The main challenges of the campus infrastructure are brought about by the presence of people. We need to consider, not just the architecture, but more importantly, how people will interact with the equipment we put in place.
Understanding how users choose to interact, and the actions they perform, enables us to design a better infrastructure from the outset.
Our approach to the campus network has therefore been to consider the human factors. The actual IT architecture is fairly straightforward in this environment so we have focused on the human challenges and how to solve them.
For example, we need to provide wireless access across the campus and accommodate the increased use of mobile devices, many of which we have no control over as they fall under the BYOD category.
In line with this, it is vital that we pay due attention to security to ensure all users and devices meet the necessary requirements. We may also need to consider how multiple security measures will integrate with each other.
Why we’ve created the reference architecture?
In the first instance, the reference architecture provides us with a straightforward design for how a campus network should look.
Second, it provides a solution to address the core challenges of the campus. Negating the need to draw up a new solution to meet the requirements of each individual campus, we have developed an architecture that will solve the vast majority of challenges faced.
Leveraging some of the most flexible technologies on the market, we have built in the ability to adapt to any new complications that arise and any high level policies that are put in place.
Which technologies have we chosen and why?
The campus network relies less heavily on high scale and performance. Internet connections will generally put a limit on the speeds that can be achieved making 10GB networking largely redundant in the majority of cases.
More important are the considerations around price, flexibility and form factors. To achieve this, we look to networking solutions from Juniper and HP.
HP has a long history in the campus and public sector arenas, providing a portfolio of extremely competitive products, both in price and functionality.
Juniper, though less well known in this environment, also delivers some extremely valuable functionality for the campus which is why we have chosen to include them here.
As previously mentioned, security is an extremely important element in the campus environment.
As with the data centre, we begin with a firewall, but this firewall needs to be next-generation and feature-rich. It needs to deliver web filtering, IPS and application control, all of which are provided by Juniper’s SRX devices.
Next, our focus must move to the users. We need to implement a series of internal security measures and policy controls to moderate which users can access which parts of the network, and from where.
These measures include:
- Network access controls/User access controls to regulate who has access to the network based on contextual information. This functionality forms a part of F5’s BIG IP suite of products.
- Posture assessment ensures any devices accessing the network have the correct anti-virus software and up-to-date patches in place and are therefore not a security threat in themselves. Pulse Secure, previously Juniper Junos Pulse, ensure secure network access controls through their MAG series appliances.
- VPN – campus infrastructures invariably demand access by remote users which necessitates a secure VPN, again facilitated through F5’s BIG IP suite.
The storage element of the reference architecture offers a degree of flexibility dependent on requirements. For high-scale storage we recommend HP 3Par whereas for smaller requirements, Dell Equalogic and HP MSA provide strong solutions.
There is also room for flexibility dependent on the compute option chosen as it is often beneficial to select the same vendor for both.
As with storage, there is a degree of flexibility around compute. Dell’s price performance ratio on discreet compute units is extremely appealing so, where large quantities of discreet compute units are required, this is generally the way to go.
HP Blade System, on the other hand, makes a better choice for large clusters of compute due to its high performance, extremely low latency and flexibility of deployment solutions.
That said, there are also cost efficiencies to be gained in procuring servers, PCs and desktops from the same vendor so we ensure a degree of customer freedom in this area.
The campus often makes use of virtualisation. VMWare are extremely well established in this field, having been first to market with the technology, and therefore represent the highly supported and integrated solution with many years of operation around it.
The other platform we have adopted is Microsoft Hyper V. This forms a standard component in the Microsoft Windows Server so, where these servers have already been deployed, Hyper V is the sensible choice.
Dell Wireless, powered by technology from Aruba, is our chosen solution to support the increasing number of wireless devices across the campus. Aruba have been one of the market leaders in wireless for over a decade which, alongside our strong relationship with Dell, gives us great confidence in the solution. By combining with our wireless survey, we can ensure any ‘dead spots’ are eliminated to maximise user experience.
Campus network users inevitably require a number of key services in order to continue their daily operations. This includes email, phone and connectivity, all of which can be provided as a fully managed, hosted service by HardwareCloud.
Hosted cloud services provide many benefits around management, upgrades and resilience, but the real value for the campus environment lies in its scalability. Subscriptions are managed per user and users can easily be added or removed as required.
|The solutions below form part of our Campus reference architectures.