23 August 2005

More streaming media

Work on live and on-demand video streaming being done in the Division may be useful more widely.

Last week the contractor working on streaming media in the Division met with representatives from the ANU and AARNet to discuss live and on-demand streaming media. AARNet is a part of the ResearchChannel initiative, a University of Washington project that provides educational and research television programming to a wide section of the US community via nationwide satellite, cable and internet networks. The internet service is available internationally. AARNet aims to provide a similar service in Australia by enabling Australian science and education institutions to create, archive and transmit their own television material. The result being one (or more) full-time TV channels focused on promoting Australian research and education, particularly to the Asian markets.

It looks like the work being done here will be extremely useful to the ANU and to AARNet to make an Australia ResearchChannel viable.

Network issues

Recent changes to the University network have restricted previously-available services to help stop malware on Windows PCs.

First, a definition. A “port” in network terms is a “logical connection place” where a program on a user’s computer connects to a server program. Ports are referred to by numbers, like port 25 (email programs communicate with email servers using port 25, among other ports), or port 80 (Netscape gets pages from World Wide Web servers over port 80 (usually)). As well as these and other well-known and standard ports, other server and client applications use dynamically-assigned ports to “bind” to in order to communicate with each other over the network.

Malware often exploits open ports by opening a connection between an infected computer and other devices on the internet without the user’s knowledge (on Windows computers anyway: most ports on Macintosh computers are closed by default and are only opened by the user initiating a particular application or service).

The University recently closed down most network ports in response to compromises to the local network from outside. Only known services (like official web and email servers) were allowed to continue to operate. ICT Services asked that where these restrictions prevented services from operating, contact them and the issues would be investigated.

Desktop video conferencing services like Apple’s iChat AV and Marratech eMeeting use a range of ports to dynamically connect participants through text, audio and video links. In order to create a good connection between users who might be on the other side of the world (and often are: that’s why these systems are popular), the various computers involved negotiate a “good” set of ports for each service from the wide range they might use.

iChat AV and eMeeting are (or at least were) used by staff to communicate with off-campus colleagues and collaborators. When the University's IT Security Officer was asked to open the ports used by iChat AV up again he declined, saying he was unhappy with the requirements and suggested there might be alternative more secure (but unnamed) solutions available.

While we had some success with eMeeting before the blocks were implemented, we haven't been able to commission the service since the ports were blocked and have stopped working on it until the ports it uses become available again.


Proximity cards will allow students greater access to some Divisional facilities.

Over the next month University contractors will be installing CardAX access to a number of rooms in Building 5 and Building 9. Security has advised us that there will be some noise and disruption associated with the installation of the card system when the installations begin in two or three weeks time. The contractor has been asked to keep the noise and disruption to a minimum but expect drilling, hammering and dust.

Please bear with this short-term pain in order to enjoy the longer-term benefits of giving students greater and more convenient access to Divisional facilities.

Proposed lab rules (based on existing practices and the new situation) that will govern the rights and responsibilities of the staff and students accessing the facilities are being developed and will be presented to the IT & Infrastructure Committee for discussion at its next meeting.

09 August 2005

Technology Triage

How do you prioritise your work?

The Technical Services Unit is developing a draft Service Level Agreement to discuss with the Division so that there can be a clear understanding of the role of the TSU.

As a part of the internal discussions within the TSU in relation the proposed SLA, how requests are prioritised has received quite a lot of attention.

Under ITIL (Information Technology Infrastructure Library) Service Management practice, there are ‘incidents’ [“Any event which is not part of the standard operation of a system that causes, or may cause, an interruption to, or a reduction in, the quality of service.” Remedy Implementing ITIL Best Practices http://www.remedy.com/solutions/documents/white_papers/wp_itil.pdf accessed 9 Aug 2005], and there are ‘change’ requests [“The addition, modification or removal of approved, supported or baselined hardware, network, software, application, environment, system, desktop build or associated documentation.” ibid.]. During one of our discussions, a TSU staff member came up with the suggestion that hospital triage procedures might inform us of how better to assess ‘incidents’ in order to more effectively deal with them in the context of the Division’s needs to keep its processes operating.

According to wikipedia, the word triage comes from the French word trier, "to sort". Much of the credit for modern day triage has been attributed to Dominique Jean Larrey, a famous French surgeon in Napoleon's army who devised a method to quickly evaluate and categorize the wounded in battle and then evacuate those requiring the most urgent medical attention. He instituted these practises while battle was in progress and triaged patients with no regard to rank.

After the 9/11 destruction of the World Trade Centre buildings in New York, the term Technology Triage came into use in relation to dealing with getting companies that relied on technology back into business, asking such questions as what is mission-critical for your organization? And what technology supports those functions?

The TSU is now looking at both medical and technology triage practices to help it develop an agreed way to classify incidents as they arise, based at least initially on the START (Simple Triage and Rapid Treatment) system developed at Hoag Hospital in Newport Beach, California.

So far we have come up with five categories of incidents with some associated signifying colours:





Send elsewhere: not our responsibility (although the TSU will manage the transfer).


Has to be dealt with now.


Can be dealt with later.


Can be dealt with now or may be delayed.


Minor injuries; first aid and home care are sufficient, a doctor's care is not required.

The TSU is currently working out how to determine which incidents fall into which category: quite an educational experience for the members of the group. There may be a need to change the nomenclature, especially in communication with a client, to ensure that the client feels that their request is being dealt with properly, but as a point of departure for the TSU the technology triage concept is proving enormously successful.

Managing requests for change is yet another matter, but if we improve incident management we can then move on to managing change.

Printing in the Division

Looking for better ways to provide services to the Division.

As a result of our investigations into printing in the Division to establish some benchmarks for the design of a replacement program for the current aging stock of Divisional printers, the Technical Services Unit has implemented a remote monitoring system for the existing stock of networked printing and photocopying devices (at least those that can be connected to the network).

The present temporary system is now tracking some 50 printers and multifunction devices and further refinements are in progress, such as finding additional printers that aren’t in the list for any reason, seeing which vendors’ software gives us the best view of the devices (and supports other vendors’ devices as well as its own), and setting configuration options to give us a better understanding of the devices we are looking at.

Experience so far has reinforced the view that the development of a remote monitoring system not just for printers and multifunction devices but for all networked devices is way overdue: with proper monitoring the Technical Services Unit can become more proactive in managing issues as they occur, or even anticipating potential problems before they occur and preventing them from happening. For example, we can now see the percentage of toner remaining in the cartridges installed in most of the newer devices around the network, and can replace it before the it runs out, or advise the person responsible (in the case of multifunction devices, for example) that they need to monitor the machine in question.

It has also demonstrated that we must assess the capability of any proposed additional or replacement devices to make sure any such device will fit in with modern network-based monitoring facilities, particularly a single monitoring solution that can be used to monitor all the devices on the network.

The TSU is assessing network monitoring systems available from several different vendors to establish which ones provide us with the sort of flexibility we want before a final recommendation will be made. Although most of these monitoring products are free, such a decision will have an impact on the brands and types of devices we buy in the future, because we will want to be sure any new device fits in to the one monitoring scheme.

We intend initially to target for replacement some older printers and other devices that don’t fit in with any system so that a better service can be offered. Based on the current experimental system we will be able easily to provide regular reports on the scope and spread of printing (and eventually photocopying as photocopying devices become networkable) across the Division.