MENU

Status Updates


UM System wide outages can be found on the UM IT System Status website.

Current Outages

Currently there are no outages.

Upcoming Outages

 Campus Edge and Data Center firewall firmware upgrades (5/26/2018 10:00:00 PM - 5/27/2018 2:00:00 AM)

The campus edge and data center firewalls will receive firmware upgrades. This set will be minor upgrade sets 8.0.8 to 8.0.9 , with a larger upgrade potentially in early August if 8.1.3 ships before the first Saturday in August.

The campus network edge will see two brief 10 second outages. The data center will see two 30 to 60 second outages as routing re-converges.

 Panopto upgrade to 5.7 (6/9/2018 6:00:00 PM - 6/10/2018 11:05:00 PM)

On Saturday, June 9, UMKC Panopto cloud service will be upgraded to Panopto 5.7. This upgrade will require downtime:
• Sites will be updated from 6:00pm to 11:00pm.
• We expect up to five hours of downtime, beginning at 6:00 pm.

During the time UMKC Panopto is offline, you will not be able to access recordings on your server, and any attempts to upload from clients will result in a "Server unable to connect" message.

Past Outages (Last 72 Hours)

 Major core firewall change in Columbia could impact availability of resources/apps/websites on the UMKC end (5/20/2018 - 5/20/2018 12:00:00 PM)

Columbia is working on a major core firewall change this weekend that could impact any services on the UMKC end that reach out to resources behind the core firewall in Columbia. This outage is being posted to give our technical teams and end users a heads up about the possibility of service blips and outages on the Kansas City end as a result of this change.

Details below courtesy of Matt Hansen in Columbia:
There is a major core firewall change happening on Sunday, May 20, 2018 from 12:00 am – 12:00 pm. Networking will be replacing their Juniper Firewalls with Cisco Firewalls, which will require converting about 5,000 firewall rules to a different format. This work is being done under Change Management Ticket #31134, see attached email for details. Part of the ticket states, “ALL users and systems behind the current firewall will be impacted. Large parts of the network may be down for potentially extended periods. Some systems may require a restart to fully recover as all current connections will be broken and will have to be re-established.” Any connections across security zones within the DataCenter or any connections within the DataCenter from the outside will be affected and temporarily lose their connection. The overall effect is expected to be minor, but some systems don't handle loss of connectivity gracefully. Due to the large number of firewall rules being converted, it's likely that there will be some issues after the conversion.

 IPsec change to drop SHA1 and 3DES main-mode handshakes (5/19/2018 10:00:00 PM - 5/20/2018 2:00:00 AM)

IPsec at UMKC will be adjusted to drop SHA-1 and 3DES handshaking and encryption options. These are already set as lower preference, but will be removed to simplify the current IPsec configuration. We will also remove support for the older UM-Root CA which has been retired, and all certificates from that CA should now be expired. (new root was activated at the end of 2014, most certs were 3 year life cycle and should be expired now.)

No direct outage is expected, but connections to Domain Controllers will likely close and restart. Some machines that negotiated the lower security will need to renegotiate at the higher security.

 Blackboard Unavailable Due to Scheduled Filesystem Migration (5/18/2018 12:01:00 AM - 5/19/2018 2:01:00 PM)

Due to scheduled between-semester maintenance, including migration of the Blackboard filesystem, Blackboard will be unavailable for approximately 36 hours, beginning shortly after midnight on Friday, May 18th. Full services are expected to be restored by 2 PM on Saturday, May 19th.

We regret any inconvenience that this outage may cause. Due to the short interval between submission of SP2018 grades (May 15) and the first day of SS2018 classes (May 21), scheduling options were limited.

Current and Upcoming Change Management Notices

 Set the CredSSP group policy to raise security level (4/19/2018 8:00:00 AM)

Microsoft has pushed a fix for vulnerabilities in the CredSSP credential processing system in Windows. In order to make use of the fixes, we will be pushing a group policy change to enable this fix. This will be pushed April 19th, and will take affect at the next machine reboot, which should be no later than April 23rd for Patch-Tuesday updates.

Information on the CredSSP fix are available at:

https://support.microsoft.com/en-us/help/4093492/credssp-updates-for-cve-2018-0886-march-13-2018

We will set the group policy to 'Mitigate' on April 19th, taking effect no lather than April 23rd. We will set this to 'Force Updated Clients' on May 17th, taking effect no later than May 21st with the campus patch reboots.

Unpatched Windows systems will not be able to effectively communicate with patched Windows systems after May 17th.

The primary impact will be Remote Desktop sessions such as connections to Remote Labs, and connections to campus Faculty/Staff desktops from home. These home and non-University Windows machines should be updated to at least the March 2018 security updates to regain normal connectivity. Machines without these updates likely have other significant vulnerabilities, and updating should be checked if they are not connecting as expected.

 Firefox 60.0 ESR Campus Update (5/18/2018 5:00:00 PM)

Firefox 60.0 ESR will be replacing previous versions of Firefox on all faculty, staff, and lab computers to update campus to the newest ESR branch as well as addressing security vulnerabilities. The current deployed version is 52.7.1.

 Panopto Campus-wide Upgrade (5/18/2018 5:00:00 PM)

The Panopto client will be installed on all UMKC owned Windows and Mac workstations. Existing installations will be upgraded to version 5.6 to comply with Panopto's version requirements..

 Adding new handshakes for UMKC IPsec for Quick Mode connections (5/19/2018 10:00:00 PM)

A new set of secure handshakes will be added to UMKC IPsec for Quick Mode connections. This will allow stronger IPsec use. These changes will be made a week prior to dropping legacy settings, so that machines have time to smoothly transition to the new settings.

Specifically for Quick Mode, we will add:

Data Integrity - ESP - AES-GMAC-128 for integrity , and ESP - AES-GCM-128 for data integrity and encryption.

No outage is expected as this adds an additional setting, without removing any current settings. Some systems may close and restart currently active connection sessions, but will be near instant reconnect in most cases.

 PaperCut Application/Server Upgrades over Summer Intercession (5/21/2018 8:30:00 AM)

On 5/21/2018, all major print servers for both faculty/staff and campus labs will be upgraded to PaperCut 18.1 from currently installed version 17.3.6. This includes KC-PRINT2 (faculty/staff printing), KC-ISSS-LAB01 (IS labs printing), KS-ISSS-LAB02 (Athletics lab printing), KC-ISSS-LAB03 (SCE labs printing), KC-ISSS-ARCLAB (Architecture labs printing), and KC-BIO-LS01 (Biology labs printing).

This should take down each server for around 30 minutes during the upgrade. Each upgrade will be performed one-by-one.

 IPsec change to drop SHA1 and 3DES main-mode handshakes (5/26/2018 10:00:00 PM)

This is being pushed out one week, to allow for a change on the 20th to add new Quick Mode IPsec settings that need to distribute for a week before the next change occurs.

IPsec at UMKC will be adjusted to drop SHA-1 and 3DES handshaking and encryption options. These are already set as lower preference, but will be removed to simplify the current IPsec configuration. We will also remove support for the older UM-Root CA which has been retired, and all certificates from that CA should now be expired. (new root was activated at the end of 2014, most certs were 3 year life cycle and should be expired now.)

No direct outage is expected, but connections to Domain Controllers will likely close and restart. Some machines that negotiated the lower security will need to renegotiate at the higher security.

 Campus Edge and Data Center firewall firmware upgrades (5/26/2018 10:00:00 PM)

The campus edge and data center firewalls will receive firmware upgrades. This set will be minor upgrade sets 8.0.8 to 8.0.9 , with a larger upgrade potentially in early August if 8.1.3 ships before the first Saturday in August.

The campus network edge will see two brief 10 second outages. The data center will see two 30 to 60 second outages as routing re-converges.

 Fine Arts Building Network Refresh (5/31/2018 5:30:00 PM)

Information Services - Networking will be replacing the Access Switches (office network connections) and Distribution Switches (building network backbone) in the Fine Arts building. This upgrade will result in a intermittent loss of network connectivity for the offices in the building while the switches are being replaced.

 CentOS and Ubuntu Linux Major Versions Released (6/1/2018 11:08:00 AM)

This month, both CentOS and Ubuntu have done major releases for their latest version this month, which will upgrade over 500 software packages on all our Linux servers. We will be working throughout the month of May on installing these upgrades, into the dev servers first, and we may be reaching out to various key personnel to test things before we push these into the production systems by the end of May. All impacted Linux servers will eventually need to be rebooted to get everything copacetic. As always, we will strive to ensure minimal disruption to services and system availability with these updates and reboots.

 Upgrade KC-ISIA-SQLPRD1 to 2016 (6/2/2018 9:00:00 PM)

Upgrade SQL Server on KC-ISIA-SQLPRD1 TO VERSION 2016 FROM 2014.