Introduction

The massive virus infections on student-owned computers in the Kenyon residences in the fall of 2003 had a serious impact on the performance of the campus network for faculty and administrators. Even though faculty and administrative computers were generally well protected from infection (due to timely software patches and up-to-date anti-virus software), the volume and type of network traffic generated by the multiple viruses slowed the campus network and the access to the Internet for everyone. By restructuring the campus network, however, most slowdowns and other potential computer security hazards can be prevented.

Before November 24th, the campus network was organized primarily geographically, so that various parts of the network, called subnets, would be attached to the core of the network at the closest place. Each subnet, whether academic (such as the Ascension subnet), administrative (such as the Edelstein subnet), or residential (such as the Old Kenyon subnet) had "equal" access to the core of the network. This arrangement was the most efficient and the least costly.

After November 24th, the residential subnets will be collected together and a firewall inserted between them and the rest of the campus network. This internal firewall limits network traffic from residential subnets to resources that student are authorized to access. So student computers in the residences will still have access to student e-mail servers, campus web servers, and file servers for the H and P drives. But the firewall will prevent the kind of virus-initiated network scanning traffic that searches through every part of the campus and degrades network performance.

This diagram describes the change visually.

Impact on Students

The impact on students should be minimal. This change has no effect on computer classrooms and labs on campus. Students in their rooms will still have access to the resources they are authorized to access. But the firewall will act as a bottleneck, limiting the total traffic between the campus servers and the residences to 100 megabits per second (100 mb/s). To alleviate that bottleneck, traffic between the residences and the Internet will not go through the internal firewall, but be routed directly to the Internet.

For more information, contact:

Ron Griggs, Director of Information Systems

740-427-5632