UCD IT ARCHITECTURE Executive Su by ps94506


									                     UCD IT ARCHITECTURE

                           Executive Summary

                       Prepared by:
                       On behalf of:         UCD Computing Services
                       Date:                 January 2004

Unit 2054
Citywest Business Campus
Dublin 24, Ireland.
Tel: +353-1-642 0100
Fax: +353-1-642 0161
                                                                              IT Architecture

       1     Executive Overview

       1.1 Background
       This document is the report of an extensive, formally managed, study of the existing UCD
       computing environment by outside experts in cooperation with the UCD Computing
       Services staff. Driven by the requirements emanating from the UCD “Electronic
       Communications and Information Technology Strategy (Jan 2003)” and the direct input
       from the users of IT services, the report recommends a technical architecture and
       implementation plan which will provide UCD with the reliable, secure high performance
       computing environment needed for the future.

       1.2 Project Remit and Report
       The remit of the project was to define and cost a viable IT architecture for a 3 to 5 year
       period, which would address both current IT issues and establish a sound basis for future
       growth and development. In answering this remit, the report proposes a three phased
       implementation approach:

       Phase 1 – Achieve reliability & performance
                 The report recognises that there are issues of performance and reliability which
                 need to be addressed immediately. It therefore proposes a number of short term
                 improvements, which can be implemented without compromising the long term
                 architecture design and implementation.
       Phase 2 – Cater for growth & change
                 The essential issues facing UCD relate to the growth in use of EICT services and
                 the level of change anticipated over the duration of the plan. Phase 2 is explicitly
                 aimed at addressing the implications of such expansion. This will require an IT
                 architecture which provides high levels of availability and reliability, with
                 implications for network infrastructure, scale and design of data centre services,
                 and a new level of operational monitoring and management.
       Phase 3 – Provide redundancy & recovery facilities
                 The third phase of the architecture focuses on increasing redundancy and
                 implementing recovery and business continuity facilities. It also consolidates the
                 move to an “Enterprise Data Centre”, and fully redundant network.

       The proposed plan was established following consultation with key users, and is designed
       to address the clearly identified challenges facing IT within UCD. The need to consider
       immediate demands and to provide a stable environment is of paramount importance.
       However, the EICT strategy and future UCD plans require a new scale of IT services and
       hence a new approach to their design and management. These changes are driven both
       by outside influences: advances in technology, and a very diverse user population; and by
       the new strategy for teaching and research at UCD.

Ward Solutions                           Page 2 of 10                      UCD Computing Services
                                                                                    IT Architecture

       1.3 Level of Growth & Change
       The level of growth over the life of the proposed IT architecture is best illustrated by looking
       at the user population and the network infrastructure expansion.

       Traditionally, the number of users
       accessing IT services has been                                                                 Home PCs
       restricted by the number of                                                                    Laptops
       physical desktop PCs provided on                                                               UCD Desktops

       campus. This view is completely
       changed by the growth in “student
       owned” PCs, both at home and
       through laptop programmes. The
       expectation is that there will be
       “One PC” per user rather than a
                                                  2001 2002 2003 2004 2005 2006 2007 2008
       fixed limit on devices.

       Figure 1 Growth of User Computing Devices

                                                                                 The size of the physical
          20000                                        Refurbished Network
                                                       Points (cuml.)            network infrastructure,
                                                       New Building Network      continues to grow, and will
                                                       Points (cuml.)
                                                                                 expand towards a “One
                                                       Baseline Network Points
          10000                                                                  network point per user”
                                                                                 scenario. This is driven by
           5000                                                                  new building development,
                                                                                 the establishment of
                                                                                 Research Institutes and the






                                                                                 ongoing refurbishment of






                                                                                 networks in older buildings.
       Figure 2 Growth of Network Connection Points

       The impact of these changes is that while the total number of students and staff in UCD
       remains stable, the use of IT services has doubled over the past 3 years and will double
       again over the next 3 to 5 years. This reflects the intensity of use of electronic material and
       applications in all areas – Teaching, Research and Administration – with increasing
       pressure on storage capacity, network bandwidth and performance.

       1.4 Conflicting Demands of a Complex Business
       The diversity of users and activities within UCD result in a wide variety of demands for IT
       services. These range from basic facilities such as email, Internet and Business
       applications; to the requirements of research groups for open network access and the
       ability to host a variety of servers locally on the network.
       The result is a conflict of requirements which cannot easily be accommodated by a single
       set of services and infrastructure. The demands of one group for open and unrestricted
       access, may compromise the performance of a core service essential to all. Equally,
       because of the diversity of use, it is difficult to predict load or to plan for orderly expansion.

Ward Solutions                            Page 3 of 10                           UCD Computing Services
                                                                               IT Architecture

       1.5 Weaknesses in the current environment
       The existing IT infrastructure and architecture is the result of organic growth over a long
       period as UCD computing evolved from the early “mainframe”, to user based PCs. As a
       result, it has a mix of technologies, some well suited for their task and some obsolete.

       The basic premise is a “one size fits all” set of services. Recent developments suggest that
       different Faculties, Institutes and User Groups require individual sets of services, with
       scope for diversity and varying pace of change.

       The “operational window” for many services has expanded to 24 hours a day, 7 days a
       week; while the core IT services and support are still limited to “office hours”.

       Current systems and infrastructure were certainly not designed to provide the level of
       availability expected in the future – as identified by the users and the EICT strategy.

       The network was conceived as an open environment, with access for academic staff to
       publish services, and to collaborate freely with other institutions. As such, there are
       minimal controls placed on the configuration of user equipment and the scope of services.
       While this is a necessary requirement for research activities, it can compromise
       performance overall and impact business critical applications.

       The long term trend is for open access to students with laptop PCs, also with limited control
       on the configuration of the equipment. The architecture must therefore cater for essentially
       “public” access requirements, while maintaining high levels of performance of core systems
       (e-Learning, email etc..)

       The conflicts can be summarised in the following way:

       All UCD IT users need Stability & Reliability of IT Services:
       That is, they need network connectivity, basic applications and a stable environment within
       which to operate. This core set of services is expected to be available 99% of the time,
       within a 24x7 operational window.

       But. . .

       Many also need Flexibility, Local Services and High Performance
       That is they need to configure their own services, have reasonably open access to the
       network, use additional technology and applications within their own Department or Project.
       The implications for the architecture are that it must cater for:
                            • Unrestricted network access
                            • User run servers & services
                            • Anytime / Anywhere availability
                            • High performance & bandwidth
                            • New devices & technologies
       Balancing this diversity and designing an architecture which can accommodate the
       spectrum of requirements is a significant challenge.

Ward Solutions                           Page 4 of 10                      UCD Computing Services
                                                                              IT Architecture

       1.6 Overview of the proposed Architecture
       Based on the issues identified, the key goals of the new architecture were established:
          a) Meet the user requirements and objectives of the EICT strategy
          b) Provide the essential availability and performance levels
           c) Accommodate growth and change – i.e. scalability
           d) Address the conflicting demands – balancing flexibility and reliability
       The fundamental principle adopted in the new architecture is to divide the enterprise
       architecture into physical, logical and functional boundaries (zones) comprising:
                    • University campus locations
                    • Server farm locations
                    • Disaster recovery locations
                    • Wide area network and Internet backbone
       This approach separates servers from local networks, research zones from regular desktop
       computing, and provides the means to limit the impact of each activity on the performance
       of another area. While all the “zones” utilise the same physical network infrastructure, they
       are separated as “virtual networks”.

                                  Operations, Monitoring & Management Framework

                                  Campus                                Main UCD
                                  location                              Servers
                                  Campus                                Research          Servers &
           (in UCD)
                                  location                              Computing         Services

                                  Campus                                Recovery
                                  location                              Servers

                                                                 UCD Backbone Network

       Figure 3 Logical Representation of Enterprise Architecture
       The architecture proposes that each zone would have redundant connections to the UCD Wide
       Area network backbone, and to the Internet. It also provides an “open network zone” which
       would be available where unrestricted external access is required. A separate Research
       computing server zone allows for dedicated housing of research computing equipment, with the
       potential for greater bandwidth and guaranteed availability levels.
       Within the logical Server Blocks, five key service groups have been identified for consolidation of
       the IT infrastructure and implementation of redundant, high availability hardware:
           •     Access and personal services: UCD Connect, email, calendar & network files
           •     Business servers: Student systems, financial systems, HR systems
           •     E-Learning and content servers: Blackboard and UCD Web sites
           •     Research IT facilities: Hosting & network services
           •     File / Print and Application servers

Ward Solutions                             Page 5 of 10                    UCD Computing Services
                                                                            IT Architecture

       1.7 Primary Architecture Recommendations
       Based on the overall architecture described above, the project has identified eight key
       objectives and a series of actions required to implement these objectives. They are aimed
       at achieving the zoning of the network, providing highly available environments for the key
       Server Blocks, and ensuring the necessary monitoring and management is in place to meet
       the required service levels.

                                             Monitoring &

                                               Wide area
                     Network Zones –           backbone
                                                                  Server Groups –
                       independent              network           High Availability


       Figure 4 Summarised Architectural Recommendations

       1.7.1 Access Services, UCD Connect & Email
       Objective: To provide a fast, reliable, secure environment for access to
       EICT services both on and off campus.
           •     Implement and scale UCD Connect environment to provide access, email and
                 basic services from any location
           •     Implement common authentication & authorisation service
           •     Provide physical access points at campus locations – wireless & wired to
                 accommodate growth in user devices

       1.7.2 Business Servers
       Objective: To provide a secure, high performance, redundant
       environment for business critical services (such as Finance, Payroll and
       Student Registration.)
           •     Consolidate server environment to support current services and initial expansion
           •     Replace hardware with new environment to provide necessary scale, performance
                 and redundancy to support ASPIRE project goals

Ward Solutions                           Page 6 of 10                    UCD Computing Services
                                                                                IT Architecture

       1.7.3 E-Learning & Content Servers
       Objective: To provide the information technology infrastructure to support
       e-learning and electronic content requirements.
           •     Scale e-Learning environment (Blackboard) to support growth and to provide
           •     Phase out “On-line Classes” environment & migrate
           •     Plan future platform for web and content management

       1.7.4 Research Services
       Objective: To provide the flexible IT infrastructure required to support
       Research and to allow flexibility in deploying experimental and advanced
       technology projects.
           •     Create shared location for deployment of research servers with dedicated
                 bandwidth, power and support facilities
           •     Provide network services catering for research projects
           •     Provide “open” network area for experimental projects
           •     Provide access mechanism for electronic journals & content

       1.7.5 File / Print / Application Services
       Objective: To provide reliable and secure file, print and application
       services for teaching and personal use.
           •     Review file / print / application technology environment
           •     Provide distribution facilities for software – ftp & CDROM, Terminal Services
           •     Plan application requirements with individual Faculties & deploy locally or centrally
                 as appropriate
           •     Implement personal & group file access via UCD Connect

       1.7.6 Networks & Infrastructure
       Objective: To ensure the availability of a reliable, fast network with
       redundancy for each campus and Server Block.
           •     Implement network “Zones” for each campus and server group
           •     Implement wide area backbone for interconnectivity
           •     Implement redundant connections for sites & server groups
           •     Introduce 24x7 monitoring & management
           •     Provide separate & extended network facilities for Research
           •     Move experimental network use to “open zone”

Ward Solutions                            Page 7 of 10                       UCD Computing Services
                                                                               IT Architecture

       1.7.7 Recovery Facility
       Objective: To provide the IT infrastructure required to ensure the
       necessary level of business continuity for the University.
           •     Investigate options for recovery site (e.g. UCD campus, HEAnet, commercial)
           •     Select site & implement initial recovery hardware with network and access facilities
                 (for selected services)

       1.7.8 Monitoring & Management
       Objective: To implement the operational processes necessary for the
       proposed IT architecture, and reach the new target availability and reliability
           •     Automate monitoring & escalation activities, with 24x7 response for key infrastructure
           •     Initiate project to improve operational procedures based on industry standards
                 such as “ITIL”
           •     Create “Enterprise Data Centre”

       2.8 Implementation Plan & Costs
       The successful deployment of the proposed IT architecture depends on a combination of
       the physical infrastructure (the servers & networks which provide the necessary availability
       and performance), the design and configuration of the environment to reduce interaction
       between conflicting activities (the zoning), and the implementation of appropriate
       monitoring and management processes consistent with the “enterprise data centre
       philosophy” which is the aim of the proposed architecture.
       These   three elements are each essential i.e.
          •     High availability infrastructure,
          •     New network configuration with zoning
          •     Monitoring and management procedures

       The projects identified for each phase of the implementation are designed to ensure that
       each aspect of the architecture is given sufficient weight. In particular, the implementation
       of new configurations and the transition to new monitoring and management are, of their
       nature, time consuming and often neglected for the more tangible “infrastructure” upgrades.
       For this reason, short term measures to improve infrastructure are identified in Phase One,
       in order to give the necessary time to implement configuration changes and new
       operational procedures.

       Phase One Projects
       These focus on the short term performance improvements and long term design changes,
       including operational procedures:
            • Improve current network – reliability, redundancy & building refurbishments
            • Improve current server reliability – add redundancy
            • Implement network and server zoning – performance & scalability
            • Improve monitoring & management procedures (ITIL)
            • Implement common authentication service
            • Implement access facilities to cater for mobile devices & changing user needs

Ward Solutions                            Page 8 of 10                     UCD Computing Services
                                                                                 IT Architecture

       Phase Two Projects
       These focus on adding key infrastructure blocks; providing high availability servers; and
       implementing redundant network connectivity. Transitioning to an “Enterprise data centre”
       should proceed in tandem with these projects:
           •     Continue new WAN / MAN and add further network redundancy
           •     Implement enterprise data center procedures & processes (ITIL)
           •     New business servers – design, tender & implement
           •     Scale & consolidate portal/email environment – tender & implement
           •     Provide Research IT facility – hosting environment, network & services
           •     Implement fully redundant, scalable e-Learning environment

       Phase Three Projects
          • Enterprise data center, with associated monitoring and management
          • Disaster recovery / business continuity facility
       Implementation Schedule
       A draft implementation schedule covering the first 3 years of the architecture has been
       prepared at a high level. This schedule reflects the over-riding priority of improving and
       extending the network infrastructure, as this impacts on the performance and reliability of
       all services. Initial work on server infrastructure is also planned for the early stages of the
       architecture, together with key services for authentication, management and security.

       Summary of Costs
       The projects have been costed over a 5 year period and broken down into 3 major areas:
          Technical Architecture:        Covering the implementation of the new IT Architecture.
          Network Refurbishment:         Covering the replacement of all legacy network cabling.
          Recurrent Costs:               Estimating the ongoing cost of refreshing the technology.
       As the continuing presence of older cabling in buildings causes very significant performance
       issues, this refurbishment work is an essential part of the complete implementation.

       1) Technical Architecture                           Sub Total: 9.5 mil
                 Comprising:                                             (EU 000)
                        Network Backbone,WAN, Zoning, Wireless             3,200
                        Authentication, Monitoring & Management              900
                        Business Architecture                                850
                        Research Computing                                 1,200
                        eLearning Architecture                               650
                        UCD Connect                                        1,350
                        File, Print & Applications                           450
                        Storage                                              800
                        Other ( RIS & small servers )                        150

       2) Network Refurbishment    (2004/08)               Sub Total EU 5.5 mil
       3) Equipment replacement cycle (post ’07)           EU 1.5mil pa

       Total five year costs: EU15mil             Ongoing recurrent costs:           EU1.5mil
       The five year cost breakdown is as follows:
        2004            2005          2006           2007           2008            Total
        3.37 mil        3.64mil       3.13mil        2.45mil        2.35mil         14.94 mil

Ward Solutions                            Page 9 of 10                        UCD Computing Services
                                                                                 IT Architecture

       1.9 Benefits of the Solution
       The proposed architecture provides the necessary infrastructure to support and deliver the
       key IT services identified as essential to the University. It will enable the implementation of
       UCD’s EICT strategy which sets out a plan for IT to support the teaching, research and
       business objectives of the University, comprising:
                 Ø   Single enterprise eLearning environment
                 Ø   Anywhere / Anytime access through UCD Connect
                 Ø   Comprehensive, web accessible business applications
                 Ø   Support & IT facilities for the research community
                 Ø   A highly efficient communications network
       UCD currently has a unique set of IT services, which are ready to deploy, with many in
       active use by its users – students, staff, researchers and administration. The core issue
       addressed by the architecture is to provide an infrastructure which will scale to meet the
       demands of these users, and which will provide high performance and high availability of
       systems, services and information resources.

       The proposed architecture will have the following benefits to the University:
           •     Provide a blueprint design template for implementation of a highly scalable, highly
                 available, high performance, secure set of services as laid out in the University
                 EICT Strategy.
           •     Provide a blueprint against which estimate of cost vs. benefit for targeted levels of
                 service can be conducted by all stakeholders.
           •     Provide a flexible framework which can be tailored to the University’s changing
                 demands over the lifetime of the architecture project
           •     Provides a phased implementation plan catering for quick wins as well as
                 achievement of medium to long term strategic objectives.
       The implementation of the Architecture will allow UCD to plan for future growth and
       development of IT services within a technical environment which is capable of expansion
       and which will meet the demands and service requirements of its users.

Ward Solutions                            Page 10 of 10                      UCD Computing Services

To top