This is definitely the best deal available in most areas today. For about $1,500 per month, a T-1 line provides 1.5-megabit/s service (in both directions at once). This is about 45 times faster than a 33.6-kbps modem, but that's a little misleading.
A T-1 line is fast enough to support well over a hundred casual users at average speeds well over 33.6 kbps because of an effect known as statistical multiplexing. When a large number of users share a single communications channel and each user has random usage patterns, each user appears to have a disproportionate share of the channel.
For most people, Internet usage is very bursty-- occasional heavy use and long periods of inactivity. The result is a low average demand for bandwidth. The more users you have in proportion to the speed of the channel the stronger this effect is. Here at Toscana, it seems like I almost always get most of the theoretical peak bandwidth; downloads usually measure over 1 megabit/s.
Professional users are another matter; a T-1 line is only barely fast enough for a moderately popular commercial Web server. If you need to have T-1 speeds available all the time, then you can't afford to share it with anyone and Toscana's solution isn't for you.
Given that Toscana was sharing a single Internet connection between multiple apartments, this was almost a no-brainer of a decision. There aren't many alternatives to 10Base-T Ethernet when you're trying to provide fast Internet access to a large number of nodes in one building. There are some possible options like wireless LANs, serial connections, or lower-speed LANs that might be cheaper to install, but nothing beats the price/performance of 10Base-T.
There are lots of options here, but let's face it, Cisco dominates the commercial LAN industry. The Toscana setup is just about perfect from an equipment standpoint-- a centralized equipment room with the T-1 connections, firewall, and a switch to connect the firewall to each building in the complex via fiber-optic cables. In each building there's another Cisco switch (a smaller Catalyst model) that connects between the fiber optics and the 10Base-T Ethernet cables that go to each apartment.
Using switches instead of cheaper hubs means that each apartment sees only its own traffic, not all the Internet activity of the other tenants in the same building or the whole rest of the complex. This is a big plus for privacy.
Toscana is managed by Bay Apartment Communities (BAC), a company that has been very successful in managing a lot of apartments. There's no particular reason why the MIS department of an apartment-management company should be any good at being an Internet service provider, though. It's difficult even for Internet professionals; experience processing rent payments and the company payroll just doesn't mean much.
Toscana was clever enough to figure this out, at least partially, so it arranged to get help from Pacific Bell Internet. PBI is already an ISP, serving many local commercial accounts and end users in this area; it took advantage of this experience in specifying and setting up the Toscana network. PBI doesn't work for free, of course. I don't know anything about the financial relationship between BAC and PBI, but I suspect PBI gets the lion's share of the $100/month Internet access fee we pay.
...Or to be more precise, that we'll eventually pay. There have been a lot of delays and problems with the service (as detailed in the Upside article), and after paying for two months of Internet service they refunded our $200 and we haven't had to pay anything for the last few months. I can't really complain about getting T-1 Internet access for free. :-)
Ordinary computer users don't think about computer security because they usually don't need to. Most PCs aren't normally connected to any sort of network, and even when they're on the Internet they're protected against external access. Conventional Internet accounts are one-directional, in a sense-- you can initiate a connection out to a remote Web server, but others can't initiate a connection to your machine. Data flows both ways, of course, but your machine only accepts a transfer if a program is expecting it.
Toscana's normal configuration works the same way, providing effective protection against external attack by allowing internal requests to leave the complex but keeping unexpected transfers out of the local network. The firewall even translates the Internet addresses used inside Toscana into a single address for all outside transactions. The outside world never sees our internal addresses, so it's impossible to direct an attack against any one tenant's machine. This is a good thing-- within limits.
Home | Ideafiles | Opinion | Toscana | Photography | About the Author | Sitemap
If you have comments or suggestions, please email me at png@ideaphile.com.
All content copyright 1996-1999 by Peter N. Glaskowsky. All rights reserved.