News

ANSYS Software Renewal Approaching

Published:July 6th, 2018
Category:Collegewide, Engineering IT Workers

 

Engineering IT Support manages the ANSYS site license for the University of Florida. The license period runs from September 1 through August 31.

The cost for licenses are shared across participants and individual license pricing is reduced as participation increases. If you are a current participant or are interested in participating in the upcoming renewal, complete the Qualtrics survey below. After the data is collected we will contact each unit with the appropriate fee information.

For further questions, submit a work request (https://www.it.eng.ufl.edu/support/enter-a-ticket/) or send an email to software@eng.ufl.edu.

https://ufl.qualtrics.com/jfe/form/SV_6QAitObaVAPa6ZT

Tagged as: , ,

Network File Storage Scheduled Maintenance Starting 5pm, Fri June 22nd

Published:June 22nd, 2018
Category:Collegewide

 

At 5pm today UFIT has scheduled maintenance to the network file storage infrastructure that multiple IT services use. As a result, there will be momentary outages of hosted websites, databases, network drives, and other services. Specific services that will be impacted include, but are not limited to, network drives for Eng Admin, ISE, BME, CHE, and MAE, Onbase, OneUF website, www.eng.ufl.edu, listservs (@lists.ufl.edu) and login.ufl.edu.

Intermittent outages of impacted services will start at 10PM today and expected to be over by 1AM Saturday.

UFIT has been communicating with technical contacts associated with all impacted services. Necessary precautions have been taken to insure there would be no loss of data or unexpected problems associated with the shutdown of network file storage services. Additionally, UFIT has onsite and on-call consultants from various hardware vendors for this maintenance to insure it is done properly and to address unforeseen issues if they should arise. If there are problems, UFIT will work through the weekend until they are resolved.

If there are any issues with our resources in UFIT hosting that continue after the 10PM-1AM maintenance window we will let you know. The most current information will be posted by UFIT on the UF IT Alerts page throughout the maintenance window (https://alerts.it.ufl.edu/#4055).

If you have questions regarding this please let us know.

Tagged as: ,

Computer Maintenance Incoming (Monday, June 18th)

Published:June 14th, 2018
Category:BME, CHE, EG-ADM, ISE

 

In May 2016,  Engineering IT Support began using a UFIT provided computer management tool to better secure, configure, and manage computers across the Engineering IT Support units. This tool required the installation of a small program on your computer.  Unfortunately, due to a number of factors UFIT has changed the management tool which, in turn, is requiring us to make the same changes to continue to manage your computer.

The first change will be the removal of the old tool’s agent and the installation of the new one. We have tested this process on a number of computers already. It has largely been a non-issue (only requiring a reboot).  The deployment will be started Monday, June 18th and will take effect when your computer is rebooted. Computers not excluded from our normal maintenance windows will follow the normal reboot cycle to insure the new agent is installed.

Once the new tool is installed, we will immediately be using it for the same types of management processes we’ve been doing with the old tool (hardware/software inventory, application and operating system patching and monitoring of encryption for mobile devices). The new tool has additional features and capabilities that will be used after adequate testing.  More information will be sent to you as we make these changes.

If you have any questions or concerns, contact your local Engineering IT Support office.

Tagged as:

Risk Assessment Requirements

Published:March 20th, 2018
Category:Collegewide

Two years ago the University adopted a Risk Management Policy (http://www.it.ufl.edu/policies/information-security/risk-management-policy/) which has impacted the process for IT purchases significantly.  When faculty need new IT resources UFIT, the CIO, and the CSO strongly prefer the use of UFIT hosting solutions provided by Enterprise Infrastructure or Research Computing.  The primary reason for this is managing and controlling risk at the university.  By using UFIT provided services you are transferring the risk to UFIT and are aligning yourself with UF enterprise strategies.

By leveraging UFIT hosting and provided systems you will speed up your time to implementation since these systems have already gone through the vetting process with the Information Security & Compliance office.  Additionally, there are many other tangible benefits to using UFIT hosting: hardware redundancy, lifecycle management, secured environment, power/cooling management, backups, service management, etc. UFIT has significantly improved cost and service offerings over the last few years and more improvements are still coming.

UFIT and Information Security & Compliance has steadily improved the risk management process and rebranded it recently to Integrated Risk Management (IRM) (https://irm.security.ufl.edu/). This site documents processes for navigating the risk assessment, classifying data, finding storage solutions, and using ‘fast path’ solutions.  ‘Fast Path’ solutions are software, hardware, and cloud services that have already been vetted through the risk management process and available for use with limited, or no, risk assessment requirement.

If you are purchasing or using IT information systems that are not provided by UFIT, or not already vetted as a ‘fast path’ solution, chances are some sort of risk assessment is either needed or has already been completed by your local IT.  In some instances an Intake # is required to even submit a purchase requisition (software purchases for instance). Your local IT support will help you navigate that process by working with you to review pre-vetted environments and ‘fast path’ solutions and to submit a risk assessment intake on your behalf when necessary.  Make sure involve your local IT support early to insure enough time to work through this process.

If you have questions please let us know. We can either answer the question or direct you to the proper resources.

REFERENCES:

Risk Management Policy: https://it.ufl.edu/policies/information-security/risk-management-policy/
Risk Assessment Standard: https://it.ufl.edu/policies/information-security/related-standards-and-documents/risk-assessment-standard/
Integrated Risk Management: https://irm.security.ufl.edu/
Enterprise Infrastructure Hosting: https://hosting.it.ufl.edu/
Research Computing Services (storage, computing, apps, ResVault, etc): https://www.rc.ufl.edu/about/our-services

Tagged as: , ,

UFL.ZOOM.US Licensing for ISE

Published:March 15th, 2018
Category:ISE

 

Due to circumstances it has become advantageous for ISE to purchase ZOOM.US licensing for faculty and staff of the department. Zoom.us is a simple to use web conferencing tool that works well for meeting with people inside and outside the university.  Some of the most pertinent information is on our website at the links below but, rather than duplicating efforts by creating our own support documentation, most of the support can be found at https://support.zoom.us/.

https://www.it.eng.ufl.edu/kb/how-do-i-install-the-zoom-client-for-meetings-application/
https://www.it.eng.ufl.edu/kb/how-do-i-login-to-the-zoom-client-for-meetings/
https://www.it.eng.ufl.edu/kb/where-can-i-find-more-information-about-zoom-us/

Some important information about Zoom is summarized here:

  • All UF faculty, staff, and students have a free BASIC license at ufl.zoom.us.
  • BASIC licenses can host meetings with up to 10 participants and no longer than 40 minutes.
  • PRO licenses do not have the limitations that a BASIC license has.
  • Only the meeting host must have the PRO license to avoid the limitations on the meeting.
  • UF people use their Gatorlink credentials to sign-in by using the SSO option with the ufl domain.

You should be receiving invites to UF’s zoom.us license today.  The email you receive from Zoom is legitimate and will include information about activating your license.

These licenses will be valid until April 30 th (the end of the license period).  UF is currently investigating a campuswide license for Zoom.US.  So your license may continue at the PRO level in the new license period.  If UF will not provide central licensing I will be providing additional information on how to maintain your PRO license close to the end of April.

Tagged as: ,

Two-Factor Authentication at UF

Published:March 12th, 2018
Category:Collegewide

The University is starting to roll-out a new authentication mechanism called two-factor authentication, or 2FA.  2FA requires you to use two different authentication methods when logging in: something you know (your GatorLink password) and something you have (i.e. a code provided by text msg to your cell phone).  You may already be familiar with 2FA because it is used by many banks and other secure Internet services (Facebook, Google, and Twitter even have options for two-factor authentication). As you may guess, using 2FA with GatorLink accounts will help protect the University environment from phishing and other cyberattacks because having just a password will no longer be enough to login.

At this point 2FA is an opt-in service.  However, as the University moves forward there will be various audiences that will be required to enroll (i.e. people in positions of trust that routinely work with personally identifiable information (PII)).  Messaging about 2FA has already started hitting various UF channels (a couple articles are linked below).  Opt-In enrollment for all faculty, staff, and affiliates will be officially announced in April 5th’s “UF at Work” newsletter.

http://news.hr.ufl.edu/2018/02/two-factor-authentication-option-available-uf-faculty-staff-beginning-april/
https://news.it.ufl.edu/security/uf-two-factor-authentication-service-coming-in-april/ (link stopped working Oct 2022)

UF’s 2FA website can be found at https://it.ufl.edu/2fa. There you can find everything you need to know: instructions, faqs, opt-in enrollment, timeline, etc. Most IT workers are already enrolled in UF’s 2FA and familiar with the service.  Please reach out to your local IT support if you have any questions.  Some common questions are included below; but, for more complete information see the two-factor website.

Q: What services require 2FA login?
A: UFIT has currently implemented 2FA on any services that use the UF Login page and the VPN.  Services that don’t use the UF login page (the UF Exchange Outlook Web Access client or your desktop computer for instance) do not require 2FA.

Q: My bank allows me to remember my browser as a ‘personal’ device and only requires 2FA every 30 days.  Is this an option for UF’s 2FA?
A: No.  UF’s 2FA will not allow you to remember a device.  It does, however, remember a browser session for the day.  As long as you use the same browser session you will not need to 2FA again during the day.

Q: Are there any other plans for 2FA?
A: There are long term plans to extend 2FA to more services as well as review password changing policies for people enrolled in 2FA. So the service is already looking for possible improvements in the future.

Q: I travel to foreign countries a lot, how will I 2FA if I don’t have cell service to receive the push notification?
A: If you do a lot of foreign travel it is recommended that you get a one-time password token generator. Tokens are available to select faculty and staff from the UFIT Helpdesk at the Hub.

Tagged as: , , , ,

New Threats Target CPU Design Flaw: Meltdown and Spectre

Published:January 12th, 2018
Category:Collegewide

By now you’ve probably heard about the Meltdown and Spectre vulnerabilities. They have been a major news story this past week, even being mentioned on local news. In a nutshell, a major design flaw was found in the main chip of most modern computing devices that allows malicious code to easily get access to your computer’s memory (stealing passwords and other critical data along the way).

To be clear, this impacts almost every computing device. Desktop and laptop computers of all manufacturers and their operating systems (Windows, macOS, Linux) are probably the most susceptible. However, it also impacts smartphones, tablets, printers, and, even, some PC components like video cards.

What we are doing for UF IT devices.

We are updating all machines on the network. Some software patches are already being deployed through our normal processes and maintenance windows. The software patches only make it harder to exploit the flaw. We will also need to apply a hardware patch manually on most computers.

This is going to take some time, especially since some of the patches are not even available yet.

What you need to do.

You’re going to need to patch your own personal devices. We’ve collected a lot of reference materials below to help you along.

In the meantime, while at the office and at home, you need to be extra vigilant in practicing safe computing and “Think Before You Click” techniques that are taught in UF’s monthly Cyber Self Defense Course (UF_ITT100_ILT, https://security.ufl.edu/learn-information-security/spice-training/cyber-self-defense/ (link is now invalid)). Unfortunately, the next instructor-led class is not until Feb 22nd, 1:30-4:00 but it is well worth the time.

Reference

Websites

The group responsible for discovering these design flaws, and the attacks that exploit them, created a very good website, https://meltdownattack.com/, with information, FAQ, videos, and an index of where to find patches.  The bottom of this page includes links to official security bulletins and advisories of many involved/affected companies and can be helpful in determining what patches you need.  There are also articles on most tech and news blogs and websites.  A few of the more helpful are:

Windows

Windows quickly released a security rollup for Windows the first week of January. If your system is capable it should download and apply the patches if you have Automatic Updates configured. However, prior to installation, the specific security updates that protect against Meltdown and Spectre search for incompatible antivirus products and will not apply if they are installed on your computer.

For  Windows 7, 8.1, and 10 insure that the January 2018 security rollup patch is installed. The knowledgebase articles that pertain to each version are documented below and can be used to identify the exact patch numbers for your computer:

Windows Version Release Date KB
Windows 10 – version 1709 January 3 KB4056892
Windows 10 – version 1703 January 5 KB4056891
Windows 10 – version 1607 January 3 KB4056890
Windows 8.1 January 3 KB4056898
Windows 7 SP1 January 3 KB4056897

Apple (macOS and iOS)

Apple has confirmed that their devices are affected by Meltdown and Spectre and says that if you are running any of the following you will receive both software and hardware updates that will protect against these vulnerabilities:

  • macOS 10.13.2 or later (High Sierra)
  • iOS 11.2 or later
  • tvOS 11.2 or later
  • watchOS (in fact, Apple claims that “watchOS did not require mitigation”)

Web Browsers

Updating your browser will help protect against the Spectre vulnerability. The following are known to be patched:

  • Safari 11.0.2
  • Firefox 57.0.4
  • Chrome 64 (due Jan. 23rd)
  • Microsoft Edge
  • Microsoft IE 11 – cumulative update KB4056568

Android

If you own an Android device and you’ve applied the January security updates you are in the clear. This isn’t as easy a process as one may think however since most android phones and tablets depend on the manufacturer to package security updates. In other words, if you have a Samsung device you’ll have to wait for Samsung to release an update for your specific device. You will need to consult with your device manufacturer, or sometimes your carrier, to determine when patches will be released.

Antivirus

Antivirus updates are important for two reasons. First, malware is required to exploit these vulnerabilities and properly updated antivirus can help prevent this malware from even installing.  Second, and more critically, some antivirus products are incompatible with these Windows patches for Meltdown and Spectre. Computers with incompatible antivirus software will even stop seeing security patches. A good article discussing this issue (including a list of compatible antivirus products) can be found at https://threatpost.com/anti-virus-updates-required-ahead-of-microsofts-meltdown-spectre-patches/129371/.

Tagged as: , , , , ,

Additional Safeguards for UF Email: TAP

Published:September 18th, 2017
Category:Collegewide

 

UFIT expects to deploy new features to the campus email service on September 26, 2017.  The new features, known as ProofPoint Targeted Attack Protection (TAP), are an expansion of UF’s existing SPAM and PHISHING protection provided by its ProofPoint system.

On Tuesday, Sept 26th UFIT will enable TAP for all user mailboxes in the on-premise UF/AHC Exchange system.  A later phase will address Student mailboxes and other, more obscure, fringe mail-flow.

When TAP is enabled, any email received by users in the on-premise UF/AHC Exchange system from outside UF’s email system will have the following protective measures taken:

"Web Site Has Been Blocked!" page example.
ProofPoint Targeted Attack Protection (TAP) will block malicious URLs with a “Web Site Has Been Blocked!” page.
  • URL Defense: All URLS (web links) in email will be rewritten to point to a ProofPoint service, within https://urldefense.proofpoint.com, that will block access to harmful URLs. Safe URLs will be automatically passed to the original site. However, if the URL is malicious you will encounter a “Web Site Has Been Blocked!” page.
  • Attachment Defense: Certain email attachments, Microsoft Office documents, PDF, RTF, HTML and SWF, will receive additional screening for malware and other harmful behaviors. This includes these file types within archive files (zip, tar, rar, etc). This additional inspection may cause delay delivery of emails from outside the university which contain attachments.

A recent UFIT News article (which has since been removed) introduced this service to UF. UFIT also added more information about it on the UF Email webpage (however, again, the information was removed).  Engineering IT Support has also added this information to our homepage.

If you have questions, your local IT should be able to help.

Updated: 2017-09-19
A clarification based on a couple of inquiries to UFIT regarding the behavior of URL rewriting during the initial deployment:

  1. *.ufl.edu URL’s will not be re-written, even if sent from remote email addresses.
  2. non-ufl.edu domains/URL’s will be re-written from non-ufl email accounts.
  3. non-ufl.edu domains/URL’s do NOT get re-written if sent from ufl email accounts TO ufl email accounts.

Once this is successfully deployed to faculty, staff, and student mailboxes UFID will tackle the reconfiguration and re-architecture of mail flow such that internal generated emails within all UFL domains also go through TAP URL re-writing. This is a bit more complicated and requires careful changes in the infrastructure and extensive testing to avoid mail loops.

More to come once UFIT is ready to take the next steps.

Tagged as: , , ,

Upgrading Anti-Virus

Published:May 22nd, 2017
Category:BME, CHE, EG-ADM, ISE, MAE

 

Example popup of the BigFix upgrade action
A BigFix action is scheduled to start the migration of our antivirus software.

Today Engineering IT Support will be upgrading the anti-virus software of IT Shared Services managed computers, which includes Engineering Administration, BME, CHE, ISE, and MAE. We will be upgrading from an end-of-life product, IBM BigFix’s Core Protection Module, to TrendMicro OfficeScan. OfficeScan will provide a number of enhanced capabilities of managing, reporting, and alerting on virus and malware detection. This new product also includes browser add-ons for Internet Explorer and Firefox which will help protect from various ‘browse-by’ infections when surfing the web.

The upgrade action will be scheduled to start at noon today, Monday, May 22, 2017, with a 6pm deadline.  At, or close to, noon today you will receive a popup window on your Microsoft Windows or Apple Mac which looks similar to the image to the left (the wording will be a little more specific and targeting Engineering IT Support computers). You can choose to immediately apply this update (by clicking the Take All Actions or Take Action buttons) or allow the process to happen automatically at its deadline (6pm).

"Your computer might be at risk" popup
This “Your Computer might be at risk” notification from the Windows Security Center may appear during the upgrade to Trend OfficeScan.

The process takes multiple steps and includes one reboot when the current anti-virus software, Core Protection Module, is uninstalled. While the new antivirus software, TrendMicro OfficeScan, is installed Windows desktops may see a popup from the Windows Security Center that the computer is unsafe. This is a normal part of this process. The final step in this process happens when you start Internet Explorer and/or Firefox. You will be prompted by the browsers to enable the TrendMicro add-on (screenshots are available at the end of this article).

If your computer is not on during this time, the action will apply whenever the system is started. At that time the system will immediately reboot to allow the upgrade to occur.

If you have any questions or concerns at this time or if you encounter problems after the update, please notify your Engineering IT Support office immediately. If maintenance on your computer must be delayed because of an ongoing calculation, process or experiment please contact us so that we can accommodate that request and schedule another time more convenient to your research work.

 

 

Tagged as: , , ,

Shared Mailbox ‘Sent Items’ and ‘Deleted Items’ Tweaks

Published:April 18th, 2017
Category:Engineering IT Workers

 

For a while now we’ve known that one of the caveats for using shared mailboxes is that when you delete items from the shared mailbox they end up in the user’s ‘Deleted Items’ folder and when you send email as the shared mailbox it similarly ends up in the user’s ‘Sent Items’ folder. For a bit we had a tweak for the ‘Sent Items’ problem but Microsoft stopped supporting it in Exchange 2013.

Because of recent questions about these subjects I’ve looked into it again and found fixes for both situations.

Sent Items

Awhile back I found an Exchange cmdlet, Set-MailboxSentItemsConfiguration, that would allow you to change a setting that when you send email from a shared mailbox you could control whether that sent email would be copied to your Sent Items folder (default), to the Sent Items folder of the shared mailbox, or to both. Shortly after finding that tweak UFX was upgraded to Exchange 2013 and it stopped working since it was no longer supported.

After enough complaining Microsoft added that feature back in to Office 365 and Exchange 2013 CU 9… which was back in Sept 2015. Looks like we should have looked at this sooner.

There are only two settings now however. You can have the sent email goto the Sent Items folder of the user mailbox or to the folder of both the user and the shared mailbox. It is also not done by a dedicated cmdlet anymore but is a configuration option to set-mailbox:

PS C:\> set-mailbox [identity] –MessageCopyForSentAsEnabled [$True | $False]
 PS C:\> set-mailbox [identity] –MessageCopyForSendOnBehalfEnabled [$True | $False]

Default setting is $False (sent email goes to the ‘Sent Items’ folder of the user).

It is important to note that it HAS to be a shared mailbox. There may be mailboxes that are set as resource, room, or user mailboxes that are used like a shared mailbox where this setting will not work. For instance, I was unable to set this on a service account user mailbox that is also shared.

Reference: https://blogs.technet.microsoft.com/exchange/2015/03/03/want-more-control-over-sent-items-when-using-shared-mailboxes/

Deleted Items

GPMC screenshot showing the "Store deleted items in owner's mailbox instead of delegate's mailbox" policy.
The “Store deleted items in owner’s mailbox instead of delegate’s mailbox” policy can change where items are transferred when deleted from a shared mailbox.

Similar to the Sent Items problem, when you delete an item from a shared mailbox in Outlook it goes to the Deleted Items folder of your primary user mailbox and not to the Deleted Items folder of the shared mailbox itself. Turns out there is a way to change this behavior on a workstation but it involves registry hacking (a KB also has a fixit app that could be run on a workstation).

However, chances are you want to apply this to all your managed workstations. In that case there is a very easy Group Policy you can apply. Enable the Store deleted items in owner’s mailbox instead of delegate’s mailbox policy found under User Configuration as follows:

\\User Configuration\Policies\Administrative Templates\Microsoft Outlook [2010 | 2013 | 2016]\Outlook Options\Delegates

 

Reference: https://support.microsoft.com/en-us/help/202517/items-that-are-deleted-from-a-shared-mailbox-go-to-the-wrong-folder-in-outlook

Tagged as: ,

<< Newer   Older >>