VPN Haus: Does the size of the university matters in how to deal with provisioning?
Ruset: I think that the size of the university may present some logistical challenges, but this is where having set policies and well-documented workflows are crucial. Basically, it boils down to managing expectations. You have the expectations of the students (that they will get an account), the expectations of the people in IT (that they will have the information they need to create the account), and the expectations of the registrar’s office (that the students will be taken care of.) The only way that this will happen is with clear communication.
So to turn this back into the corporate world, when a new employee is hired it’s important to make a good impression. So things like having an account provisioned for them, a PC on their desk, etc. is absolutely crucial. If they walk in and they don’t have a place to sit, don’t have a way to receive emails, etc. it doesn’t paint the organization as a whole in any good light. By having a policy in place that says “when a new employee is hired, IT should be notified at least X days prior to the employee start date, and IT should confirm with HR that the account has been created”– it sets the level of expectation. Now, if the workflow isn’t followed, it becomes a human problem (oversight, laziness, being overworked, etc.) and not a technological problem. Ideally then the organization can then address the issue with the person and prevent the issue from happening again.
You can essentially reverse all of that for account de-provisioning.
VPN Haus: Are the influx of mobile devices on campus impacting network connectivity issues (bandwidth, provisioning, network access, security)?
Ruset: I’d say that wireless networking is probably the biggest thorn in the network group’s side right now, but is also the area where the campus really has to invest in. I think that now there’s an expectation that WiFi will be ubiquitous throughout campus, and that involves a heck of a lot of infrastructure to make that happen. Just by walking through Frist Campus Center at lunch (if you watch House MD, it’s the building they use to show Princeton Plainsboro Hospital), you’ll see dozens of students with their laptops open, working or relaxing. Add phones that have WiFi built in (eg: iPhone, Android, etc.), and things like iPads it’s not going to be uncommon for students to have two or three wireless devices on the network at any one time.
One of the really big challenges is IP space. Princeton uses routable IPs for all of their devices, and they’re in short supply. That’s one of the reasons why the network team is so proactive at looking at traffic and blocking devices that misbehave.
Ben Ruset is systems administrator at Princeton University
[tweetmeme source=”vpnhaus” only_single=false]