0
Penguin

A Picture of the ‘Penguin’

Have you ever wondered how the E-Systems of the University of Nairobi are powered, supported and maintained? What is the supporting network infrastructure that allows these systems to even exist in the first place? If so, where are they housed and monitored?

On Monday May 12, 2025 a group of 24 first year BSc in Computer Science students made an extensive tour of the University of Nairobi Data Centre, a Tier 3 Data Centre designed for educational purposes.

The Data Centre has two custom-designed rooms: Training Room where presentations and conferences are held and the Server Room full of sophisticated networking devices and servers.

ICT Centre

The University of Nairobi   ICT Centre (https://ict.uonbi.ac.ke) has four sections as explained by the lead Network Manager Masila Lazarus:

  • Network Infrastructure Services (NIS)  – all about the backend and servers including the Data Centre)
  • Management Information Systems (MIS) – UoN SMIS and the financial systems the University uses.
  • User Support Services (USS) – provision of support to end users and delivery of end user services.
  • Communication Section – all about VoIP, and through this section, University of Nairobi Students received data bundles to attend online classes during the COVID period.

Some of the key staff of the NIS/Data Centre (who conducted the tour) include: Joram Kinuthia, Deputy Director in charge of entire NIS under which Data Centre falls; Masila Lazarus, the Network Manager; Fintan Kimani, System Administrator; George Ndegwa, Network Engineer; Everlyne Ojal, Network Engineer; Bob Ogola, Network Security; Tom Makau, Network Engineer; Maurice Mutua, Network Engineer.

The various sections of ICTC work collaboratively to deliver critical e-services to not just students, but lecturers, staff etc. But one thing is common, all these sections rely on the backend, the servers, where the data is.

It is also worth noting that Chiromo Campus is the main hub for all other campuses, VoIP services, network connectivity all stem from here, as the mother of all other campuses as it houses a lot of critical network infrastructure.

UoN Internet Service Provider (ISP) - KENET (Kenya Education Network)

KENET (https://www.kenet.or.ke/) which is Kenya's National Research and Education Network (NREN). KENET is licensed by the Communications Authority of Kenya (CA) as a not-for-profit operator serving the education and research institutions. Liquid Telecom is also a provider, only in terms of interconnectivity between campuses e.g. the fiber cables from Chiromo campus to Main campus. It is easier and financially reasonable for the University to lease these cables from Liquid Telecom,  a company licensed to lay fiber optic cables. KENET and Liquid Telecom have signed an agreement for a certain amount of bandwidth e.g. 300MBPS, 100MBPS, which depends on the size of the campus, which dictates its resource needs in terms of network connectivity.

Internet connectivity is received from the ISPs and distributed through fiber cables, ethernet cables (UTP) and wireless access points (WAP) to Chiromo campus and other campuses, this is to say, all campuses are interlinked in terms of network connectivity. For example, a student from Kisumu Campus makes a request, it could be for certain resources or to access certain apps/websites, this request is brought all the way to Chiromo Campus and authenticated, if it passes firewall checks, the student successfully gets what they requested.

A snapshot of Nagios
A snapshot of Nagios

 

 

Data Centre Service Monitoring

Nagios is the network monitoring tool the network engineers and administrators use to view live feeds of the status of connectivity in various campuses such as Main, Parklands, Lower Kabete, Mombasa,  Chiromo. Green areas mean connectivity is okay whereas red means there is an issue, probably with a Layer 3 Network Switch.
The network administrators and engineers work around the clock, to ensure there is constant connectivity throughout campuses, and they receive notifications on their phone when there is an issue that needs to be urgently addressed. Think of it this way, these systems power critical software infrastructure such as the exam platforms which UoN cannot afford to be down, especially during examinations. That would be catastrophic. The most common failure the Data Centre encounters is power. This is mitigated by the generator, which you have probably heard on several occasions. Indeed, while the generator was on but since not all parts of Chiromo are connected, we got to see live feed with the red areas in since some buildings had no power, hence no connectivity. However, for the server room, there can never be power outages, you can imagine, that would be disastrous, hence, the Data Centre has a UPS (Uninterruptible Power Supply) as a backup for the generator.

It is only fair to acknowledge the fault tolerance and redundancy of these systems by the UoN, from multiple cables and methods of routing traffic to and from campuses, backup power supplies and network engineers who are constantly on call, to ensure a fairly high percentage of uptime of all e-services.


The main network device in use is Layer 3 switches, that are not only switches, but also double as routers/WAPs whereas the main topology in use is star topology, and we were left with one take away question, why do you think the university uses star topology over ring topology?

A little about the firewall, we saw that the firewall isn’t just some online program/software that filters out unwanted traffic through preset rules. The Data Centre has physical firewall devices, but of course software is used hand in hand with this physical device. This firewall is the reason why you can not access gambling sites, play online games, stream movies online and watch inappropriate content. The network security team uses the firewall to decide what to filter out and what to give access to, with the content being categorized to make work much easier. Try it if you are skeptical. This is just a fraction of the security procedures implemented to prevent people with malicious intent from tampering with critical infrastructure. As the team describes it, the network procedures are like an onion bulb, each layer offering its various security features as you peel into the core. This is referred to as the Defense in Depth Strategy.

A picture of Firewall connections is shown below:

A pic of the ‘Penguin’
A pic of the ‘Penguin’

 

The penguin icons represent Linux which are mostly used to manage calls that are coming into and going out of (to other connected campuses of course) the Data Center.

The Server Room

The server room is highly temperature regulated hence it was extremely cold in there due to the multiple fans and ACs.

This room is highly secure and maintained, only 2 doors, opened through biometric authentication, so it’s not a matter of just anyone finding their way into it. Imagine someone accessing the school Data Centre. What a menace that would be!

There are no windows in the room, in order to prevent dust from contaminating the room and destroying the servers.
The floor is custom designed with a basement where all the power cables run through to reduce the load in the room. The servers are cleaned quarterly while the room is cleaned on a regular basis.

It is equipped with fire suppression equipment and smoke detectors in the case of a fire.

Editors:

  • Maina Kamau
  • Aneselmus Oyando
  • Nancy Luka
  • Purity Ogeke

Acknowledgment

An appreciation to our own Professor Moturi who arranged the Data Centre Tour and was present throughout

Relevant Links:
https://www.uonbi.ac.ke/content/information-communication-technology-center-ict
https://ict.uonbi.ac.ke/

https://www.kenet.or.ke/

 

© University of Nairobi 2025.  All rights Reserved.