Fall 2004

In this issue:

Internet Security for All UW Users

Accessing UW Software with VPN

Global Email Addresses

UW Firewall Completed

SIS Project Update

Computer Patches & Updates

Software Training

IT Services Review

Dark Fiber Project

Exchange Web Access

How IT Backs Up Data

IT Survey Winners

UW VPN Doesn’t Secure All Data

eNews Extras:

Yet Another Internet Scam

Microsoft Releases Windows XP Service Pack 2

Faculty, Staff Input Requested for IT Support Services Plan

Ping and Trace Route Servers

(eNews Extras are late-breaking stories not included in the printed version of this newsletter)

IT Technology Survey Winners Announced

This spring, the Division of Information Technology surveyed students, faculty and staff to assist us in improving our services. There were over 1,250 responses from students and more than 750 responses from faculty and staff. Students who completed the survey were entered to win an Apple iPod Mini. Student computer survey drawing winner, Emi Ueda
Emi Ueda The winning student, selected at random, was Emi Ueda from Hyogo, Japan. Staff member Christi Goodoff, an Accounting Associate in the university’s Payroll Office, was selected as the winner of a Canon PowerShot digital camera in the faculty/staff survey drawing. Thanks to all who responded to the survey and for helping us identify how to improve technology offerings and services.

Check your UW email from a Web browser...

Your UW Exchange email account is available from any computer connected to the Internet, worldwide.

This is particularly useful when traveling or using someone else’s computer. UW’s email system, Exchange, is accessible from any computer with a Web browser at http://exchange.uwyo.edu. You will be prompted for your username and password to access your email account. (ASUWLink mail is also available at http://webmail.uwyo.edu.)

Accessing your UW Exchange Email from any browser:

Go to http://exchange.uwyo.edu
Click on Logon to Outlook Web Access
Enter your uwyo domain username and password in the pop-up logon box and select OK

IT Helps Provide Internet Security for Faculty, Staff & Students
On-Campus & at Home

According to a July 28, 2004, TechWeb news article, “A firm specializing in the development of anti-virus and anti-spam software said … that 4,677 new viruses were written in the first six months of 2004 – an increase of 21 percent over the same period last year.” To help combat the ever increasing virus and hacking threats, Information Technology has implemented a multi-tiered network defense to protect against them. You can help protect your computers and the UW network by making your work and home computers more secure.

IT continues to strengthen its network firewalling effort, the UW email systems, and has taken further steps to place more tools in the hands of faculty, staff, and students to help protect their computer systems from malicious viruses.

Institutionally Owned Computers

Historically, IT has provided antivirus software to all UW faculty and staff without cost. Faculty and staff should take advantage of the opportunity to install Trend Micro’s OfficeScan software on UW-owned desktop and laptop computers running Windows XP Professional or Windows 2000 Professional. Visit www.uwyo.edu/infotech/services/software/antivirus/ and choose the UW Faculty and Staff link. The information will guide users through the appropriate installation process. The UWStudent Lab system is also protected by Trend Micro’s OfficeScan.

Vulnerabilities in the Windows operating system have allowed for security compromises and hacking attempts, negatively affecting computers and severely affecting the networks to which they are attached. UW computers can be protected against these vulnerabilities by taking advantage of IT’s Software Update Service, which delivers automatic Windows operating system security updates. By default, all computers that are part of the windows. uwyo.edu domain automatically participate in the SUS service, unless someone specifically requests that their computer be excluded. See the complete SUS FAQ online (www.uwyo.edu/askit/displaydoc.asp? askitdocid=487&parentid=1).

SPAM also continues to be a huge problem. IT tags suspected SPAM messages as they are processed through the UW email servers. Because these tags are based on probability, it’s possible that messages can be mis-tagged. The possibility of mis-tagging a messaging is why the tagged messages are not deleted before being placed in a recipient’s inbox. See How to Create a Rule in Microsoft Outlook to Manage SPAM E-mail (www.uwyo.edu/askit/displaydoc.asp?askitdocid=155&parentid=1) for an explanation of services and how users can use and customize personal SPAM filters using Microsoft Outlook.

Personally Owned Computers

NEW THIS YEAR FOR FACULTY, STAFF AND STUDENTS:
IT has purchased licenses for Trend Micro’s PC-cillin Internet Security, a complete Internet security solution for UW faculty, staff, and students to use on their personal computers. There is no cost to download and use this software. Users should go to the www.uwyo.edu/infotech/services/software/antivirus/ website and follow the appropriate link to retrieve access codes, get installation instructions, download the software*, and find help from TrendMicro. Support for PC-cillin will be provided by Trend Micro. A current UWStudent or UWYO domain account is required to retrieve the access codes from the website.

This software package includes antivirus, anti-spam, anti-spyware, and personal firewall utilities. Faculty, staff, and students are strongly encouraged to take advantage of this important software, especially if electronic exchange and communication is expected for homework, appointments, and other academic requirements.

There are significant advantages to using PC-cillin at home. PC-cillin receives updates against new viruses automatically if an Internet connection is present. In addition, there are more security features available in PC-cillin than were available in OffficeScan for home users.

Faculty and staff who have installed Trend Micro’s OfficeScan antivirus software at home should remove it from their personal computers. Remote installations of OfficeScan on personally owned computers will not be supported after March 31, 2005.

Visit the Ask IT website (www.uwyo.edu/askit) for an expansive list of information on other IT-provided services and software: How-Tos (help documents covering a variety of topics), frequently asked questions and online help and service requests.

For assistance or answers to questions about any IT service, please call the IT Help Desk at 766-4357 (6-HELP), option 1; contact your user consultant; or email userhelp@uwyo.edu.

*Faculty and staff who use dial-up modem access may choose to pick up a CD copy of the media (CDs) in the Ivinson Building, room 140.

Remote Access to UW Software with VPN

Now that the UW network firewall is in place, there are essentially two types of servers on the UW network: public servers and private servers. Public servers are accessible from the Internet or the UW network. Private servers are accessible only from the UW network or through the Internet by way of a Virtual Private Network (VPN) connection to the university. A VPN connection, which requires a username and password, allows a VPN user at a remote location to appear to be connected directly to the university network.

There are three environments under which a person may access and run UW-provided software. The first environment is what can be called a local environment, which is a hard-wired network connection to the UW network. Locations offering this type of connection include UW at Laramie, Casper Health Center, UW Outreach-Casper, Casper College, Cheyenne Family Practice Center and the Powell Research Center.

There are two types of remote environments: remote without a VPN connection and remote with a VPN connection. “Remote” indicates either off campus or wireless and includes UW DSL^†, ResNet^†, wireless^†, modems^† (dial-up), and Internet access from other off-site locations. One such example of an off-site location is the Internet connection that may be available in a hotel room. Certain applications that would not normally be available through a simple connection to the Internet are configured to work from remote locations using a VPN connection.

Not all remote connections require a VPN connection (e.g., using Outlook Web Access doesn’t require a VPN session).

As IT adds software for campus use, users should refer to the table located on the UW Network Connection Types and Software Availability page (www.uwyo.edu/infotech/services/network/vpn/netsoftware.asp) to see if the software will require a VPN client and if it is supported in remote environments.

^† UW DSL, ResNet, wireless and modems (dial-up) do not currently require a VPN connection. However, in the near future these access methods may require VPN.

Using Exchange Global Email Addresses

The Exchange Global Address List (GAL) is a useful tool for finding the email addresses of UW faculty and staff. The first thing you may notice upon opening the GAL is that it is sorted alphabetically by first name (John Doe) rather than last name (Doe, John). Exchange requires that names be displayed in the same format in the TO, FROM, and CC fields of an email message as in the GAL. That being the case, UW uses the more friendly firstname, lastname format for UW’s Exchange email system. If the format was lastname, firstname then all outgoing email would appear in that format (Doe, John).

Regardless of how names are displayed it is possible for users to search by either first or last name. There are several ways to search for a name:

from Outlook’s main menu select Tools, Address Book
then, in the “Show Names from the:” selection box, at right in the Address Book window, select Global Address List
finally, from the Address Book window’s Tools menu, select Find

When composing an email message in Outlook, you can also type part or all of either the first or last name in the TO field and click on the Check Names icon in the tool bar. This will open a window that lists all possible matches for that first or last name.

Many UW users are now taking advantage of the Nickname feature. Human Resources and Information Technology recently implemented this feature. You can read about it, including how to add a Nickname to your account, in the winter 2004 IT Newsletter (www.uwyo.edu/infotech/news/newsletter/2004/04winter.asp#names).

In the near future it will be possible to search the GAL for the email addresses of UW faculty and staff that do not have Exchange accounts. In the past, staff members with email accounts on non-Exchange mail servers were not listed in the GAL. Recently, IT has started to work with Human Resources to identify those users and to add their names to the GAL.

UW’s Firewall Project Completed

The process of moving the UW data network behind a security firewall was completed over the summer. The firewall helps protect the university’s internal data network from external attacks coming from the outside world through the Internet. However, attacks can also come from inside the network, through email, from malicious websites that are browsed by on-campus users, etc. The firewall is only one component of overall network security and does not remove the need for other components. For example, the firewall does not remove the need to keep operating system security patches up to date and install antivirus software. Email coming into the university through the main mail gateway is scanned for viruses, but email coming from other Internet service providers (ISPs) might not be protected and can infect computers inside the firewall. Consequently, it is imperative that all workstations and servers run up-to-date antivirus software and that software update patches are installed on a regular basis.

Further information about UW’s firewall can be found on the IT Firewall website (www.uwyo.edu/infotech/services/security/firewall/).

Update on SIS Replacement Project

The SIS Replacement project is in full swing. Technical training on the Banner architecture began August 9th and will continue through September. A functional demonstration of the Banner system was presented on August 17th. Meanwhile, the functional groups continue with the analysis of existing UW business processes, identifying process improvements, and determining how the business processes will be implemented in the new system.

Various fundamental decisions have also been made that help set the scope and direction of the project. One of the key decisions is that the new student email system will be based on the Microsoft Exchange platform. After a thorough evaluation, it was deemed that Exchange could offer more functionality and flexibility while being fully integrated with and supported by the SCT Luminis portal platform.

The most current information surrounding the project can be found on the SIS Replacement Project website (www.uwyo.edu/newsis/). This site is updated regularly and contains an overall timeline, project milestones, organizational structure information, a list of upcoming events, and other information. Please continue to check the project website regularly and forward any questions, comments or suggestions to Jim Berrigan, iTeAM project manager, at 766-2636 or berrigan@uwyo.edu.

IT Automatically Patches and Updates Departmental Computers

Since March IT’s Software Update Services (SUS) has been available for UW campus Windows computers that are members of the UWYO domain. During its first 6 months, 3,456 computers participated and 75,846 patches were automatically installed. These patches help protect computers against viruses, hacking attempts and other problems.

With such an amazing and positive response, SUS has already become an important tool on campus. With your help, Information Technology can assist in keeping campus computers up to date and secure like never before. Enhancements will continue to be made to the service. To learn more about SUS and Automatic Updates for Windows, please visit the SUS FAQ page (www.uwyo.edu/askit/displaydoc.asp?askitdocid=487&parentid=1) on the Ask IT website.

Computer Software Training

According to the Human Resources Training Office, the need for software training is mentioned often in university employee performance evaluations. Working with software applications is an important part of many UW job duties. Information Technology’s software trainers offer several types of training opportunities.

Hands-On Instructor-Led Workshops: Ranging in length from 3 to 12 hours, these workshops provide lectures, demonstrations, and hands-on experience with Microsoft and Adobe software programs. A complete training manual for future reference is included in the cost of the workshop.

Question-and-Answer Workshops: Scheduled for 3 hours, the content of these workshops changes each time they are offered because topics are determined by workshop participants. The cost of the workshop includes handouts and a quick reference card.

Tips-and-Tricks Seminars: Scheduled for one hour, these seminars are demonstrations of commonly used features for experienced computer users who don’t want to attend a beginning workshop. The cost of the workshop includes handouts and a quick reference card.

New Features Seminars: Scheduled for one hour, these seminars are demonstrations of new features in various Microsoft Office 2003 programs. The cost of the workshop includes handouts and a quick reference card.

Hands-On Software Courses: Scheduled for two hours, these training sessions begin with a 15-minute introduction. The rest of the time is spent working on an assigned project with an instructor available to answer questions. The cost of the workshop includes handouts and a quick reference card.

Self-Paced Training: As a free service, the IT faculty/staff computer lab is open approximately 8 hours a week for people who want to view computer-based or video tutorials covering Microsoft and Adobe programs. A trainer is always available in the room to answer questions.

Online Computer Training Tutorials: Human Resources provides free online tutorials in all of the major software programs (and other topics) for university faculty and staff. Contact Paul Brown, university training and professional development manager (pbrown@uwyo.edu or 766-5605) for information on how to register.

Web-Designers’ Lab: Open every Wednesday from 1:00 to 3:00 pm, four university staff members (including a systems programmer, artists, and web designers) are available to answer all questions regarding university websites. This is also a free service.

Training Manuals and Sample Files: Training materials for all topics covered in instructor-led workshops are available for individual purchase at the same price as the cost for attending the workshop.

Information Technology offers workshops in Windows XP, Microsoft Office XP, Microsoft FrontPage XP, Adobe PageMaker, and Adobe Photoshop. Plans for this fall include upgrading the hands-on workshops to Microsoft Office 2003, FrontPage 2003, and the Adobe Creative Suite, specifically Photoshop and InDesign.

Workshop instructors are Alice Freeman and Nancy Taft. Both have been working as computer software trainers for most of the past 20 years and enjoy teaching the new features of programs as they are released.

Further information on the computer software training program and the schedule for fall may be found on the IT Training pages (www.uwyo.edu/infotech/services/training/).

Campus-Wide Review of Information Technology

As part of the university’s Support Services planning activities, a campus wide review of information technology is underway. This spring the consulting firm of RSM McGladrey, Inc. was selected to conduct the review. One objective of the review is to help identify campus-wide technology issues for the 2005 – 2009 Support Services planning period, including a recommended direction for information technologies that will best strategically align with the university’s mission and objectives.

In May of 2004, President Dubois appointed a Technology Services Review Planning Team to oversee and guide the review process. Team members are Robert Aylward, chair and vice president for Information Technology; Rollin Abernethy, associate vice president, Academic Affairs; Henry Bauer III, associate dean, Arts and Sciences; Leellen Brigman, vice president for Student Affairs; William Gern, vice president of Research; Andrew Hansen, presidential faculty fellow; Bruce Hooper, risk management director, Administration; and Maggie Murdock, associate vice president and dean of the Outreach School.

One component of the review is the evaluation of departmental technology needs and related issues. The RSM McGladrey consultants, with the Planning Team’s input, prepared two questionnaires – one for department heads and directors, and one for technical support personnel. The Planning Team solicited suggestions from deans and department heads for the names of faculty and staff to complete questionnaires and to be interviewed by the consultants. The interviews were conducted between July 6 and 22, 2004. The consultants also conducted high-level environmental network and system security scans looking for general vulnerabilities.

The consultants’ report will be substantially complete before the end of November 2004. The results of the report will be shared with the campus community. The Technology Services Review Planning Team and the Division of Information Technology thank all interviewees and respondents to the questionnaires for their willingness to participate in this important process. More information about the review is available online on the Information Technology Services Review website (www.uwyo.edu/itsr/).

eNews Extra:
Faculty & Staff Input Requested for IT Support Services Planning

The Division of Information Technology has started the development of its 2005 – 2009 Support Services Plan. Information Technology’s focus will be on cost-effective technology support for the University’s implementation of the Academic Plan through programming efforts, personnel assignments, and budget commitments that will advance the objectives of the Academic Plan and support the mission of the University.

The campus community’s suggestions are an essential component of Information Technology’s planning process. Preliminary faculty and staff input was solicited through online surveys in May. Over 700 participants completed the survey. During June and July, a technology services review by the consulting firm of RSM McGladrey, Inc., included questionnaires that were distributed to approximately 200 faculty and staff, and more than 100 follow-up interviews.

We still would appreciate your further input. Please continue to contribute to the development of IT’s Support Services Plan by sending your comments, and suggestions for technology support services to mhscott@uwyo.edu.

UW Wide Area Network Enhanced by “Dark Fiber”

Thanks to funding from President Dubois and a grant from the National Institutes of Health, UW has been able to acquire a “dark fiber” communications line between UW and Denver, Colorado. This line will significantly enhance UW’s Internet connection capability. The line was purchased through the national higher education consortium, Fiberco. This line will provide an on-going high-speed data connection between UW and our Internet access point in Denver, the Front Range GigaPoP (FRGP). The FRGP is a network meeting point that connects universities in Colorado and Wyoming to the Internet as well as to special research networks such as Internet2 and the National Lambda Rail (NLR).

“Dark fiber” is the term for unused and unequipped fiber optic communications capacity. It refers to underground optical fiber without the network equipment required to transmit data via light waves through the fiber optic lines. With this dark fiber network, UW can install and upgrade equipment as necessary to “light” the fiber and transmit data at whatever transmission rates are deemed necessary. This capability gives UW tremendous flexibility in meeting current and future Internet demands. Initially the fiber will operate at a speed of 1 Gbps (1 million bits per second). The majority of this high capacity bandwidth will be reserved for scientific and research purposes (access to the Internet2 and NLR networks). However, general Internet performance will also be improved.

How IT Backs Up Data on UW’s Central Servers

In 2001 the Wyoming Legislature funded a remote data backup and disaster recovery system for the State of Wyoming’s Cheyenne central computer systems. The State’s central systems are operated and maintained by the State’s Computer Technology Division (CTD). As part of the State’s data backup plan, the University of Wyoming entered into a joint partnership with CTD. IT backs up the State’s data in Laramie and the CTD backs up UW’s data in Cheyenne.

System Backups diagram CTD chose to use an IBM 3494 Automatic Tape Library (ATL) to provide both local and remote backup storage on tape. Identical 3494 ATL devices were installed at CTD’s data center in the Emerson Building in Cheyenne and at the Information Technology data center in the Ivinson Building.

The agreement between the State and UW specified that in return for IT housing the State’s ATL and providing operational support, CTD would allow IT to use part of the ATL in Laramie for local backup data storage and the ATL in Cheyenne for remote backup storage.

Information Technology uses Tivoli Storage Manager (TSM) to control backup storage both in Laramie and in Cheyenne. This is a very efficient and accurate process. To create backups quickly, systems are first backed up to online disk storage. The online disk storage is then copied to tape in the ATLs at UW and Cheyenne.

A high-speed channel connection between the Cheyenne and Laramie ATLs is controlled by mainframe computers at each end. This high-speed channel is used continuously by the systems, but the majority of backup data is transferred to tape during off hours.

UW VPN Doesn’t Secure All Data

Users can connect to the UW network from remote locations using UW Virtual Private Network (VPN) services. One of the primary advantages of VPN is that it creates a secure, encrypted data communications channel back to the UW network. Users should be aware that during a VPN session only their connection back to the UW network is secure. Data sent to other Internet locations is not necessarily encrypted and therefore not necessarily secure.

Encryption protects data from being seen by anyone other than the sender and recipient while it is being transferred over a network. (Computer transactions containing a person’s social security number or credit card number are good examples of why encryption is important). VPN encryption requires a software process at each end of a VPN “tunnel” (for example, VPN software on your laptop computer and on a VPN server at the university) to encrypt and decrypt data.

Off-campus, remote users (especially wireless users) should not send private data, such as credit card information, to websites that do not provide their own form of data encryption. Websites that have “https://” (note the “s” as in “secure”) as part of their URL use a technology known as Secure Socket Layer, or SSL. SSL ensures that all data sent to and from a site is encrypted. SSL sessions can be identified by a closed lock symbol in the lower section of the browser window.

In summary, when using VPN remote users are assured of a secure connection back to the UW network. When sending personal information to websites all users, whether on-campus or off-campus, should always look for the SSL locked lock icon in the browser window. For more information about VPN go to the UW VPN web pages (www.uwyo.edu/infotech/services/network/vpn/).

eNews Extra:
Yet Another Internet Scam

In a recent newsletter article we warned users to watch out for fraudulent "phishing" scams. These scams are potentially very serious. Scammers get you to take the bait by sending out realistic looking “corporate” emails that ask you to input your banking or credit card information. As we mentioned in the article, Phishing, Another E-mail Scam, never give out any personal information at the request of an email sent to you.

Another scam has been popular in the last couple of weeks. It’s a spyware scam. The emails may act like they check your system for spyware. They don’t. In fact some may install spyware on your computer. If you find the graphics below, or similar items, in an email message delete the message. Users should never accept software or follow links that are alarming or suspicious in nature. If you have concerns about spyware on your desktop please contact the IT Help Desk at 766-4357, option 1; or email userhelp@uwyo.edu. The Help Desk agents and the Computer Support Specialists are seasoned at recognizing these scams. They have legitimate tools and utilities to help you remove spyware and adware if you have become a victim of certain scams.

eNews Extra:
Microsoft releases Windows XP Service Pack

Microsoft continually works to improve the performance and security of the Windows XP family of operating systems. As part of this effort, Microsoft develops updates, fixes and other improvements that address recognized issues. To make it easy for customers to get these enhancements and updates, they are regularly combined into a single package and made available for all Windows XP customers via download or a CD. These packages are called Service Packs.

Information Technology staff are currently testing Windows XP Service Pack 2 for use on university-owned systems. After evaluation and planning for deployment, IT will issue a recommendation for institutional computers. In the meantime UW faculty and staff may choose to apply Service Pack 2 to their personally owned systems.

What does Service Pack 2 offer?

More Secure Communications: Service Pack 2 provides a range of security updates, such as an Attachment Manager for Outlook® Express and Windows Messenger, designed to increase security, enhance reliability and give end-users more control over e-mail and instant messaging.

More Secure Web Browsing: New security technologies and features, such as an Internet Explorer Pop-Up Blocker and Information Bar, offer increased protection from threats on the internet and provide a more reliable and enjoyable user experience.

Better Network Protection: New security updates in Service Pack 2, such as a stronger, more easily configurable Windows Firewall, provide better protection against viruses, hackers and worms that spread over the Internet or through a network.

Enhanced Memory Protection: A combination of security updates, such as Data Execution Prevention and Internet Explorer Download Monitoring, help to guard against unauthorized programs and code which can overwhelm a computer’s memory.

To download, order a CD, or get more information go to www.microsoft.com/protect. For users who have a slow dial-up connection, Information Technology has a limited number of CDs available for checkout. Faculty and staff may check out a CD for 5 days. A $30 deposit by personal check or IDR is required, which is refundable at the time the CDs are returned (sorry, cash is not accepted). Contact Lynette Chance at 766-3686 to make arrangements to check out Windows XP Service Pack 2 for personally owned computers.

Information Technology is not responsible for installation, configuration, or troubleshooting of Windows XP Service Pack 2 upgrades on personally-owned computers. It is highly recommended that all data be backed up before proceeding with any upgrade.

eNews Extra:
Ping and Trace Route Servers

"Ping" and "Trace Route" are software tools typically used by more advanced computer users to test and/or troubleshoot network connectivity from a command-line environment. The "ping" or "tracert" commands are entered at the command-line prompt, along with other parameters including the address of the target computer. The Ping tool allows a user to test to see if connectivity exists between two computers. Trace Route (tracert) provides information about the path and network delays between two computers.

Unfortunately, these useful tools are often used for illegitimate purposes by viruses and worms. Last year UW was forced to disable these tools on the UW network as a result of viruses that threatened the overall health and performance of the network.

Because these tools are useful for many legitimate purposes, IT has developed special servers to provide this function while maintaining network security. Now, off-campus users can Ping or Tracert to uwnetwork.uwyo.edu to test connectivity to the edge of the UW network border. On-campus users can connect to a local website at http://uwnetwork.uwyo.edu where Ping and Tracert tools are available to perform Pings and Trace Routes to off-campus computers.