University at Buffalo - The State University of New York

The introduction of VoIP and increased reliance on the network for critical business applications caused OSS to examine the risks of network down-time associated with a prolonged power outage. OSS is moving ahead to develop and deploy a power survivability plan in partnership with University Facilities. The plan provides backup power services for network equipment in select locations requiring continuous voice and data operation. The list of sites includes a small set of user functions as well as critical network aggregation hubs so that localized power interruptions won't affect communications services in other buildings. The solution set includes tapping into existing building generator circuits and the deployment of UPS systems. Where emergency building generator power is not currently available, the UPS is being sized to provide a two hour run time.

UB continues to demonstrate its commitment to personal safety with the introduction of 76 new surveillance cameras and 19 new emergency blue light phones on the South Campus over the past year. OSS established a private network to support the IP cameras and partnered with Verizon to deliver emergency ringdown service to University Police as well as broadcast messaging capabilities to each blue light phone. Similar upgrades are planned for the North Campus.

On 7/21/09, the Bell Hall subnets were cut over to the new UB10G backbone becoming the first production networks to do so. This significant milestone occurred after months of preparation and with the cooperation of SENS and CSE IT support staff. Jerry Bucklaew, UB's Senior Network Architect and Network Backbone Upgrade Project Manager referred to the cut over as a "non-event". In other words, the migration went smoothly, according to plan, with no unintended consequences. This bodes well for the remaining 100+ conversions.

If you wish to protect your "dirty laundry" or more valuable assets from "nosy neighbors", you are encouraged to use UB_Secure while accessing the wireless network. UB_Secure is UB's response to the inherent insecurities associated with open airwaves. This new offering encrypts all traffic including your UBITName and password between your device and the wireless access point (the campus network).

For device configuration instructions, refer to http://ubit.buffalo.edu/ubwireless/.

Effective 05/27/09, OSS will offer enhanced emergency dialing to all VoIP customers in partnership with University Police. Emergency calls are directed to the nearest responder. The system will deliver room and building location granularity and is designed to support callback functionality. If phones are moved to/from a different room and building, location information is automatically updated.

For emergency dialing instructions please refer to http://voip.buffalo.edu/dialingPlan2.html.

The REN-ISAC [1.1] in partnership with the Internet2 SALSA CSI2 [1.2]
working group has identified clear benefit in the sharing and
correlation of security event data among
institutions and organizations participating in a trusted information
sharing community. Correlation on a large base of data from across a
community would identify sources,
characteristics, and trends of threat. Data sharing, conducted in real-
time, in standard automated formats, would provide protection from
identified and emerging threats.
Development of a Security Event System is proposed to meet these
objectives.

In this context, "event data" is data derived from collectors
distributed throughout the participating member networks. Collectors
include, but are not limited to, intrusion
detection system logs, firewall logs, application logs such as dns,
httpd and sshd, darknet sensors, spam filters, etc. Raw event data is
low-level information, such as IP addresses, source and destination
ports, domain name requests, access control identifiers, e-mail
addresses, etc. Event data can be filtered at the owning-institution
to SES-share only, that which is relevant for community protection and
response, and to protect privacy. In the SES context "event" data is
differentiated from "incident" information, in that incident
information is a higher-level and broader aggregation of information,
including event data, which is used to initiate, facilitate, and track
actions of response to an actual or attempted security breach.

This system will extensively take advantage of RFC4765 [1.3], the
Intrusion Detection Message Exchange Format (“IDMEF”) and RFC 5070
[1.4], The Incident Object Description Exchange Format ("IODEF").
This system will also provide a framework for generating key metrics
and predictive statistics derived from the datasets being warehoused.
Currently most security event handling is communicated via non-
standard taxonomies and verbose written language. The ultimate goal of
this project is to create a framework where common business process,
workflow, standardization practices and automation can be applied to
ad-hoc global security communities and their variety of taxonomies/
standards.

This project gears to apply existing IETF standards to this process in
an effort to move vetted information through global communities within
minutes rather than days (if the information moves at all). As this
project has progressed into 2009, there has been clear interest from
the global community in utilizing this framework to advance our
strategic ability to identify, prioritize and mitigate network threats
on that [global] stage. This project will be moving into a pilot stage
mid-summer 2009.

1.1 http://www.ren-isac.net
1.2 http://security.internet2.edu/csi2
1.3 http://www.ietf.org/rfc/rfc4765.txt
1.4 http://www.ietf.org/rfc/rfc5070.txt
1.5 http://tinyurl.com/cst8fj -- Educause Presentation, Security
Professionals 2009

For more information: Contact Wesley Young, Network Security Analyst, wcyoung@buffalo.edu.

Faculty, staff and students at the University at Buffalo have reported an increase in the number of unsolicited calls to campus phones across all phone systems. This is not unique to UB as unsolicited automated calls are prevalent at other university campuses country-wide. For those employees just receiving a direct dial line for the first time, e.g. a new VoIP phone, these calls are a new source of irritation.

The National Do Not Call Registry allows for residential and individual cell phones to be registered in a do-not-call database. Students residing in residential campus housing can access the National Do Not Call Registry (http://www.ftc.gov/bcp/edu/microsites/donotcall/index.html) to register their campus residence hall telephone numbers to minimize the number of solicitation calls they receive.

Unfortunately, the National Do Not Call Registry is only for personal phone numbers. University business calls and faxes are not allowed to be listed in the registry. However, individual companies that conduct telemarketing are required to keep their own do-not-call lists. Faculty and staff can request solicitors place their university phone number on these company lists.

Additional information can be found at: http://www.ftc.gov/bcp/edu/microsites/donotcall/index.html

It has been 10 years since the current network backbone was built. UB10G refers to UB's next generation network backbone; a 10 Gigabit ethernet backbone in the core with 1 Gigabit ethernet dual attached links to every building. Now that 1GB is almost ubiquitously available at the network's edge, the current 1GB backbone is destined to become a bottleneck. The planned bandwidth upgrade represents a 10X capacity increase. With the emergence of VoIP and other applications that are dependent on the network, up time has become more critical. Dual attached building links introduce another layer of redundancy that is missing today. Upon completion of this upgrade, the backbone will deliver greater throughout and improved reliability. New hardware has already been purchased and a schedule is under construction. The upgrade is expected to take several months to complete. Stay tuned for further developments.

At the end of this month, OSS will bid farewell to two respected colleagues, Jacqueline Wilson and Frederick Wood. Jackie is departing UB after 39 years of professional service. Jackie’s arrival at Ridge Lee predated the presence of the Computing Center on the north campus. Jackie started as a key puncher back in the day when students actually stood in line to register for classes. Jackie’s duties have changed over time and today she helps manage CIT’s assets. Fred is leaving UB after 24 years of professional service. Fred initially served as Telecommunications Director in Crofts Hall when telephony was considered a business application. After CIT reorganized in the early 1990’s, Fred joined OSS. Fred has witnessed a lot of transformation in his years here at UB. At one point in time, the Telecommunications Office had the distinction of operating the only fax machine on campus. The introduction of fax servers have spawned their proliferation on campus and revolutionized how fax delivery is done. Throughout their careers, Jackie and Fred have been committed to serving the greater UB community. Jackie has been actively involved with past SEFA campaigns. Fred will be remembered best for his pioneering contributions with respect to the development of the regional fiber network. Jackie and Fred share the opinion that the people at UB are what made their employment so enjoyable. The privilege of working with both of you has been ours.

Congratulation Jackie and Fred! Best wishes on your retirement.