Submitted by David Sterling
Team | Business Areas of Interest | Accomplishment | Impact |
Enterprise Engineering | Workday | IdM live and running on Workday data | HR system of record changed to Workday. IDM has been working closely with HRIS to facilitate quick remediation for identity related issues in Workday. |
Enterprise Engineering | Various schools & depts. | Three ECM sites have been retired/removed from SharePoint 2013 — EHS, Radsafety and Brown-Dean | Continued progress to goal of implementing WUIT SharePoint Strategy |
Enterprise Engineering | Radiology | Completed BRML Radiology software load – 23 applications for final SITS subunit | Enabled final radiology subunit to move to SITS – Accounts |
Enterprise Engineering | Risk Management | Compled FSM for risk management from legacy medpriv to files.wustl.edu | Enabling decomission of legacy file server |
Enterprise Engineering | Infosec | Distributed out-of-band Windows Update for printing vulnerability to mitigate known vulnerabilities within Microsoft operating systems. No issues reported | Mitigated possible security vulnerability |
Enterprise Engineering | Infosec | AMP connection to Splunk competed. Events are flowing into Splunk and meetings scheduled to review. | Requested logs from AMP have been routed to Splunk for InfoSec to utilize for reporting. |
Enterprise Engineering | Software Licensing | Successfully installed a new version of the Mathematica License Server software on a new server; users are migrating over from the old license server to this new one. | Makes new version of Mathematica available to students and faculty |
Enterprise Engineering | Infosec | Worked with SOC to add the “wustl-secure.us” domain to InCommon, to enable SSL certificate requests for that domain, as part of the NIST 800-171 enclave project. | Allows WUIT to procure SSL certs for the Wash U secure enclave from InCommon, the preferred vendor. |
Enterprise Engineering | Infosec | Completed Phase1 deployment for WUSM ITSS Digital Guardian Project | Substatially completed software deployment of Digital Guardian agent to Windows Computers |
Enterprise Engineering | Campus Wide | Completed credential onboarding for WUIT Depot for WUSTL Secure Enclave | Gained valuable feedback on onboarding process and steps to improve process for customers |
Enterprise Engineering | Infosec | Splunk information is triggering automatic blocking upon detection of external hosts scanning Wash U network. | First instance of actionable intelligence from Splunk triggering instant, automatic blocking of malicious actors. |
Enterprise Engineering | Various schools & depts. | Sites implemented in JAMF to allow ArtSci and STS to do management for their groups. This is just one step of several to fully implement. Some build out in JAMF in progress to complete ArtSci access to do higher level task. Weekly meetings to ensure we are moving forward and meeting needs. | Both STS and ArtSci has reqeusted to self manage their devices in JAMF. Configuring and testing has been done in the test environment and configuration and testing of production environment taking place at this time. The ArtSci staff are testing and working with DE on access as they would like. |
Enterprise Engineering | Various schools & depts. | SharePoint migrations: Migrated SFSECM.wustl.edu to Azure and Protective Services to Teams and SPO. | Continued progress to goal of implementing WUIT SharePoint Strategy |
Platform Engineering | Various schools & depts. | Finalized purchase of SQL Server 2008 Extended Support for the third (and final) year. Remaining servers to be retired or migrated by July, 2022. | Ensure vendor support for legacy systems as the migration efforts continue. |
Platform Engineering | Department of Pathology & Immunology | Completed go-live for pathfiles.wustl.edu, the file sharing location for Pathology. A separate implementation was developed to enable Windows file indexing. Specific I/O (input-output) monitoring is employed to ensure appropriate performance. | Provides files services supported by WashU IT for the Department of Pathology & Immunology. |
Platform Engineering | WUSM | Completed retirement of SCCM system in the legacy ITC hosting environment. | Retired legacy support systems that have been replaced by WashU IT shared service offerings. |
Platform Engineering | Various schools & depts. | Completed automation of Red Hat Satellite tasks to streamline deployment and patching activities for WashU IT-managed Red Hat Linux systems. | Continued to improve the support environment for client systems hosted by WashU IT. |
Platform Engineering | Department of Otolaryngology | Completed onboarding of shared FileMaker hosting for Otolaryngology | Migrated client databases to the WashU IT shared hosting environment. |
Platform Engineering | Various schools & depts. | Completed emergency security upgrades for Serv-U FTP/SFTP hosts | Ensure secure environment for file transfer hosts. |
Platform Engineering | Various schools & depts. | Completed scanning and remediation of managed Windows hosts for PrintNightmare vulnerabilities | Ensure secure environment for print server hosts. |
Platform Engineering | School of Arts & Sciences | Completed deployment of CrowdStrike to server endpoints managed by Arts & Sciences computing | Enhance security capability for Arts & Sciences servers. |
Platform Engineering | Various schools & depts. | Completed configuration and allocation of 8 new Veeam backup server repository servers | Increase the capacity and performance of backup systems utilized by the WashU IT server environment. |
Platform Engineering | Public Health Sciences Division | Completed FileMaker hosting onboarding for Public Health Sciences. | Migrated client databases to the WashU IT shared hosting environment. |
Platform Engineering | McKelvey School of Engineering | Completed migration of McKelvey School websites from legacy dedicated web servers to WashU IT shared hosting services. | Migraged web sites to the shared WashU IT hosted environment to enable retirement of legacy web servers. |
Network Engineering | Brown School | Deactivated legacy brown school vpn profile on vpn.wustl.edu. | Migrated clients to more robust hardware providing better throughput and standard configuration. Improving their experience while also providing a more secure and supported platform. |
Network Engineering | RIS | Created new RIS – GCP route | Added functionality |
Network Engineering | RIS | Configured network hardware for Mass Spec WURN on-ramp for new construction project | Provided high speed data transfer network connectivty |
Network Engineering | Secure the WUSM Project | Worked with Project team and finished NAC Client support webpage: https://it.wustl.edu/items/accesswusm | Added instructions for Client on-boarding to areas that are in scope of the Network Access Control effort. |
Network Engineering | Chancellor | Completed network design for the chancellor’s office renovation | Refreshed network is on new hardware provding extended vendor support and future functionality |
Network Engineering | CMMC/CUI project | Completed the build out of the WUSTL-SEn lab at 4480 | Reached project milestone |
Network Engineering | CMMC/CUI project | Completed the install of the Meraki WUSTL SEn switch for Dr. Mitreva in support of the CMMC project | Reached project milestone on-baording client to the new WUIT Secure Enclave supporting the CMMC/CUI efforts. |
Network Engineering | WUSM | Deployed several Perfsonars devices to aid in performance testing within WUSM | Testing capabilies now exist for network engineers to test performance throughout WUCON. |
Network Engineering | Various schools & depts. | Supporting 80 active construction projects for both Danforth (25) and Medical campus (55). | Assuring that all new construction and renovations projects meet the IT requirements |
Network Engineering | Various schools & depts. | Completed on average 50 tickets/work orders (Blue Light, CATV, Telecom Work Orders, Cable Installs, Fiber Paths, Locates, UPS’s) | Suppport various schools and department requests and services |
Systems Operations Center | Work Day | Provided additional eyes-on-glass monitoring for the MyDay go-live | Ensured that infrastructure components supporting workday had health information available at-a-glance to minimize risk of project launch issues. |
Systems Operations Center | CFU-HR | Provisioned network at new site – Link in the loop (located at corner of Skinker and Delmar) | Ensured HR customers in new building had access to network, wireless, and voice services |
Systems Operations Center | Various schools & depts. | Built new servers for Internal Medicine (Cardiovascular App Server), ResLife (Sadevio Kiosk App), Informatics (All of Us Application), Desktop Engineering (Splunk Windows Endpoint Forwarder), Systems Operation Center (Prometheus), Information Security (Corelight) | Provisioned new computing services for various administrative, clinical, and research groups. |
Systems Operations Center | Res Life | Upgraded 37 network switches in the Danforth residential halls for lifecycle management to allow for security and feature enhancements. | High volume, rapid deployment before start of term. Optimized network performance and minimizes downtime and security risk to student residents. |
Systems Operations Center | Hardware support renewal | Assisted with racking hardware and configuring VLANS as part of the private cloud expansion project | Removed schedule blockers to project. Project will allow for continued growth of on-prem cloud services. |
Systems Operations Center | Infosec | Enabled SPLUNK notifications pilot for internet attacks against the university as part of the InfoSec blackhole router project | Ensured that Engineers are alerted if blackhole project begins to over-run univeristy routers. |
Systems Operations Center | Work Day | Worked with work day staff to monitor alerts and create incidents during go live | Helped work day staff focus on resolving issues |
Systems Operations Center | Work Day | Worked with work day staff to setup process and procedures on alerts that Command Center monitors | Worked with work day staff to make them aware of alarms during non business hours |
Systems Operations Center | Work Day | Created work day call list and updated the call list weekly after the first week of go live | Work day staff knew when they were on call going forward |
Systems Operations Center | EA | Created EA call list for AutoSys jobs related to work day HR and Finance in the CMS | EA created new autosys jobs for work day have a call list for the Command Center to follow |
Systems Operations Center | Payroll | Worked with work day and payroll staff to print checks from work day | WashU employees being paid by checks recieved their checks |
Systems Operations Center | Finance | Worked with work day and AP staff to print checks from work day | WashU vendors being paid by checks received their checks |
Systems Operations Center | Software renewal | Renewed software support for Red Hat, Java Service Wrapper | Keeping licensing updated for the support of applications and OS |
Systems Operations Center | Hardware support renewal | Renewed hardware support for physical servers | Keeping sherver hardware on support with third party vendor |
Systems Operations Center | Physical Assets | Retired the 4495 Xerox printer from the University Physical Asset system | Retiring old technology |