Your SlideShare is downloading. ×
  • Like
Jvvnl 071108
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Now you can save presentations on your phone or tablet

Available for both IPhone and Android

Text the download link to your phone

Standard text messaging rates apply
Published

 

Published in Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
756
On SlideShare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
9
Comments
0
Likes
1

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. By Spanco Telesystems and Solutions ltd. 373, Udyog Vihar-II, Gurgaon Presentation on SANJIVINI Project
  • 2.
    • At the Check post
    • Automated and transparent MPLS providers failover and active-active link load
    • balancing for achieving maximum services uptimes ensuring 24*7 reachability to the
    • Data Center
    • At the Data Center DC and DR
    • Network based inline solution for protection against
    • 1] OS and Application protection against known and unknown vulnerabilities
    • 2] DOS and DDOS protection.
    • 3] Protection against bots, worms and service denials exploits and attacks
    • Application load balancer for
    • 1] Ensuring maximum uptimes and high availability
    • 2] Scalable and hardware based robust application load balancer
    • 3] DC-DR scalable solution to provide site to site resiliency
    • Link load balancing solution for
    • 1] Maintaining multiple paths to reach applications at Data Center
    • 2] Have multiple link load balancing in active-active
    • 3] Fault tolerance for any failures in MPLS backbone services
    • 4] Link load balancing for replication links from DC to DR
    Solution Requirement
  • 3. Agenda
    • Spanco Profile
    • Our understanding
      • SOW - JVVNL Sanjivini
      • Assumptions
      • Issue of concern
      • Objectives
    • Proposed Solution
    • Risk and Mitigation
    • Proposed Implementation Strategy
  • 4. Profile – SPANCO -1/4
    • Strengths National Presence
      • Customer Relationship Management Solutions
      • Call Center Solutions
      • Turnkey Application / e-Governence Solutions
      • Systems Integration
    • Focus
      • Government / PSUs
      • Non Voice BPO
      • Telecom
      • NREGA, Power, Banking and Education solution
  • 5. Profile – SPANCO -2/4
    • SPANCO
    • Spanco is a leading Systems Integrator working in Domestic and International markets
    • Spanco is a provider of solutions to the Telecom Sector, PSUs, Corporate, Government and Indian Defense
    • Spanco has 8 regional offices and over 60 service support facilities in India
    • Spanco is present in USA, UK, GCC and Singapore
  • 6. Profile – SPANCO -3/4
    • Spanco is ranked 397th in the ET-500
    • Accredited with ISO 9001 – 2000 and CMMi – 3 certification
    • A 3000+ strong team
    • 3rd fastest Growing Company rated by CNBC, Emerging awards 2006
    • 100% Y-O-Y growth for 6 consecutive years
  • 7. Profile – SPANCO-4/4
    • SPANCO – PPP Success Stories
    • IRCTC – Unified Call Centre ( 5 Lacs Calls per day )
    • e-Seva –Govt of AP
      • (over 150 Cr worth of revenue transactions per month)
    • SWAN - Maharashtra
    • Food & Civil Supplies - Maharashtra
    • CSC – Maharashtra
    • Mobile Payments - SBI
  • 8. Objectives 26/7/2008 SPANCO Telesystems
    • The IT centre will house the IT and security equipments to provide robust security to its
    • Data
    • With connected offices the operations across the offices will follow the workflow of the Discom
    • Integration with other IT systems for increased productivity
    • The management will be able to have effective monitoring of projects
    • The IT centre will provide centralized Operations operations for all IT projects
  • 9. Jaipur Vidyut Vitran Nigam Limited : JVVNL
  • 10. Primary Locations
    • IT Centre; Data Centre
    • Circle Office; Approximately 10-15 LAN users
    • Sub-Division Offices; 5-10 LAN users
    • Division; 2-5 LAN users
    • Sub-Offices; With minimum 1 LAN User
  • 11. Functional Requirements
    • WAN Connectivity – Circle offices will connects to IT Centre through leased line on 2MB, recommended 8-10 Mbps, Sub-Division connects to respective Circle office and Sub-Offices connects to Sub-Division
    • Front End – All users approximately 1500, distributed across different offices in Rajasthan will access services hosted at IT Centre at Jaipur. Majority of the application are GIS based which requires approximately 200-256 Kbps per user.
    • Application – The servers running code with glues the front-end applications to the back-end data and reflects the business processes in how the data is used. Data will be stored locally (SAN) initially and replicated to DR site storage (SAN) on schedule basis (needs to confirm).
    • Storage – The actual storage devices in which data is stored
  • 12. Network Requirements
    • Redundancy – Devices at the IT Centre should have redundancy at all the level and should be highly available. Alternate route to the IT centre from the Circle offices should be achieved by interconnecting circle offices. In case of lease line failure at circle offices, ISDN backup should come up automatically.
    • Scalability – Routers should be modular in nature so that different interfaces can be installed as per the requirement. Since servers are centralized, the network must be able to handle the sheer amount of traffic from users to the central location, as well as server-to-server traffic. Additionally, devices must be able to scale to provide connectivity (ISDN/Serial) to multiple locations as and when needed
    • QoS – Router should be QoS enabled to cater voice, video, and data for applications spread across different locations
    • Security – Devices must be physically secure, and the data and applications must be protected from internal and external threats using inbuilt Firewall and IPS in the Routers at all locations. Routers should be able to support different type of IPSEC setup (Site-to-Site, Remote Access, Tunnel Less) for ease of deployment and manageability.
    • Management - The IT staff monitors, configures, and troubleshoots network and server resources centrally
  • 13. Data Center Design Intranet Service Provider LB w/SSL FW IPS Storage Application Servers Web / Front-end Servers Aggregation Switch with L4-7 Services FW/IPS/Load Balancer Database Servers Internet Remote Offices Zone#1 Zone#2 Zone#3 SAN Switch DMZ Zone / Web / Front-end Servers Load Balancer IPS FW Core Switch
  • 14. CORE ROUTER Corp SP CLOUD N x 2 Mbps Div/Sub-Div Router N x 2 Mbps 2 Mbps 2 Mbps 2 Mbps 2 Mbps 2 Mbps 2 Mbps 2 Mbps N x 2 Mbps N x 2 Mbps Corp ISP (Multiple 2 Mbps) RAS Internet Router ISDN CLOUD 2 Mbps (PRI) 2 Mbps (PRI) 2 Mbps (PRI) WAN Connectivity Corp Corp Div/Sub-Div Router Recommended 8-10 Mbps / Corp 64/128 Kbps (BRI) Sub-Office 64/128 Kbps (BRI) 256 Kbps 256 Kbps
  • 15. Data Center Security Intranet Service Provider LB w/SSL FW IPS Storage Application Servers Web / Front-end Servers Database Servers Internet Remote Offices Zone#1 Zone#2 Zone#3 SAN Switch HTTP & SMTP Perimeter Sec IPS FW Core Switch AAA Security Mgmt Soft SIEM Server w/Host based IDS
  • 16. CORE ROUTER Corp SP CLOUD N x 2 Mbps Div/Sub-Div Router N x 2 Mbps 2 Mbps 2 Mbps 2 Mbps 2 Mbps 2 Mbps 2 Mbps 2 Mbps N x 2 Mbps N x 2 Mbps Corp ISP (Multiple 2 Mbps) RAS Internet Router ISDN CLOUD 2 Mbps (PRI) 2 Mbps (PRI) 2 Mbps (PRI) WAN Security Solution Corp Corp Div/Sub-Div Router Recommended 8-10 Mbps / Corp 256 Kbps 64/128 Kbps (BRI) Sub-Office 64/128 Kbps (BRI) IPSEC VPN IPSEC VPN 256 Kbps
  • 17. Architecture for Corp/Sub-Div Router WAN Cloud FW PC w/Host based IDS Switch Fiber (8 - 10 Mbps) Recommended for Corps (2-4 Mbps) Recommended for Sub-Div
  • 18. Architecture for Sub-office Router w/ FW/VPN WAN Cloud (256 Kbps) Switch PC w/Host based IDS
  • 19. DR Requirements
    • Not Clear
  • 20. In-Person Experience: Cisco Telepresence Solution
  • 21. High-Level Design IT Centre Gateways Servers Cluster Router IP WAN Router Circle Office . . . Circle Office
  • 22. Cisco TelePresence for IT Centre
    • Native 1080p cameras and 65” plasma displays
    • Wideband microphones and speakers
    • Auto-Collaborate
    • Audio Add-In
  • 23. Cisco TelePresence for Circle Office
    • Native 1080p camera and 65” plasma display
    • Wideband microphone and speaker
    • Auto Collaborate
    • Audio Add-In
  • 24. Security Solution
  • 25. Security Solution
    • Perimeter Security: Will be providing features like Span defense, Virus defense, Policy Enforcement, URL filters, Anti-Malware by deploying HTTP and SMTP appliance at IT Centre
    • Firewall (FW): Firewall at two different level to provide higher attack protection
    • Intrusion Detection and Prevention (IPS): Help to detect, classify, and stop threats, including application abuse through several different methods including signature and behavior
    • Virtual Private Networking (VPN): To enable secure network to authorize user by providing connectivity to corporate resource from any IP-enabled location
    • Authentication, Authorization and Accounting (AAA): Access Control system
    • Security Incident and Event Manager (SIEM): Helps combines network intelligence, context correlation, hotspot identification, and automated mitigation capabilities and for compliance purposes.
    • Host based IDS (HIDS): Help Desktop and Server stop unknown attacks, zero day protection, personal firewall, spyware and Adware protection
  • 26. IP Surveillance Solution
  • 27. Video Surveilance Open, Scalable, Reliable, Secure, Accessible, Useable CCTV Keyboards / Monitors Cisco Switch IP Camera Cisco IP Gateway Encoders with Virtual Matrix S/W Cisco IP Gateway Decoders Cisco Stream Manager Web-based Monitoring Cisco Services Platforms with Stream Manager Digital Recording Cisco Stream Manager Monitoring S/W for Local & Remote Operations Analog Fixed/ PTZ Any to Any for Any
  • 28.
    • At the Check post
    • Link load balancing between wired and wireless last mile connectivities from two different
    • MPLS provider will ensure maximum services uptimes to the data Center with intelligent
    • fault tolerance and traffic management
    • At the Data Center DC and DR
    • The Network Intrusion prevention system will provide defense against OS and
    • applications attacks, DOS, DDOS, Worms and exploits that can cause service outrage or
    • denials.
    • Appliance based Load balancers will ensure highest uptimes by providing scalable and
    • efficient applications load balancing amongst various servers for high availability and site
    • to site resiliency.
    • The solution will provide DC-DR failover functionality and transparent failovers.
    • LinkProof for link load balancing between two different MPLS provider will ensure
    • maximum services uptimes and reachability from the Check Posts and faster replication
    • between DC and DR.
    Solution Description
  • 29. Database Server Sub-Control Room - Sales Check post Application NMS Web Video SAN Storage Tape library Server Farm Sub-Control Room - Excise Sub-Control Room - Transport Firewalls Reporting Antivirus Staging & Testing Internet Router (Cisco 2821) Radware - LinkProof Link Load Balancer Internet Radware AppDirector Radware AppDirector Radware AppDirector Radware DefensePro (IPS) Replication Link ISDN MPLS Check post Radware - LinkProof Link Load Balancer Radware - LinkProof Link Load Balancer Radware - LinkProof Link Load Balancer DefensePro (IPS) DefensePro (IPS) DC Site DR Site IT Center Network Architecture
  • 30. Check post Application NMS Web Video Server Farm Firewalls Reporting Antivirus Staging & Testing Internet Router (Cisco 2821) Radware - LinkProof Link Load Balancer DC Site Radware AppDirector Radware AppDirector Radware AppDirector Radware DefensePro (IPS) Replication Link VSAT MPLS 2 MPLS 1 Check post Radware - LinkProof Link Load Balancer Radware - LinkProof Link Load Balancer Radware - LinkProof Link Load Balancer DefensePro (IPS) DefensePro (IPS) DR Site Database Server SAN Storage Tape library Sub-Control Room - Sales Sub-Control Room - Transport Internet Sub-Control Room - Excise Central Control Room Topology: Data Recovery Passive Site Details
  • 31.
    • At the Check post
    • Link load balancing between wired and wireless last mile connectivities from two different
    • MPLS provider will ensure maximum services uptimes to the data Center with intelligent
    • fault tolerance and traffic management
    • At the Data Center DC and DR
    • The Network Intrusion prevention system will provide defense against OS and
    • applications attacks, DOS, DDOS, Worms and exploits that can cause service outrage or
    • denials.
    • Appliance based Load balancers will ensure highest uptimes by providing scalable and
    • efficient applications load balancing amongst various servers for high availability and site
    • to site resiliency.
    • The solution will provide DC-DR failover functionality and transparent failovers.
    • LinkProof for link load balancing between two different MPLS provider will ensure
    • maximum services uptimes and reachability from the Check Posts and faster replication
    • between DC and DR.
    Solution Description