Network Planning Task Force Strategy Session
Download
Report
Transcript Network Planning Task Force Strategy Session
NETWORK PLANNING TASK
FORCE
1
STRATEGY SESSION
AUGUST 11, 2008
UNIFIED COMMUNICATIONS
WIRELESS
PROPOSED WIRELESS GUEST IP FUNDING MODEL
NPTF Meeting dates
2
February 18-Operational review (Completed)
April 21- Security strategy session (Completed)
July 21-Updates & planning discussions (Completed)
August 11- Strategy discussions
September 15- Security strategy discussion
October 6- Strategy discussions/preliminary rates (ADDED)
October 20- Strategy discussion
November 3- FY’10 Finalize rate setting
NPTF Fall Meeting Topics
3
September 15 (Dave Millar)
Security Strategy Discussion
October 6 (Deke, Mark, Mike)
Intrusion detection
Perimeter (Next Generation Arbor)
Local ID
NGP update-buildings with dual feed and single-mode fiber
NGP discussion-buildings planned for dual feed and single-mode fiber
Preliminary rates
October 20 (Jim Choate)
Strong Authentication
Central authorization
Secure file transfer
November 3 (Mike)
Finalize rate setting
4
Unified Communications Update
bringing many modes of
communications together
Agenda
5
Overview
Update on Email
Update on IM
Update on Voice over IP
Communicating Today
6
We accept artificial barriers in our
communication. Oddly, we think of it as natural.
Faxes are sent between two people, each with a fax
machine.
Telephone calls are made between two people using
telephones.
Email is sent from one person on a computer to
another.
We even spend time communicating about
communicating
Calling each other to arrange to send a fax
Sending email to set up a conference call
Instant messaging to set up a phone call, etc.
Unified Communications
7
Unified Communications is the idea that the
dividing lines may fade and even disappear.
By bringing together many forms of
communication, we can communicate naturally
and efficiently
Unified communications allows us to
Send email to another person’s fax machine
Have phone calls using PDAs or laptop computers
Move a conversation seamlessly from Instant
Messaging to a phone call to a video conference on
personal computers or high function handhelds
Many communications media
8
Email
Phone
Vid Conf
& Other
Fax
IM
Communications Unified
9
Voice
Presence
IM
Fax
Vid Conf
& Other
Email
Communications tools linked to each other,
and influenced by “Presence”.
Update on Email and IM
10
Exchange
Zimbra
Jabber
Exchange
11
In production since July 2007
10 servers comprising the Exchange service
Site replicated in Levy and Nichols campus
data centers
2,759 users, with over 480 using handheld
devices
Default user quota size is 250 MB (about 700
users have purchased higher disk quotas)
Exchange Service Features
12
Email, Calendar and Tasks in a unified interface
through Outlook, Entourage and Outlook Web Access
(Webmail)
POP and IMAP access for Penn’s supported mail
clients
Flexible addressing ([email protected],
[email protected])
Mobile device support for Blackberry and ActiveSync
250 MB base quota, with upgrades available to 1.75 GB
Account Management for LSP access to account
creation, quota changes, Blackberry provisioning,
account status query, etc.
Zimbra
13
A Replacement for the Pobox Classic service
Modern, open standards-based collaboration suite
Rolled out end of July 2008
8 servers comprising the Zimbra service
Site replicated in Levy and ModV campus NAPs
Soon 15,000 customers, many handheld devices
Default user quota size is 250 MB
Zimbra Service Features
14
Email, Calendar, Tasks and more in a unified web
interface
POP and IMAP access for Penn’s supported mail
clients
Calendar access via web, and through Mozilla and
Apple tools
Flexible addressing ([email protected],
[email protected])
Mobile device support for major handhelds
250 MB base quota, with upgrades available to 1.75 GB
Low price point of Pobox
Zimbra and Exchange will share calendar “free/busy”
time by end of CY2008.
Update on Instant Messaging
15
Penn operated IM service with local addressing
Based on open standard xmpp/jabber protocol
Identity assurance using PennKey
Data path and data storage protection and policy
Clients for MacOS and Windows. All can connect
to both campus Jabber servers and commodity
services like AIM and Yahoo Messenger
Pilot service ran for over a year
In production as of July 2008
Update on Voice over IP
16
VoIP overview
Verizon HIPC evaluation
Current PennNet Phone Deployments
Recent developments with PennNet Phone
Future PennNet Phone development plans
VoIP Overview
17
VoIP in worldwide communications
Major player in Long Distance / IXC service
Retail services like Vonage
SIP trunking services to enterprises
Enterprise VoIP options
Cisco Call Manager
Avaya and other vendor solutions
IP Centrex (such as Verizon HIPC)
Open source VoIP
Verizon Hosted IP Centrex
18
“Hosted” (not “managed”) service in Verizon
Network
Uses feature-rich Broadworks software
Local phone provisioning and configuration
management handled by enterprise
Back-end handled by Verizon
Verizon has only small deployments to date
Penn had a very mixed experience in a 90 day trial
Many good features
Others did not work as advertised or at all
Long delays to get phones into service
Some unexplained outages
Not a “full outsourced” solution. Penn would still have
significant costs and responsibilities
Over a year of joint development necessary before we
could roll it out widely on campus.
Decision made to stay with PennNet Phone only for now.
PennNet Phone Today
19
Production-grade, enterprise VoIP Services
Redundant servers, gateways and PRIs
24x365 monitoring and management
Single-line features, email/voicemail integration
911 support equal to traditional system
Location information able to be updated via web
Roughly 1,500 VoIP phones in full production
More than 80 LSPs involved today
PennNet Phone Topology
20
Features and Issues Web Pages
21
Current Features:
www.upenn.edu/computing/voice/voip/features/
Known Issues:
www.upenn.edu/computing/voice/voip/lsp/known_issues.html
Planned Features:
www.upenn.edu/computing/voice/voip/features/planned_features.
html
Recent Fixes and Coming Feature Releases
22
Recently fixed a long-standing Consultative Call
Transfer problem
Currently in test/pilot
Call Hunting
Forward on ring-no-answer
Forward on busy
Planned Feature Release
Bridged Line Appearance with Busy Indicator
Find me/Follow me
Set Ring Delay before voicemail
Direct transfer to voice mailbox
Voicemail
23
PennNet Phone uses the popular
voicemail
service from Digium
Asterisk is an open source project. Penn has
contributed code to the project to implement many
features important to our users
A very basic version is in use today with PennNet
Phone (about 1500 users)
A more feature rich version is available to pilot
users (about 150 users)
An advanced version is in internal testing, with a
very large set of Octel features.
Full unified messaging has been developed. When
you listen to your new voicemail through your email client, your message waiting indicator will
turn off!
Telephony at Penn Going Forward
24
Centrex remains the primary telephony
service to thousands of campus customers
today
PennNet Phone is the direction forward for
flexibility, application integration and
ultimately for cost management
The transition will take place over several
years
VoIP Handsets, Today and Tomorrow
25
Cisco 7940 and
7960 phones
today
Polycom 320,
550, 650 and
4000 coming
Cisco 7940
Polycom 320
Polycom 550 and 650
Polycom 4000
ISC Telecommunications (PennNet Phone)
26
FY09/Q1
Service
Enhancements
FY09/Q2
Next Generation
Ramp up
FY09/Q3
Next Generation
Rollout
Phone (Roadmap)
27
Next generation PennNet phone program resumes November 2008
ISC recommends to upgrade existing Cisco phones with Polycom phones
Larger rollout planned for January 2009
Lunch-time learning sessions planned for LSP(s); moving forward
quarterly sessions offered to communicate feature updates
ISC Telecommunications (PennNet Phone)
28
http://www.upenn.edu/computing/voice/
Polycom 320 – $3.00/month
• Alternative to traditional single-line
phones
Polycom 550 – $5.00/month
• Replaces Cisco 7940 phones
• More features at a lower cost
Polycom IP 4000 - $21.00/month
• Conference room phone service
ISC Telecommunications (PennNet Phone)
29
Polycom Features
Feature
Description
Speed Dial
Support an increased list of frequently dialed numbers
Ring Tones
Ring tone per telephone number; and ability to turn ring tone off
(silent ring) per telephone number
Drop One leg of 3way Call
Ability to drop the third leg of a conference call
Clear Call History
Ability to erase call history on phone without power cycling set
Manage contacts
on a phone
Save a number by name; and then search by name. Local
contacts database specific to the phone
DND, Hold and
Redial buttons on
set
Ease of use
Better Display
Higher resolution, back-lighting, etc.
ISC Telecommunications Support
30
Traditional Telephone and Voice Mail Service
e-mail [email protected] or call (215) 7466000
PennNet Phone and Voice Mail Service (Consult your Local
Support Provider)
http://www.upenn.edu/computing/voice/lsp/index.html
ISC Provider Desk
http://www.upenn.edu/computing/prodesk/
Wireless Update
31
Current Status
Wireless-PennNet Retirement on 06/30. Saved $180k/year.
o AirPennNet-Guest Network Operational July 1, 2008
Still designing and planning subnet IP ranges to provide scalability
and management
NOC will work with LSP’s to set IP ranges for AirPennNet and
AirPennNet-Guest Networks
o Consolidation of all Wireless Networks
AirPennNet expansion (SAS and SEAS buildings)
SAS work is complete for both AirPennNet and AirPennNet-Guest; AirSAS SSID
retirement week of 08/18/2008
SEAS has AirPennNet configured but still need to add AirPennNet-Guest (by end of
August)
o Total AP Count in Production: about 1300
o Recent Wireless Expansion Projects (Vet, NEB & Dental)
VET – AirPennNet-Guest has been added to NBC as of 08/04/2008
Dental Wireless covers 100% of their complex (space planned for
renovations)
Nursing at 50% with 90+% intended coverage once renovations are
completed within their construction schedule.
Wireless Update
32
Short Term Strategy
Enhance AirPennNet website to provide more information about the service
Coverage maps, FAQ, Technical information
Normal/standard operating mode in FY2009
Continue with wireless expansion per customer demand
Make no major changes or hardware upgrades to the current wireless
infrastructure
o Project to Evaluate Next Generation WLAN
Testing new controller-based architecture, 802.11n, and capabilities for real
time applications over wireless.
RFP drafted and submitted to 3 vendors (Cisco, Meru, Aruba)
Review Responses in Early Fall
Evaluations ending by end fall.
Vendor selection by 01/2009
Small Pilot (entire building) by 3Q FY2009
Purchase by end FY2009 for FY2010 deployment
o Design of Campus User Rapid/Self Service to Enable Guest Access
Early stages of discussion
Targeting end of FY2009 Pilot
Next Generation 802.11 Wireless
33
802.11b – first deployed at Penn in 2000-2001
11
Mb/sec data rate, 2.4 GHz spectrum
802.11a – first deployed at Penn in 2004-2005
54 Mb/sec data rate, alternate radio spectrum
802.11g – first deployed at Penn in 2004-2005
54 Mb/sec data rate, 2.4 GHz spectrum
“backwards compatible” with 802.11b
802.11n to be deployed at Penn in 2009
Higher data rates
over 100 Mb/sec possible in 2.4 GHz
over 300 Mb/sec possible in 5 GHz
Much
improved multi path handling
Wireless Authentication Evolution
34
Timeline
Wireless Security
2000
MAC address offline registration.
No security measures – didn’t scale, long delays and turn around.
2002
Bluesocket Gateway - https redirect page for authentication. Login
secure, but all other data vulnerable, single point of failure.
2005
802.1X AirPennNet authentication using EAP authentication with WEP.
2008
AirPennNet additionally supports WPA Enterprise authentication.
Added AirPennNet-Guest for legacy & guest use.
Future
WPA2 – full 802.11i standard. Full session strong encryption. Greatly
reduced vulnerability to a range of attacks (authentication , foraging,
replay, key collision, weak keys, packet foraging, bruteforce/dictionary attacks)
New Wireless Architectures
35
Possible controller based solution:
Streamline management – installations,
configurations, radio & power management
Cell based architectures may help with client roaming
decisions (less dropped connections)
Secure fast roaming (roaming from one AP to another
is handled per building and not autonomously)
May also help with real time application performance
Proposed Wireless Guest IP Funding Model
36
Goal : To enable proper IP ranges for AirPennNet and AirPennNet-
Guest, and to ensure use of AirPennNet as primary wireless
network
Key Concepts:
AirPennNet is strongly recommended as primary wireless network for
Penn faculty, staff, and students (security, speed, and availability)
AirPennNet-Guest was designed for visitors and for devices incapable of
supporting 802.1x. (network has restrictions and is less secure)
Policy: Previous Wireless-PennNet policies allowed for some
centrally subsidized IP addresses for public areas. AirPennNetGuest allows for visitors to roam to all areas of campus. Two
ranges of IP addresses for AirPennNet & AirPennNet-Guest make it
difficult to manage the IP ranges (i.e. costs) to a minimum.
Propose that 10% of IP range for AirPennNet networks be
subsidized for IP range in AirPennNet-Guest networks. Schools or
centers will pay for IP costs greater than 10% of AirPennNet IP
range.
Proposed Wireless Guest IP Funding Model
37
Cost impact to CSF FY’09
4041 IP’s assigned for Wireless-PennNet in FY’08.
10% cost of those IP’s equals 404 * $4.29 * 12 =
$20,798 per year.
Costs would be absorbed by ISC in FY’09
Potential cost impact to CSF FY’10
8000 IP’s assigned for AirPennNet projected
10% cost of those IP’s equals 800 * $1.67 * 12 =
$16,032 per year.
This cost could be added to the CSF for FY’10.