Over the next few months the IT Department will migrating from our current Asterisk telephone switch to Freeswitch.  Both platform are open source and run on Linux, but Freeswitch is designed to be more stable and can handle a bigger load.

Right now we are just in the testing phase, but over the next few months few will be notifying the rest of Sage on both our progress and when end user testing will start.

Some of the new features we will be getting with Freeswich:

  • Phone switch redundancy, One in Albany and one in Troy.
  • Centralized Fax Server
  • Distributed resources

Over the last few days, some of Sage’s external facing websites (sagetube.sage.edu hit the hardest) have been flooded with DOS (Denial of Service) type traffic originating in China.  This occurs because China has a national Firewall, “The Great Firewall of China”, and the government uses this firewall to prevent its citizens from accessing  certain websites.   Instead of just blocking the sites outright, they simply redirect traffic to the wrong destination.

For example, if a Chinese citizen tries to go to facebook.com, the firewall in China will redirect the traffic to the IP address of sagetube.sage.edu.  This has a two-fold effect, the user in China gets a “Page can not be displayed” error  and our web servers get overwhelmed by having to process thousands of requests. We get overloaded, which causes a DOS.  All legitimate traffic either stops or gets very slow.

If you are interested, there is a page that checks what sites are being blocked by “The Great Firewall of China”.



John Harris

Director of IT

images - Copy (2)


This email is to update the Sage Community about the Papercut (printing/copying) project.


  • Starting next Wednesday users will be able to charge any account they have access to.  After you print there will be a popup that will allow you to enter your department number.
  • There are a few printers left to be deployed and we are hoping to have those completed by next week.
  • You can now manage your printing online by going to http://papercut.sage.edu and logging in with your Sage credentials.
  • If users want to add money to their personal printing account, they will have to go to the library desk and ask a staff member for help.  We are hoping to implement an online solution in the near future
For General information about Papercut and how it works, please view the following articles:




We will be performing an upgrade to all WordPress sites this Thursday at 10PM

We have a new centralized WordPress Management Server (InfiniteWP), which allows us to upgrade all WordPress sites at once.  It is open source software that we host at Sage.

Here are some of the features:

One key to complete WordPress management

InfiniteWP brings all your WordPress management needs under one window. You can keep adding an unlimited number of sites and manage them with a few clicks. You may never have to use the WordPress dashboard again. Once integrated, InfiniteWP gives a complete bird’s eye view of all your WordPress sites. It makes it easy to backup, manage plugins and themes across multiple WordPress sites.


Update everything in just a click

The Update All button in InfiniteWP makes it simple and easy to update everything across multiple WordPress sites directly from the admin panel. Stop wasting time updating individual plugins and themes manually in each website separately. You can update your WordPress sites plugins, themes and the WordPress core in just a click. So the next time when you want to update multiple WordPress sites, it’s going to be just a single click and it’s done.


Your time machine for WordPress

With InfiniteWP backup and restore, you get an easy-to-use reliable WordPress backup solution for free. Just hover over the site, click Backup Now and select the components to backup. And, it’s done. Backing up your WordPress site couldn’t be any simpler. Never worry about losing your data ever again. If you run into some trouble with your WordPress site, just hit Restore and your WordPress site will be back up and running in a few minutes.


Effortless Plugins and Themes management across all your WordPress sites

InfiniteWP makes it easy to manage your plugins and themes across multiple WordPress sites. You can view plugins installed on each site, search and install plugins and themes from the WP Plugin repository and activate / deactivate / delete plugins in bulk across multiple sites.


All Information is taken from the InfinteWP site, https://infinitewp.com




We are very excited to bring you an upgrade to our remote file storage application (cloud.sage.edu).  The upgrades brings lots of new features as well as much needed stability.  With our new Cloud server we will be moving everyone’s “Home” directory to a new bigger faster file server.  This new file server will allow seamless integration with Cloud.

You will still be able to use your current H drive (home drive) during the migration, but the cloud server will be down until all user data has been migrated to the new file server.   You will know your data has been migrated when you receive an email like the one below. Once your individual information has been moved, you will need to log off and back on to all your windows sessions to be connected on the new server.


  • Improved speed and stability
  • Increase in storage to 10GB
  • Uses Sage Credentials, easily share with other Sage members.

Access Your Data

With Cloud.sage.edu you can store your files, folders, contacts, photo galleries, calendars and more on a server of your choosing. Access them from your mobile device, your desktop, or a web browser. Access your data wherever you are, whenever you need it.

Sync Your Data

With Cloud.sage.edu you keep your files, contacts, photo galleries, calendars and more synchronized among your devices. One folder, two folders or more – get the most recent version of your files with the desktop and web client or mobile app of your choosing, at any time.

Share Your Data

With Cloud.sage.edu you share your data with others, and give them access to your latest photo galleries, your calendar, your music, or anything else you want them to see. With or without password or time limit. Share it publicly, or privately. It is your data, do what you want with it.

Sample email during migration

Hello %username%;
Your home drive (H: Drive) has been migrated to our new file server.  Our new server integrates seamlessly with our remote file access server, cloud.sage.edu.What does this means for you?

  •  We have increased your storage from 2GB to 10GB
  • All of your files have been migrated to a faster more secure server.
  • All files will be waiting for you in both your “Home Drive” and on cloud.sage.edu (once all user files have been migrated).

The only action required on your part is for you to log out of all Windows sessions and then, log back in and your new “Home Drive” will automatically be mounted.

We have tested the process thoroughly, but if you do experience and difficulty please contact the Help Desk, Phone: 518-244-4777 Email: helpdesk@sage.edu.

John Harris
Director of IT


Sage Firewall Upgrade

On Friday, August 7 at 4PM we will be upgrading our Troy Campus Firewall.  We have tested it thoroughly and we are anticipating only a few minutes of downtime.  All internet and web services in Troy will be affected but phones will not.  We will performing the same upgrade to Albany’s firewall in 2 weeks.

It has been 6 years since our last firewall upgrade and a lot has changed.  If you are interested in why we are performing a Firewall upgrade, please read below for further explanation on differences in firewall technology.

As a general rule, the more advanced the firewall technology, the higher up in the OSI Model it works.

  • Packetfilter — Leval 3 of the OSI
  • Stateful Inspection — Level 4 of the OSI
  • Deep Packet Inspection —  level 7 of the OSI

Our current Firewall is a Stateful Inspection Firewall and we are upgrading to Deep Packet Inspection Firewall.

Packet Filters

The first and most basic type of firewall to come about is simply referred to now as a packet filter. These firewalls worked at Layer 3 of the OSI model, aka the network layer.  Packet filters worked primarily off of two parameters within packets — the source and destination IP addresses — but they were able to look at (and filter on) the protocol field in the IP header as well.

The key here, however, is that very few checks were done on packets, and they were only done at the network layer. As a result, spoofing, fragmenting, and various other sorts of tinkering allow an attacker to get traffic through simple packet filters that they were set up to block.

Stateful Inspection

The original forms of stateful inspection dealt predominantly with layers 4 and below.  In short, stateful firewalls keep track of open, legitimate connections and compare traffic moving through the firewall to these known-good entries. The firewall knows all about the connections in its “state table” (the list of legitimate connections) — and anything deemed not part of one on the list is discarded.

This was a major advance over basic packet filtering in terms of security. It suddenly became much more difficult to inject spoofed packets into legitimate connections and have them accepted by the firewall because stateful inspection looks at TCP sequence numbers, TCP Flags, etc. rather than just source and destination IP and port numbers.

Deep Packet Inspection

To make a long story short, deep inspection is stateful inspection — but with visibility into the application layer (layer 7). In other words, deep inspection allows the firewall to see the actual data passing through it rather than just keeping track of connection information.

So what’s the practical advantage of deep inspection over stateful inspection? Content filtering. Is the client that just made a connection to our webserver trying to propagate a worm? Is a website trying to install malware via an HTTP session?

These are questions that stateful inspection cannot answer and that deep inspection can.

Once the firewall can see into the application layer fully, it can start matching what it sees against a list of known bad content. This is signature-based analysis, and it’s the backbone of all antivirus technology. The advantage here is the ability to catch a whole lot of known nastiness, along with the relative ease of updates.


John Harris

Director of IT


Our firewall upgrade on Friday night was not successful.  There appears to be an a bug in the software and we have to get the manufacture support involved.  We will trying the upgrade again on Tuesday, August 11th, but we will not be starting until 10PM just in case we need to do some troubleshooting.

Sources:  https://danielmiessler.com/study/firewalls/


Over the last five years the amount of technology at Sage has jumped ten-fold.  To go with the technology increase the expectations of supporting the technology has also increased.  We can no longer only provide support 8-5 Monday-Friday, we need to be available 24×7.   Because we do not have the internal staff to cover after-hours support, we have looked into using an outside support company to handle the extra hours.

We have met with several companies and have settled on Blackbelthelp.  Our IT staff will train their technicians on Sage technology to make sure our users get the same level of customer service they currently get from our internal staff.  For security reasons the after-hours support will only include level one technical support (password reset, connecting to wireless, basic OS troubleshooting …. etc).  We will provide a full list for the services they will provide after we completed our training.  Blackbelthelp will provide weekday 5pm-8am, weekend and holiday support.

Thank you

IT Department


On Friday, the 24th, we will be upgrading the networking firmware for the switches for both campuses.   While the switches are upgrading, all computers, phones and wireless access points will not work.  Each switch will only be down for 5 minutes (the time it takes for a reboot).  All together there are around 150 switches between the two campuses.   The whole process will start at 10PM and the last switch will be done by 1AM.    We will be upgrading all switches in one night, so we can get a minimum baseline for our entire network.  After this upgrade we will start staggering our upgrades in the future.

For this upgrade we will be exempting both the Public Safety switch and the switches that run our servers.  We will be scheduling them next month.

The reason we need to upgrade the switch software is twofold.  The first reason is for bug fixes and security patches.  The second reason is to take advantage of the new features the company has released.

Thank you for your patience

IT Department


All switches have now been brought up to the minimum software level.  There were zero failures or issues.

IT Department

The IT Department will be performing several upgrades over the long weekend.  On Thursday at 10am -4pm and Friday 10am -4pm we will be upgrading the following services.

Wireless — We will be upgrading our wireless controller to the latest version.  This version has several security enhancements and well as productivity improvements.

Active Directory — We will be upgrading our domain controllers to the latest version.   Our domain controllers are the servers that provide access and permissions to Sage’s network resources (Usernames, file permissions and many other services).

Firewall — We will also be testing our new Next Generation Firewall.  Our current firewalls are 6 years old and they have reached their end of cycle. Our new firewall has many enhanced features, that allow us to have more control over Sage’s overall security.

These upgrades will provide updated security as well as many backend features to help us manage the network.  During these times the wireless access may be intermittent and the Troy internet might be down for short periods of time.

Thanks you for your patience.
IT Department

Welcome to the Sage Colleges Networking page. We are using this site to help build some transparency between what the IT Department is working on and how it benefits/effects you, the end user.