Campus Networks
ICT continues to evolve at a fast pace, and expertise of the latest developments is key. By participating in working groups, seminars and workshops, IT engineers from the campus IT community are encouraged to share experiences for the benefit of the HE sector.
Focus Areas
Physical Infrastructure This area addresses the requirements for generic cabling systems on campus, both fibre and twisted pair. The requirements of the infrastructure in telecommunications and server rooms are also dealt with. This includes power supply, ventilation and cooling, and fire protection, as well as general Information and Communications Technology (ICT) room-plan guidelines. Recommendations for building an audio-visual (AV) infrastructure in lecture halls and meeting rooms are also covered. Virtualisation technologies also belong to this area.
|
Campus Networking This area deals with the campus network itself, and with the routers and switches as its basic building blocks. Requirements for both Layer 2 and Layer 3 are covered. Recommendations for a redundant design are given. Metropolitan area networking and virtual switching is covered. There is a particular emphasis on guidelines for implementing IPv6 on campus. Lightpaths on campus are also dealt with.
|
Wireless This area focuses on the wireless infrastructure on campus. Radio planning, design of the wireless network, security considerations, including the implementation of IEEE 802.1X are covered. eduroam requirements and Remote Authentication Dial-In User Service (RADIUS) setup are dealt with. Cookbooks for controller-based implementations are given. Legal aspects are examined.
|
Network Monitoring This area focuses on network monitoring of the campus network. General requirements and framework conditions for monitoring are given. NetFlow/ Internet Protocol Flow Information Export (IPFIX) analysis is covered. Security monitoring, anomaly detection and behaviour analysis are also dealt with. Particular considerations for IPv6 monitoring are given. References to a number of open source tools, many of which have been developed within the GÉANT community, are given.
|
Real-time Communications This area recommends infrastructures for real-time communications with an emphasis on open standards and Session Initiation Protocol (SIP) in particular. The infrastructure itself should be media transparent, coping with voice, video, messaging, document sharing, and presence. Particular focus is given to Voice over IP (VoIP) and IP telephony. Best practices from a number of NRENs in Europe are given. Security concerns are discussed and implementation solutions are recommended. Performance issues are also covered.
|
Security This area deals with security considerations for the campus network. A template for security policy is proposed, based on core principles, as defined in International Organisation for Standardisation / International Electrotechnical Commission (ISO/IEC) 27002. An ICT security architecture for higher education is recommended. Traffic filtering technologies are discussed and general applications are recommended. Adoption of digital certificates in a public key infrastructure (PKI) is covered. Secure Domain Name System (DNSSEC) is also dealt with.
|
Key recommendations (from EARNEST report 2006)
- Set aggressive replacement policies for network equipment with a maximum life expectancy of five years.
- Adopt institution-wide specifications for networking infrastructure, including elements controlled by departments of faculties.
- Ensure seamless end-to-end connectivity where a particular quality of service is required.
- Provide support and training for performance optimisation, especially to the research community.
- Adopt security measures that are appropriate for the purpose and do not hinder the effective use of the network.
- Establish an institution-wide security team with a high degree of independence.
- Provide the eduroam service to take advantage of mobility across Europe.