ECE provides wired computer network access throughout departmental office space. This is a large and complex network with dual homing on the UofT backbone, routers, gateways and switches serving over NN rooms in Bahen, GB, SF, Pratt, Engineering Annex (and a few locations elsewhere).

In designing our network we have accommodated professors' requests for a range of flexible connectivity options. Some professors have opted to manage their own networking including IP address space, DNS, and optionally self-managed firewall and/or DHCP ('tier 3'); others have asked our department staff to manage all these aspects of their networking ('tier 1' and 'tier 2'). A few professors have entered into industry partnerships whose terms require special network configuration to ensure compliance with non-disclosure agreements ('private networks'). PCs on a private net have limited network access, only through a staff-administered (tier 1) gateway PC.

As well, computers linked to the network may be assigned either to be user-managed, or administered exclusively by our department support staff. We use VLANS - virtual LANs - to manage connectivity between computers on the same support tier. For better security, we isolate staff-administered computers and networks from user-managed ones:

• Tier 1 connects staff-administered Windows and Linux desktops and servers;
• Tier 2 connects all user-administered PCs and servers that rely on staff-administered firewall, DNS and DHCP;
• Tier 3 provides unmanaged access to UofT's backbone for specific professors, with all aspects user-administered (IP space, DNS, firewalling)