Restricted/Limited Access Network project meeting

Monday, January 7, 2013; 3:00 p.m.; AISB-208

Invited

Phil Benchoff, Jacob Dawson, Marc DeBonis, William Dougherty, Peter Franchi, Brian Jones, Ron Keller, Jeff Kidd, Dean Kirstein, Philip Kobezak, Greg Kroll, Steve Lee, Randy Marchany, Christine Morrison, Rich Sparrow, Lucas Sullivan

Agenda

1. Reminders:
   1. No meeting Monday, Jan. 21st because of university holiday, so next meeting is Feb. 4th (Do we need an interim meeting?)
   2. Scott Midkiff will be attending our February 4, 2013 meeting which has been moved from 3:00 pm to 1:30pm
2. Discuss plans/draft agenda for Feb. 4th meeting
3. Review action items from 20121217 - December 17, 2012 RLAN Project Status Meeting
4. Status Updates
   1. Status of the RLAN implementation in Student Services building.
   2. Status of the RLAN implementation in other buildings.
5. Begin discussion of RLAN communications plan
   1. Review draft RLAN FAQ
6. Open forum

Attended

Brian Jones, Ron Keller, Jeff Kidd, Philip Kobezak, Greg Kroll, Steve Lee, Christine Morrison, Bryant Sparks, Rich Sparrow, Lucas Sullivan, Brad Tilley

Meeting Notes

1. Reminders:
   1. No notes.
2. Discuss plans/draft agenda for Feb. 4th meeting
   1. Scott has already seen the diagrams and demo's so a snapshot of the project status and timeline was suggested.
   2. Action item: Greg will develop a project timeline and post to this wiki for comment.
3. Review action items from 20121217 - December 17, 2012 RLAN Project Status Meeting
   1. Action item: Ron will send a RLAN IP address to Marc and cc the hostmaster.
      1. Ron reported this item completed on 12/18/2012.
   2. Action item: Figure out where is the best "home" for information about the RLAN including this FAQ. Some suggestions include ITSO website and www.computing.vt.edu
      1. It was decided that the best home is security.vt.edu and those RLAN webpages would be linked from cns.vt.edu and computing.vt.edu
4. Status Updates
   1. In addition to the existing connections in the Bursar's office and ITSO Security Lab, there should be a connection in the Registrar's office by January 23, 2013.
   2. Need to finish developing business processes to track current RLAN connections as a model for future connections.
   3. All central/core equipment is in place.
5. Begin discussion of RLAN communications plan
   1. We discussed the need for broad and general information for end users and departments which may be suitable for a "home" webpage on security.vt.edu and/or computing.vt.edu
   2. Detailed information, e.g., how to request/order a RLAN connection may be more suitable for the KnowledgeBase.
   3. Phillips draft RLAN FAQ document was reviewed and discussed. Please send comments/updates to Phillip.
6. Open forum
   1. Process for user requested access to external sites
      1. Eventually the ITSO webapp will handle this but it is not ready yet, so for now we will use email.
      2. Request needs approval, probably by Department Head (DH). So this logic needs to be included in any webapp.
      3. Will require changes to firewall so we will use the Engineering Change Order (ECO).
      4. Since there is only a single firewall for the entire RLAN any approved changes will be in effect for the entire RLAN (not for specific segments, like a single departments access to the RLAN). This means that one DH could approve a site that another DH would not but once approved everyone on the RLAN has access to that site.
      5. DH approval is so some authority reviews the request and approves there is a business need for access, it is not meant to restrict or allow access.
      6. Recommendations to departments will be to maintain security to other devices on the RLAN like printers by restricting access to the print spooler, etc.