1

2

3 The first techshare – November 2016

4 TechShare Feedback

5

6 Today’s speakers Dan Oliver Jeannette Wolff Dylan PlatzVU IT Service Management Jeannette Wolff VU Off-Site Data Center Dylan Platz VU Identity Management

7 IT Service Management project teamCherwell & xMatters Taj Wolff Tammy Osborne George Anglin Cheryl Graves Mary Marler FireScope Mike Harris Patrick Hawkins Dane Rafn PM Dan Oliver

8 Infrastructure & Operations Support & Relationship ServicesITSM Contributors Infrastructure & Operations Dane Rafn Tim Charlton Rafiq Nelson Dave Mathews Masood Sidiqyar Taj Wolff John Williams Dewayne Fulton Rick Miniat Patrick Hawkins Buzz Leffler Joy Adams Rick Carlton Brian Britt Tammy Osborne Jonathan Topf Ganesh Nagarajan Scott Evans Ed Wisdom Ali Benham-Gilani Titus Weimars Kenny Elmore Michael Wiggs George Anglin Lane Williams Julie Catellier Jason Pepin Travis Smith Dwayne Wright Cheryl Graves Marcus Newman Greg Curless Cheryl Graves Mike Harris Eric Barnes Teal Sawicki Paige Hannah Support & Relationship Services Includes: Contract and procurement Process workshops Set-up for on-prem and cloud FireScope CI discovery Cherwell design, configuration, testing Phase 2 will Jason Bradley John Haendel Chris Contos Craig Hampton Dianne Wehlage Eric Pyles Michael Hollifield Kathryn Maggart Hayley Reddington Chris Bransford Lance Thomas John McCammon Justin Kessinger Kelly Harris Jerry Weber Andy Green Phil Neely Sean Hansborough Heather Mitchell Scott Nelsen Kurt Kroeger Megan Naughton 1 xMatters in Phase 2 Cherwell Firescope

9 What is ITSM? People Process TechnologyIT service management (ITSM) combines people, process, and technology to deliver high-quality IT services to the customer. ITSM consists of policy, structured processes and supporting procedures that are used to plan, design, deliver, operate and control information technology (IT) services offered to customers. It is thus concerned with the implementation of IT services that meet customers' needs, and it is performed by the IT service provider through an appropriate mix of people, process and information technology. Service Management is a set of specialized organizational capabilities for providing value to customers in the form of services. The goal is to manage IT from a business perspective, focusing on the end-to-end services rather than technology silos. Services are a means of delivering value to customers by facilitating outcomes customers want to achieve without the ownership of specific costs and risks. People Process Technology

10 The University requires new ITSM systems and processesNew ITSM Solution1 Pegasus Shared systems will continue to use Pegasus

11 VU ITSM consists of three integrated SaaS solutionsxMatters1 (x) FireScope Cherwell Service Management Platform Process Areas Configuration Change Incident Request Service Catalog Problem Knowledge Asset Management Module Discovery, Dependency Mapping, Monitoring Objective: Exit Pegasus and establish IT service management (ITSM) foundation for the University. Solution: 3 integrated commercial, SaaS systems Comments on each system -- 1 – Cherwell Service Manager (CSM) – base ITSM platform, central system for managing changes to systems/environments, finding configuration information, and managing tickets and service requests. In addition to this tool, we are intentionally designing processes to fit the university environment. We have purchased an additional asset management module – Cherwell Asset Manager. That will help us get out of spreadsheets and into a central repository (this is Phase 2). 2 – FireScope – this tool listens to/discovers the network and maps which systems are connected and makes a map, which is then used to populate all sorts of attributes into a database. Monitors for changes to configurations and reports changes/events. This will significantly reduce manual data entry and the proliferation of tribal knowledge. FireScope will integrate directly with Cherwell – populating CMDB, which is the foundation for reliable Change practices. 3 – xMatters – xMatters performs automatic incident/event alerting and notifications according to an on-call calendar. If a event/emergency threshold is crossed for a specific system, xMatters will , text, call, the individual, team, or administrator on call. This will be a Phase 2 roll out. 1 new VU instance of xMatters

12 Implementation will occur in three phases over 21 monthsFY17 FY18 Phase 1 Phase 3 Phase 2 Process Workshops Cherwell FireScope xMatters Today Problem & Knowledge Change & Configuration Incident, Request, & Asset Discovery & Database Population Dependency Mapping & Event Monitoring We have completed Phase 1. Alerting & Notifications

13 Phase 1 – Change & Configuration ManagementConfiguration Management - is the method by which we track details about the hardware and software we use to provide IT services (servers, databases, etc.). Enables IT to understand its infrastructure for delivering IT services (servers, databases, storage, network equipment, firewalls). Stored as Configuration items (CIs) CIs have attributes (self) CIs have relationships (to one another) Information is stored in Configuration Management Database (CMDB) - Database of CI’s and their attributes and relationships Change Management - is the process by which we track and approve changes to hardware to prevent service disruption and follow best-practices. Visibility into upcoming changes Single place to go to see what has change, useful for troubleshooting Track approvals if necessary, e.g. audit requirements

14 Phase 2 – Incident, Request & Asset Management! Incident Request Incident Management: Incident - unplanned interruption to an IT service or a reduction in the quality of an IT service Objective: restore normal service operation as quickly as possible and minimize impact on business operations Process: Report & Record Incident Categorize & Prioritize Initial Diagnosis Assignment / Escalation Resolve & Close Incident Request Management Objective is to fulfill standard, routine service requests for customers (set-up new address for user, spin up server is AWS, etc.). With Cherwell, we will be building workflows for requests that involve multiple teams. This will automate the hand-off from one team to the next and should improve delivery times. Browse a Catalog of Requests Specialized Online Form Approval Workflow Fulfillment Workflow Asset Management responsible for tracking and reporting the value and ownership of financial assets throughout their lifecycle

15 Phase 3 – Problem & Knowledge ManagementProblem Management Problem: A Problem is an unknown cause of one or more incidents. When there is a routine pattern and we need to dig deeper a figure out the underlying, root cause. (Incident: An Incident is an unplanned interruption to an IT service or a reduction in the quality of an IT service) Knowledge Management The structured process by which an organization captures, distributes, and uses institutional knowledge. (documentation, instructions, how to’s, support information, implementation information, architecture and operations docs - e.g. run books, SOPs, etc.) Provides strategy on what repositories should be used, accessed, and updated Problem Knowledge

16 QUESTIONS

17 Today’s speakers Dan Oliver Jeannette Wolff Dylan PlatzVU IT Service Management Jeannette Wolff VU Off-Site Data Center Dylan Platz VU Identity Management

18 VU Off-Site Data Center Project TeamInfrastructure Mike Harris Dave Mathews Bo Payne Rick Wheeler Masood Sidiqyar PM Jeannette Wolff

19 Off-site data center contributorsJoylika Adams Ben Brown Rick Carlton Greg Curless Scott Evans Donovan Fitzgerald Steve Garrett Mike Harris Patrick Hawkins Rob Knight Dave Mathews Barry McCurry Doc McGee Rick Miniat Rafiq Nelson Clyde Norfleet Bo Payne Todd Sanders Roland Serman Masood Sidiqyar Includes: Contract and procurement Process workshops Set-up for on-prem and cloud FireScope CI discovery Cherwell design, configuration, testing Phase 2 will Donte Taylor Jeff Temple Steven Walker Rick Wheeler Lane Williams Facilities Hosting Network Security

20 Original scope – vu disaster recovery

21 What is off-site data center?What it is: A secondary, off-site data center housed at TierPoint in Franklin, TN Why do we need it: Require a data center off campus in case something happens to Hill What it provides: High availability and disaster recovery for key applications and services

22 VU off-site data center timeline2016 2017 Aug Sept Oct Nov Dec Jan Facility Evaluation Purchase Equipment Install and Configure Equipment Establish Data Connectivity to Campus Final Testing

23 Vanderbilt UniversityHow we’re connected Vanderbilt University Hill Data Center I1: 10GB | I2: 100GB 10GB TierPoint Internet 1 & Internet 2 40GB I1: 10GB | I2: 100GB 10GB Franklin, TN Bryan Building

24 What will reside in Tierpoint?Directory Services High Availability Identity Management High Availability Master Data Management High Availability Infrastructure High Availability Applications High Availability Disaster Recovery DAR: Advance, Online Giving Provost: PS CRM, Faculty IS, NOLIJ, PS Student, Events Management Finance: Endowment Unit Accounting, QGLARS DofA: Card Office OGC: COI VUIT: Application backups, network storage backups

25 IT Disaster recovery/service continuityWhat: Discover critical business processes and their dependencies on IT systems and applications How: Conduct BIAs1 to identify recovery objectives in order to architect, test, and document appropriate solutions Business Impact Analysis

26 QUESTIONS

27 First official tmo project complete!VU Off-Site Data Center VU IT Service Management VUMC Voice Network Directory Services SkyVU VUMC Unified Communications Data Center Realignment Data Network

28 Today’s speakers Dan Oliver Jeannette Wolff Dylan PlatzVU IT Service Management Jeannette Wolff VU Off-Site Data Center Dylan Platz VU Identity Management

29 VU Identity management project teamIdentity Services Kevin Owen Mike Gay Andy Green Kiran Kamatham Nadir Saghar Gourija Menon PM Dylan Platz

30 What is identity management?Students Faculty Staff Guests Resources Identity Management regulates the issuance and lifecycle of User IDs IDs allow for assigning digital access rights, enforcing access policies, and maintaining end-user preferences and Help Desk tools ID is your digital personality at Vanderbilt

31 Current shared identity environmentEPI AccessVU EPI/MDM – Consolidates person data from all person source systems (HR, Card, Student, etc) EIR: Provides person information to some applications EPIcenter: manages, merges, and corrects EPI info AccessVU/SailPoint – Identity toolset for managing VUNetIDs End-user self-service tools Helpdesk/Admin tools

32 Vu requires new identity managementMDM SailPoint EPI AccessVU EPI/MDM – Consolidates person data from all person source systems (HR, Card, Student, etc) EIR: Provides person information to some applications EPIcenter: manages, merges, and corrects EPI info AccessVU/SailPoint – Identity toolset for managing VUNetIDs End-user self-service tools Helpdesk/Admin tools New Identity Solution

33 new functionalities with sailpointWorkflow-based access requests Broad integrations Enhanced risk detection Improved lifecycle management Mobile optimized Mobile friendly: - Improved layout and performance for users accessing with smartphones and tablets - Improved password recovery process Life Cycle: Supports both traditional and Web Services-based integrations - Features a large set of Java-based libraries for extending functionality Risk: Supports regular, ongoing validation of access permissions - Includes utilities for scanning target systems for inappropriate account management practices such as administrator-created accounts Workflow: Supports approval mechanisms for account/group/permission based access. - Supports approval escalation and delegation Integration: Around 60 connectors types included - Support for cloud provisioning to Box.com, Microsoft Azure AD, AWS, Google Apps, WebEx and more

34 High-level idm key datesMarch 2017 Master Data Management initiated for VU people data January 1, 2018 SkyVU Go-Live (VU HR data feed switched to SkyVU) Summer 2017 New VU directory services March 2018 Full SailPoint Go-Live

35 Sailpoint Customer impact | User IDsNo change The account ID users have today will continue in the new Identity Management solution Current passwords will still work True whether you have one identity or two Get with Mike

36 Sailpoint Customer impact | New ToolsPersonal Options Tools New portal for changing passwords and managing aliases Will look and work differently than the current system, but still allow for users to utilize the same functionalities

37 Sailpoint Customer impact | ApplicationsPost-SailPoint Go-Live Applications relying on EPI data will need to reference new VU Master Data Management services Application owners will have to reconfigure where their applications get user information

38 QUESTIONS

39

40 it.vanderbilt.edu/tmo