Campus IT Moves to SDN Technology for Speed & Visibility
Officials at Ohio’s Bowling Green State University had clear goals when they began re-engineering their technology environment three years ago.
First, downsize an onsite data center that needed a tech refresh and took up too much valuable real estate in the heart of the campus. The solution for that goal was a colocation data center managed by an outside company. Second, BGSU wanted to power the new facility with next-generation networking to support fast and secure communications today and to facilitate the long-term goal of creating a cloud-centric university.
The BGSU staff chose software-defined networking, enabled by the Cisco Application Centric Infrastructure (ACI), as the cornerstone of the network modernization effort.
“SDN gives us an opportunity to capitalize on and implement today’s networking innovations in the best way possible,” says Jared Baber, BGSU’s network manager. “It also provides a foundation for new orchestration and automation capabilities that we can add in the future to reduce the time we need to deliver new services.”
BGSU isn’t the only higher education institution gravitating to SDN as IT managers scope out next-generation networks and the changing makeup of their data centers.
“Forward-looking university CIOs recognize that more workloads are moving to the cloud,” says Bob Laliberte, senior analyst at the Enterprise Strategy Group. “SDN enables them to architect for that future at a fundamental level.”
SDN is appealing because it addresses three areas where improvements are always welcome: delivering services, responding to new capacity demands and shoring up security. Many SDN adopters, including BGSU, are also looking to expand their software-defined strategy to something even more transformational: software-defined data center technology, which brings greater automation and efficiency not only to networks, but also to computing, storage and other core capabilities.
Alongside their benefits, SDN and SDDC represent fundamentally new ways to manage and secure IT resources. CIOs need a well-defined strategy to plan for these modernizations and achieve their full potential.
BGSU and other early adopters are pointing the way.
SIGN UP: Get more news from the EdTech newsletter in your inbox every two weeks!
Software-Defined Networks Deliver Four Key IT Benefits
SDN uses a central, software-based controller to manage the physical switches and routers running on a campus network. Administrators use the controller to configure hardware, push out software updates and apply security policies without having to manually touch each device, a tedious and time-consuming task in large, far-flung networks. SDN relieves strain on network administrators, but it also gives IT shops four other big benefits, according to Laliberte.
The first is IT agility. SDN lets IT spin up network connections on demand, as faculty, staff and researchers request additional servers and storage units. SDN also strengthens security. With a centralized SDN controller, admins can apply the latest policies uniformly across all connected devices, a task that is cumbersome and prone to gaps with manual processes.
Together, these types of efficiencies help to cut costs. Centralized software can reduce operating expenses by enabling a relatively small number of staff members to configure and manage larger numbers of networking devices.
Finally, SDN is a logical path to the cloud. Public cloud providers, including Google and Microsoft, rely heavily on SDN for flexible provisioning of services within their data centers. With similar technology, colleges can more easily move workloads around hybrid cloud environments.
SDN isn’t limited to LANs, Laliberte says. CIOs are increasingly adopting a similar approach for WANs. “SD-WANs allow IT staffs to aggregate their network connections to save money on bandwidth costs and networking equipment in branches, such as satellite campuses,” he says.
IT Gains Faster Deployment and Better Visibility
BGSU chose Cisco ACI after evaluating a variety of commercial platforms and open-source options, in part because ACI supported different hypervisors. In addition to purchasing ACI, the staff added a range of new networking hardware to the colocation data center, including Cisco’s Nexus Ethernet and MDS Fibre Channel switches. Rounding out the deployment were Cisco UCS server appliances, Citrix NetScaler network load balancers and HPE 3Par network storage units.
Together, SDN and other networking upgrades allow IT staff to deliver services more efficiently. Previously, when administrators needed to spin up new virtual servers, they might have needed to change VLANs for the specific physical chassis they were using.
“There had to be a lot of coordination between networking and the systems team,” Baber says. “Now, systems administrators have the tools they need for creating endpoint groups and setting firewall rules without waiting for help from the networking team or the security teams, as in the past. This is significantly reducing the time it takes to deploy new services.”
Another plus is better network visibility, which means teams can address performance issues more quickly. For example, a network with a specific access control list (ACL) may support servers that are secured with a host-based firewall.
“In the past, when there was a connectivity issue, the server team would be able to see the host-based firewall and the networking team would see the ACL, but neither would see the whole picture,” Baber says. “With SDN, it’s a single pane of glass providing an overall view of the environment for everyone. This means we can more effectively troubleshoot problems.”
Closer collaboration is having beneficial ripple effects across the department, Baber says: “SDN has been a catalyst for transforming our IT culture in a positive way.”
At BGSU, software-defined networking increases agility in responding to requests from faculty and staff. Photo: Angelo Merendino
Next-Gen Networks Yield Consistent Performance for Users
Like other networks in higher education, the one supporting New York’s Marist College must perform flawlessly day and night, even when there’s an unexpected traffic spike. This hit home during the 2016 presidential election, when candidate Bernie Sanders visited the campus and 20,000 wireless devices suddenly logged on to a single network segment. Fortunately, the college had a solid SDN implementation in place to help IT maintain high performance rates in the core network.
“The SDN console showed us exactly where the traffic was coming from and how best to reroute it,” says William Thirsk, vice president and CIO. “We created a mesh network where there was the higher concentration of devices, which shuttled traffic away from our core business, and then took the temporary segment down when the event was over.”
Before launching SDN for production workloads, Marist’s research faculty and IT staff investigated the technology in the college’s Network Interoperability Lab. Here, students and vendors can test various platforms and flesh out open-source specifications for software-defined controllers and other tools.
Encouraged by the SDN capabilities evidenced in the lab, IT staff rolled out OpenDaylight, an open-source SDN platform. Students, faculty and staff also created an SDN-based management module using Avalanche, another open-source technology, which lets networking teams optimize the college’s mix of networking gear.
“The brands of the individual networking equipment don’t matter when we view the network from the SDN console,” Thirsk says. “We deal with traffic flow, bandwidth and routing considerations rather than wrestling with the equipment.”
The console also helps staff defend against distributed denial of service attacks and other cyberthreats. When a danger arises, admins quickly take down the affected network segments to protect servers, software and data. Similarly, technicians can establish special authentication requirements for servers running sensitive information.
“Only when someone is successfully authenticated will a VPN to those servers be launched,” says Thirsk. “Those network connections are specifically provisioned for those individual users, and when they log out, the span goes away.”
For end users, the biggest impact of Marist’s next-gen networking is its consistent performance. “What they want is a very fast network connection wherever they go on campus,” Thirsk says. “If we aren’t hearing anything, that means everything is working fine.”
