File System Access Management Workbench

Transcription

1 ` Service Definition File System Access Management Workbench Version 1.0 Signoff: Name Role Signature & Date Mark Fortini Director, IT infrastructure Services Page 1 of 20

2 Document Control Information Document Change History Version Date Last Revised Author Change Description November 2010 Wilfredo Trinidad Initial Draft December 2010 Elena Trajkovska Updated with Ellington details December 2010 Elena Trajkovska Finalised with reviewer s comments Distribution and Acceptance Version Recipient Date issued 1.0 Approval Page 2 of 20

3 Table of contents Purpose of this document... 4 Service Definition Structure... 5 Service Support... 5 Periodic of review... 5 Enterprise File Service Description... 6 File System Access Management Workbench configuration... 7 Enterprise File System support services... 8 File System Access Management Workbench - Service Targets Enterprise File Service Reporting and Charging Appendix A Page 3 of 20

4 Purpose of this document This document defines the scope, service components and support services for the File System Access Management (FSAM) Workbench. Page 4 of 20

5 Service Definition Structure The Structure is designed to enable the clear and accurate definition of services. The structure: Service Support Enables the definition of both simple and complex services Creates clarity by clearly defining what organisational/functional units are involved in delivering and maintaining this service Enables clear communication of service targets associated with different service elements Consists of a defined list of activities, resources and/or processes that are offered by the IT organisation to support the Services customers use. Periodic of review Once this Service Definition is approved by IT at UNSW it will form the initial baseline for future service renewal. Validation of the targets listed in this definition will be reviewed by the Service Management Office after 6 months from acceptance of the initial definition. Monthly performance reports will be provided; however a realistic operational time frame is required to gather quantitative data before a review is recommended. All service reviews will be conducted on an annual basis once the 6-month review is complete. The Service Management Office is accountable for initiating this review and managing service improvement opportunities through to a successful conclusion. Page 5 of 20

6 Enterprise File Service Description Service Item Details This section provides information on the service name and ownership. Service Name Service Group Service Description File System Access Management (FSAM) Workbench IT Infrastructure The access management workbench is the entry point for listing and selecting groups for modification. It can also be used for creating a user defined cohort. The objectives are: to automate provisioning of file service access to end users based on registration in PeopleSoft HR; to reduce number of service requests relating to file system access and security management; and to reduce need for direct access to core Active Directory structures. Service Components Description This section provides information on the components that make up the service offering. Synchronisation Service Management Group Search and Listing Service User Defined Cohort (UDC) Group Creation UDC Group Membership Management Approver Form This service is used to manage data synchronisation between AD and FSAM for both FSAM Person and Groups Structures. Data flow will be logically in one direction, from AD to the FSAM portal via the Synchronisation Service Metaverse. The group structures that are subject to synchronisation are: IDM groups, Org Groups, UDC Groups, TASK_ONE Groups, ROLE_MBY_Groups. The workbench itself allows a user to search for a Role MBY, UDC or Org Group. It can select a Role MBY, UDC or Org Group to gain access to the group maintenance form. Creation of a UDC via the UDC creation form. The membership form allows users to specify the group members. The group managed selection form allows a user to specify a number of the members as the group managers, or alternately, select an existing group to manage this group. This facility processes the request form with a link to a web page that displays the request details and provides the option to accept of decline the request. Service functionality Description This section provides advice on specific functionality offered on this service. User and Group Synchronisation Used to manage data synchronisation between AD and FSAM for both FSAM Person and Group Structures (IDM Groups, Org Groups, UDC Groups, TAS_ONE Groups, ROLE_MBY_Groups). Page 6 of 20

7 File System Access Management Workbench configuration Active Directory File System Access Management Managed by Selection Form File System Access Management Workbench User and Group Synchronisation New UDC Group Request MembershipForm Transfer new groups to AD Page 7 of 20

8 Enterprise File System support services The Enterprise File System is supported by the following IT organisational units. First Level Support Service Centre Second Level Support IT Faculty Delivery Services WinAD System Owner Director, IT Infrastructure Monitoring and Reporting Service Management Office Third Level Support Delivery Services WinAD Fourth Level Support External SMEs Microsoft, ellington Page 8 of 20

9 Service Centre Inclusions and Exclusions All support and requests for service must be channeled through the Service Centre. The Service Centre will provide 1 st level support and coordinate 2 nd and 3 rd level technical/functional support where necessary. Incident Management Provide first level support for File Service related Incidents Service Request Management Log service requests and assign to appropriate support team, request include; o Folder Access o Request for a new File System o Request for a significant increase in volume requirements o Request for a User Defined Cohort o Restore of files Contacting this Support Service The Service Centre can be contacted on or access the IT self help portal The Service Centre support hours are 8:00am to 8:00pm Monday to Friday, excluding public holidays. WinAD Support Inclusions and Exclusions Considered the highest technical escalation point and subject matter experts (SME). This level also facilitates supplier related technical support and resolution. Inclusions File System User Administration File System Security Administration Volume Management and Reporting Failover Management Windows updates / hot-fixes Problem Management Service Enhancements Active Directory Services (DNS, DHCP etc) Group Policy Driver/software updates as applicable Basic Operating System or Active Directory issues Patch testing and assessment Maintenance Operational support tuning Attend service performance reviews when required Page 9 of 20

10 IT Faculty Inclusions and Exclusions Provides business issue support Inclusions Policy and business enquiry support Liaisons with all level support teams. Ellington* (External Vendor) Ellington is the external vendor for support of the Workbench application. Inclusions and Inclusions Exclusions Logging and tracking all issues registered through the UNSW Service Centre; Logging, responding to and tracking any training related items registered through the UNSW Service Centre; Investigating issues related to code, and core application failure; Handling changes to the application such as enhancements or new features through a formal change request process; Reporting monthly on SLAs detailing the service activities undertaken within the period. *Please refer to Appendix A for SLA between Ellington and UNSW. Data Centre Operations Inclusions and Exclusions Provides operational management of the physical infrastructure and IT at UNSW data centre facility. Inclusions Data Centre management and operations Failover Data Centre management Monitoring and Reporting Attend service performance reviews when required Page 10 of 20

11 Service Management Office Inclusions and Exclusions The Service Management Office (SMO) provides non technical support for the Enterprise File Service and is accountable for the monitoring and reporting of all authorized production services as listed in either the UNSW service catalogue or change transition project to production service definitions. Inclusions Facilitates service restoration during significant incidents. Facilitates annual service review and updates Service Definition where required. Manages the approval process for production related changes. Administers IT at UNSW s CA Service Desk tool Updates call management tool with new service requirements. Provides service reporting to key stakeholders Page 11 of 20

12 File System Access Management Service RASCI matrix Below is the RASCI Matrix for the critical elements of this service and the teams that deliver this service. RASCI stands for: Responsible: that is the person who is owner of the problem/project Accountable: that is the person to whom "R" is Accountable and is the authority who approves to sign off on work before it is effective Support: that is a person who provides resources or plays a supporting role in implementation Consulted: that is a person who provides information and/or expertise necessary to complete the project Informed: that is a person who needs to be notified of results but need not necessarily be consulted High level task Service group Description Director, Infrastructure Ellington IT Faculty WindAD Team /Data Centre Operations Desktop Team Service Centre Service Management Office Owner of the service I S S S R, S S S A Is the primary custodian of the end to end service and its performance. Manages Requests / Incidents through to resolution. Provides service reporting, integrity management and reviews of this service Manages Serious Incidents I, A R, S S S S S S I R, S A I I S I S A Monthly reporting based on figures collected from CASD and the Enterprise File System Facilitate a solution that provides File Service availability. This includes the provision of process such as change management to protect service integrity. R, S S S S S S S A Facilitates service restoration during significant incidents Page 12 of 20

13 File System Access Management Workbench - Service Targets The service targets described here relate to the File Service only, installed and managed as a hosting service Tier 1 product. All File Service targets are managed through the standard priority targets within the Service Centre. Service Availability target Category Availability Tier 3 Measures 98.5% availability over a calendar month (3.25hrs unplanned outage) excluding any planned and pre-agreed outages. Incident Management All support and Requests for Service are channeled through the Service Centre. The Service Centre will provide 1 st level support and facilitate and coordinate 2 nd level technical/functional support. The WinAD team is responsible for managing 3 rd escalation and resolution. The following priority codes are used when a call is logged with the Service Centre. Support Service Levels Priority Code Description Response Time The time between logging the incident and start working on a solution. Resolution Time The time in which a solution to an incident must be implemented 1 Priority 1 - A major production outage, performance degradation, or instability causing significant impact to the University community or associated Workgroups. 2 Priority 2 - A large number of staff or students are impacted. Entire office, department or school is experiencing similar problems. Small number of staff or students cannot utilise mission critical applications Not Applicable The call is logged and escalated immediately to the appropriate resolver group and incident manager within 1 hour. Not Applicable Within 8 standard support hours from initial logging of the incident or request. Ellington* will provide 2 hrs response time. 3 Priority 3 Staff or student unable to access or recall individual files that impacts their ability to function as required *Please refer to Appendix A for SLA between Ellington and UNSW. Service Centre will provide immediate first level support with the intention of providing a permanent solution or facilitating a workaround. Within 16 standard support hours from initial logging of the incident or request Ellington* will provide 3 hrs response time. Page 13 of 20

14 4 Priority 4 - Individual request or incident that does not impact staff or student ability to function as required. i.e. minor configuration changes Service Centre may provide immediate first level support with the intention of providing a permanent solution or facilitating a workaround. Within 40 standard support hours from initial logging of the incident or request Ellington* will provide 3 hrs response time. VIP VIP - Each contact has a VIP flag and if this flag is activated the priority of the ticket will automatically be set as VIP. Customers holding the following positions are considered VIPs: Academic Staff - Deans, Associate Deans, Head of Schools, Faculty General Managers; General Staff - Directors and Above, Chancellery. *Please refer to Appendix A for SLA between Ellington and UNSW. The call is logged and escalated immediately to the appropriate resolver group and incident manager within 1 hour. 1 day Ellington* will provide 3 hrs response time. Page 14 of 20

15 Enterprise File Service Reporting and Charging Reporting Reports Included Report Frequency Reports Generated For Charging Model Frequency Service Pricing Yes Monthly IT Directors and Managers, Infrastructure and Technical support team leader Charging There is no charge for this service. N/A There is no charge for this service. Page 15 of 20

16 Appendix A Page 16 of 20

17 Page 17 of 20

18 Page 18 of 20

19 Page 19 of 20

20 Page 20 of 20