Appendix 1 - Roadmap for IT Infrastructure Development (FY 10/11)
This Appendix details the work programmes required over a two year planning horizon to meet the aspirations of
the ICT strategy. The planning horizon includes the current financial year and the two following financial years.
Appendix 2 provides a history of previous work programmes.
Note that in the summary tables for each year, items that currently do not have funding allocated are highlighted
in italics.
Roadmap 2009/10 Outcome
Project requests
to IPSC (09/10)
Head Count
Staff
Allocation
Funding Source
Enhance Networks Network Team 1.0 FTE
in University
10FTE
Buildings
Priority
1=high,
2=Med,
3=Low
Time
Estimate
Funding
Requested
Funding
Allocated
Start Date
End Date
(4) IPSC
3 Months
£50,000
£0
01/05/2010
Not Funded 2
Network
segmentation
Network/
Security
8FTE
1.0 FTE
(3)
IPSC
4 Months
£50,000
£0
01/05/2010
Not Funded 2
Flexible Access
Network Team 2.0 FTE
10FTE
(6)
IPSC
4 Months
£50,000
£0
01/04/2010
Not Funded 2
Directory
Integration
Novell Team
2FTE
1 FTE
(2) IPSC
6 Months
£25,000
£0
01/11/2010
Not Funded 2
Service
Sustainability
All teams
28FTE
2.5 FTE
(6)
IPSC
5 Months
£50,000
£0
01/05/2010
Not Funded 1
DR/BC
enhancements
All teams
28FTE
3.0 FTE
IPSC
6 Months
£100,000
£0
01/05/2010
Not Funded 1
SSD and CSCE
remote access
All teams
1.0 FTE
IPSC
6 Months
£50,000
£0
01/01/2010
Not Funded 2
28FTE
(6)
Student clusters
Admin/Novel/ 0.33 FTE
DST/DTT/TIG (1)
4FTE
IPSC
4 Months
£500,000
£305,000
01/04/2010
Complete
WEB 2.0
Developments
CS/MIS/TRG
IPSC
6 Months
£15,000
£0
01/11/2009
Not Funded 2
Software
Licensing
DST
IPSC
6 Months
£10,000
£0
01/102010
Not Funded 2
IT Staff Training
Admin/Help
0.1 FTE
Desk/Training
4FTE
1 Month
£50,000
£0
01/05/2010
Not Funded 2
Teaching space
upgrades
MCU
2FTE
3 Months
£80,000
£0
15/07/10
Not Funded 1
(8)
(6)
Investment
(6)
2.5 FTE
1
(5)
1.0
(2)
Staff
Resource
17.43FTE
(1) IPSC
IPSC
Cost
Cost
Capitalised Revenue
Cost
Consumables
£305,000
Roadmap 2010/11
The items for 2010/11 have been extended and modified to take account of new strategic priorities and the
opportunities presented by changes in the external environment and funding
Enhancement of Building Networking Infrastructure – Status Ongoing
Continue to improve the network infrastructure within University buildings through the replacement
of ageing equipment.
It is expected that much of the requirements for 2010/11 will be incorporated within the Telephony
replacement project Network provisioning requirements.
Benefits
Dedicated bandwidth to the desktop, particularly for researchers, and specialised research facilities
and enhanced Network security, quality of service and management tools (Ref. Information Strategy
Universal Access Working Group, e-Science and the Grid working group, University Strategic Plan
1.6.3).
Risks
Users experience poor network and applications performance. Ageing equipment leading to
increased failure rates and Network downtime. Inadequate network management and security
capabilities requiring more staff effort to maintain service levels
Network Segmentation (continued) – Status Ongoing
Continue to implement Network segmentation to limit the exposure of key services and provide
inherent containment measures against hacking, viruses, worms etc. (Ref. Information Strategy
Information Systems Security Working Group and Universal Access Working Group; University
Strategic Plan 3.3.5)
Benefits
Reduce key systems exposure and provide inherent containment measures against hacking, viruses,
worms etc. (Ref. Information Strategy Information Systems Security Working Group and Universal
Access Working Group; University Strategic Plan 3.3.5)
Risks
High risk of systems compromise, virus and worm propagation leading to potential loss of
confidentiality, integrity and availability of the University’s information assets. Significant staff
resources required for handling security incidents.
Directory Integration – Status ongoing
Continue to develop the infrastructure that will provide secure authentication and authorised access
to IT resources for the individuals who are entitled to use them. Priorities for this year will include

Guest account management system improvements for approved visitors and guests e.g.,
conference delegates, visiting academics etc. Ongoing

Maintain Active Directory populated staff and student accounts serviced via the Identity
Vault including password self service

Additional Federated authentication services against central directories to promote
GUID adoption. TRG to oversee.

JISC sponsored ‘Shibboleth’ federated services and Public Key Infrastructure ‘PKI’
investigations - Ongoing
(Ref. Information Strategy Authentication and Access Control Working Group; University Strategic
Plan 3.3.4)
Benefits
Comprehensive Identity management system enabling a variety of current and future developments
including CSCE, SSD, SSO, Shibboleth realms, Virtual organisations, portal developments and
unified messaging including IP telephony
Risks
Poor or limited Identity management provisions will result in:

Increased security incidents and staff efforts to resolve

Proliferation of different authentication domains and systems
Leading to

Duplicated staff efforts and in-ability for staff in one authentication domain to access
resources out with their domain

In ability for the University to fully participate in national initiatives e.g., Athens realm, EScience collaborations and cross institutional federated services
2
National Middleware Initiatives – Dependant on Directory Integration
Continue to implement and support the JISC framework for ‘national’ middleware services based on
the open source, open standards Shibboleth framework, which is designed to integrate with
institutional directories.
Benefits
Provide robust authentication and authorisation services for staff and student access to institutional
services and also datasets and other sources of electronic information, which are held externally. It is
intended that the X.509 certificates used by Grid middleware will be integrated into the national
middleware initiative. Whilst HEFCE have allocated £3.2M for the rollout of Shibboleth in England,
SHEFC have not indicated, as yet, that there will be commensurate financial commitment for
Scotland. Progress to date includes the Athens replacement authentication system now being used by
the Library, the Janet roaming service and Eduroam
Risks
Failure to participate in National developments will isolate the University and make it more difficult
to for the University to participate in future collaborative projects including GRID/e-science research
projects.
Serviced Desktop for Staff and Students – Status ongoing
Continue to develop and actively promote solutions for desktop systems management and security.
This area was considered a significant concern in various information security audits carried out by
Delloite’s.
Priorities for this year include;

Promoting Standard Staff Desktop (SSD) version 7 based on Windows 7 a

CSCE/SSD migration from Novell based file and print services to Active Directory (AD)
managed servers.

Augment on campus SSD and CSCE services with a remote access service allowing staff
and students to access their managed desktop environment from off campus or via the
Flexaccess network.
Benefits
Improve security, productivity and reduce IT support overheads so that some resources can be
redeployed to value added activities at the faculty/departmental level (Ref Information Strategy
Working Group Common Baselines and Delivery Platforms; University Strategic Plan 3.3.4)
Risks
SSD stagnation would result in poor uptake, increased security incidents and duplicated IT staff
effort
Flexible Access Provision – Status ongoing
Continue to develop flexible access solutions.
Priorities for this year include replacing end of life access points and provisioning work for the
Telephony replacement Wifi requirements.
Benefits
Allow staff, students and authorised visitors to use their own personal systems to access IT resources
from a consistent, secure and reliable network infrastructure. (Ref. Information Strategy Universal
Access Working Group; University Strategic Plan 3.3.4)
Risks
Ad hoc solutions will result in increased security incidents, inconsistent solutions across campus,
duplicated efforts, confusion amongst users and higher capital and support costs
Service Sustainability – Status ongoing
Priorities for this year include Server virtualisation via Blade systems and VMware/Hyper-V
solutions.
Benefits
Service sustainability is about designing and improving services to ensure that they are:

Robust and resilient

Scale to meet user demand and legitimate expectations over time

Provide continued high performance, availability and reliability

Provide service assurance metrics that indicate when improvements, upgrades and
replacements are required. This implies that suitable funding is made available for server
upgrades and replacements. This would be analogous to the agreed workstation four-year
replacement cycle.

Are supportable and secure
Designing sustainable services will require a higher initial investment however the expectation is that
over the lifetime of the service the benefits in terms of the service levels provided will be greater and
overall costs in terms of management and other support costs will be less. All too often services
evolve from a basic level supporting a few users to a critical mass with many watersheds along the
way that require significant support efforts, service downtime for upgrades and user dissatisfaction
during periods of poor service performance. The IS and ICT strategies provide a framework for a
new approach to service delivery and continuity. (Ref Information/Continuity Security Working
groups).
3
Risks

Increased frequency of Systems and Applications failures

Poor applications performance
Leading to

User dissatisfaction

Poor business continuity and disaster recovery capabilities

Increased support load on systems teams

In ability to introduce new productivity features and other service enhancements
Improve e-Science support Network – Status Ongoing
Build on existing relationships between the National e-Science centre, e-Science researchers, GRID
computing systems administrators and other GRID support personnel to establish an e-Science
support team.
No financial priorities for this year.
Benefits
Significant co-ordinated support network for GRID computing at the University
Risks
Disjointed approach to GRID/E-science computing, resulting in duplicated efforts amongst support
staff and a loss of prestige in the e-science research community
Implement Disaster recovery and Business continuity solutions for Core infrastructure services
Continue to review Disaster Recovery and Business Continuity plans for all Core services. Update
and amend operational procedures and roles and responsibilities as appropriate. Expand the Boyd
ORR building DR site to include systems that will provide DR and BC solutions for critical services
as per DR/BC plans (Ref Information security/continuity working groups). Additional priorities for
this year include;

Air Conditioning upgrades within the James Watt North server and communications rooms

Improvements in UPS protection at our Core campus Router sites, e.g., Garscube,
Hetherington, Library, Kelvin, and Anderson College.
Benefits
Ensure core services continue to operate at acceptable levels during disaster situations affecting core
sites or major hardware or network failures. Significant expansion of Standard Staff Desktop
deployments and the exchange e-mail service will protect user file store and e-mail folders against
local system failures. Expanding the central backup capabilities will allow IT services to provide an
enhanced back up service for faculty and other units critical data.
Risks
Prolonged failure of core services or data loss will seriously impact the University’s ability to
conduct business and fulfil its legal and statutory duties with respect to information processes.
Lifecycle Replacement and Enhancement of Student Clusters – Target summer 2007
Continue to replace workstations that have passed their useful life (5 years and over).
Benefits
To ensure that reliable and modern workstations are available for student use and to improve the
workstation to student ratio. (Ref. Information Strategy Provision of on-Campus Student C&IT
Facilities Working Group; University Strategic Plan 3.3.6)
Risks
Increased failure rates on cluster systems would lead to higher support costs and increasing
complaints from students re IT facilities. Unreliable and or slow workstations could cause difficulties
for students to deliver assignments on time. Poor ratings in HE surveys
IP Telephony – Status ongoing
Priorities for this year are to complete the Telephony replacement tender process and depending on
the outcome agreed by IPSC commence implementing the new Telephony system.
Benefits
Assess the potential benefits and problems associated with a move from traditional PABX solutions
to IP telephony (Ref CS/E&B/Telecomm Committee joint project). Advise IPSC and the Project
board on the Network provisioning requirements and local staff support costs associated with IP
telephony solutions.
Risks
Inability to provide advice on telephony strategy and its likely impact on core services including
infrastructure and support
4
Review File store and Server consolidation strategy
Continue to measure the effects of the current file store consolidation and server consolidation
strategies.
Priorities for this year include migration from expensive SAN storage to more appropriate platforms
by implementing a tiered storage strategy with Tier 1 (SAN-Fibre Channel)), Tier 2 (SAN/DASSATA) and Tier 3 (Cloud storage).
Benefits
Quantify the benefits obtained from a centralised file store and server consolidation strategy and
propose future strategic direction.
Risks
In appropriate strategic direction leading to higher cost for core service deployments
IT Staff Training
Continue to implement the TRG working group recommendations on training for IT support staff.
Benefits
The benefits would be improved skill sets, IT staff morale and productivity
Risks
IT support staff expected to perform technical, sensitive and critical functions without proper training
and staff development
Review of Computer room provisions on campus – Status Ongoing
Server and file store consolidation, Service sustainability and HPC cluster provisions are placing
heavy demands on existing computer room facilities including space, floor loadings, electrical
provision/protection and air conditioning/handling. It is important to continue to review existing
provisions to determine whether or not University strategies with respect to Disaster recovery,
Business continuity, service sustainability and e-Science are likely to be compromised by inadequate
computer room provision. Priorities for this year include improvements to the Air conditioning
provisions within the James Watt north Server and Communications rooms.
Benefits
Determine whether or not University strategies with respect to Disaster recovery, Business
continuity, service sustainability and e-Science are likely to be compromised by inadequate computer
room provision.
Risks
Poor computer room accommodation will result in significant risks to a progressive IT strategy and
business continuity/disaster recovery planning.
Unified communications review
Investigate and propose strategic solutions for end user access to integrated e-mail, diary
management, telephony, fax, IM, document and applications sharing and other forms of personal
communications.
Priorities for this year include integrating a number of current projects to provide a true Unified
communications environment.
Benefits
Unified communications will provide a more productive end-user communications environment and
allow users to more quickly find and communicate with the people they need to
Risks
Poor or badly integrated personal communications systems will frustrate users and lead to more time
being spent managing communications channels and communications content
Portal Services
Continue to develop comprehensive Portal services for Staff and Students, based on SharePoint, and
align with other infrastructure developments including SSO/Identity management, SLP, SSD and
CSCE developments.
Benefits
Student portal services will be important to the student laptop scheme and would integrate WEB
based student resources including Moodle, WebSurf, ExamSurf, e-mail, file store and print services
Staff portal services would provide simplified access to web based resources including e-mail, diary
management and other collaboration tools e.g., Desk Top conferencing, instant messaging, Wikis,
Blogs and IP telephony
Risks
No portal services will make it hard to integrate, in a consistent way, the web based services that are
being used or likely to be used to front end core applications. Poor or badly integrated Portal services
will frustrate users and reduce the effectiveness of web-based applications.
5
WEB 2 developments
Continue to investigate the role of Web2.0/3.0 technologies in the delivery of IT solutions.
Specific outcomes for this year will focus on Blogs, Wikis, portal (webparts) and integration with
other collaboration tools especially the SharePoint Portal and the wikis.gla.ac.uk service
Benefits
Developments in Web technologies are likely to provide a greater choice in the way IT applications
are deployed and supported. It is therefore desirable for the University to be made aware of these
developments and any measurable benefits that may impact the University’s ICT strategy. Areas of
particular interest would be social networking and collaboration tools, Software as a service
paradigm, Virtual desktops and a variety of productivity tools based on Rich Internet/Interactive
Applications (RIAs) e.g., special purpose widgets, gadgets and sidebars.
Risks
Failure to realise the full potential and cost savings associated with Web technology developments
Teaching Space Improvements – Status ongoing
Continue to improve IT and A/V provisions within all centrally supported Teaching Space (TS) in
accordance with the proposed Teaching Space strategy and associated roadmap.
Priorities for this year include the replacement of old projectors and commissioning the remote
diagnostic and management systems.
Benefits

(within available budgets) Ensure that Teaching Space facilities are kept up-to-date with
respect to technology and reasonable expectations

Ensure that Teaching Space support is fully co-ordinated across all relevant service
boundaries and measured against agreed performance indicators
Risks

Teaching Space IT and A/V facilities remain inconsistent between venues and difficult to use

Teaching Space support remains uncoordinated and inefficient

Poor Teaching Space provisioning and support leading to significant user dissatisfaction
Review of Student e-mail provision
The focus for this year will be to support and review the Microsoft Exchange based student e-mail
and calendaring solution, which is now established as a core infrastructure service.
Benefits
The Student e-mail service is embedded as a pivotal service within the University’s Student IT
provisions. Most out of band communications between University departments and the Student
population occurs via e-mail and indeed it is viewed as a critical means of communications for
important alerts such as exam reminders, assessment reminders, tutorial and lecture changes etc. Our
student e-mail provision should provide the following:

High Performance and sufficient mail box size

User friendly interface and functionality including spell checking, address books and diary
management

Integration with other student IT facilities e.g., VLE, SRIP, Portal etc
Risks
Failure to address future Student e-mail provisions will result in the following:

Deterioration of existing service

Potential inability to deliver important messages when needed

User dissatisfaction leading to ad-hoc uncontrolled solutions
Software Licence Policy Management – Status ongoing
Review the implementation of the software licence policy management project.
Specific objectives for this year will be the continued role out of the auditing tool, based on
Microsoft’s Systems Centre Configuration Manager, to all SSD and CSCE desktops and establish a
robust auditing and reporting process.
Benefits
Reduce the University’s exposure to the risk of litigation due to software copyright infringements.
(Ref. Implementation of Software Licensing Policy approved by Court)
Risks
Copyright infringements resulting in significant staff time to resolve and potential legal actions
against the University
6
ClydeNET development – Status ongoing
Continue implementing the ClydeNET upgrade programme in line with the ClydeNET five year
upgrade plan (Ref ClydeNET’s Five year plan, UKERNA Guidelines for allocation of SuperJANET
funds to Regional Networks in Scotland)
Benefits
Take advantage of significant capital expenditure by the SFC to enhance the ClydeNET metropolitan
area network data communications and Networking infrastructure in-line with SJ5 developments.
This will be pivotal to the University’s external communications requirements and e-Science
research aspirations. (Ref ClydeNET’s Five year plan, UKERNA Guidelines for allocation of
SuperJANET funds to Regional Networks in Scotland)
Risks

Failure to take advantage of significant funding streams

Failure to maintain the University’ prestigious position within ClydeNET

Failure to deliver the external Network services required by the University
Projected Costs for 2010/11 – All Priorities.
Activity
Cost
Cost
Cost
Source
Priority
Capitalised
Revenue
Consumables
Enhance Networks in
University Buildings
£50,000
£12,500
University
2
Network
segmentation
£50,000
£12,500
University
2
Flexible Access
£50,000
£12,500
University
2
Directory Integration
£25,000
£6,250
University
2
Service
Sustainability
£80,,000
£20,000
University
1
Disaster
recovery/Business
continuity including
AC upgrades*
£250,,000
£62,500
University
1*
1=high,
2=Med,
3=Low
Student clusters
£200,000
University
1
WEB 2.0
Developments
£15,000
University
2
University
2
University
2
University
1
Software Licensing
£10,000
£2,500
IT Staff Training
£50,000
Teaching space
upgrades
£100,000
£25,000
Totals
£615,000
£153,750
Funds Requested
£265,000
Revenue Plus £418,750
Consumables
* Air Conditioning (AC) upgrades are budgetary estimates and implementation should be handled via E&B.
Projected Costs for 2010/11 – Priority One elements only
Activity
Cost
Cost
Cost
Capitalised
Revenue
Consumables
Service
Sustainability –
Server rooms
£80,000
£20,000
University
1
Disaster
recovery/Business
continuity
£250,000
£62,500
University
1
University
1
University
1
£200,000
Student clusters
Teaching space
upgrades
£100,000
£25,000
Totals
£430,000
£107,500
Funds Requested
Source
1=high,
2=Med,
3=Low
£200,000
Revenue Plus £307,500
Consumables
7
Priority
Project requests
to IPSC (10/11)
Head Count
Staff
Allocation
Enhance Networks Network Team 1.0 FTE
in University
10FTE
Buildings
Time
Estimate
Funding
Requested
Funding
Allocated
Start Date
End Date
Priority
1=high,
2=Med,
3=Low
(4) IPSC
5 Months
£50,000
£0
01/05/2011
30/09/2011
2
Funding Source
Network
segmentation
Network/
Security
8FTE
1.0 FTE
(3)
IPSC
5 Months
£50,000
£0
01/05/2011
30/09/2011
2
Flexible Access
Network Team 2.0 FTE
10FTE
(6)
IPSC
5 Months
£50,000
£0
01/06/2011
31/10/2011
2
Directory
Integration
Novell Team
2FTE
1.0 FTE
(2)
IPSC
7 Months
£25,000
£0
01/03/2011
30/09/2011 2
Service
Sustainability
All teams
1.0 FTE
(6)
IPSC
6 Months
£80,000
£0
01/05/2011
28/10/2011
1
All teams and 2.5 FTE
IPSC
6 Months
£250,000
£0
01/04/2011
30/09/2011
1
28FTE
DR/BC
enhancements
E&B
(6)
Student clusters
Admin/Novel/ 0.33 FTE
DST/DTT/TIG (1)
4FTE
IPSC
4 Months
£200,000
TBC
01/04/2011
28/07/2011
1
WEB 2.0
Developments
CS/MIS/TRG
IPSC
6 Months
£15,000
£0
01/04/2011
30/09/2011
3
IPSC
6 Months
£10,000
£0
01/04/2011
30/09/2011
2
2 Month
£50,000
£0
01/05/2011
30/06/2011
2
3 Months
£80,000
£0
15/07/2011
15/09/2011
1
0.5 FTE
(5)
Software
Licensing
DST
IT Staff Training
Admin/Help
0.1 FTE
Desk/Training
4FTE
Teaching space
upgrades
MCU
2FTE
(8)
(6)
Investment
1.0
(2)
(1) IPSC
IPSC
Cost
Consumables
Staff
Resource
Cost
Cost
Capitalised Revenue
12.43FTE
£615,000 £153,750 £265,000
8
Projects Funded
Externally
Head Count
Staff
Allocation
Implement
ClydeNET’s Fiveyear Plan
Network
Team 10FTE
1.0 FTE
Investment
1.0 FTE
Project - Other
Head Count
road map projects
with staff
commitments
Staff
Allocation
National
middleware
initiatives
(Shibboleth)
Novell/Server/ 0.5 FTE
MIS/E-science (5)
5FTE
Funding Source
(6) SFC/ UKERNA
Time
Estimate
Funding
Allocated
Start Date
End Date
Priority
1=high,
2=Med,
3=Low
Ongoing
Period 08/09
£100,000
01/03/2011
28/06/2011
1
Tender
complete Ordered
£100,000
Start Date
End Date
Priority
1=high,
2=Med,
3=Low
Funding Source
Time
Estimate
Cost
IT Services
Ongoing
N/A
1
Serviced Desktop Novell/DST/
for Staff and
Server
Students
9FTE
4.0 FTE
(9)
CS
Ongoing
N/A
1
Improve e-Science Server Team
support Network 2FTE
1.0 FTE
(2)
CS
Ongoing
N/A
2
IP Telephony
3.0 FTE
(8)
CS
Ongoing
N/A
1
CS
1 Month
N/A
1
MCU/MIS
2.5 FTE
Continue to review Server/
0.25 FTE
file store and
Netware 3FTE (3)
server
consolidation
strategy
Investment
8.75 FTE
Totals
22.18 FTE
9
Appendix 2 – TRG short life working group reports
The following TRG reports have been produced
Report on Professional Development of Distributed IT Support Staff
Report on Software Audit Tool
Report on Student Clusters
Report on Patch Management
Report on Platform Flexibility
Report on Multimedia Communications
Future TRG reports may include
Review of file store and server consolidation strategy
Review of Computer room provisions
Report on E-mail, Diary Management and unified messaging direction
Report on Domain Name Service and IP address management direction
Report on Apple OSX requirements and support
Report on Linux requirements and support
Report on Open Source Software solutions
Report on Authentication and Authorisation services on campus and with other Institutions
Report on Network and Information systems security
Report on e-Science support
Report on Flexible access provisions for teaching, research and administration support
Report on Web2.0/3.0 and the potential impact on the University’s ICT strategy, IT support and the services and
applications that would be relevant to the University’s IT user base
10
Appendix 3 – ICT Infrastructure Policies
This Appendix provides links to the relevant ICT Infrastructure Policies that support the ICT infrastructure
strategy.
Core Infrastructure Policies
Connection Policy for connecting systems to the University’s campus network
Universal Access Policy for the provision of Universal access to the University’s Information Technology
resources
Wireless LAN Policy for wireless network deployments
Core Services Policies
Incident Handling Policy for handling security incidents and breaches of information security policies
Monitoring Policy for network and systems monitoring
Bastion Host Policy for the configuration, ongoing security and management of servers
Sys & Net Admin Guidelines for system and network administrators
Password Policy - for creating and maintaining strong passwords
11
Appendix 4 – Roadmap History
This Appendix details the work programmes for previous years. Where entries appear in successive years this will
be due to one of the following:

The work programme was not funded and has been rolled over
Or

The work programme requires more than one year to complete
Roadmap 2003/04
The items for 2003/04 were early responses to the Information Strategy work of 2002/03 and external influences.
Resilience in JANET Access – Status complete
Implementation of second access point to the SuperJANET academic network to mitigate the loss of
the primary connection (Ref. Information Strategy Resilience and Business Continuity Working
Group, mitigation of single point of failure; University Strategic Plan 1.6.3)
Network Segmentation – Status ongoing
Begin implementing Network segmentation to limit the exposure of key services and provide
inherent containment measures against hacking, viruses, worms etc. (Ref. Information Strategy
Information Systems Security Working Group and Universal Access Working Group; University
Strategic Plan 3.3.5)
Information Systems Security – Status complete
Establish a University Information Security Team to spearhead the implementation of an Information
Security Management System to protect individual and University information assets (Ref.
Information Strategy Information Systems Security Working Group; University Strategic Plan 3.3.5)
Yearly Lifecycle Replacement and Enhancement of Student Clusters – Status complete
Replace workstations that have passed their useful life (over 4 years old) to ensure that reliable, up to
date workstations are available and to improve the workstation to student ratio. (Ref. Information
Strategy Provision of on-Campus Student C&IT Facilities Working Group; University Strategic Plan
3.3.6)
Directory Integration – Status ongoing
Provide the infrastructure to enable secure authentication for access to each of the services that
individuals are entitled to use e.g. portals, VLE, content management systems, information resources,
e-mail, the network, etc. (Ref. Information Strategy Authentication and Access Control Working
Group; University Strategic Plan 3.3.4)
Enhancement of Networking for Researchers – Status ongoing
Improve the network infrastructure for researchers to provide dedicated bandwidth to the desktop and
to specialist research facilities. (Ref Information Strategy Working Group e-Science and the Grid;
University Strategic Plan 1.6.3)
Software Licence Policy Management – Status ongoing
Investigate and propose solutions to demonstrate university wide compliance with software licensing
policy (Ref. Implementation of Software Licensing Policy approved by Court)
Summary of Costs for 2003/04
Activity
Cost
Source
Status
JANET Access resilience
£143.5K
SRIF-2
Complete
Information Systems
Security
2 posts
University
Complete
Student clusters
£500K
University
Complete
Networking for researchers
£100K
SRIF
Complete
12
Roadmap 2004/05
The items for 2004/05 represented the priorities articulated by a wide range of constituencies in the University
and address many of the recommendation of Information Strategy working groups.
Implementation of SAN – Status ongoing
Procure a scalable network storage facility to consolidate file store and provide efficient and effective
data management including reliable backup (Ref. Technology Review Working Group; University
Strategic Plan 1.6.3)
Implementation of HPC Cluster – Status complete
Provision of a generic high performance computing facility to augment other more specialised
systems in the University and enable smaller groups to enter the e-research field. (Ref Information
Strategy Working Group e-Science and the Grid; University Strategic Plan 1.6.3)
Enhancement of Networking for Researchers – Status ongoing
Continue to improve the network infrastructure for researchers to provide dedicated bandwidth to the
desktop and to specialist research facilities. (Ref Information Strategy Working Group e-Science and
the Grid; University Strategic Plan 1.6.3)
Network Segmentation – Status ongoing
Continue to implement Network segmentation to limit the exposure of key services and provide
inherent containment measures against hacking, viruses, worms etc. (Ref. Information Strategy
Information Systems Security Working Group and Universal Access Working Group; University
Strategic Plan 3.3.5)
IP Only Network – Status ongoing
Work with the community to phase out proprietary network protocols in order to reap the benefits of
high-speed routing services. (Ref. Information Strategy Universal Access Working Group;
University Strategic Plan 3.3.4)
Platform Flexibility – Status ongoing
Enable faculties and departments to connect any devices to the Campus network that meet minimum
University requirements for technology, security and authentication in order to meet their specific IT
requirements (Ref University Strategic Plan 3.3.6).
Location Independent Networking (LIN) – Status Complete
Computing Service was awarded funds by UKERNA to participate in a national trial of location
independent networking (LIN). The trial. LIN is a co-operative initiative amongst the academic
community with the aim of enabling staff visiting a participating institution to make use of the
networking facilities there to gain access to services and facilities at Glasgow e.g. e-mail.
IT Staff Development – Status complete
TRG will establish a working group to investigate professional development of IT support staff and
make recommendations (Ref University Strategic Plan 4.3.2, 4.3.3)
Active Directory – Status complete
Implement a Campus wide Microsoft Active Directory service to improve the serviced desktop and
Microsoft server environments (Ref. Information Strategy Authentication and Access Control
Working Group; University Strategic Plan 3.3.4)
Directory Integration – Status ongoing
Continue to provide the infrastructure to enable secure authentication for access to each of the
services that individuals are entitled to use. (Ref. Information Strategy Authentication and Access
Control Working Group; University Strategic Plan 3.3.4)
Serviced Desktop for Staff and Students – Status ongoing
Continue to develop solutions for desktop system management that will improve security,
productivity and reduce the support overheads so that some resources can be redeployed to added
value activities at the faculty/departmental level (Ref Information Strategy Working Group Common
Baselines and Delivery Platforms; University Strategic Plan 3.3.4)
Flexible Access Provision – Status ongoing
Develop flexible access areas to allow staff, students and authorised visitors to use their own
personal systems to access IT services in accordance with the University Universal Access Policy
(Ref. Information Strategy Universal Access Working Group; University Strategic Plan 3.3.4)
Replacement of Proprietary Video-Conferencing Technology – Status ongoing
Build on the success of existing University provided video conferencing facilities by replacing
obsolescent and proprietary systems with industry standard equipment that provides compatibility
with the rest of the academic community. (Ref University Strategic Plan 3.3.6)
Software Licence Policy Management – Status ongoing
Implement the recommendations on software licence policy management to reduce the University’s
exposure to the risk of litigation. (Ref. Implementation of Software Licensing Policy approved by
Court)
Lifecycle Replacement and Enhancement of Student Clusters – Status complete
Continue to replace workstations that have passed their useful life (over 4 years old) to ensure that
reliable, up to date workstations are available and to improve the workstation to student ratio. (Ref.
Information Strategy Provision of on-Campus Student C&IT Facilities Working Group; University
Strategic Plan 3.3.6)
13
E-learning development
The Glasgow Environment for Learning (GEL), which is provided by ‘Moodle’ a public domain
VLE application, has been implemented on a number of dedicated servers for early adopters to
commence developing material for the start of session. GEL (Moodle) makes extensive use of the
pervasive (NDS) e-Directory service for authentication & authorisation. GEL will be further
developed to take account of feedback received.
IT Staff Training
The working group established by TRG to investigate training of IT support staff and make
recommendations has now reported. Its recommendations specifically focus on staff training and are
the subject of a separate paper to IPSC. Given the strength of feeling about this topic, failure to make
some provision for staff training would undoubtedly adversely impact morale.
Summary of Costs for 2004/05
Activity
Cost
Source
Status
Implementation of SAN & HPC cluster
£350K
SRIF 2
Complete
Location Independent Networking
£5K
UKERNA
Complete
Networking for researchers
£30K
SRIF 2
Complete
Student clusters
£500K
University
Complete
E-Learning development
£20K
University
Complete
Flexible access provision
£50K
University
Started – part funded 12k
Replace video conferencing kit
£200K
University
Started – funding 05/06
Directory Integration, Active Directory
£40K
University
Not Funded
Software licence policy management
£50K
University
Not Funded – TRG report
IT Staff Training
£50K
University
Not Funded
14
Roadmap 2005/06
The items for 2005/06 were extended and modified to take account of new strategic priorities and the
opportunities presented by changes in the external environment and funding
Enhancement of Building Networking Infrastructure – Status Ongoing
Continue to improve the network infrastructure within University buildings through the replacement
of ageing equipment.
Benefits
Dedicated bandwidth to the desktop, particularly for researchers, and specialised research facilities
and enhanced Network security, quality of service and management tools (Ref. Information Strategy
Universal Access Working Group, e-Science and the Grid working group, University Strategic Plan
1.6.3).
Risks
Users experience poor network and applications performance. Ageing equipment leading to
increased failure rates and Network downtime. Inadequate network management and security
capabilities requiring more staff effort to maintain service levels
Network Segmentation (continued) – Status Ongoing
Continue to implement Network segmentation to limit the exposure of key services and provide
inherent containment measures against hacking, viruses, worms etc. (Ref. Information Strategy
Information Systems Security Working Group and Universal Access Working Group; University
Strategic Plan 3.3.5)
Benefits
Reduce key systems exposure and provide inherent containment measures against hacking, viruses,
worms etc. (Ref. Information Strategy Information Systems Security Working Group and Universal
Access Working Group; University Strategic Plan 3.3.5)
Risks
High risk of systems compromise, virus and worm propagation leading to potential loss of
confidentiality, integrity and availability of the University’s information assets. Significant staff
resources required for handling security incidents.
IP Only Network – Target summer 2006
Work with the community to phase out proprietary network protocols and consolidate on the IP
protocol suite in-order to reap the benefits of high-speed routing services. (Ref. Information Strategy
Universal Access Working Group; University Strategic Plan 3.3.4)
Benefits
Reduce the number of protocols and the complexity of the campus backbone Routing and switching
infrastructure. This will deliver a more manageable and supportable infrastructure capable of being
upgraded inline with industry standards
Benefit from wire speed, ASIC based IP routing services and sophisticated command and control
features e.g., wire speed access controls, QoS, differentiated services, MPLS, network monitoring
and troubleshooting features. (Ref. Information Strategy Universal Access Working Group;
University Strategic Plan 3.3.4)
Risks
Legacy protocols dictate a lowest common denominator approach to future infrastructure
developments with increased capital, recurrent and support costs
Campus Backbone Network Upgrade – Target summer 2006
Replace backbone routing equipment.
Benefits
Provide increased bandwidth, via wire speed Routing services, to support more demanding
applications and enhance the security, quality of service and management capabilities of the campus
network, e.g., wire speed access controls, QoS, differentiated services, MPLS, network monitoring
and troubleshooting features (Ref. Information Strategy Universal Access Working Group;
University Strategic Plan 3.3.4)
Risks
Ageing router stock with limited performance, security and command and control features resulting
in a campus backbone that would not provide the infrastructure capable of supporting the
applications and services required to deliver the University’s IT strategy
Directory Integration – Status ongoing
Continue to develop the infrastructure that will provide secure authentication and authorised access
to IT resources for the individuals who are entitled to use them. New developments will include JISC
sponsored ‘Shiibboleth’ federated services and Public Key Infrastructure ‘PKI’ investigations. (Ref.
Information Strategy Authentication and Access Control Working Group; University Strategic Plan
3.3.4)
Benefits
Comprehensive Identity management system enabling a variety of current and future developments
including CSCE, SSD, SSO, Shibboleth realms, Virtual organisations, portal developments and
unified messaging including IP telephony
Risks
Poor or limited Identity management provisions will result in:

Increased security incidents and staff efforts to resolve

Proliferation of different authentication domains and systems
Leading to
15

Duplicated staff efforts and in-ability for staff in one authentication domain to access
resources out with their domain

In ability for the University to fully participate in national initiatives e.g., Athens realm,
E-Science collaborations and cross institutional federated services
Serviced Desktop for Staff and Students – Status ongoing
Continue to develop solutions for desktop system management.
Benefits
Improve security, productivity and reduce IT support overheads so that some resources can be
redeployed to value added activities at the faculty/departmental level (Ref Information Strategy
Working Group Common Baselines and Delivery Platforms; University Strategic Plan 3.3.4)
Risks
SSD stagnation would result in poor uptake, increased security incidents and duplicated IT staff
effort
Flexible Access Provision – Status ongoing
Continue to develop flexible access solutions.
Benefits
Allow staff, students and authorised visitors to use their own personal systems to access IT resources
from a consistent, secure and reliable network infrastructure. (Ref. Information Strategy Universal
Access Working Group; University Strategic Plan 3.3.4)
Risks
Ad hoc solutions will result in increased security incidents, inconsistent solutions across campus,
duplicated efforts, confusion amongst users and higher capital and support costs
Software Licence Policy Management – Status ongoing
Implement the recommendations on software licence policy management
Benefits
Reduce the University’s exposure to the risk of litigation due to software copyright infringements.
(Ref. Implementation of Software Licensing Policy approved by Court)
Risks
Copyright infringements resulting in significant staff time to resolve and potential legal actions
against the University
Replacement of Proprietary Video-Conferencing Technology – Status ongoing
Build on the success of existing University provided video conferencing and teaching facilities by
replacing obsolescent and proprietary systems with industry standard equipment that provides
compatibility with the rest of the academic community. (Ref University Strategic Plan 3.3.6)
Benefits
Upgrade to a scaleable and supportable solution that will support current and future requirements for
Video conferencing and Video teaching applications
Risks
Current system is e-o-l with depleted spares holdings; resulting in an eventual failure of the service
and the loss of remote teaching facilities to the Crichton campus and on campus Lecture theatres
Service Sustainability – Status ongoing
Benefits
Service sustainability is about designing and improving services to ensure that they are:

Robust and resilient

Scale to meet user demand and legitimate expectations over time

Provide continued high performance, availability and reliability

Provide service assurance metrics that indicate when improvements, upgrades and
replacements are required. This implies that suitable funding is made available for server
upgrades and replacements. This would be analogous to the agreed workstation four-year
replacement cycle.

Are supportable and secure
Designing sustainable services will require a higher initial investment however the expectation is that
over the lifetime of the service the benefits in terms of the service levels provided will be greater and
overall costs in terms of management and other support costs will be less. All to often services
evolve from a basic level supporting a few users to a critical mass with many watersheds along the
way that require significant support efforts, service downtime for upgrades and user dissatisfaction
during periods of poor service performance. The IS and ICT strategies provide a framework for a
new approach to service delivery and continuity. (Ref Information/Continuity Security Working
groups)
16
Risks

Increased frequency of Systems and Applications failures

Poor applications performance
Leading to

User dissatisfaction

Poor business continuity and disaster recovery capabilities

Increased support load on systems teams
Lifecycle Replacement and Enhancement of Student Clusters – Target summer 2006
Continue to replace workstations that have passed their useful life (5 years and over).
Benefits
To ensure that reliable and modern workstations are available for student use and to improve the
workstation to student ratio. (Ref. Information Strategy Provision of on-Campus Student C&IT
Facilities Working Group; University Strategic Plan 3.3.6)
Risks
Increasing failure rates on cluster systems leading to higher support costs and increasing complaints
from students re IT facilities. Potential difficulties for students to deliver assignments on time, due to
unreliable and slow workstations. Poor ratings in HE surveys
Patch Management Service
Implement the TRG working group recommendations on ‘Patch Management’ for Microsoft and
other operating systems and applications.
Benefits
Improved desktop and server security and a reduction in the staff effort required to deal with
compromised systems
Risks
System compromises with resultant risks to the confidentiality, integrity and availability of the
University’s information assets
IT Staff Training
Implement the TRG working group recommendations on training for IT support staff.
Benefits
The benefits would be improved skill sets, IT staff morale and productivity
Risks
IT support staff expected to perform technical, sensitive and critical functions without proper training
and staff development
Improve e-Science support Network – Status Ongoing
Build on existing relationships between the National e-Science centre, e-Science researchers, GRID
computing systems administrators and other GRID support personnel to establish an e-Science
support team.
Benefits
Significant co-ordinated support network for GRID computing at the University
Risks
Disjointed approach to GRID/E-science computing, resulting in duplicated efforts amongst support
staff and a loss of prestige in the e-science research community
IP Telephony Pilot – Status ongoing
Investigate and gain experience of IP telephony solutions.
Benefits
Assess the potential benefits and problems associated with a move from traditional PABX solutions
to IP telephony (Ref CS/E&B/Telecomm Committee joint project).
Risks
Inability to advise on future telephony strategy and its likely impact on core services including
infrastructure and support
Refine ClydeNETs Five-year Plan
Submit ClydeNETs five-year plan to the funding council to obtain funding to upgrade the ClydeNET
communications infrastructure in-line with SuperJANET 5 developments.
Benefits
This will be pivotal with respect to the University’s external communications requirements and eScience research aspirations. (Ref ClydeNETs Five year plan, UKERNA Guidelines for allocation of
SuperJANET funds to Regional Networks in Scotland)
Risks
Failure to take advantage of various funding streams, failure to maintain the University’ prestigious
position within ClydeNET and failure to deliver the external Network services required by the
University.
17
Summary of funding requests for 2005/06
Activity
Enhance
Buildings
Cost
Networks
in
Source
University £100K
University
Network segmentation
£100K
University
Campus backbone network upgrade
£410K
SRIF-3/LTIF
Service Sustainability
£100K
University
Video Conferencing replacement
£200K
LTIF
Flexible Access
£50K
University
Student clusters
£500K
University
Patch Management
£10K
University
Software licence policy management
£50K
University
IT Staff Training
£50K
University
Totals
University
Other
960K
610K
18
Outcome for 05/06
Activity - Funded via
IPSC
Head Count
Staff
Allocation
Service Sustainability All teams 28FTE 2.5 FTE
(6)
Priority
1=high,
2=Med,
3=Low
Funding
Source
Time
Estimate
Funding
Requested
Funding
Allocated
Start Date
End Date
IPSC
5 Months
£100,000
£88,000
01/05/2006
28/09/2006 1
Complete
Flexible Access
Network Team
10FTE
2 FTE
Student clusters
Admin/ Novel/
DST/TIG 4FTE
0.33 FTE
(1)
Enhance Networks in
University Buildings
Network Team
10 FTE
1.5 FTE
Network segmentation Networks/
1.66 FTE
(5)
£137,000
£118,000
01/08/2006
28/09/2006 1
(6) IPSC/
special
funding
4 Months
IPSC/
special
funding
4 Months
£500,000
£157,000
(6) IPSC
3 Months
£100,000
£0
1
IPSC
4 Months
£100,000
£0
1
Complete
10/06/2007
28/07/2006
Complete
Security
8FTE
Software licence policy Admin/ DST
management
4FTE
1 FTE
(2) IPSC
6 Months
£50,000
£0
2
IT Staff Training
0.1 FTE
(1) IPSC
1 Month
£50,000
£0
2
£1,037,000
£363,000
Admin/ Help
Desk/ Training
4FTE
4.83FTE
Investment
Activity Funded
Externally
Head Count
Staff
Allocation
Funding
Source
Time
Estimate
Patch Management
Security/
0.75 FTE
(2)
IT services
Server teams
3FTE
Enhance Networks in Network Team
University Buildings 10 FTE
1.5 FTE
(6) SRIF
Funding
Priority
1=high,
2=Med,
3=Low
Start Date
End Date
4.5 Months £12,000
15/12/2005
14/08/2006 1
Complete
3 Months
01/08/2006
31/10/2006 1
£100,000
Complete
Network
segmentation
Networks/Securi 0.8 FTE
ty 8 FTE
(4) SRIF
2.5 Months £50,000
01/08/2006
31/01/2007 1
Complete
Video Conferencing
replacement
Network Team
3FTE
0.5 FTE
Campus backbone
network upgrade
Deferred to 06/07
Network Team
10FTE
2.5 FTE
(6)
Investment
(3) LTIF/ SRIF
SRIF
2 Months
£200,000
5 Months
£450,000
3.55FTE
20/06/2005
15/09/2005 1
Complete
1
£362,000
Activity - other road
map projects with
staff commitments
Head Count
Staff
Allocation
Funding
Source
Time
Estimate
IP Only Network
Network Team
2FTE
0.25 FTE
(2)
CS
1.5 Months N/A
Directory Integration
Novell Team
2FTE
1 FTE
(2) CS
Ongoing
19
Cost
N/A
Priority
1=high,
2=Med,
3=Low
Start Date
End Date
01/05/2006
2
28/07/06
Complete
1
Serviced Desktop for
Staff and Students
Novell/ DST/
4 FTE
Server
9FTE (9)
CS
Ongoing
N/A
1
Improve e-Science
support Network
Server Team
2FTE
1 FTE
(2) CS
Ongoing
N/A
2
IP Telephony Pilot
Network Team
1FTE
0.25 FTE
(1)
CS
Ongoing
N/A
2
Refine ClydeNETs Admin 1FTE 0.25 FTE
Five-year Plan
(1)
CS
Ongoing
N/A
2
Investment
6.75FTE
Total FTE
commitment
15.13 FTE
Prepared by: Rolly Gilmour
Last modified on July 2007
20