The University of Edinburgh | European Electronique

Background

Inspiring the world since 1583, the University of Edinburgh is one of the oldest elite universities in the world. Hosting more than 44,000 students from some 156 countries, the University continues to attract the world’s greatest minds. Following an 18-month tendering process to find a strategic partner, the University awarded the contract to European Electronique (EE) in 2019. The multi-million-pound contract to architect and implement a solution to replace the University’s entire wired and wireless network infrastructure, including firewalls, spans a period of up to 13 years. EE undertook an intensive detailed design process with the University to define and architect the solution in partnership with leading vendors, Aruba HPE and Fortinet.

Requirement

The University’s requirement was vast, covering more than 250 locations situated across the city of Edinburgh and the local region. EE was tasked with architecting and delivering central services, a wired and wireless solution comprising 3,062 switches (Core, Distribution and Edge), 6,295 wireless access points (internal, external and specialist), 150 Uninterruptible Power Supplies (UPS) and Next Generation Firewalls (NGFW). EE recommended Aruba HPE switches and ultra-high performance network security through Fortigate 6000 series NGFW.

Solution

As strategic partner, EE provided the University with a dedicated Project Delivery Team (PDT) which included Solutions Architects covering different technologies (Wired and Wireless Aruba Networking and Fortinet Security), a Commercial team, Partner Account Management and Project Management as well as professional services engineers covering a variety of skillsets to deliver all aspects of the project. EE utilised its own, in-house Professional Services staff for the project management, configuration, and installation of all solution components, working alongside colleagues from our vendor partners Aruba HPE and Fortinet.

Firewalling – EE implemented an HA pair of 6301F FortiGate firewalls on the perimeter, to run perimeter, WLAN, campus edge and school services. EE also implemented an HA pair of 3400E FortiGate datacentre firewalls. Each firewall was connected to all 4 core switches.

Networking Infrastructure – Core and Distribution

A platform was architected from which a stable, reliable, fast, and deterministic network could be built. The core comprised of HPE 12904E chassis switches which were selected for their brute capability around availability. These core switches were chosen to ensure the ultimate offering in bandwidth capability, availability, and reliability.

Border and Distribution Switching

A common family of switches HPE 5945 and HPE 5980 (depending on location and requirements) was specified across the border and distribution switching requirements.

This provided a commonality of parts and spares across the estate, SFP28 connectivity, also available on the firewall facilitating a connection to all border switches at 25Gb providing high availability of bandwidth with reduced optics, crucially providing fibre pairs between datacentres.

Wireless Infrastructure

EE provided Aruba 7240XM controllers giving N+N availability at a cluster level, and as deployed provides support for no greater than 80% utilisation in a cluster / datacentre failure scenario. The stock Access Point (AP) currently being deployed at the University is the Aruba AP-515.

Monitoring and Management Several appliances were provided by EE to facilitate the running of the University’s estate. This included ClearPass appliances and Aruba Mobility Master (MM) appliances. EE provided ClearPass for authentication purposes. ClearPass is actively involved in every authentication onto the network

PRINCE2 and Agile based methodologies were used to deliver the completed project work packages, and our own internal team was utilised ensuring quality and flexibility for scheduling the appropriate resource, reducing lead-time and mitigating against risk. EE worked closely with a project team embedded with engineers from the University, Aruba, and Fortinet, to compile component-level work packages which, where possible, were designed to run simultaneously. This was key to ensuring that the backbone network and all associated appliances including core, border, distribution, WLAN controllers, key systems and firewalls were all pre-staged and installed alongside legacy equipment to facilitate complete comprehensive, solution-wide testing.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.

Cookie	Duration	Description
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.

Cookie	Duration	Description
DEVICE_INFO	5 months 27 days	No description
Murloc6D78028E7FC41EC3ED04916EDCDA72ACEACE7E5E152A32BBA46C75FF9D722D6B	1 day	No description
SiteMapId	session	No description
SWLOCALE	30 years	No description
SWSESSIONID	session	No description
t_rnd2	1 month	No description available.
t_sid	session	No description available.