ITS Networking has released its 2024 Networking Annual Report covering “one of the busiest” years for the team.
Ryan Turner, Director of Networking and the Operations Center, created the report to share insight into work that helps power the University mission.
This year, “not only have we ensured that the network remains reliable, secure and fully operational, but we have also embarked on some of the most ambitious technology investigations we have done in over two decades,” Turner wrote. “As we look ahead, the next two years will bring network evolution at UNC on a scale not seen since 2001.”
For full details on projects, statistics, graphs and more about the “exciting changes on the horizon,” read the complete 2024 Networking Annual Report.
‘Fabric’ will reshape UNC network
One of the most exciting advancements is the exploration of “network fabrics,” a cutting-edge concept that promises to revolutionize how our network operates.
“This past year, our engineering team, led by Jerry Woodside, and our architecture team, guided by Danny Shue, have been focused on a major network redesign aimed at boosting redundancy and resiliency across campus,” Turner said. While ITS Networking is constantly investing in and upgrading UNC networks, this redesign “will shape the future of our network infrastructure.”
“We built an extensive test environment and have spent several months running it through rigorous trials,” Turner said. “We’ve developed a long-term plan to integrate the campus network into this new fabric over the next few years, with the first steps focusing on University housing. This will be the most substantial change to our network design since we transitioned to 802.1q technologies in 2001.”
Turner said that the term “fabric” in networking “isn’t a technical term — it’s more of a marketing label.” But the concept behind it is powerful, he explained.
“In a fabric design, network elements act more like a cohesive system, with the ability to understand entire paths for packet forwarding,” he said.
Current networks only “know” the next hop, not the entire network. In a fabric network, resiliency, redundancy and mobility improve and UNC becomes more future-ready.
Networking by the numbers
The report highlights significant metrics and statistics that underscore the scale of the campus network’s operation.
2,935 switches 174,541 ports 48 Gbps peak download 43 Gbps peak upload 11,504 access points 57,000 concurrent connections 23 Wi-Fi 6E capable buildings
In the coming year, Turner expects to share a detailed overview of the new network design and share more about what network fabrics will bring to Carolina.
Migrating wireless management to the cloud
As UNC moves toward a cloud-based wireless management solution, the wireless team, led by Dawn Douglass, Brady Ballstadt and John Valenti, is evaluating proposals from leading wireless vendors.
“All of the solutions we are reviewing will shift network orchestration and management to the cloud, eliminating the need for local controllers and providing a more scalable, flexible solution,” Turner said.
To evaluate one of the vendors, the team is running a pilot in Lewis Residence Hall that tests a personalized “home-like” wireless network. This pilot, which runs through the spring semester, enables users to stream, print and discover other devices connected to their personal network — things they can’t do on the current network.
In the next phase of testing, Turner said the team will select a building on main campus and see how the solution works in a larger enterprise setting.
“Our goal is to complete our proof-of-concept evaluations and select a new wireless vendor by September 2025,” he said.
Exploring alternatives to VPN
Another project will explore alternatives to the current VPN, or Virtual Private Network. A VPN provides an encrypted connection, or secure tunnel, from off campus to the UNC-Chapel Hill internal network.
One promising approach to replace the VPN, Turner said, is Zero Trust Network Access. Zero Trust Network Access (ZTNA) is a modern architecture that offers more granular and secure access to applications rather than just the network itself.
“The core principle behind ZTNA is that instead of granting access to an entire network, users are granted access to specific applications,” Turner said. “This differs from our current VPN setup, where we often create separate IP spaces to allow applications to determine whether to trust a connection.”
Many vendors offer ZTNA solutions. The differences between them are significant, Turner said.
“Selecting the right vendors for testing will require careful consideration,” he added.