Docstoc

Simple Secure Port Expansion

Document Sample
Simple Secure Port Expansion Powered By Docstoc
					Expanding User Connectivity in Education
WHITE PAPER
CONTENTS Internet Scaling Problems ...............................1 Internet Protocol Addressing...........................2 IPv6 Addressing ..............................................2 Additional IPv6 Features .................................3 Routing Protocols ...........................................4 IPv6 Deployment ............................................4 Transition Strategy ..........................................5 Network Designs ............................................6 The Future of IPv6 ..........................................6 3Com IPv6 Strategy ........................................6 Glossary..........................................................7

The Problem: Expanding Network Ports Securely and Cost-Effectively
Education requires making connections. For students, administrators, and faculty alike, the work of learning happens when ideas and information connect. To make these connections a few decades ago, a school or college needed only people, buildings, and books. To make them now requires an additional asset: network device ports. Network Ports: The Little Problems That Add Up • Staff and time needed to install, move, and troubleshoot ports • Control over who has what access and bandwidth, where, and when • Compatibility with IP telephony • Disruptive to pull more cable, sometimes also unsafe • Theft or damage of equipment • Locations that lack adequate electrical service • Expanding secure networks with voice, data, video connections • Cost to purchase—and own—each investment Network Ports: The Benefits of Flexible Deployment 10/100 Mbps switched Ethernet ports connect users at the educational institution to another world of information and tools. Each network port lets virtually any user device—computer, printer, or phone— access virtually any application resource—Internet, video, data, or voice. The ports can allow students to take distance-learning courses, faculty to put courses online, researchers to relay field work, and everyone to collaborate with colleagues across town or around the world.

It generally is the job of the institution’s network administrators to provide users with the ports or tools that can make these connections. Exploding Demand and Limited Resources Every year brings more electronic devices and more bandwidth-hungry applications to be connected to the network. Expanding an educational institution’s 10/100 Ethernet network to meet these demands can be a time-consuming task that usually must be accomplished with finite resources and an eye on the future costs of integrating advanced network security and IP telephony. In K-12 school districts, IT staff often must add more ports in classrooms, offices, libraries, laboratories, resource centers—in any building where teachers, students, and staff require more connectivity. Some buildings are portables that will be used for only a short time. Some older buildings have brick or asbestos construction that makes pulling more cable difficult or unsafe. Many buildings are impossible to secure—in the daytime rooms are unlocked, in the evening they are open for community activities. In colleges and universities, the Telecom and IT departments often must add more ports to satisfy user demand, generate revenue from reselling network services, or bring their institution a competitive advantage. Higher education networks are some of the world's busiest. Without interruption, ports must be added in residence halls, apartment complexes, group study areas, offices, classrooms, training rooms, labs, libraries, and public space kiosks. Electrical outlets are often scarce. Pulling more network cable in most locations is time-consuming and disruptive. Wiring closet density may make it impractical to add more switches. The availability and security of the network are paramount concerns.

FREEDOM TO CHOOSE A BETTER NETWORK

1

3COM ® EXPANDING USER CONNECTIVITY IN EDUCATION WHITE PAPER
Managing Security and Bandwidth In most educational institutions, network equipment is subject to unauthorized use and abuse. It also tends to “grow legs and walk off.” In colleges and universities, users tend to put devices and applications onto the network that slow traffic to a crawl, pirate music, or bring the network down. Network staff must be able to control what is attached on ports, allocate bandwidth to prevent network misuse, and quickly troubleshoot problems. In K-12 schools, where teachers and staff tend to be less technically sophisticated, IT staff must be able to quickly solve problems remotely. From district headquarters, the network staff must be able to see what is attached on a port. Many of the schools’ network problems arise haphazardly and often there is no time or money to travel to the site every time.

The Solution: 3Com IntelliJack Switches
The 3Com® IntelliJack™ switch is a compact intelligent switch that turns an existing wallmounted RJ-45 Ethernet jack into four 10/100 Mbps switched Ethernet ports. It is available in managed and unmanaged models, and can be powered by local AC power or Power over Ethernet. Schools and colleges can use the affordable 3Com IntelliJack switch to cost-effectively expand their network. Any network administrator can quickly and easily install and configure it—without rewiring, adding more electrical outlets, or reconfiguring the wiring closet. Quadrupling the number of ports is transparent: only a few minutes will pass by and not a speck of dust will fly. Users plug their device into a 3Com IntelliJack switch port exactly the same way they had plugged the device into a one-port Ethernet jack. Now, though, the in-the-wall four-port Ethernet switch eliminates the vulnerability of a free-standing switch, reduces cable clutter, and safeguards the ports from damage and theft. The managed model—the 3Com IntelliJack Switch NJ220—can also remotely pinpoint the location of attached devices, control network access and applications traffic on a port-by-port basis, and set IEEE 802.1Q VLANs. The 3Com IntelliJack switch enables cost-effective, secure network expansion.

Advantages of Using IntelliJack Switches • quick and easy to install, move, and troubleshoot • no need for major network upgrades or additional cabling; connectivity can be added when and where needed • controllable access and bandwidth • compatible with IP telephony solutions • minimized equipment theft or damage • no need for electrical outlets • support for secure voice, data, and video connections • savings from affordable purchase price and lowered cost to own

FIGURE 1: Cost-effective and secure device connections in the classroom Features and Benefits • No AC outlets required for IntelliJacks • Only 1 Ethernet cable required per classroom • Automatic Power forwarding to 3Com NBX® phone from IntelliJack • Centralized power backup for phones and IntelliJacks • Automatic detection and prioritization for NBX voice traffic
k3 rStac Supe WR 3Com h 4400 P c Swit

k rStac ® Supe 3Com nced RPS Adva
3 SuperStack

®

3

3 SuperStack

iJ Intell

ack

iJack Intell

her’s Teac e Phon

her’s Teac e Phon

ent P Stud

Cs

Class
en Stud t PCs

room

2

Class

room

1
Pow ered dard Stan

2

FREEDOM TO CHOOSE A BETTER NETWORK

3COM ® EXPANDING USER CONNECTIVITY IN EDUCATION WHITE PAPER
Increased Efficiency It is the rare school IT or college Telecom department that has enough staff and hours in the day to keep pace with the demand for adding and supporting more network ports. The traditional solution—pulling more cable or supervising expensive third party cablepullers, activating the user ports, configuring each device move or change, and hunting down troublesome devices— piles time-consuming tasks onto an already weighty workload. By contrast, the innovative 3Com IntelliJack switch solution is much faster and easier to install, move, and troubleshoot: in educational institutions it is typically at least 10 times faster. Installing and activating more ports is simple. It generally takes less than 10 minutes to unscrew the existing single-port wall plate, attach the cable to the IntelliJack switch unit, test the switch connection, and screw the unit into the wall. New ports are up and available in just minutes, instead of hours. By contrast, adding ports by physically pulling cable requires more staff resources and causes more disturbance to users. Gaining access to residences, classrooms, labs, and business offices to drill into walls, rewire, and activate connections is awkward and often disruptive. With the 3Com IntelliJack switch, disturbances are minimal or nonexistent. User activities can continue without interruption. An instant solution, the 3Com IntelliJack switch lets IT and Telecom staff move ports whenever and wherever more connections are needed. On any day—for any user, program, or special event— the network administrator can quickly and easily add or remove device ports virtually anywhere on the network. Video, data, and voice applications can be made available for just an hour, a few weeks, or several semesters. The 3Com IntelliJack switch’s Power over Ethernet (PoE) features let ports be added without adding electrical outlets. 3Com IntelliJack switches work with most IEEE 802.3af (PoE) edge switches, including those from 3Com, Avaya, Extreme, and Nortel. The IntelliJack Switch NJ220 also works with Cisco’s proprietary Cisco 3550 Power over Ethernet switches, as well as its 3000, 4000, 5000, and 6000 series. Using PoE increases network reliability (the wiring closet’s Uninterrupted Power Supply powers the IntelliJack switches if electrical power is lost) and eliminates the service calls caused by disconnected electrical plugs. The managed 3Com IntelliJack Switch NJ220 makes troubleshooting especially efficient. Its innovative Location Mapping utility pinpoints the physical location of any devices connected to it. Working remotely on a Windows 2000, Windows NT, or Windows XP computer attached to the network or the web, the network administrator can use an IP or MAC address to instantly locate, isolate, and troubleshoot a device, as well as inventory equipment assets on the network. Enhanced Security The 3Com IntelliJack switch lets users plug in any devices they need—mobile or desktop computers, printers, or phones— and whatever applications they want—voice, data, or video. Unfortunately, transparent connectivity is a freedom that is sometimes abused. The school or college must be able to control who connects what on a port, and what applications they can use, when. The managed 3Com IntelliJack Switch NJ220 gives the network administrator efficient port-level control over network access and applications traffic. The network administrator can wield this control remotely. Any SNMP management platform, including HP Open View and 3Com Network Supervisor, can discover the IntelliJack Switch NJ220 and do basic configuration.
Control Network Access Remotely

“3Com IntelliJack switches are easy to install and use—without engineers.” —University network manager

“...the 3Com IntelliJack switch enables us to affordably install additional ports in a fraction of the time and cost previously required.” —School district supervisor of telecommunications

The 3Com IntelliJack switch “provides a much faster, simpler, and cost-effective response to our users’ needs for additional network connections...There is less wiring work on site, reducing interruptions to normal daily work.” —University network manager

For advanced security, each 3Com IntelliJack Switch NJ220 is bundled with Central Configuration Manager software that extends network edge control at the port level. The network administrator can remotely control network access and applications traffic on a port-by-port basis, set up IEEE 802.1Q port-based VLANs, and control performance and QoS in a converged network. These unique IntelliJack switch controls let the institution prevent residence hall residents from downloading music, visitors from using office phones after hours, and students in classrooms from engaging in inappropriate network activities.

FREEDOM TO CHOOSE A BETTER NETWORK

3

3COM ® EXPANDING USER CONNECTIVITY IN EDUCATION WHITE PAPER
Authentication, Filtering, and Alerts “The connectivity of the IntelliJack is transparent to staff and students. We can easily manage the ‘who can have what’ access to the network for the entire school, down to the port.” —University IT manager

“Thanks to 3Com’s IntelliJack switch, NBX® Communications system, and Embedded Firewall solution, we’ve maximized our students’ safety and access to the technology they need to further their education. What’s more, we have greater control over our network operations....” —School district technology and data communications specialist

To control port network and application access, the network administrator can use the IEEE 802.1X authentication and RADIUS client functions of the IntelliJack Switch NJ220, as well as its MAC filtering, event alerts, rate limiting, and port-scheduling. The IEEE 802.1X authentication lets the administrator authorize port access by user name or ID, allowing use only by the students whose account payments are current, for example. The MAC address filter can give port access only to specific devices. Event alerts can let the administrator know whenever a device, such as an IP phone, is added to or removed from the network. The administrator can also remotely turn any port on or off. Port-based rate limiting lets the administrator control a port’s speed and duplex settings to prevent the downloading of music or video files, or to slow the spread of viruses. The administrator can also use the port-scheduling function to automatically “calendar” port configurations: for example, turn off network ports in K-12 classrooms each weekday afternoon after school, preventing after-hours use.
Subnet Privileges

Cost Control 3Com IntelliJack switches are the most economical way to expand user connectivity and have network reliability, manageability, and security. IntelliJack switches add more network edge device ports at a fraction of the purchase and ownership costs of running additional cabling. And unlike pulling cable, they are not a one-time investment: IntelliJack switches are scalable—easily moved and managed. To add four live ports to a room, the 3Com IntelliJack switch purchase price ranges from 39% - 87% of the purchase price for pulling more cabling. Often power source expenses tilt the scale further. Rooms without enough electrical outlets can require huge costs for upgrading the building’s electrical system. While the 3Com IntelliJack switch can run on a local AC power supply, it can also run inline on power provided by a PoE switch in the wiring closet or a PoE midspan solution, saving the costs of adding additional power sockets and electrical cables. The biggest savings from the 3Com IntelliJack switch arrive not at the time of purchase but in day-to-day administration. Support costs are exceptionally low. Almost anyone can do the installation: The only requirements are 10 minutes and a screwdriver. Any administrator employee or contractor can quickly and easily configure and troubleshoot an IntelliJack switch— even configuring advanced features like port-based rate limiting is straightforward, without arcane commands. No expensive Cisco- or Microsoft MCSE-certified administrator, special training, or union labor is required. Another budget bonus is that unlike device ports based on exposed cabling and freestanding equipment, 3Com IntelliJack switches help lower the costs of replacing stolen and damaged network assets.

To provide access privileges to specific groups of users, the IntelliJack Switch NJ220 and its support for IEEE 802.1Q portassigned VLANs let the network administrator create subnets without doing any rewiring. For example, the administrator can allow current students to access IntelliJack switch ports 2, 3, and 4, while giving port 1 to teachers for access to student records and grades. Each device port on a 3Com IntelliJack switch can be configured to a separate VLAN that controls inbound and outbound traffic according to user profile, increasing network efficiency and security.
Traffic Prioritization

To improve the performance of a converged network, the IntelliJack Switch NJ220 supports IEEE 802.1p traffic prioritization; for quality of service (QoS) at the port level, it supports TOS/DiffServ and multicast flooding control, as well as the IEEE 802.1Q port-based VLANs. The network administrator can assign priorities to particular ports—for example, making Port 1 for IP telephones, Port 2 for video streaming, and Ports 3 and 4 for data applications—to offer high-quality video transmissions and IP telephone service.

4

FREEDOM TO CHOOSE A BETTER NETWORK

3COM ® EXPANDING USER CONNECTIVITY IN EDUCATION WHITE PAPER
The Purchase Cost: Expanding Connectivity in a K-12 Classroom or Residence Hall
THE NEED:
Add three 10/100 Mbps device ports for voice, data, video Installation of three more 10/100 Mbps ports cable run plus connectors Power supply Additional ports in the wiring closet Total purchase cost Pulling More Cable $150 - $300 $0 $135* $285 - $435

COSTS TO PURCHASE
3Com IntelliJack Switch NJ100 (unmanaged) $140 $29 $0 $169 3Com IntelliJack Switch NJ220 (managed) $219 $29 $0 $248

* This cost is an estimate based on the average price of a 10/100 managed switch port in a workgroup switch. The average price of a managed switch in October 2003 was $48 (average list price of 12 main switching vendors). Assuming $45 per port, with 3 ports required for the additional cables to be pulled, gives 3 ports @ $45 - a total of $135.

Equipment Protection In all educational institutions, freestanding network equipment—including hubs, switches, wireless access points, cabling, and power supplies—can get abused. Equipment gets disconnected and broken. It also gets borrowed, misplaced, and stolen. The 3Com IntelliJack switch's design protects network ports, helping to reduce equipment replacement costs and increasing network reliability. An integral part of the institutions' networking infrastructure, the IntelliJack switch has an in-the-wall format that protects device ports from tampering, damage, and theft. User devices plug directly into the wall plate: the network uplink, downlink, and PoE are secured behind the wall, out of reach. Even the switch's power source can be secured in the wiring closet, in the form of a PoE switch or midspan solution. Support for IP Telephony Solutions 3Com IntelliJack switches' QoS, standardbased PoE, and power-forwarding features support networked telephony. To connect Ethernet phones, both the NJ100 and NJ220 IntelliJack Switch models can pass forward PoE to connect IEEE 802.3afenabled phones. To connect IP phones, the managed 3Com IntelliJack Switch NJ220 provides QoS functionality through IEEE 802.1p packet prioritization, IEEE 802.1Q VLANs, TOS/DiffServ support, and multicast flooding control. And the switch's patented Location Mapping utility lets the administrator quickly locate and remotely troubleshoot device problems, setting the stage for future telephony management capabilities.

Flexible Deployment The 3Com IntelliJack switch is the ideal way to add device ports in sites where pulling more cable is difficult or unsafe, and where electrical power is limited. Older classroom buildings and residence halls are especially imposing fortresses. Historic structures and buildings with solid concrete or brick walls, lead paint, or asbestos make drilling more cable runs complex and dangerous. Adding ports with the 3Com IntelliJack switch does not disturb any of the walls, floors, or ceilings. The 3Com IntelliJack switch also eliminates the tangle of tentacles in the ceiling and on either side of the wall, saving space and increasing safety. The 3Com IntelliJack switch clears the clutter of wires running between the wall plate, desktop hub or switch, and user devices. Consolidating four ports onto one Ethernet cable behind the wall also reduces the number of cable runs to the Intermediate Distribution Frame and saves space in the wiring closet. The inline power option makes the 3Com IntelliJack switch ideal for sites with limited electrical power, such as residence halls, classrooms, and buildings built decades ago. PoE delivers the needed power through the single Ethernet wire drop to each 3Com IntelliJack switch. In addition, PoE forwarding and pass-though connectivity in the3Com IntelliJack Switches NJ100 and NJ220 will co-locate the wiring for other functions—such as a separate data network, voice lines, or video applications—powering them all through the same in-the-wall switch.

“3Com’s IntelliJack switch is an amazingly simple solution that delivers four Ethernet connections for the cost of one, allowing us to give all our classrooms affordable access to educational technology.” —School district IT project manager

“Thanks to 3Com’s IntelliJack switch...we have significantly lowered our IT budget. Few investments have done so much to help our children.” —School district technology and data communications specialist

“The 3Com IntelliJack switch has reduced the university’s total cost of owning and expanding its wiring system, and has refocused the efforts of our Computing and Networking Services staff toward building up network services, rather than setting up connections.” —University network manager

FREEDOM TO CHOOSE A BETTER NETWORK

5

3COM ® EXPANDING USER CONNECTIVITY IN EDUCATION WHITE PAPER

Why 3Com
An established vendor to thousands of colleges, universities, and K-12 school districts around the world, 3Com applies its networking expertise to solve real-world problems. 3Com's emphasis on practical innovation results in solutions that accommodate budget and staffing constraints. Its strong partnership with VARs and systems integrators ensures excellent customer support. Its technology patents and responsiveness to customer needs create award-winning products. The innovative IntelliJack switch, another award-winning 3Com solution, lets school and college networks make connections omnipresent.

6

FREEDOM TO CHOOSE A BETTER NETWORK

3COM ® EXPANDING USER CONNECTIVITY IN EDUCATION WHITE PAPER
“We have been doing our utmost to expand our network while getting maximum use of existing wiring. The NJ200 3Com IntelliJack switch was an innovative solution for us. The connectivity of the NJ200 is transparent to staff and students. We can easily manage the ‘who can have what’ access to the network for the entire school, down to the port.”
—Larry Harrison, Information Technology Manager, Joseph L. Rotman School of Management, University of Toronto, Ontario, Canada

“Thanks to 3Com’s IntelliJack switch, NBX Communications system, and Embedded Firewall solution, we’ve maximized our students’ safety and access to the technology they need to further their education. What’s more, we have greater control over our network operations and have significantly lowered our IT budget. Few investments have done so much to help our children.”
—Max Mulliner, Technology and Data Communications Specialist, Jordan School District, Utah, U.S.A.

“3Com IntelliJack switches are easy to install and use—without engineers. Installation is easy. It shortens the total period of time it takes to build and set up the network system.”
—Kim Yonghwa, Network Manager, Chonbuk National University, South Korea

“3Com’s IntelliJack switch is an amazingly simple solution that delivers four Ethernet connections for the cost of one, allowing us to give all our classrooms affordable access to educational technology.”
—Jim Blackwell, IT Project Manager, Katy Independent School District, Texas, U.S.A.

“The 3Com NJ200 IntelliJack switch has reduced the university’s total cost of owning and expanding its wiring system, and has refocused the efforts of our Computing and Networking Services staff toward building up network services, rather than setting up connections.”
—Rabib Itani, Network Manager, American University of Beirut, Lebanon

“The unique design of the 3Com IntelliJack switch enables us to affordably install additional ports in a fraction of the time and cost previously required.”
—Tim Feltner, Supervisor of Telecommunications, Cherokee County School District, Georgia, U.S.A.

FREEDOM TO CHOOSE A BETTER NETWORK

7

3COM ® EXPANDING USER CONNECTIVITY IN EDUCATION WHITE PAPER

Profile of A University Solution
The American University of Beirut (AUB) completed a large contract project in 1999 that wired 4,500 network nodes across its campus and adjoining medical center. The resulting network, known as AUBnet, “became a vital utility that offices, classrooms, and research labs could not evolve without,” explains Rabib Itani, AUB network manager. The success of AUBnet fueled more demand for connectivity at the network edge. When demand from the university’s 6,500 students and 3,500 staff outpaced available nodes, AUB entered into a contract to add more device ports on an as-needed basis. This expansion method turned out to come at a high price, in AUB’s cost per node and administration costs as well as the delays and disruptions it caused users. And “the random nature of the expansion contributed heavily to the increase in the cost of owning the wiring system,” Itani says. He began investigating alternatives. The solution for AUB was the 3Com IntelliJack Switch NJ200. Itani explains why. “The NJ200 provides a much faster, simpler, and cost-effective response to AUB users’ needs for additional network connections. It contributes to speeding up research and computing services for users. There is less wiring work on site, reducing interruptions to normal daily work. Moreover, the NJ200 has reduced the university’s total cost of owning and expanding its wiring system, and has refocused the efforts of our Computing and Networking Services staff toward building up network services, rather than setting up connections.” The 3Com IntelliJack switch solution greatly improves the effectiveness of AUB network staff. The simple-to-install NJ200 brings faster responses to user requests for connectivity. The unique Location Mapping feature can remotely pinpoint any device on the network, speeding troubleshooting. PoE capabilities end troubles with providing additional power to the user desk. The manageable NJ200 allows AUB to maintain its security policies, providing port-level traffic monitoring, SNMP traps, and VLANs. All these attributes contribute to AUB’s strategy of reducing total cost of network ownership while maintaining high service levels for its users.

3Com Corporation, Corporate Headquarters, 350 Campus Drive, Marlborough, MA 01752-3064 To learn more about 3Com solutions, visit www.3com.com. 3Com is publicly traded on NASDAQ under the symbol COMS.

The information contained in this document represents the current view of 3Com Corporation on the issues discussed as of the date of publication. Because 3Com must respond to changing market conditions, this paper should not be interpreted to be a commitment on the part of 3Com, and 3Com cannot guarantee the accuracy of any information presented after the date of publication. This document is for informational purposes only; 3Com makes no warranties, express or implied, in this document. Copyright © 2005 3Com Corporation. All rights reserved. 3Com, the 3Com logo, SuperStack, and NBX are registered trademarks of 3Com Corporation. Exercise Choice is a trademark of 3Com Corporation. All other company and product names may be trademarks of their respective companies. While every effort is made to ensure the information given is accurate, 3Com does not accept liability for any errors or mistakes which may arise. Specifications and other information in this document may be subject to change without notice. 503151-001 04/05


				
DOCUMENT INFO
Shared By:
Categories:
Stats:
views:55
posted:8/12/2008
language:English
pages:8