460 likes | 586 Views
Network Planning Task Force. “Operational Briefing”. Mary Alice Annecharico / Rod MacNeil, SOM Mark Aseltine* / Mike Lazenka, ISC Robin Beck, ISC Doug Berger / Manuel Pena, Housing & Conference Services Chris Bradie / *Dave Carroll, Business Services Chris Field, GPSA (student)
E N D
Network Planning Task Force “Operational Briefing”
Mary Alice Annecharico / Rod MacNeil, SOM Mark Aseltine* / Mike Lazenka, ISC Robin Beck, ISC Doug Berger / Manuel Pena, Housing & Conference Services Chris Bradie / *Dave Carroll, Business Services Chris Field, GPSA (student) Cathy DiBonaventura, School of Design* Geoff Filinuk, ISC Bonnie Gibson, Office of Provost Roy Heinz / John Keane, Library Robert Helfman, Budget Mgmt. Analysis John Irwin, GSE Marilyn Jost, ISC Carol Katzman, Vet School Deke Kassabian / Melissa Muth, ISC James Kaylor / CCEB* Dan Margolis, SEAS* (student) Chris Massicotte, Audit & Compliance Kayann McDonnell, Law Donna Milici, Nursing Dave Millar, ISC Michael Palladino, ISC (Chair) Dominic A. Pasqualino / Audit & Compliance* David Seidell, Wharton* Dan Shapiro, Dental Mary Spada, VPUL Marilyn Spicer, College Houses* Steve Stines / Jeff Linso, Div. of Finance Ira Winston / Helen Anderson, SEAS, SAS, School of Design Active Task Force Membershttp://www.upenn.edu/computing/group/nptf/ *New FY ‘04
Summer 9/15 9/29 10/8 11/3 11/17 12/1 12/15 Focus group sessions Setting the stage Security discussions (Part I) Security discussions (Part II) Operational briefing Strategic discussions “Voting”/preliminary rate setting State of the Union NPTF FY 2004 Agenda
Operational Briefing • Major progress • Telecommunications services • Central service bundle • Internet/Internet II • Connection maintenance • Port rental • Next Generation PennNet • Wireless
Major Progress Last 12 Months • Redundancy, Reliability • More proactive network management tools and procedures. • Huntsman NAP operational • Southern NAP construction underway • NGP building redundancy in design stage. • Many buildings could still have 1-2 week outage with major catastrophe
Major Progress (Continued) • Network Upgrades/Enhancements • Gig routing core • Fast Ethernet (100 Mbps) to buildings 90% completed • Gig (1000 Mbps) backbones in buildings 50% completed • 60% of closet electronics 10/100 Mbps
Major Progress (Continued) • Services • PoBox email service back to high availability with added functionality of SPAM filtering and virus scanning. • Wireless connectivity expanding. Service in 11 schools and centers, 4 public spaces, and study lounges in 3 College Houses. Combined service can provide connectivity for 3825 users at one time. • Wireless authentication progress made. • Cellular program nearly ready to be announced. • VoIP pilots underway within N&T. • Automatic Speech Recognition System (6-4242) being refined.
Major Progress (Continued) • Operational efficiencies • Fiber ring replacing MAN services will lock in lower local loop costs even as bandwidth demands increase for Internet/Internet2. • Bandwidth management techniques in College Houses solidified with SLA. • Elimination of legacy network infrastructure (PAS) • 99% switched ports (3 buildings with coax)
Projected Telecommunications Revenue FY2004 (Summer, 2003 Data)
Internet/Internet2 • Current status/utilization • Strategy • Costs • Bandwidth management • Next steps
Internet Strategy • Have multiple Internet Service Providers with diverse paths and national backbones. (Currently have 3 ISPs) • Have a presence at 401 N. Broad Street in the Telecom. Hotel to rapidly switch ISPs, get additional bandwidth and lower local loop costs. (Currently lease 100 SF) • Have reliable and redundant lines from 401 N. Broad to main campus. (Currently have links from both YIPES and PECO Hyperion, migrating to leased fiber ring.) • Have sufficient Internet capacity to meet current and future needs. (Current infrastructure/ISPs are capable of over 2000 Mbps.)
Internet Strategy (Continued) • Maintain peering links with ISPs. (Currently have 100 Mbps link to DCAnet, talking to both Comcast & Verizon.) • Continue to provide cost-effective service for Penn. (Current monthly Internet cost is $3.05 per user/IP address.) • Continue experimentation with low-cost providers. (This has been very successful with cost per meg of Internet service dropping from $750 to $40 per meg per month). • Continue limits for aggregate outbound residential traffic as well as individual residential IP address outbound limits. (There are no limits on non-residential usage.)
Internet Bandwidth Management - Background • A Central Service Fee is assessed for each IP address used. • Internet costs are part of the Central Service Fee bundle of services that N&T provides. • Internet costs are distributed equally across Penn’s 38,000 users. • The cost per IP address per month is $3.05 in FY ’04.
Internet Bandwidth Management (Continued) • Internet bandwidth usage and costs increased exponentially during the late 90’s. • Periodic “snapshots” of usage demonstrated that College House residents had a different profile of usage than PennNet’s non-residential customers. • 24 X 7 rather than 7AM to 8PM • Demands for bandwidth greatly exceeding almost all other users. • Residential limits on outbound bandwidth have helped slow the increase in Internet expenses.
Creation of a Residential PennNet Service • Differential charging is not yet technically practical. • Charging all users more to accommodate growing cost due to residential use was not acceptable. • Creation of a custom service level designed for residential users, with differences but at a price equal to pre-existing services.
Bandwidth Management - Current Status • Bandwidth management techniques in the College Houses are being successfully implemented. • Upper limits on aggregate outbound usage (255Mbps) • Maximum outbound bandwidth limits per IP address (400Kbps with a 400 KB burst) • The limits on residential Internet traffic plays a major role in controlling costs.
Bandwidth Management – Next Steps • Improve our ability to identify traffic patterns, heavily used applications, most demanding users and quick Information Security incident response. • Use this information to help in the evaluation of service. • To business and research/education users • To residential users
Next Generation PennNet (NGP) • Goals • Current status • Strategy • Future plans
NGP Infrastructure Goals • Distribute routing core across campus to minimize single point of catastrophic network failure. • Build redundant network links between the Network Aggregation Points (NAPs) and to critical buildings. • Upgrade 20 year-old multi-mode fiber and install single-mode fiber to prepare for multi-Gigabit network speeds. • Build Next Generation PennNet infrastructure to prepare for future technologies and convergence. • To continue to provide secure, “cutting-edge” network connectivity to support Penn’s research, academic and administrative needs.
NGP Current Status • Vagelos and Huntsman NAPs and associated single-mode fiber links completed. • Strategic conduit installed partnering with Facilities. (Locust Walk, Spruce Street, Levine, Hillel, Huntsman, etc.) • Distributed and redundant routers, servers and systems in Vagelos, Huntsman, College Hall and 3401 Walnut. • Southern NAP construction underway. • Western and Northern NAPs site selections in progress.
NGP Current Status (Continued) • Redundant connectivity (dual fiber and pathway feeds) for 3401 Walnut, FB, VPL, Vagelos and Huntsman. • Most Area 1 buildings linked to Vagelos NAP. • Some area 2 buildings linked to Huntsman NAP. • Catastrophic failure reduced from 2 weeks to 1-2 days for these buildings.
Plan FY2004 Southern NAP fully operational (Jan. ’04) Northern NAP site selected. (March ’04) Western NAP under construction (June ’04) Southern NAP building redundancy links underway. Plan FY2005 Western and Northern NAPs fully operational. Most NAP to NAP links completed. Western and Northern building redundancy links underway. Potential funding issues if NGP funds (Telecom surplus) shrink or if there is not enough existing fiber. NGP Future Plans
Wireless • Brief Overview • Goals • Strategic Objectives • Current Research • Short – Long Term Strategy • Challenges • Wireless Network Topologies
Wireless Terminology • wLAN: Wireless Local Area Network • AP (Access Point): Point of Entry from Wireless to a Wired Network • Authentication Gateway: Point of entry from unsecured network into PennNet. • Association: an 802.11 mapping of a wireless device to an AP. • Coverage Area: Radio frequency range of an AP or group of AP’s, which comprises the wireless network.
Overview of Wireless PennNet • Wireless Networks at Penn are based on 802.11b standard, which is 11mb shared access to the network. • Bandwidth per user depends on several factors: • Number of devices associated with a single AP • Number of devices transmitting or receiving data • Distance of device from AP • Interference • Other APs • Other Devices using same frequency • Interface cards and antennas • Physical position of the device relative to the AP • Each wLAN offers seamless roaming from one area of a building to another. • Wireless service provides convenience rather than high performance.
Goals • To meet the wireless needs of the Penn community for schools and centers and public spaces. • To have a common authentication approach across campus (strong security). • To have seamless roaming from one wLAN to another. • To determine a sustainable funding model for one-time and all ongoing operational expenses.
Strategic Objectives • Using Enterprise Class Technologies • Designed to serve large organizations • Long-term customer support included • Provides more robust set of features, including: • Adjustable Signal Strength • Stability • Monitoring & Statistics • Tri-Band Capabilities • Aiming to Provide Scalable & Secure Solutions • Staged Approach to Deployment • Working with Standards-Based Products • Avoid being locked into relationship with single vendor • Cards that comply with wireless standards
Current Research • Authentication Gateway Tests • Testing with New Vendor Going Well • Short Term Plans • Work with Both Vendors (support exiting base) • Local Testing Ends 10/27 • Pilot Deployment (Small Area) early November • Expand to Larger Pilot Mid December • Resume replacement of MAC Authentication • Hit Target Dates for FY04
Short – Medium Term Strategy • Security • Continue to Pursue Authentication Gateway Testing • Maintain Vendor Relationships for Current Install Base • Test Another Vendor’s Product • Explore Vendor’s Product Road Map with LT Strategy • Network Management • Work on Better Network Monitoring and Reporting • Resume Replacement of MAC Authentication • Staged Approach • Begin Test and Research high-speed wireless
Long Term Strategy • Security • Authenticated & Authorized Access Control (802.1X) • Extensible authentication methods • Secure, encrypted channel (802.11i) • Successor to Wired Equivalent Privacy • VPN Gateways & Clients • Wireless Authentication Gateway could be VPN Gateway for wireless clients • May require VPN software on client
Long Term Strategy (continued) • Network Management • SMNP v3 • Secure means of managing the network • Automated Reporting • Usage Statistics • Quality of Service (802.11e) • Support for delay-sensitive applications • Wireless Voice over IP
Challenges • Funding • No Central Funding • Slower Roll Out in Some Areas • IP Address/CSF fee issue for public spaces • Security • Authenticated Access (Still being worked out) • Data Encryption Lacking • Authorization • Support • Central and Local Support • Not a static situation in a wLAN environment