- Syracuse's London campus provides WiFi to allow study-abroad students to call home
- 35 dual-radio APs provide reliable wireless coverage for students and staff
- MX Security Appliances create site-to-site VPN tunnel to main Syracuse campus
Syracuse University (SU) in upstate New York hosts study abroad programs across the globe. Their London Program, one of the oldest and largest junior year abroad programs in the UK, is celebrating its 40th anniversary this year. Over 200 students from across the United States attend the program each semester to experience a new culture and to take special courses in Architecture, Design, Photojournalism, and more.
For some time, SU’s London Program had a slow and unreliable network, even as more students were arriving with not only laptops but additional wireless devices as well. “The network was very limited,” said Dr. Meredith Hyde, Director of the London Center. “One person using Skype to call home would take out the network for everyone else. It was a source of serious complaint and frustration for our students.”
SU needed to revamp the struggling network in order to match the caliber of the program and the expectations of the faculty and students.
Lee Badman, SU’s Network Engineer, wanted to find a solution for the London Center that matched the network quality at Syracuse. He was concerned that the network solution in place on SU’s main campus would be too complicated to manage remotely, and he didn’t relish the idea of getting on a transatlantic flight any time there was a problem. At the same time, he wanted the London network to be able to join the Active Directory services at the home Syracuse campus.
“The thought of trying to pull off a reliable high-capacity network in London seemed challenging,” Badman acknowledged. “I wanted something that would be easy to install and that would let me share the network administration with the IT Coordinator in London.”
Badman had been following Meraki for years and saw Meraki’s cloud- based centralized management as a potential solution. He was also intrigued by the MX series routers, with their auto-negotiating site- to-site VPN that could link London to Syracuse without manually configured routing tables, authentication, association parameters, key exchanges, and other headaches of traditional site-to-site VPNs.
“I was surprised by how many features were wrapped under the hood of the MX,” Badman said after discovering the MX’s other features, including a high-throughput next generation stateful firewall, layer 7 application traffic shaping, and integrated content filtering. “That kind of functionality would normally require several boxes.”
Badman decided to deploy one MX70 in London, and a second one in Syracuse, which connected via site-to-site VPN. Badman also deployed 35 dual-radio 802.11n access points (APs) in London for wireless access. Because the system is configured through a web-based dashboard, Badman was able to complete most of the London network configuration from his office in Syracuse. “It’s great having one simple interface for managing both the wireless and wired networks,” he said.
The site-to-site VPN tunnel between the two MX routers meant the SU London network could mirror the SU Active Directory, providing students with exactly the same authentication experience and access to university network resources that they had at home. “The Meraki solution compared to the old network is worlds apart,” said IT Coordinator Marco Figueiredo, Badman’s counterpart in London. “We would have never been able to join Active Directory services back at the home campus without the reliability that we now have.”
For wireless access, Badman created two SSIDs, one using 802.1X with RADIUS authentication to provide secure connectivity for students, and the other for guest access, which bypassed the VPN and went directly out to the Internet. Badman used Meraki’s traffic shaping tools to limit peer 2 peer file sharing, ensuring sufficient bandwidth for critical applications.
I was surprised by how many features were wrapped under the hood of the MX70. That kind of functionality would normally require several boxes.Lee Badman, Network Engineer
The Meraki network is now fully operational in SU’s London center, and students, faculty, and the IT teams are all equally pleased. “Study Abroad students have so much to learn when they arrive in a new country, worrying about how to connect to the wireless shouldn’t be one of them,” Figueiredo said. “Now as soon as a student steps off the plane and walks into our building he or she is automatically connected to our network.”
SU’s London Center Director Dr. Hyde agreed. “The network provides a fantastic resource for our students, and early data suggests they are using it not only for academic work but for what to them is crucial – staying in touch with family and friends in the U.S. through Skype and social media.”
Badman is also thrilled with the results and ease of system management. He controls the main network settings through the cloud, while Figueiredo tweaks individual issues from London. Figueiredo chuckles,
“As the IT guy on the ground you know when your users are happy. You don’t hear from them. They aren’t knocking on my door or calling multiple times anymore.”
Badman chimes in, “I haven’t had to think about one of our major network environments—and that says a lot.”