Main Menu

Info for Technical Contacts

To address the growing need for dependable and high-speed connectivity, DIT is thrilled to start the comprehensive replacement and enhancement of our campus network, named the Network Refresh. This initiative is designed to bring a modern touch to our network infrastructure, fostering a seamless and unified experience for both wired and wireless connectivity. The project will not only expand coverage across the campus but also fortify our security measures, safeguard against potential cyber threats, and ensure a resilient and robust network environment for our community. 

Switchover to the New Network

Identity-Based Policy-Driven Networking- We understand the significance of setting up a network based on identity and driven by policy. By separating this setup process from the hardware upgrades, we give ourselves more time to work closely with each department and their IT teams on the necessary preparations for the new network configurations. This step-by-step approach allows for a smoother and more effective implementation while causing as little interruption as possible and making the project more likely to succeed overall. 

The new network promises: 

  • Enhanced User Experience with consistent wired and wireless performance, extending the "at home" experience to all residence halls. 
  • Improved Performance which boasts significant speed increases, supports up to 5Gbps for wired connections (with adapter), and facilitates faster data transmission wirelessly. 
  • Advanced Security that ensures authorized network access.
  • Access Control is driven by network policies and roles to guarantee a uniform user experience across all connections and locations. 

During this time, we would greatly appreciate your patience as building outages are expected while we are developing a more advanced and user-friendly network.

Enhanced User Experience

On the new network:

  • Users will have the same experience for both wired and wireless connections
  • Physical connections won’t require specific VLAN assignments  
  • The “At-Home” experience will be delivered to all residence halls
  • We will further support and enhance the use of IoT devices for the entire campus community

Improved Performance

The new network is committed to providing users an upgraded performance :

  • Most wired connections will now be able to handle speeds of either 2.5 or 5 Gigabits per second (with adapter)
  • Most wireless access points will connect at these faster speeds as well
  • With the introduction of Wi-Fi 6E (6 GHz) users can expect even faster and more reliable wireless connections
  • Most buildings will be connected with two connections capable of speeds up to 25 Gigabits per second each.

Advanced Security

On the new network:

  • We will be able to know who exactly is on the network
  • Physical connections won’t require specific VLAN assignments  
  • The “At-Home” experience will be delivered to all residence halls
  • We will further support and enhance the use of IoT devices for the entire campus community

Access Control

On the new network, network access will be driven by policies and roles that are assigned based on the following factors:

  • User Identity
  • User affiliations and group memberships
  • Device type
  • The degree to which a device is centrally managed
  • Device posture (OS version, patches, Trellix/FireEye, drive encryption, etc.)

A network managed by policies and roles is what allows for a consistent user experience regardless of connection method or location.

Phases

Copper Cabling- The current phase of the project focuses on adding cabling for additional access points. Cabling technicians work on routing and connecting cables, ensuring reliable and efficient data transmission. The cabling phase is crucial for establishing the foundation of the network, promoting connectivity, and supporting the overall functionality of IT systems within the project scope. This cabling work will support additional wireless access points, which will improve UMD wireless service beginning during the next phase of the refresh.

Fiber Cabling- The new network design has every 48-port switch connected with dedicated fiber. In some locations, additional fiber is needed to support this design. The fiber cabling phase involves implementing and upgrading fiber optic connections to enhance connectivity, improve data transmission speeds, and ensure a reliable and efficient network. This phase is crucial for modernizing the IT infrastructure, unifying wired and wireless experiences, expanding network coverage, and reinforcing security measures to protect against cyber threats. 

Building Preparation

As we move forward with preparations for the pilot migration, we have identified clear points of contact within DIT who will play a pivotal role in the preparations for the pilot migration. Their assistance will be instrumental in facilitating a successful transition in preparation for the scheduled migration. 

Active Directory Migration 
  • All university Windows endpoints will need to be on UMD’s Central Active Directory
  • Contact: Lauren Kuza, kuza@umd.edu
Endpoint Management 
  • Endpoints will be configured to be manageable by UMD's JAMF and Intune systems
  • Contact: Lauren Kuza, kuza@umd.edu
Departmental Switches (switches currently connected to wall ports) 
  • Departmentally run switches will no longer be supported in the new network
  • Contact: Brian Jernigan, bjerniga@umd.edu
Server Moves (servers currently connected to wall ports) 
  • DIT will be reaching out to work with departments to transition servers to UMD Managed Data centers
  • Contact: Alex Rosenbaum, alexr@umd.edu

Project Resources

Frequently Asked Questions

Security

Departmental IT and DIT would have visibility to information needed for administration purposes (patch levels) to help protect the computer and the campus network if there's a high-vulnerability patch needed.

Not exactly. The campus network refresh is all about network modernization, with the goals of improving user experience and performance while at the same time improving overall security. We will be in a much better position regarding NSPM-33 compliance, but it’s not specifically why things are changing.

Computers/Endpoints

IT administrators will have the ability to open resources to campus when registering a device. This will allow students to be able to print.

IT admins would have the ability to register and self certify that the devices are being kept up to date on critical patches. DIT will work with departmental admins to make sure these registered machines have access to necessary resources.

This is true for all university-owned Windows computers capable of being on Active Directory. This is not true for personally owned devices, Mac computers, or Linux machines.

University-owned Windows computers will need to be configured with the Intune system, and university-owned Mac computers will need to be configured with DIT-managed JAMF. This will allow important network configurations to be handled by DIT ahead of building network upgrades.

There is flexibility on this topic. Keeping machines updated is an essential aspect of overall network and data security. DIT acknowledges, however, that patching and OS upgrades could disrupt academic and research activities. Departments will have the option for DIT to handle patching and OS upgrades or local departmental IT to handle patching and OS upgrades.

From now through the completion of the network refresh, general network access will not be blocked based on the status of drive encryption. In the future, there will be instances where access to systems with Level 4 data (see UMD Data Classification Standard IT-2) will limit access to university-owned machines with encrypted drives.

University-owned Windows computers that are on central Active Directory and Intune will be automatically configured for network connectivity and access to common departmental network resources like printers. If the machine is not on central Active Directory and Intune, the user will need to register the machine as a BYOD device, limiting access to departmental resources without VPN. In the future, some services may not allow access from devices registered as BYOD devices. For this reason, DIT highly recommends that individuals work with their local IT to ensure their university-owned Windows work computer is configured on central Active Directory and Intune.

University-owned Apple/Mac computers that are on DIT-managed JAMF will be automatically configured for network connectivity and access to common departmental network resources like printers. If the machine is not on DIT-managed JAMF, the user will need to register the machine as a BYOD device, limiting access to departmental resources without VPN. In the future, some services may not allow access from devices registered as BYOD devices. For this reason, DIT highly recommends that individuals work with their local IT to ensure their university-owned Apple/Mac work computer is configured on DIT-managed JAMF.

Departmental Network Switches

Not entirely. Switches that are connected to wall ports and provide wired access to university-owned or BYOD laptops/desktops need to be retired. DIT will work with departments to install the necessary network drops so that these switches aren’t necessary. For clarity, switches used in data centers or computer rooms that are not connected to wall ports are not in scope for replacement.

Devices that are plugged into switches that are in turn plugged into a wall jack likely won't work as expected. If you currently have such a configuration, DIT will meet with you for discovery to determine how to handle this on the new network. We would either activate additional jacks, install additional jacks, or provide explicit exemption based on the use case. Any additional activations or installations would be at no additional cost to the department.

Other

This will be discussed during preparation for the migration. What’s important to understand is that every device on the network today will still be on the network after the campus network refresh. DIT will work closely with departmental IT leads on the appropriate configuration for specialty devices.

Do you have other questions? Please reach out to the project team at CampusNetworkRefresh@umd.edu.

Virtual Office Hours

We have virtual office hours every other Wednesday from 1 until 2 p.m. over Zoom. This is open to everyone who has questions about the project or is interested in the latest developments.

Upcoming Office Hour Sessions for Network Refresh

  • May 29 
  • June 12
  • June 26
  • July 10
  • July 24

Contact Info

Back to Top