1	UCS Systems Infrastructures Preview / Information Security Awareness Jon B. Cutler, MS, CISSP University Computing Services Associate Director, Systems Administration Information Security Officer January 2004
2	Overview “Building Foundations” Systems architecture updates Active Directory (AD) upgrade to Windows Server 2003 Systems Management Server (SMS) 2003 Exchange Server 2003 SharePoint Portal Server 2003 Information Security Awareness Secure workstation images Secure software configurations/updates Secure practices reduce risks
3	Update Server Environment
4	Server Updates – Phase 1 Active Directory Upgrades from Windows 2000 to Windows Server 2003 AD upgrades lay directory and security services foundation for following projects Distributed for availability and load balancing: Huntington Campus: MUDC01, MUDC05 So. Charleston Campus: MUDC02 MOVC Pt. Pleasant: MUDC04
5	Update Server Environment
6	Server Updates – Phase 2 Upgrading existing Systems Management Server (SMS) 2.0 to SMS 2003 Focus on: Asset management, hardware/software inventory Software distribution and updates, security updates, new application deployment Software compliance, some new applications will need to be license metered (ex: Adobe Acrobat Pro 6) Remote client support
7	Server Updates – Phase 2 (cont.) Upgrade of SharePoint Portal Server 2001 to SPS 2003 Focus on: Faculty/staff workgroup, committee collaboration Requires MS Campus CAL Not for public Internet consumption Remote client support
8	Server Update Environment
9	Server Updates – Phase 3 Upgrading existing Exchange 2000 Server to Exchange 2003 Focus on: Revamped OWA Interface, nearly identical to Outlook 2003 client Support for network-ready mobile and PDA users Improved server clustering support BITS (Background Intelligent Transfer Service) and cached client mailboxes Evaluate RPC over HTTP Access
10	Information Security Start Secure Stay Secure Secure Practices Information Security -- "The protection of information against unauthorized disclosure, transfer, modification, or destruction, whether accidental or intentional."
11	Starting Secure Best Practices: Use the UCS Faculty/Staff image Available for all supported campus desktop platforms Use the UCF image Available for public use/lab computers Don’t forget about those laptop users! UCS has a few common laptop images prepared Most will be unique configurations that will require hand-installing software Rarely network connected, when they are connected is usually over dial-up High probability of out-of-date (or even missing) AV software, definition files, Windows security updates Have those users bring laptops in for you to give them a “PC health and security checkup”
12	Staying Secure Best Practices: Use the Anti-Virus Protection on ALL your network computers Current release is Symantec AV Corporate Edition version 8.1.0.825, def date 01/29/04 rev 4 UCS Managed clients are updated weekly Symantec publishes updates each Wednesday evening AV software can provide buffer between security patches Visit the UCS Anti-Virus page at http://www.marshall.edu/antivirus for latest versions, threats, and AV network maps.
13	Staying Secure Best Practices: Windows Update: Encourage end user to apply any CRITICAL updates Windows XP images will automatically notify when critical updates are available UCS will begin pushing out critical Windows updates to managed-clients via SMS 2003 Visit the Windows Update page at http://windowsupdate.microsoft.com for latest critical and recommended updates.
14	Secure Practices Best Practices: E-mail is the most common threat to users now Viruses, worms and Trojans are distributed via e-mail E-mail may contain web URL’s that attempt to infect vulnerable PC’s (ex: the preview pane pulls down the HTML code); Outlook 2003 blocks this by default Trojan and Adware/spyware distributed via web pages Users receive pop-up notice that their browser or computer needs updated or their browsing experience will be “enhanced” Just say ‘NO’! Use secure e-mail client and run spyware checking software Faculty/Staff – Outlook 2003 is THE recommended e-mail client UCS image includes AV and spyware checking software Look for “Ad-Aware” in your program group Another popular product is called “Spybot Search & Destroy”
15	Secure Practices Software Resources/Tools: Symantec Anti-virus Corporate Edition Microsoft Baseline Security Analyzer (MBSA) Ad-Aware by Lavasoft or SpyBot Search & Destroy Microsoft Office 2003, especially junk e-mail/active content filtering in Outlook 2003 Information Security at Resources page http://www.marshall.edu/ucs/systems/infosec.asp or e-mail questions/suggestions to: InfoSec@marshall.edu
16	Questions? Jon B. Cutler, MS, CISSP University Computing Services Associate Director, Systems Administration Information Security Officer January 2004