Update for data file exchange customers
Download
1 / 20

Update for Data File Exchange Customers - PowerPoint PPT Presentation


Update for Data File Exchange Customers. January 28, 2010. Objectives of Meeting. General overview of file processing 2010 activities that impact data exchange customers Clarify what it means for customers Q & A. Modes of Data Exchange. XML files with PGP encryption

Related searches for Update for Data File Exchange Customers

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha

Download Presentation

Update for Data File Exchange Customers

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Update for Data File Exchange Customers

January 28, 2010


Objectives of Meeting

  • General overview of file processing

  • 2010 activities that impact data exchange customers

  • Clarify what it means for customers

  • Q & A


Modes of Data Exchange

  • XML files with PGP encryption

  • Flat files (used for bulk student phone data updates, bulk email updates and batch IDGEN)

  • Web Services


Data Exchange via XML

  • PGP encryption used to secure data on the web server (location of the customer in/out boxes)

  • Files copied to server behind firewall to be processed

    • Data unencrypted using keys, processed then encrypted again

  • Output copied back to application server to the customer in/out boxes

    • Log files provide details on whether processing was successful


Service Level Agreement

Imports & Exports are Tier 2

  • Runs per schedule every day except during announced maintenance windows (typically 3rd Sunday 5-9 a.m.)

  • MAESTRO scheduler runs daily schedule

  • Production environments are monitored

  • In event of problem, objective is to find a solution during same business day

  • If problem occurs after hours or on weekend or holiday, staff will address on next business day

  • Test issues addressed on best effort basis

  • Special arrangements require 3 weeks notice


FY2010 Objectives

  • Replace aging hardware

    • database server – Done!

      • Major performance improvements resulted 

    • application server – by June 2010

  • Implement database security enhancements

  • Begin the project to replace the data synch software engine

  • ID Card system move to OAS operated hardware


Server Migration Project

  • Old application server(s) being replaced with new server

  • Since application server is where the encrypted files are dropped and picked-up, this hardware transition requires retesting of customer ability to reach the (new) servers

  • New servers use Linux so can’t migrate the old passwords

    • And it is good for security sake to reset passwords


For File Exchange Customers

  • Impact:

    • import (inbound to IdM for XML and flat file)

    • export customers (XML)

  • Mapping the logical address to new physical location

    • idm.cadm.harvard.edu

    • name stays same but points to a new server

  • Testing

    • Password will be reset, reestablish certificate authentication and accept a new server key

    • Can customer still connect to the inbox and outbox locations to drop and pick-up files?


Proposed Process – High Level

  • ITIS creates the in/out boxes with new passwords on the new servers

  • Customers validate connectivity in Stage and Prod

    • IP connectivity, passwords (both)

    • File system permissions by running files in Stage

  • Switch stage.idm.cadm.harvard.edu to new test server

  • Switch idm.cadm.harvard.edu to new prod server on same day and time for all customers

    • Old files will not be transferred; access will be available on the old server for 30 days. Must be accessed by old server name.

    • Sequence numbers will not be affected

    • Zero day export files will not be required


Proposed Time Table


Typical Issues

  • IP connectivity  may need local network staff to talk with UIS-NOC

  • Certificate or password not revised locally

  • Permission lost  requires ITIS to request SOC assistance, then retest so report issues early

  • Users who manually move files may forget how to do it  may need local technical support


How to Prepare

  • Review your local process

    • If using certificates then you do have work to do to reestablish certificate authentication

    • You will be required to set password on first use; temporary passwords will be provided.

  • Inform local technical staff of the timetable and possibility you may need assistance with connectivity issues


Fall of 2010 Annual PGP Key Renewal

  • Announcing timetable earlier so you can plan

    • To enable everyone to meet the deadline

  • Reordering some tasks to improve execution

    • Learn from this year’s experiences

    • Catch issues earlier

    • Streamline process a bit


Timetable and Steps


Q & A on Encryption?

  • What are your questions


Documentation & Updates

  • Documentation: http://isites.harvard.edu/icb/icb.do?keyword=k236

  • Operational updates:

  • http://directoryservices.scribo.harvard.edu/


Other News – Export

  • Before the end of the year we are going to begin to assigning IDGEN numbers to POI’s (rather than the 01XXXXXX range)

    • Take a look at your code and think about whether you are relying on classifying a person based purely on the number

      • In future you will not be able to rely on that approach


News - Flat File Imports

  • We need to stop processing the bulk student phone and bulk email files as flat files

  • Goal is to convert everyone to encrypted XML file processing by December 2010

    Drivers:

  • Data Security

    • HEISP requires data on servers outside firewall to be encrypted

    • Flat file processing can be much more error prone

  • XML is our standard data exchange format

    • Same format used by web services and imports


Thank You For Coming!

What other questions do you have?

For general information

directory_services@harvard.edu

For production service issues:

Call UIS Helpdesk at 6-2001 or uis_helpdesk@harvard.edu

(Should ensure a more timely response)


ad
  • Login