A presentation from Networkshop47 by David Biron, senior network engineer at UCL.

1. eduroam everywhere
David Biron – Senior Network Engineer – UCL

2. Why speak here today?
• Regular Networkshop attendee
• Always spent time listening and gleaning information
from others
• Thought I’d speak about our journey, hoping it will help
others, like previous talks helped me
• We have no affiliation or preference for any particular
technology
2
Give something back
eduroam everywhere

3. Why start the project?
• A very varied and mixed wireless estate
• A focus on what was going immediately EOL rather than the bigger picture
• Wireless had grown organically
• A large wireless estate
• Wireless lifecycle shorter than wired
• Greater demand and expectation
• Essential service to students
3
eduroam everywhere
eduroam everywhere

4. What do we have now?
• Aruba for the Halls of Residence
• Cisco for the Campus
• FreeRADIUS for authentication
• 2 management platforms
• Varying models of APs
4
Mixed vendor estate
eduroam everywhere
• Services offered
 eduroam
 govroam
 UCLGuest
 _TheCloud
 Custom IoT use cases

5. Facts and Figures
• HoR – Provided in house (Not via a 3rd Party)
• AP per room model – 4000 APs
• Installed around 2012
• HoR switches provide power and data to the AP (Wired connection provided via the AP)
• Licensing (AP, Policy Enforcement Firewall, RF Protect, Airwave)
• AP models mainly 93H
• Managed via Aruba Airwave v8
• Running v6 codebase
• Running 4 controllers (All controllers active, VRRP resiliency with a hot spare)
5
Aruba
eduroam everywhere

6. Facts and Figures
• Campus
• Total – 2500 APs
• Installed over a number of years
• Driven by demand (Schools/departments)
• In the early days limited surveys were carried out
• Cisco ONE licensing
• AP models, big mixture (big headache!)
• Managed via Cisco Prime v3.2
• Running v8.3 and v8.5 codebase!
• Running 4 controllers (2 x 8540’s in HA and 2 x 8510’s in HA)
6
Cisco
eduroam everywhere

7. The tender
• Decided to only select Cisco and Aruba due to being market leaders in the education sector and also
incumbent vendors
• Structured as a tender document, then shortlisted suppliers invited in to give a presentation
• Concept of a work package
• Limited the number of buildings
• Created a shopping basket to allow bidders to fill in their proposed equipment and pricing
• Who will bid:
• Asked Cisco and Aruba to give us your best people based on the project brief
• Went out to 8 suppliers
7
Wrote our own tender rather than using a framework
eduroam everywhere

8. The tender
8
The Red Zone
eduroam everywhere
• Bloomsbury Campus
•Tricky buildings
•Listed
•Asbestos
•Thick walls
•Lab spaces
•Clean rooms
•Cabling….
•POE….

9. The tender
9
The Red Zone
eduroam everywhere
• Bloomsbury Campus
•Tricky buildings
•Listed
•Asbestos
•Thick walls
•Lab spaces
•Clean rooms
•Cabling….
•POE….

10. Tender responses
• 8 Responses back!
• Lots of clarifications!
•You must do this!
•All options non-negotiable!
•Very rigid timescales!
•Wanted to guide us rather than be guided!
• Wanted to replace things that were not in scope
• RADIUS (Clearpass/ISE)
• Guest wireless services
10
Very interesting
eduroam everywhere

11. The winner
• Put a lot of thought into the tender
• Tender customised for us based on the information given
• Clear pricing and discount matrix
• Fully considered the Halls of Residences
• Wanted to work with us and gave a level of flexibility we liked
• Every clarification was clear, concise and provided extra
technical detail
• Gave a solid interesting presentation and answered all
questions posed providing extra levels of detail
11
Not just a box shifter!
eduroam everywhere

12. The solution
• Aruba 10k hardware mobility master backend solution
(v8 code)
• Aruba 7280 hardware controllers (Latest and greatest)
• Aruba AP-5xx (WiFi 6 APs)
• HoR fully considered and accounted for (AP-303H)
• Aruba Clearpass 25k solution (4 VMs)
• Aruba Airwave management (3 VMs)
• Able to use existing 7240 controllers on v8 code until
old APs retired.
• Able to use licenses already purchased
12
Aruba
eduroam everywhere

13. The solution
•IPv6 first strategy
•Ensuring IPv6 is fully supported from the outset for future moves from native IPv4 to IPv6.
•IPv6 dual stack model
•IPv4 and IPv6 supported in conjunction for management and clients to co-exist on both.
•Simple fault diagnosis
•A standard and simple to follow fault finding process.
•Comprehensive monitoring from both a system and user perspective
•A monitoring system that gathers and displays complex information in a simple and useable
format, with additional automation in place to improve overall management.
13
Top-Level Goals
eduroam everywhere

14. The solution
•No infrastructure bottlenecks
•Suitable bandwidth from the outset to ensure suitable throughput is in place for the lifespan of the
wireless deployment.
•Seamless ubiquitous user experience
•Single and consistent user experience no matter who the user is, what the device is, where they are
or when they are accessing the network.
•Simple and consistent onboarding of all types of users connecting to the wireless networks
•Providing the UCL user with the ability to help themselves and gain secure access to the wireless
network without having to ask and possibly wait for assistance.
14
Top-Level Goals
eduroam everywhere

15. The solution
•Skype for Business (Microsoft Teams) first
•Seamless Skype for Business solution with the ability to prioritise and manage S4B voice and video
traffic.
•Identification of all users accessing the UCL provided networks
•Define each and every authentication to the wireless network based on user and/or device.
•Single vendor
•A single vendor approach to the wireless deployment, Aruba technologies used throughout.
•Self-service fault diagnosis
•Self-service fault diagnosis options for wireless users.
15
Top-Level Goals
eduroam everywhere

16. The solution
•External wireless coverage
•UCL wireless connectivity throughout the campus including outdoor areas.
•Location services
•Ability to define user, client or device locations based on wireless connectivity.
•Wayfinding
•Pinpoint a user location and use this information to provide directions to a required destination
within the UCL campus.
•Lone Rooftop
•Integration, allowing for a Smart Campus.
16
Top-Level Goals
eduroam everywhere

17. How are we going to do this?
• Survey, survey survey!
•Predictive, live pre and post surveys
• Proof of concept stage – Initial infrastructure
build and thorough testing – 20 APs
• Pilot stage – 2 buildings (100 APs)
• Location services
• Aruba service assurance
• Work package 1 – 5 buildings (300 APs)
• Outdoor coverage of the 5 buildings
17
Process
eduroam everywhere

18. Big opportunity
• Chance to review all the existing infrastructure and how things bolt
together
• Bounce ideas of the partner
• Take time to reflect and make sure we are going the way we want
• Aim is to measure twice, cut once!
• Evaluate new routing/switching equipment
18
Greenfield site
eduroam everywhere

19. Big opportunity
19
It is possible!
eduroam everywhere
• Don’t be afraid to challenge what you normally do
• Choose partner wisely
• Be aware of what other areas of the business are doing
• Try and involve different areas of the business as much as possible
• Have a clear communication plan and end goal

20. Big opportunity
20
Would you do things differently?
eduroam everywhere
• Cisco do have a fantastic product:
•Pricing
•Licensing
•Products (Catalyst 9k) (IOS XE/AireOS)
•Chicken and Egg with software releases and equipment support
• Consider support and what this means
• Clear roadmap for the next 5 years
• Sign a good length agreement with review and improvement milestones to keep the partner engaged

21. Thank you
David Biron
Senior Network Engineer
d.biron@ucl.ac.uk