Colleges and universities are learning that supporting a “bring your own device” (BYOD) strategy requires a robust network that can deliver. Just ask Nathaniel Hewitt of Wiley College in Marshall, Texas.
“A decade ago, the Wiley College ‘techno-culture,’ still in its infancy, struggled to embrace networked technologies and were not consistent users, nor great fans, of networked technologies,” explains Hewitt, vice president for information systems and technology at the 140-year-old college.
“Uncertainty surrounding infrastructure needs, support and rising costs were seen as challenges to our growth,” he says. “Today, anywhere, anytime access is understood as being necessary to attract and retain our students.”
Tasked with ensuring that a student’s online life is as fulfilling as their traditional classroom experiences, IT departments at colleges and universities are revving up their networks to deliver fast, reliable and secure connections to meet ubiquitous computing demands.
“BYOD is really more like ‘BYO3 or 4’ as students arrive on campus with smartphones, tablets, PCs and maybe a gaming console that connects to the wireless network,” says Bob Laliberte, senior analyst for the Enterprise Strategy Group.
At Wiley College, the first historically black college west of the Mississippi, a network upgrade grew critical as it transitioned from a 550-student residential institution to enrolling almost 1,400 traditional and nontraditional learners.
In addition to population growth, the percentage of students bringing their own technology to school also increased by 82 percent. “By 2009, the performance of our network was so saturated that we were fortunate if we could push an e-mail across campus,” Hewitt says.
With Wiley’s CEO Dr. Haywood L. Strickland, who’s often referred to as the “technology president,” serving as the project’s champion, Wiley conducted an extensive internal review and external evaluation of providers before selecting Enterasys for a complete upgrade to core, wired and wireless equipment.
“Enterasys worked with us in a true partnership to build a fully redundant network with built-in fail-safes that are triggered within seconds if an outage occurs, which happens periodically during East Texas weather events,” says Hewitt. “In fact, on several occasions, when the campus has been without power to the main buildings, our network has remained online.”
To upgrade its 3 megabit-per-second network into a high-performance, high-availability LAN, WAN and WLAN that would support data and Voice over IP at 90Mbps, Wiley installed new Enterasys enterprise core switches at the main and satellite campuses. Next, the primary wiring closets were rewired. “The first phase alone improved network performance by over 50 percent,” Hewitt says.
Then last fall, the college upgraded to 802.11n wireless networking using 85 Enterasys HiPath AP3610 access points, along with two Enterasys C4110 controllers. For continuity, CyberPower UPS devices were also installed.
The setup includes the Enterasys Network Management Suite (NMS), unified LAN/WAN tools for automating and streamlining administration, which is critical for maximizing staffing resources at a small institution like Wiley. The new gear has also made an educational impact.
“Instructors are now able to integrate online learning technologies, such as blogs, chat, social media systems and audio and video streaming into their courses,” says Hewitt. “These network improvements enabled the college to pilot its first online learning program to address the academic needs of our nontraditional students.”
About 1,200 miles to the northeast, it’s a similar story for 12,000-student American University in Washington, D.C. When users began accessing the institution’s existing WLAN with multiple devices, the 230-node first-generation network strained under the load.
“Suddenly, we had 4,000 clients concurrently on the system,” explains Hassan Marvi, director of network operations at AU. “And it’s no longer one student with one device — they sometimes have three or four devices simultaneously accessing the network.”
Marvi’s team chose an Aruba system made up of 802.11n AP 125 access points, MMC-34000 and MMC-3600 controllers, and the AirWave management suite, which includes encrypted transmissions for secure communications. Beyond meeting AU’s technology specifications, Aruba also provided a detailed breakdown showing the institution’s specific problem areas, which was a unique offering, Marvi says.
68% The increase over the past year in student-owned technology accessing the LAN and WLAN networks at Wiley College.
SOURCE: Wiley College
With a total of 860 access points required to cover on- and off-campus spaces — indoors and out — AU split the deployment into phases, finishing up in early 2011. Today, Marvi consults Aruba’s management tools for instant visibility into where, when and how many devices any given individual is using on the network. “We have management capabilities unavailable to us before, making the network easier to maintain,” Marvi says.
And when he visits classrooms, Marvi says it’s becoming common to see everyone participating on a computing device. “With our new network, students collaborate with instructors and each other anywhere and anytime,” he says. “It’s definitely improved the reputation of our university.”
The University of South Florida is also expanding its wireless network to accommodate numerous multidevice users.
“We see periods of over 13,000 concurrent wireless users throughout the day, so our network is critical to teaching and learning,” says Joe Rogers, assistant director of network engineering at the 47,000-student university in Tampa, Fla. Rogers says providing sufficient coverage density in large classrooms, auditoriums and stadiums is leading to the installation of additional Cisco Aironet 3500- and 3600-series 802.11n access points.
4 TIPS To update your network to support BYOD
“For every seat we have in these venues, we have to plan for two to three wireless devices,” says Rogers, noting that it’s a challenge to do so in spaces with more than 300 seats. “We continually monitor our network and run reports of the busiest APs, making it very clear which areas are being overtaxed,” he says.
That’s one reason USF selected Cisco’s Aironet APs, Rogers says. The device’s CleanAir technology lets his team remotely diagnose and quickly resolve RF issues.
“In the past, we had to physically visit sites experiencing problems and use notebook-based diagnostic tools,” he says.
USF is also moving to the Aironet 3600-series APs for their three-spatial-stream (3SS) technology, which raises the maximum theoretical 802.11n throughput from 300Mbps to 450Mbps. “As more client devices ship with 3SS-capable radios, the additional throughput will help ease some of the challenges in high-density areas,” Rogers says.
The data traffic load at Sinclair Community College in Dayton, Ohio, is enormous. The network supports approximately 30,000 users and 10,000 nodes spread across 24 buildings on five campuses.
Fortunately for Chad Rumbarger, a network engineer at Sinclair, the management features packed into today's server load-balancing devices are so sophisticated and intuitive that with a little bit of training, his IT colleagues can help him manage the load.
First-generation load balancers almost always required an administrator versed in command-line script procedures to make even minor adjustments to traffic allocation for specific applications. Today, a load balancer that requires a network engineer to handle the smallest task would be impractical and inefficient.
"We needed something more intuitive, so that a web person could go in and analyze the traffic, or a systems person could do a reboot," says Rumbarger, who along with fellow network engineer Darnell Brown works at an institution that boasts flourishing programs in nursing and hospitality management, as well as Ohio's lowest tuition for in-state residents.
Rumbarger is running F5's load balancer and also an older appliance from Foundry (now part of Brocade). He especially likes the F5 product for its ease of use. What's more, the F5 device contains security features that can block all traffic to a specific directory if it's determined that the directory has been compromised.
Even better, relatively easy tasks can be shared, once role-based access has been set to F5's management console. "I can provide a web staffer permission to connect and reconnect servers," he says. In the past, when a server problem arose, Rumbarger or Brown would have been tapped to solve the issue via command-line scripts – something a web staffer would probably not know how to do.
Sinclair and other colleges are making the most of the advanced features that manufacturers are now including as standard items in their load-balancing products, which today are more accurately described as application delivery controllers (ADCs), says Joe Skorupa, research vice president in Gartner's data center transformation and security group.
But Skorupa points out that the transition to ADCs has been quite an adjustment for many IT departments. As the functionality of load balancers has become richer, the advanced features tend to be used by just a fraction of the people whose networks might benefit from them. Many haven't turned on more than the load balancing and simple protocol offload, Skorupa says, even though more informed use of these high-end management features could reclaim between 20 percent and 50 percent of otherwise wasted processing power.
In effect, the features in these products have developed ahead of the ability of many organizations to absorb and apply them. Skorupa says one way to respond to this situation is for IT staffs to start thinking about these products as ADCs rather than as mere server load balancers.
"Do they do load balancing? Sure. But they can also run synthetic transactions and let you program new rules and fire up virtual machines," he says. "They are remarkably sophisticated and powerful products."
Hofstra University in Hempstead, N.Y., is another school that appreciates the potential of ADCs.
Toon-Chien Wong, associate technical director of systems and operations, says that load-balancing tasks and others related to efficient application delivery can be handed off to people around campus based on their roles within the overall IT structure at Hofstra – partly because the graphical interfaces that walk users through the tasks are so simple to use. Right now, about 10 people have access to the Coyote Point Equalizer E650GX installed two years ago. Hofstra also runs the E350GX in two smaller data centers, one of which serves as a failover site should a natural or man-made event take the primary data center offline.
"A lot of universities have their networking folks manage their load balancer," says Wong. "But we have our applications people manage it. At the end of the day, the load balancer is there to provide [reliable] application delivery."
Because of that, Wong says it makes sense to train staff who work in different silos to perform job-specific functions to keep the applications running smoothly.
Wong says he appreciates the "fine-grained" access Coyote Point makes possible, as well as its graphical user interface, which means that the users have to know the appropriate commands, and they also need special permission to perform server-related tasks that don't fit within their job descriptions.
Indeed, a mature load-balancing product shields users from all kinds of unnecessary information, both technical and organizational: Staffer X does not have to intimately understand Staffer Y's day-to-day responsibilities in order for each to optimize the load balancer's performance.
"The apps team doesn't always understand how the router works, but it doesn't matter,'' says Wong. "They don't need to know that to manage an application."
Hofstra's choice to divvy up responsibility for the load-balancing products is reflected in its IT organizational chart. While Wong says he has responsibility for data center operations, from databases to servers to security, application availability and performance belong partly within his purview and partly with the applications group.
At Seton Hall University, in South Orange, N.J., Matthew Stevenson, director of networking and architecture, says SHU's initial investment in load-balancing products from Cisco Systems five years ago was made to provide redundancy. But his view of load balancers is changing.
"There appear to be some new features that integrate them closely to a virtual environment, and this could certainly help us with rapid deployments that include the load balancer as part of the automated virtual machine provisioning process," he says.
Neglecting to activate advanced management features, such as support for virtual environments or role-based access, is likely to compound problems for network managers, Skorupa says. As networks grow more complex – with multimedia or streaming applications, the ever-growing number of mobile and fixed nodes and the mix of products in use – network managers need all the help they can get.
But the ability to redirect traffic on the fly doesn't necessarily require a load-balancing product. For example, the Enterasys switches that replaced some obsolescent HP networking gear in the network of Lyon College in Batesville, Ark., include load-balancing features.
"The hardware load-balancing equipment currently available from several manufacturers consolidates and integrates network traffic management and acceleration as well as network security into one powerful system," says Charles Neal, Lyon's director of information services.
If one server runs at 90% utilization, offloading the Secure Sockets Layer processing to an ADC or to a load balancer will reduce that utilization to 60%.
"A single piece of equipment now handles and does a much better job of enhancing network access and response times as well as increasing the security of critical data," he says.
Sinclair Community College has already ported Microsoft's Exchange and App-V as well as a point-of-sale app supporting the student card-swipe payment system to the F5. Another big application, Sinclair's learning management system, is slated for transfer over the summer.
The new LMS alone – which students use to take tests, upload videos, check grades on their Androids and perform a multitude of other tasks online – demands 36 servers, up from two a couple of years ago, Rumbarger says. Smart load balancing, and all that goes with it, helps Sinclair and other colleges meet the continuing demand.
Most IT managers wouldn't hand off control of their server load balancer to just anyone, but it's almost certainly the case that some important individuals will merit access to portions of it.
Sinclair Community College's Chad Rumbarger has a quick training scenario worked out for his designated users. "I provide them read-only access first, then we have an hour-long meeting where I have screen shots on the projector and I ask them what they want to know," he explains. People managing applications or assuring web uptime can be granted views appropriate to their roles within the organization.
Toon-Chien Wong of Hofstra University likes how granular Coyote Point's user access can be. "People only have access to one or two apps, usually," he says. "Only two of us have access to everything."
Sharing these duties with others who have been trained on the product "frees me up to do other things," he adds.
Gartner's Joe Skorupa says F5 led the way to providing the types of features that would make this sort of shared-management scenario plausible – and practical.
"That's what marked the transition away from load balancers to application delivery controllers," he says.