The usually well-spoken Cory Doctorow has posted an entry in Boing Boing relaying a report from Jason Schulz decrying Penn State’s policy of not allowing students to run servers on the University network.
While it’s very easy to cry foul on the big, bad, University for limiting student freedom, reality is, as usual, far more complex and nuanced.
I can’t speak for Penn State, but I do know about the deliberations we’ve had over the years on the same topics here at the University of Washington.
Running a network at a large research institution is not an activity for the faint of heart – the demands are huge and growing exponentially, the policies governing the network are never clear, and the budget is always too small.
While we like to think of students using computing and networking at universities in terms of absolutes like academic freedom, freedom of speech, and free inquiry and learning, in reality providing network services for students comes down to a series of cost/benefit/risk tradeoffs.
The cost of providing high speed network services to a modern research university is not inconsiderable. For instance, Indiana University shows its total networking costs for the 2002-2003 year at the Bloomington campus to be right around $7.5 million (reports available here). So let’s not labor under the illusion that providing bandwidth to students is free (or even cheap). In addition to the costs of providing network services, there is also the cost of providing support for those services – analyzing problems with networks is complex and getting more so in the age of firewalls, NAT, and other security-related appliances that interfere with the end-to-end nature of the network.
The set of risks to an institution posed by abuse and misuse of the network should not be underestimated. There are security risks to the institution brought about by poorly administered machines on the network (as I write this we are in the process of shutting off a couple thousand campus IDs that may have had passwords sniffed as a result of several compromised *nix boxes having trojan ssh servers installed), legal risks posed by people sharing data that they don’t have rights to (not just music and movies, but photos, licensed research materials, and the like), and the risks to the institution’s reputation with its funders, alumni, and state, federal, and private agencies, if the university is perceived as doing a poor job of running its network services. In another context my colleague Terry Gray has pointed out that we are rapidly evolving to a legal environment, in the age of regulations like HIPPA, FERPA, and the like, where much of our technology will end up being determined by managing the risk to the institution – sigh.
I certainly agree with Cory and Jason that the benefits from students having widespread access to high speed networking are huge – students can try things out, learn how to interact with networks that they will only be able to dream about in most workplace settings, and dream up new and innovative things that us workaday folks would never have the time nor imagination to come up with.
So from the point of view of those of us who provide networking and computing services to universities, the questions are always how to provide for the most benefit while minimizing the risk and doing it all at a reasonable cost.
Here at the UW we faced these issues in the student realm about five or six years back when the majority of our dorms got wired with ethernet. We spent a few quarters dealing with the increased issues of student-run ftp servers offering up all sorts of things all over the web (this was before the major advent of p2p file sharing), and we were trying to devise policies that minimized the risk to the institution and the cost of support, but did not involve us computing types in actually having to look at and make judgements about the validity of specific content.
We came up with a policy that allows students to have servers in the residence halls that are visible on the campus network, but not to have servers that are visible to the global Internet. That policy allows students to do plenty of learning and experimenting with new technologies, but limits the exposure and amount of support we have to give to the relatively small number of students that live on campus here (we have about 4,000 students living on campus, out of a total student body of around 39,000).
Students who are doing research projects in departments (like the Google and Yahoo examples quoted in Cory’s post) typically have machines hosted in the departments and have free access to the whole variety of high-speed networks provided to the University – see http://www.cs.washington.edu/research/systems.intro.html for some examples.
Then a couple of years ago we had to contend with the rise of p2p file trading – at that point we realized that something aroud 40% of the total off-campus bandwidth available to the University was being eaten up by the dorms, and that percentage was growing precipitously. Obviously we couldn’t let it get to a point where university researchers, faculty members, and clinicians in our medical centers couldn’t get the bandwidth they need for their work because students were using Kazaa (not to mention students doing legitimate research and academic work).
So we sat down in discussions with the Housing administrators and asked them if they were interested in paying to increase the amount of overall bandwidth for the University to accomodate this traffic. Logically enough, they told us that their goals are to keep the overall price of University housing as low as possible and they didn’t want to have to increase prices to pay for students to share music and movies.
At that point we brought in technology to limit the amount of bandwidth available overall to the dorms and to further limit the amount of bandwidth within that total cap that is available to the most popular p2p applications.
While those limits were not initially popular with students, I believe that most of them have resolved their issues with the caps – either by living within the caps or by finding workaround – at least the volume and frequency of complaints has certainly diminished.
So we continue to try to provide our students with the best networking we can, while living within the real-world constraints we all have to put up with. Make sense?
This posting of Cory’s has been picked up widely, and I for one think it does a terrible disservice to all of us in the higher ed IT support community.