Month: October 2014

Office 365 Proposed Architecture

 

UConn’s transition to a cloud-based email system marks a significant move to improve email services for faculty and staff. In order to take full advantage of the increased availability and accessibility of the system, UITS is proposing the following architecture for the systems involved in delivering email:

365Architecture

Authentication Systems will be handled by Office 365. The user account and password will be synced from the University Active Directory, allowing you to use your email address and netid password to sign in. This eliminates the dependency on infrastructure at the University, if there is an outage at the University, users can still access Office 365. As the system is synced with our local identity management system, accounts will be created and removed automatically based upon the users status within the payroll or student admin systems.

The vulnerability of this design is that if UConn’s campus resources are unavailable then the Office 365 services will become inaccessible. Therefore, UITS is planning on building geographic diversity into the design by implementing authentication servers at a partner site (such as UCHC or BEST) or a cloud-based system (such as Azure or Amazon). At least one ADFS server should be planned for an offsite location.

Directory Services are provided by Microsoft. However, in order for Microsoft to provide meaningful and up-to-date data, we must provide data to integrate into the Office 365 director. Account information (username, phone number, department, etc.) are sent to Microsoft through a service named DirSync. As changes to local identities are made, DirSync will ensure the changes are reflected in Office 365.

mail flow graphic

Mail routing will require some traditional services to be hosted at Storrs. SMTP services and the University’s Personal Name service will be hosted at Storrs. A major constraint driving this recommendation is that UConn email does not have a single destination – Student email is hosted at Google, and some University departments and units maintain dedicated email services. To ensure proper routing for these various systems all University mail will need to be routed through Storrs.
In order to build redundancy in to this system, SMTP services will be hosted offsite.

Hardware required to provide these services is expected to be 2 DirSync servers – 1 offsite and 1 onsite. In addition, DirSync requires MS SQL, so an additional server will be installed alongside of the DirSync servers. In addition to our existing SMTP infrastructure, 2 additional SMTP servers are planned to be installed in our offsite location. 2 ADFS servers will be provisioned, 1 onsite, 1 offsite. In total, the hardware required to run these services is approximately 10 CPU’s, 40 GB’s of memory, and under 1 Terabyte of storage total, including the off site servers.

In order to maximize diversity and availability of our onsite authentication systems and mail routing, Active Directory domain controllers and SMTP servers will be installed at the MSB and HBL data centers.

Ultimately, if this design is realized, the expected outcome of a Storrs-based power or service outage will result in a short amount of downtime as the offsite systems are moved into an active state.

 

Microsoft Office 365

UITS has launched an initiative to explore a Microsoft Office 365 service offering for the University of Connecticut.

Microsoft Office 365 has the potential to enhance individual productivity and facilitate collaboration. It would provide significantly larger mailboxes, Office sharing and interaction tools, text and video chat, one terabyte of personal cloud storage, and other useful features.  We are currently in the research phase of the project and will reach out to request your feedback throughout the process.  Your insight and perspective will be critical to the successful development of an efficient design that maximizes the service potential for our community and an effective implementation plan that minimizes disruption during transition.