UC Merced

Information Technology

• Home
• MyUCMerced
• Web Services
  • MyUCMerced
  • UCM Share
  • UCM Calendar
  • UCM Directory
  • UC Mailman
  • UCMID Services
  • IDCLAIM
• User Services
  • Students
  • Faculty
  • Staff
• Support
  • Guides & FAQs
  • Service Centers
  • Policies
• Security
  • Best Practices
  • Safe Computing
• About
  • Office of the CIO
  • Org Chart
  • Vision
  • Projects
  • Accomplishments

Information Technology Strategic Planning

Projects

Project Title:

NetLogin Solution

Project Advocate:

Richard Kogut

Project Manager:

Stan Stavitsky

Project Overview:

The purpose of this project is to identify an implementable standards-based solution that will provide a means to track and identify users and machines utilizing UCM network resources. This will allow us to locate and potentially take action towards computers and their owners that are involved in security incidents or when illegal activities are reported to us. A subsequent project will address the actual deployment of the solution.

Users of the wired network would have to authenticate, most likely using 802.1x protocols and their UCMNetIDs in a manner similar to wireless network usage. Their computers’ MAC addresses would be registered in a central data base or other repository. Special procedures may be required for systems not supporting 802.1x and in the Library.

The following platforms should be supported natively:
o Windows XP
o Windows 2003
o Windows Vista
o MAC
o Linux
o Solaris

Key Stakeholders:

UCM Campus as a whole
IT
Library

Benefits:

• Improved incident response.
• The ability to track users and machines on the UCM network especially when receiving RIAA or similar complaints from the outside.

Project Deliverables:

• Project Description for NetLogin project and implementation plan incorporating:
o Detailed description of how authentication will work for both clients supporting it and exceptions,
o Client-side software and configuration needs,
o Configuration strategy for Extreme Networks equipment and analysis of how non-Extreme equipment could be integrated,
o Required database/repository software & hardware,
o How Operations and Help Desk staff will look up MAC address information,
o Implementation and ongoing costs.

Initiative(s) Supported:

• Identity Management & Provisioning
• Network Infrastructure and Security

Related Projects:

Milestones:

No intermediate milestones.

Costs & Funding (Capital & Operational):

N/a

Project Team:

• Network Expertise – Dean Lawson
• User Perspective – Wayne Vangyi

Issues/Risks:

• Is the Library an exception to general 802.1x and MAC Address registration? Maybe no authentication is required if coming from Library network? Historically, how has Library access been handled at other Universities?
• Some clients might not support 802.1x natively (Linux/Solaris/UNIX) -- will need to provide software configuration for 3rd party (preferably open-source) software
• Printers and similar devices w/o user login
• Client configuration and authentication process must not be too complicated

University of California, Merced | 5200 North Lake Road, Merced, CA 95343 | (209) 228-4400 | itweb@ucmerced.edu | Privacy/Legal Notice | © 2009 UC Regents