Ryerson University

2500+ Employees
Networking

Build a path to the future. Avaya’s advanced fabric networking technology takes SDN networking and cloud services to the next level. Reduce network outages, enjoy quicker access to information, and easily integrate new communications channels and applications. If you wish, do it all with your existing infrastructure.

Ryerson University is home to 38,950 undergraduate and graduate students, including 2,300 master’s and PhD students.

Benefits

Network Scalability

RYERSON UNIVERSITY EMBRACES BYOD WITH A HIGH-PERFORMANCE AVAYA NETWORKING SOLUTION

Fabric Networking Solution Ensures Future Readiness for Advanced University Education, Research, and Administrative Capabilities

Ryerson is known as a university on the move – a characteristic that is clearly demonstrated by the vision of its forward-looking IT group. Over the past four years, they have taken an aggressive, proactive stance on the emerging bring-your-own-device (BYOD) trend in education and the growth of mobile communications among the general population.

Fabric Networking Solution Ensures Future Readiness for Advanced University Education, Research, and Administrative CapabilitiesThrough the deployment of Avaya Identity Engines Ignition® Server and a network refresh to advanced Avaya core and edge technologies, the University can now support Gigabit Wi-Fi and other high-performance network functionality for the University’s more than 38,000 students and nearly 2,700 faculty and staff, as well as many vendors and visitors.

Establishing Heightened Security for the Wireless Network

According to Mourad Michael, Assistant Director, Communications Infrastructure, Computing and Communications Services, universities are high-profile targets for malicious attacks. The University needed to take a very serious approach to offering wireless access for its many students, faculty, staff, and visitors. Their concerns were not only for their existing load of wireless users, but also for the rapid growth they anticipated due to the emerging BYOD trend in the education environment and the growing importance of mobile devices in business and personal communications.

Ryerson University

The IT team sought a wireless access control solution that would meet their criteria, which included:

  • The ability to provide access via either PC or Mac devices and authentication for their separate directories (one for students and faculty, and the other for administration)
  • Wireless authentication using WPA2 encryption, to be provided without installing new clients on users’ computers
  • Ease of management and scalability to accommodate anticipated future growth
  • A system that would pass the most rigorous security audits

After considering various security solutions for the wireless network, Ryerson chose Avaya Identity Engines Ignition® Server. The Ignition Server provides a central policy decision point that streamlines access management, improves security, provides reports, and lets network administrators apply policies. Authentication is performed directly against the enterprise’s user directories, so access policies operate on the latest user account information. This capability reduces latency and helps to increase security.

The Ryerson IT team installed Identity Engines, tested it, and moved it into production within 10 days. Mr. Michael comments on their experience:

“We were amazed at the speed of installation and how quickly our team was able to become comfortable with this solution.”

Mourad Michael, Assistant Director, Communications Infrastructure, Computing and Communications Services, Ryerson University

“The GUI is very straightforward, requiring only minimal training. We have found it surprisingly easy to implement policies and configure them, to add rules and to remove rules—making it all as granular as we want,” Michael continues. “It is a huge benefit that Identity Engines uses an open standard. It adapted easily to our wireless system, and we were confident it would fit with changes that would occur as our network evolves.”

As a comprehensive policy engine, Avaya Identity Engines Ignition® Server uses identity as the basis for managing and monitoring access across the organization’s network, connecting with existing identity systems and switch infrastructure. The network administrator applies policies that evaluate user account details, switch details, device type, and/or any RADIUS attribute to determine network access. Similar criteria may be used to evaluate TACACS+ requests for administrative access. It supports dynamic session provisioning, allowing each user to be assigned to the appropriate VLAN, based on the attributes of the user and device.

The Ignition Server can integrate with multiple, heterogeneous directories, offering location-based and realmbased strategies to search multiple data repositories for the user account. User attribute normalization features are provided to help obtain consistent user data from varied sources.

The Identity Engines framework is based on the Extensible Authentication Protocol (EAP) that is required for Wi-Fi Protected Access 2 (WPA2). This provides network administrators a high level of assurance that only authorized users can access the network.

“We feel very confident going into both internal and external audits now because, with Identity Engines, we can use WPA2, which we recognize as the best encryption method for data over the wireless network”

Mourad Michael, Assistant Director, Communications Infrastructure, Computing and Communications Services, Ryerson University

“Before, only WEP through LDAP was available to us, and that was not satisfactory,” Michael recalls.

The Avaya Identity Engines Ignition® Server has enabled the University to implement a guest access procedure that coordinates seamlessly with their existing processes. At first it allowed for the retention of legacy authentication processes that used the Ignition Server as a single point of entry, and ultimately it enabled the transition to a more efficient Microsoft Active Directory approach.

The Ignition Server provides an accurate account of which users and devices have logged in, and it offers simple report generation for compliance. Michael has found that the reporting features for Identity Engines are very robust and comprehensive, providing all the information that is needed to facilitate quick troubleshooting.

“Speed and Security Rolled into One Solution”

As a result of using Avaya Identity Engines, the University is experiencing numerous benefits, including:

  • Ease of management, with authentication processes that place minimal burden on IT staff
  • Adaptability to multiple directories - saves time and money, and ensures that device identities are continually updated – thereby reducing latency and helping to increase security
  • Seamless coordination with existing processes
  • Policy-based access control
  • Comprehensive logging and reporting capabilities, providing granular control and facilitating compliance
  • Heightened security that helps meet strict requirements for organizational governance, regulations, and compliance
  • High capacity and demonstrated scalability
  • Open standards flexibility, enabling interoperability with a wide range of third-party systems

Michael states, “We have many different people who need to access our network at any given time. Today, everyone who accesses the network goes through Identity Engines.”

Our Identity Engines tool quickly and easily authenticates everyone before they’re allowed to access the school’s network. It’s speed and security rolled into one solution.”

Mourad Michael, Assistant Director, Communications Infrastructure, Computing and Communications Services, Ryerson University

University Stays Leading-Edge in Its Technologies with Avaya

Shortly after Identity Engines was installed, Ryerson began to see up to 5,000 devices per day on the wireless network. Usage expanded quickly, with an annual increase of 3,000 or more additional devices per day. The Avaya Identity Engines Ignition® Server has easily scaled to meet the increased demand. Michael comments, “At first we were concerned about sending thousands of users through this one authentication engine, but we’ve found that the system has no problems with our huge, constant volume, and we’ve seen no capacity limitation issues.”

The University routinely upgrades its systems and network in order to stay current with advancing technologies and leading-edge in its capabilities. From this perspective, heavy and rapidly-expanding utilization of the wireless network prompted the IT team to consider upgrades that could provide even greater performance and capacity via higher-speed wireless connectivity that could be achieved with Gigabit Wi-Fi. This upgrade, in turn, drove the network requirements for PoE+ switches and redundancy down to the core, and for 10 Gigabit high speed connections in the core of the network.

The IT team had an opportunity to launch the upgrade to Gigabit Wi-Fi and the overall data network refresh when they were tasked to refit a large and important building on the campus for leading-edge technology, including Gigabit Wi-Fi. They met the demands of Gigabit Wi-Fi and other advanced technologies by refreshing their existing Avaya network – which included Avaya Ethernet Switch 8600 and Avaya Ethernet Routing Switch 5520 – with Avaya Ethernet Routing Switch 8800 at the core and Avaya Ethernet Routing Switch 4800 at the edge.

The logic for the particular choices made by Ryerson University to support Gigabit Wi-Fi was straightforward: Power over Ethernet Plus (PoE+) capability, supplied by Avaya Ethernet Routing Switch 4800, was required for the upgrade to Gigabit Wi-Fi; and the high-performance architecture of Avaya Ethernet Routing Switch 8800 was needed to support Gigabit Wi-Fi performance. The overall effect was far-reaching. In fact, this network refresh effectively positions Ryerson University for emerging and future technologies through high capacity, resiliency, and reliability, especially insofar as these are afforded by Avaya Fabric Connect technology.

Conclusion: “A Level of Support That Is Best in the Market”

“There are several reasons we have stayed with Avaya,” Michael concludes. “The equipment is rock solid, and because of the open standard, there is smooth interoperability with other systems. The Avaya platform is also easy to upgrade. Even though we have gone through much iteration, we are still using the same chassis that we bought 10 years ago. We simply swap I/O cards or CPUs to keep up-to-date, and the configuration for switches is carried forward. But perhaps most importantly, the level of support we get from Avaya is really the best in the market.”

“The Avaya people are very knowledgeable, helpful, and always very sincere in their advice. They support us all the way.”

Mourad Michael, Assistant Director, Communications Infrastructure, Computing and Communications Services, Ryerson University

Ryerson University is home to 38,950 undergraduate and graduate students, including 2,300 master’s and PhD students.

CUSTOMER PROFILE
Ryerson University
  • Headquarters:

  • Canada

  • # Employees:

  • 2700

Ryerson is Canada’s leader in innovative, career-focused education and a university clearly on the move. It is a distinctly urban university with a focus on innovation and entrepreneurship. Ryerson has a mission to serve societal need and a long-standing commitment to engaging its community.

What our Customers are saying
“Perhaps most importantly, the level of support we get from Avaya is really the best in the market.”

Read more testimonials >
  • Mourad Michael

  • Ryerson University

AVAYA SOLUTIONS DELIVERED