1 / 33

Fy ‘08 NETWORK PLANNING TASK FORCE

Fy ‘08 NETWORK PLANNING TASK FORCE. First Strategy Discussion . 10.1.07. NPTF Meetings – FY ‘08. 1:30-3:00pm in 337A Conference Room, 3 rd floor of 3401 Walnut Street Process Intake and Current Status Review – July 16 Agenda Setting & Discussion - September 17

cecilia-hess
Download Presentation

Fy ‘08 NETWORK PLANNING TASK FORCE

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Fy ‘08 NETWORK PLANNING TASK FORCE First Strategy Discussion 10.1.07

  2. NPTF Meetings – FY ‘08 • 1:30-3:00pm in 337A Conference Room, 3rd floor of 3401 Walnut Street • Process • Intake and Current Status Review – July 16 • Agenda Setting & Discussion - September 17 • Strategy Discussions - October 1 • Security Strategy Discussions - October 15 • Strategy Discussions - October 29 • Prioritization - November 5 • FY’09 Rate Setting – November 19

  3. Proposed NPTF Meetings – “FY ’09” • February 18-Operational review • April 21- Planning discussions • June 2- Security strategy session • July 21-Strategy discussions • August 4- Strategy discussions • September 15- Preliminary rates/security • October 6- Strategy discussion • November 3- FY’10 Rate setting

  4. Today’s Agenda • Strategy Discussions • Next Generation PennNet • UPS for network electronics • Integrated Communications • Intrusion-Detection

  5. Next Generation PennNet-Gig Connectivity & Building Redundancy • Goals • Gig enabled closet electronics • Gig to every building • Redundant Gig connectivity • Current Status • Approximately 60% of switches 10/100/1000 enabled • By the end of FY ’08, most switches will be 10/100/1000Mbps • 62 buildings with Gig Ethernet

  6. Strategic Approach: NGP • Diversify the PennNet Routing Core • Move out of College Hall (Largest Single Point of Failure) • Construct 5 Network Aggregation Points (NAPs) • Redundant High Speed Connectivity between NAP locations • Highly Available Core Network Infrastructure • Relocate Campus Building Uplinks to Local NAP • Provide High Speed Uplinks to Buildings (where infrastructure can support this now, single-mode fiber/conduit build outs sometimes necessary) • Provide Redundancy Uplinks to Campus Buildings • Five Connectivity Models • Based on Building Criticality (University Business) • Number of User Connections • Infrastructure Availability

  7. Diversify PennNet Routing Core • Five NAP locations completed and in operation • NAP locations have redundant and diverse 10 gig feeds. • NAPs connect local buildings that have fiber and pathway. • 62 buildings have gigabit Ethernet service • College Hall node room will house a core router for next two years (until all NAP to building feeds are in place) • Will reduce catastrophic disaster recovery time from 2 weeks to under 2 hours. • Will provide infrastructure foundation for next generation data, voice and video services. • Eastern NAP feasibility study pending construction timeline.

  8. Building Connectivity Models 1 & 2(Dual Feeds to separate NAPs, each with either diverse or overlapping pathways)

  9. Building Connectivity Model 3 (Each Building has 1 uplink to a separate NAP and one link to each other.)

  10. Building ConnectivityModel 4 (Building has 1 uplink to each Building Entrance Router in the local area.)

  11. Building Connectivity Model 5 (Building has 1 uplink to a Building Entrance Router.)

  12. Building Connectivity Model 5a (Building has 1 uplink to a Building Entrance Router with dual feeds.)

  13. Gig Connected Buildings (Single Feed)

  14. Gig Connected Buildings (Single Feed)

  15. Gig Connected Buildings (Dual Feed)

  16. Gig Connected Buildings (Dual Feed)

  17. Dual Connected Buildings (100/Gig or 100)

  18. Upgrade Schedule • http://www.upenn.edu/computing/pennnet/maintschedule.html

  19. Redundancy (UPS) • As we move towards data, voice and video IP-based systems and services that all rely on electrical power, how much protection should we do and can we afford? • We have back up generators and UPS in the 5 NAPs. So theoretically they should not go down. • Building power is not 99.999 from Peco/Facilities. • While we do not have solid historical data, we began recording data on power outages beginning in March 2007. • Since March 21,2007 the campus has had 52 hours of outage due to power loss in 36 buildings. (Not including a 64 hour outage to Nursing LIFE) • Generally, outages are either very short (blip) or 1+ hours.

  20. Redundancy (UPS) • It costs about $2700 per location to install UPS (assuming the UPS has 25 minutes of battery time and no other wiring closet work need to be done). • Cost of $1100.00 per 15 minutes additional battery time • Rough ongoing costs would be approximately $900/yr per location. • N&T manages over 600 wiring closets on campus • Annual cost would be about $540K

  21. Redundancy (UPS) • Alternatively, we could just do UPS on the building routers. • There are only 100 of these locations. • Without UPS, a short electrical blink causes them to reboot, forcing a 5-10 minute outage. • This would mean for that duration, there would be no services that require the network including phones. • Annual cost $90k • Are you interested in this? Is it worth spending this much to protect against 25 minutes of outage?

  22. Integrated Communications (IC) • IC involves integrating several communications applications toward improved productivity for staff, faculty and students: • PennNet Phone and Voicemail • Instant messaging • Desktop video • Linking these applications together, and to University information (online directory, calendars, etc) puts more control in the hands of our user community • It also allows user communication preferences to be taken into account.

  23. PennNet Phone • Goals • To convert 25,000 analog voice customers to Integrated Communications (VoIP, Voicemail, etc.) over the converged IP network with added functionality and lower costs in 5 years or less. • Status • We currently have about 1400 PennNet Phone users. • Redundant servers and gateways • Full service monitoring 24x7 • New feature releases about twice a year • New phone equipment being rolled out by early 2008.

  24. PennNet Phone • Issues • We have had some long-term problems with the PRIs from Verizon and the Cisco gateways that have caused known problems with transferring some calls, some caller ID, etc. • Next steps • We believe we have the PRI problems resolved. • We tested the new gateway code yesterday. • The new code release comes out in late October. • If all goes well, we could have improved call transfers in production in November.

  25. Instant Messaging • Goals • Users at Penn report that they are using Instant Messaging (AIM, Yahoo Messenger, Skype and Google Talk) today for business purposes. • Our goal was to provide them with an alternative that • Provides improved privacy and security • Is able to make use of Penn identity information • Can be integrated with other Penn communications elements

  26. Instant Messaging • Status • The same open standard, open source technology used by Google Talk, "jabber" (based on the XMPP protocol family) is being deployed and used in a pilot mode at Penn today • It provides controlled data path (need not leave campus when two on campus users chat) • It provides identity assurance (uses Penn's authentication system, and Penn's naming scheme) • It has so far proven to be low cost to operate and highly reliable. • Next steps • Pilot to a larger audience over the next 3-4 months • Full rollout at no cost to current PennNet phone and email customers by end of FY’08.

  27. Voice mail • Goals • Roll out version 1.0 of new voicemail in early 2008 (possible late January). • Key reasons for change • Today’s Octel Voicemail system is old and expensive to support (vendor EOL/EOS) • It does not have good disaster recovery capabilities • In a failure, we could be out for at least 12 hours • Message recovery would be incomplete. • The new system can recover rapidly with very complete data • The new system is designed for the new PennNet Phone service to be used throughout Penn in the next few years • A migration by all users to the new voice mail system now brings us back to "one voice mail community"

  28. Voice mail Differences • There will be differences in features and functionality • In some cases, the new voice mail system will be less feature rich • But it will allow PennNet Phone users some very advanced online access to messages and features • Web access to settings • Both telephone and email access to messages

  29. Voice mail Timing • New voicemail is in production use now for 1400 PennNet Phone users • New voicemail is in pilot now for 100 campus users of traditional phones • For most traditional phone users, rollout is being targeted for early 2008 (possibly late January) • For advanced voicemail applications, migration will take place in late spring or early summer CY2008 • eg., Menus, Transfer Mailboxes, Listen-only mailboxes

  30. Desktop Video • Goals • Easy, low cost desktop video conferencing for when audio or IM is insufficient • Status • No work being done towards a Penn service. But desktop client tools are maturing. • Issues • Maturity, complexity, cost • Next steps • Wait a little longer

  31. Intrusion Detection (Perimeter & PennNet Core) • We deployed Arbor Networks peakflow in 2005 • A network management tool that provides some ID functionality for PennNet perimeter and core. • We use it for a wide range of analysis, including attack signatures, but also traffic characterization and ISP peering analysis. • We are able to share info across institutions so that we can recognize an attack before it reaches Penn. • Upgrades are mostly software which is covered by our current contract.

  32. Intrusion Detection(Local level/subnet) • Host-based intrusion detection is available today for every major operating system • ISC is committed to having a strategy for local intrusion detection systems, as well as recommendations and product offerings before network-based IDS becomes required in any security policy. • It is likely that this would be in FY’09. • We are currently looking at a few products • Tipping point (meeting with them tomorrow) • Arbor - Peakflow x • Snort-widely deployed open source IDS • Bro-open source IDS developed at LBNL by Dr. Vern Paxson, a noted TCP/IP researcher. • A local IDS could be deployed alongside, and access “mirrored” traffic from, a building entrance device.

More Related