Update for Data File Exchange Customers - PowerPoint PPT Presentation

Update for data file exchange customers l.jpg
1 / 20

Update for Data File Exchange Customers. January 28, 2010. Objectives of Meeting. General overview of file processing 2010 activities that impact data exchange customers Clarify what it means for customers Q & A. Modes of Data Exchange. XML files with PGP encryption

Related searches for Update for Data File Exchange Customers

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.

Download Presentation

Update for Data File Exchange Customers

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript

Update for data file exchange customers l.jpg

Update for Data File Exchange Customers

January 28, 2010

Objectives of meeting l.jpg

Objectives of Meeting

  • General overview of file processing

  • 2010 activities that impact data exchange customers

  • Clarify what it means for customers

  • Q & A

Modes of data exchange l.jpg

Modes of Data Exchange

  • XML files with PGP encryption

  • Flat files (used for bulk student phone data updates, bulk email updates and batch IDGEN)

  • Web Services

Data exchange via xml l.jpg

Data Exchange via XML

  • PGP encryption used to secure data on the web server (location of the customer in/out boxes)

  • Files copied to server behind firewall to be processed

    • Data unencrypted using keys, processed then encrypted again

  • Output copied back to application server to the customer in/out boxes

    • Log files provide details on whether processing was successful

Service level agreement l.jpg

Service Level Agreement

Imports & Exports are Tier 2

  • Runs per schedule every day except during announced maintenance windows (typically 3rd Sunday 5-9 a.m.)

  • MAESTRO scheduler runs daily schedule

  • Production environments are monitored

  • In event of problem, objective is to find a solution during same business day

  • If problem occurs after hours or on weekend or holiday, staff will address on next business day

  • Test issues addressed on best effort basis

  • Special arrangements require 3 weeks notice

Fy2010 objectives l.jpg

FY2010 Objectives

  • Replace aging hardware

    • database server – Done!

      • Major performance improvements resulted 

    • application server – by June 2010

  • Implement database security enhancements

  • Begin the project to replace the data synch software engine

  • ID Card system move to OAS operated hardware

Server migration project l.jpg

Server Migration Project

  • Old application server(s) being replaced with new server

  • Since application server is where the encrypted files are dropped and picked-up, this hardware transition requires retesting of customer ability to reach the (new) servers

  • New servers use Linux so can’t migrate the old passwords

    • And it is good for security sake to reset passwords

For file exchange customers l.jpg

For File Exchange Customers

  • Impact:

    • import (inbound to IdM for XML and flat file)

    • export customers (XML)

  • Mapping the logical address to new physical location

    • idm.cadm.harvard.edu

    • name stays same but points to a new server

  • Testing

    • Password will be reset, reestablish certificate authentication and accept a new server key

    • Can customer still connect to the inbox and outbox locations to drop and pick-up files?

Proposed process high level l.jpg

Proposed Process – High Level

  • ITIS creates the in/out boxes with new passwords on the new servers

  • Customers validate connectivity in Stage and Prod

    • IP connectivity, passwords (both)

    • File system permissions by running files in Stage

  • Switch stage.idm.cadm.harvard.edu to new test server

  • Switch idm.cadm.harvard.edu to new prod server on same day and time for all customers

    • Old files will not be transferred; access will be available on the old server for 30 days. Must be accessed by old server name.

    • Sequence numbers will not be affected

    • Zero day export files will not be required

Proposed time table l.jpg

Proposed Time Table

Typical issues l.jpg

Typical Issues

  • IP connectivity  may need local network staff to talk with UIS-NOC

  • Certificate or password not revised locally

  • Permission lost  requires ITIS to request SOC assistance, then retest so report issues early

  • Users who manually move files may forget how to do it  may need local technical support

How to prepare l.jpg

How to Prepare

  • Review your local process

    • If using certificates then you do have work to do to reestablish certificate authentication

    • You will be required to set password on first use; temporary passwords will be provided.

  • Inform local technical staff of the timetable and possibility you may need assistance with connectivity issues

Fall of 2010 annual pgp key renewal l.jpg

Fall of 2010 Annual PGP Key Renewal

  • Announcing timetable earlier so you can plan

    • To enable everyone to meet the deadline

  • Reordering some tasks to improve execution

    • Learn from this year’s experiences

    • Catch issues earlier

    • Streamline process a bit

Timetable and steps l.jpg

Timetable and Steps

Q a on encryption l.jpg

Q & A on Encryption?

  • What are your questions

Documentation updates l.jpg

Documentation & Updates

  • Documentation: http://isites.harvard.edu/icb/icb.do?keyword=k236

  • Operational updates:

  • http://directoryservices.scribo.harvard.edu/

Other news export l.jpg

Other News – Export

  • Before the end of the year we are going to begin to assigning IDGEN numbers to POI’s (rather than the 01XXXXXX range)

    • Take a look at your code and think about whether you are relying on classifying a person based purely on the number

      • In future you will not be able to rely on that approach

News flat file imports l.jpg

News - Flat File Imports

  • We need to stop processing the bulk student phone and bulk email files as flat files

  • Goal is to convert everyone to encrypted XML file processing by December 2010


  • Data Security

    • HEISP requires data on servers outside firewall to be encrypted

    • Flat file processing can be much more error prone

  • XML is our standard data exchange format

    • Same format used by web services and imports

Thank you for coming l.jpg

Thank You For Coming!

What other questions do you have?

For general information


For production service issues:

Call UIS Helpdesk at 6-2001 or uis_helpdesk@harvard.edu

(Should ensure a more timely response)

  • Login