1 NETWORK PLANNING TASK FORCE September 20, 2004 FALL FY 2005 MEETINGS “OPERATIONAL BRIEFING”

Slides:



Advertisements
Similar presentations
Unified Communications Bill Palmer ADNET Technologies, Inc.
Advertisements

MyFloridaNet Presented to The State of Florida E911 Board
Leveraging ICT to improve the business model for a Technology Innovation Centre or Science Park Bob Cushing Harwell 9 th February 2011.
Chapter 3: Planning a Network Upgrade
1 NETWORK PLANNING TASK FORCE August 2, 2004 “SUMMER FOCUS GROUP SESSION ”
October 16, Network Planning Task Force Information Security Strategy.
1 NETWORK PLANNING TASK FORCE FY’06 “ Final Session – Setting the Rates” 12/5/05.
1 10/31/05 NETWORK PLANNING TASK FORCE Information Security.
Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.
1 NETWORK PLANNING TASK FORCE November 15, 2004 FALL FY 2005 MEETINGS “STRATEGIC DISCUSSIONS”
11/29/20041 Network Planning Task Force “Consensus Building: Preliminary Rate Setting”
1 NETWORK PLANNING TASK FORCE November 01, 2004 FALL FY 2005 MEETINGS “OPERATIONAL DISCUSSIONS”
1 NETWORK PLANNING TASK FORCE August 16, 2004 SUMMER FOCUS GROUP SESSIONS “SETTING THE AGENDA”
1 NETWORK PLANNING TASK FORCE “ SUMMER PLANNING SESSIONS ” 8/01/05.
1 11/21/05 NETWORK PLANNING TASK FORCE FY’06 Final Strategy Meeting.
Network Planning Task Force Strategy Discussions.
NPTF Wireless Discussion. 3/3/20032 Agenda Goals Strategy Current status Future plans Challenges Options.
1 NETWORK PLANNING TASK FORCE FY’06 Network Strategic Discussions 11/7/05.
12/1/20031 Network Planning Task Force “Consensus Building: Preliminary Rate Setting”
Network Planning Task Force Special Spring Session.
1 NETWORK PLANNING TASK FORCE FY’07 “ Setting the Rates” 11/20/06.
11/17/031 Network Planning Task Force Strategic Discussions.
1 NETWORK PLANNING TASK FORCE “ SUMMER PLANNING SESSION ” 08/21/06.
{ Information Technology Services South Puget Sound Community College Joint Administrative Committee - December 2014.
Data Centers and IP PBXs LAN Structures Private Clouds IP PBX Architecture IP PBX Hosting.
Information Technology NU Communication Systems Funding Models February 5, 2006.
1 NETWORK PLANNING TASK FORCE Fall Agenda Setting and Focus Group Planning
Unified Communications as a Managed Service DIR Telecom Forum, October 7, 2014 ROY ALBRECHT, Director, Sales and Marketing Globalscope Communications.
FY ‘08 NETWORK PLANNING TASK FORCE Fall Agenda Setting and Discussion
FCMAT Technology Recommendations Fil Duldulao Shawn Cabey David Flores Julienne DeGeyter.
Internet Service Provisioning Phase - I August 29, 2003 TSPT Web:
Extending Traditional Desktop Office Communication Systems Chuck Harden, System Analyst Nick Kwiatkowski, System Analyst.
ISC Networking & Telecommunications Migrating from Centrex to IP Telephony at Penn Deke Kassabian University of Pennsylvania.
IT Update Faculty Senate September 1, 2004 University of Houston Information Technology.
Network Background August Topics  Services  Connected Institutions  Architecture  Operations  Finances/Co-pay  Looking Forward  Services.
1 October 20-24, 2014 Georgian Technical University PhD Zaza Tsiramua Head of computer network management center of GTU South-Caucasus Grid.
Voice over IP Spring LNA Meeting April 1, What is Voice over IP? n A technology for transporting integrated digital voice, video and data over IP.
Current Job Components Information Technology Department Network Systems Administration Telecommunications Database Design and Administration.
+ -SIG Information Systems & Computing University of Pennsylvania June 27, /13.
1. 1. Overview: Telecommunications Project  Planning and implementation (2007-today) 2. Discussion: Proposal to Improve Infrastructure  Upgrade horizontal.
The University of Texas at San Antonio The Office of Information Technology Network Upgrade Overview.
1 Prepared by: Les Cottrell SLAC, for SLAC Network & Telecommunications groups Presented to Kimberley Clarke March 8 th 2011 SLAC’s Networks.
Technology Planning. Primary Elements Stakeholders Leadership team Needs assessment Technology components Work plan Budget Policies Evaluation.
EDUCAUSE & Internet2 Security Professionals Conference The Challenge: Securing a Large Multicampus Network Kirk Kelly – Pima Community College Scott Ferguson.
1 Second ATLAS-South Caucasus Software / Computing Workshop & Tutorial October 24, 2012 Georgian Technical University PhD Zaza Tsiramua Head of computer.
Top Issues Facing Information Technology at UAB Sheila M. Sanders UAB Vice President Information Technology February 8, 2007.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
1 NETWORK PLANNING TASK FORCE “ FY ’06 FALL SESSIONS ” 10/03/05.
LAN Switching and Wireless – Chapter 1 Vilina Hutter, Instructor
Np163 Dennis Baron, April 3, 2008 Page 1 VoIP at MIT Merit VoIP Seminar Dennis Baron April 3, 2008.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Introducing Network Design Concepts Designing and Supporting Computer Networks.
NPTF Planning Session 6 April FY ‘10 NPTF Members 2  Robin Beck, ISC  Michael Palladino, ISC (Chair)  Mark Aseltine /Amy Phillips, ISC  Gary.
STRATEGY SESSION SEPTEMBER 15, YEAR SECURITY DISCUSSION 1 NETWORK PLANNING TASK FORCE.
NPTF Strategy Session May FY ‘10 NPTF Members 2  Robin Beck, ISC  Michael Palladino, ISC (Chair)  Mark Aseltine /Amy Phillips, ISC  Gary Delson.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Introducing Network Design Concepts Designing and Supporting Computer Networks.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Help Desk Working at a Small-to-Medium Business or ISP – Chapter 2.
Information Technology Services Strategic Directions Approach and Proposal “Charting Our Course”
12/15/20031 Network Planning Task Force “Consensus Building: Final Rate Setting for FY ‘05”
1 ITS STRATEGIC INITIATIVES Ken Orgill Assistant Vice Chancellor, Information Technology Services and Campus Chief Information Officer.
NETWORK PLANNING TASK FORCE FY ‘08 Planning Session I 1.
“End to End VoIP“ The Challenges of VoIP Access to the Enterprise Charles Rutledge VP Marketing Quintum Technologies
Information Technology Support Services Focusing on our customers 1.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Planning a Network Upgrade Working at a Small-to-Medium Business or.
© 2003, Cisco Systems, Inc. All rights reserved. 2-1 Campus Network Design.
Strategy for Complex Networking, IT, & Telecommunication Decisions
Information Technology (IT) Department
Your Business Opportunity
About PennNet Redundant Gigabit Ethernet Core
Lecture6 Network Replacement
Creating a University IT Service Portfolio
Presentation transcript:

1 NETWORK PLANNING TASK FORCE September 20, 2004 FALL FY 2005 MEETINGS “OPERATIONAL BRIEFING”

2 MEETING SCHEDULE – FY ‘05 ■ Summer Focus Groups ■ July 19 ■ August 2 ■ August 16 ■ Fall Meetings ■ September 20 Operational Briefing (Non-financial) ■ October 04 Operational Discussions (Financial) ■ October 18 Strategic Discussions ■ November 01 Strategic Discussions ■ November 15 Strategic Discussions ■ November 29 Strategic Discussions ■ December 6 Consensus/Prioritization/Rate Setting

3 NPTF FALL ’05 MEMBERS ■ Mary Alice Annecharico / Rod MacNeil, SOM ■ Robin Beck, ISC ■ Chris Bradie/Dave Carrol, Business Services ■ Chris Field, GPSA (student) ■ Cathy DiBonaventura, School of Design ■ Geoff Filinuk, ISC ■ Bonnie Gibson, Office of Provost ■ Roy Heinz / John Keane, Library ■ John Irwin, GSE ■ Marilyn Jost, ISC ■ Deke Kassabian / Melissa Muth, ISC ■ Doug Berger/ Manuel Pena, Housing and Conference Services ■ Robert Helfman, Budget Mgmt. Analysis ■ Dominic Pasqualino, OAC ■ Kayann McDonnell, Law ■ Donna Milici, Nursing ■ Dave Millar, ISC ■ Michael Palladino, ISC (Chair) ■ Dan Shapiro, Dental ■ Mary Spada, VPUL ■ Marilyn Spicer, College Houses ■ Steve Stines / Jeff Linso, Div. of Finance ■ James Kaylor, CCEB ■ Ira Winston / Helen Anderson, SEAS, SAS, School of Design ■ Mark Aseltine/ Mike Lazenka, ISC ■ Eric Snyder*, Vet School ■ Brian Doherty*/John Yates*, SAS ■ Richard Cardona*, Annenberg ■ Dan Margolis, SEAS(student) ■ David Seidell, Wharton * New Members

4 NPTF FY ’05 Progress to Date ■ Challenged and reaffirmed NPTF process. ■ Refreshed NPTF principles. ■ Updated FY ’05 – ’09 planning assumptions. ■ Prepared 5 year N&T budget. ■ Held 3 summer focus groups and many 1-1 meetings with schools/center computing directors to gather customer feedback. ■ Set the Fall Agenda.

5 Today’s NPTF Agenda: Operational Briefing ■ Major progress ■ Telecommunications ■ Internet/Internet II/ Bandwidth management ■ Next Generation PennNet ■ Security

6 Major Progress Last 12 Months ■ Customer Service ■ Improved web site content for several of our major services, including, wireless, voice and rates pages. ■ Worked with PennTIPs team to offer weekly ticket reports to major customers (some already receive these; the rest will shortly). ■ Developed POBOX customer survey to assist team in service improvement planning. ■ Promoted wireless service to Penn community through marketing, public relations contacts, and new wireless icon. ■ Presented PennNet maintenance SLA at IT Roundtable ■ Provided total networking costs and IP usage by school/center for multiple years.

7 Major Progress (Continued) ■ Network Infrastructure ■ Southern NAP (MOD 5) fully operational. ■ Gig routing core, beginning to discuss 10Gig. ■ Fast Ethernet (100 Mbps) to buildings 99% complete. ■ Gig (1000 Mbps) backbones in buildings 90% complete. ■ 98% of closet electronics 10/100 Mbps. ■ Netflow data collection pilot successful. ■ Built out of band network. ■ Work with router vendor, Foundry, to correct bugs. ■ Ran 3 month intrusion-detection pilot. ■ Making purchase this week.

8 Major Progress (Continued) ■ Services ■ Cellular programs with ATT Wireless and Nextel. ■ Centralized wireless authentication. (Nearly 100%) ■ Subsidized public wireless IP addresses. ■ Virus scanning for POBOX. ■ Spam filtering for POBOX. ■ Akamai content delivery. ■ Elimination of SSNs (from PennNames, websec and POBOX). ■ High profile video events such as May 2004 commencement and March 2004 Neuroscience conference ■ Video conference interviews with Chinese PhD candidates

9 Major Progress (Continued) ■ Emerging Services ■ Cross-state fiber link from the Pittsburg Supercomputing Center to MAGPI to facilitate access to National Lambda Rail. ■ Desktop video conferencing. ■ Enterprise instant messaging. ■ Current VoIP pilot within N&T integrated / voic . ■ Integrated , instant messaging and video conferencing. ■ Enterprise authorization services. ■ Cross-realm (inter-institution) authorization.

10 Major Progress (Continued) ■ Operational efficiencies ■ Fiber ring replaced MAN services from Yipes and PECO. Keeps local loop costs level as bandwidth demands increase for Internet/Internet2. ■ Bandwidth management techniques in College Houses (solidified with SLAs) continue to be effective. ■ Lowered voice systems expenses by $100k. ■ Dropped several full-time and part-time contractors. ■ Insourcing some job functions as we collapse voice, data and video operations and prepare for converged services. ■ Lower Internet, LD rates with Qwest. ■ Developed SALT application to identify the wallplate location of activity attributed to an IP address. ■ Beginning discussions to extend fiber ring and telecom hotel contracts.

11 Telecommunications Strategy ■ Short Term ■ Investigate several options for capturing shrinking telephone revenues. ■ Doing two revenue-sharing contracts (Nextel & AT&T) ■ Received lower-cost LD rates through RFP ■ Extend Verizon contract at same or lower rates for three years (November ’07) ■ Do not invest heavily in aging voice infrastructure. ■ Investigate several options for enhancing voice service. ■ VoIP SIP as an application on PennNet (Broadsoft) ■ VoIP SIP as an application on PennNet (open source) ■ VoIP Centrex ■ Other outsourced voice service providers ■ As part of their pilots, evaluate all aspects of the new service, technical, financial, facilities preparedness, administrative, support, security, etc.

12 Telecommunications Strategy (Continued) ■ Mid term (1-3 years) ■ Complete all network readiness work. ■ NGP (enhanced capacity, reliability, redundancy) ■ Upgrade electronics ■ Prepare staff and customers for transition. ■ Offer VoIP pilots in College Houses and elsewhere. ■ Offer softphone pilot of VoIP in College Houses for FY ‘06

13 Telecommunications Strategy (Continued) ■ Long term (5-7 years) ■ Campus-wide deployment of VoIP with all associated services including: ■ Unified messaging ■ “Follow me” features (Presence) ■ Enhanced ACDs ■ Video picture phone calls ■ Softphones

14 Internet Strategy ■ Multiple Internet Service Providers with diverse paths and national backbones. (2 ISPs Qwest and Cogent) ■ Presence at 401 N. Broad Street in the Telecom Hotel to rapidly switch ISPs, obtain additional bandwidth and lower local loop costs. (100 SF) ■ Reliable and redundant fiber ring from 401 N. Broad to main campus. (Five-year lease of fiber ring using DWDM technology.) ■ Sufficient Internet capacity to meet current and future needs. (Infrastructure/ISPs are capable of 2000 Mbps.)

15 External Connectivity – All

16 Internet Strategy (Continued) ■ Maintain peering links with ISPs. (Direct links to DCAnet and Comcast; talking with Verizon.) ■ Continue to provide cost-effective service for Penn Community. ■ Continue experimentation with low-cost providers.

17 Bandwidth Management Current Status ■ Bandwidth management techniques in the College Houses are successful. ■ Upper limits on aggregate outbound usage (255Mbps) ■ Maximum outbound bandwidth limits per IP address (400Kbps with a 400 KB burst) ■ The limits on residential Internet traffic play a major role in controlling costs.

18 Bandwidth Management – Next Steps ■ Improve our ability to identify traffic patterns, heavily used applications, most demanding users and quick Information Security incident response. ■ Use this information to help in the evaluation of service. ■ To business and research/education users ■ To residential users

19 Internet Usage August – September 2004

20 Internet2 Usage August – September 2004

21 Next Generation PennNet (NGP) ■ Goals ■ Current status ■ Strategy ■ Future plans

22 NAP Area Map Area 5 Area 4 Area 1 Area 3 Area 2 VAGELOSNAP VAGELOS NAP Huntsman Hall NAP Nichols House NAP MOD 5 NAP NAP be Determined NAP Site to be Determined

23 NGP Goals ■ Distribute routing core across campus to minimize single point of catastrophic network failure. ■ Build redundant network links between the Network Aggregation Points (NAPs) and critical buildings. ■ Upgrade 20 year-old multi-mode fiber and install single-mode fiber to prepare for multi-Gigabit network speeds. ■ Build Next Generation PennNet infrastructure to prepare for future technologies and convergence. ■ Provide “cutting-edge” network connectivity to support Penn’s research, academic and administrative needs.

24 NGP Current Status ■ Vagelos, Huntsman and MOD5 NAPs fully operational. ■ Strategic conduit installed by partnering with non-NGP construction projects. (Locust Walk, Spruce Street, Levine, Hillel, Huntsman, Vet Building, Life Sciences etc.) ■ Distributed and redundant routers, servers and systems in Vagelos, Huntsman, MOD5, College Hall and 3401 Walnut. ■ Redundant connectivity for 3401 Walnut, FB, VPL, College Hall, Facilities/OCC at Left Bank and Public Safety at 4040 Chestnut to insure business continuity.

25 NGP Current Status (Continued) ■ Northern NAP site selected. Design completed and construction to begin in November. ■ Searching for a Western NAP location ■ All Area 1 buildings linked to Vagelos NAP. ■ Catastrophic failure reduced from 2 weeks to 2 days for Area 1 buildings. ■ Working on redundancy plans for Huntsman and MOD5 buildings. ■ Ultimately all campus buildings will have redundancy

26

27 NGP Future Plans ■ Build single-mode fiber links connecting MOD5, Huntsman, Vagelos and Northern NAPs. (May ’05) ■ Build and begin operating Northern NAP. (May ’05) ■ Locate, design and construct Western NAP. (May ’05) ■ Design/build fiber links to connect all buildings to NAPs. (FY ’06 depending on resources) ■ Design/implement redundancy to all campus buildings. (FY ’06 depending on resources) ■ Install single-mode fiber to all buildings. (FY ’10 or as needed, depends on resources)

28 Security Strategies Current Status ■ Implement a multi-layered security-in-depth architecture consisting of: ■ Host security ■ Security out-of the box - Done ■ Patch management, anti-virus, strong passwords - Done ■ Network authentication and authorization – Bluesocket wireless authentication and authorization done ■ Anti-virus - Ongoing ■ Firewalls - Open ■ Intrusion detection – 3 month pilot. Purchase pending. ■ Improved incident response processes - Ongoing

29 Security Strategies Current Status ■ Provide tools and resources to empower LSPs to implement these policies ■ Patch management service - Campus SUS Service implemented, Patch Management Training 10/2003, Patch Management Eval Group, SUG Panel Discussion ■ Personal and workstation/server firewall and VPN standards – Partially done: Extensive support, documentation and communications provided for Windows firewall. ■ VLAN Support - 2/2004 SUG session on VLAN service ■ Antivirus tools for large mail servers – In Progress ■ Education and training Patch Management Training 10/2003, IIS Training 6/2004, Suggestions/Topics for 2004?

30 Security Strategies Current Status ■ Support for VLAN network topology for fee in support of local firewalls. – 2/2004 SUG session on VLAN service ■ Support for short-term filtering on edge routers for problematic services. – Consulted “NPC Lite” for one instance of filtering and for a Fall, 2004 contingency plan. Added rate limiting to our tool set: less of a blunt tool than blocking a port outright. ■ Virus scanning on POBOX. – Done. What is applicability to other campus mail servers? ■ Campus-wide and focused, critical host vulnerability scanning and reporting. – During August-September, focus has been on Resnet/Greeknet. Broader, campus-wide scans starting this week.

31 Security Plans/Near-term ■ Implement a PennNet host security policy mandating patch management, anti-virus software and strong desktop/server passwords. - Done ■ Take proposals to NPC & IT Roundtable for intrusion-detection and campus-wide virus scanning. - Open ■ Help leverage virus scanning service for other campus servers. ($5 per account per year) - Open ■ Identify vendors/consultants who can assist with implementation of local firewalls on a for-fee basis - No interest expressed yet.

32 Security Plans/Near-term (Continued) ■ Improve notification and disconnect/reconnect processes ■ Develop tools to rapidly associate wallplates with IP addresses. – Done ■ Improved assignments accuracy and support quick lookups – Partially Done – quick lookups. ■ Reduce the number of unregistered IP addresses – Found 450. Notifications in progress. ■ Targeted deployment of PennKey authenticated network access in College Houses, GreekNet, Library and other public spaces. – In progress ■ Research ways of ensuring security of newly connected machines: – In progress ■ Vulnerability scan of machines as they connect to PennNet ■ Network authorization: Ability to block infected/vulnerable machines based on MAC address

33 Security Plans/Medium-term ■ Improved security on Fall Truckload disk images – Done ■ Pursue volume discount pricing for patch management software as appropriate based on the recommendations of the patch management evaluation effort – 2003 Eval Team – Open ■ Evaluate and recommend model server and workgroup firewall policies. – Planned for this year. ■ Recommend standard VPN and firewall software. – Planned for this year. ■ Determine if ISC should operate a centrally managed firewall service. – Open. ■ Develop a migration strategy and cost proposals to move towards campus-wide network authentication on both the wired and wireless networks. –In progress. ■ After policy is accepted, pilot Intrusion-detection. – In progress.

34 Security Plans/Long-term ■ Implement campus-wide authentication (PennKey) on both the wired and wireless networks. ■ Evaluate a network design and migration strategy that better balances availability against security, and capable of supporting broader intrusion detection and firewalling.