1 / 16

UW Network Status 2006

UW Network Status 2006. Terry Gray Computing Support Meeting 13 February 2006. Agenda. State of the Internet Network Security Campus Network Medical Center Network External Networking Future Issues Q&A. Welcome to The New Internet.

ownah
Download Presentation

UW Network Status 2006

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. UW Network Status2006 Terry Gray Computing Support Meeting 13 February 2006

  2. Agenda • State of the Internet • Network Security • Campus Network • Medical Center Network • External Networking • Future Issues • Q&A

  3. Welcome to The New Internet • Original design principles have been Overtaken By Events • Incredible success… but not without problems: • "Gmail is temporarily unavailable. Cross your fingers and try again in a few minutes. We're sorry for the inconvenience.” • “INBOX closed due to access error” • 404.. “No, wait… it works now” • Interminable hourglass/clock icon (w/no explanation) • Glitchy A/V • VOIP call dropped • Slow FTP • SMB transfer “just stops” • In short: • Benefit of, and dependence on, Internet is enormous, but… • is MTBG (Mean Time Between Glitch) getting worse?

  4. State of the Internet --a mixed picture • Networking is now about selective isolation rather than pervasive connectivity. (open Internet: RIP 2003) • Pervasive Traffic Disruption Appliances (FW, NAT) • Trend toward two-port Internet (80, 443) • Threats moving from outside to inside (e.g. Phishing) • Diagnostic paradigm shift due to end-point firewalls • Architectural failures: PEPs can't talk to users • Industry failures: getting real-time info on dropped pkts • Personal lambdas: what’s old is new again • Research nets getting better –unlike commodity nets • Most hosts not tuned for performance

  5. Network Security • IPS: TippingPoint (campus and med ctr) • IDS: netflow monitors; automatic shutdown • P172, now with NAT • Vulnerability scanning • Security tools portal • Logical firewalls • Subnet firewalls • Host firewalls

  6. Campus Network Status • Connection diversity: 10Mbps HD to 10Gbps w/jumbos • Many buildings still have only cat 3 wire • Nearly 100K hosts seen recently (many via wireless) • Over 60K hosts seen on a typical work day • Approx 1000 subnets (many in datacenter) • Approx 3000 miles of (individual) fibers • 15-20,000 NOC tickets/yr (Plus 10K more for SecOps) • Access to multiple 10Gbps research nets via PNWGP • Three 1Gbps commodity connections via PNWGP • Approx 5,000 network devices (routers, switches) • Approx 30,000 hosts using DHCP • Approx 600 subdomain names under washington.edu

  7. Campus Network Activities • Wireless initiative • Router upgrades • Cisco 7600s replace Foundrys • Under attack, links now saturate before routers • NG Architecture Phase I • allows partitioning new features for minimum risk, e.g. IPv6 • Allows for more redundancy, more flexibility • NG Architecture Phase II • Core backbone upgrade • Investigating policy routing options • 10GE backbone speed • Faster convergence • Pressure vendors for better diagnostics, etc

  8. Medical Centers Network • Now isolated from campus subnets • Protected by a separate zone IPS • All legacy VLANs removed • 90 legacy hubs replaced • All subnets now have router redundancy • Router upgrades underway • Separate backup routers for HMC & UWMC

  9. Number of devices

  10. External Traffic (outbound Gbps)

  11. External Traffic (inbound Gbps)

  12. Internal Traffic (backbone TB/day)

  13. External Networking • PNWGP • K20 • Noteworthy events • SC05 • I2/NLR merger (maybe!)

  14. PNWGP & PacificWave • Three commodity Internet connections @ 1Gbps • Internet2 @ 10Gbps • National Lambda Rail (NLR) • Regional net connections, e.g. BRIN • Working on fiber link to Spokane for future DRBR use • Virtualized routed services • PacificWave Layer-2 exchange service • Three Pwave exchange points using NLR fiber • Seattle, Sunnyvale, Los Angeles • More 10Gbps peers (over a dozen now) • International: Japan, Korea, Australia • L1 peering (switched lambda) services coming

  15. Future Issues • What is the future of perimeter defense? • Given e2e encryption and port-80 tunneling? • What is the future of VoIP? (or desk phones?) • Do we need NAC? If so, where? • How much convergence? • Geographic, service type, service class • Do we need organizational subnets? • Do we need multiple classes of connectivity? • Do premium QoS services make any sense? • More redundancy? –even if it means renumbering? • Whither CALEA?

  16. References… Q&A • www.washington.edu/networking • www.nlr.net • www.internet2.edu • www.pnw-gigapop.net • www.pacificwave.net

More Related