ITS Service Changes
How Ongoing/Upcoming Upgrades May Affect You
Below is more detail about ongoing and upcoming changes to ITS services that are likely to impact you:
- Legacy UVA Cable TV Retirement
- Scan&Score System Retirement (May 31, 2017)
- Qualtrics Downtime Required for Portal Consolidation
- Analog Web Analysis Service Retirement
- Intel AMT Port Blocking
- ITS to Debut Value Storage
- Changes to Public LDAP Access
- Integrated System & NetBadge
- Service Portal for Requests Update
- CrashPlan Now Available
- Change Coming to ITS VPN Services' Connection Process
- Protection from Accessing Malicious Websites
- Upcoming Changes to UVA VPN Services
- ITS Statement on Support of macOS Sierra (OS X 10.12) at UVA
Legacy UVA Cable TV Retirement (June 30, 2017)
IPTV, Other Options Available
- Purpose: On June 30, 2017, ITS is retiring the legacy, standard definition UVA Cable TV service previously available for fee in certain UVA buildings (including Lawn Pavilions).
- Impact: No new activations are being accepted. Current customers have available several replacement services (IPTV, commercial online services like DirectTV and Sling TV, among others) and may request a demo of these services. Until June 30, 2017, ITS support for the legacy service is available via the UVA Help Desk.
Scan&Score System Retirement (May 31, 2017)
Printing & Copying Services Provides New Solution
- Purpose: On May 31, 2017, ITS will retire the web-based test scoring system known as Scan&Score. Several years ago, in looking at aging machines, unavailability of replacement parts, and costly maintenance fees, Information Security, Policy, & Records (ISPRO) approached the Provost’s Office about finding an alternative.
- Impact: With the support of the Provost’s Office, Printing & Copying Services (PCS) found and tested a new product and implementation by PCS is scheduled for June 1.
Qualtrics Downtime (May 24-26, 2017)
Required to Consolidate Portal
- Purpose: Qualtrics will be intermittently unavailable starting on May 24, 2017 at 8am and ending on May 26, 2017 at 9pm.
- Impact: Surveys in the Qualtrics Moderately Sensitive Data (MSD) Portal
(virginia.qualtrics.com), Curry School of Education (virginiaeducation), Center for Survey Research
(surveysvirginia), Frank Batten School of Leadership and Public Policy (uvafrankbatten),
Department of Politics (politicsvirginia), and Department of Psychology (uvapsych) will
continue to run, but users will not be able to report on, edit, or create new surveys. This
downtime is necessary to consolidate the user accounts into the Qualtrics Moderately Sensitive Data
(MSD) Portal (virginia.qualtrics.com).
Once the virginia.qualtrics.com portal is brought back up, all uvapysch, uvafrankbatten, politicsvirginia, virginiaeducation, and surveysvirginia portals will point to the virginia.qualtrics.com portal. Users will log in with NetBadge credentials and then link their NetBadge identity with their current account. Existing virginia.qualtrics.com users will be able to access their accounts.
The Qualtrics Highly Sensitive Data Portal (virginiahsd) and McIntire School of Commerce's Qualtrics Portal (commercevirginia) will not be affected by this downtime.
ITS to Retire Analog Web Analysis Service (May 16, 2017)
Better, Newer Options for Web Analytics Available
- Purpose: On May 16, 2017, ITS will retire an old analog web analysis service and its associated log accumulation. This service is outdated and has limited use; it runs on very old machines and software incompatibility has now made this service unmaintainable.
- Impact: Owners of sites or site directories configured for this service will be contacted individually. A plethora of different web analytics tools exist, many of which are free, and information is widely available on the Internet.
If you have questions or concerns, please contact the UVA Help Desk.
Intel AMT Port Blocking (May 9, 2017)
Network Configuration Update Removes Security Vulnerability
- Purpose: On May 9, UVA will update its network configuration to
block access to a security vulnerability in the Intel AMT management service. After May 9, it
will not be possible to use the Intel AMT management service to manage servers or workstations from off-Grounds.
This security vulnerability allows a remote attacker to take complete control over an affected computer. After May 9, the reconfiguration will block this attack from off-Grounds.
- Impact: This change should have no effect on the vast majority of computing devices at the University. It only affects users who have purchased the optional AMT SKU with new devices and are using the Intel AMT management service to control them from off-Grounds. This may also include devices that have had hardware repairs. If you have a need to manage devices from off-Grounds using the Intel AMT management service, please use the VPN. If you believe that you might have an affected device, please see the guidance from Intel on discovering and patching affected devices (https://newsroom.intel.com/news/important-security-information-intel-manageability-firmware/).
Contact Information Security, Policy, and Records (ISPRO) via email if you have questions.
ITS to Debut Value Storage (May 4, 2017)
Inexpensive Storage for Expert Users
- Purpose: On Thursday, May 4, ITS will debut the new "Value" category of storage. Geared to expert users, "value" is inexpensive storage for those who manage and back up their storage without assistance/support from ITS.
- Impact: For more specific information, see the new Value storage page; all other storage options are listed on the Storage homepage.
Changes to Public LDAP Access (Feb. 1, 2017)
Protects Student Privacy
- Purpose: In the interest of continuing to protect student privacy, the University will be limiting access to the Public LDAP effective Wednesday, February 1, 2017. At this time, direct access to the Public LDAP will be limited so it can only be accessed from known UVA IP-Space (excluding guest IPs) and the IP space of known valid users.
- Impact: For users physically located at UVA or for applications that run from UVA servers, there should be no impact. Off-Grounds users not connected to the UVA network will have to use VPN (Virtual Private Network) to access Public LDAP.
Integrated System & NetBadge (Jan. 15, 2017)
Employee/Manager Self-Service & HR/Finance Admin Users Affected
- Purpose: Starting January 15, 2017, portions of the Integrated System, including Employee/Manager Self-Service (Time/Leave, Payslips, W-2s) and HR/Finance Administrative, will be placed behind NetBadge. You may hear this alternately referred to as the Integrated System going to or behind Single Sign-on (SSO). This work is part of the SecureUVA Initiative.
- Impact: Use the new buttons for Employee/Manager Self-Service and
HR/Finance Admin on the Integrated System website. If you bookmarked
the URLs for the websites previously, please update your bookmarks.
- Now that Employee/Manager Self-Service is behind NetBadge, take advantage of the added security of 2-Step Login. This will better protect your personal information, including your W-2.
- ODS, Discoverer, and SIS are not affected by this change.
Service Portal for Requests Update (Jan. 15, 2017)
Request Processes Rolling Out on Monthly Basis
- Purpose: In Feb. 2016, ITS embarked on an initiative to improve the quality of our request fulfillment processes and to standardize these operations. The transition continues to take place over the course of multiple projects. The first of these to transform were paper-based, email-based, and other service requests into automated processes with designated fulfillment teams.
The web-based tool provides our customers with an easy way to
request and track their orders all in one central location. In the future, this
tool will become one-stop shopping for requesting over 100 ITS services.
Check out the project website for the latest releases.
CrashPlan Now Available (Dec. 15, 2016)
Introducing a Desktop Backup Service for Protecting University Data
- Purpose: ITS is proud to announce a new tool to protect University data placed on desktops and laptops. Use this new service to backup data and protect against ransomware.
- Impact: Degree-seeking graduate students and Agency 207 faculty, staff, and instructors will be able to use this tool to backup devices containing University data, and protect against ransomware infections and hard drive crashes.
Change Coming to ITS VPN Services' Connection Process (Dec. 6, 2016)
Additional Step Will Require Users to "Accept" Network Use Terms
- Purpose: When using UVA networks, members of the University community do so under the terms of Responsible Computing and other University policies. In order to prosecute unauthorized users who access our systems, we must provide notice that access to UVA networks is for authorized UVA use only. Otherwise, law enforcement (e.g. FBI) will not hold non-authorized users responsible for malicious activity on our networks.
- Impact: Starting Tuesday, Dec. 6, 2016, UVA users authorized to
use our VPN services and networks will have to "accept" usage terms each time
they connect. This applies to all of our VPN services (UVaAnywhere,
Joint, More Secure Network). You will see the second "banner" screen when connecting to the network
through a VPN service; click "Accept" to proceed with your connection.
Note: This change is unrelated to the Joint VPN full tunnel migrations that began on Nov. 29, 2016 and continue through mid-December, and will not affect the operation of any of our VPN services and the network access they provide.
Protection from Accessing Malicious Websites
DNS Servers Will Begin Utilizing DNS Firewall Protection
- Purpose: ITS provides Domain Name Server (DNS) services for UVA so that networked systems can look up domain names (which humans use) and resolve them to IP addresses (which computers use). As part of the SecureUVA security enhancement program, ITS' DNS servers will begin utilizing a DNS firewall in order to block access to malicious domains. The DNS server will check every request against a constantly updated database of known bad domains and IP addresses (e.g., confirmed usage by malware or phishing). The firewall will be configured to be increasingly more protective for users beginning in November 2016 and going through Spring 2017.
- Impact: Users trying to access a malicious website will not be able to get through. Requests to look up known bad domains/IPs receive a special response which effectively redirects the requester to a safe system rather than the malicious system. If a user feels the website is being wrongly blocked, s/he should contact the UVA Help Desk. For more information about this project, please see the DNS Firewall webpage (NetBadge credentials required).
Upcoming Changes to UVA VPN Services
Security Enhancements for More Secure Network VPN & Joint VPN
- Purpose: In order to improve network security, ITS is changing the configuration of the More Secure Network VPN and Joint VPN services from Split Tunnel to Full Tunnel prior to the end of the calendar year. Changes to the More Secure Network (MSN) VPN were made on Oct. 18, 2016. The migration of Joint VPN users to full tunnel mode started on Nov. 29 and will continue in waves over the course of the next 3 weeks.
- Impact To Users: Many users will not notice a difference once the MSN VPN and Joint VPN services are operating in Full Tunnel mode. If users need to access local network resources while connected to the MSN or Joint VPN service, such as network printers at home, they may need to enable the “Allow Local (LAN) access when using VPN” option in the Cisco AnyConnect VPN client preferences/options. If you need assistance making these changes, please consult your departmental LSP or contact the UVA Help Desk.
Impact to LSPs: If LSPs have network resources such as file servers that have been restricted by IP address access lists containing their local building subnets, for example, they will need to ensure that they have added the More Secure Network VPN service client IP address range to these access lists. Note: To get ahead of the game you may want to consider adding the Joint VPN service client IP address range at this time as well.
Statement on Support of macOS Sierra (OS X 10.12) at UVA
Can Be Used with Most Basic UVA Services like WiFi and Email
- Purpose: Apple's latest operating system, macOS Sierra (OS X 10.12), is currently (Sept. 2016) being testing against ITS supported products; please see our testing results.
- Impact: We recommend that you check ITS's support statement before installing macOS Sierra on UVA computers; not all services, most notably the Integrated System (HR/Fin) and Student Information System (SIS) are supported under Sierra.