network design (proposal)
DESCRIPTION
it is my work in semester 1TRANSCRIPT
FACULTY OF SCIENCE COMPUTER AND MATHEMATICS
CHAMPS SDN BHD NETWORK DESIGN
ITT 550 : NETWORK DESIGN AND MANAGEMENT
PREPARED FOR:
MR. ALBIN LEMUEL
BY:
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
DATE OF SUBMISSION:
19th MARCH 2015
PHASE 1: REQUIREMENT GATHERING1.1 COMPANY BACKGROUND
Champs was initially settled in 2006, from a small shopper gadgets half shop part set up with stocks worth not as much as Ringgit Malaysia thirty thousands to the biggest hardware chain store today. In the course of recent years, Champs has been through numerous changes. These progressions were improved to serve to the clients. Despite the fact that the future has yet to unfold, they are prepared to embrace for changes important to address their issues and give improved shopping background to their client
Now Champs is one of the leading consumer electronics chain stores in the country. Champ is committed to provide to the customer with convenient and unique shopping experience, as well as better value each and every time they shop at Champs stores. Here in Champs, they understand the trends and directions of their customers. Therefore, Champs always offered the latest and the greatest product all available in our stores. Not only involved in direct sales, Champ Sdn Bhd has also been involved in online business. Therefore, Champ need a good network which is secure and has good performance to support the transaction, data and able to support heavy load of data travelling.
Currently Champs Sdn Bhd has opened another branch in Johor Bharu, which currently houses 50 employees, including executives and managers including the others end devices such as faxes, printers, phones, and so on. However, their existing networks are frequently receive issues such as breach of data, tapping and recently the system has been hack and cause one of the server down. Network to access the server are also often affected by many user who want to access at one time, this problem often occurs during peak time, causing a most of business stalled or delayed. Furthermore Johor Bharu prone to flooding, so position them as server hardware and system console itself is located in a vulnerable area.
Due to all the problem we were hired by Champ to redesign a new network for them. We are given RM 650 000 as the cost budget. The aim for new network besides to solve all the problem above is the new network must capable to provide an internet and internet access for top and middle level manager while the staff only have access to intranet only.
1.2 BUSINESS REQUIREMENT
KEY PLAYERS1) Information Source :
a) Chief Executive Officer 2) Decision makers :
b) Chief Executive Officer
MAJOR MILESTONETask Name / Duration(month)
1 2 3 4 5 6 7 8 9
Information Gathering
Analysing Current Network
Create Logical Network Design
Create Physical Network Design
Installation And Maintenance
Report
FUNDING LEVEL
TYPE OF BUSINESS ACTIVITYChamps sdn bhd is a electrical company that involve in electrical hardware selling and leasing
including electrical ware for home used and Industrial used. Lately, Champs start to used online services in order to expend their business variety and profit.
ESTIMATED GROWTHFor the first 2 years from now, it is estimated growth rate of the company’s employees is 70 %
per year since the company are short in number of staff. Increasing in company’s employees cause increasing in network traffic.
RELIABILITY AND AVAILABILITYSince Champs are aiming for involving in online marketing it is crucial to keep this network
availability and make it reliable, if not it will cause in serious dropping of productivity and revenue.
SECURITYManagement would also like to implement a more tight security system to ensure there is no
data breaching to unauthorised person.
REMOTE ACCESSChanging in business strategy forced the data to be access anywhere and anytime by top and
middle management especially for network personnel to monitor company network.
1.3 USER REQUIREMENT
In improving network performance, a survey had been carry out in order to understanding user needed for a new network.
Based on the survey conducted, the result can be conclude as follow :
Timely delivery information : User want to get data immediately Reliability and availability : Network have to be stable to support their workload Security : Their data and information stored or travel over network
must be kept secure and private from breaching
PHASE 2: ANALYZING CURRENT NETWORK
EXISTING LOGICAL DIAGRAM
Support :
Number of workstation(s) : 50 units Division of staffs :
o Top Management :Chief Executive, Senior Manager, Production Manager, Sales Manager, Human Resources Manager.
o Middle Management : Electrical Engineer, System Engineer, Accountant, System Analyst,Safety and Health Manager
o Low Management : Supervisor, Team Leader, Technician, Sales Person.
Type of topology : Bus Type of network : LAN Type of router : Wired Router Type of computer network : Intranet and Internet for all staffs Type of security : Firewall NETWORK ENVIROMENT
Problem Description
1
2
6
3
54
1. Old switch Core switch which connect to server always faced a bottleneck problem especially during peak hour since limitation of switch bandwidth and everyone need to access to the server.
2. Cabling There are currently no patch panel or equipment racks for proper cable management and mounting of switches. This can lead to more frequent cabling failures. Most cabling recognized is standard Category 5 cabling which is fit for paces just up to 100Mbps which won't be sufficient for future employments. Cabling is likewise unlabelled which makes it hard to trace when there are issues and this slows resolution.
3. Remote Access A remote access Virtual Private Network (VPN) used to be set up for Top and Middle level user to remote access data from the workplace frameworks. Presently that VPN framework is not utilized for specialized or operational reasons.
4. Backup Server A cursory review of the EMC Retrospect backup logs suggests that not all data is being backed up to the Buffalo Network Attached Storage (NAS) devices and it is attached hard drives and/or is not being written reliably. Not having all application, databases, and data directories backed up can make it impossible to restore lost data. Additionally, the information that is being backed up to the Buffalo NAS external drives is not being taken offsite thus all data and their backups is subject to being lost in the event of a flood, fire, or theft affecting the servers (even if it were being taken offsite, it is not believed to be encrypted thus information could be stolen if these offsite drives were stolen). Lastly, one of the four hard drives on the Buffalo NAS is physically failing and may not be able to hold backup information much longer.
5. Server Space Currently the data partition on the ‘widgets1file’ server only has 5GB free which is 4% free of its total disk space. The operating system partition on this same server is at 4.6GB free which is 15% free of its total disk space. The data partition on the ‘widgets1mail’ server at 24GB free which is 18% free of its total disk space. A server which runs out of disk space can either crash and become not available or at the minimum not be able to store additional information and possibly corrupt user information.
6. Single Firewall Aware with the security, the company place a firewall before the gateway but it just not enough to have secure network. The connection for a staff, middle manager and the top manager to access server are directly interlinked which mean it has a probability or give a chance for staff to get access or to tap the data that been sent by their manager and there might be a possibility that the top or middle manager are getting fault
information.
PHYSICAL ENVIROMENT
Problem Description
Automatic Server Shutdown
During an extended power outage, the UPS batteries will get to be depleted and in the end quit giving energy to the servers bringing about an unexpected shutdown of the servers. This sudden disturbance of electrical supply to servers may cause data to be lost or undermined.
Enviroment Notification
There is no monitoring and alarming if the encompassing temperature or humidity surpasses adequate limits. Alarming to administrators is critical so that extreme temperature or humidity variations can be addressed in a timely fashion in an auspicious manner to best secure the interest in IT equipment which could somehow be harmed
Server Location The servers are currently in an area trafficked by non-IT staff and could be effectively either incidentally or intentional disrupted. The location of server hardware and system console itself is located in a vulnerable area.
PHASE 3: LOGICAL DESIGNLOGICAL DIAGRAM
PROPOSED DESIGN
PHYSICAL ENVIROMENT
Problem Solution
Automatic Server Shutdown
It is prescribed that APC PowerChute Network Shutdown software be install on both Windows servers so they close down appropriately before the UPS batteries get to be depleted.
Enviroment Notification
It is suggested that temperature and humidity alarms be implemented via APC Network Management card with Environmental Monitoring to be introduced in the current APC Smart-UPS uninterruptible power supply (UPS).
Server Location Relocate server and system console near to IT personnel for surveillance and to prevent server from affected by flood since IT personnel lie on the middle floor of the building.
NETWORK ENVIROMENT
Problem Solution
Old switch Since core switch handle many request so it will require more bandwith. It is recommend to change current device which is have 100Mbps network limit to switch with 10Gbps.
All the other switch also need to be change from 100 Mbps to 1Gbps.
Cabling It is recommended that a secure main communications equipment room (MCER) be established in the front office area with at least one intermediate communication equipment room (ICER) located in the manufacturing area using 50Um fiber to interconnect the two closets.
It is recommended to install Cat6 cabling to insure 10Gbps capability throughput in all office areas and shielded Cat6 cabling in the manufacturing areas to safeguard against (EMI) from overhead crane power and bus bar power.
MCER rooms should contain 19” X 7’ open equipment racks with overhead cable tray and horizontal cable management on either side. If the ICER room is located on the open manufacturing floor, then a secure lockable cabinet should house all patch panels and electronics.
All cabling would be terminated on standard punch down panels and jacks which use only a single piece so would eliminate the brittle plastic issue.
Remote Access It is suggested that the necessity for a VPN be reevaluated after to decides whether it desires to implement the recommended web-based portal for accessing customer information and/or the more functional hosted e-mail & collaboration system. Since certain types of information may be web-based instead of VPN technology, VPN technology may not be required. However, if VPN technology is still required for access to various types of data or systems, then TNSC is confident that it could rectify the issues associated with the current implementation.
Backup Server It is strongly recommended that the entirety of each server’s data be backed up by a system that does so completely, routinely, automatically, is monitored for failures, can virtually recreate a server in case of server hardware failure, and also automatically transfers a copy of the data offsite in case there is ever a disaster. Although there may be alternatives, TNSC offers its StoreIT backup solution which provides all of the desired features.
Server Space It is recommended that the following approach be taken in sequence: Delete any information that is no longer needed on the servers.
If the above step does not yield enough free space, then archive information that is not frequently needed to an external device for permanent storage.
If the above steps do not yield enough space, then relocate some information between the two servers and their partitions so that each partition has sufficient free space.
If the above steps do not yield enough space, then add (a) physical drive(s) to the widget1file server so that it has more available drive space.
If the above steps do not yield enough free space, then purchase a new physical server with more hard drive space. This server should be equipped with VMware vSphere software which allows the physical hardware to be shared by multiple virtual servers such as the widget1file and widget1mail servers which would be copied to this new physical server. The benefit of virtual server hardware is that it allows multiple servers to share the available capacity of the hardware which results in less hardware needing to be purchased. An added benefit of new hardware is that it would be covered by a three year warranty whereas the current servers would appear to be out of warranty and don’t have a maintenance contract in place therefore current system failures would be more costly and time consuming.
ADDRESSING STRATEGYCurrently Champ has been supporting 50 wired user and around 30 other end devices and
Champ had intention on expanding their employees so we are are using ip address class C that able to support up to 253 devices. It is still able to support Champs’s employees hiring plan.
IP: Class C - 192.168.10.1Subnet Mask: 255.255.255.0
Total Available Hosts: 253Network Address: 192.168.10.0
Range: 192.168.10.1 - 192.168.10.254Broadcast: 192.168.10.255
HARDWARE SPECIFICATION
SERVER: IBM x3650 M4
Processor Intel Xeon E5-2650V2 2.6GHz
Storage Serial ATA III, Serial Attached SCSI (SAS) 25.6 Tb
Memory Flash 1024 Mb
Internal 16 Gb
RAM 2 x 8 Gb DDR3-SDRAM
Graphic Adapter G200eR2
Port USB 2.0 6
Serial Port 1
Ethernet 5
VGA 2
OS Microsoft Windows Server 2012
Design Rack (2U) 445 mm x 746 x 86 mm
Power 750 W
CORE SWITCH : Cisco Catalyst 4500 – X
Port SFP/SFP+ slots quantity 16
USB 2.0 ports quantity 1
Compatible memory cards SD
Management
Support
Quality of Service (QoS) support Yes
Multicast support Yes
Switch type Managed
Data Transmission Switching capacity 800 Gbit/s
Throughput 800000 Mpps
MAC address table 55000 entries
Number of VLANs 4094
Number of queues 8
Jumbo frames support Yes
Performance Stackable Yes
Physical stacking (units) 2
Processor frequency 1500 MHz
Internal memory 4096 MB
Packet buffer memory 32 MB
Memory type SRAM DDRII
Mean time between failures (MTBF) 209330 h
Power 330 W
ACCESS SWITCH : Cisco Catalyst 2960 – x
Port Basic switching RJ-45 Ethernet ports quantity 24
Basic switching RJ-45 Ethernet ports type Gigabit Ethernet
(10/100/1000)
SFP ports quantity 4
Console port RJ-45
USB 2.0 ports quantity 2
Data Transmission Switching capacity 800 Gbit/s
Throughput 800000 Mpps
MAC address table 55000 entries
Number of VLANs 4094
Number of queues 8
Jumbo frames support Yes
Performance Switching capacity 216 Gbit/s
Number of VLANs 1023
Jumbo frames support Yes
Security SSH/SSL support Yes
Access Control List (ACL) Yes
PHASE 5: INSTALLATION MAINTAINACE
USER APPLICATION PURPOSE
Top Level Management
1. TeamViewer2. Skype
CEO have to monitor their employee computer using remote access software. It also can help top level management troubleshoot any problem without having to go to the device ..
Is used to communicate between staff to top manager, top manager to staff to top manager with top manager
Middle Level Management
3. Microsoft Office Word
4. Skype5. phpMyAdmin6. Wireshark
This is a software suit which is bunded up with Microsoft word, Excel,Power Point , Outlook .this application is used to make a letter , a proposal, worksheet, sending an email and lots more of office task.
Skype is a software used to conduct live meeting between staff to staff , staff to top manager so they can communicate with top management.
IT department will use this application to manage database of company.
IT department will use this application to make sure network of company will be protected from been hacked
Lower Level Management
7. Microsoft Office8. Dropbox9. Central Dekstop
This is a software suit which is bunded up with Microsoft word, Excel,Power Point , Outlook .this application is used to make a letter , a proposal, worksheet, sending an email and lots more of office task.
Supervisors and the foremen are using the cloud storage of Dropbox to store their files or documents. Therefore their documents are protected.
Various job titles with their roles need to be gathered and distributed to achieve organizational goals.
Table 1 Installing Schedule