From the CIO

VCU Technology Services

November 2025 CIO Update

by Alex Henson

I sincerely hope everyone had a wonderful Thanksgiving holiday! I know we are all looking forward to the Winter closing, and while many of us will continue to be working for at least part of this time, I hope all have a chance to recharge and enjoy time with family and friends. For this month’s entry, I’d like to share an update on a key system migration as well as an update on a new policy.

Infrastructure Services Upgrades to Zabbix

Infrastructure Services recently completed a significant project: migrating VCU’s enterprise monitoring and alerting platform from the legacy Xymon system to the modern, scalable Zabbix platform.  This transition is a strategic step that supports the University’s goal to build infrastructure that is “scalable, nimble, and ready for growth.”

From Legacy to Modern

For context, Xymon is a legacy tool designed primarily for basic “up/down” status checks. While reliable for its time, it offered limited insight into root causes.  Zabbix, conversely, is an enterprise-grade platform that collects vast amounts of performance data, enabling trend analysis and predictive alerting.

A screenshot illustrating the interface of the legacy Xymon monitoring tool.
A screenshot illustrating the interface of the legacy Xymon monitoring tool.

Why the Shift Matters

The needs of VCU’s increasingly complex digital environment eventually outgrew Xymon’s capabilities.  As the open source community maintaining Xymon became less active, security limitations and a lack of API integration posed growing risks.  Furthermore, the lack of granular alerting often led to “alert fatigue,” leaving technical teams overwhelmed by broad notifications that did not always align with their responsibilities.

Zabbix runs laps around Xymon when it comes to alerting and integration.
– Enterprise Platform team member

Strategic Benefits

Zabbix is now centrally monitoring roughly 1,400 systems and applications across Windows, Linux, our private cloud environment, and externally hosted applications in the public cloud.  Key improvements include:

  • Proactive Detection: Monitoring complex metrics, such as hypervisor cluster health, enables us to detect issues before they impact the University.
  • Automation: Zabbix’s robust API enables Infrastructure Services, in collaboration with other teams, to trigger Ansible Automation Platform actions, automatically resolving issues—such as CAS service failures—in real time without manual intervention.
  • Security & Targeted Alerting: The security of monitoring data has been enhanced, and customizable alerts ensure the right teams are notified via their preferred channels (email, Slack, or Google Chat).
A screenshot depicting one of the dashboards created by the Infrastructure Services team for the new Zabbix platform.
A screenshot depicting one of the dashboards created by the
Infrastructure Services team for the new Zabbix platform.

Collaboration and Operational Impact

This successful migration was a “greenfield” deployment achieved through partnership between the Server Operations and Enterprise Platform teams, in close collaboration with stakeholders throughout Technology Services and the broader University community.  By running Zabbix alongside the legacy system for several months, the teams ensured a low-risk transition with zero downtime.

I like it much better than Xymon; there are more features that help us monitor more efficiently.
– NOC team member

Meanwhile, the operational impact was immediate.  The Network Operations Center (NOC)—the team that keeps a 24×7 eye on the University’s systems—reports that the new platform has streamlined daily workflows.  By offering a richer feature set and more relevant alert data, Zabbix allows staff to triage and respond to incidents more efficiently than ever before.

Looking Ahead

With Zabbix now established as a pillar of our core infrastructure platform, Technology Services is now positioned to enhance service-level observability—monitoring the holistic health of entire user-facing services rather than just individual servers or application processes.  These next steps will help ensure the digital tools that VCU students and faculty rely on remain consistently available, resilient, and performant.

VCU’s New Generative AI Policy: Key Takeaways

VCU has officially enacted a new institutional policy, “Acceptable Use of Generative AI Technology,” setting clear boundaries for how employees and affiliates should engage with generative AI tools while working. The policy’s purpose is to ensure all uses of GenAI align with VCU’s core values and regulatory frameworks, promoting secure, ethical, and mission-consistent practices across research, learning, and operations. By clearly defining VCU-approved tools and data handling protocols, the university aims to maintain academic integrity and manage risks associated with these rapidly evolving technologies.

The policy establishes two critical requirements for all users. First, strict guidelines are placed on data security, prohibiting the input of sensitive (Category II) or confidential/regulated (Category I) university data into public, non-approved AI platforms. Secondly, individual accountability is emphasized: users are responsible for verifying the accuracy, integrity, and legal appropriateness of all AI-generated content. This includes ensuring compliance with intellectual property rights, contractual obligations, and key regulations such as FERPA and HIPAA. 

To ensure comprehensive understanding and adherence to these new standards, VCU Technology Services is focusing on AI Literacy, and is preparing to launch resources, training, guidance, and other AI awareness materials in 2026 to the VCU community. 

Thanks to all for bringing these important initiatives to fruition, and best wishes for an awesome holiday season!

Alex

Leave a Reply