Software-defined networking, Wi-Fi, and mobile for teaching and learning.
GUEST COLUMN | by Naveed Husain
Like many leading graduate schools, the faculty and students at Teachers College, Columbia University, hold IT to the highest standards for supporting their learning and research needs. Technology needs to flow like electricity or water throughout the institution without friction. Teachers College has a 125-year history of preparing the next generation of educators and civil leaders, contributing significantly to education-related research and policy and shaping the future of education throughout the world.
Approximately two years ago, the College decided to make a significant investment in technology to meet current demands and prepare a secure and reliable foundation for onsite and new online certificate and degree programs. Our legacy wireless and wired infrastructure was not providing enough coverage, bandwidth, reliability or security. End-user wired port utilization in classrooms and research areas had fallen to near zero while the demand for mobility had escalated to multiple devices per person. Students were quoted as saying that the wireless in the library was like connecting on a 56k modem. (For millennials, a 56k modem is the device that we used to use to connect to the internet, the one that made all those beeping noises before you were connected. And, you could not stream Netflix with it!) In addition to the need for better performance, there was also a clear need for a college mobile app, wireless presentation capabilities, streaming and continued “free love” wireless.
Technology needs to flow like electricity or water throughout the institution without friction.
To meet these and other new challenges, we needed a stable foundation capable of adapting to the mobile-first, cloud-first initiatives this college is engaged in. And, to keep our institution among the top programs, we needed to be able to provide services on-demand at a manageable cost-to-production ratio.
With these tenets in mind, we decided to transition our classrooms to a next-generation, all-wireless digital model. Our new classrooms provide wall-mounted touch displays and software-based collaboration features that give students and faculty the desired ability to share content onsite or online and in real-time, with seamless streaming from their devices to the displays as well as web conference services, lecture capture capabilities and the ability to locally broadcast/stream content throughout the classroom using systems like Chromecast and Apple TVs.
Selecting strategic partners and technologies
After a thorough evaluation with multiple networking solution vendors, we determined the best path forward to leverage the latest infrastructure innovations would be to conduct a “forklift” upgrade of our end-of-life equipment and partner with Hewlett Packard Enterprise (HPE) and Aruba (an HPE company) for wired and wireless solutions. In addition, we decided to utilize HPE Technology Services to assist us with the extensive network refresh, helping us to redesign our network architecture and optimize our investment.
Strategic technologies that we deployed include robust software-defined networking (SDN) programmability within the hardware and enterprise management tools for troubleshooting the network throughout our campus. These capabilities, coupled with a new network access control platform, ClearPass, enable a dynamic network infrastructure that will provide role-based access on demand, without the burden of rigid VLAN segmentation. With this solution, we will be able to deliver priority service to applications, add an additional layer of security beyond the perimeter, and conduct anomalous traffic monitoring that includes HIPAA-impacted data transfer both on our wired and wireless network.
Leveraging control platform allows us to create a single security policy across the wired and wireless network. This will ensure that, regardless of how the client connects to the network, all of our users will have the same secure experience. However, because the ‘elegance of experience’ is important to our senior management, and because security implementations can often become a barrier to the fluid use of technology – rather than the simple experience that users desire – devices will have to register to the network, but the experience will be streamlined.
With the platform and client certificates, we can utilize 802.1x authentication to deliver the necessary security without requiring our users to frequently enter passwords. Instead, our infrastructure can dynamically provide the ability to log in using the same privileges, regardless of location, based on who the person is and what device they are using to connect. Our goal is to base services around the person via a human-centric approach.
To make it manageable for our IT team, we needed the ability to set policies efficiently and automate the granting of access to the appropriate types of data for over 5,000 students – as well as our faculty, administrators, staff and research employees.
Deploying the latest innovations
For the LAN, we are deploying dual core switches plus an array of data center switches for top-of-rack server access. Also, we implemented HPE’s Intelligent Management Center (IMC) for LAN management and its SDN solution to dynamically program our network to align with our needs.
Additionally, we adopted multi-gigabit PoE+ campus switches with flexible programmability for SDN applications. We know that SDN is the direction of orchestration and management in the future and these switching platforms will allow us to take strides with SDN while leveraging traditional network management platforms such as the IMC for day-to-day FCAPS management.
On the wireless side, our new WLAN includes approximately 1,000 indoor and outdoor 802.11ac access points (APs) and mobility controllers for fast, Gigabit Wi-Fi. This enables us to provide high-performance experiences in classrooms, offices and outdoor courtyard areas.
This setup ensures support for Apple TVs, which our students use extensively for presentations in classrooms and conference rooms. We’re also installing Apple TVs in all offices, so we rely on the wireless network to support them smoothly and reliably.
Management and troubleshooting APs is accomplished with AirWave. The granularity of current and historical information on each AP, and each of the devices connected to an individual AP, helps us detect and resolve issues in minutes. This improves our operational efficiency and reduces network downtime. Moving forward, we can adopt new proactive monitoring capabilities to simulate situations, such as the flurry of connections at the start of a day, and identify issues before users experience them.
To provide secure Wi-Fi access, we’ll use ClearPass Policy Manager. Its capabilities include automatically segregating guest and internal users, as well as granting role-based access privileges. ClearPass also ensures that authorized users, requiring a higher level of security, don’t inadvertently join the guest network.
Moving toward mobile engagement
Looking ahead, we’re planning to expand our existing mobile app by adding mobile engagement capabilities. This includes deploying a ‘beacons and meridian’ mobile app platform to enhance wayfinding and supply other features like push notifications.
These innovations offer many possibilities. For instance, faculty members will be able to send students granular event notifications. Among the options are date and time, available amenities, refreshments, post-event gathering information and, if needed, any updates, changes or reminders.
Institutionally, we can potentially use the beacons and mobile app to send emergency alerts and supply students with important safety instructions.
With our new combination of mobile-first technologies, we’re answering student and faculty demands for seamless, reliable and secure mobility. We’re also significantly improving our ability to support their educational needs, which includes contributing to life-changing neuroscience, biological and cognitive research.
Currently CIO at the Teachers College, Columbia University, Naveed Husain has over 20 years of global professional experience in the private and public sectors. This includes challenging duty stations for the United Nations Department of Peacekeeping Operations, where he supported missions in Ethiopia, Iraq, Israel, and Somalia, among others. Prior to joining Teachers College, he served as CIO for Queens College and in leadership roles at a range of organizations.