Campus Networks

Campus Network Infrastructure-Primer: HyperEdge Architecture for K12 School District Networks

by ‎04-12-2013 11:35 AM - edited ‎08-06-2014 08:23 AM (4,383 Views)

Synopsis: Primer about designing K12 School District networks using Brocade's HyperEdge™ Architecture for wired and wireless networks.

 

Contents

12355_SchoolDistrict_PrimerHeader.jpg

 

Summary

Public education is undergoing a revolution. This is driving unique requirements for the network infrastructure as more school districts integrate the internet, social media and video content and distance learning into their curriculum. With the growth of personal devices such as tablet computers and smart phones extending down to the elementary school, parents expect the school to be an extension of their at-home network. But, many school districts have networks built with technology that was popular a decade or more ago. They need to upgrade and to be confident that the new equipment will co-exist with older technology already in-place.

Brocade is being approached by school districts across the United States to help them extend their networks into the 21st century. We see three important trends driving districts to upgrade the network.

  • More devices connected to the network such as Voice over IP (VoIP) phones, security cameras and badge readers.
  • Wireless LAN (WLAN) access reaching into every classroom capable of handling interactive multi-media, streaming video, and interactive on-line instruction.
  • A Limited number of trained network administrators mean networks have to minimize the need for them to travel to schools for configuration, management and troubleshooting.

Districts need cost-effective solutions that keep the network from becoming the “weak link” that prevents better outcomes for their students.

Brocade’s recently introduced its HypeEdge® architecture for campus networks. The HyperEdge architecture includes several key features tailored to the needs of public school districts.

  • 10 Gigabit Ethernet (10 GE) for switch-to-switch links
  • Integrated sFlow protocol for traffic analysis and monitoring
  • Power-over-Ethernet Plus (POE+) for wireless LANs (WLAN)

Rich media and real time access to it drives the need for more bandwidth in the school. Today, 10 GbE inter-switch links ensure the traffic flowing between the classroom and the district metro-WAN isn’t congested negatively impacting classroom instruction. As more tablets and smart phones are used in the school, the WLAN bandwidth is increasing to each classroom. WLAN Access Points (WAP) supporting the faster 802.11n protocol is needed to meet that demand, but they require more power. Switches with PoE+ provide the needed power for these faster WAPs. Switches with PoE+ use existing Category-5 cable and allow remote administration and configuration of all powered devices including VoIP phones and security cameras so costly site-visits are eliminated. Finally, with more traffic flowing between the district metropolitan LAN (MAN) and the classroom, traffic analysis and monitoring is important to keep the network running effectively. Brocade includes sFlow, an open standard protocol in Brocade campus switches as no extra cost. sFlow provides both Layer 2 and Layer 3 network traffic monitoring and that’s important because many districts use only Layer 2 networking within a school building to keep cost low. Other traffic monitoring tools are limited to Layer 3 only and so aren’t effective for traffic monitoring and engineering in K-12 school districts.

 

 

About Brocade

Brocade networking solutions help the world’s leading organizations transition smoothly to a world where applications and information reside anywhere. This vision is realized through the Brocade One™ strategy, which is designed to deliver key business benefits such as unmatched simplicity, non-stop networking, application optimization, and investment protection.

 

Innovative Ethernet and storage networking solutions for data center, campus, and service provider networks help reduce complexity and cost while enabling virtualization and cloud computing to increase business agility.

To help ensure a complete solution, Brocade partners with world-class IT companies and provides comprehensive education, support, and professional services offerings.

 

To learn more, visit www.brocade.com

 

Key Contributors

The content in this primer was provided by the following key contributors.

Lead Architect: Prasad Bal, Strategic Solutions Lab

Technical Author: Brook Reams, Strategic Solutions Lab

 

Document History

Date                  Version        Description

2013-04-15        1.0                Initial Release

 

 

Related Documents

The following documents are valuable resources for the school network designer. In addition, any Brocade release notes that have been published for the FastIron, NetIron and Mobility operating systems should be reviewed.

 

 

References

 

Solution Framework

K-12 school districts tend to have unique fiscal constraints. They are usually funded by local governments. Their financial outlay for network operations is very low. Their networking department staffing tends to be minimal.

 

 

Consequently they require a simple, low maintenance network with minimal complexity and protocol overhead.

Brocade’s solution for school districts cost-effectively addresses a number of technology challenges. It provides three key networking technologies: 10 Gigabit Ethernet (10 GbE), sFlow traffic monitoring and Power-over-Ethernet Plus (PoE+). And with Brocade’s campus networking products, districts receive the following important benefits:

 

  • Simple and easy to manage network architecture
  • Single point of administration
  • Integrated wired & wireless security
  • Smart WAPs provide peer-to-peer data flow removing traffic from the MAN
  • Central WLAN Controller Cluster with single point of configuration and management of all WAPs
  • Plugin scalability for future growth
  • Collaboration, rich media & unified communications ready
  • Products with built-in support for open standard management tools such as sFlow

Brocade’s solution for schools uses an optimized two-tier architecture that addresses the unique requirements of school districts. A minimal number of network devices can be used to deliver cost-effective, scalable networks that easily interconnect via a Metropolitan LAN (MAN) to access the Internet and applications and data at the district office. Brocade’s HypeEdge ® architecture scales from small districts with hundreds of students with a few school buildings to large districts with tens of thousands of students, and hundreds buildings.

 

Advanced features of Brocade’s school district solution include.

 

  • High density 10 GbE/40 GbE links for high-bandwidth video and other applications.
  • Robust security suite for both wired and WLAN networks for threat detection, mitigation and response.
  • Standard CLI for easy management and configuration.
  • The most power efficient switches in the industry which translates into a continual savings annuity.
  • Brocade Network Subscription option offering districts the opportunity to rent their network rather than rely on hard to pass bond issues to fund network improvement

The Brocade solution is designed for easy integration with products from other vendors provided they, like Brocade, have chosen to support open networking standards and protocols. And, Brocade invests in partner solution integration to simplify deployment of Bring-Your-Own-Device (BYOD) solutions and advanced traffic engineering based on sFlow network monitoring.

 

The figure below shows Brocade’s K12 school district reference architecture.

 

SchoolDistrict_RefArc.jpg

    Brocade Reference Architecture for School Districts (click to enlarge)

 

 

Partners

Brocade’s solution is flexible and is integrated with external applications and solutions from Brocade partners. Some customers have specific partner requirements and will desire a solution that integrates with their existing management and network security applications. Brocade has deployed network solutions in many school districts and has supported a host of partner applications and network devices. Below is information about key partners Brocade works with in the education market as their solutions are tailored to the unique requirements of K12 school districts.

 

BradfordLogo.jpg

Bradford Networks Network Sentry

Bradford’s Adaptive Network Security platform fortifies networks and leverages features from existing infrastructure to dynamically enforce security policies across both wired and wireless networks. Bradford’s Network Sentry Product Family uniquely identifies and profiles every user and every device on the network to provide complete visibility and control. Bradford’s solutions enhance overall security, provide key management controls and enforce security policies, all without disrupting existing infrastructure and processes.

ImpulseSafeConnectLogo.jpg

Impulse Point SafeConnect

At Impulse Point, we believe that a NAC system should operate completely independent of the network infrastructure. SafeConnect is designed specifically with this in mind and is the only solution on the market that can make this claim. This allows network administrators to run their operation without having to consider switch compatibility, configurations or port settings…significantly eliminating the complexity and constant management found with other solutions.

InMonLogo.jpg

inMON Traffic Sentinel

InMon Corp. is focused on the development of traffic monitoring solutions for high-speed switched networks. InMon Corp. works with leading switch vendors to enhance their networking solutions with comprehensive traffic management.

InMon Corp. is pioneering the use of statistical sampling to develop scalable and cost effective solutions for network wide traffic monitoring, analysis, and reporting and has multiple patents pending in this field

 

 

Solution Design

The Brocade solution is designed from common building blocks combined into a standard, reusable school template suitable for large (high school), medium (middle school) and small (elementary school) buildings. The district office uses similar building blocks including a core backbone block for connecting to a Metropolitan LAN (MAN), the Internet and to the datacenter core routers. This standardization makes it easier to manage and cost-effective. The figure below shows the network topology.

 

 

SchoolDistrict_NetworkTopology.jpg

   K12 School District Network Topology (click to enlarge)

 

 

Brocade promotes a simple two-tier network architecture rather than the more complicated and costly three-tier design. Edge and Core blocks can be combined to meet the needs of different sized schools using the same network components. Each block can scale up as needed.

 

Important benefits of Brocade’s network modular architecture for school districts includes:

  • Resiliency: Network resiliency is critical for school networks as instruction includes more on-line content. Brocade’s solution includes stackable switches, LACP, hitless fail-over and MAC persistence.
  • Flexible: Each school has different network requirements and needs a cost-effective way to support wireless, security and wired devices. Brocade’s solution provides both PoE and PoE+ powered port options in 24 and 48 port stackable switches.
  • Manageability: Lower network operating cost is important in school districts. Brocade’s solution integrates wired and wireless management in a single platform, Brocade Network Advisor (BNA), provides centralized WLAN controllers that simplify WLAN Access Point configuration, and offer tested partner software integration for Network Access Control (NAC) and sFlow traffic monitoring.
  • Security: Network security is important for isolation of district data and isolation of student access from teacher and administrator access. Brocade’s solution includes IEEE 802.1x, DAI, IPSG protocols for securing network traffic.
  • Performance: Stacking bandwidth options of 1, 10 and 40 GbE are available. WLAN access points optimize the data path with peer-to-peer traffic forwarding. Layer 3 services include ECMP and

Below are links to the more information about the reference architecture building blocks used to construct the templates and the Brocade HyperEdge Architecture Design Guide for K12 School Districts.

 

 

References

 

Blue Print

This blue print is based on an actual deployment in a K12 school district. The high-level design is shown in the diagram below. Distribution, Access and WLAN AP blocks are combined in the School template.  The District Office template includes the Core Backbone template with backbone routing and Brocade Mobility Controllers for central WAP policy and configuration. The Network Management template includes Brocade Network Advisor for configuration and management, and integrated partner Network Access Control (NAC) and sFlow traffic monitoring applications.

 

 

SchoolDistrict_DesignTemplates.jpg

   Blue Print with Design Templates (click to enlarge)

 

School Template

The modular architecture relies on extensible and reusable. Below is the school template that can be scaled-up and scaled-out as required to meet the requirements of high, middle and elementary school facilities.

 

 

SchoolDistrict-Template-SchoolExploded.jpg

   School Design Detail (click to enlarge)

 

Within a high/middle school, all buildings with classrooms have one or more Edge blocks constructed from Brocade ICX 6450 switches, some with PoE/PoE+ for WAP, phones and security cameras, and others with only wired connections as applicable. Wireless devices connect by RF to a WLAN AP that is attached to a PoE/PoE+ port in the Edge Stack block. WLAN policies and security are configured at the WLAN controller that is located in the IT department at the district office. See the District Office Template for details. The WLAN controller updates the WLAN APs in the school so they have the correct access control policies and configuration.

 

The Edge Stack blocks connect to the Core block via 10 GbE uplinks with LAG for resiliency and bandwidth aggregation. Brocade ICX 6610 switches are stacked in the Core block providing low latency, high speed Layer 2 interconnection of all edge blocks in the school. The Core block terminates Layer 2 traffic within the school and provides Layer 3 network connectivity to the MAN. This reduces the cost of the school edge blocks since higher cost Layer 3 routing services are centralized in a single ICX 6610 switch stack in the core block.

Areas with low device connectivity use a single Brocade ICX 6450 switch with one or more WLAN access points that with LAG connections to the Core block.

 

 

The primary difference between high, middle and elementary schools is the geographic extent of the LAN and the total number of devices connected to an Edge block. The Brocade ICX 6450 switch stack can scale-up to 384 ports, and with the addition of the ICX 6400 EPS power supply, can power all ports as POE+ ports. Scale-out is achieved by adding more Edge Stack blocks as required. This architecture is cost-effective and uses a minimum number of products reducing complexity.

 

Optional Small School/Facility Template

Elementary schools other facilities with a smaller number of devices are examples of where the small school template is cost-effective. These schools support much fewer devices on the Layer 2 school network. Some schools will need the WLAN block Access Points so they can forego the cost of installing wired Ethernet connections which can be costly and subject to vandalism. In some districts, the core block in middle schools acts as the Layer 3 boundary for a few elementary schools. In that case, only the edge block is used in the elementary school and traffic is sent over the MAN using metropolitan Ethernet services to the middle school for routing to the district office and the Internet.

 

 

The figure below shows the small school template with a 1 GbE Edge block with PoE/PoE+ enabled ports on one switch. This stack uses ICX 6430 switches one of which could have POE+ ports for WLAN AP and phone connections for a cost effective design.  The Core stack block uses ICX 6450 switches with Layer 3 routing services license and 10 GbE uplink ports to the MAN. An alternate would be to use 1 GbE uplink ports if device traffic bandwidth over the MAN is low enough.

 

SchoolDistrict-Template-SmallSchoolExploded.jpg

   Small School/Facility Design Detail (click to enlarge)

 

 

District Office Template

The district office template supports the district’s administrative functions and the IT department. This template provides secure Internet access for the entire district, connects to a service provider supplied WAN service using 10 GbE or 1 GbE links and connects to the data center network so schools can access central applications as required. The template includes firewall, network access control (NAC) and network security applications. Edge Stack blocks are deployed providing wired and wireless (PoE/PoE+) device access for staff. The WLAN Controller is connected to the Core Backbone routers for central configuration, monitoring and management of the WLAN AP at all schools and remote facilities.

 

 

Network management and monitoring rely on Brocade Network Advisor (BNA) and sFlow traffic monitoring and engineering applications from Brocade partners that leverage sFlow reporting functionality in Brocade campus switch products.

 

 

SchoolDistrict-Template-DistrictOfficeExploded.jpg

   District Office Design Detail (click to enlarge)

 

 

Network management is provided by the IT department that is frequently located at the district office. For this district, Brocade Network Advisor (BNA), a partner provided integrated network access control (NAC) appliance, and a partner provided sFlow traffic monitoring application were deployed.

 

SchoolDistrict-Template-Management.jpg

   District Office Management Template Detail (click to enlarge)

 

 

Components

 

The blue print is comprised of the components shown below.

 

Component

Function

  • Brocade ICX 6450 Switch

Edge switch and optional Core switch for small facilities

  • Brocade ICX 6430 Switch

Optional Edge switch for small facilities

  • Brocade ICX 6610 Switch

Core  switch/router

  • Brocade ICX 6400 EPS

Extended power supply for PoE+ ports and/or high-availability for ICX 6450 switches

  • Brocade SX Series Chassis Switch

Campus Backbone router

  • Brocade Mobility 6000

WLAN controller (central location)

  • Brocade 7131 Access Point

WLAN access point (distributed in schools as required)

  • Brocade Network Advisor (BNA) software

Integrated wired and wireless network management

  • WLAN Network Access Control software

From Bradford Networks or Impulse Point for securing WLAN access district-wide.

  • sFlow Traffic Monitoring software

From InMON for district-wide traffic monitoring

Comments
by pbal
on ‎04-23-2013 10:13 AM

Brocade employees can access a condensed 2 sheet version. Kindly contact me if you need that.

by Sharan
on ‎04-25-2013 06:56 PM

Thanks Prasad. I am sure this will be helpful for my E-Rate customers.

by pbal
on ‎04-26-2013 01:40 PM

Thanks. Please let me know if you think of anything that can be added to make the document more useful.

Contributors