3 shift rotation to ensure that a staff member is always on hand at all times of the day. Especially during situations such as natural disasters, when on hand Support is critical.

Below is a model of some of the server systems and their roles on campus:

Responsibilities of the OES


Panthersoft server

TIM Server

UNIX Server

AD Server

Exchange Server

NFS server

Desktops

Solix Server

NIS Server

SharePoint Server

LDAP Panthersoft Server

The primary duty of the OES is the management and maintenance of the University’s Server systems. Other duties which fall under the OES group are as follows:

Providing support to the over 5000 machines (with more than 300 servers) which belong to the university.

Management of the EPO agents used to update Mcafee Anti-Virus Scanner Software. Providing systems backup for all departments. Especially for those departments involved

in research departments, the library, and all other data sensitive departments.o Servers are backed up daily using the Tivoli Storage Manager Program.

Backups are done on campus and sent to a data warehouse in Tallahassee. Back-ups on the campus are stored in a off-site storage warehouse called

Iron Mountain.

Patch management (security updates) for all systems on AD.o T.I.M.is used for scripting across multiple platforms.o Kacti is a program used to monitor network traffic.o SUS and WSUS push windows updates to all AD supported systems.

Assigning @fiu.edu e-mail addresses to students, faculty and staff. Password management. Disaster Preparations (Which are conducted bi-weekly to monthly.).

Issues/Problems

While the OES may have support and solutions in place to handle their day to day operations, there are still a host of issues which they most deal with. Some of these issues are as follows:

Windows and UNIX systems are managed separately. o Multiple monitoring tools are currently being used to monitor these systems.o At this time, OES is working on incorporating a system to coordinate the same

accounts/passwords using Tivoli Identity Manager (TIM).

Some users on campus have more than one password for each system on campus. This is in part due to the fact that some departments have their own Active Directory (AD) server in place.

o A current solution being sought is utilizing Tivoli Identity Manager, which will implement a way in which users will need just one account password for all the systems.


Proposed SystemOverview:

The software package, which is chosen for the OES, should be a “one stop solution”. The system should provide maximum scalability, and flexibility, providing administrators with the power to automate key tasks to increase the productivity of the organization as a whole. The OES needs to implement an IT service which provides network and systems management software, for the least cost — and report with unprecedented detail. From Software Inventory to Remote Desktop Management, the solution should have the features and functions to automate day to day IT tasks that will include the following solutions:

Automated Systems Management

Auditing & Asset Management

Performance Monitoring

Service Desk / Help Desk

Patch & Upgrade Management

Information Technology Management Reporting

Information Technology Security Management

Data Protection

Regulatory Compliance

Planning and optimizing the proposed system requires budget and time management. During the economic downtime, the group needs to take the appropriate actions to solve existing issues in order to improve their performance and security. As one of the issues concerning the multiple monitoring software tools used, the group can resolve this problem by giving administrators a single monitoring software tool. Doing so would help reduce cost, and get rid of any unnecessary applications. Another advantage to implementing an integrated monitoring tool, would be a reduced maintenance cost, since there would only be one integrated monitoring software tool to upgrade.

Some issues require administrators to go to servers and workstations around campus to troubleshoot issues around campus. However, conducting a remote session would make troubleshooting an issue easier. Technicians may provide technical support through an online chat services, or provide some assistance over a virtual network connection, rather than stepping out of the office to attend to someone needs.


To ensure that system environments are secure against known vulnerabilities in the operating system(s) and application software, ensuring that patches are installed properly, and testing systems after installation (documenting all associated procedures such as specific configurations) patch management is required. Patch management involves acquiring, testing, and installing multiple patches (code changes) to a computer system. Installing a separate patch management software system or vulnerability assessment tools will however further complicate the current situation.

An improved audit report would help in keeping records of what was updated and what was not. This report will help generate information each day, week, and/or month, to provide the most up to date information. Once the data is evaluated, it can be determined if safeguarding assets, maintaining data integrity, and operating effectively and efficiently to achieve the organization's goals or objectives. The primary functions of an IT audit are to evaluate the system's efficiency and security protocols (In particular, to evaluate the organization's ability to protect its information assets and properly dispense information to authorized parties). OES’s audit will be conducted by ensuring the following:

Will the organization's computer systems be available for the business at all times when required? (Availability)

Will the information in the systems be disclosed only to authorize users? (Confidentiality)

Will the information provided by the system always be accurate, reliable, and timely? (Integrity)

Functional Requirements

3.2.1Remote Control

One of the main concerns of the OES, is to resolve issues as quickly and cost-effectively as possible — before small problems turn into larger issues that lead to downtime. To achieve this rapid, powerful remote control that allows seamless and control to customer devices, regardless of what type they are or where they're located.Remote control capabilities can provide easy, high-speed and secure remote desktop management for the OES computing infrastructure from anywhere. Remote access management can provide:

Secure remote access to all managed computers.

Complete control over PC functions, including passwords, notification method, screen mode and control level.

Grant end users the ability to access machines remotely with the capability of optionally blocking remote control access.


Manage remote computers that are not part of administrators managed infrastructure through video streaming and utilize the video streaming feature for training sessions or quick support calls.

Implement secure online Chat between end users and support personnel and Secure Broadcast Messaging from administrators.

3.2.2Auditing & Asset Management

In the world of business, “time is money” is extremely vital. Thus, it is essential to getting to the root of problems and providing solutions quickly and efficiently. The OES need a complete hardware and software inventory of the servers, workstations, printers and software on their network.

The IT Automation Platform should be accessible from one integrated, and concise, interface, delivering comprehensive hardware and software inventory to the administrator. As well as providing automatic recurring network discovery and system audits, keeping an up-to-date, and accurate, inventory at all times.

Software and License Audit

This type of audit should facilitate the discovery and inventory of all software applications, license keys and duplicate licenses. As well as aid in the following:

Prevent users from launching unauthorized software whether it is installed or not, even when not connected to the network.

Maintain a comprehensive view of software license use and easily respond to audits with extensive application usage, license compliance reporting, and license reporting features.

Powerful query and reporting capabilities let you quickly view, analyze and understand your IT environment.

System Configuration

The package should easily configure the OES systems’ inventory and asset management. The automated system should gather the information from the machines and reports back to your server. Having the option to change your inventory schedule or add extra fields to your Asset Management Database.

The MSP needs to have a comprehensive network management solution to keep their clients up-and-running at all times.


The tool should provide Systems and Network Management which will offer Administrators with an easy and efficient method to enforce corporate policies throughout the group.

3.2.3 Monitoring

OES should not be limited to the number of systems that we can monitor, but what needs to be considered are high priority monitoring, such as determining whether or not the server is operating properly, because if the server is offline then all client computer requests will temporarily be on hold because the server will not respond. The need to monitor application and system changes, hardware changes, as well as traffic entering and leaving the network is a most.

Monitoring and Audit Report Scheduling Table:

The table below shows the functional requirement for scheduling and monitoring audit reports. Example:

Monitoring and Audit Reports Scheduling Application Changes Every Day at 8:00Event Logs Every Day at 8:00Hardware Changes Every WeekLAN Watch Every Day (3 hours)

Scripts for Managed Services

A key component for the MSP is the ability to automate routine Administrator tasks. Scripting is one method that can be used to Administrators keep up with the constant software deployment and other update requirements without physically touching every computer.

3.2.4 Patch Management

The functional requirements for patches are to fix software problems or update a computer program or its supporting data. This includes fixing bugs on the system to improve the usability and performance on the system. The OES depends on the functionality of implementing patches to fix holes that may occur on the system.

This table shows when to schedule patch management. Example:


Patch Management Scheduling Fixing Application Errors Error Event OccursFixing System Errors Error Event OccursApplication Updates Performance TuningSoftware Updates Performance Tuning

3.2.5 Backup & Disaster Recovery

Backup and Restoring vital information is important because functions as Data Protection. OES schedules backup of information in the case of a natural or man-made disaster. Backups and Disaster Recovery planning function as a method to safeguard all vital information that may be useful for future references The OES functional requirements are to keep all backups secure in the case of any emergency that information may need to be restored.

This table shows the scheduling for backups and disaster planning. Example:

SchedulingBackups Disaster Planning Every three months

Full BackupsEvery Weekend on Friday

Incremental Backups Every Night at 11:00Remote Offsite Backups Every Month EndNormal Backups Every 2 Hours

Our (Backup & Disaster Recovery) BU-DR provides:

Fully-automated real-time backup

Fully-automated off-site replication

Fast and easy recovery

3.2.6 End Point Security


OES will take every security measure in securing transmission ports on the network to all virtual connected computers as well as the computers on campus. To ensure encrypted transmission of data to and from all network systems, the MSP selected should have IPSec (Internet Protocol Security) encryption protocols, as well as L2TP (Layer 2 Tunneling Protocol), to ensure that if any information is sent across the network it is secure.

More important than ever is our network and security, which will be monitored frequently

We will further monitor port scanning using monitoring software that can help us detect any potential attackers on the network.

Monitoring all network packets entering our network is our second step to hardening our defenses.

We can also setup a Network Address Translation, which will allow external users to only see public IP address from private IP addresses.

After all monitoring at the end of the day we can run audit reports, which help us determine where we may have unsecure holes, and further harden those security.

3.2.7 User State Management

User State Management ensures users data, applications, and settings are constant through the users profile environment. For UTS implementation of the User State Management system, all settings, data and applications are backed up on the storage servers as well as a system restore point to be set on all client computers as well. Group Policy is backup for all users on Active Directory (AD).

3.2.8 Service Desk / Help Desk

The MSP should provide a comprehensive and integrated help desk and trouble ticketing system that helps IT professionals easily manage user’s expectations by providing administrators with the tools they need to resolve issues quickly. Users and support personnel can now interact in real time to report, diagnose and resolve issues without ever having to physically visit the desktop.

Deploy Service Desk / Help Desk capabilities in minutes.

Easy to use with no long training cycles or requirement for consultants.

Accessible from anywhere with no special servers or reconfiguration of your existing, computing infrastructure.

Keep track of issues, resolve them quickly and increase customer satisfaction.


Non-Functional Requirements

3.3.1 Usability

With our proposed solution, faculty and students will enjoy a more user-friendly machine environment, which will provide a more efficient learning environment for students, but will make the facilities job easier on a day to day basis.

3.3.2 Reliability

Incorporating a reliable service, the organization will maintain full levels of functionality. They will be able to totally rely on our assistance for every possible inquiry through automation. We will provide solutions to machine problems that may arise, so that the organization can run smooth. With automation, solutions will be solved to problems before noticed.

3.3.3 Performance

The goal of this system is to provide the performance for the OES. Administrators should be able to utilize any aspect of their systems with the automation tool providing support. Backups and patches will be incorporated as needed to achieve maximum performance.

3.3.4 Supportability

The University will receive 100% automation support from the system. The current needs of OES representatives should be eliminated once functional methods are in place. Automation will allow the group to detect and solve problems, more efficiently nearly eliminating the stresses on the department.


Glossary

A – Z

Application

Software that lets users do relatively complex tasks, as well as create and modify documents. Common application types include word processors, spreadsheets, database managers, and presentation graphics programs.

Active Directory

Is a technology created by Microsoft that provides a variety of network services, including LDAP like directory services, Kerberos based authentication, and DNS based naming and other network information. Active Directory also allows administrators to assign polices, deploy software, and apply critical updates to an organization. Active Directory stores information and settings in a centralized database.

Auditing

In security terms, the process of tracking and recording system activities and resource access.

Authentication

Is the act of establishing or confirming that the user is uniquely identified a particular individual or entity.

Authorization

In security terms, the process of determining what rights and privileges a particular entity has to login to the system with his or her login credentials


Backup

Is the process of making copies of data so that these additional copies may be available in the event of data loss. Backups are useful primarily for two purposes. The first is to restore a state following a disaster and second is to restore small numbers of files after they have been accidentally deleted or corrupted.

Bandwidth

Is the rate in which data is transferred in bits per second. Lack of bandwidth can impose severe limitations on the ability of the Internet to quickly deliver information.

CHAP (Challenge Handshake Authentication Protocol)

A user name or password authentication scheme in which the user is authenticated by a series of challenge messages and the password itself is never sent across the network.

DHCP (Dynamic Host Configuration Protocol)

A DHCP is a network service that provides automatic assignment of IP addresses and other TCP/IP configuration information.

Directory Services

A network service that stores information about all particular networks, including all the objectives in a particular network, including users, groups, servers, client computers, and printers.

DNS (Domain Name Service)

The DNS service automatically maps names to IP addresses on most TCP/IP networks, including the Internet

DRP (Disaster Recovery Plan)

A DRP policy defines how people and resources will be protected in the case of a natural or man-made disaster, and how the organization will recover from the disaster.

Encryption


A security technique that converts data from plain or clear text form, into coded or cipher-text form so that only authorized parties with the decryption information can code and read the data.

Firewall

Any software or hardware device that protects the system or network by blocking unwanted traffic is called a firewall.

Hot Fixes

Hot fixes is a patch that is often issued on an emergency basis to address a specific security flaw.

IMAP4 (Internet Message Access Protocol version 4)

An email client protocol used to retrieve email from a web-enabled email server by using the web browser.

IPSec (Internet Protocol Security)

A set of open, non proprietary standards that you can use to secure data as it travels through data authentication and encryption.

IPSec Policy

IPSec Policy is a set of security configuration settings that define how IPSec-enabled system will respond to IP network traffic.

IPSec Policy Agent

A service that runs on each Windows 2000 Server, Windows 2000 professional and Windows XP Professional computer that is used to transfer IPSec policy agent from Active Directory or the local Registry to the IPSec driver.

L2TP (Layer 2 Tunneling Protocol)

L2TP is a tunneling protocol used to support virtual private networks. It does not provide encryption by itself and therefore relies on an encryption protocol that passes within the tunnel to provide privacy. L2TP is a session protocol that exists on the Session layer of the OSI Model.

MAC address


(Media Access Control Address) A unique physical address assigned to each network adapter board at the time of manufacture

Malicious code attack

A malicious code attack is a type of software attack where an attacker inserts malicious software into a user’s system to disrupt or disable the operating system or an application. A malicious code attack can also make an operating system or an application take action to disrupt or disable other systems on the same network or on a remote network.

Malware

Malicious code, such as viruses, Trojans, or worms.

NAT

(Network address translation) a simple form of network security that conceals internal addressing schemes from the public Internet by translating between a single public address on the external side of a router and private, non-routable address internally.

NNTP

(Network News Transfer Protocol) A protocol used to post and retrieve message from newsgroups, usually from the worldwide bulletin board system, called USENET.

Policy statement

A policy statement is an outline of the plan for the individual security component.

Port scanning attack

Port Scanning attack software attack where an attacker scans your systems to see which ports are listening. This is software attack where the attacker is trying to find a way to gain unauthorized access.

PPTP

(Point-to-point Tunneling Protocol) PPTP is a proprietary Microsoft VPN protocol.

RAS

A remote access server is a gateway system that provides remote clients with access to all or part of an internal network.

Server


A server is a program that receives and responds to client computers for resources. A server operating system interacts with a client operating system.

SNMP (Simple Network Management Protocol)

SNMP is used in network management systems to monitor network attached devices for conditions that warrant administrative attention.

Security Policy

Security Policy is a formalized statement that defines how security will be implemented within a particular organization.

Service Pack

A collection of system updates that can include functionality enhancements, new features, and typically all patches, updates, and hot fixes issued up to the point of the release of the Service Pack.

SMTP (Simple Mail Transport Protocol)

A communication protocol used to send email from client to a server or between servers.

SSH (Secure Shell)

SSH is a protocol for secure remote logon and transfer of data.

SSL (Secure Socket Layer)

SSL is a security protocol that combines digital certificates for authentication with RSA public key encryption.

Token

A token is a physical object that stores authentication information.

Virus

A virus is a sample code that spreads from one computer to another by attaching itself to other files. The code in a virus corrupts and erases files on a user’s computer, including executable files, when the file to which it was attached is opened or closed.

VPN (Virtual Private Network)


A private network configured within a public network, such as the Internet.


Documents

Solutions - users.cis.fiu.eduusers.cis.fiu.edu/~sadjadi/Teaching/IT Automation/Spring 2009/Pr… · Web viewRequirements Analysis Document of University Technology Services . Project