Building Corporate Data Networks – A Case Study

Download Report

Transcript Building Corporate Data Networks – A Case Study

Building a Corporate Network – A Case Study
Objectives
• At the end of this case study you will be able to
– Transfer a business communication requirements into a
data network requirement
– Describe the primary components that constitutes a data
network
– Identify the basic elements of LAN, WAN and Security sub
systems
– Prescribe a high level network structure for a generic
corporate data network
Acme Corporation
• Acme Corporation is a multinational organization who has two of their
manufacturing plants in Sri Lanka. They produce automobile tires for
export and local market. The main factory and head office is located at
Kelaniya and another factory at BOI zone, Katunayake. They have a
warehouse at Peliyagoda and a raw material store at Thalawakale.
Acme Corp need to build a data network to deploy their new ERP
(Enterprise Resource Planning) application. The Katunayake factory and
Peliyagoda warehouse are to be connected online to the head office and the
raw material store is to be connected for batch processing via a dial up
facility.
In addition they need to have Internet connectivity, a local web site and
E-mail service for their staff. Staff from corporate head quarters (abroad)
and telecommuters in Sri Lanka need to gain access to Acme Corp network
for various activities. Data and network security are concerns of the
network administrator.
Acme Corporation (Cont’d)
Warehouse
(Peliyagoda)
Branch Factory
(BOI Zone - Katunayake)
Raw Material Stores
(Thalawakale)
Internet
Head Office / Main Factory
(Kelaniya)
Telecommuters
Mobile Users
Network Elements
•
User and server local connectivity at head office, branch, warehouse and store
–
–
•
Wide area interconnectivity
–
–
•
Remote access server
Modems
Telephone lines
Wireless connectivity at head office
–
•
Firewall
Virtual Private Network (VPN) device
Telecommuting
–
–
–
•
Router
Internet connection from as Internet Service Provider (ISP)
Security
–
–
•
Routers
Links from a network service provider
Internet connectivity
–
–
•
Network switches and devices
Cabling infrastructure (copper/fiber)
Wireless access point
Network address planning
Branch LAN
Branch Factory
10/100 Base-TX
Warehouse
10/100 Base-TX
Stores
10/100 Base-TX
• Branch, Warehouse & Stores LAN Devices
– 10/100 Base-TX Autosense Ethernet Switch - 03 nos.
– Copper (UTP) Cable plant at all 03 locations
Head Office LAN
Network Printer
Wireless
Access Point
Floor 3
ERP Server and other
shared Resources
Mobile Users
10/100 Base-TX
Floor 2
Optical Fibre
Uplinks
100 Base-FX
10/100 Base-TX
Floor 1
10/100 Base-TX
Head Office LAN (cont’d)
• Head Office LAN Components
– 10/100 Base-TX Autosense Ethernet Switch – 03
nos.
– Optical fiber transceivers – 4 nos.
– Wireless Access Point – 1 no.
– Copper (UTP) / Fiber Cable plant
Wide Area Network
Branch Factory
Router
Head Office
DSU/CSU
Ethernet
Modem
Leased Line
DSU/CSU
Router
DSU/CSU
Warehouse
Router
Modem
Modem
PSTN
DSU/CSU
Ethernet
Modem
Ethernet
Stores
Router
Modem
Ethernet
Wide Area Network (cont’d)
• WAN Components
– Routers – 4 nos.
– DSU/CSUs – 4 nos.
• (Digital Service Units/Channel Service Units)
– Modems (synchronous) – 5 nos.
– Leased Lines – 2 nos.
• Head Office ↔ Branch Factory
• Head Office ↔ Warehouse
– PSTN Links (Telephone lines) – 5 nos.
•
•
•
•
Head Office – 2 nos.
Branch Factory – 1 no.
Warehouse – 1 no.
Stores - 1 no.
WAN Connectivity Options
• Leased Links / Clear Channel Circuits
–
–
–
–
–
–
–
–
Dead copper loops
Active copper loops
Microwave point-to-point links
Microwave point-to-multi point access system
PDH/SDH* transmission networks
Satellite links
Dark fiber loop
Free space optics (laser)
• Public Switched Data Networks
– Frame Relay
– ATM
• Public IP Backbone
– Multi Protocol Label Switching (MPLS) IP backbone
– VPN over Internet
– Packet over SONET/SDH
PDH – Pleisiochronous Digital Hierarchy
SDH – Synchronous Digital Hierarchy
WAN Data rates
• Link speeds
–
–
–
–
–
–
–
–
–
–
DS0 - 64 kbps
128 / 256 / 512 / 1024 kbps
E1 – 2 Mbps
E3 – 34 Mbps
OC-3c / STM-1 – 155 Mbps
OC-12 / STM-4 – 622 Mbps
OC-48 / STM-16 – 2.488 Gbps
Gigabit Ethernet – 1,000 Mbps
10 Gigabit Ethernet - 10 Gbps
Fiber Channel – 2 Gbps
Uses OSI Layer 2 Framing
Protocols
Dial-up Services
• Dial Backup
– to recover from failed links
• Dial on Demand
– to provide on demand access and disconnect while
idling
• Bandwidth on Demand
– to provide increased bandwidth during congestion
• Options
– PSTN – Public Switched Telephone Network
– ISDN – Integrated Service Digital Network
14
Internet Connectivity
Unprotected Network
De-militarized Zone
Secure Network
Web Server and
Mail Server
Internet
VPN Gateway
ISP
ERP Server and other
shared Resources
DSU/CSU
Router
Firewall
10/100 Base-TX
Downlinks to
and 1st Floors
2nd
To Router
Firewall Security Policy
Web Server and
Mail Server
Internet
VPN Gateway
ISP
Incoming Web, Mail
VPN connections
Web, Mail server
connections
Outgoing
Mail
DSU/CSU
Router
ERP Server and other
shared Resources
Firewall
Corporate users’ Internet Access
No access
To Router
Downlinks to
2nd and 1st Floors
Secure Access to ERP Server
Client at Headquarters
Internet
Web Server and
Mail Server
• Encrypted
• Authenticated
• Authorized
• Accounted
…. access only.
VPN Gateway
ISP
ERP Server and other
shared Resources
DSU/CSU
Router
Firewall
To Router
Downlinks to
2nd and 1st Floors
Internet and Security
• Internet connectivity
– Router – 1 no.
– DSU/CSU – 1 no.
– ISP connection – 1 no.
• Security
– Firewall – 1 no.
– VPN Gateway device – 1 no.
Remote Access Service
Remote Access Server
Home User
PSTN
Modem Pool
Ethernet (DMZ)
RAS Components
Remote Access Server – 1 no.
Modems (Asynchronous) – 4 nos.
PSTN (telephone) lines – 4 nos.
Notebook
Computer
Complete Head Office Network
DSU/CSU
Router
Leased Line
DSU/CSU
PSTN
Modem
Modem
Internet
ISP
Web Server and
Mail Server
VPN Gateway
ERP Server and other
shared Resources
Modem Pool
Remote
Wireless
Access Point Access
Server
DSU/CSU
Router
Mobile Users
Firewall
Bill of Material
Head Office
Branch
Warehouse
Store
Total
Ethernet Switch
3
1
1
1
6
Optical Transceivers
4
Router
2
1
1
DSU/CSU
3
1
1
Modem (Sync.)
2
1
1
Remote Access Server
1
1
Modem (Async.)
4
4
Firewall
1
1
VPN Gateway
1
1
Wireless AP
1
1
Cable Plant

4


1
5
5
1

5

Summary
•
•
•
•
•
•
Business requirement
Network requirement
Local area network
Wide area network
Internet connectivity
Firewall and VPN
Thank you