Embed Size (px)
Citation preview
Networking Written Proposal
A product of…
Ed AllenJustin Caldwell
Louis Maccarone
Table of Contents:------------------------
Contents
Introduction
Top-Down Analysis
Outside Connections
Sales, Accounting, and Inventory Introduction
Sales Specifics
Accounting Specifics
Inventory Specifics
Power Failure Addition
Network Security
Network Management
Putting It All Together
Conclusion
Cost Analysis
Network Design Map
Introduction
Our network is designed to best allow the business to work and communicate; that
is, it was designed with the business need in mind and according to the top-down model.
Moreover, we have tried to create a proposal that meets the following criteria: it must be
cost-effective; it must be reliable, it must be simple, and also must be easy to upgrade.
Security has been another of our concerns, though this is oftentimes more a function of
software than hardware. We understand that a business’ primary objective is to make a
profit, and so have aimed to keep the total cost of the upgrade hardware near $20,000,
including the telephone system, servers, and workstations that need to be added. We feel
there is no better mix of technology for your business. So, with these points in mind,
please continue onwards as we outline our network design.
Top-Down Model Analysis
Business:
This company needs to connect all of its computers together so they can better
communicate. This will allow for increased productivity, and so generate more revenue
for the business. They also require a web server which will host their web presence, and
some way to remotely access their business data.
Application:
Servers will run a Unix derivative; Apache will serve the website. Samba will allow
access to our shared resources, letting different departments work together. Individual
workstations may run a version of Windows, or a propriety operating system which can
communicate with our data servers. MySQL will be our database solution. We will also
need a variety of other software; network monitors, an SNMP management system, e-
mail servers and clients, plus the independent software suites the individual departments
utilize to do their jobs.
Data:
A variety of database exchanges, transaction processing information, inventory data,
payroll, customer information, etc. In addition, we will have network management data
which can be sent to a webpage or e-mailed to an IT department. This means that there
will also be web traffic and e-mail data. There may also be other network transfers
specific to each department’s application needs.
Network:
Our network requirements state that all computers must be able to communicate. With
this in mind, the Ethernet network is connected by a switch, letting all the machines in
each department communicate. A router connects to the switch so that the network can
access the ISP and the Internet through a T1. Indirectly, the other network in Inventory
can access the other two through the Internet with its DSL connection through VPN.
Various dial-up modems allow for remote access.
Technology:
Our network is the backbone of business operations. Without it, there would be no way
to efficiently communicate. Switches, Ethernet networks, high-speed Internet
connections, and professional-level servers all combine for a powerful and robust
network solution. It can interface with any type of software just as easily as any other
technology, and allows for easy expansion and upgrades. Because our design uses
(higher-end) industry standard methods, it can more than satisfy all business needs.
Technologies we use include Dell servers, VoIP, Ethernet, remote access, T1, DSL,
IPSec, Apache, Samba, VLAN, and SNMP.
Outside Connections
There is a wide range of business needs that must be met with this network, and
so there are a variety of technologies that will be employed to get it wired. This
network’s connections to the outside world consist of a dedicated T1, a business DSL,
and several 56k modems. Each of these were been selected for their particular
application based on their bandwidth, reliability, security, and capabilities. All of the
separate sub-networks are connected either physically or via the Internet, allowing them
to communicate with varying levels of security.
The main Internet connection is the dedicated T1 line that runs from our Internet
Service Provider to the Sales department. Sales will serve as the network headquarters of
our business. A T1 was chosen because of its high level of reliability, its ability to carry
both voice and data, and its bandwidth. There were other types of connections that could
have been considered, such as a business DSL or T3, but the T1 provides the most
affordable and balanced solution. Moreover, 56k modems in the Sales file server allow
for data access both by remote users, and to the Inventory department. Using these
modems, we can bypass the Internet completely, and so have a much secure connection
for important data. Moreover, these modems allow for backup connections in the event
of a failure of the T1, or the DSL at Inventory.
While the Sales and Accounting departments are part of the same network,
Inventory is not in the same location, and so cannot share their connection. For
Inventory, we have chosen a business DSL connection. This offers the best
price/performance ratio, performing on par with a T1 for a fraction of the price.
However, reliability is an issue with a DSL, so we have included a backup 56k for dialing
Sales.
Here we must also mention our web server at our Internet Service Provider. We
have chosen to co-locate the server on the ISP’s backbone, allowing us greater
bandwidth, as well as support functions from ISP technicians. This means the web server
will be more reliable and need less support from outside consultants. Our ISP will also
help salespersons in the field to remotely connect to our network by allowing them to dial
into their modem pool and access our resources via the Internet.
Sales, Accounting, Inventory Introduction
A few assumptions were made to determine the design of a cost effective,
efficient, upgradeable, and reliable network configuration of the sales, accounting and
inventory departments. The first assumption is that the accounting and sales departments
are located in the same office space. Next it was assumed the inventory department was
located in some type of storage warehouse far from the offices space of sales and
accounting but within the radius of the local ISP serving the sales and accounting offices.
Finally it will be assumed that there is no current IT department staffed for in-house
support of the current network configuration. ABC Sporting Goods is in need of a
redesign of its current network implementation. Restructuring the entire voice/data
infrastructure will provide the most cost effective, efficient and upgradeable network
configuration to meet the continually growing needs of ABC Sporting Goods.
Sales
The sales department will receive five new Dell Dimension 2300 P4 PC’s, which
will run a Windows based operating system to allow for easy training and program
manipulation for new sales employees. The computers will be networked by Ethernet
technology to provide a robust and inexpensive network. The Ethernet network will also
be attached with the sales DELL PowerEdge 2600 Xeon server and HP LaserJet 2300DT
network printer. The HP network printer allows for each client in the sales department to
print to the printer via TCP/IP or optionally through a print server on the DELL sales
server. A 3com SuperStack3 3300TM switch will provide the network connectivity
between the server, printer and client workstations. This connectivity will also allow for
each office to use the Internet, because the switch will be attached to our Cisco 1760
router. The router has onboard VPN tunneling, firewall, IP Sec, and a CSU/DSU. If the
Internet connection were to fail or if our switch were to go down our sales server will still
have the ability to talk to inventory because we have installed a redundant analog phone
line. The telephony solution for the sales department can be utilized two ways. The first
is using the 3Com NBX pcXset Client Software on the sale’s client workstations or by
purchasing physical 3com Voice over IP (VoIP) business class telephones. The software
solution allows the business to alleviate the cost of a physical IP phone. Employees can
then utilize an easy to use computer program to control all voice and fax transactions that
might be necessary. The only problem is in the case of a nonfunctioning workstation the
employee is unable to continue voice communications that can be accomplished with a
standard analog phone even during times of power outages. A better solution would be to
purchase the 3com 1105 IP phones. These phones would then connect via a standard
Ethernet cable to a 3com Ethernet Power Source (EPS) to provide continuous DC power
through the unused copper wires while still allowing for VoIP communications. The 12
port EPS can be uplinked to the central 3com switch to provide connectivity to the 3com
NBX 25 telephony device. The 3com NBX 25 provides numerous solutions and includes
many standards to accomplish VoIP, voice mail, speech recognition, conference calling,
call-forwarding, least cost routing, and many add in and expandability options.
Accounting
The accounting department currently has seven computers, a file server and a
printer. The first step to providing a better solution for internet and interoffice
communications is to replace the token ring network with today’s’ popular and
inexpensive Ethernet technology. This type of network is very cheap and easy to
manage, allowing for easier troubleshooting in case of network failures. The existing
Network Interface Cards (NIC) used for the token ring will need to be replaced with
inexpensive Ethernet NICs. Making the printer available on the network is a must,
whether purchasing a similar printer as sales or buying a jet direct card to allow for the
printer to work separately from any computer. The PC’s will connect to the 3com Super
Stack3 switch, the same that the sales department is connecting to. The purchase of IP
phones will be necessary to adequate telephony solutions for the thriving business. The
IP phones will be directly connected via a standard Ethernet cable to the 3com EPS to
provide both power and voice communications.
Inventory
The Inventory department is geographically separate from Sales and Accounting.
Inventory Control has an Ethernet LAN consisting of six computers, a file server, and a
printer. We have left Ethernet in place, as this matches the rest of the networking in the
business. A business DSL line connects our virtual network across the internet. This is a
SpeakEasy 768k/768k Business DSL line that only costs us about $250/month. Using
this high-bandwidth connection, the inventory control center will be able to able to access
data from the Accounting and Inventory servers to support Sales.
DSL comes in to the DSL modem, and then moves to our Linksys router with
integrated firewall. Next data travels to our 24 port 3Com SuperStack 3 3300TM switch.
This switch supports VLAN, SNMP, RMON, Gigabit, and is stackable. The server
contains a 56k modem, affording us a redundant and secure connection to Sales. An HP
2200DT Ethernet printer allows for printing. Several standard analog phone lines serve
for telephony, since telephone usage will be limited in the Inventory area.
This setup best meets the business needs for these following reasons. To start, it
is cost effective, the DSL line will be able to use the existing installed telephone cabling
with the assistance of filters provided by the ISP. The DSL, in combination with a 56k
backup link, gives us reliability. It is a very simple design, and could be considered the
industry standard for this type of network. The advanced switch is perhaps beyond what
is required, but is well worth the extra cost. This solution is also easily upgradeable to
allow for many more workstations.
Power Failure Addition
The servers are going to be put into a rack system using a shelving system.
Switches and router along with the NBX 25 and EPS will be mounted as well. A
Powerware 2kVA UPS will provide the continuous power for each device in the case of a
power outage. Servers will be shutdown 15-30 min after power outage and the capacity
of the UPS will allow for an estimated 2 to 4 hours of uptime for the NBX 25, internal
switch and EPS. This added system gives our the network added data reliablility and also
allows for business to continue in the event of a power failure.
Network Security
Assets- To begin to make sure your network is secure you must know what needs
to be secure. By assessing ABC Sporting Goods we have found several assets that need to
be secure. Some assets need to be secure from customers or intruders from outside the
network and assest must also be safe from those inside the network. The assets that we
have found are customer information, employee information, sales information, and
accounting information. Customer information needs to be safe because it includes credit
cards and other pertinent financial information. Employee information is also important
because it contains social security numbers and evaluation records. Sales information is
also important to keep safe, the competition could want to break and and see how you are
doing financially. Accounting information is important as well because it deals directly
with payroll, insurance, and the business finances. If a security break were to occur here
the results could be disasterous.
Threats- Threats to our assets can come from many different directions. Outside
sources pose the biggest threat to our system. These threats are both natural and
man-made. A fire at the ISP or a line outage could upset traffic. Also a flood or fire could
render our servers and computers useless and all data could be lost. People could try to
hack into the network to get at our assets. These hackers could be kids trying to mess
around or another company trying to steal information. Employees also pose a threat.
They could pose a threat to the company and not even know it due to their lack of
knowing the procedures or just being lazy on the job and not following policy to the tee.
Employees could also try to disable the network or get into sensitive data which is always
a threat.
Vulnerabilities- Our network vulnerabilities begin internally. The employees have
the easiest access to the network. They are ultimately the people with the easiest access to
the network and its asssets. Outside connections using the modem pool can also show us
a point of vulernability. Without good authorization measures a hacker could get in this
way. The web presence is also a vulnerability. Hackers could go behind the website and
expose information that is sensitive.
Risks- Risks are the probablility of an attack. This will never be an exact science
and is only a calculated guess as to the factors involved in a attack. The ability to assess
risk is the ability to decide how vulnerable the assets are to threats. By figuring out this
amount of vulnerablity associated with each asset you can make a good decision on what
is more important. We feel that the employee information and accounting had the highest
risk. These are both areas where people can profit the most from the information.
Protective Measures- The protective measures we will employ in our network
should allow us to cut down the amount of risk involved and remove most of our threats
to protect our assets. The protective measure we will employ include the use of
encryption on all sensitive data. This can even be applied to emails that are secret and top
secret. This allows others outside the network to have a tougher time gathering
information. Intrusion detection would also be implemented so that those who do get into
the network are monitored. That way we know what they wanted and are able to better
assess our vulnerabilities. Firewalls and IPSec would also be installed. This would keep
most hackers at bay in order to not get into our network from the outside. The firewalls
and IPSec will be handled by our routers which include this feature. Virus protection
would also be used throughout our network so that the servers or workstations could not
be infected purposely or by accident. Authentication would also be employed so that only
those who need to access certain features would be able to. Also those connecting in from
the outside through the modem pool would be authenticated in order to not allow the
unauthorized easy access.
Network Management
Fault Management To manage the occasional network hicup and problem we
have institued a system for which to deal with them quickly and efficiently. The system
starts out by making sure that the network is monitored around the clock in order to fix
problems that may arise outside of the normal business hours. If a problem were to occur
at any time it is to be logged and a solution found. Their will also be diagnosis of the
problem to find out what caused the problem initially. We will also make sure that the
network runs efficient and timely error recovery processes in order to minimize network
down-time. We also feel the introduction of a system that the network users could use to
post complaints or problems with the network would be very effective. This would allow
us to more easily assess problems with the network and implement new solutions.
Configuration Management Configuration for the network comes in many
different forms. In order make sure that the configuration is handled in a secure manner
as to not disrupt network traffic and integrity there needs to be control of who and when
the network may be configured. Updating of the configuration must be controled in order
to not allow users to due harm to the network. This would be handled by secure logins
allowing only those who need access to the network configuration. Remote configuration
must also be available incase configuration were needed to accessed from afar. This too
would be only available to those who needed the access. In order to have current and up
to date network configuration information we will institute a network component
inventory system which will have a detailed description of each component. This would
allow for network admins and those working on the network to know exactly what they
were dealing with. They could at a moments notice be able to look up any and all
information about a specific piece of hardware. This inventory would allow for a greater
knowledge base of the network and allow for more efficient configuration for those
involved.
Performance Management Performance management is all about monitoring of
the network to view how well it functions. To manage the performance of the network
you must be able to monitor the network. This monitorization of system and network
performance allows you to make informed decisions about upgrades and the quality of
service your network is delivering. Performance management also makes sure that
bottlenecks found while monitoring the network can be resolved. The shifting of
bottlenecks is a very important issue which if done correctly can make your entire system
work more efficiently. Performance management also helps in the performance planning
for the future of the network. Trends can be seen by processing network performance
data and can help to forecast improvements and possible diasters that a network might
have. The forecasting of improvements can be a real tool in this age of quick technology
upgrades and market competition. If you fall behind because your network cannot handle
the load of your business traffic your profits will also feel the loss of efficiency.
Security Management Security management is a very important part of
managing any business network. To make sure that security problems are not an issue in
our network we will have a firewall for all incoming connections and secure logins for
those using the internal network. This should cut down on most security breaches. These
measures are sometimes not enough though. Constant network monitoring for security
purposes would also be included in our system. The security program would be able to
detect and track any intrusions into the networks that were malicious. Monitoring of all
traffic from inside the company network would also be monitored in order not allow
employees to gain access sensitive data such as payroll. Encryption would also be widely
used on our network in order to allow for an even higher level of security. Encryption
could be used in everything from emails to data on the file server.
Accounting Management Accounting management is all about the process of
information. This processed information comes out as network statistics. These statistics
allow for great network operation information. The statistics will be derived from the
network performance software discussed earlier. The statistics will report the network
usage quotas and statistics for our entire network. This with the performance
management will allow us to easily view where and when the marjority of traffic occurs
and help better distribute our resources. By being able to actively monitor network usage
and problems that occur you will be able to run a more efficient network.
Putting it all Together
So far we have discussed each division of the network that is to be created for
ABC Sporting Goods. The accounting, sales, and inventory networks have been
thoroughly discussed as to give you a good idea of how they will function. However,
these networks are negligible unless they are properly connected to each other. The
connections of these networks will allow your entire business to function more efficiently
and effortlessly. This will allow you to better change with the times and accommodate
new trends as well as communicate more effectively. Our goals when designing this
network were to make it very simple, upgradeable, cost effective, and reliable. We also
wanted to take your goals in mind as well. The business goal originally was for the
business to be linked together to communicate, have a web presence, and allow sale
persons to access the network remotely. In our eyes we have met of these goals with a
robust new network.
To begin the connections of these three networks we wanted to make sure it
would be simple. There is nothing more frustrating to fix, update, or reconfigure than a
needlessly complex computer network. For accounting and sales to communicate readily
we connected the two via a 3Com SuperStack 3 switch that uses a VLAN to
communicate acrsoss a single switch. This allows us to cut cost by purchasing only one
switch instead of using two. Switches are intelligent connection hardware, which allow
for efficient data transfer between the computers on the network. The connection between
accounting and sales will be 100 megabit/sec, which should be more than enough
bandwidth for the business need. The switch is attached to a Cisco 1760 router. Our
router connects the switch to our T1 line from the ISP. The router, which has been
discussed previously will be very robust and allows for easy network management, the
use of a firewall, and contains its own CSU/DSU along with VPN tunneling capabilities.
For our sales and inventory teams to communicate, Inventory has a business DSL
connection to the Internet. In addition, we have connected a redundant 56k connection in
case of a Internet connection outage. We will have a VPN set up between Sales and
Inventory in order to communicate data between the two. Both our Cisco and Linksys
routers have VPN capabilities along with firewall support, this will allow for a secure
connection between each department. The sales force away from the company can also
connect very easily via 56k modems provided by the ISP. These are dialup lines that
would use a 1-800 number so that they can be reached from any location. All of the
connections have been made so that the network will be very easy to upgrade.
When the time comes for ABC Sporting Goods to expand the network it is ready
to do so. All of the choices in this network were created so that an easy and timely
upgrade can be performed. If the amount of computers in sales, accounting, or inventory
increases beyond the capacity of the current switch more switches can be added along
with a larger router. More switches can be added because the SuperStack3 is a stackable
switch so others like it can simply plug in and go. Also, a higher bandwidth connection
from the ISP could be purchased in order to give the whole network more capacity. The
Inventory team’s connection to the Internet could also be upgraded if need be to allow
more traffic to flow between the file server and the Internet. With the ability to easily
implement the current network and upgrade the network down the road, our design is a
very cost effective choice.
By creating a simple design we were able to make it more cost effective as well.
This is due to the fact that our network does not contain many parts and is simple to
manage. The hardware needed to run these networks was chosen due to the fact that they
are cost effective and simple to operate. There is no use in creating a network that once
implemented cannot be managed easily or upgraded without lots of time and trouble. The
location of the webserver is also very cost effective because the hiring of server
technicians would not be needed. The ISP would be able to provide all support for the
server 24 hours a day saving the company massive amounts of money each year. The
NBX system also helps cut cost. The initial expenditure is realitively costly but is
warranted due to the fact that the system is fully expandable, customizeable, and the extra
cost of running new analog phone lines and service to each phone in the system is
diminished. We believe the ability to create a simple network that, which is easy to run,
and upgrade with no sacrifices in its ability to function efficently is the key to a solid
business communications infrastructure. The ability for our network to function properly
is also a very important aspect as well.
We have designed our network so that even if the network is temporarily shut
down that each of the offices can still communicate. If the router were to fail the two
offices could still communicate. This is because the offices are connected across the
switch, allowing all of the computers to still talk to each other. The Internet would be
unavailable, but business tasks, such as queries from the file server, could still occur as if
nothing was wrong. Even if the switch was down the business could still do most of its
duties because each computer would still function properly without connection to the file
server or Internet. This design was implemented into each of the separate divisions. The
Internet connections themselves are also very fail-safe due to the fact that you have a
dedicated connection to the ISP via the T1 line, and the reliable business-class DSL. Our
web presence is also very reliable because of its location at the ISP. If anything were to
happen to the server technicians on duty at the ISP could fix the server and get it back
online. The simplicity of the network also allows for, in most cases, a single point of
failure. This allows for the problem to be isolated much easier and handled more
effciently.
Conclusion
Great care was put into the design of this network. We looked at this task from a
few different angles to decide what ways the requested network abilities could be
implemented. The business needs were our top priority. ABC Sporting Goods needed a
great amount of help to get their network to function as they wanted. We did not back
away from this challenge though. We went at the problem head on and made sure the
network met your needs by making sure every office could communicate with each other,
the sales force abroad could have remote access to the network, and that a web prescence
was brought online. After accessing the different designs we came to our final decision,
which is the one that has just been discussed. It meets our goals for the networks we
design as well as ABC Sporting Goods’, which means it includes simplicity of design,
upgradeability, cost effectiveness, and reliability. We have touched upon each of these
aspects throughout the description of our design. We feel the network designed will allow
for easy and efficient communication between the many facets of ABC Sporting Goods
and those in the future. We feel that if you choose our design you will be very pleased
that you did so.
Approximate Initial Investment Breakdown
Item Quantity Each Cost Total Cost
Dell Sales Server x1 $2400 $2400
HP Laser Ethernet Printer x2 $900 $1800
Dell Sales Workstations x5 $850 $4250
24-port 3Com SuperStack3 Switch x2 $1100 $2200
US Robotics Network Cards x5 $13 $65
Cisco 1760 Router x1 $1900 $1900
Linksys Cable/DSL Router x1 $100 $100
1000ft Cat6 Network Cable x2 $180 $360
3Com NBX-25 x1 $1500 $1500
3Com NBX 1102 5pk Bundle x2 $1300 $2600
3Com NBX 1102 phone x2 $300 $600
3Com Ethernet power source x1 $600 $600
Powerware 2KVA UPS x1 $2400 $2400
---------------------------
Total: $20,855
Computer ComputerComputerComputer Computer
File Serverw/ 56k to Inv File ServerEth. Printer Eth. Printer
Computer Computer
Computer ComputerComputer ComputerComputerComputer Phone PhoneEth. Printer
File Serverw/ 56k to Sales
SalesAccounting DSL Modem3-Com Switch3-Com Switch
Cisco Router
T1 Line
NBX 25 VoIP
Inventory DSL Router/FirewallBusiness DSL
Analog Telephone LinesPhonePhonePhonePhoneAcct. Phones PhonePhonePhonePhoneSales PhonesEthernet Power SourceInv. Phones
Overall Network Diagram
To PSTN
Analog Telephone Line
PhoneComputer Phone PhonePhone
