Download File
Upcoming SlideShare
Loading in...5

Download File






Total Views
Views on SlideShare
Embed Views



0 Embeds 0

No embeds



Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

Download File Download File Presentation Transcript

  • NPTF Meeting dates
    • February 18-Operational review (Completed)
    • April 21- Security strategy session (Completed)
    • July 21-Updates & planning discussions (Completed)
    • August 11- Strategy discussions
    • September 15- Security strategy discussion
    • October 6- Strategy discussions/preliminary rates (ADDED)
    • October 20- Strategy discussion
    • November 3- FY’10 Finalize rate setting
  • NPTF Fall Meeting Topics
    • September 15 (Dave Millar)
      • Security Strategy Discussion
    • October 6 (Deke, Mark, Mike)
      • Intrusion detection
        • Perimeter (Next Generation Arbor)
        • Local ID
      • NGP update-buildings with dual feed and single-mode fiber
      • NGP discussion-buildings planned for dual feed and single-mode fiber
      • Preliminary rates
    • October 20 (Jim Choate)
      • Strong Authentication
      • Central authorization
      • Secure file transfer
    • November 3 (Mike)
      • Finalize rate setting
  • Unified Communications Update bringing many modes of communications together
  • Agenda
    • Overview
    • Update on Email
    • Update on IM
    • Update on Voice over IP
  • Communicating Today
    • We accept artificial barriers in our communication. Oddly, we think of it as natural.
      • Faxes are sent between two people, each with a fax machine.
      • Telephone calls are made between two people using telephones.
      • Email is sent from one person on a computer to another.
    • We even spend time communicating about communicating
      • Calling each other to arrange to send a fax
      • Sending email to set up a conference call
      • Instant messaging to set up a phone call, etc.
  • Unified Communications
    • Unified Communications is the idea that the dividing lines may fade and even disappear.
    • By bringing together many forms of communication, we can communicate naturally and efficiently
    • Unified communications allows us to
      • Send email to another person’s fax machine
      • Have phone calls using PDAs or laptop computers
      • Move a conversation seamlessly from Instant Messaging to a phone call to a video conference on personal computers or high function handhelds
  • Many communications media Email Phone Vid Conf & Other Fax IM
  • Communications Unified Email Voice Vid Conf & Other Fax IM Presence Communications tools linked to each other, and influenced by “Presence”.
  • Update on Email and IM
    • Exchange
    • Zimbra
    • Jabber
  • Exchange
      • In production since July 2007
      • 10 servers comprising the Exchange service
      • Site replicated in Levy and Nichols campus data centers
    • 2,759 users, with over 480 using handheld devices
    • Default user quota size is 250 MB (about 700 users have purchased higher disk quotas )
  • Exchange Service Features
    • Email, Calendar and Tasks in a unified interface through Outlook, Entourage and Outlook Web Access (Webmail)
    • POP and IMAP access for Penn’s supported mail clients
    • Flexible addressing ( [email_address] , [email_address] )
    • Mobile device support for Blackberry and ActiveSync
    • 250 MB base quota, with upgrades available to 1.75 GB
    • Account Management for LSP access to account creation, quota changes, Blackberry provisioning, account status query, etc.
  • Zimbra
      • A Replacement for the Pobox Classic service
      • Modern, open standards-based collaboration suite
      • Rolled out end of July 2008
      • 8 servers comprising the Zimbra service
      • Site replicated in Levy and ModV campus NAPs
    • Soon 15,000 customers, many handheld devices
    • Default user quota size is 250 MB
  • Zimbra Service Features
    • Email, Calendar, Tasks and more in a unified web interface
    • POP and IMAP access for Penn’s supported mail clients
    • Calendar access via web, and through Mozilla and Apple tools
    • Flexible addressing ( [email_address] , [email_address] )
    • Mobile device support for major handhelds
    • 250 MB base quota, with upgrades available to 1.75 GB
    • Low price point of Pobox
    • Zimbra and Exchange will share calendar “free/busy” time by end of CY2008.
  • Update on Instant Messaging
    • Penn operated IM service with local addressing
    • Based on open standard xmpp/jabber protocol
    • Identity assurance using PennKey
    • Data path and data storage protection and policy
    • Clients for MacOS and Windows. All can connect to both campus Jabber servers and commodity services like AIM and Yahoo Messenger
    • Pilot service ran for over a year
    • In production as of July 2008
  • Update on Voice over IP
    • VoIP overview
    • Verizon HIPC evaluation
    • Current PennNet Phone Deployments
    • Recent developments with PennNet Phone
    • Future PennNet Phone development plans
  • VoIP Overview
    • VoIP in worldwide communications
      • Major player in Long Distance / IXC service
      • Retail services like Vonage
      • SIP trunking services to enterprises
    • Enterprise VoIP options
      • Cisco Call Manager
      • Avaya and other vendor solutions
      • IP Centrex (such as Verizon HIPC)
      • Open source VoIP
  • Verizon Hosted IP Centrex
    • “ Hosted” (not “managed”) service in Verizon Network
    • Uses feature-rich Broadworks software
    • Local phone provisioning and configuration management handled by enterprise
    • Back-end handled by Verizon
    • Verizon has only small deployments to date
    • Penn had a very mixed experience in a 90 day trial
      • Many good features
      • Others did not work as advertised or at all
      • Long delays to get phones into service
      • Some unexplained outages
      • Not a “full outsourced” solution. Penn would still have significant costs and responsibilities
      • Over a year of joint development necessary before we could roll it out widely on campus.
      • Decision made to stay with PennNet Phone only for now.
  • PennNet Phone Today
    • Production-grade, enterprise VoIP Services
      • Redundant servers, gateways and PRIs
      • 24x365 monitoring and management
      • Single-line features, email/voicemail integration
    • 911 support equal to traditional system
    • Location information able to be updated via web
    • Roughly 1,500 VoIP phones in full production
    • More than 80 LSPs involved today
  • PennNet Phone Topology
  • Features and Issues Web Pages
    • Current Features:
    • Known Issues:
    • Planned Features:
  • Recent Fixes and Coming Feature Releases
    • Recently fixed a long-standing Consultative Call Transfer problem
    • Currently in test/pilot
      • Call Hunting
      • Forward on ring-no-answer
      • Forward on busy
    • Planned Feature Release
      • Bridged Line Appearance with Busy Indicator
      • Find me/Follow me
      • Set Ring Delay before voicemail
      • Direct transfer to voice mailbox
  • Voicemail
    • PennNet Phone uses the popular voicemail service from Digium
    • Asterisk is an open source project. Penn has contributed code to the project to implement many features important to our users
    • A very basic version is in use today with PennNet Phone (about 1500 users)
    • A more feature rich version is available to pilot users (about 150 users)
    • An advanced version is in internal testing, with a very large set of Octel features.
    • Full unified messaging has been developed. When you listen to your new voicemail through your e-mail client, your message waiting indicator will turn off!
  • Telephony at Penn Going Forward
    • Centrex remains the primary telephony service to thousands of campus customers today
    • PennNet Phone is the direction forward for flexibility, application integration and ultimately for cost management
    • The transition will take place over several years
  • VoIP Handsets, Today and Tomorrow
    • Cisco 7940 and 7960 phones today
    • Polycom 320, 550, 650 and 4000 coming
    Cisco 7940 Polycom 320 Polycom 550 and 650 Polycom 4000
  • ISC Telecommunications (PennNet Phone)
  • Phone (Roadmap)
    • Next generation PennNet phone program resumes November 2008
    • ISC recommends to upgrade existing Cisco phones with Polycom phones
    • Larger rollout planned for January 2009
    • Lunch-time learning sessions planned for LSP(s); moving forward quarterly sessions offered to communicate feature updates
  • ISC Telecommunications (PennNet Phone)
  • Polycom Features ISC Telecommunications (PennNet Phone) Feature Description Speed Dial Support an increased list of frequently dialed numbers Ring Tones Ring tone per telephone number; and ability to turn ring tone off (silent ring) per telephone number Drop One leg of 3-way Call Ability to drop the third leg of a conference call Clear Call History Ability to erase call history on phone without power cycling set Manage contacts on a phone Save a number by name; and then search by name. Local contacts database specific to the phone DND, Hold and Redial buttons on set Ease of use Better Display Higher resolution, back-lighting, etc.
  • ISC Telecommunications Support
    • Traditional Telephone and Voice Mail Service
    • e-mail [email_address] or call (215) 746-6000
    • PennNet Phone and Voice Mail Service (Consult your Local Support Provider)
    • ISC Provider Desk
  • Wireless Update
    • Current Status
        • Wireless-PennNet Retirement on 06/30. Saved $180k/year.
      • AirPennNet-Guest Network Operational July 1, 2008
        • Still designing and planning subnet IP ranges to provide scalability and management
        • NOC will work with LSP’s to set IP ranges for AirPennNet and AirPennNet-Guest Networks
      • Consolidation of all Wireless Networks
        • AirPennNet expansion (SAS and SEAS buildings)
          • SAS work is complete for both AirPennNet and AirPennNet-Guest; AirSAS SSID retirement week of 08/18/2008
          • SEAS has AirPennNet configured but still need to add AirPennNet-Guest (by end of August)
      • Total AP Count in Production: about 1300
      • Recent Wireless Expansion Projects (Vet, NEB & Dental)
        • VET – AirPennNet-Guest has been added to NBC as of 08/04/2008
        • Dental Wireless covers 100% of their complex (space planned for renovations)
        • Nursing at 50% with 90+% intended coverage once renovations are completed within their construction schedule.
  • Wireless Update
    • Short Term Strategy
        • Enhance AirPennNet website to provide more information about the service
          • Coverage maps, FAQ, Technical information
        • Normal/standard operating mode in FY2009
        • Continue with wireless expansion per customer demand
        • Make no major changes or hardware upgrades to the current wireless infrastructure
      • Project to Evaluate Next Generation WLAN
        • Testing new controller-based architecture, 802.11n, and capabilities for real time applications over wireless.
        • RFP drafted and submitted to 3 vendors (Cisco, Meru, Aruba)
        • Review Responses in Early Fall
        • Evaluations ending by end fall.
        • Vendor selection by 01/2009
        • Small Pilot (entire building) by 3Q FY2009
        • Purchase by end FY2009 for FY2010 deployment
      • Design of Campus User Rapid/Self Service to Enable Guest Access
        • Early stages of discussion
        • Targeting end of FY2009 Pilot
  • Next Generation 802.11 Wireless
    • 802.11b – first deployed at Penn in 2000-2001
        • 11 Mb/sec data rate, 2.4 GHz spectrum
    • 802.11a – first deployed at Penn in 2004-2005
        • 54 Mb/sec data rate, alternate radio spectrum
    • 802.11g – first deployed at Penn in 2004-2005
        • 54 Mb/sec data rate, 2.4 GHz spectrum
        • “ backwards compatible” with 802.11b
    • 802.11n to be deployed at Penn in 2009
        • Higher data rates
          • over 100 Mb/sec possible in 2.4 GHz
          • over 300 Mb/sec possible in 5 GHz
        • Much improved multi path handling
  • Wireless Authentication Evolution Timeline Wireless Security 2000 MAC address offline registration. No security measures – didn’t scale, long delays and turn around. 2002 Bluesocket Gateway - https redirect page for authentication. Login secure, but all other data vulnerable, single point of failure. 2005 802.1X AirPennNet authentication using EAP authentication with WEP. 2008 AirPennNet additionally supports WPA Enterprise authentication. Added AirPennNet-Guest for legacy & guest use. Future WPA2 – full 802.11i standard. Full session strong encryption. Greatly reduced vulnerability to a range of attacks (authentication , foraging, replay, key collision, weak keys, packet foraging, brute-force/dictionary attacks)
  • New Wireless Architectures
    • Possible controller based solution:
      • Streamline management – installations, configurations, radio & power management
      • Cell based architectures may help with client roaming decisions (less dropped connections)
      • Secure fast roaming (roaming from one AP to another is handled per building and not autonomously)
      • May also help with real time application performance
  • Proposed Wireless Guest IP Funding Model
    • Goal : To enable proper IP ranges for AirPennNet and AirPennNet-Guest, and to ensure use of AirPennNet as primary wireless network
    • Key Concepts:
      • AirPennNet is strongly recommended as primary wireless network for Penn faculty, staff, and students (security, speed, and availability)
      • AirPennNet-Guest was designed for visitors and for devices incapable of supporting 802.1x. (network has restrictions and is less secure)
    • Policy: Previous Wireless-PennNet policies allowed for some centrally subsidized IP addresses for public areas. AirPennNet-Guest allows for visitors to roam to all areas of campus. Two ranges of IP addresses for AirPennNet & AirPennNet-Guest make it difficult to manage the IP ranges (i.e. costs) to a minimum.
    • Propose that 10% of IP range for AirPennNet networks be subsidized for IP range in AirPennNet-Guest networks. Schools or centers will pay for IP costs greater than 10% of AirPennNet IP range.
  • Proposed Wireless Guest IP Funding Model
    • Cost impact to CSF FY’09
      • 4041 IP’s assigned for Wireless-PennNet in FY’08.
      • 10% cost of those IP’s equals 404 * $4.29  * 12 = $20,798 per year.
      • Costs would be absorbed by ISC in FY’09
    • Potential cost impact to CSF FY’10
      • 8000 IP’s assigned for AirPennNet projected
      • 10% cost of those IP’s equals 800 * $1.67  * 12 = $16,032 per year.
      • This cost could be added to the CSF for FY’10.