Remote Access to UW Software with VPN
Now that the UW network firewall is in place, there are
essentially two types of servers on the UW network: public
servers and private servers. Public servers are accessible from
the Internet or the UW network. Private servers are accessible
only from the UW network or through the Internet by way of a
Virtual Private Network (VPN) connection to the university. A
VPN connection, which requires a username and password, allows a
VPN user at a remote location to appear to be connected directly
to the university network.
There are three environments under which a person may access
and run UW-provided software.
The first environment is what can be called a local environment,
which is a hard-wired network connection to the UW network.
Locations offering this type of connection include UW at
Laramie, Casper Health Center, UW Outreach-Casper, Casper
College, Cheyenne Family Practice Center and the Powell Research
Center.
There are two types of remote environments: remote without a
VPN connection and remote with a VPN connection. “Remote”
indicates either off campus or wireless and includes UW DSL†,
ResNet†, wireless†, modems† (dial-up), and Internet access from
other off-site locations. One such example of an off-site
location is the Internet connection that may be available in a
hotel room. Certain applications that would not normally be
available through a simple connection to the Internet are
configured to work from remote locations using a VPN connection.
Not all remote connections require a VPN connection (e.g.,
using Outlook Web Access doesn’t require a VPN session).
As IT adds software for campus use, users should refer to the
table located on the
UW Network Connection Types
and Software Availability page (www.uwyo.edu/infotech/services/data/netsoftware.htm)
to see if the software will require a VPN client and if it is
supported in remote environments.
† UW DSL, ResNet, wireless and modems (dial-up) do not
currently require a VPN connection. However, in the near future
these access methods may require VPN.
Using Exchange Global Email Addresses
The Exchange Global Address List (GAL) is a useful tool for
finding the email addresses of UW faculty and staff. The first
thing you may notice upon opening the GAL is that it is sorted
alphabetically by first name (John Doe) rather than last name
(Doe, John). Exchange requires that names be displayed in the
same format in the TO, FROM, and CC fields of an email message
as in the GAL. That being the case, UW uses the more friendly
firstname, lastname format for UW’s Exchange email
system. If the format was lastname, firstname then
all outgoing email would appear in that format (Doe, John).
Regardless of how names are displayed it is possible for
users to search by either first or last name. There are several
ways to search for a name:
- from Outlook’s main menu select Tools, Address Book
- then, in the “Show Names from the:” selection
box, at right in the Address Book window, select Global
Address List
- finally, from the Address Book window’s Tools menu,
select Find
 When composing an email message in Outlook, you can also type
part or all of either the first or last name in the TO field and
click on the Check Names icon in the tool bar. This will
open a window that lists all possible matches for that first or
last name.
Many UW users are now taking advantage of the Nickname
feature. Human Resources and Information Technology recently
implemented this feature. You can read about it, including how
to add a Nickname to your account, in the winter 2004 IT
Newsletter (www.uwyo.edu/infotech/newsletter/winter04.asp#names).
In the near future it will be possible to search the GAL for
the email addresses of UW faculty and staff that do not have
Exchange accounts. In the past, staff members with email
accounts on non-Exchange mail servers were not listed in the
GAL. Recently, IT has started to work with Human Resources to
identify those users and to add their names to the GAL.
UW’s Firewall Project Completed
The process of moving the UW data network behind a security
firewall was completed over the summer. The firewall helps
protect the university’s internal data network from external
attacks coming from the outside world through the Internet.
However, attacks can also come from inside the network, through
email, from malicious websites that are browsed by on-campus
users, etc. The firewall is only one component of overall
network security and does not remove the need for other
components. For example, the firewall does not remove the need
to keep operating system security patches up to date and install
antivirus software. Email coming into the university through the
main mail gateway is scanned for viruses, but email coming from
other Internet service providers (ISPs) might not be protected
and can infect computers inside the firewall. Consequently, it
is imperative that all workstations and servers run up-to-date
antivirus software and that software update patches are
installed on a regular basis.
Further information about UW’s firewall can be found on the
IT Firewall website (www.uwyo.edu/firewall/).
Update on SIS Replacement Project
The SIS Replacement project is in full swing. Technical
training on the Banner architecture began August 9th and will
continue through September. A functional demonstration of the
Banner system was presented on August 17th. Meanwhile, the
functional groups continue with the analysis of existing UW
business processes, identifying process improvements, and
determining how the business processes will be implemented in
the new system.
Various fundamental decisions have also been made that help
set the scope and direction of the project. One of the key
decisions is that the new student email system will be based on
the Microsoft Exchange platform. After a thorough evaluation, it
was deemed that Exchange could offer more functionality and
flexibility while being fully integrated with and supported by
the SCT Luminis portal platform.
The most current information surrounding the project can be
found on the SIS
Replacement Project website (www.uwyo.edu/newsis/). This site
is updated regularly and contains an overall timeline, project
milestones, organizational structure information, a list of
upcoming events, and other information. Please continue to check
the project website regularly and forward any questions,
comments or suggestions to Jim Berrigan, iTeAM project manager,
at 766-2636 or berrigan@uwyo.edu.
IT Automatically Patches and Updates Departmental Computers
Since March IT’s Software Update Services (SUS) has been
available for UW campus Windows computers that are members of
the UWYO domain. During its first 6 months, 3,456 computers
participated and 75,846 patches were automatically installed.
These patches help protect computers against viruses, hacking
attempts and other problems.
With such an amazing and positive response, SUS has already
become an important tool on campus. With your help, Information
Technology can assist in keeping campus computers up to date and
secure like never before. Enhancements will continue to be made
to the service. To learn more about SUS and Automatic Updates
for Windows, please visit the
SUS FAQ page (www.uwyo.edu/askit/displaydoc.asp?askitdocid=487&parentid=1) on the Ask IT website.
Computer Software Training
According to the Human Resources Training Office, the need
for software training is mentioned often in university employee
performance evaluations. Working with software applications is
an important part of many UW job duties. Information
Technology’s software trainers offer several types of training
opportunities.
Hands-On Instructor-Led Workshops: Ranging in length
from 3 to 12 hours, these workshops provide lectures,
demonstrations, and hands-on experience with Microsoft and Adobe
software programs. A complete training manual for future
reference is included in the cost of the workshop.
Question-and-Answer Workshops: Scheduled for 3 hours,
the content of these workshops changes each time they are
offered because topics are determined by workshop participants.
The cost of the workshop includes handouts and a quick reference
card.
Tips-and-Tricks Seminars: Scheduled for one hour,
these seminars are demonstrations of commonly used features for
experienced computer users who don’t want to attend a beginning
workshop. The cost of the workshop includes handouts and a quick
reference card.
New Features Seminars: Scheduled for one hour, these
seminars are demonstrations of new features in various Microsoft
Office 2003 programs. The cost of the workshop includes handouts
and a quick reference card.
Hands-On Software Courses: Scheduled for two hours,
these training sessions begin with a 15-minute introduction. The
rest of the time is spent working on an assigned project with an
instructor available to answer questions. The cost of the
workshop includes handouts and a quick reference card.
Self-Paced Training: As a free service, the IT
faculty/staff computer lab is open approximately 8 hours a week
for people who want to view computer-based or video tutorials
covering Microsoft and Adobe programs. A trainer is always
available in the room to answer questions.
Online Computer Training Tutorials: Human Resources
provides free online tutorials in all of the major software
programs (and other topics) for university faculty and staff.
Contact Paul Brown, university training and professional
development manager (pbrown@uwyo.edu
or 766-5605) for information on how to register.
Web-Designers’ Lab: Open every Wednesday from 1:00 to
3:00 pm, four university staff members (including a systems
programmer, artists, and web designers) are available to answer
all questions regarding university websites. This is also a free
service.
Training Manuals and Sample Files: Training materials
for all topics covered in instructor-led workshops are available
for individual purchase at the same price as the cost for
attending the workshop.
Information Technology offers workshops in Windows XP,
Microsoft Office XP, Microsoft FrontPage XP, Adobe PageMaker,
and Adobe Photoshop. Plans for this fall include upgrading the
hands-on workshops to Microsoft Office 2003, FrontPage 2003, and
the Adobe Creative Suite, specifically Photoshop and InDesign.
Workshop instructors are Alice Freeman and Nancy Taft. Both
have been working as computer software trainers for most of the
past 20 years and enjoy teaching the new features of programs as
they are released.
Further information on the computer software training program
and the schedule for fall may be found on the
IT Training pages (www.uwyo.edu/infotech/training/).
Campus-Wide Review of Information Technology
As part of the university’s Support Services planning
activities, a campus wide review of information technology is
underway. This spring the consulting firm of RSM McGladrey,
Inc. was selected to conduct the review. One objective of the
review is to help identify campus-wide technology issues for the
2005 – 2009 Support Services planning period, including a
recommended direction for information technologies that will
best strategically align with the university’s mission and
objectives.
In May of 2004, President Dubois appointed a Technology
Services Review Planning Team to oversee and guide the review
process. Team members are Robert Aylward, chair and vice
president for Information Technology; Rollin Abernethy,
associate vice president, Academic Affairs; Henry Bauer III,
associate dean, Arts and Sciences; Leellen Brigman, vice
president for Student Affairs; William Gern, vice president of
Research; Andrew Hansen, presidential faculty fellow; Bruce
Hooper, risk management director, Administration; and Maggie
Murdock, associate vice president and dean of the Outreach
School.
One component of the review is the evaluation of departmental
technology needs and related issues. The RSM McGladrey
consultants, with the Planning Team’s input, prepared two
questionnaires – one for department heads and directors, and one
for technical support personnel. The Planning Team solicited
suggestions from deans and department heads for the names of
faculty and staff to complete questionnaires and to be
interviewed by the consultants. The interviews were conducted
between July 6 and 22, 2004. The consultants also conducted
high-level environmental network and system security scans
looking for general vulnerabilities.
The consultants’ report will be substantially complete before
the end of November 2004. The results of the report will be
shared with the campus community. The Technology Services Review
Planning Team and the Division of Information Technology thank
all interviewees and respondents to the questionnaires for their
willingness to participate in this important process. More
information about the review is available online on the
Information Technology Services Review website (www.uwyo.edu/itsr/).
eNews Extra:
Faculty & Staff Input Requested for IT Support Services
Planning
The Division of Information Technology has started the
development of its 2005 – 2009 Support Services Plan.
Information Technology’s focus will be on cost-effective
technology support for the University’s implementation of the
Academic Plan through programming efforts, personnel
assignments, and budget commitments that will advance the
objectives of the Academic Plan and support the mission of the
University.
The campus community’s suggestions are an essential component
of Information Technology’s planning process. Preliminary
faculty and staff input was solicited through online surveys in
May. Over 700 participants completed the survey. During June and
July, a technology services review by the consulting firm of RSM
McGladrey, Inc., included questionnaires that were distributed
to approximately 200 faculty and staff, and more than 100
follow-up interviews.
We still would appreciate your further input. Please continue
to contribute to the development of IT’s Support Services Plan
by sending your comments, and suggestions for technology support
services to mhscott@uwyo.edu.
UW Wide Area Network Enhanced by “Dark
Fiber”
Thanks to funding from President Dubois and a grant from the
National Institutes of Health, UW has been able to acquire a
“dark fiber” communications line between UW and Denver,
Colorado. This line will significantly enhance UW’s Internet
connection capability. The line was purchased through the
national higher education consortium, Fiberco. This line will
provide an on-going high-speed data connection between UW and
our Internet access point in Denver, the Front Range GigaPoP (FRGP).
The FRGP is a network meeting point that connects universities
in Colorado and Wyoming to the Internet as well as to special
research networks such as Internet2 and the National Lambda Rail
(NLR).
“Dark fiber” is the term for unused and unequipped fiber
optic communications capacity. It refers to underground optical
fiber without the network equipment required to transmit data
via light waves through the fiber optic lines. With this dark
fiber network, UW can install and upgrade equipment as necessary
to “light” the fiber and transmit data at whatever transmission
rates are deemed necessary. This capability gives UW tremendous
flexibility in meeting current and future Internet demands.
Initially the fiber will operate at a speed of 1 Gbps (1 million
bits per second). The majority of this high capacity bandwidth
will be reserved for scientific and research purposes (access to
the Internet2 and NLR networks). However, general Internet
performance will also be improved.
How IT Backs Up Data on
UW’s Central Servers
In 2001 the Wyoming Legislature funded a remote data backup
and disaster recovery system for the State of Wyoming’s Cheyenne
central computer systems. The State’s central systems are
operated and maintained by the State’s Computer Technology
Division (CTD). As part of the State’s data backup plan, the
University of Wyoming entered into a joint partnership with CTD.
IT backs up the State’s data in Laramie and the CTD backs up
UW’s data in Cheyenne.
 CTD chose to use an IBM 3494 Automatic Tape Library (ATL) to
provide both local and remote backup storage on tape. Identical
3494 ATL devices were installed at CTD’s data center in the
Emerson Building in Cheyenne and at the Information Technology
data center in the Ivinson Building.
The agreement between the State and UW specified that in
return for IT housing the State’s ATL and providing operational
support, CTD would allow IT to use part of the ATL in Laramie
for local backup data storage and the ATL in Cheyenne for remote
backup storage.
Information Technology uses Tivoli Storage Manager (TSM) to
control backup storage both in Laramie and in Cheyenne. This is
a very efficient and accurate process. To create backups
quickly, systems are first backed up to online disk storage. The
online disk storage is then copied to tape in the ATLs at UW and
Cheyenne.
A high-speed channel connection between the Cheyenne and
Laramie ATLs is controlled by mainframe computers at each end.
This high-speed channel is used continuously by the systems, but
the majority of backup data is transferred to tape during off
hours.
 UW VPN Doesn’t Secure All Data
Users can connect to the UW network from remote locations
using UW Virtual Private Network (VPN) services. One of the
primary advantages of VPN is that it creates a secure, encrypted
data communications channel back to the UW network. Users should
be aware that during a VPN session only their connection back to
the UW network is secure. Data sent to other Internet locations
is not necessarily encrypted and therefore not necessarily
secure.
Encryption protects data from being seen by anyone other than
the sender and recipient while it is being transferred over a
network. (Computer transactions containing a person’s social
security number or credit card number are good examples of why
encryption is important). VPN encryption requires a software
process at each end of a VPN “tunnel” (for example, VPN software
on your laptop computer and on a VPN server at the university)
to encrypt and decrypt data.
Off-campus, remote users (especially wireless users) should
not send private data, such as credit card information, to
websites that do not provide their own form of data encryption.
Websites that have “https://” (note the “s” as in
“secure”) as part of their URL use a technology known as Secure
Socket Layer, or SSL. SSL ensures that all data sent to and from
a site is encrypted. SSL sessions can be identified by a closed
lock symbol in the lower section of the browser window.
In summary, when using VPN remote users are assured of a
secure connection back to the UW network. When sending personal
information to websites all users, whether on-campus or
off-campus, should always look for the SSL locked lock icon in
the browser window. For more information about VPN go to the
UW VPN website (www.uwyo.edu/vpn/).
eNews Extra:
Yet Another Internet Scam
In a recent newsletter article we warned users to watch out for fraudulent
"phishing" scams. These scams are potentially very serious. Scammers get you to take the bait by sending out realistic looking “corporate” emails that ask you to input your banking or credit card information. As we mentioned in the article,
Phishing, Another E-mail Scam, never give out any personal information at the request of an email sent to you.
Another scam has been popular in the last couple of weeks. It’s a
spyware scam. The emails may act like they check your system for
spyware. They don’t. In fact some may install spyware on your computer. If you find the graphics below, or similar items, in an email message delete the message. Users should never accept software or follow links that are alarming or suspicious in nature. If you have concerns about
spyware on your desktop please contact the IT Help Desk at 766-4357, option 1; or email
userhelp@uwyo.edu. The Help Desk agents and the Computer Support Specialists are seasoned at recognizing these scams. They have legitimate tools and utilities to help you remove
spyware and adware if you have become a victim of certain scams.
  
eNews Extra:
Microsoft releases Windows XP Service Pack
Microsoft continually works to improve the performance and
security of the Windows XP family of operating systems. As part
of this effort, Microsoft develops updates, fixes and other
improvements that address recognized issues. To make it easy for
customers to get these enhancements and updates, they are
regularly combined into a single package and made available for
all Windows XP customers via download or a CD. These packages
are called Service Packs.
Information Technology staff are currently testing Windows XP
Service Pack 2 for use on university-owned systems. After
evaluation and planning for deployment, IT will issue a
recommendation for institutional computers. In the meantime UW
faculty and staff may choose to apply Service Pack 2 to their
personally owned systems.
What does Service Pack 2 offer?
More Secure Communications: Service Pack 2 provides a range
of security updates, such as an Attachment Manager for Outlook®
Express and Windows Messenger, designed to increase security,
enhance reliability and give end-users more control over e-mail
and instant messaging.
More Secure Web Browsing: New security technologies and
features, such as an Internet Explorer Pop-Up Blocker and
Information Bar, offer increased protection from threats on the
internet and provide a more reliable and enjoyable user
experience.
Better Network Protection: New security updates in Service
Pack 2, such as a stronger, more easily configurable Windows
Firewall, provide better protection against viruses, hackers and
worms that spread over the Internet or through a network.
Enhanced Memory Protection: A combination of security
updates, such as Data Execution Prevention and Internet Explorer
Download Monitoring, help to guard against unauthorized programs
and code which can overwhelm a computer’s memory.
To download, order a CD, or get more information go to
www.microsoft.com/protect. For users who have a slow dial-up
connection, Information Technology has a limited number of CDs
available for checkout. Faculty and staff may check out a CD for
5 days. A $30 deposit by personal check or IDR is required,
which is refundable at the time the CDs are returned (sorry,
cash is not accepted). Contact Lynette Chance at 766-3686 to
make arrangements to check out Windows XP Service Pack 2 for
personally owned computers.
Information Technology is not responsible for installation,
configuration, or troubleshooting of Windows XP Service Pack 2
upgrades on personally-owned computers. It is highly recommended
that all data be backed up before proceeding with any upgrade.
eNews Extra:
Ping and Trace Route Servers
"Ping" and "Trace Route" are software tools typically used by
more advanced computer users to test and/or troubleshoot network
connectivity from a command-line environment. The "ping" or "tracert"
commands are entered at the command-line prompt, along with
other parameters including the address of the target computer.
The Ping tool allows a user to test to see if connectivity
exists between two computers. Trace Route (tracert) provides
information about the path and network delays between two
computers.
Unfortunately, these useful tools are often used for
illegitimate purposes by viruses and worms. Last year UW was
forced to disable these tools on the UW network as a result of
viruses that threatened the overall health and performance of
the network.
Because these tools are useful for many legitimate purposes,
IT has developed special servers to provide this function while
maintaining network security. Now, off-campus users can Ping or
Tracert to uwnetwork.uwyo.edu to test connectivity to the edge
of the UW network border. On-campus users can connect to a local
website at
http://uwnetwork.uwyo.edu where Ping and Tracert tools are
available to perform Pings and Trace Routes to off-campus
computers.
|
