Main Nav

Participate in this Group

Search This Group

March 13, 2014 | Peter Morrissey

Has anyone had any success using Firewallbuilder.org for Cisco ACL’s on 6500’s and 7000’s?

Alternatively, is anyone aware of any other products that simplify the support of multiple, large ACL’s that frequently need to be updated?

 

Pete Morrissey

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

March 12, 2014 | Kate Robinson
Hello All- We are currently using syslog-ng and sec to gather and filter our syslog messages from all of our switches, routers and firewalls. I would like to change this because filtering the messages with sec is clunky and we are receiving too many alerts to be useful. What does everyone use for network log gathering and reporting? Thanks! Kate Robinson Network Administrator, Information Technology Services Western State Colorado University 970.943.3123 www.western.edu krobinson@western.edu
March 12, 2014 | Joseph Roth
We have experienced some ddos attacks over the last few weeks, a couple of them were large enough to actually be service impacting by using up all of our available bandwidth to our providers. I have managed to gather data on what a couple of the attacked IPs were doing prior to the attacks, they were using xbox live. There is actually an faq on the xbox live site for ddos attacks:


I wouldn't call my evidence 100% concrete, but I have a pretty good feeling that this may be what happened to us.

Has anyone else experienced this? If so, how did you deal with it?

btw, cross posting to a couple of listservs, sorry if I "spam" anyone.

--
Joe Roth
Network...
March 10, 2014 | David Ziemba
All, We're interested in talking to and visiting references that run an Aruba wireless infrastructure and also use Aruba's ClearPass. We're in the midst of a complete redesign and this is the first round of reference checking. Regards, David Ziemba Network Engineer 719.389.6063 ITS: Innovations & Solutions
March 10, 2014 | Dennis Xu
We'd like to conduct a wireless performance survey within our students/faulty community to know their feedback about our wireless network. Has anyone done the similar survey before? If you did, would you like to share your survey questions(either to the list or to me directly)? Thanks in advance. --- Dennis Xu Analyst 3, Network Infrastructure Computing and Communications Services(CCS) University of Guelph 519-824-4120 Ext 56217 dxu@uoguelph.ca www.uoguelph.ca/ccs ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
March 7, 2014 | Charles Prothero
Hi, all! The post below from Dennis on the NAC question makes me wonder what people are doing re: "next generation firewall and IPS/WSE" solutions. We use a Linux NAT box to provide our users with Internet access, and the product we use to publish our server services to the web has been discontinued. Anyone a big fan of their particular solution and willing to share what makes it the clear choice in this space? If you don't want to publicly post your institution's network security solution, send directly to me and I will re-broadcast to the list without naming names or places. Thanks! Charlie charlie.prothero@keystone.edu
March 6, 2014 | Randy Mahurin
Is anyone having success with DHCPv6 yet?  I'm curious to hear how people are dealing with the lack of DHCPv6 redundancy (at least with Bluecat) and DHCPv6 DDNS update issues.  It seems that in my deployment, v6 takes precedence over v4 and will not allow a dual stack client to update DDNS for both v6 and v4.  I'm thinking of adding another DNS zone that will handle DDNS updates from the v6 clients, but am not sure if that would be the correct path.

Thank you

--
Randy Mahurin
Office of Information Technology
Boise State University
1910 University Drive, Boise, ID, 83725-1249
Phone: (208) 426-4003
********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

...

March 5, 2014 | Brandon Riffel

Speaking of caching, how many of you have Akamai caches or other CDN owned caches on your network?  And if so, is there a way for smaller organizations such as ours to get those devices (we don’t qualify for the Akamai Network Partners or Netflix OpenConnect)?

 

 

 

From: The EDUCAUSE Network Management Constituent Group Listserv [mailto:NETMAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Britton Anderson
Sent: Wednesday, March 5, 2014 1:42 PM
To: NETMAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [NETMAN] Bandwidth Management

 

We're using PacketShaper. Bandwidth is not nearly as cheap of a commodity in...

March 5, 2014 | John Miller
Due to some recent malware incidents, we're investigating ways that we might "blacklist" or "firewall" certain recursive DNS queries--return a response that gives people, for example, to a "Warning: infected domain" CNAME or IP address. What have people on the list done to solve this? Is anyone using OpenDNS? Infoblox's DNS Firewall? BIND RPZ? Your own custom solutions? Which feeds do you subscribe to? John -- John Miller Systems Engineer Brandeis University johnmill@brandeis.edu ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
March 5, 2014 | David Ziemba

All,

 

Very interesting sales presentation yesterday from Avaya. They are moving into 802.1aq shortest path bridging and removing STP/RSTP from the L2 infrastructure. Very interesting functionality, and the ability to make east-west traffic highly efficient.

 

Is anyone else looking into that, or currently running Avaya gear?

 

 

 

Regards,

David Ziemba

 

Network Engineer

719.389.6063

 

ITS: Innovations & Solutions

 

********** Participation and subscription information for this EDUCAUSE...
March 5, 2014 | Listserv Anonymous User
Message from apage@nd.edu

All,

 

I’m wonder how many schools out there are using something other than Cisco NAC/ISE for NAC, such as Bradford or others? If you wouldn’t mind sharing your experience, I would appreciate it.

 

Thanks,

Andy

 

--
Andy Page
Network Design Professional

Member, ND Wireless Institute
University of Notre Dame
574.631.6592


Go  Irish!

 

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

...

February 26, 2014 | Listserv Anonymous User
Message from ferps@sva.edu

Hello, We are considering a move to dynamic VLAN assignments. We are an all-Cisco shop. I would like to ask the group a few questions. 1) Has anyone out there had any negative experiences with this implementation? 2) What system are you using to manage this, and is it compatible with Cisco (i.e. VMPS)? -- _____________________________________ _____________________________________ Fishel Erps Sr. Network & Infrastructure Engineer School of Visual Arts 136 W 21st St., 8th Floor New York, NY, 10011 LL: 212-592-2416 Cell: 347-539-6380 Fax: 646-845-6150 E-Mail: ferps@sva.edu _____________________________________ _____________________________________ ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www....
February 25, 2014 | Vlade Ristevski

Hello all,

We are getting close to maxing out our Internet circuit for our residence halls so I’m looking to add some bandwidth. I am curious how much bandwidth other schools are giving to students in their dorm rooms and how they came to that decision. Replies off list are also welcome  for anyone who doesn’t want to put that info out there.  I think the results will be helpful in helping me justify the increase in cost for the additional bandwidth. The following info would be most helpful.:

Total number of users in dorms?

Total Internet bandwidth reserved for residence halls (to your ISP):

Do you have a cap (Mbps) per users?  If so, at what speed?

If you cap, do you set it at the switch port using QOS (wireless controller for...

February 24, 2014 | Daniel Eklund
Hi all! I have just posted a network architect job at UM Ann Arbor, please check it out. http://umjobs.org/job_detail/92786/network_architect_intermediate -- Daniel Eklund Network Planning Manager ITS Communications Systems and Data Centers University of Michigan 734.763.6389 ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
February 21, 2014 | Kris Sulzberger
Hello, we've got a senior network engineer position open near Columbus, OH. Here's a link to the job posting:


--
Kris Sulzberger
Director of Technical Services
Denison University
740.587.6333
********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

February 21, 2014 | Jeremy Gibbs
Hello,

I have a few Cisco ASR-1002 routers.  I am trying to find a good sample rate.  Currently I have the sampler set to: 

mode random 1 out-of 512  

The ASR is at 1/2 of 1% CPU so I definitely can get more granular.  If you're doing netflow on your edge router, what are you using for sampling? 

Thanks

--

Jeremy L. Gibbs
Network Engineer
Utica College IITS

T: (315) 223-2383
F: (315) 792-3814
********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found...
February 21, 2014 | Listserv Anonymous User
Message from apage@nd.edu

Are there any fellow higher ed shops running Cisco ISE yet? We have been hearing about the reasonably priced migration licenses for the last year or so, but just recently were told about the mandatory consulting fee.

 

Any personal experiences you would be willing to share will be appreciated.

 

Andy

 

--
Andy Page
Network Design Professional
University of Notre Dame

Member, ND Wireless Institute

apage@nd.edu | 574.631.6592


Go  Irish!

 

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at...
February 19, 2014 | James P. Gogan

Without getting into Science-DMZ issues, I'd like to hear from the RU/VH (Research Universities/very high research activity: formerly R1 institutions) campuses (see http://en.wikipedia.org/wiki/List_of_research_universities_in_the_United_States for list) concerning which of you (if any) have border firewall(s) in place that essentially default to a deny rule for inbound traffic.

 

No need to get philosophical about the usefulness of said implementation; you'd be preaching to the choir.    However, we do need to know if anyone does have this specific environment in place and, if so, can we speak to you about it?      I noted in one thread that "Reportedly, UC Irvine has taken a different approach and implemented a default deny rule...

February 18, 2014 | Lee Badman
We currently use A10 in limited NAT role for one targeted wireless space on campus. I'm interested in knowing if anyone has gone so far as to use A10 to NAT a large campus population, like all your wireless users or all your RESNET users, etc. and can speak about the experience?

Thanks,

Lee Badman

Lee H. Badman
Network Architect/Wireless TME
ITS, Syracuse University
315.443.3003
********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

February 17, 2014 | Brian Disterhaft
Good afternoon folks,

Ripon College has an opening for a Systems and Network Specialist.  Posting here in case you know of anyone who may want to join our Winter wonderland in Wisconsin.

Thanks and have a great day


Brian M. Disterhaft

Systems and Network Manager

Ripon College - ITS

Email:  disterhaftb@ripon.edu

Phone:  (920) 748-8381

 

ITS will NEVER ask you to reveal your user account credentials via email!

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at...
April 19, 2012 | Joann Williamson

Hi,

We are currently using ATI for our loud speakers on campus.  The ATI system is used for chimes, sirens, and verbalizing emergency broadcast messages over the speakers.  The speakers are loud enough that we hear them inside the buildings.  In the past, ATI has done well at accommodating RAVE into their interface.  We use RAVE for our texting portion.  When we need to text an alert out to our Faculty/Staff and students, we go to the ATI interface and click on some button that invokes RAVE to text out the message.  We love this setup because it gives one interface to our emergency responders.  They don’t have to remember how to logon to this system and that other system when they are in ‘crazy mode’ trying to respond to an emergency. 

 

Now, we have added Alertus.  We are using Alertus to send a pop...

January 9, 2013 | Lee Badman
Wondering if anyone has implemented wired 802.1x as a form of NAC, and if you could briefly describe how you’re using it. Also, would be interested in the administrative burden you feel it either adds or removes.
 
Thanks-
 
Lee Badman
Network Architect
Syracuse University
 
********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

January 27, 2014 | Tim Tyler

Wireless surveying?

I am curious about how some of you at other educational insitituions handled the planning for a large wireless implementation which not only includes the academic/administrative buildings, but also the residential buildings. 

 

1. Did you use a professional service for a site survey?  If so, did they simply look at floor plans or did they come out and physically survey buildings?

 

2.  Did they survey all buildings or just a small subset of buildings?

 

I am curious as to what was expected in return for the service.

 

3. After it was completed, was there anything you wish you had gotten from the survey that you feel would have improved the over-all implementation?...

January 2, 2013 | Peter Morrissey

I was wondering if anyone had used any of the ManageEngine products and what your experience has been with them. They look compelling on paper, but then don’t they all. J

 

Pete Morrissey

Director of Networking

Syracuse University

 

 

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

December 1, 2011 | Bruce Klein

Since everyone has been talking about tools they use today, I thought I’d expand the question of management tools to include NAC. I’m using Bradford Networks’ Campus Manager and I’m looking at a pretty big price tag to upgrade it to meet our capacity needs. What is everyone else using? Are you happy? Is it worth the money?

 

I’m especially interested in anyone using NAC at sites with over 30,000 wired ports and a fairly large wireless network (in my case 1400 Aruba access points).

 

Thanks,

Bruce

 

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups...
June 5, 2012 | Pete Hoffswell
Hello NETMAN - 

http://www.worldipv6launch.org/ 


We have enabled IPv6 on some of our user networks.  No problems, except for a stray site or two on the Internet that will resolve to IPv6, but not have their servers ready to server on said resolved address.  Naughty naughty!  It seems to be a problem that Happy Eyeballs doesn't help with, either.

What is your organization doing for IPv6 day on Wednesday, if anything?


-
Pete Hoffswell - Network Manager
pete.hoffswell@davenport.edu
http://www.davenport.edu
616-732-1101
********** Participation and...
August 24, 2013 | Andy Poirier

What naming scheme do you use for your servers?

 

We are currently looking at changing the naming scheme we use for servers.  Currently we use color names for servers but that list is beginning to run out of single word, easy to spell names. 

 

In ancient history here there was a decision to follow the advice in RFC 1178 in choosing names for our servers:   http://tools.ietf.org/html/rfc1178

 

Here are the main bullet points from that article:

·         Don't overload other terms already in common use.

·         Don't choose a name after a project unique to that machine....
January 3, 2013 | Nicholas Urrea

We are replacing the wireless in one of our buildings and I was wondering what POE-Edge switches should I buy. I am going to have about 180 APs in the building. We are a Cisco shop but I am open to buying another brand.  

 

---
Nicholas Urrea
UC Hastings College of the Law

Network and Systems Engineer
Information Technology
e: urrean@uchastings.edu
ext: 4718
helpdesk:
e: helpdesk@uchastings.edu
ph: 415-581-8802

 

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://...
November 5, 2012 | Listserv Anonymous User
Message from jstapleton@computer-business.com

If sufficient router memory to hold full Internet BGP tables is a concern, you might want to consider a software-based router, like Vyatta.  Adding memory is cheap and easy when you are dealing with standards-based architecture.

 

Personally, I can’t wait to get one of these $99 software-based routers at my house:  http://www.ubnt.com/edgemax.

provides 145X more Kpps per USD than Cisco; provides 205X more Kpps per USD than Juniper

http://dl.ubnt.com/Tolly212127UbiquitiEdgeRouterLitePricePerformance.pdf

 

From: The EDUCAUSE Network...

September 30, 2013 | Charles Prothero

Greetings, all!  Anyone have a strong opinion on the best way to terminate fiber?  It’s been a while since we did any of that here, but we are running some new single mode to an athletics facility and want to do it right.  All of our existing fiber has ST termination, but I heard that ST isn’t recommended anymore.  Thoughts on what connectors are best and any specific recommendations on whose products to use (or avoid) would be appreciated.  One run is 12 strands and there are 2 6-strand runs.  We would not be doing the work ourselves, but need to know better what to get quoted.

 

Thanks!

Charlie  

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at...
August 28, 2013 | Charles Prothero

Greetings!  I hope you are all doing well at the start of your fall semester.  We’ve been using a NetEqualizer NE2000 model for the past 7 years and it’s about time for an upgrade.  I see that they offer a caching option (uses Squid) with the new models and I’m wondering if anyone has tried that and would share an opinion.  The write-up on the website suggests that YouTube videos account for up to 15 percent of Internet traffic.  I wonder what percentage of our bandwidth is used for YouTube.  We don’t have sufficient monitoring to determine that or to provide solid reporting to supervisors trying to determine whether a particular staff member is working or playing on the web all day.  Our old NetEqualizer has ntop reporting but, as with the box, it’s dated.  I...

November 7, 2012 | Matt Richard
F&M currently has two ISPs, each with a 200 Mb/sec connection. Each connection uses a Gigabit Ethernet handoff. I manage Internet bandwidth with a pair of Packetshaper 10000s in Direct-Standby. I'm looking to upgrade our two ISP links next summer, and I suspect our current solution won't handle our projected needs. We have about 2400 students, and almost all of them live on-campus and use our campus network for residential purposes. The same network also supports the business of the college. In our students' eyes, the role of Internet connectivity has changed over the past few years. Very few students bring a television with them when they move in. For those who do, I suspect the TV spends most of its time connected to a game console. Students generally expect the same level of Internet performance they had at home, when they shared their broadband connection with their immediate family. I'd like to get an idea of what other folks are doing for bandwidth...
December 2, 2013 | Peter Morrissey

We are doing some long range planning for cabling renovations in our residences. We currently deliver CATV via COAX. I was wondering if anyone had eliminated Coax and have gone to all Ethernet/IP for this purpose. This project probably wouldn’t even start until Summer of 2015 and it will probably take a summer to do each building. So I’m thinking that we should consider just eliminating the Coax.

Pete Morrissey

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

March 28, 2013 | Listserv Anonymous User
Message from mark.duling@biola.edu

Hi Keith,

Well at the least I'd say OSPF or anycast isn't something we'd do soon, because we're still building out redundancy in our core infrastructure and such, and we're not even at our own planned ideal point with DNS as we'd planned it out a couple of years ago.  We do have redundant DNS of course (actually Infoblox).

I guess I was partly in amazement that BIND has an opaque forwarder logic and couldn't quite believe it, and also partly wondering if there were an easy way to improve the situation incrementally for the rare circumstance I mentioned.  I still can hardly believe BIND has an internal operating logic that is apparently entirely opaque unless you use a sniffer on the dns server.

But in the less than near future we're always open to using anything that would help us build a more resilient core, internet, and dns...
December 5, 2013 | Dennis Xu
We are planning to enable jumbo frame support on two Cisco c6509 server farm core switches. We will enable jumbo frame at both the system level and also some interfaces. I would like to check if anyone has done this and if there are any gotchas. thanks. --- Dennis Xu Analyst 3, Network Infrastructure Computing and Communications Services(CCS) University of Guelph 519-824-4120 Ext 56217 dxu@uoguelph.ca www.uoguelph.ca/ccs ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
September 23, 2013 | Michael Sheinberg
Howdy! We are keeping our eyes open for network equipment configuration management tools (commercial or open-source) that can give us : * configuration backups, * diff detection/alerting, * capability to issue commands to multiple devices * some way to automate / auto-discover the devices We are using older switches and need a solution that supports multiple vendors and some kind of access to the backend or an API is important for us. In the past we've been using cat-tools which is "meh" but doesn't provide any interface for us to automate it outside the GUI. I realize this topic seems to come up every few years (just based off sifting through the archives). I wanted to bring it up again to determine if there are any new technologies out there I should check out. Thanks in advance for any advice. -- --Mike Sheinberg ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at...
July 17, 2012 | James Gutholm
I hope this isn't too far off topic. We are currently recruiting for a Network Engineer position and have gotten a very little response. I'm curious if this is common or is there something objectionable about the position, requirements, pay, etc that might make the position more desirable. We've advertised in the usual big job resources such as Monster and Dice, the local paper, The Chronicle of HE, Educause, etc. Here's the recruitment. http://www.evergreen.edu/employment/jobs/2012-022sm.htm I would appreciate any feedback or advice regarding the position, requirements, pay, etc or recruitment that might bring in good candidates. Thanks, -James James Gutholm Assoc. Dir. Computing and Communications The Evergreen State College 2700 Evergreen Parkway NW , Olympia, WA 98505 360.867.6635 ********** Participation and subscription...
December 1, 2011 | Brian Helman

First off, this is going to get wordy.  My apologies.  Secondly, I know we have a lot of lurkers out there.  Let’s get some of you chiming in on this!  There are no wrong answers.  So..

 

I looked through the archives, and as best I can tell, we haven’t discussed Networking Management/Monitoring Systems in a while.  The last time I see it popping up with any relevancy was in Sept of ’10 .   We recently began switching from using Alcatel gear to  Juniper*.  One issue with this is that Juniper lacks a network management/monitoring platform.  For straight up/down status, I can use anything, but nothing is that simple.   I probably have a metaphysical issue here (not knowing what I don’t know), but here are my current thoughts ..   1) What I know I want/need: Graphical interface that I can drill down campus/building/closet/...
November 14, 2011 | Vlade Ristevski
They were cheaper than bluecat for DNS and DHCP appliances. Also bluecat charges for IPAM. It comes part of Infloblox's solution. I'm not sure if they sell the IPAM solution by itself since we're getting the DHCP/DNS solution.

On 11/14/2011 12:09 PM, Kurtz, Eric wrote:

I see many people are using the Infoblox. What is the pricing like? Are there anything things that you do not like or features that you would like to add?   Also has anyone used their other products like Switch Port Manager? Thoughts?

 

Eric Kurtz
Network Engineer

Office of Information Technology...

September 25, 2013 | Thomas Carter

I wanted to informally survey what is being done on other campuses for power backup and conditioning for the network across the campus. We have tried to install small APC UPSes (the Back-UPS Pro models) in all network closets; we want to have 5 – 10 minutes of backup for the small power hiccups that seem all too common. However the time, cost, and organization required to keep up with aging and failing UPSes, bad batteries, etc  sometimes seems to be more trouble than it’s worth. After a number of extended switch down incidents caused by failed UPSes or batteries, I’ve considered slowing replacing them with quality power strips (for surges/spikes, etc) and letting them reboot when the power goes out. The concern by others is this would be somehow hard on the switches and cause increased failures.

 

So I had a few questions about what others are doing:

...

Group Leaders

Calvin College
Davenport University

Related to this Group...

Close
Close


EDUCAUSE Connect
View dates and locations

Events for all Levels and Interests

Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.

Close

EDUCAUSE Institute
Leadership/Management Programs
Explore More

Career Center


Leadership and Management Programs

EDUCAUSE Institute
Project Management

 

 

Jump Start Your Career Growth

Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.

 

Close
EDUCAUSE organizes its efforts around three IT Focus Areas

 

 

Join These Programs If Your Focus Is

Close

Get on the Higher Ed IT Map

Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.
 

 

Close

2014 Strategic Priorities

  • Building the Profession
  • IT as a Game Changer
  • Foundations


Learn More >

Uncommon Thinking for the Common Good™

EDUCAUSE is the foremost community of higher education IT leaders and professionals.