NUSNET 6 - NUS IT Report Card 2022

IT Report Card 2022

Network-King

2/2 -

NUSNET 6 – Upgrade to Campus and Hostels Network

About

The upgrading of NUS’ extensive campus network, NUSNET6, will enable the campus wireless network to support WiFi 6 to provide faster and more reliable wireless performance. The network upgrade also includes the adoption of a homogenous platform for access layer connectivity and transformation of the campus network to Cisco Software-Defined Access network, for more secured access.

At the hostels’ end, as the network is made up of old ALU switches – which have served NUS well for the past 10 years, these hardware components supporting the hostels have already reached the end of support. To maintain a highly reliable network access required by residents, it is imperative to upgrade the current wired network infrastructure.

COVID-19 acceleration:

The NUS network has always coped with huge surges in users in high-density regions at events with crowds and major online events — such as the annual NUS Open House, career fairs, countless e-lectures, and campus-wide e-examinations.

When the pandemic began, implementing measures such as crowd-controlling policies (Green/Red pass), crowd segregation by zone, crowd insights, and contact tracing became key priorities for NUS. All of these rely heavily on data to achieve their objectives and there was no technology platform or tool available then to provide data that was close to real-time with 100% accuracy.

The network team ‘braved the storm’ to make the upgrade possible.

Features

Reliable Platform

Enhanced network reliability with new hardware and redundancy so that both our wired and wireless network services are robust and highly reliable for teaching, learning and research

Hi-Speed Wi-Fi 6 Access

A consistent and dependable wireless connection anywhere in campus. IT supports: (1) 4X more performance and wireless devices so that researchers are able transfer large amount of data seamlessly (2) Use of innovative technology such as Augmented Reality (AR)/Virtual Reality (VR) for teaching/learning (3) High number of concurrent devices connection per classroom (up to 200 connections per Access Point) for effective online learning.

High Capacity & Performance

Scalable network capacity to meet the massive growth in digital workload for the next decade. This includes any IoT devices, mobile devices, servers, applications & cloud-based IT solutions. Furthermore, the network needed to support the High Performance Computing (HPC) needs of the NUS research community.

Service Agility

Automate the exponential growth and management of NUS network devices for sustainable operation and enable self-service for frictionless and secure onboarding of users’ IoT devices.

Security Intelligence

Mitigate modern day cyberattacks through agile network segmentation by providing the ability to detect network threat with AI behavioral analysis capability and to detect and lock down/isolate infected host rapidly.

Our upgraded network consists of:

SDA Edge Switches

POE+ Switch Ports

Non-SDA Edge Switches at Hostels

SDA Wireless Access Points (WAPs)

Non-SDA WAPs at Hostels

Daily, the network serves approximately 50,000 unique wired clients and 200,000 unique wireless clients, and enables the download of 40TB of wireless data and 20Gbps of uplink throughput per edge switch stack.

The core and distribution network topology, made up of 6,700 ports with a mixture of 10Gbps and 40Gbps interfaces with an 80Gbps uplink throughput, is fully distributed across four locations connected with dark fibre and forms the underlay backbone for the campus fabric network.

A more secure NUSNET6

With the new campus fabric network, NUS can achieve endpoint mobility throughout the campus and apply consistent authentication and segmentation policy. Currently, NUSNET applies segmentation authentication that is applied uniformly across all endpoints to control lateral movement (East-West traffic). All the devices connecting to the NUS network are authenticated based on identity or a MAC address for non-supplicant devices. Since the upgrade, there is no more open access to the NUS network, which significantly reduced the spreading of malware from compromised endpoints.