What Are Little Networks Made Of?

You might think that network and telephone configuration for the newly expanded Student Center/Cross-Cultural Center would be relatively straightforward to design and install.  However, here are some metrics to demonstrate the magnitude of this project.

  • 12 communications rooms for telephone and network equipment and cabling
  • 40+ wireless access points
  • 70+ network switches
  • 120+ strands of optical fiber interconnecting the 12 communications rooms to other fiber junctions on campus
  • 2100+ inside-building cables for data and phone jacks – or almost 90 miles of cabling
  • 3050+ pairs of outside-building wires, over 470 miles, to connect the 12 communications rooms to the Central Plant communication core site.

NACS completed the design and implementation of the network and telephone infrastructure for the Student Center/Cross-Cultural Center expansion on time and within the budget allocated for telecommunications.

Server Registration

NACS is always looking for new ways to protect users on UCInet from network-based attacks. One upcoming strategy is to deny inbound connections to campus computers except the ones that have been approved in advance by faculty and staff. This will protect most campus systems from unauthorized access while preserving off-campus connectivity wherever it is needed.

The process of allowing authorizing specific off-campus connections is called “server registration” although it is not limited to servers in the traditional sense. If you own or manage one of the relatively few computers that needs to accept network connections from off campus, you can specify what kind of access is needed on the server registration form: http://www.nacs.uci.edu/network/servers/registration.php .

The form offers a simplified process for common situations, such as remote access (SSH & Remote Desktop Protocol), or systems that really are servers and are already protected by firewalls. If you manage a large number of systems, you can register them as a group by email request to security@uci.edu .

A more complete description of this service, and frequently asked questions can be found at: http://www.nacs.uci.edu/network/servers/ .

Network Upgrades

NACS regularly upgrades networking equipment around the campus, typically in a rolling series of school or departmental upgrades that take place over several years. In addition to these large upgrades–which may include replacing older wiring as well as equipment, campus-wide infrastructure needs maintenance and periodic replacement as well. In 2005, the core of the campus backbone was upgraded from one to ten gigabits per second (Gb/s). In a multi-year project begun the same year, NACS began replacing older routers/switches in the “distribution layer” with new equipment in many buildings around campus. (The distribution layer connects the networks in a building to the campus backbone). In addition, NACS has been working to replace all older edge switches in buildings. (Edge switches provide the connectivity from labs and offices to the building distribution switch).

Between July 2005 and June 2006 building distribution switches were replaced in Aldrich Hall, Berkeley Place South, Science Library, Social Ecology 2, Social Science Plaza buildings A and B, and Medical Surge 1. In addition, all of these buildings except Aldrich Hall and Med Surge 1 (which were upgraded the previous year) had their edge switches replaced with new equipment, greatly enhancing the performance of these networks for the occupants. Finally, a large number of new wireless access points have been added around the campus, including a major wireless upgrade in the Science Library. Many of these wireless upgrades have been the result of a networking survey NACS conducted last year.

NACS Shares at ACUTA

Bruce Cotsonas, NACS Project Coordinator, and Todd Strand, NACS Infrastructure Engineer, co-presented at the 35th annual ACUTA conference and exhibition in San Diego on July 27th. (ACUTA is an association for communications technology professionals in Higher Education.)

In their presentation, “Visual Documentation and the Installation of Communications Infrastructure”, Bruce and Todd demonstrated the use of “visual documentation” (also known as “visual scope of work”) to portray telecommunications infrastructure before and after installation projects on the UCI campus.

Google Earth (TM) satellite photography of UCI building sites and digital photographs of construction details as well as text and other graphics were imported into Power Point presentations. The resulting “visual documentation” helps to reduce ambiguity and clarify the reasons for infrastructure work, solutions to problems, conduit location and excavation, cable pulling/splicing/termination, and the transferring of services.

Bruce Cotsonas coordinates NACS cabling projects with clients, vendors and staff. He is a member of ACUTA, BICSI, CSI and DBIA, and he has over twenty-one years of experience in project management.

Todd Strand designs, plans, and provides cost estimates during communications infrastructure projects. He holds the Registered Communications Distribution Designer, Network Transport Systems Specialist, and Outside Plant Specialist certifications from BICSI.

Bruce and Todd work for Diane Dunn, Manager of NACS’s Communications Planning Group, which plans and manages all campus-wide network and telecommunications infrastructure projects.

Register your Server

As the number and severity of security challenges continues to grow, NACS works hard to ensure that UCInet remains a useful, robust, and safe place to work. Towards that end, NACS now offers campus units the opportunity to block incoming network connections to their systems. Connections initiated from systems on your network will continue to work, so typical usage such as web browsing, email, instant messaging, and so forth, will be unaffected.

In order to support those services on your systems that do rely on incoming connections (such as web servers), NACS offers server registration. Using a simple form, you can identify which systems, and which services on those systems, need to be accessible from off-campus.

A number of departments are already using server registration in conjunction with inbound connection blocking in order to improve the security of their environments with great success. It is a good idea to begin using server registration, even if you are not yet contemplating inbound connection blocking. To learn more, or to get started, please visit:

http://www.nacs.uci.edu/network/servers/