network planning task force · nptf 2014 schedule university of pennsylvania - network planning...

University of Pennsylvania

Network Planning Task Force

November 10, 2014

Deke Kassabian [email protected]

NPTF Membership

Daniel Alig / Joe Cruz, Wharton

Charles Buchholtz, SEAS

Lena Buford / Tejash Patel, Annenberg

Cathy DiBonaventura, School of Design

Brian Doherty, SAS

David Domico, SRFS

John Eckman, Housing Services

Mike Herzog / Didi Sariyska, GSE

Andre Jenkins / Michael Morris / Robert Colligon, PSOM

Victoria Iannotta / Marilyn Jost, FRES

Sue Kennedy, Business Services

David Kern, Public Safety

Kay McDonnell / Christine Droesser, Law

Grover McKenzie, Library

Donna Milici / Sam Smith, Nursing

Melissa Miller / Jared Venezia, Dental

Dominic Pasqualino, OACP

Smith Ragsdale / Brian Sherman, VET

Joseph Shannon, Finance

Mary Spada, VPUL

Marilyn Spicer, College Houses

Michael Weaver, Budget Mgmt. Analysis

Ira Winston, SEAS, Design

ISC Representation

Deke Kassabian, ISC (Chair)

Mark Wehrle, ISC

Jim Choate, ISC

Josh Beeman, ISC

Michel van der List, ISC

Mark Aseltine / Amy Phillips, ISC

Gary Delson / Geoff Filinuk, ISC

University of Pennsylvania - Network Planning Task Force 2

NPTF 2014 Schedule


July 21st Information Security Update

September 8th Network & Server Infrastructure (other than wireless)

October 13th Wireless, Identity & Access Management, & Penn+Box

November 10th Next Gen WWW, Yammer, & Working through FY16 Rates

Today’s Agenda

Remaining Topics

• Next Gen WWW

• Yammer

Review of FY15 NPTF Content

FY16 Rate Setting, including optional elements


Remaining Topics

Next Gen WWW.UPENN.EDU

Status of current WWW

Current hardware platform is aging

Keeping up to date with software modules is difficult on a shared platform

• Not all tenants hosted on the platform are able to move at once

Many hosted sites now have more advanced requirements

• Need for fully managed CMS

• Need for scaling

Static content hosting still works well

6 University of Pennsylvania - Network Planning Task Force

Next Gen WWW.UPENN.EDU

Next Gen WWW

ISC will:

• Continue to host content where that makes sense

• Partner with Schools & Centers interested in migration to Web SaaS vendors

• Redirect connections as needed from WWW.UPENN.EDU to Web SaaS vendors

• Develop skill set for support assistance with AWS and other PaaS services


Project ButtonUP

Goals

• Improved collaboration and productivity for subscribers

• Reduced costs for the University of Pennsylvania

Executive Sponsors

• Jeff Fahnoe, Mike Herzog, Ira Winston, Tom Murphy

Project Owners

• Warren Petrofsky, Deke Kassabian

Project Managers

• Dawn Augustino, Joe Cruz

• Search in progress for an additional PM

More than 60 campus IT partners actively involved in the project


Yammer - Status


Microsoft has announced that Yammer is included with Office 365 Education E1 and E3 at no additional charge

Yammer is not in scope for the ButtonUP project

If the ButtonUP project chooses Office 365, Yammer would be available for social networking

Pending decisions by the ButtonUP project, our plan is to charge a separate campus-wide Common Solutions team to pursue testing and piloting Yammer once ButtonUP has a suitable O365 environment in place

CSF dollars saved will be made available for FY16 expenses, and are shown in the financial discussion on a later slide

Review of FY15 NPTF Content

Review - Information Security

July NPTF:

The Penn Institutional Risk Committee (IRC) was formed to identify top areas of potential risk to the University, and determine how to focus University resources on evaluating and mitigating those risks

Information Security and the challenge of a decentralized IT environment was identified as the inaugural topic for the IRC

Update: 18 recommendations are being proposed in a report that will be finalized Q2, FY15


Review - Next Gen PennNet

September NPTF:

Provided 10x increase on core bandwidth to 100 Gbps, and 100 Gbps connectivity to Internet2

Provided 10 Gbps connectivity to most building entrance routers and closet switches

Completed a major upgrade of wireless controller infrastructure

Built dedicated 100 Gbps Science DMZ


Review - Network Arch & Security

September NPTF:

Kicked off a campus team, led by Brian Doherty of SAS and Mark Wehrle of ISC, to pursue new approaches to Network Architecture and Security

Team is developing practical proposals in support of IRC, as well as long-term possibilities for networking at Penn


Review - Server Infrastructure

September NPTF:

Recent refresh of campus DNS, DHCP, NTP, Kerberos and RADIUS servers

Common features include: • Higher capacity, smaller/cheaper hardware

• Modern software versions

• Substantially increased throughput

• Simplified administration

Also significantly expanded SafeDNS pilot and announced plans to move to production in early 2015


Review - Wireless

October NPTF:

Almost 3,800 wireless access points deployed, with

coverage in 215 of 283 Penn buildings with PennNet

Increasing support for newest wireless standard 802.11AC

Strong growth in the number of wireless network users,

number of devices per user, and total data handled

Majority of deployed APs are reaching end of life. Options

for next generation APs will be considered in FY16


Review - Identity and Access Management

October NPTF:

ISC is studying its current approach to IAM and considering changes to improve service

A cross-ISC team recommends the creation of an IAM Advisory Board involving stakeholders from across Penn

The team also recommended revisiting the reporting lines for ISC IAM staff to better coordinate efforts


Open Discussion on Topics Covered in FY15 NPTF


NPTF Financial Content

FY’15 CSF Bundle of Services

Campus Backbone Infrastructure

Internet and Internet2 access

Rate limits on ResNet

IPv6, Multicast, and Advanced Networking

Public Wireless Subsidy

Cap on billable wireless IPs

NAP Operations/Fiber and Cable Management

NOC Services and Network Management

Penn's Main Web and Central Pages

Online Directory and LDAP access

Classlists and SMTP Mail Relay

University Calendar Service

Infrastructure Software Services

• DNS, DHCP, NTP

Penn+Box Storage & Collaboration

Enterprise InCommon Certificate Service

Enterprise Social Networking

Security/ID Management

Kerberos, KITE, RADIUS

Penn WebLogin (CoSign and Shibboleth)

The InCommon Federation

Authorization (Penn Groups)

PennNames and Penn Community Services

Wireless Authentication & Support

NetReg

DNSSEC

Vulnerability Scanning

Security Tools, Education, and Response

PennKey School Support

PGP Whole Disk Encryption LSP Support

XpressConnect

Enhanced AirPennNet Guest Services

Intrusion Detection System

SafeDNS


19

Many N&T Rates Held Constant

ISC will hold most N&T published rates

constant for FY16

• Port Charges

• Wireless Access Point monthly charges

• Telephony rates

• Email

• Video Outlets

CSF Rates will change in FY16



ISC will hold many N&T published rates constant for FY16

Port Charges

• 10Base-T $4.75/month



• 10 GbE $80.00/month


Wireless Access Point monthly charges

• Access Point $25.75/month

• AP Port Rental and Maintenance $4.75/month


ISC will hold many N&T published rates constant for FY16

Telephony rates

• Lines and Equipment – http://www.upenn.edu/computing/isc/networking/rates/voice/telephone.html

• Local and Long Distance – http://www.upenn.edu/computing/isc/networking/rates/voice/longdistance.html

Email rates – http://www.upenn.edu/computing/isc/networking/rates/data/email.html

Video rates – http://www.upenn.edu/computing/isc/networking/rates/video/outlets.html

– http://www.upenn.edu/video/pvp/costs.html


http://www.upenn.edu/computing/isc/networking/rates/voice/telephone.html






http://www.upenn.edu/computing/isc/networking/rates/voice/longdistance.html

http://www.upenn.edu/computing/isc/networking/rates/voice/longdistance.html

http://www.upenn.edu/computing/isc/networking/rates/data/email.html



http://www.upenn.edu/computing/isc/networking/rates/video/outlets.html

http://www.upenn.edu/computing/isc/networking/rates/video/outlets.html

http://www.upenn.edu/video/pvp/costs.html

http://www.upenn.edu/video/pvp/costs.html

Unanticipated Costs

Increasing Web Costs

Home page and other prominent Penn content

moving to cloud-based web hosting provider

This move enables advanced web content

management features

Net cost increase of $61,500/year


Unanticipated Costs

Increasing SafeDNS Costs:

Original SafeDNS proposal involved more basic on-

campus infrastructure

Current design, now actively in pilot for thousands of

users, is higher performance and more reliable, and

carries a higher annual operating cost

Net cost increase of $26,000/year


Unanticipated Savings

Savings on Internet Services:

Improved rates negotiated for FY16

Net cost decrease of $30,000/year


Savings on RADIUS project:

Vendor costs were kept below expected levels

Net decrease of $16,000/year

Savings on Penn+Box

Signed new agreements (ECA and BAA) in the summer of

2014

New annual cost eventually going up by 25%

3-year prepay defers cost increase until FY18

Actually achieved a small cost reduction for FY16 & FY17

Net decrease of $5,800/year (until FY18)


New Storage Rate for Penn+Box

One additional benefit of the new Box ECA is the doubling of available

storage as mentioned at NPTF in October

With increased capacity and downward price pressure from consumer cloud

services, we propose a substantial drop in supplemental storage charges

Proposal: Reduce supplemental storage charges by 60%

• $20 for 500 GB per month (dropping from $50 for 500 GB)

Penn+Box, an enterprise service with enterprise support and data

protections, comes at higher cost than commodity cloud storage but this

proposed reduction gets it closer in price:


Google Drive Apple iCloud Dropbox Penn+Box 500 GB $10 $10 $10 $20.00

1 TB $10 $20 $10 $40.00

FY16 CSF – Baseline


Based on FY15 CSF funding requirements, and keeping all costs

but salaries constant, a 3% salary increase on lines of business

increases the CSF funds required by 1.72%

Total FY15 CSF Approved $8,083,336

Total FY16 Baseline including 3% Staff Salary component $8,222,257

% Increase 1.72%

FY16 CSF – Increases and Savings


Increases are more than offset by reductions and savings to result

in a net change in CSF funding required of 1.21%

Total FY15 CSF Approved $8,083,336

Total FY16 Baseline including 3% Staff Salary component $8,222,257 % Increase 1.72%

Additional Savings and Unplanned Costs

Increase in Web costs $61,500 0.748%

Increase in SafeDNS costs $26,000 0.316%

Ongoing savings from Yammer $(26,000) -0.316%

One time savings for FY16 on Yammer from FY14-15 $(50,750) -0.617%

Savings on Internet Charges $(30,000) -0.365%

Reduction in Box costs $(5,800) -0.071%

Reduction in RADIUS project costs $(16,000) -0.195%

Subtotal of FY16 CSF plus non voting changes $8,181,207 1.21%

FY16 CSF – Items for NPTF Input


NPTF input is requested for three items that would

impact CSF funds required for FY16:

Subtotal of FY16 CSF plus previous slide changes $8,181,207 1.21%

Proposed Voting Changes Impact on CSF

Option 1 - Aruba CPPM $42,000 0.51% 1.73%

Option 2 DAS - Consultant for Basic Assessment $80,000 0.98% 2.20%

Option 3 DAS - Full Campus Survey and Recommendations $300,000 3.67% 4.92%

Aruba CPPM Notes

Allows for broadcast/multicast containment on AirPennNet

Provides automated segmentation of screen sharing and associated client devices on wireless networks

Enables use of “AirGroup” on a per building basis.

Current controller OS and CPPM will enable support for technologies requiring broadcast/multicast

• Brio

• Apple ZeroConfig protocols such as AirPlay, AirPrint, AirTunes

Upgrading controller OS will enable additional device support for DLNA standards compliance for Universal Plug and Play to support:

• Chromecast

• Miracast


Aruba CPPM Questions

Do we need CPPM with the new AppleTV?

• The new AppleTV supports AirPlay discovery over Bluetooth from iPads and iPods. CPPM would still be needed for AirPlay from laptops and desktops.

What about other technologies used for this, such as Brio. Is CPPM needed?

• CPPM allows broadcast/multicast traffic, needed by these devices, to be used AirPennNet.

• CPPM enables Brio (and similar technologies).


DAS

Motivation: High total cost associated with independent DAS installations on a per-building or project basis

DAS IT integrator Assistance

• Working with Penn staff resources from DPS, FRES, ISC

• 1st DAS Option: Basic assessment – provides assessment and strategy/recommendation only

• 2nd DAS Option: Physical cell RF survey based on campus space at a price per sq/ft. leading to accuracy in needs assessment and cost models


Next Steps

• Recommendations from NPTF go to ISC Vice

President and CIO Tom Murphy for initial review

• ISC Vice President takes recommendations to Provost

and EVP for final review and approval

• Final rates are published soon after in The Almanac


Acknowledgements

• Mark Aseltine

• Jeff Ballentine

• JoDe Beitler

• Stacey Carlin

• Jim Choate

• Jeff Edwards

• Geoff Filinuk

• Gary Delson

• Peter Heverin

• Deke Kassabian

• Sarah Katz

• John O'Brien

• Greg Palmer

• Charles Rumford

• Mark Sirota

• Eric Snyder

• Michel van der List

• Mark Wehrle

• Peggy Yetter

Thanks to everyone who contributed to the Fall 2014 NPTF presentations:


network planning task force · nptf 2014 schedule university of pennsylvania - network planning...

Documents