Background

The prestigious University sought to modernize its ICT infrastructure to enhance academic and administrative efficiency. The project aimed to implement a Software-Defined Data Center (SDDC) and a Software-Defined Networking (SDN) Campus Network to support over 20,000 users.

Challenges

The initial infrastructure was traditional, lacking centralized management and advanced security features. It required transformation to a more modern, scalable, and secure architecture. The University needed a turn-key solution to upgrade its infrastructure to a containerized environment, integrate a hybrid cloud system, and ensure robust security and user authentication across the campus.

Solution

PRIDE Group provided comprehensive consulting services, including feasibility studies, architectural design (HLD and LLD), and implementation planning. The project was executed in several phases:

1. Consulting and Feasibility Study: Detailed analysis of current infrastructure and future needs.

2. Architectural Design: High-Level Design (HLD) and Low-Level Design (LLD) of the new system.

3. Implementation of Cloud Hybrid Academic Environment:

   • Hybrid Cloud Integration: Utilizing Hyper-Converged Infrastructure (HCI) and SDN DataCenter technologies.
   • Transformation to Containerized Architecture: Migrating from a virtualized environment to a containerized setup.

4. Campus-Wide SD-Access Deployment:

   • User Authentication with dot1x: Implemented to ensure secure access.
   • Single Sign-On (SSO) and Multi-Factor Authentication (MFA): Enabled across all university information systems.

5. Hybrid Cloud and Azure Integration:

   • System Balancing and Recovery: Integrated with Azure for critical system balancing and disaster recovery.
   • Office 365 Integration: For seamless collaboration and productivity tools.

Technologies Used

New-generation Smart Modular Data Center by Huawei: Adopts the cold and hot aisle containment design and integrates the UPS, PDU, cooling, monitoring, cabinet, and fire extinguishing unit in a single row.

• CloudEngine 8800 series switches by Huawei: Next-generation Ethernet switches designed for data centers.
• Cisco DNA Center
• Cisco Catalyst Wireless Controllers
• Cisco SD-Access Switches
• Cisco Identity Services Engine (ISE)
• Azure Stack HCI
• Microsoft Active Directory
• Microsoft DNS
• Microsoft DHCP
• Microsoft System Center
• Key Protocols: iBGP, eBGP, 802.1x

Interoperability Challenges

A significant challenge was ensuring interoperability between the Hybrid Cloud SDN, based on Huawei switches, and the SD-Access network implemented on Cisco switches using iBGP. Additionally, integrating the University's authentication system with Eduroam accounts and vice versa required meticulous configuration to allow seamless access across the Eduroam network and University systems.

Benefits

• Enhanced Security: Implementation of dot1x, SSO, and MFA ensured robust security across the campus.
• Increased Efficiency: Transition to a containerized architecture improved scalability and resource management.
• Improved User Experience: Over 20,000 users benefited from seamless access to IT resources and services using a unified university email account for all applications, Office 365, and campus Wi-Fi.
• Disaster Recovery and Resilience: Hybrid cloud integration with Azure ensured critical systems are balanced and recoverable in case of failures.
• Unified Access Management: Simplified user authentication and authorization processes across all university systems, reducing reliance on non-university email accounts and motivating users to utilize university and third-party resources consolidated through Microsoft Office 365.

Conclusion

PRIDE Group's implementation of the Software-Defined Data Center and SDN Campus Network has significantly transformed the University's IT infrastructure. The project not only modernized their environment but also provided a scalable, secure, and efficient system that supports the institution's long-term goals.