Enterprise Architecture and InfrastructureProgress Report for Committee on Technology and Architecture

March 2012

Mark DayDept. of Radiology & Biomedical ImagingTu LuuDell Healthcare Consulting

March 20, 2012

2

2012 Priority Projects

• MPLS / UCSF “One Network”

• DNS / DHCP

• Enterprise backups - Crash Plan pilot to be presented at a future meeting

SECTION HEADING

Brief Acronym Glossary

• MPLS – Multiprotocol label switching – the underlying technology used to label and segregate logical networks on shared physical equipment

• VRF – Virtual Routing and Forwarding – the separate network instances

• PE – Provider Edge (PE router)

• CE – Customer Edge (CE router)

• QoS – Quality of Service – tagging of network traffic to allow different classes to be treated according to different business rules

3

MPLS - Goals

• Highly redundant enterprise MPLS core shared between Campus and Medical Center

• Capability to provision multiple segregated networks on shared equipment.

• Communication between segregated networks enforced by security policy

• End-to-End QoS

• Unified support for Multicast

• Ability to provision layer two between any two points on the network (borderless data center)

4

MPLS Benefits• Simplified and consolidated routing and security

infrastructure with ability to delegate separate control

• Leverage MAN upgrade projects from both Campus and Medical center

• Ability to logically group devices of similar use regardless of physical location

• Reduce operational expenses through shared infrastructure and simplified management

• High availability and capability to achieve sub-second convergence in the core

• Ability to meet Medical Center’s need for resiliency, and campus research community’s need for speed

5

6

Separate Distribution and Access Infrastructure

7

Shared Distribution But Separate Access

8

Shared Distribution and Access

9

Security Layer at Inter-VRF Routing

Project Status• Meetings held regularly between MCIT and ITS

network staff, vendors, and interested observers

• Medical Center proposal is to use heterogeneous Cisco ASR 9000 class routers for all PE Devices

• Campus would like to re-use Cisco Catalyst 6500 class routers due to budgetary constraints

• Cisco’s recommendation is to build MPLS core with ASR equipment, but also state 6500 product line has necessary features

10

Equipment Comparison• Case for ASR 9000 everywhere

– Equipment designed for aggregation services

– IOS XR software streamlines common service provider operations compared to IOS

– Single software version and configuration to be used everywhere

– Higher throughput – support 100 Gbps ports

• Case for Catalyst 6500

– Upgrades necessary for MPLS project modest compared to replacement of routers

– Configuration is different, but not expected to change much in core

– Equipment is from same vendor and contains necessary feature set

– Additional speed of ASR not immediately needed11

Immediate Next Steps• Cisco to re-evaluate design and present options

for re-purposing 6500s

• Better define requirements to help in evaluation of 6500 vs. ASR 9000 for PE routers at some locations

• Medical Center and Campus to explore ‘creative’ options to make homogeneous ASR 9000 design more affordable

– Repurpose Catalyst 6500s in MC?

– OE funding available for a consolidated network?

– Additional pricing relief from Cisco?

• Evaluate best way to use 6500s in design

– As a PE router

– Only as CE routers (fewer PEs?)12

Future Items• Flesh out PE/CE design

• Define details of security model

• Agree on connection of MPLS core to internet

• Agree on schedule

• Decide on shared distribution / shared access layers

• Governance aspect – threshold for defining additional VRFs

• Define shared management responsibilities and structure

• …

13

15

MPLS Network