Network Infrastructure Upgrades

As part of our ongoing capital lifecycling program, NMC is planning major upgrades to various parts of the network infrastructure.

Firewalls

The current firewalls that deliver virtual firewall services to the campus have been in service for over a decade, reliably providing secure service and enabling departments to flexibly manage their own security policies. The firewalls were declared end-of-life by the vendor in 2015 and are no longer supported. In addition, the volume of campus traffic has grown considerably over the years and higher performing hardware is needed to meet demand. There are several firewall pairs supporting the campus and all will be refreshed to newer, higher performance hardware. Clients will experience a significant performance improvement with up to 20 Gbps throughput and IPv6 capability.

Switches and Routers

End-of-life was announced for some of the switches and routers deployed in the campus core. Two switch and router pairs (supporting 62 departments) need to be replaced and will be consolidated into a single pair of newer, higher performing hardware. In addition, these switches will be configured with virtual switching system (VSS) technology which will effectively double the bandwidth capacity of building uplinks, shorten failover time, and increase operational efficiency.

UBCO

UBCO uses the same hardware models and will be conducting their upgrades independently – planned for Summer 2016.

Teaching Hospitals

For more information, please visit the THNE project page.

 

What to Expect

Firewall Upgrades

Before conducting any virtual firewall migrations, the new firewalls are installed and deployed into service. Each virtual firewall can then be migrated individually by transforming the old configuration into a new configuration format that is compatible with the new firewall. The configurations are prepared in advance and are ready to use on the migration day.

NMC will contact each department to arrange a time for the migration. The migration lasts several minutes and will result in dropped connections since new sessions will pass through a new firewall pair. Most applications recover their connections automatically. NFS mounts are sensitive and may require remounting post-migration. We recommend clients checking on their systems and applications post-migration to ensure all is functioning as expected. If any issues are discovered, please contact the ITSC and NMC immediately for immediate resolution.

 

Switch and Router Upgrades

Two switch/router pairs supporting the department building networks will be upgraded under this lifecycle program. A third pair is already up-to-date and does not require updating at this time.

The new pairs are rack mounted near the existing hardware being replaced and some cabling will be prepared in advance. The final cutover will require an interruption in network services lasting 10-15 minutes while cabling and configurations are cutover to the new equipment. Many services will be affected including local department network segments, VOIP phones, wireless, digital signage, credit card payments, Internet access, keycard access, building management systems, and anything else that depends on network connectivity in the building.

NMC will contact each department to arrange a time for the migration. It is recommended to make any necessary preparations for this outage such as shutting down systems, backing up data, and notifying staff.