eduroam and other 2013-2014 network updates

Project Proposal:

Our network infrastructure backbone consists of devices called edge, distribution and core switches (this is an oversimplification, but works for this communication). Your wired computers, wireless access points etc. connect to the edge switches, many of which are then aggregated to a geographically proximal distribution switches and finally all of them are aggregated at the core switches. Most of these devices that form the backbone of the network were installed 8 years ago or before. They are very old by current standards and are no longer supported. This means that the vendors don’t supply us with critical security updates for these products.

As we replace this infrastructure, we are making a number of improvements to the user experience to improve security, but also simplify and streamline access to the network.  We will also be transitioning into “mostly wireless” campus. When College provided computers are replaced, we will most likely replace them to be wireless.

 

Completed summer 2013:

  • We replaced the core and distribution switches.  We intend to refresh these hardware every 4-5 years in the future.
     
  • Until August, Cisco NAC had a timeout that required wireless devices such as laptops to reconnect to it after 15 minutes of idle time. We increased it to 8 hours, so you will not be required to reauthenticate for 8 hours.

Completed October 2013:

  • Beginning in October, all the oldest remaining wireless access points that are currently called “nostrings” will be renamed to “Wellesley" as they are replaced with modern access points.  The entire campus is now on the 802.11n standard.

Completed January 2014:

  • We finished replacing the remaining edge switches.  We intend to refresh these hardware every 4-5 years in the future.
     
  • Retired Cisco NAC — you will no longer be required to log into the Cisco NAC to get on to the network. 

Completed March 2014:

  • Implemented a system called Cisco ISE (Identity Services Engine).  One of the advantages of this is that all wireless connections will be encrypted (via the Wellesley Secure network).  
     
  • Now that this is completed, we will schedule the removal of the administrative firewall, currently used by many faculty and staff to gain access to certain protected resources, such as the vault file storage. Access to these resources will be easy and seamless in the future.  This will be scheduled for summer 2014. 

Completed May 2014:

  • We implemented eduroam, a community partnership amongst hundreds of Colleges and Universities all around the world, which will allow a member of any participating institution to use the wireless network in any one of the participating institution. 

 

Project Sponsor: Library & Technology Services

LTS Contact: Erin Richardson