2. NETWORK SERVICES

2.1 Campus Backbone 4
2.2 Janet Connection 5
2.3 Gandalf Service 6
2.4 Dial-In Service 6
2.5 Electronic Mail 7
2.6 Microcomputer Network Services 7
2.7 Network Hardware Maintenance 8
2.8 Security 8


2.1 Campus Backbone

During the past year the University Optical Fibre Network has been extended to the John Radcliffe Hospital and work is in progress to provide direct optical fibre connection to clinical departments in the Nuffield Orthopaedic, Warneford and Churchill Hospitals. A new telecommunications room is being equipped in the Institute of Health Sciences, which will provide network connection to the existing University groups and for the future developments which are expected in this area.

The ducting programme being undertaken by the local cable company, ComTel, has provided opportunities to extend the University Optical Fibre Network to locations within the city where there is a high concentration of student accommodation. The first area to be covered is the St Clements/north Iffley Road area. A similar exercise is proposed for north Oxford when ComTel undertake installation of their infrastructure, which is scheduled for 1997. This work is part of a strategy eventually to enable all graduate and undergraduate student accommodation to have access to the University Backbone Network. Although extending the University Optical Fibre Network must be considered as the preferred option, in areas where geographical or financial considerations weigh against this, other methods such as connection by ISDN and Wireless LAN are being actively pursued.

During the 1995/6 University year the only change which has been made to the Campus Backbone Network configuration has been the addition of one Netbuilder II router. This is temporarily located at the Warneford Hospital until the Institute of Health Sciences Telecommunications Room is ready for service. The total number of attached Ethernet Networks has increased from 149 to 173 during the year (see Table 1), to which are now attached nearly 12,000 computers (see Figure 2). All colleges now have an Ethernet connection to the Campus Backbone. In Table 1, the increases under the departmental heading have mainly been a combination of departments requesting a second backbone connection and movement of university staff into refurbished accommodation.

The 22 3Com Netbuilder II routers which form the basis of the Campus Backbone have been upgraded during the year by increasing the processor memory capacity from 12 to 20 Mbytes. A further upgrade to install Flash Memory Drives is in progress. Both these upgrades are necessary to take advantage of the latest interface card developments for the Netbuilder II router.

Figures 1 and 3 give, respectively, a geographic and logical representation of the University Network. The Backbone traffic is still relatively light, but it is rising rapidly (see Figure 4). It is estimated that we will need to plan for a faster replacement in about 1998.



2.2 Janet Connection

Traffic continues to climb dramatically, doubling in volume in less than 12 months (see Figure 5). The volume of inwards traffic is approximately 2.5 to 3 times the outwards traffic, which almost exactly matches the relative capacities of the inwards and outwards SMDS links supplied by UKERNA (10 and 25 Mbps respectively). Concern is mounting that the capacity of this link is fast approaching, and negotiations have begun with UKERNA and other bodies to ensure that we will be able to acquire a faster link before the end of 1997. Oxford has close to the highest amount of traffic of any university in the UK. The link to the USA has been a matter of some concern also during the year. In the first few months of 1996, the capacity of that link was increased from about 4Mbps to about 20 Mbps. This has had a noticeable impact on accessing US sites, and has not yet simply been swallowed up catering for pent-up demand.

Negotiations (with UKERNA, and also with Oxford Brookes University, Rutherford Appleton Laboratory and other education and public-sector and research bodies in the Oxford region, have been commenced with a view to establishing a Metropolitan Area Network (MAN) in the region. This would speed any traffic with those bodies, act as a catalyst to upgrade the link to Janet, and foster a greater interaction within this community.

2.3 Gandalf Service

The Gandalf usage figures show (for the first time) a slight reduction in total traffic (see Figure 6). The number of lines being disconnected (298 this year, 391 last year) is still very low, and it is thought that a large number of unused lines remain connected, possibly as a back-up for Ethernet connections (see Table 2). A campaign to publicise the run down of the service (planned to close at the end of 1997) will be undertaken in Autumn 1996. It is hoped that the move of the Library service to solely Ethernet connection will cause a noticeable decrease in usage. 13 new lines have been connected this year, to locations where Ethernet was not readily available.



2.4 Dial-In Service

The rapid growth in demand, and the limitations of the Gandalf dial-in system (restricted to 2000 separate usernames and speeds of 19,200 baud) led to the assessment and purchase of a new combined dial-in and ISDN system using an Ascend MAX 4000. The main criteria for selection were that the new system should be able to support a large number of usernames; provide profiles for service restrictions by username; make use of an authentication server using recognised encryption techniques; recognise and support all standard protocols (TCP/IP, SLIP, PPP, NOVELL, ASYNC); support all standard modem protocols up to V34; support ISDN calls.

The physical connection to the public telephone network is via a service known as "Primary Rate ISDN". This allows for 30 Basic Rate ISDN connections per Primary channel (the Ascend unit can accept up to 4 such feeds). The asynchronous modem sets are digital and have 8 channels per module. The unit recognises incoming calls via the Primary Rate ISDN connection as either genuine ISDN or digitised asynchronous and switches modes automatically, thus hugely simplifying the incoming connectivity. The unit has a single Ethernet connection to the University network. The incoming connection is supplied by BT, but it is planned to install an additional feed from ComTel, to allow local users to take advantage of the cable services currently being installed in the area.

This service was introduced in the Spring, after a significant amount of work had been done to integrate this with the OUCS Registration service. It clearly met a demand for higher bandwidth connectivity, and users rapidly transferred to the new service. The old service will be terminated at the end of January, 1997. Overall, usage of dial-in has continued to climb steeply, more than doubling over the past year (see Figure 7). However, the number of active users of the service has only increased slowly, by 10% (see Table 2). OUCS will act as "broker" for the national dial-in service which UKERNA announced at the end of the period.

2.5 Electronic Mail

The number of messages received by the mailer shows a 50% increase on last year, and the volume of messages has increased by 170% (see Figure 8 and Table 3). Not only is more use being made of email, but the size of messages is increasing rapidly (presumably through more use of attached files). The number of messages going out from the mailers has risen even more steeply, which is thought to be due largely to increased use of mailing list facilities.

A new, faster mailer, known as oxmail3, was brought into service in September 1995, and a fourth is currently on order.

"Fuzzy matching" software was introduced during the year on oxmail2 and oxmail3 (but not oxmail1 which is older technology). This checks failing destination names (in the form firstname.lastname) against the list of known names in the database, and returns to the sender a failure message including a list of possible similarly spelt names. This is especially useful to callers from outside Oxford.



2.6 Microcomputer Network Services

OUCS staff with expertise in micro networks continue to be under heavy pressure to provide advice and assistance in the installation, operation and development of microcomputer networks (eg Novell and WindowsNT) around the University. This includes the configuring of microcomputers (PCs and Macs) to enable them to operate on such local networks.

A great deal of other personal computing advice is being given on communications issues, evidence of the continually expanding reach of networking and demand for the services of these key staff. For instance, there has been a large increase in demand for dial-in access from PCs and Macintoshes which complements the recently upgraded Dial-in facility. Documentation for a tried and tested set of software options has been prepared, for implementing PPP dial-in access to the Internet for the commonly used operating systems (Windows 3.1, Windows 95 and Mac OS).

The Novell Server Management service has continued to grow. This is a facilities management service where, for a fee, OUCS staff will install and maintain Novell servers for departments and colleges. The service is currently staffed by two people. Funds have been provided to enable Humanities faculties to make use of this service free of charge.

2.7 Network Hardware Maintenance

This new service was introduced in January in response to a number of requests from departments and colleges who were disappointed with the commercial maintenance service available for their Ethernet-based networks. What OUCS has endeavoured to do is to provide a much more economical service, but with a rapid response to emergency situations.

This has been accomplished by charging a small standing charge, which ensures that stocks of most network components are held by OUCS. If a fault develops, the faulty component is identified and replaced quickly, and then a repair undertaken. The repaired item eventually replaces the "loaned" item, and the client is billed for the actual cost of repair. The scheme also incorporates a degree of remote network management by OUCS, to assist in the early detection of network faults and bottlenecks.

The scheme is working well, and 14 units had taken it up by the end of July.



2.8 Security

The Oxford University Computer Emergency Response Team (OxCERT) continues in its roles as guardian and educator. It has responsibility for protecting the security of university systems and networks from both internal and external attack; for liaising with other organizations where necessary and appropriate; for raising awareness of security and privacy related issues within the University; for testing the security of systems on request and advising their administrators; for providing security related tools and documentation. It has performed in all these categories over the last year.

The team has almost the same personnel as a year ago --- four front-line staff handling incidents as they occur, and a backup team of another nine. These 13 people are drawn from a number of University departments. Everyone working for OxCERT does so on a part-time basis. OxCERT itself provides cover on a best-efforts basis and, in particular, is not able to provide a 24-hour, 7-day response.

During the year, about fifty incidents have been investigated, including: attempted break-ins both to and from Oxford; denial of service attacks; theft of equipment (especially memory); unauthorized usage of facilities; a steady stream of virus infections. Many of the alerts had simple and/or innocent explanations but several were more serious and appropriate action was taken in conjunction with the University and other authorities. In one case, OxCERT assisted the Thames Valley Police with their enquiries; in another, information about a computer break-in at Oxford was passed via JANET-CERT to the US FBI.

OxCERT members have contributed to the University and wider communities by presenting seminars, news articles and the like. The chairman co-authored a UKERNA-funded study into the provision of secure email for the JANET community and presented a paper about it to the Forum of Incident Response and Security Teams at their 1996 workshop in San Jose.