The University of New England (UNE) is undergoing a $4 million overhaul of its network and security infrastructure.
The university has installed an integrated Linux-based Web application controller to block spam and viruses from its mail servers, and will deploy network admission controls over wireless and land line networks to reduce virus proliferation, and replace a watered-down security system with a unified threat management (UTM) box.
A new campus-wide Wi-Fi network and VPN will be deployed, along with VoIP and huge gigabyte network upgrades including Power-over-Ethernet (PoE).
UNE principal IT officer Gordon Smith said the upgrades were necessary to replace its eight-year-old network infrastructure, increase security between itself and some 5000 networked end-user devices, and to accommodate its growing number of mobile staff and huge base of external students.
"Our security was nowhere near the equivalent of UTM - actually we didn't really have any equivalent to the new upgrades - we had simple firewalls between the administration systems and the colleges, and between the university and the rest of the world," Smith said.
"We have increased our wired network from 10Mbps to 1Gbps and increased the main campus backbone from 1Gbps to two 10Gbps lines.
"The VPN will give external students secure access to their important applications [and] the fatter links will give our researchers access to a lot more data."
Multicast network functionality will be integrated into the networks to bring UNE into global research networks for multimedia collaboration, by sending single data packets to multiple recipients.
The 1Gbps Wi-Fi network will be deployed over 802.11a/b/g allowing the option of a mesh network to be extended for public use in Armidale mall and its small airport. An Enterasys network admission control system, the first of its kind to be deployed over a university network, will block unpatched or virus-infected devices common in the student campuses from connecting to the UNE network.
UNE should be Wi-Fi ready by the end of December with 300 access points, following the completion of an internal 12-month pilot.
Some 350 switches will be replaced to facilitate PoE, which will give greater mobility to wireless devices by allowing users to drop access points anywhere in the University's LAN. VoIP phones, set for evaluation in mid-2008, will have extended mobility using the same technology.
The older university buildings running on 10Mbps connections are being refitted with Cat6 cabling to bring the entire UNE network to gigabyte capacity.
Fortinet UTM boxes will be installed by February between the student colleges and central administration networks, and university departments. The application-layer firewalls are contained in a single device along with intranet virus detection, intrusion prevention, and VPN termination to allow external students to access applications.
A Linux-based Barracuda Web application controller replaced the open-source mail server Postfix last week to prevent virus and spam proliferation in e-mail traffic.
Smith said the previous reputation filter-based solution was replaced by the new device following complaints from staff that too much spam was getting through despite its 86 percent filtration rate.
He said streaming lectures to external students using videoconferencing is still futuristic due to the poor upload capacity of many students. Fast downlink and slow uplink speeds means students may hear lectures clearly, but their questions or presentations would not be delivered with acceptable quality.
Most deployments will be completed during the Summer break, however the VPN and VoIP implementations will not be completed until mid 2008 because of the high project workload.
Smith said the university will move to IPV6 over the next few years as the current version 4 protocol fills up.
NEC secured the five-year infrastructure and maintenance contract which envelopes vendors Enterasys, Fortinet, Barracuda, and WhiteGold Solutions.