update for data file exchange customers l.
Skip this Video
Loading SlideShow in 5 Seconds..
Update for Data File Exchange Customers PowerPoint Presentation
Download Presentation
Update for Data File Exchange Customers

Loading in 2 Seconds...

play fullscreen
1 / 20

Update for Data File Exchange Customers - PowerPoint PPT Presentation

  • Uploaded on

Update for Data File Exchange Customers. January 28, 2010. Objectives of Meeting. General overview of file processing 2010 activities that impact data exchange customers Clarify what it means for customers Q & A. Modes of Data Exchange. XML files with PGP encryption

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Update for Data File Exchange Customers' - Anita

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
objectives of meeting
Objectives of Meeting
  • General overview of file processing
  • 2010 activities that impact data exchange customers
  • Clarify what it means for customers
  • Q & A
modes of data exchange
Modes of Data Exchange
  • XML files with PGP encryption
  • Flat files (used for bulk student phone data updates, bulk email updates and batch IDGEN)
  • Web Services
data exchange via xml
Data Exchange via XML
  • PGP encryption used to secure data on the web server (location of the customer in/out boxes)
  • Files copied to server behind firewall to be processed
    • Data unencrypted using keys, processed then encrypted again
  • Output copied back to application server to the customer in/out boxes
    • Log files provide details on whether processing was successful
service level agreement
Service Level Agreement

Imports & Exports are Tier 2

  • Runs per schedule every day except during announced maintenance windows (typically 3rd Sunday 5-9 a.m.)
  • MAESTRO scheduler runs daily schedule
  • Production environments are monitored
  • In event of problem, objective is to find a solution during same business day
  • If problem occurs after hours or on weekend or holiday, staff will address on next business day
  • Test issues addressed on best effort basis
  • Special arrangements require 3 weeks notice
fy2010 objectives
FY2010 Objectives
  • Replace aging hardware
    • database server – Done!
      • Major performance improvements resulted 
    • application server – by June 2010
  • Implement database security enhancements
  • Begin the project to replace the data synch software engine
  • ID Card system move to OAS operated hardware
server migration project
Server Migration Project
  • Old application server(s) being replaced with new server
  • Since application server is where the encrypted files are dropped and picked-up, this hardware transition requires retesting of customer ability to reach the (new) servers
  • New servers use Linux so can’t migrate the old passwords
    • And it is good for security sake to reset passwords
for file exchange customers
For File Exchange Customers
  • Impact:
    • import (inbound to IdM for XML and flat file)
    • export customers (XML)
  • Mapping the logical address to new physical location
    • idm.cadm.harvard.edu
    • name stays same but points to a new server
  • Testing
    • Password will be reset, reestablish certificate authentication and accept a new server key
    • Can customer still connect to the inbox and outbox locations to drop and pick-up files?
proposed process high level
Proposed Process – High Level
  • ITIS creates the in/out boxes with new passwords on the new servers
  • Customers validate connectivity in Stage and Prod
    • IP connectivity, passwords (both)
    • File system permissions by running files in Stage
  • Switch stage.idm.cadm.harvard.edu to new test server
  • Switch idm.cadm.harvard.edu to new prod server on same day and time for all customers
    • Old files will not be transferred; access will be available on the old server for 30 days. Must be accessed by old server name.
    • Sequence numbers will not be affected
    • Zero day export files will not be required
typical issues
Typical Issues
  • IP connectivity  may need local network staff to talk with UIS-NOC
  • Certificate or password not revised locally
  • Permission lost  requires ITIS to request SOC assistance, then retest so report issues early
  • Users who manually move files may forget how to do it  may need local technical support
how to prepare
How to Prepare
  • Review your local process
    • If using certificates then you do have work to do to reestablish certificate authentication
    • You will be required to set password on first use; temporary passwords will be provided.
  • Inform local technical staff of the timetable and possibility you may need assistance with connectivity issues
fall of 2010 annual pgp key renewal
Fall of 2010 Annual PGP Key Renewal
  • Announcing timetable earlier so you can plan
    • To enable everyone to meet the deadline
  • Reordering some tasks to improve execution
    • Learn from this year’s experiences
    • Catch issues earlier
    • Streamline process a bit
q a on encryption
Q & A on Encryption?
  • What are your questions
documentation updates
Documentation & Updates
  • Documentation: http://isites.harvard.edu/icb/icb.do?keyword=k236
  • Operational updates:
  • http://directoryservices.scribo.harvard.edu/
other news export
Other News – Export
  • Before the end of the year we are going to begin to assigning IDGEN numbers to POI’s (rather than the 01XXXXXX range)
    • Take a look at your code and think about whether you are relying on classifying a person based purely on the number
      • In future you will not be able to rely on that approach
news flat file imports
News - Flat File Imports
  • We need to stop processing the bulk student phone and bulk email files as flat files
  • Goal is to convert everyone to encrypted XML file processing by December 2010


  • Data Security
    • HEISP requires data on servers outside firewall to be encrypted
    • Flat file processing can be much more error prone
  • XML is our standard data exchange format
    • Same format used by web services and imports
thank you for coming
Thank You For Coming!

What other questions do you have?

For general information


For production service issues:

Call UIS Helpdesk at 6-2001 or uis_helpdesk@harvard.edu

(Should ensure a more timely response)