1 / 22

System Management Issues for the Future Real-Time University Environment

System Management Issues for the Future Real-Time University Environment. Tom Board September 22, 2004. Northwestern University Information Technology. About the “Real-Time Enterprise”. Application availability Information integrity Transaction transparency. Thesis:.

titania
Télécharger la présentation

System Management Issues for the Future Real-Time University Environment

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. System Management Issuesfor the Future Real-Time University Environment Tom Board September 22, 2004 Northwestern University Information Technology

  2. About the “Real-Time Enterprise” • Application availability • Information integrity • Transaction transparency Thesis: A real-time enterprise is too complex to manage with our current methods. To keep users productive, to avoid security breaches, and to meet overall expectations we need new approaches and tools.

  3. About System Management • Goal: User productivity • Measured by: • Predictable and reliable transactions • Confident security of all information assets • Minimal application downtime • While enabling: • Efficient operations • Effective application of resources

  4. Item: Transaction Transparency • For a single user transaction, all expected secondary transactions between systems take place without intervention • “Real-time” means the time it takes for the user to move between systems that are affected by the transactions

  5. Transaction Transparency

  6. How: Service-Oriented Architecture • Virtual application integration • “Structured application architecture” defines services and eases maintenance

  7. Item: Information Integrity • Authoritative information is current • Current information can be accessed in real-time (what is the fund balance?) • Consistent data item semantics • Data capture is reliable and audited • Business Continuity requirements call for frequent restore points • Can we lose one (day’s, hour’s) transactions?

  8. Threats to Information Integrity & Security • Lack of security awareness • Poor software configurations • Exploitation threats • Compromised identities • Poor Business Continuity practices • Information sensitivity • Legal requirements • Opportunity risks • Open file permissions • Open preset accounts • Weak or non-existent passwords • Unpatched software • Unlocked file cabinets • Social vulnerabilities • Post-It™ password reminders • Auto-login settings • Shared NetIDs • No information backup process • No off-site backups • Too infrequent backups

  9. Answers to Information Integrity Threats • Lack of security awareness – education; newsletters; required quiz before access • Poor software configurations – desktop scanning; controlled intrusion attempts • Exploitation threats – education; auto scanning of e-mail; desktop scanning • Compromised identities – common identity and reduced sign-on; two-factor methods • Poor Business Continuity practices – education; audit reports; table-top drills

  10. Item: Application Availability • Most important: user-perceived availability • Up-time • Response time • Service provider availability • Up-time outside of maintenance windows • Response time • Simultaneous sessions • Transaction transparency makes any service only as reliable as the weakest link

  11. Availability is Measured End-to-End • We must measure availability, performance, response time, etc., end-to-end. • This quantifies perceived experience • Requires monitoring the complete application path • Transaction measurements and trends are more important than volume metrics • Instead of how many – what was the wait? • Instead of worst response time – distribution and trend of response times

  12. Threats to Application Availability • Physical • Malicious code • Denial-of-Service • Poor software quality assurance • Poor capacity planning If an application is available this hour, then what must we do to ensure that it is available next hour?

  13. Threats to Application Availability

  14. Capacity - Monitoring is Crucial Take corrective action? Response Time or Transaction Time SLA goal What is the interval? Perceived Time

  15. Dealing with Peak Demands Static provisioning for peak demand leaves resources idle. Conservative estimates create excess capacity. Both contribute to increased costs. Excess Capacity SLA Idle Capacity Transactions / unit Actual Demand Time

  16. Dynamic Provisioning End-to-End Measurement

  17. Using Dynamic Provisioning Dynamic provisioning for peak demand reduces idle capacity and eliminates over capacity. Result: cost savings. Allocated pool capacity SLA Transactions / unit Idle Capacity Actual Demand Time

  18. Answers to Availability Threats • Physical – redundancy and diversity • Malicious code – vulnerability scanning and intrusion detection • Denial-of-Service – session behavior modeling • Poor software quality assurance – new development methods and regression testing • Poor capacity planning – load testing, monitoring and dynamic provisioning

  19. Work In Progress • Continuing requests for load testing and regression testing software • ITCS is experimenting with dynamic provisioning and end-to-end monitoring software • Dormitory scanning software is under study for possible wider deployment • ADC working on data access policies and role-based security frameworks • Identity management system replacement

  20. Summary • The University will become a real-time enterprise under a Service Oriented Architecture • Information integrity and real-time access are vital to support distributed business processes • User productivity will be dependent upon many inter-operating systems – a single degraded service will affect processes throughout the University

  21. Summary (con’t) • We need increased security awareness and systems to automatically detect and remediate threats – the network must defend itself • This new environment will overwhelm “seat of the pants” monitoring or uncoordinated approaches • End-to-end monitoring, dynamic provisioning, software authoring tools, and move-to-production testing tools are necessary for NUIT to be both proactive and efficient

  22. Questions?

More Related