Transcript Choosing a Networking Product Vendor

UCT Campus Network Upgrade
Network Blueprint
University of Cape Town
supaTsela PIC
14 July 2005
Current network: risks and deficiencies
• Outdated and hard to update
– Uneven mix of technologies including legacy connectivity
– Cannot deploy new services required by UCT quickly enough
• Difficult and costly to manage
– Does not conform to a standards-based model
– Staff time is spent reactively on support and maintenance
• Cannot be properly secured
– Security incidents cause significant downtime
– Lack of structured security policies to govern network access
– Unmanaged switches and hubs cannot be properly secured
• Not sufficiently reliable
– Lack of fault tolerance - no redundancy on the backbone
PIC 2005-07-14
-2-
Network design methodology
As-is
Traffic
Analysis
Business
workshops
Network
design
Migration
plan
• As-is network documentation: extensive information gathered on
access ports, cabling, services, environmental conditions
• Network traffic analysis: traffic flows and volumes baselined
• Business requirements: discussions held with major UCT
business units; information gathered via a questionnaire
• “To-be” network design
• Phased migration plan: the future network will be built alongside
the existing network with a gradual conversion of users
PIC 2005-07-14
-3-
To-be design: layered network model
• Three main building blocks: core, distribution
and access layers
• User workstations connect to access layer
switches
• Access switches in turn connect to distribution
layer switches which act as aggregation points
• The core layer provides for connectivity
between the data centres
PIC 2005-07-14
-4-
Upper Campus
Subnet 137.158.a.a
L2 Backbone for Residences
L3 Campus Backbone
SAN physical connection
To be
design:
core
CISCO DS-PAA
ETHERNET
1/2G FC
100M -
- 1G
STATUS
PORT ANALYZER ADAPTER
LINK
SPEED
Si
iv
ity
ct
ch
an
ne
l
co
nn
e
N
bi
tE
th
er
SA
–
LX
e
-G
ig
a
as
LX
e
as
B
00
Ba
se
LX
-G
ig
a
bi
tE
th
er
l
ne
an
ch
10
00
er
th
tE
bi
00
B
10
a
ig
-G
l
ne
an
h
c
LX
10
e
0
LX
as
100M -
e
B
ETHERNET
1/2G FC
as
00
10
CISCO DS-PAA
0B
a
ig
-G
er
th
ti E
b
10
Core
Catalyst
6513
ch
an
ne
l
- 1G
STATUS
PORT ANALYZER ADAPTER
LINK
SPEED
1000Base LX - Gigabit Etherchannel
Si
Core
Catalyst
6513
Si
Core
Catalyst
6513
1000Base LX - Gigabit Etherchannel
Middle Campus (Bremner)
Subnet 137.158.b.b
!"§==Systems===
Customer:
Country:
Technology:
Medical School
Subnet 137.158.c.c
University of Cape Town
South Africa
Core
Author:
Date:
File:
Dean Young
Monday, June 06, 2005
VisioDocument
To-be design: four building models
Type
A
Size
Large
B
Large
C
D
Medium
Small
Users
> 400
Remarks
• provides alternate network routes in
the event of a data centre failure
• mini server farms connected at
1Gbps to provide for distributed
services.
200 – 350 • small number of servers connected
via 1Gbps Ethernet.
100 – 200 • few or no servers
1 - 100
• cost effective model
Number
5
26
19
58
• provides for network access speeds
of 100Mbps to the desktop
PIC 2005-07-14
-6-
To-be design: wireless
• Provision made for about 30 secure wireless
hotspots on all campuses.
• Locations determined based on
– questionnaires returned
– information from P&S about open access areas
PIC 2005-07-14
-7-
Future proofing
• The new design has the capacity to incorporate
new technologies in the future and at additional
cost
• The most likely future technologies for possible
implementation at UCT were analysed:
– IP Telephony
– Voice over IP (VOIP)
– IPV6
– Content Networking
– IPTV
PIC 2005-07-14
-8-
As-is and to-be compared
As-is
To-be
• Outdated
• Fully switched network infrastructure with
enhanced performance and throughput
• Hard to update
• Capacity for future growth and technologies
• Difficult and costly
to manage
• Pro-active central management to resolve
problems and reduce costly downtime
• Cannot be
properly secured
• Managed switches from a single vendor that
have enhanced security features
• Not sufficiently
reliable
• Enhanced availability through managed
network components and redundancy.
The new design supports consistent service-level improvements in
networking services across campus.
PIC 2005-07-14
-9-
Blueprint scope exclusions
• Internet bandwidth
• 1Gbps connectivity to the desktop
– The design model allows for this
– It has not been included in the budget
– The additional costs of such connectivity will be for
the account of the user
• Issues addressed by the NIR workstream, but
not part of the blueprint:
– WAN (Wide Area Networking) links
– Cabling within and between buildings
– Residences
PIC 2005-07-14
- 10 -
Recommendations:
• That PIC approve implementation of the UCT
Campus Network Renewal and Upgrade as per
the recommendations contained in the Network
Blueprint document and associated documents.
• That PIC note and approve the revised budget in
respect of the Network Upgrade in Academic
and Administrative Buildings.
PIC 2005-07-14
- 11 -
UCT Campus Network Upgrade
Proposal to contract with TSystems as the Implementation
Partner
University of Cape Town
supaTsela PIC
14 July 2005
T-Systems as a partner in Phase 1
of the Network Implementation
• T-Systems overall performance was satisfactory
• Their technical competence and performance
was good
• We have established a good working
relationship with the T-Systems team
To switch to another partner for Phase 2
(implementation) of the Network Renewal would
result in significant delays, could be more
expensive, and does not appear justified in view
of the comments above.
PIC 2005-07-14
- 13 -
Proposed scope of work for TSystems (in conjunction with UCT)
• Implementation of Network Management Systems
(CiscoWorks and HP OpenView Network Node Manager)
• Implementation of Cisco Access Control System
• Implementation and testing of a pilot network which will
include the full core layer and the distribution and access
layers for a Model-A Building (Commerce) and a Model-B
building (Menzies) as a B-model and the HSF Lab in
Anatomy as an A-model at Medical School
• Development of the Migration templates
• Full Rollout of the Core Layer and all the Distribution
Layer in Model-A Buildings together with the first two
Model-B Buildings
• A quality assurance role throughout the network rollout
PIC 2005-07-14
- 14 -
Recommendations:
• That T-Systems be awarded a contract to
provide services as per the scope definition in
the previous slide.
• That the supaTsela Project Team be authorised
to negotiate the cost of this contract up to a
maximum value of R 750,000 + VAT (current
indications are that it will be substantially less
than this).
PIC 2005-07-14
- 15 -
UCT Campus Network Upgrade
Proposal to contract with
T-Systems for the Maintenance of
the Network Core Switches
University of Cape Town
supaTsela PIC
14 July 2005
Cisco Shared Support Program
(CSSP)
• CSSP is an offering through which Cisco and
channel partners provide technical support to
customers
• CSSP must be purchased on all products at time
of order
• CSSP can selectively be renewed in the second
year and onwards
PIC 2005-07-14
- 17 -
Benefits of Cisco Shared Support
Program
• Online access to Cisco technical support
• Access to software upgrades and bug fixes
• Best effort warranty replacement through
partner
PIC 2005-07-14
- 18 -
T-Systems’ Maintenance Proposal
• Objective
Provide UCT with a hardware maintenance contract
for mission critical hardware components.
• Benefits
- Minimum client network downtime
- Fixed cost budgeting in an unpredictable
environment
- Spares holding facility
• Service Overview
A Platinum Service Level Agreement with a
Guaranteed Mean Time To Restore (GMTTR) of 4
hours
PIC 2005-07-14
- 19 -
Recommendations:
• That UCT should contract with T-Systems for the
maintenance of the Core layer equipment.
• That the supaTsela Project Team be authorised
to negotiate the cost of this contract up to a
maximum value of R 600,000. This is based on
15 months of a monthly paid three year contract
at $1=R7.5.
• That UCT should hold stock of the Access and
Distribution layer equipment to provide for rapid
replacement of any defective equipment.
PIC 2005-07-14
- 20 -
x
x
x
PIC 2005-07-14
- 21 -
x