Need Help?

Agile Educational Network Gets High Grades

8/29/2014 2:35:14 PM
Jingyang District of Deyang City in Sichuan Province, Southwest China, is one of the pilot zones for China’s national comprehensive higher vocational education reform. Deyang City has always adhered to its strategy of developing the city through science and technology. Over 50 schools are located in Jingyang District, which is the economic and cultural center of the city; however, educational resource allocation in this district is unbalanced, with a huge gap between rural and urban areas. To address this problem, Jingyang District Education Bureau devised a plan to implement sharing of high-quality teaching resources by building an educational Metropolitan Area Network (MAN) that covers all primary and middle schools in the district.

To adapt to the exponential growth of educational system bandwidth and access users over the next few years, Jingyang District must build the industry’s best-in-class, highly reliable IP MAN as a unified backbone communications platform, which will allow educational departments to offer a full array of new educational IT services to accommodate the high requirements of broadband multimedia applications. First, self-built Internet egresses distributed in the district’s primary and middle schools must be connected to the educational bureau in a unified manner, and then an independent, secure, and reliable MAN egress must be built. Second, a unified educational organization authentication platform must be created to implement identity authentication and security protection for both teachers and students. Teachers from different schools often must communicate with each other and visit students and parents outside of schools. High-quality service experiences must be provided for teachers and students as they access the MAN from different places using different access modes and devices. Finally, inter-school communication must be secured to prevent the spread of viruses among schools. Services across the entire education system must be secure and smooth.

After network technology experts from Chengdu and Deyang made multiple rounds of analysis and deliberation surrounding various educational MAN construction solutions, the Jingyang District Education Bureau eventually selected Huawei’s solution, which features a two-layer architecture: core and access layers. The core layer uses Huawei S12700 Series Agile Switches as backbone nodes, which centrally manage access authentication of teachers and students. Primary and middle schools can select between Huawei S7700 and S5700 Series Switches based on the size of their campus. The S7700 and S5700 connect to core devices through firewalls. Huawei’s Next-Generation Firewalls (NGFWs) are deployed at the Internet egress for security isolation. In addition, professional Virtual Private Network (VPN) devices are deployed to enable remote access for students and parents.

Huawei’s solution features an industry-leading architecture, free mobility, dynamic security resource allocation, and three-dimensional security protection, as well as high reliability, by leveraging a hierarchical design and Software-Defined Networking (SDN) concepts and technologies.

Industry-leading architecture supports an SDN-based, high-speed core backbone network: Huawei’s high-performance Agile Switches are deployed as backbone devices. Network core nodes use 10 GE links for interconnections, providing future-oriented strong service transmission and capacity expansion capabilities. Additionally, Huawei’s Agile Switches use a fully programmable architecture, which supports new protocols through user-defined forwarding processes. The strong service scalability of Huawei’s Agile Switches adapts to the educational MAN’s rapid development requirements for the next 5 to 10 years.

  • Free mobility ensures a consistent service access experience for users: By leveraging SDN concepts, Huawei’s solution can authenticate all teachers, students, and parents in the district through Huawei’s Agile Controller. Working with Huawei’s core Agile Switches, NGFWs, and security access gateways, the Agile Controller centrally manages and controls policies, including network access rights, service priorities, and bandwidth, allowing a user to access the educational resource sharing platform from different places using the same account, access control rights, service priority, and bandwidth. These policies can migrate based on user location. In this way, users can gain a consistent service experience across the entire district
  • Dynamic security resource allocation and three-dimensional security protection: The firewalls deployed at schools and data center ingresses provide security isolation and routine defense functions. High-performance NGFWs deployed at the Internet egress provide advanced security application capabilities, such as attack defense, Intrusion Prevention System (IPS), Antivirus (AV), and online behavior audit. In addition to Internet egress protection, a security resource center covering the entire MAN can orchestrate suspicious traffic using tunneling technologies through the Agile Controller. Suspicious traffic can also be diverted to the security resource center for virus detection, application attack detection, and access behavior audit. In this way, security resources such as NGFWs can be reused to lower network construction and management costs
  • High reliability for educational IT service continuity: Huawei’s solution uses a full-scale redundancy structure, including redundant devices, links, and routes to eliminate single-point failures, ensuring high reliability across the entire MAN backbone. Core backbone devices implement network virtualization to simplify network management using Cluster Switch System Generation 2 (CSS2) hardware clustering technology. Moreover, through a 1+N backup of Main Processing Units (MPUs), the entire cluster system can work properly as long as one MPU is functioning normally, ensuring that the core backbone network runs stably

Aiming at rapidly balancing educational resources across its jurisdiction, the Jingyang District Education Bureau has attached great importance to its educational MAN project. Upon completion of this project, all primary and middle schools in the district will enjoy the benefits of Huawei’s solution, implementing a wide variety of teaching management applications, such as Office Automation (OA) for teaching affairs, school roll management system, interactive classes, online Video on Demand (VoD), online communication, online examination and assessment, and electronic school bags. The agile MAN will not only enrich teaching methods but also promote resource sharing among teachers and educators, while improving their effectiveness in the classroom, as well as improving the quality of education in the district.

WORLDWIDE