Presentation is loading. Please wait.

Presentation is loading. Please wait.

Internet Access Service Case Study 2012 Presenter: Peter Kurtz, Manager Network & Communication Services Information & Communication Technology Services.

Published byHillary Richards Modified over 9 years ago

Similar presentations

Presentation on theme: "Internet Access Service Case Study 2012 Presenter: Peter Kurtz, Manager Network & Communication Services Information & Communication Technology Services."— Presentation transcript:

1 Internet Access Service Case Study 2012 Presenter: Peter Kurtz, Manager Network & Communication Services Information & Communication Technology Services

2 Overview  Drivers for Change  Project Governance  Change Management  Internet Quota Recommendation  The ITO  Implementation  Internet Routing Solution  Network Design  New IAS Features  GU Developed Enhancements  How did we know it worked?  What’s Next ?

3 Drivers for Change  Old Netcheck system hardware & software EOL  Netcheck system could not scale o Student Nos expected to increase 35,000 to 40,000 by 2013-14 o Internet usage expected to increase by 50% over next 5 years o Major insourced IT services expected to move to the cloud  Internet Client experience could be improved o Staff and students have to manually login/off using web interface o Students can only top up their usage at the Library Cashier o Student and Staff can only obtain basic usage details  Call Accounting & Directory System EOL

4 Project Org Structure  Governed by a project board with the IT Director as chair »Members included: AD Infrastructure, Client Rep (IT Fac), Service Desk Rep, Project Manager, Service Manager, AD Identity and Authentication »Project Board met once per month and required  Project Team was responsible for implementation »Members included: Proj Mgr, BA, CM, Service Mgr, Tech Lead, Net Eng, SW Eng, Billing Administrator »Weekly Meetings  Evaluation Group »Members included: Proj Mgr, Service Mgr, AD Security, Senior Finance Officer, Tech Ref Grp Chair, Client Ref Grp Chair, Client Rep Research  Technical Ref Group – 10 members, formed as required  Client Ref Group – 12 members, formed as required

5 Change Management  Draft CM & Marketing Plan was developed  Feedback mechanisms from clients: o Student surveys o Staff focus workshops, and meetings etc  Important issues were identified from feedback: o Quota model could be improved o Wireless configuration needs to may easier o Faster Access and Log in process o Single Sign On  Marketing and Info Sharing Activities o Service name change competition o Posters in library and student labs o Student market days – Lollipop o Staff focus workshops, and meetings etc

6 Internet Quota Options  Existing quota based on enrolled subjects o Under-Grad/Post 0.5/0.75 GB for 40 credit points o 10-20% of students will go over quota o Usage fits within AARNet usage allowance  Monthly Student Quota – 1.2GB o Double existing avg quota o 5-15% of students will go over quota o Best case usage will fit in AARNet usage allowance o Worst case 10TB over @ $2 = extra $20K pa  Unlimited Quota o 0% of students will go over quota o Best case usage will fit in AARNet usage allowance o Worst case could cost up to $250K extra for 1 st yr

7 Quota Recommendation  Monthly Quota (1.2GB), instead of quota based on credit points o No student cohort will be worse off than credit point system o Easy to provision, easy to support, No complex quota calculation o No rollover monthly model that mirrors home ISPs o Heavy internet users contribute by purchasing additional quota o Self supporting (including VC’s current contribution) financially viable model  Service Limiting o Changed from blocked to shaped (64Kbps)  Adopt AARNet off Peak Access for Staff and Students o From 9pm to 7am weekdays students and staff all Internet traffic will be free  Reduce No User Types o Easier to support and easier for students to understand

8 ITO - Top Customer Requirements 1.Seamless Internet access using multiple access methods (802.1X / Web) over different OS (Windows, Mac and Linux) 2.Automate quota threshold notifications for client groups 3.Provide a unified billing package for voice/data services 4.Self Help portal to provide online quota purchases 5.Display real time usage details online and via email 6.Shape access where Internet quota has been exceeded 7.Provide voice and data billing reports to users and supervisors

9 ITO - Top Tech & Support Requirements 1.Handle and process Internet traffic at speeds of 10G+ 2.Support AARnet's Internet charging model (on-net, off-net and off-peak) 3.Inspect & identify Internet traffic down to the protocol level – multicast & IPv6 4.IAS solution can be deployed behind a load-balancing solution (F5 BigIP LTM) 5.Open Standards - APIs and MIBs for integration with GU NMS 1.Be available 24hrs a day, 7 days a week 2.Account for Internet traffic in the event of a disruption 3.Support regular updates of the underlying operating systems 4.Vendor support resources within Australia 5.Well established troubleshooting, escalation & problem resolution

10 The ITO  Invitation to Offer (GU009/10) provision of Internet Access Service  Issued in Oct 2010, 50 companies interested in ITO  Short listed 3 Respondents  Thorough evaluation process  Negotiations entered into with one integrator for supplying Cisco hardware and Obsidian’s Billing System  GITCv5 contract signed with Dimension Data in 4 th August 2011

11 Why Cisco / Obsidian?  TCO Very Competitive: Capital & Maintenance support Important if Griffith heads down open Internet access path  Cisco SCE proven 10GB capability in the University environment  Integrated Data and Voice Billing System  Seamless Login for all devices  OS clients were not required for all devices – Windows, Mac etc  Self service functionality all available from existing front end  Completely web front end for management and report generation  Australian company for software  Develop value adds such as iPhone application  Accept code enhancement / changes from customers

12 Implementation Plan Mammoth scope – divided in to manageable phases  Phase1 – Replacement Critical features for start of Semester »New SCE »New plan for students – Shaped & Free hours »Self service portal (usage, top sites visited etc.)  SNMP+.1x auto login  Phase 2 – Differentiators »Integration with printing account for quota top up »Credit card top up capability »Additional management reports & Alerts »Enable JAWS capability  Phase 3 – Value Adds »Real time staff usage monitoring (no urls) for Managers »App for iphone, anroid and blackberry »Public WIFI

13 IAS System Design Network Design redundant SCEs, 1 x 10G, 1 x 1G, NAT Wireless

14 Internet Access Methods Wireless Login using Radius Accounting packet -> Jet Active Directory Login using SNMP Trap packets -> Jet Captive Portal Web Login -> Jet

15 Service Control Engine 10G Capable Throughput Rate limit users and protocols Detailed Usage reports Current Bug with IPv6

16 SCE Performance Test With AARNet’s help we were able to push Griffith Internet Link to over 7Gbps

17 GU System Enhancements AD (SNMP)  Griffith uses SNMP Authentication traps from AD to facilitate an automated network level internet access system log-in when a user authenticated to AD DHCP Logout  Microsoft SNMP traps are not able to accurately determine when a user is no longer authenticated through AD. To overcome this Griffith uses Syslog notification form its Infoblox DHCP appliances to A custom services API interface to log out a user from the internet access system when their DHCP lease expires. SOE log-out executable  To further ensure a user has the correct session when logging in Griffith runs a small 13Kb native windows application that does a JSON call the the API server requesting the current user to IP address mapping form the Cisco Subscriber Manager. If the local IP/user mapping does not match the the user is logged out from the Internet Access System and a captured portal log-in page is then used to authenticate the user.

18 GU System Enhancements Cont’ Radius Caching Daemon  GU Wireless network regularly has over 5500 concurrently connected users  When users roam need to they re-authenticate to the Wireless LAN controllers  These radius requests were heavily overloading the IAS radius service.  To overcome the issue Griffith developed a c++ radius caching daemon that sits between the Radiator service and the IAS radius service.  The process effective holds radius Alive and Stop request for a period of time. (currently 1 hour) if a new start or alive is intercepted the counter for that sessions in restarted.  If no packets arrive to update the session then a log-out is sent to the Internet Access Service. The caching daemon reduced the amount of packets being sent to the IAS radius servers by 80%.  The daemon also works around a few bugs in the current Cisco controller code where radius packets are sent in the wrong order. We are working closely with Cisco to resole the issue. “All enhancements written by Dale Blakemore”

19 Internet Usage - My Account  Internet Quota usage and charges  Detailed Internet usage showing URL history  Internet application (protocol) usage report

20 My Account for Students  Online Credit Card Purchases  Online Credit Transfers  Email alert at ‘200MB quota remaining’  Email alerts at ‘No quota remaining’

21 Administrative Reports Top Users report Protocols usage reports Dollar and GB usage by Departments Managers can view staff dollar and MB usage

22 Example Jet Report

23 Griffith App

24 IAS App – net quota Internet Usage, Student Quota top up

25 Open Day - Griffith Public WiFi GU Open Day 12/08/12 Free WiFi for new students WiFi across all campuses From 8am to 3pm First time at Griffith  No of unique devices: 349  No connections: 1058  Data downloaded: 6.5 Gb  Avg session time: 25 min

26 Where are we now?  2011 Student Enhancements »Faster Access & Increased quotas (from 450M to 1.2G per month) »No longer cut off when you have used up your quota (Rate limiting) »Free off-peak downloads on weekdays »My Internet Account: online self-service  Now in 2012 »More free downloads - extended off-peak hrs 5pm-8am + weekends »Immediate quota top ups - Library Lending Counter, any campus »Credit Card top ups »Able to transfer money for quota from copying & printing accounts »Temporary Internet Accounts Access 1-7 days

27 Did it work? New IAS system launched in September 2011 155% Increase in off net in May 2012

28 AARNet Bench Mark Graphs Off Peak Traffic increased by 300% since launching the Internet Access Service in Sept 2011 Griffith is well placed by only using 55% of the AARNet off-net (charged) traffic allowance Griffith is also taking advantage of AARNet’s unmetered traffic service

29 VC’s Report to Council – June 2012 http://www.griffith.edu.au/__data/assets/pdf_file/0011/417557/vc-council-report-june-2012.pdf

30 Student Feedback - IAS  Internet Access Quota doesn’t run out  Speed is good for downloads  Auto log in to the Internet saves time  Just click the website, access is great

31 Issues & Lessons Learnt  Project delayed because Integrator misplaced the SCE order  Project delayed because extra scope added »Separate Internet Access Accounting Solution for QIBT »Some (1000) active directory login usernames did match Griffith S Numbers  Project delayed because Obsidian Project Management & buggy code / QA Testing  Under specified the number of concurrent users »This caused service outages

32 Internet Content Filtering Implemented in Dec 2010 Combined Webwasher system proxy service Used McAfee Web Gateway – WG5500 Had performance problems

33 Whats next?  Commission Public WiFi Service for conferences  Jet System performance enhancements »Captive portal speed increase »64bit OS Upgrade for Jet Servers  Quota Review – Unlimited Downloads  New Project – On-line Phone and Mobile Billing  Replace Active Directory Login with Wired Dot1X

34 Service Review - Controlled Access vs Open Access  Benefits of Controlled »SCE ability to report and control usage based on a user »Charging for traffic per user puts a value on the traffic and therefore staff/students are more likely not to miss use downloads. »Supervisors can manage staff usage »Research + high downloads are encouraged to be done out of hours before 8am after 5pm. This helps spread the traffic load. »Long term this means AARNet will charge less »QIBT could not have been done with out an accounting system  Disadvantages or forecasted cost of Open Access »Current revenue from staff and student top ups is lost »Increased staff usage »Increased student usage »Extra Internet infrastructure – costs over 5 years

35 Investigate impact of Unlimited Quota Current usage is %55 of 124GB quota @ 1.2GB If the student quota opened up expected usage could be 70%-110% AARNet Internet Usage Allowance 124GB

36 Projected Usage Models

37 Questions?

Download ppt "Internet Access Service Case Study 2012 Presenter: Peter Kurtz, Manager Network & Communication Services Information & Communication Technology Services."

Similar presentations

Inter WISP WLAN roaming

Inter WISP WLAN roaming
www.dynamicsoft.com Fall VoN 2000 SIP for IP Communications Jonathan Rosenberg Chief Scientist.

Fall VoN 2000 SIP for IP Communications Jonathan Rosenberg Chief Scientist.
Using the Self Service BMC Helpdesk

Using the Self Service BMC Helpdesk
 What Is Desktop Virtualization?  How Does Application Virtualization Help?  How does V3 Systems help?  Getting Started AGENDA.

 What Is Desktop Virtualization?  How Does Application Virtualization Help?  How does V3 Systems help?  Getting Started AGENDA.
29 Oded Moshe, Director of Product Management Beta Release May 3rd, 2010 Official Release May 24, 2010.

29 Oded Moshe, Director of Product Management Beta Release May 3rd, 2010 Official Release May 24, 2010.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Cisco NAC Guest Server Guest Access - Simplified Tim Wellborn SE Sangeeta.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Cisco NAC Guest Server Guest Access - Simplified Tim Wellborn SE Sangeeta.
Hands-On Microsoft Windows Server 2003 Networking Chapter 7 Windows Internet Naming Service.

Hands-On Microsoft Windows Server 2003 Networking Chapter 7 Windows Internet Naming Service.
By: Alena Newcomb.  What is a WI-FI hotspot?  Wireless Local Area Network location that provides broadband Internet access.  Use of laptops, PDA, or.

By: Alena Newcomb.  What is a WI-FI hotspot?  Wireless Local Area Network location that provides broadband Internet access.  Use of laptops, PDA, or.
Juniper Bridge Ltd | Suite 5, Crescent House | Yonge Close, Eastleigh | Hampshire SO50 9SX 0845 683 6966 | |

Juniper Bridge Ltd | Suite 5, Crescent House | Yonge Close, Eastleigh | Hampshire SO50 9SX | |
Introduction <Header Title> Last saved: YYYY-MM-DD

Introduction <Header Title> Last saved: YYYY-MM-DD
Grow Your Business with the Mitel Applications Suite PSG Networks Mitel Business Partner.

Grow Your Business with the Mitel Applications Suite PSG Networks Mitel Business Partner.
Implementing Unified Messaging Joseph Blanchard Joseph Mancuso S. Paul Petroski.

Implementing Unified Messaging Joseph Blanchard Joseph Mancuso S. Paul Petroski.
SMS Gateway OZEKI NG Document version: v.1.0.0. Adding SMS functionality to SysAid.

SMS Gateway OZEKI NG Document version: v Adding SMS functionality to SysAid.
Copyright © 2002 ACNielsen a VNU company Key Features and Benefits of the 3CX PBX for Windows Server.

Copyright © 2002 ACNielsen a VNU company Key Features and Benefits of the 3CX PBX for Windows Server.
SATERN for Supervisors May 2006. Session Objectives At the end of the session, participants will be able to:  Describe the benefits of SATERN.  Log.

SATERN for Supervisors May Session Objectives At the end of the session, participants will be able to:  Describe the benefits of SATERN.  Log.
1 © 2006 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Using the Cisco Technical Support & Documentation Website for Security.

1 © 2006 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Using the Cisco Technical Support & Documentation Website for Security.
Deploying Chromebooks RICK NICHOLAS A.

Deploying Chromebooks RICK NICHOLAS A.
IPv4 TO IPv6 TRANSITION AND INTEROPERABILITY FOR TELECOM SERVICE PROVIDER Business Problem In today’s environment of growing connectivity where almost.

IPv4 TO IPv6 TRANSITION AND INTEROPERABILITY FOR TELECOM SERVICE PROVIDER Business Problem In today’s environment of growing connectivity where almost.
Accompanying notes to presentation What you need to know This presentation is part of the Art of connecting. There are four themes in total, each with.

Accompanying notes to presentation What you need to know This presentation is part of the Art of connecting. There are four themes in total, each with.

Similar presentations

Ads by Google