I’ve created a new website http://wvls.jajulu.com/itforum to use as a gathering place for technology related discussions within the WVLS community.
I’ve written a brief introduction to the site which can be found here:
http://bit.ly/WVLS-TechForumIntro
And have started the first topic for discussion which can be found here:
http://bit.ly/WVLS-TechForumAV
A new entry is long overdue, and this one will be a doozey. I’ll be covering the WVLS member WAN, Internet connectivity and what it all means. I’ll briefly touch on Wireless networking and Antivirus but will keep the main focus away from them for now.
WAN – Wide Area Network – A network of linked computers covering multiple physical locations.
Most of the WVLS member libraries are connected to the WAN. A data line, partially subsidized by the TEACH program, and provided by the BCN (BadgerNet Converged Network) physically connects a library to the BCN facilities. In the past this collection of data lines and their convergence may have been referred to as “the BCN cloud”. The “cloud” term gets thrown around a lot these days and it seems like it can represent so many things. I’ll try to be very careful when I use the term, and will generally try to describe what it represents instead. WVLS also has a data line connecting our facilities to the BCN facilities. These lines forming our WAN allow our library and WVLS computers and servers to communicate with each other almost as if they were on simple local network. They do not provide internet access in and of themselves.
Internet – An internet or inter-network is any set of computer networks which communicate with each other using the Internet Protocol (the IP in TCP-IP or “My IP is 192.x.x.x”). THE Internet is the large global internet to which people generally refer when they talk about the world wide web.
The WVLS member libraries are connected to the Internet through the WVLS WAN, a local ISP (Internet Service Provider), or a combination of both. WVLS has a second data line which is outside of the WAN data line collection. This “outside” line goes to WISCNet, which is an ISP that provides WVLS with connectivity to the Internet. WVLS facilities act as an internal ISP to the WAN members by routing Internet destined traffic from WAN clients over to the Internet connection to WISCNet.
What does that all mean? Here goes (queue deep, wheezy intake of breath):
I’m still learning about our system, TEACH, BCN, WISCNet, V-Cat, and all of the history that goes into our current network infrastructure state. Here’s what I understand so far. We currently have 31 locations connected to our WAN with applications for 2 more sites in the works. The total bandwidth for all of those sites is about 70Mbps (Megabits per second). The WVLS Central Site WAN line is a 20Mbps line … I’ll pause while you get out your calculators … that’s right, the maximum capacity of the central line is a bit under a third of the combined total of all the sites. With two new site requests and several upgrade requests coming down the pipe; that figure moves down to around a quarter.
This generally wouldn’t be a problem. Excluding Internet usage for a moment, it is highly unlikely that any 15 libraries would be maximizing their WAN usage for internal services such as the V-Cat system. Even if all libraries were using the network heavily, the available bandwidth would average out to about half of a Megabit per second for each library. Plenty for V-Cat type services.
Enter the Internet. WVLS has an Internet connection with WISCNet that is provided over a 20Mbit BCN line. This means that our internet pipe is just as big as our WAN pipe. This means that internet usage by WAN members could consume pretty much all available bandwidth from the WVLS 20Mbit WAN line. And of course when I say “could” I basically mean “does”. Internal WAN traffic (V-Cat data) and outbound\inbound (Internet) traffic compete for bandwidth on the WVLS WAN data line.
I have been told that my ability to construct and use analogies is so poor, that people leave the discussion wishing they’d taken a different path in life, which would have lead them in any direction but toward me. My tone-deaf friends certainly don’t let the groans, curses, and threats to their person dissuade them from singing along, loudly, with the juke-box … and like them; I can’t shy away from trying out an analogy when I think one fits.
Imagine that you are a typical computer geek who has a home local area network (LAN) with several network endpoints; a pair of desktop PCs, a couple of servers, your laptop, your hippie girlfriend’s fancy pantsy Macbook Pro that she can’t stop bragging about or showing me all the funny “I’m a PC … I’m a Mac” commercials which I secretly enjoy, a couple of iPhones, a media computer for your new HD 1080p widescreen home theater projector and the 125″ electric screen that hasn’t arrived yet but you’re really excited about, the old laptop you fixed that you’ve been meaning to finish up and give to your mom for about 6 months, and a network printer, a cable router with a 100Megabit network port and 5 Megabit Cable Internet; all connected by a 100 Megabit switch.
You could upgrade your network speeds, get a powerful 1 Gigabit switch (upgrade Libraries’ WAN data lines), which would allow your individual devices to communicate faster over your network. But they would still be trying to get data from your cable router through its 100Megabit network port (current WVLS WAN data line). You could then upgrade your cable router to one with a 1 Gigabit network port (upgrade WVLS WAN data line) which would allow your all of your devices to connect much faster to your cable router (libraries get better performance using WVLS services like V-Cat), but each device is still limited to how much internet speed it has because the cable router is only getting 5 Megabit Internet service (WVLS WISCNet Internet line). All three components must be taken into account when considering the overall network and internet experience a patron or staff member has at the library level.
You: Well you’re right, I should have gone to school to be an artistic chef so that I never would have had the misfortune of experiencing one of your analogies, but now that the damage is done and I’m more confused than when I started reading … I’ll ask this question, and hope to all that is holy that you don’t respond with another analogy. When I upgrade my 1.5Mbps connection to 3.0 what does that get me and my library (aside from a warm fuzzy feeling)?
Me: Hmmm …. Not even a completely different and less convoluted analogy?
You: No … I’m looking up chef schools as we speak.
Me: Ok … Ok … how about a picture?
You: I’ll bite … let’s see it.
Me: It’s got a cloud …
You: I’ll ignore it …
Me: Actually it’s got three clouds …
You: Come on already, your stall tactics have succeeded in that I am once again interested in anything you have to say at all …
Me: =)
(Click the image to see a full sized version)
This has gotten pretty long, so I’ll wrap it up. It’s certainly fun to jest, but my real goal here isn’t to impress a blog wandering high powered editor from a major publisher into contacting me for a book deal. Instead I wish to give everyone an idea of what it really means to say “I’m upgrading my WAN speed”.
The diagram above is a very loose interpretation of the WVLS and member libraries’ combined network and internet infrastructure, with everything that isn’t vital to the discussion abstracted away into clouds. Some libraries have mentioned performance issues with the V-Cat system, but most are talking about a great demand for more Internet speed. In order to accommodate either via the WAN, multiple steps are involved: Upgrade local WAN connection, upgrade WVLS WAN connection, upgrade WVLS Internet connection.
Those libraries with local Broadband ISPs, like Charter or Verizon, can look to increase their Internet bandwidth relatively inexpensively outside of the WAN. Those smaller, more remote locations that have no access to a local provider are still able to access the Internet through their WAN connections. As we move forward, I will be looking into a total solution that includes a hybrid of WAN and local ISP connectivity to provide maximum performance as inexpensively as possible.
This morning a WVLS member noted that Verizon was bouncing due date reminder notification emails sent to patrons. Further inspection revealed that the Verizon mail servers were using one or more black lists which the WiscNet “Warden” mail server had gotten itself on.
Johny-on-the-spot WiscNet staff took care of the problem right quick, mentionng that a nameless WiscNet member was (I’m guessing unwittingly) relaying spam through the server.
WiscNet members can email support@wiscnet.net if they are ever experiencing unusual Internet or email issues.
AS I’m learning more about the services consumed by our member libraries, I find myself toying with ideas focused on standardizing, volumizing, and centralizing management of those services.
Standardizing: We’ve got a standard Antimalware (antivirus+antispyware) solution that’s kind of \ sort of centrally managed by WVLS in partnership with RMM Solutions. I’m thinking of other services as well. Sandboxing for instance: Deepfreeze, SteadyState, etc…
Volumizing: This one is simple. Pooling resources and buying in volume generally saves everyone money. The current antivirus is a good example of that as well. Anything that we can agree to standards on can then have a volumizing plan drawn up. Sandboxing software, Microsoft product licensing such as Office and Windows, and even PC hardware.
Centralizing: The write up of my job description, along with the implicit duties not specified, boil down to one thing: I’m here to help increase the value of being a participant in the WVLS IT system. By centralizing management of some of the common services, I can reduce the amount of resources members commit in order to use them. Other services which could be centralized are authentication management (active directory or a similar solution), disaster protected file storage and sharing, VoIP phone services; you get the picture.
Just for funzies, I’ve been sketching out a comprehensive centralized services plan (that’s why I’m still up at 1:45AM but NOT playing EVE Online). I’ve been researching virtualization from simple server consolidation to cloud services hosting (internal and outsourced solutions). I’ve looked at pricing and research\reviews on many different antivirus products (including Trend Micro). I’ve been reviewing the available sandboxing software packages. And I’ve been reading up on cases of libraries, schools, and other public institutions moving (some in part, some in full) from Windows based workstations and\or servers to Linux based workstations and\or servers.
My personal little pipe-dream is to flesh out these sketches into to fully formed multiphase project proposal with the end result being a fully managed virtual hosting solution offering both cookie-cutter desktops (new ones being provisionable within hours or minutes) and customizable staff workstations, reducing the 5 year TCO of the end user-workstation-experience by at least half.
I’m curious to hear peoples’ thoughts and ideas on the subject. I encourage people to register with this blog but registration is not necessary (yet) for commenting.
This eSchool News article discusses the first round of the broadband services expansion initiative. Applicants requested nearly $28 Billion in funding, but only $4 billion is available (for grants and loans) during this first round. Maybe the obvious popularity of the broadband expansion concept as well as the shear weight of requested funding will push legislators towards increasing available funding in future rounds.
Edit:
Wisconsin Dept. of Administration filed an umbrella application on behalf of 385 public libraries (and many other institutions). Hopefully the scope of this application will lend it heavy merit and provide many of our “dark” libraries with high-speed broadband capabilities.
Computer Antivirus usage and policies can be a touchy issue. For perspective I look to its counterpart in the realm of human health and physiology: vaccination.
Many of you may be aware of the ongoing debate over pros and cons of infant and child vaccination. Some people say “Vaccination is good because of this or that”, some people say “Vaccination is bad because of that or this”, and in the background is one or more levels of government, mandating vaccinations for various reasons based on some mystical (probably not but I like that word) collection of information and statistics and history. The government agencies are looking at the communities, regions, states, countries that they are responsible for and doing their best to answer the question, “what is the best comprehensive solution that we can implement and enforce, to protect as many people as possible?” I won’t turn this into a debate forum on that subject but the correlation is referred to provide a basis for understanding my perspective on antivirus. I’m kind of like that [insert level here] government agency.
Almost every debate has at least two sides … think about that … chuckle … OK I’ll continue. And almost every side of a really timeless debate has solid examples of why that side is “right”. I’ve heard almost every concern there is about antivirus from both sides over the past 12 years, I’ve advocated on both sides of the debate depending on my role at the time, and I still don’t know what’s “right”. There is an important aspect of my new role at WVLS which I will continually be trying to direct attention to, and that is protecting our “community” as a whole; a community of WAN members who all share access to a common resource and likewise, all share a common susceptibility to PC and network traversing threats. I will be keeping that perspective in mind as long as I sit in the “hot” seat of Network Admin.
That said, a community is made up of individuals, and each individual experiences the benefits and drawbacks of membership in different ways. I am always hoping to learn about the impacts of any “community” level project that are perceived by even a single individual as negative. We’re brought up to believe that one can’t please everyone. That may be true, but I refuse to let it be simply for lack of effort. I will do my best to help mitigate the negative experiences in every project, starting with the ARRoW – Antivirus Really Required on WAN (No one said I had to be good at naming things) – initiative I will be proposing soon. I’ve gotten some good feedback and am working on understanding the causes of the reported speed issues along with some potential solutions.
Bottom line: Antivirus and Antimalware in general are important tools on today’s connected networks. The reasons they exist, people who create viruses for fun or profit, are only getting more prolific and more clever (word wants me to use ‘cleverer’ but I refuse). A requirement for antivirus to be active on all computers exposed to the WVLS WAN will be coming down the pipes, and I’d like to hear your ideas on the matter.
