Telecommunications and Network Integration - PowerPoint Presentation

Slide1

Telecommunications and Network Integration

Slide2

Telecommunications

Slide3

About Us

11 Principal Academic Units

Degree Students: 21,229

Tuition, Room, Board and Fees (2010/2011): — $50,724

Faculty: 2,100 + 10,000 Acad.

Appts

in Teaching Hospitals

Buildings: 682Campus Environment includes 2 cities – Cambridge/BostonAcres: 4,979Cable Plant: 56 MilesEndowment: $24.7 billion (2008)

3

Ivy Plus - May 2011 -SR

Slide4

Telecommunications Current State

(FY10)

Centrex

, 5ESS:

30K lines

Octel

Aria 350: 16.5K boxesFTEs: 45.53Service activity: M/A/C 8.9K ordersRepairs 3.1KOperator Calls: 152KACD (I3): 254 licensed Agents/18 Groups 2.6MLD: Quest; usage minutes:

30M minutes local & LD Wired Jacks: 59K

Miles of fiber: 56

Cellular

Orders: 2,187 (VzW only)

ENS: 20.2K subscribers/26.1K Building Phones

4

Ivy Plus - May 2011 -SR

Slide5

Video Network

IPTV provided using HaiVision Furnace IPTV

University Networks 95% Multicast Enabled

20 live channels; 12 trialing Comcast cable TV

Recent upgrade to HD version 5.8.0; purchasing 4 HD encoders

Now adding second video capability with Cisco Digital Media Manager & Cisco CAST

Video services include surveillance, digital signage

Satellite download station (4 dish) upgraded to all digital; one dish dedicated to MTVuTwo stream webcast capability; REAL Networks, Akamai, LimelightLive streamed events for FY11: 220Plans underway to add cable TV over IPTV to undergrad houses as they are renovated

5

Ivy Plus - May 2011 -SR

Slide6

TelePresence

13 CTS units now installed at locations across campus

20+ more in planning stage

Full call recording option now available

Multipoint call capability

Full legacy system interoperability

Desktop conferencing pilot underway using MoviDistance learning trials using Movi very successful Harvard uses the I2 and the RNE Exchange (hosted by NLR) for Off Campus Calls Off campus conferences regularly scheduled Concern: Level of engineer support required for off-campus VIP conferencesUpdated video website:

http://video.uis.harvard.edu/

6

Ivy Plus - May 2011 -SR

Slide7

Highlights

Transition Program activity

Admin. Mgmt. System RFP process completed; PAETEC Pinnacle (FY12)

Voice mail replacement(FY12)

DAS/ Cellular - Ongoing

ENS Enhancement

Video core expansion

Emergency PhonesTEM7Ivy Plus - May 2011 -SR

Slide8

What’s Keeping us busy now?

New CIO 10/10

UCIO IT Transition process

Phase I - service catalog & organization target 6/15/11

Phase II – Implementation through FY 12

Voice mail replacement – RFP issued

TEM – FY 9-10 $550K / FY11 $57K savings

Centrex renewal (2/12)Financial model changesCellular – Provisioning, DAS, billing, policyHighway overpass rebuild – 16 conduits need re-routing

8

Ivy Plus - May 2011 -SR

Slide9

Future

Transition implementation

Next Generation Communication

DAS Strategy/Infrastructure

Cellular model – additional carriers/policies

Concentration on Academic video support; interactive classroom, infrastructure & services

Continue introduction of HD video communications and collaboration

Expand IPTV HD, signage, surveillance capabilities9Ivy Plus - May 2011 -SR

Slide10

Network Integration

Slide11

11

2010 Major Accomplishments

Formation of the University Network Services Group (UNSG)

Merger of UIS and FAS Network Service Teams

Increased efficiencies of scale by consolidating resources

Network Management and Alerting Systems

Network Infrastructures

Service Delivery Processes

University Primary Domain Name Service Architecture Upgrade

Replaced legacy BIND system architecture with

InfoBlox

Grid

Protection against cache poisoning attacks, internal/external zones

Increased operational resilience and security

Successful migrations of customer network services

HBS External Connectivity/Border Service

HDS Level 3 network support

Equipment Replacement/Wireless Support/Wiring Upgrades

HSPH Level 3 Network Support

Wireless Support/Redundant Border Connectivity

Integration of Harvard College Library network into FAS

Slide12

12

2010 Major Accomplishments (cont.)

Network Anomaly Detection Architecture Upgrade - qRadar

Network Traffic Anomaly Detection System/Traffic Forensics

Security Information and Event Management System

FWSM, FireEye, IDS, and DNS query log correlation

Implemented Wireless Networking Service Improvements

Tiered Captive Portal including 802.1x Supplicants and Visitor Access

Improved ID/PIN based Network Registration Portal using InfoBlox IPAM Grid

>8000 RESnet client system registrations this fall

Variable auto-deprovisioning

60 Oxford Street Data Center Upgrades

Nexus 5000/3750G Network Architecture

Slide13

Completed FAS “Edge” Project

30 month project to upgrade over 500 distribution and access LAN switches to modern hardware & software platforms.

Customer Benefit => Created stable edge access, eliminated edge access bottleneck (more bandwidth to the desktop), created a more scalable LAN environment which will meet growing requirements for Video etc…

Re-Architected FAS wireless network

Segmented traffic, moved access to RFC 1918 (10.X.X.X) address space, migrated ~2650 access points to controller based technology

Customer Benefit => reduction of contention, greater security and reduced meantime to repair (remote management)

13

2010

Major Accomplishments (cont.)

Slide14

14

Removing Artificial Borders

The Harvard University Network as

it

evolved over time was a collection of networks with borders between schools and departments

Slide15

15

Organization

Achievements:

Merger of two groups into one organization: University Network Services Group

Relocated 22 FAS staff

from

1414 Mass Ave to 60 Oxford St.

Training and integration of Operational staff into single triage team with expanded responsibilitiesImproved responsiveness to customer requests

Greater breadth and depth in support of all customersAdapting FAS ITIL-based Change Management process

Integration of NOC Triage into single ticketing system with queue management

Challenges:

Cultural integration

Skill-role alignmentAlignment of expectations and achievable results

TrainingProcess and best practices (e.g. ITIL)

Soft skills (management and team building, ABCs)

Network Integration

Slide16

16

Network Integration

Network Architecture

Consolidate two network infrastructures and organizations and reconcile financial models.

Impact/Benefit: Network simplification, improved network response, improved security, elimination of hardware, software, support costs and power savings.

Achievements:

Developed integration (short-term, ~18 mos.) architectural vision

Identified and went after quick wins

Implemented

infrastructure rationalization

Border

collapsed

Backbone

collapsed

Core network rationalization (single OSPF area 0)

Distribution and Access Layer rationalization to be done (moving to normal operations)Cost benefits being realized

Green benefits being realized

Challenges

Lack of well-articulated University technology vision

Funding model

Aligning/rationalizing service delivery models/cultures

UIS – Fee-for-service ISP

FAS – Centrally funded integrator, service and support provider

Unique needs (e.g. Research Computing)

Slide17

17

Network Integration

Critical Core Services

Critical Core Services refers to the fundamental infrastructure components such as DNS/DHCP and AutoReg, IP AM and DMCA support.

3 major project streams

Policy development,

Migration of FAS to InfoBlox,

Migrate AutoReg to open source and integrate with InfoBlox

Achievements:

Developed policy and processes to remediate FAS DNS/DHCP environment

Developed University DNS / DHCP policy

Developed communications plan and process to remediate “wild west” FAS DNS issues

Purge of legacy clients (~120,000 “stale” registrations)

Sunset legacy CNR platform

Migrated CNR DNS and DHCP to Linux eliminated dependency on Solaris



Adapted platforms and processes to support DMCA

Sunset FAS AD servers (consolidated into CNR)

Migration of AutoReg to open source, virtual platform (substantially complete)

Develop API integration with InfoBlox

Challenges:

Funding model

Legacy environment with many obscure unknowns (institutional knowledge is gone)

Next steps:

Migrate CNR to InfoBlox (June 18th)

Migration of UIS ResNet to AutoReg

Slide18

18

Network Integration

Network Management Platforms

These are the back-office tools that support network staff in provisioning, monitoring and managing end-user device, server platform and external connectivity and access.

The impact and benefits are consolidation to a reduced number of common tools and platforms and a single Network Operations Center (NOC)

2 major project streams

Streamline Network Management Systems (NMS) toolsets, anticipated complete October 2011

Roadmap developed to reduce from ~25 to ~15 tools

Achievements:

Developed eq naming standard

Implemented consolidated TACACS

Challenges:

Cultural/organizational behaviorNext steps:

Retire EMC Smarts, scale Splunk as MoM, retire Solarwinds

Slide19

19

Legacy UIS/FAS NMS Infrastructures

Slide20

20

UNSG IT Infrastructure Management Systems Planning

Slide21

21

Network Integration

Network Support

Network

Support

encompasses

the customer-facing support processes and tools. The impact and benefits to be realized under this track are common processes and tools supporting users and stakeholders of the University network infrastructure, leading to a single tier 2 Net Ops function.

Achievements:

Developed guiding principles for integrating and streamlining two disparate escalation processes from two Tier 1 support organizations to one Tier 2 support organization

Improved communications content and processes

Change notifications

Outage notifications

Improved support of ResNet users with notification of impending MAC expirationDeveloped interim

Incident and Request processes and linked ticketing toolsChallenges:

Resistance to changeAbility to integrate or link two Remedy platforms

Next steps:Roadmap to fully integrated processes and toolsA single tier Help Desk or Service Desk function

Slide22

22

Network Integration

Network Services

This refers to optional and specialized network services such as VPN.

Achievements:

New VPN infrastructure with ID/PIN LDAP authentication

Migrated FAS VPN tunnels (realms) to new infrastructure

Migrated users to HUID/PIN authentication

Migrated tunnel (realm) management to NOC Portal (self service)

14 Tunnels migrated, 5 Tunnels sunset

Upgraded FAS VPN clients to current level, consistent with UIS implementation

Standup separate new Research Computing VPN infrastructure

Challenges:

Legacy processes difficult to changeAlignment of user needs/expectations for auth .on VPN and capabilities of University LDAP and ID/PIN infrastructure

Next steps:Continue migration of VPN tunnels (realms) to new infrastructure

Sunset old VPN infrastructureSunset IPSec protocol

Slide23

23

Network Integration

Client Access Networks

2 Sub-projects

Wireless Access Points

Single wireless user experience across campus

Anticipated June 2011 (dependency on InfoBlox migration)

Achievements:

Migration of ~2600 FAS wireless access points to controllers

Integration of authentication between FAS and UIS (CAIT) areas

FAS and UIS (CAIT) users can access wireless in both areas

Migration of UIS (CAIT) wireless to MAC authentication instead of session based for improved ease of use

FAS Wireless team expanded to support FAS and UISCost savings

Improved responsivenessChallenges:

Fragmented ownership of wireless serviceHistory of permitting or promoting bad practices

e.g. open wireless used for University businessIP space availabilityDMCA compliance

Next steps:

Roadmap to full integration of wireless environments

Roadmap to next generation wireless

Slide24

Data Center Interconnect

Scale existing FAS BTI Optical network

Implement Layer 2 and Layer 3 adjacency between 60 Oxford St. and 1 Summer St, collapsing the FAS and UIS Gateways into one VSS.

Integration of Content Switch Services/ACE/Global Site Selector

10 GigE interconnect w/10 GigE Firewalls

24

Network Integration

Slide25

25

FY12 Planned Activity

Continued UNSG UIS/FAS Core Network Consolidation Initiatives

University Benefit => Cost effective delivery of University wide network services

Next Generation Wireless Architecture Planning

University Benefit =>Delivery of low latency, flexible, feature rich and user friendly wireless network services that takes advantage of current “best of breed” technology

High Performance Research Computing (HPRC)

Research Applications/Interconnection with other optical networks

300 Bent Street is the optical network aggregation point in NE

Holyoke MA Datacenter

University Benefit => Low latency, fault tolerant network connectivity supporting the University’s Research Computing initiatives

Ipv6 Readiness, Planning and Implementation

0000

:0000::/

32

Same

size as current IPv4 global address space…

University Benefit => Seemingly inexhaustible IP address space serving the University’s next generation networking requirements

10

GigE

Firewalls across University Core Network

University Benefit => University Core Network Firewall infrastructure with the capacity to manage ever increasing network traffic volume

Slide26

26

2012 Planned Activity

Optical Networking

Crucial multiplexing technology maximizes capacity of existing fiber plant

Extend Data Center and Research Computing connectivity and services

Enhance network management architecture design and capabilities

University Benefit => Cost effective way to deliver additional connectivity options and bandwidth

Capital Renewal Residence Hall Project (15 Undergrad bldgs over 10 yrs)

Kickoff: Old Quincy

Customer Benefit => Network construction planning, design and installation support for state-of-the-art academic network support

VRF Architecture Expansion

Provides separation of traffic and routing tables

Wireless, Multi-Tenant, Data Center, Sensitive traffic separation

End-to-End network traffic separation across shared networks – ANY traffic

Customer Benefit => Secure, flexible network traffic routing and targeted forwarding

Slide27

5/4/2011

27

Risks, Challenges, Opportunities

Risks

Managing operational effectiveness while balancing increasingly complex and demanding requirements

Security Challenges – vulnerabilities continue to increase

Building Systems Growth – demand for IP based services is growing

Datacenter resources – supply vs. demand

Challenges

Bandwidth supply vs. availability

Security

Building Systems on the IP network – uncertain demand

Network Management Tools for Troubleshooting, Automation – overhaul

User expectations for Mobile Networking (Wireless / Cellular )

Opportunities

Continue to be opportunistic in the Fiber, Commercial Bandwidth Market

Video solutions (Telepresence)

Leverage emerging network technologies (Building Systems, Video, Voice, Storage, Mobility, Optical, Cloud, Green Campus, Virtualization)

Continued IT Integration and Collaboration

Slide28

28

Harvard University IT Transition

Transition UIS and FAS IT to a new, cohesive, IT organization