Building Corporate Data Networks A Case Study Delivered
Building Corporate Data Networks – A Case Study Delivered at Institution of Engineers, Sri Lanka - Saparagamuwa Provincial Center 31 st March 2005
2 Objectives ~At the end of this case study you will be able to ð Transfer a business communication requirements into a data network requirement ð Describe the primary components that constitutes a data network ð Identify the basic elements of LAN, WAN and Security sub systems ð Prescribe a high level network structure for a generic corporate data network
3 Acme Corporation ~ Acme Corporation is a multinational organization who has two of their manufacturing plants in Sri Lanka. They produce automobile tires for export and local market. The main factory and head office is located at Kelaniya and another factory at BOI zone, Katunayake. They have a warehouse at Peliyagoda and a raw material store at Thalawakale. Acme Corp need to build a data network to deploy their new ERP (Enterprise Resource Planning) application. The Katunayake factory and Peliyagoda warehouse are to be connected online to the head office and the raw material store is to be connected for batch processing via a dial up facility. In addition they need to have Internet connectivity, a local web site and E-mail service for their staff. Staff from corporate head quarters (abroad) and telecommuters in Sri Lanka need to gain access to Acme Corp network for various activities. Data and network security are concerns of the network administrator.
4 Acme Corporation (Cont’d) Warehouse (Peliyagoda) Branch Factory (BOI Zone - Katunayake) Raw Material Stores (Thalawakale) Internet Head Office / Main Factory (Kelaniya) Telecommuters Mobile Users
5 Network Elements ~ User and server local connectivity at head office, branch, warehouse and store ð Network switches and devices ð Cabling infrastructure (copper/fiber) ~ Wide area interconnectivity ð Routers ð Links from a network service provider ~ Internet connectivity ð Router ð Internet connection from as Internet Service Provider (ISP) ~ Security ð Firewall ð Virtual Private Network (VPN) device ~ Telecommuting ð Remote access server ð Modems ð Telephone lines ~ Wireless connectivity at head office ð Wireless access point ~ Network address planning
6 Branch LAN Branch Factory Warehouse 10/100 Base-TX Stores 10/100 Base-TX ~ Branch, Warehouse & Stores LAN Devices ð 10/100 Base-TX Autosense Ethernet Switch - 03 nos. ð Copper (UTP) Cable plant at all 03 locations
7 Head Office LAN Network Printer Wireless Access Point Floor 3 ERP Server and other shared Resources Mobile Users 10/100 Base-TX Floor 2 Optical Fibre Uplinks 100 Base-FX 10/100 Base-TX Floor 1 10/100 Base-TX
8 Head Office LAN (cont’d) ~Head Office LAN Components ð 10/100 Base-TX Autosense Ethernet Switch – 03 nos. ð Optical fiber transceivers – 4 nos. ð Wireless Access Point – 1 no. ð Copper (UTP) / Fiber Cable plant
9 Wide Area Network Branch Factory Router Head Office DSU/CSU Ethernet Leased Line Modem DSU/CSU Router DSU/CSU Warehouse Router Modem PSTN DSU/CSU Ethernet Modem Ethernet Stores Router Modem Ethernet
10 Wide Area Network (cont’d) ~ WAN Components ð Routers – 4 nos. ð DSU/CSUs – 4 nos. w (Digital Service Units/Channel Service Units) ð Modems (synchronous) – 5 nos. ð Leased Lines – 2 nos. w Head Office ↔ Branch Factory w Head Office ↔ Warehouse ð PSTN Links (Telephone lines) – 5 nos. w w Head Office – 2 nos. Branch Factory – 1 no. Warehouse – 1 no. Stores - 1 no.
11 WAN Connectivity Options ~ Leased Links / Clear Channel Circuits ð ð ð ð Dead copper loops Active copper loops Microwave point-to-point links Microwave point-to-multi point access system PDH/SDH* transmission networks Satellite links Dark fiber loop Free space optics (laser) ~ Public Switched Data Networks ð Frame Relay ð ATM ~ Public IP Backbone ð Multi Protocol Label Switching (MPLS) IP backbone ð VPN over Internet ð Packet over SONET/SDH * PDH – Pleisiochronous Digital Hierarchy SDH – Synchronous Digital Hierarchy
12 WAN Data rates ~Link speeds ð DS 0 - 64 kbps ð 128 / 256 / 512 / 1024 kbps ð E 1 – 2 Mbps ð E 3 – 34 Mbps ð OC-3 c / STM-1 – 155 Mbps ð OC-12 / STM-4 – 622 Mbps ð OC-48 / STM-16 – 2. 488 Gbps ð Gigabit Ethernet – 1, 000 Mbps ð 10 Gigabit Ethernet - 10 Gbps ð Fiber Channel – 2 Gbps Uses OSI Layer 2 Framing Protocols
13 Dial-up Services ~Dial Backup ð to recover from failed links ~Dial on Demand ð to provide on demand access and disconnect while idling ~Bandwidth on Demand ð to provide increased bandwidth during congestion ~Options ð PSTN – Public Switched Telephone Network ð ISDN – Integrated Service Digital Network
14 Internet Connectivity Unprotected Network De-militarized Zone Secure Network Web Server and Mail Server Internet VPN Gateway ISP ERP Server and other shared Resources DSU/CSU Router Firewall 10/100 Base-TX Downlinks to 2 nd and 1 st Floors To Router
15 Firewall Security Policy Web Server and Mail Server Internet VPN Gateway ISP Incoming Web, Mail VPN connections Web, Mail server connections Outgoing Mail DSU/CSU Router ERP Server and other shared Resources Firewall Corporate users’ Internet Access No access Downlinks to 2 nd and 1 st Floors To Router
16 Secure Access to ERP Server IPSec ‘Tunnel’ for secure communication Client at Headquarters Internet Web Server and Mail Server • Encrypted • Authenticated • Authorized • Accounted …. access only. VPN Gateway ISP ERP Server and other shared Resources DSU/CSU Router Firewall Downlinks to 2 nd and 1 st Floors To Router
17 Internet and Security ~Internet connetivity ð Router – 1 no. ð DSU/CSU – 1 no. ð ISP connection – 1 no. ~Security ð Firewall – 1 no. ð VPN Gateway device – 1 no.
18 Remote Access Service Remote Access Server Home User PSTN Modem Pool Ethernet (DMZ) ~RAS Components ð Remote Access Server – 1 no. ð Modems (Asynchronous) – 4 nos. ð PSTN (telephone) lines – 4 nos. Notebook Computer
19 Complete Head Office Network DSU/CSU Router Leased Line DSU/CSU PSTN Modem Internet ISP ERP Server and other shared Resources Web Server and Mail Server Modem Pool VPN Gateway Wireless Access Point Remote Access Server DSU/CSU Mobile Users Router Firewall
20 Bill of Material Head Office Branch Warehouse Store Total Ethernet Switch 3 1 1 1 6 Optical Transceivers 4 4 Router 2 1 1 1 5 DSU/CSU 3 1 1 5 Modem (Sync. ) 2 1 1 1 5 Remote Access Server 1 1 Modem (Async. ) 4 4 Firewall 1 1 VPN Gateway 1 1 Wireless AP 1 1 Cable Plant ü ü ü
21 Summary ~Business requirement ~Network requirement ~Local area network ~Wide area network ~Internet connectivity ~Firewall and VPN
22 Thank you
- Slides: 22
