Auburn Campus Cyberinfrastructure Plan
Auburn University recently completed the construction of a $13 million building for the Office of Information Technology towards the end of 2011. The new building enables consolidation of OIT employees from nine different buildings, including Dunstan Hall, Haley Center, L Building, Parker Hall, Property Services Building, Telecom and ETV Film Laboratory, Telecom and ETV Scene Shop, Telecom Studio and ETV Office, and Telecommunications and ETV Studio. The next three to five years will see enhanced development of Cyber-Infrastructure resources in support of research at Auburn University. Given the prevalence of Information technology and its superb importance to our mission for teaching, research and outreach, Auburn University has charged the Office of Information Technology to lay down a strategic plan for future growth and sustainable operation in the coming decade. This strategic plan helps aid our development and guide our execution of operations and management.
1. Consolidating all OIT offices across the campus
Our first step is to consolidate OIT offices from nine different campus locations into the new OIT building. We will continue to operate delegate offices at various units that require significant amount of close IT services, such as the College of Engineering and the College of Science and Mathematics. But the majority of our IT administrators will be located at the OIT building. Furthermore, we will continue to have one designated computing and networking service team for individual colleges and schools. These branch teams are located at the College of Engineering, the College of Science and Mathematics, the School of Forestry and Wildlife Sciences, and the College of Veterinary Medicine, to name of a few.
Along with consolidation, we are also in the process of consolidating many small computer equipments around the campus and put them in the reserved computing spaces at the new OIT building. Such consolidation will help us improve communication between our various groups as well as the ability to more quickly address certain IT needs and issues.
2. Participation in the InCommon Federation Identify Management
Currently, Auburn manages all faculty and student identifications through the identity management office, a subordinate unit under the Office of Information Technology. One most complaint practice is that any user of our campus IT cyberinfrastructure has to personally visit our identity office before any access card or user identity is granted. This has made remote network-based collaboration on Auburn cyberinfrastructure hard to realize. The OIT office is fully committed to fix up this dilemma. Our solution is first to decouple the unified identity management for university residents (faculty, staff and students) and the remote users.
The University plans to go through discussions for this decoupling. After that, OIT will embrace the InCommon Federation Identify Management as promoted by the National Science Foundation. A working group has been created which includes members of the Identity Management, Server Administration, User Services, and Meta-Directory teams, and plans are in place to join InCommon. This is not a new initiative, and the technology groundwork has been laid over the past year to facilitate this process. The University Counsel has committed resources to help in the development of the appropriate Identity Management policies, and we will also include our sister campus, Auburn University at Montgomery, in the initiative. Currently we expect to sign InCommon agreement in Year 2013 with Internet-2 (Auburn University is a long-standing member of Internet-2).
3. Renovating campus network backbone and upgrading external connections
Our current backbone consists of three switches located in three buildings, including the OIT building, the Haley center and the Engineering Network Service at the College of Engineering. This backbone is at most incommensurate with the astonishing growth of our campus IT demands, and hardly meets our objective of growing IT capability for our student and faculty. There are two main renovation efforts headed by the Office of Information Technology. We plan to replace the backbone with two sets of cisco switches including two cisco 7000 switches and six cisco 6000 switches. The two 7000s will be connected at 80 Gigabit/sec via eight 10-Gbps links. All six 6000s will be connected to both 7000s at 40-Gbps via four links. The redundant connections to both 7000s are intended for resilience. The diagram in this document shows the conceptual view for the new backbone of Auburn campus.
On the other hand, the Office of Information Technology is collaborating with the Alabama Supercomputer Authority and the Southern Crossroads Network to upgrade the external connectivity to the campus. We intend to expand high-speed connections upgrades to the campus border firewall and router. The intended expansion includes a speed upgrade from 2Gbps to 3Gbps and the acquisition of a new 1Gbps failover connection to the Alabama Research and Education Network. The expected completion of these connections is December 2013.
4. Establishing dedicated network enclaves for Scientific Research at Auburn
Currently on Auburn campus, there is no dedicated networking and data transfer services for scientific research. However, the data transfer requirements from scientific computing groups differs significantly from the rest of the networking demands. For example, they turn to be very sensitive to packet losses as such failures can dramatically degrade their data movement speeds, and prolong user perceived network transfer time. Second, they turn to last for a long duration of time and as a result, are very vulnerable to interference caused by numerous and never-ending flows of small packets from email and web surfing customers. Third, many scientific research groups are data driven and their workloads generate bursty data and need immediate storage, reduction, and analysis services. Some even needs online data visualization, which cannot be handled in a centralized manner at the OIT building. So the OIT office is planning to establish several dedicated network enclaves to prioritize data transfers between scientific computing groups. The top scientific collaborating organizations on our list include the School of Forestry and Wildlife Sciences, the Department of Computer Science and Software Engineering, the Department of Pharmacy Care Systems, the Department of Physics, the Department of Fisheries, and the MRI (Magnetic Resonance Imaging) Center.
This task is currently at its exploratory phase. However, OIT is fully committed to make it happen. We have sent a number of our staff members to attend the network summit conferences hosted by the Internet-2 community. We have also attended several data storage conferences such as MSST 2012 in Monterey, California to explore the integration of dedicated network enclaves and high-speed storage area network for the needs of data-intensive scientific computation research.
5. Achieving IPv6 Compatibility
We are in the process of making our campus network fully compliant with IPv6 in order to roll out with complete readiness along with our upstream connections, such as Internet-2. The University has been running IPv6 on a few subnets for several years. The new backbone will provide the opportunity to rebuild the IPv6 address plan and infrastructure based on new technology and standards of practice. At the moment, the cisco border gateway is not IPv6 ready. We are planning to have a firmware upgrade to
make it IPv6 compatible. The biggest hurdle for the entire campus network to be IPv6 ready is on our security gateway and firewalls, which are costly products for a complete upgrade. The OIT office is planning to evolve our IPv6 compatibility in two phases. In the first phase, we will install both IPv4 and IPv6 to make sure that network devices can choose to join either of the two modes. The second phase, we will allow edge devices to connect to our network through exclusive IPv6 connections. This two-phase plan will offer us a smooth and non-intrusive migration plan for the entire campus cyberinfrastructure.
6. Research Storage and Data Center
The University has created a centralized Research Storage System (AUSpirit) of 150 Terabytes. The plan for the management of the storage system allows for it to be initially administered by the College of Science and Mathematics IT staff, and later taken over by the Office of Information Technology within three years. This system is a key component in an initiative to create resources to help AU researchers comply with Data Management Plan requirements.
The University has recently built a new Data Center, and committed to make space available for research storage and computing resources. This system is currently in use, and plans are being made to expand the data center floor space available to researchers as needed. Current resources are expected to be adequate until 2014, and expansion can be easily inexpensively accomplished to meet needs until 2016. The University is also exploring the possibility of building a second research computing data center space, which could be available in 2017.
7. Fiber Infrastructure for Research Park
The University currently has a comprehensive fiber-optic network built using current standards and state-of-the-art fiber optic cable. All buildings in the core of campus are dual-attached, allowing for fault tolerance and higher throughput. The University has recently built a research park, which serves and an industry incubator and “meet-me” point for collaboration between industry and university research teams.
The research park buildings are connected to the fiber backbone, but not with the same degree of redundancy as the buildings in the core of campus. Plans are under way to extend the dual-attached design into the research park. Partial funding is available, and additional funding is being sought. Expected completion is 2014.
8. Performance Monitoring
The University currently uses a variety of commercial and open source tools for network and server performance and security monitoring. An effort is under way to reduce the number of tools in use, but improve the data that is available to system and network administrators regarding the performance of the servers and network. One key component of this commitment to improve monitoring is the recent expansion of our Splunk license. Another significant facet of this monitoring infrastructure is our use of the “Snort” open source Intrusion Detection System. We have many Snort monitoring systems already in place, and would like to expand this capability into the peripheral networks in the individual colleges and schools. We see this not only as a prudent measure to protect research data, but also an opportunity to provide hands-on access to production security information to our faculty and researchers in the Cyber-Security fields. This effort is ongoing, and continuous.