macedonian customs administration it survey
DESCRIPTION
Macedonian Customs Administration IT Survey. Equipment. Description of servers, workstations, laptops and similar: the type, brand name, approximate date of manufacturing, processor architecture/type/speed, RAM, HDD capacity, available interfaces. Equipment. - PowerPoint PPT PresentationTRANSCRIPT
Macedonian Customs Administration
IT Survey
Equipment
Description of servers, workstations, laptops and similar: the type, brand name, approximate date of manufacturing, processor architecture/type/speed, RAM, HDD capacity, available interfaces
1 Server Compaq ML350 2000 2xP-III 800MHz
512 MB 9 – 36 GB SCSI 15
2 Server Dell 6300 1997 2x P-II 512 MB SCSI RAID 18 GB
3
3 Server Dell 1300 1997 P-II 64/128 MB
4.5 – 18 GB SCSI
17
4 Server IBM x205 2004 P-IV 512 MB 36 + 72 GB 1
5 Server IBM Netfinity 3000 2003 P-IV / / 1
6 Server HP 2004 P-IV 512 MB 1
7 Server IBM x346 2006 P-IV 3
8 Server Alpha ES45 2004 AlphaCPU 1.25GHz
16 GB 36 GB 1
9 Server Alpha ES45 2004 4xAlphaCPU 1.25GHz
32 GB 18+72 GB 2
10 Server Compaq DL380 2004 P-III 1.2GHz 1.2 GB 2x18 GB 2
11 Storage Compaq 2004 / / 120 GB 1
12 Storage Compaq Storage Works 4354
2004 / / 10x72 GB 1
13 PC Compaq Evo D310/D510
2004 P-IV 1.7/2.0 GHz
512 MB 40 GB 270
14 PC HP dx2000 2006 P-IV 3 GHz 1 GB 80 GB 50
15 PC Compaq 2000 P-III 800 MHz
64 MB 20 GB 130
16 PC Dell, IBM, other 1995+
P-II 32 MB 6-20 GB 20
17 PC Fujitsu Siemens 2007 Dual core 512MB 80 GB 260
18 Laptop HP 2007 Core2Duo 1GB 80 GB 15
19 Laptop Compaq, HP 2003+
P-IV 256-1 GB
36-72 GB 30
20 Server HP ProLiant DL360
2007 Xeon 3GHz 1-4 GB 146-512GB 3
21 Server HP Integrity rx6600 2007 2xdual core 64 Itanium 2
16 GB 8x73 GB 1
22 PC Online daten 2008 Dual core 1 GB 80 GB 105
Equipment
printers, scanners and all other devices: the type, brand name, approximate date of manufacturing, available interfaces
Type Brand Man. Interfaces #
1 Laser printer HP 2200, 1300 2004+ Network 70
2 Printer Epson LQ 300, 570, 1070
1997+ Serial 100
3 Printer Oliveti, Minolta, other
1997+ Different 50
4 Scanner HP ScanJet 5550 2004 USB 20
5 Laser printer Xerox PHASER 2007 USB,Eth 40
6 Scaner Xerox 2007 USB 20
Equipment
purchased from EU-funds?
2008, 105 PCs, 30 printers, 18 routers and network equipment, projectors, 25 CCTV Speed dome cameras...
Equipment
The preventive maintenance is performed in the following areas and on the basis of the following rules: Preventive maintenance of PC’s, peripheral equipment and network is done by ICT Sector staff, on every visit to the customs office or department (minimum once in 2 months). Servers are monitored on daily basis.
Corrective actions are performed by our staff
Networking and installations
LANs (Local Are Networks) within MCA: 40
Topology: Fastethernet Number of nodes: 40
Type Brand Man. Loc. #
1 Router Cisco 1751 2003 Different 22
2 Router Cisco 2811 2007 Different 18
3 Router Cisco 3600 2003 HQ 2
4 Router Cisco 3660 2003 HQ 1
5 Router Cisco 3825 2007 HQ 1
6 Switch Cisco 3750 2006 HQ 8
7 Switch Cisco 2950 2003 Different 20
8 Switch 3-Com, Intel, other 2001 Different 10
9 Firewall ASA 5510 2006 HQ 1+failower
10 Firewall Sonicwall G250 2003 HQ 2 (outdated)
11 Firewall Sonicwall SOHO3 2003 Different 30
12 Switch Cisco 2960 2007 Different 9
Networking and installations
Interconnection and connection type.
- all locations are interconnected: BCPs and airports through SDH (MoI);
and FrameRelay for backup Inland CO through VPN; Internet
(IPSec) Some locations use PPP connection
Networking and installations
Protection from power breakdown
UPSes used from different vendors, with different year of manufacturing, most of them recharged. All critical network and server equipment is powered through UPSes, some PCs also.
Power generators in MCA HQ and also in several BCPs.
In the HQ, there is separate power line for the devices mentioned.
Software and databases OS-es in use
For servers: Tru64UNIX, Unixware, Windows 2000, Windows 2003, RedHat Linux, AIX;
For PCs: Windows XP and Windows Vista; software tools in use (office suites, graphic editors, etc.),
- Oracle development tools (form designer, reports), Visual Studio, Java tools;
specific software in use , - Asycuda 1.17d- Customs Declaration Processing Software; - Other in-house developed software for next purposes: - Customs offices daily registers, - Internal customs warehouses, - Quota management; - Customs guarantee management system;
Software and databases antivirus software in use
- Trend Micro; databases in use (type, architecture, users)
Oracle 9i/Tru64UNIX/8 CPU licenses Informix 7.22/Unixware2.1.3/40 server
licenses MS SQL 2000/Windows 2000/1 server
license MS Access/WindowsXP/ different number od
users
Software and databases - All PCs are with licensed OS (Microsoft), all servers and
databases are licensed.
- Software is localised (i.e. it supports Macedonian language, Cyrillic alphabet), where applicable, e.g. OS for PCs and customs software;
- For Asycuda system (Unixware, Informix, Asycuda server/client) ICT Sector is responsible, for PC OS and Office suite also, other software installations depend of the software developer.
- According to ICT general policy, the ICT Sector has already started implementation of security policy through Active Directory (LDAP) to limit the personal user installation.
Documentation, Procedures, People and Education – organisational structure
ICT Sector(38 - 21)Assistant Director
Development department (7 - 7)Head of Dep. (1)
Application support department (12 - 5)
Head of Dep. (1)
Technical support Department (18 - 8)
Head of Dep. (1)
Application Developer (4 - 4)
Help Desk operator (2 - 2)
System engineer for OS and IT Networks (1 - 1)
OS Administrator (2 - 1)
Network Administrator (1 - 0)
Network operator (1 - 1)
System engineer for databases (1 - 1)
Database Administrator (1 - 0)
User Support Unit (6 - 2)
Head of Unit (1)
PC technician (5 - 2)
IT Security Unit (4 - 1)
Head of Unit (1)
IT Security Administrator (3 - 0)
Statistics and analytics Unit (3 - 1)
Head of Unit (1)
Applications adminsitrator (6 - 1)
Project Manager (2 - 2)
Data warehouse and analytics
administrator (2 - 0)
ICT Sector
Documentation, Procedures, People and Education) The technical support department is responsible for
any kind of ICT equipment relocation. The decisions are made with consensus, the job is physically done by department staff, reconnection also. For bigger, more complex relocation, different companies are engaged.
About 900 people use IT equipment There are about 600 PCs, each employee in HQ
uses PC, the PCs in customs offices are shared among staff.
The training is organized on demand, by the training department.
Security of data and communication
Back Up○ The backups are made on daily and weekly
basis for the databases.○ The technical support department is
responsible for ensuring the implementation of an effective back-up strategy for server-held software and data.
Security of data and communication
Anti-Virus Protection○ As a part of general ICT policy, the antivirus
application is implemented on each PC in the corporate network;
○ User support unit is responsible for the implementation of an effective Anti-Virus protection.
○ 500 antivirus user licences.
Security of data and communication
Passwords and accounts○ Network, servers (OS), databases, e-mail, … are
password-protected? ○ There are restrictions for the passwords creation.
(minimal length, composition of letters & numbers etc.)
○ User support unit is responsible for creation of network and e-mail accounts and system permissions
○ User support unit, application support unit, based on information provided by HR Sector are responsible for removing or changing user accounts
○ There is general policy; the access to the system and the privileges are defined according to job position.
Security of data and communication
Encryption On network level (point to point) there
is secure tunnelling
E-mail/Internet
We have leased line Internet connection with 5Mbps
Two pool of public IP addresses Two DNS Servers -All section in Customs Administration
Headquarters and heads of Customs Offices have access. Content filtering is implemented.
By using firewalls and intrusion prevention system networks are protected from the potential attacks from the Internet.
E-mail/Internet
Users have access only for http and https ports Restriction for all executable and compressed file (exe,
bat, rar, zip ect..) Restriction for all audio and video file (mp3, avi, mov,
ect..) We use 32 public address for our public services (web,
smtp, pop3, NAT for Asycuda servers) We monitor continually statistics about, but we don’t
research use and content of e-mail accounts. There is random examination of users Internet activities, performed by IT Security staff.
Special equipment Container examination and X-ray facilities Trace-Particle Detectors and/or mass
spectrometers Closed Circuit Tv (CCTV) and (ANPR)
There is active system with 240 cameras.
25
Questions and Suggestions?