HEAnet & The Schools Network Presentation to HEAnet National Networking Conference by Ronan Byrne & Tim Maher 10 th November 2005.

Slides:



Advertisements
Similar presentations
Identifying MPLS Applications
Advertisements

Logically Centralized Control Class 2. Types of Networks ISP Networks – Entity only owns the switches – Throughput: 100GB-10TB – Heterogeneous devices:
NOC Tools Donal O’Cearbhaill HEAnet Ltd.. Ireland’s National Education and Research Network Provides Internet services to Irish Universities Broadband.
TCS – Sunset Elementary Pat Bruen, Conor Buckley, James Gallagher
Multi-Layer Switching Layers 1, 2, and 3. Cisco Hierarchical Model Access Layer –Workgroup –Access layer aggregation and L3/L4 services Distribution Layer.
Network Management Architecture in the Macedonian Academic and Research Network - MARNet Goran Muratovski
Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.
MSIT 458: Information Security & Assurance By Curtis Pethley.
1 Version 3.0 Module 8 Virtual LANs. 2 Version 3.0.
1IMIC, 8/30/99 Constraint-Based Unicast and Multicast: Practical Issues Bala Rajagopalan NEC C&C Research Labs Princeton, NJ
Network Monitoring for Internet Traffic Engineering Jennifer Rexford AT&T Labs – Research Florham Park, NJ 07932
NENA Development Conference | October 2014 | Orlando, Florida ESIND working group Jim Lockard, Joel McCamley Co-Chairs.
© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.
Securing Schools Firewalling and Filtering on the Broadband for Schools Network. Liam Kennedy Network Engineer HEAnet Ltd.
1 © 2006 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Using the Cisco Technical Support & Documentation Website for LAN Issues.
Presented by :- Stuart Tilley - Network & Systems Technician Conference – Network overview and proposed enhancement th March 2008.
Virtual Company Group 8 Presentation Date: June /04/2017
Internet Service Provisioning Phase - I August 29, 2003 TSPT Web:
1 Every Bit IP ™ Zero Touch Provisioning. Agenda Overview of Zero Touch Provisioning (ZTP) ZTP in PANS Issues with ZTP in BAN Possible ZTP solutions for.
AIMS’99 Workshop Heidelberg, May 1999 Ko / CP 4/99 Linkage between Internet Service Architectures and ATM
1 Session Number Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. Using the Cisco TAC Website for IP Routing Issues Cisco TAC Web Seminar.
WAIL By: - Dave Plonka - Ana Bizarro Wisconsin Advanced Internet Laboratory - WAIL.
©Kwan Sai Kit, All Rights Reserved Windows Small Business Server 2003 Features.
TCOM 515 Lecture 6.
Sales Education and Performance Consulting Presents Private Network Transport (PNT) and Class of Service (CoS)
Copyright ©Universalinet.Com, LLC 2009 Implementing Secure Converged Wide Area Networks ( ISCW) Take-Aways Course 1: Cable (HFC) Technologies.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Identifying Application Impacts on Network Design Designing and Supporting Computer.
U.S. Department of Agriculture eGovernment Program August 14, 2003 eAuthentication Agency Application Pre-Design Meeting eGovernment Program.
Internet Engineering Course Network Design. Internet Engineering Course; Sharif University of Technology Contents Define and analyse an organization network.
Performance Monitoring - Internet2 Member Meeting -- Nicolas Simar Performance Monitoring Internet2 Member Meeting, Indianapolis.
Module 4: Configuring ISA Server as a Firewall. Overview Using ISA Server as a Firewall Examining Perimeter Networks and Templates Configuring System.
Windows Small Business Server 2003 Setting up and Connecting David Overton Partner Technical Specialist.
Technical Policy and Standards Andy Gorton – Senior Architect: Institutional Networks.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Identifying Application Impacts on Network Design Designing and Supporting.
The University of Bolton School of Games Computing & Creative Technologies LCT2516 Network Architecture CCNA Exploration LAN Switching and Wireless Chapter.
workshop eugene, oregon What is network management? System & Service monitoring  Reachability, availability Resource measurement/monitoring.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
IP Network Clearinghouse Solutions ENUM IP-Enabling The Global Telephone Directory Frank Estes Vice President , ext 224
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNP 1 v3.0 Module 2 Advanced IP Addressing Management Cisco Networking Academy.
Operations in HEAnet Brian Nisbet NOC Manager. Operational Overview 30+ Technical Staff. – 75% of whom participate in NOC Duty. 60+ Clients. Expanding.
2  Supervisor : MENG Sreymom  SNA 2012_Group4  Group Member  CHAN SaratYUN Sinot  PRING SithaPOV Sopheap  CHUT MattaTHAN Vibol  LON SichoeumBEN.
Campus Network Development Network Architecture, Universal Access & Security.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Exploring the Enterprise Network Infrastructure Introducing Routing and Switching.
Ireland’s Schools Network: Delivering a Safer Online Environment for Irish Schools? Presentation to TERENA Networking Conference 2007 by Ronan Byrne, HEAnet.
Network Monitoring at HEAnet HEAnet Conference 2006 Ann Harding Network Operations Manager.
Cisco 3 - Switch Perrine. J Page 111/6/2015 Chapter 5 At which layer of the 3-layer design component would users with common interests be grouped? 1.Access.
© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—3-1 Implementing a Scalable Multiarea Network OSPF- Based Solution Lab 3-5 Debrief.
The SchoolSat Initiative Satellite Technology as an Access Technology for Schools Sally Reynolds, ATiT Belgium.
EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Using GStat 2.0 for Information Validation.
1 © 2006 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Using the Cisco Technical Support & Documentation Website for IP Routing.
Lawrence H. Landweber National Science Foundation SC2003 November 20, 2003
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—6-1 Scaling Service Provider Networks Scaling IGP and BGP in Service Provider Networks.
The Claromentis Digital Workplace An Introduction
ORNL Site Report ESCC July 15, 2013 Susan Hicks David Wantland.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Creating the Network Design Designing and Supporting Computer Networks – Chapter.
2008 Taipei, Taiwan An Introduction APRICOT 2008 Network Management Workshop February – Taipei, Taiwan Hervey Allen & Phil.
KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY Intrusion Detection and Incidence Response Course Name – IT Intrusion Detection and Incidence.
HEAnet’s Optical Backbone & Schools Connectivity Brian Nisbet Network UKNOF 29, Belfast.
OPEN SOURCE NETWORK MANAGEMENT TOOLS
HP ProCurve Alliance + Dr Carl Windsor CISSP Major Account Manager
Phare EIONET Centralised Training Session
Delivering a Network Services Portfolio to Ireland’s Schools Network
Planning and Troubleshooting Routing and Switching
Hyper-V Cloud Proof of Concept Kickoff Meeting <Customer Name>
Troubleshooting and Maintaining Cisco IP Networks (TSHOOT) practice-questions.html.
CCNA R&S Overview  The CCNA Routing and Switching Boot Camp is a composite course derived from ICND1 and ICND2 content merged into a single accelerated.
Valid 2018 Cisco Exam Dumps Questions Braindumps DumpsProfessor
Based on work by DoIT Network Services, UW-Madison
Multicasting Unicast.
Presentation transcript:

HEAnet & The Schools Network Presentation to HEAnet National Networking Conference by Ronan Byrne & Tim Maher 10 th November 2005

Presentation Structure  Schools Network OverviewRonan Byrne  Network Design Tim Maher  Network ServicesTim Maher  Support ServicesRonan Byrne  Project UpdateRonan Byrne

Schools Network Overview  Responsibility Areas  Access Tender & Broadband Technologies  Project Management Approach

Schools Network Overview Free ‘always on’ broadband connectivity to Schools 3 Year Agreement –Dept of Education/Dept of Communication/TIF 3,925+ Schools 6 Access Providers HEAnet backbone network Onward connectivity to Internet & Educational Networks HEAnet Managed Services: Network; Security; 1 st Line NCTE Service Desk & 2 nd Line HEAnet Schools NOC

Responsibility Areas

Dept of Education Access Tender Evaluation HEAnet Technical Advisors to DES/DCMNR Strong response to Call for Tender Evaluation by Evaluation Team over Sept-Dec 2004 Evaluation of 100+ broadband service offerings Evaluation of 80+ different router offerings Report to Ministers - Christmas 2004 Decision by Ministers – 5 th January 2005

Schools Network Bandwidth

Phased Availability of Services INITIAL SERVICES IP Connectivity between Schools IP Connectivity to the general Internet Educational/Research Networks Access Network Security Content Filtering Web-based DNS 2 nd Line Support to NCTE Service Desk LATER SERVICES Web Hosting Personal disk space Video Conferencing Video Streaming Video Lecture E-Schoolbag Content Hosting

Project Management Approach

Project Planning – dependent on Access Tender Project Financials – dependent on Access Tender Project Initiation Document –(scope, constraints & exclusions) Risk Register Resource Planning: –Dedicated Schools Team –Cross-HEAnet Consultancy –External Consultancy Project Organisation

HEAnet Project Organisation

HEAnet Schools Team Ronan ByrneSenior Project Manager Tim MaherTechnical Project Manager Donal O’CearbhaillSystems Administrator Brian ScanlanSystems Administrator Liam KennedyNOC Engineer (2 nd Line) Rachael HoltNOC Engineer (2 nd Line)

Network Design Network Topology Access Network POP Layout Layout and Routing IP Scheme

Schools Network Topology

Access Network Principles Layer 2 service from Access Providers PPPoE over L2TP, VLANs & ATM VC’s RADIUS authentication Managed Router in schools (Cisco 871) Public (HEAnet) IP addresses IPv6 & Multicast (later services)

Access Provider Aggregation Overview

Sample ADSL Service

Sample Satellite Service

Schools’ PoP Layout

Layout and Routing Only links and loopbacks go into OSPF Everything else is redistributed straight into BGP Each PoP provides the other with transit over the National Backbone Extension Onward connectivity provided by BGP connection to HEAnet core

Very Large Post-Primary (>1000)/23 (510) Large Post-Primary ( )/24 (254) Medium Post-Primary ( )/25 (126) Small Post-Primary (<100)/26 (62) Large Primary ( )/24 (254) Medium Primary ( )/25 (126) Small Primary (50-99)/27 (30) Very Small Primary (<50)/27 (30) IP Addressing

Network Management Systems

HEAnet: Centralised Network Services  Monitor schools’ connectivity  Generation of intelligent alerts  Monitor services  Graph network usage  Capacity planning  Access Provider measurements vs. SLAs: –Latency (RTTs) –Packet loss –Network availability

SmokePing Nagios Cricket

Geographical Network Map

Provisioning Systems

Provisioning system - overview Required to generate school specific configurations for CPE router, monitoring, etc. Dynamically provision services Database backend with schools’ information Informational web front-end

Provisioning System – services provisioned CPE router config Nagios Radius Cricket Cisco ACS Smokeping Fortinet Maps DNS

Provisioning System Structure

Security Design

Schools Network Security Design

Centralised Content Filtering DES Requirement Fortinet solution Security node at each PoP 500Mbps capable “in-line checking” High Availability & ASIC technology Content filtering capability: –In-Line Anti-Virus blocking –White List –Black List –56 Categories –Database of 28 million rated URLs –24x7 Managed Service Intrusion Detection/Protection System (IDS/IPS) “Security Profiles” set by Dept of Education

Kilcarbery Centralised Security

Services

Schools Service DES Requirement Award to Sonas Innovation Web front end Opensource components LDAP foundation Anti-Spam & Anti-Virus blocking Calendar & Address list facility Autonomy at school level to administrate some services (e.g. new mailboxes) Scalable to accommodate all staff & pupils Dept of Education set policy

Scalability of Network Design /12 IP Address Space = over 1 million public IP addresses solution can accommodate 200,000 mailboxes, scalable up to 800,000 mailboxes Security solution scalable up to 4Gbps Cisco 871 new generation router

School Support Services

HEAnet Schools NOC Separate to main HEAnet NOC Different customer needs Separate processes 2 nd Line role Shared ticketing system with NCTE Separate contact channels

Support to NCTE 1 st Line Service Desk Acceptance Test Tools –Lot 1 (SmokePing) –Lot 2 (Bespoke Acceptance Script) Front-end Service Provisioning –Automated Network Monitoring on Lot 2 Acceptance –Enable Security Policy Documentation (Wiki) –Installation & Troubleshooting Guidelines –Technical Advice –School LAN Connection Guidelines –FAQs Training

Schools Support Escalation Channel

Project Update

HEAnet Schools Project Status HEAnet ‘Schools’ backbone network built HEAnet interconnectivity with all Access Providers HEAnet Schools NOC in place Network monitoring live Provisioning systems live Router configurations released to Eircom Security services live Schools connecting (LANs enabled) HEAnet delivering to project deadlines HEAnet delivering to project budget

Broadband Roll-Out Status  Lot 1 (Broadband):2,000 complete Target completion: end 2005  Lot 2 (Routers) :1,000 complete Target completion: end Q1 2006

Questions & Answers