Network Improvement Plan

NC A&T’s ITS division has completed Phase One of its network improvement plan.

The plan began with a independent assessment of the current network configuration.

From the assessment, the following four changes were recommended and have been completed.

  • Private IP Addresses
  • VLAN Segmentation
  • QoS/IP SLA Changes
  • Switch Configuration changes

The first change was to move all network devices from using public IP address to private IP addresses. This will enhance the security of devices on the network.

Previously, NC A&T used Public IP address for network devices. This enabled the network devices to be visible and accessible from the Internet. Network devices with private IP addresses are not visible or accessible from the Internet. This provides an extra layer of security. Computers that need to be accessed from the Internet maintained Public IP addresses.

The conversion to private IP addresses was done in phases on a building by building approach, during the summer of 2015.

Network Improvement Plan - Phase One

Private IP Addresses

The purpose NAT/Private IP Address Project was to change all network devices on campus from Public IP Addresses(Internet Accessible) to Private IP Addresses. The project will also segment devices into different classifications. The new classifications will be: Faculty/Staff, Student, Labs, Printers, Equipment, Servers and Network Equipment. These changes are being made to enhance the security of the network.   

Users who remote into their machines via VPN, will have to use the new IP address if they currently use their current IP. If they use the DNS name, they should still be able to do that. If not, they can open a case in Cherwell, and it will be corrected.

VLAN Segmentation

During phase one, ITS employed VLAN segmentation. This provided for the segmentation of network devices by the user or function. Network devices were divided into five classes: Faculty/Staff, Students, Printers, Equipment, Servers. This will also allow for enhanced network security by restricting access to certain resources.

QoS/IP SLA

QoS and IP SLA settings were modified during phase one. In order to ensure that priority traffic receives the necessary bandwidth required, Quality of Service (QoS) has been implemented. QoS prioritizes traffic so that times of network congestion, certain traffic types get the necessary bandwidth that they require. Voice, Data and Video have been determined the priority traffic types.

Switch Configuration changes

There were several other changes made to the network switches to enhance the security and manageability of the devices.