Final

Team B
Consulting
Team B
Consulting
Team B
Consulting
Vincent Music Outlet
Network Design Proposal
Vincent Music Outlet
Network Design Proposal
Developed By:
Alejandro Castillo
Luke Flatgard
Mohammed Malik 
Matt McCoy 
Michael Santos

Team B
Consulting
P a g e | 2
Contents
Executive Summary......................................................................................................................... 5
Network Design Strategy................................................................................................................. 6
Edge Design ..................................................................................................................................... 7
Edge Overview............................................................................................................................. 7
IP Architecture........................................................................................................................... 11
Internet Connectivity................................................................................................................. 12
DMZ ........................................................................................................................................... 13
Credit Card Clearing................................................................................................................... 14
Voice Connectivity..................................................................................................................... 14
Call Setup............................................................................................................................... 14
Codec Streams....................................................................................................................... 16
Security.................................................................................................................................. 16
QoS ........................................................................................................................................ 16
Fax and Modems ................................................................................................................... 17
Gatekeepers .......................................................................................................................... 17
Call Agents............................................................................................................................. 18
Edge Security............................................................................................................................. 20
Data Center ................................................................................................................................... 23
Building A Basement Infrastructure Design .............................................................................. 23
Physical Security.................................................................................................................... 23
Telco Room............................................................................................................................ 23
Data Center............................................................................................................................ 24
Power..................................................................................................................................... 24
Cooling................................................................................................................................... 24
Cabling................................................................................................................................... 26
Data Center Architecture Design............................................................................................... 26

Team B
Consulting
P a g e | 3
Virtualization ......................................................................................................................... 28
iSCSI SAN................................................................................................................................ 28
VLANs..................................................................................................................................... 29
Virtual Network Connections ................................................................................................ 29
Virtual Machine Types........................................................................................................... 30
iSCSI Network ........................................................................................................................ 31
Data Center Server Farm........................................................................................................... 32
Data Center Network Devices ................................................................................................... 35
Lincoln Server and Network Rack.............................................................................................. 40
ESX and iSCSI SAN Architecture................................................................................................. 42
Virtual Machine Deployment ................................................................................................ 43
Application Servers Design........................................................................................................ 45
Inventory Management......................................................................................................... 45
Sharepoint ............................................................................................................................. 48
Email System ......................................................................................................................... 49
Antivirus and Antispyware Protection................................................................................... 51
Virtual Machine List................................................................................................................... 52
LAN ................................................................................................................................................ 55
Manageability........................................................................................................................ 55
Scalability............................................................................................................................... 59
Security.................................................................................................................................. 59
Reliability............................................................................................................................... 59
Building N - Chicago Headquarters............................................................................................ 60
Overview................................................................................................................................ 60
Building N LAN Proposal........................................................................................................ 60
Logical Architecture............................................................................................................... 61
Building C –Warehouse ............................................................................................................. 65
Overview................................................................................................................................ 65

Team B
Consulting
P a g e | 4
Building C LAN Proposal ........................................................................................................ 65
Wireless................................................................................................................................. 66
Nebraska Call Center................................................................................................................. 69
Retail Locations ......................................................................................................................... 73
Equipment Maintenance and Replacement Strategy: .................................................................. 76
Implementation:............................................................................................................................ 80
Final Cost Breakdown.................................................................................................................... 82
Telecommunications Cost ......................................................................................................... 82
Network Edge Equipment ......................................................................................................... 83
Data Center Equipment and Software ...................................................................................... 85
Building N Networking Equipment –......................................................................................... 91
Warehouse Equipment–............................................................................................................ 92
Nebraska Call Center Equipment –............................................................................................ 93
Retail Store Equipment.............................................................................................................. 94
VOIP Equipment and Software Cost -...................................................................................... 102

Team B
Consulting
P a g e | 5
Executive Summary
In order for any large business to operate smoothly in this digital age, a reliable and secure data
network must be present. All facets of a business benefit from increased ability to communicate,
work, and organize information. From the brick and mortar stores to the executive’s conference
room, the network should appear as a seamless and easy to use tool to help VMO succeed.
VMO is a fast growing company and we at Team B Consulting believe that with a new data and
voice network we can help to streamline many current business processes and provide a
network that is scalable and secure. VMO has very ambitious growth goals over the next few
years and we can help you met those goals. Current goals include:
• Transitioning employees and equipment into the new campus building.
• Construction of a new data center and relocation of servers.
• New inventory management application deployment.
• Internet access for staff research and for customer order status access.
• Expansion to new retail locations across the US.
• Increase of staff in existing locations.
• Develop redundancy standards and disaster recovery plan.
• Improved network monitoring and management.
The edge network provides WAN connectivity to all the stores. These connections will allow
stores to access the new VMO retail database and also allow each store to have a secure
Internet connection and phone service with VOIP connectivity. Not only is the WAN connectivity
redundant in Chicago but each store has a backup VPN connection to the Chicago Campus
providing for maximum up time. This will make sure that stores can always access the VMO
database as well as process credit card information. Also on this edge network we have
designed redundant fast Internet connections making sure that the VMO website and email has
high-availability. We have also designed a redundant firewall infrastructure and Internet content
filtering solution. Not only do the stores have VPN capabilities but there is also the
infrastructure in place to provide VPN connections to the remote worker.
The campus buildings are interconnected using Gigabit Ethernet technology. This allows VMO
quick and easy communication between the new office building, the new data center, and the
warehouse. Each building features a redundant link to its neighbors in order to prevent
disruption of service. We’ve chosen extremely versatile networking hardware at the access layer
in order to provide as much uptime as possible. Hardware at all buildings features Power over
Ethernet in order to facilitate the deployment of our voice network. The technology is also in
place at the access layer to allow VMO to upgrade to a 10 Gigabit Ethernet if it is deemed
necessary in the future.

Team B
Consulting
P a g e | 6
Network Design Strategy
Our design is modular so we broke our proposal down into these logical groups. First we focused
on the enterprise edge. This includes detail descriptions on how all stores will be connected and
how VMO will access the internet. Secondly the local area network or campus LAN will be
outlined. This will show the infrastructure that we have designed for the VMO Chicago campus,
Lincoln call center and each store. Our design proposal flows from the enterprise edge, to the
core, distribution and access. Throughout our proposal we will address each module in a similar
fashion. We will first focus on the major design considerations for the module, such as
scalability, availability, security, manageability and affordability. Then we will detail the
equipment being used and why it is right for VMO. The will give best practice configuration for
the equipment and how we best see everything being utilized.
Along with the modular design approach we also have used a hierarchical design approach that
is recommended by Cisco. This hierarchy is broken down into 3 layers, core , distribution and
access . The main advantage of this approach is that each part of the network is designed with a
specific purpose. The core is purely about move lots of data fast, distribution is where filtering
and access controls are places and access is where the end user is connected. This combined
with a module network provides and scalable, but in the event of failure outages are isolated.
This means a more stable network. A large flat network with no hierarchy could be brought
down by the failure of one device. A hierarchical network has much more protection against
this.

Team B
Consulting
P a g e | 7
Edge Design
Presently VMO corporate campus is connected to the internet via a dialup mode pool. This
limits 50 employees to using the internet at once. The Lincoln Call center has 4 ISDN line and
each store has a dial-up modem that they use to do daily batch updates to the Chicago
headquarters. Our goal in this network design is to remove all dialup systems and replace them
with dedicated permanent connections. This will allow everyone to access information with
ease . Everyone one of VMO computer will be able to quickly access data inside the company or
access something on the internet.
There are many factors that must be considered designing a network edge infrastructure. No
matter well the rest of your network and systems are designed, if the edge systems fails, no
stores will able to access the inventory database, and might not even be able to process credit
cards at stores. First in our design considerations was scalability. VMO is a rapidly growing
company and thus your edge infrastructure needs to be expandable. Secondly the availably the
WAN need to be considered. The WAN design provides for a high level of availability, with every
effort to make it the most reliable WAN connection possible at a reasonable cost. This means
the most all equipment is redundant, but since VMO business doesn’t rely on 24x7 uptime,
some cost were saved by being able to leave some fail over time. This time would be very
limited and shouldn’t impact the business.
One area that it is hard to see a direct ROI is on the security of the network. Since many threats
originate from the internet we have designed the WAN infrastructure to be as secure as
possible. We also have also added a proxy server to limit and control what web traffic is being
let in and out of the VMO network. All traffic will be filtered at 3 different points as it enters the
network, providing layers of defense. We have designed a secure network but the devices still
need to be secured and administrated properly. We will detail security steps and configuration
that should be used for each device on the network edge.
Edge Overview
As you can see in figure 1 we have designed redundant internet routers, wan routers, DMZ
switches and firewalls. We also have used two different ISP’s for VMO’s internet connections.
This design eliminates any single point of failure. Our design is completely made up of Cisco
network products because we feel they are the best networking products that fit VMO’s
business needs.

Team B
Consulting
P a g e | 8
T3-Internet
T3-Internet
T3-MPLS
WAN2
Edge1
Edge2
Web
Server
Firewall
FirewallCore1
Core2
Proxy
Proxy
DMZ
Switch
DMZ
Switch
VPN
Email
Relay
WAN1
T3MPLS
KQTelco
FrameRelyT1
FrameRelyT1
Lincoln
T1Backup
T1Backup
JPTelco
JPCreditCard
Clearing
T1
T1
Figure 1 – WAN Overview

Team B
Consulting
P a g e | 9
WAN Connectivity
MPLS is going to be the main WAN technology used to connect the stores back to Chicago
headquarters. MPLS (Multiprotocol Label Switching) is a newer WAN technology that is being
used in place of frame-relay. MPLS has less overhead then ATM and frame-relay but still allows
for traffic engineering to be done by administrators. MPLS is a fast and reliable way to transmit
data to and from each store to Chicago datacenter. In some locations MPLS was not a option so
we have implemented frame-relay where it was the only option. The equipment being used is
the same though, so if MPLS become available at these locations in the future upgrading should
be seamless.
The MPLS network connects most stores, Lincoln call center and Chicago headquarters together.
This makes the entire VMO network appear as a single large network to the end user. Any
employee at any store can access a network share in Chicago seamlessly. Since all stores will be
connecting back into the Chicago datacenter, there are redundant connections to the MPLS
network. If both MPLS links were to fail or a store link were to fail, store would automatically
switch to VPN connection to Chicago, allowing them to continue to process transaction. This
process can be seen in figure 3. All the routing on the WAN connections will be done by BGP.
This will help make the WAN as robust as possible.

Team B
Consulting
P a g e | 10
Figure 3 – Retail to Corporate

Team B
Consulting
P a g e | 11
IP Architecture
In order to save VMO money, the internal network will be running in a private class A block in
accordance with RFC 1918. The Class A Block will then be broken down in a hierarchical
addressing scheme so as to describe the physical locations of each device. This should make
management easier as devices can then be logically associated with physical locations and
functions.
To illustrate the example, we will take a look at the small retail locations within our hierarchical
addressing scheme. The first octet will be reserved for the network id (10), the state id (65-127),
the city it resides in (1-254) and the store id itself (1-254). Given the hierarchical design of the
network, it should be easy to pinpoint a device based on its IP address. To illustrate the point,
please look at figure 4 to see DePaul’s VMO retail store map to the IP address 10.65.1.2.
65
66
84
83
82
81
80
79
78
77
76
75
74
73
72
71
70
69
6867
110
109
108
107
106
105
104
103
102
101
100
99
98
97
96
95
94
93
92
9190
89
88
87
86
85
110
111
112
113
114
2
4
3
1
City ID
1
Figure 4 - (Small Retail IP Scheme

Team B
Consulting
P a g e | 12
Internet Connectivity
For the VMO internet connectivity we have design a fast and redundant connection to the
internet. This internet connection not only is for Chicago employees to access the internet but
as shown figure 5 each store will route its internet traffic across the MPLS network to Chicago,
to then be routed out on to the internet. This design allows VMO to provide secure internet
access at each to store without having to manage a firewall at each store. This will add a few
milliseconds to each internet request for each store but that will be far outweighed by the
security it will add. Store employees’ internet will be filtered by the proxy server just as a
Chicago or WAN Connectivity.
VMO headquarters will be connected to the Internet by redundant T3’s from JP Telco and KQ
Telco. These two links will use GLBP( Gateway Load Balancing Protocol ) this allows both routers
to use one virtual IP address. One router with be elected the AVG (active virtual gateway ) and
this router will reply to ARP request for both routers, this is how it provides load balancing.
Traffic being sent to this virtual gateway IP will load balance across the two routers. In the event
one router fails the other is unaffected and handles all of the internet traffic.
Figure 5 -

Team B
Consulting
P a g e | 13
DMZ
The VMO DMZ (demilitarized zone) will be where the web server, VPN appliance, email relay
and webmail access server. Traffic into the DMZ will get filtered by the edge routers but not the
firewalls. As with the rest of the edge, the DMZ switches are redundant along with the web and
email servers. Each system will be dual homed, with one connection to each of the DMZ
switches. The web server will be virtualized with VMware, this is make the scalable and provide
quick recovery if something were to happen. The email relay, will do SPAM filtering and virus
scanning, this will insure that any email getting passed to the internal Exchange servers is clean.
The firewall will then be configured to on receive SMTP traffic from the email relay.
DMZ
Switch
DMZ
Switch
From edge router
ASA
5550
VPN
From edge router
Client Access
Server
Edge Transport
Server
External Web Server
Figure 6 - DMZ Layout

Team B
Consulting
P a g e | 14
Credit Card Clearing
VMO is connected to JP Credit Card Clearing with 2 T1’s, this eliminates the need for each store
to have a dial-up modem for credit card processing. The cost is $2000 per month for the
connections and 5 cent per transaction. This should drastically cut down on the time and cost of
processing credit card information.
Voice Connectivity
Voice is critical to any large organization and great care and deliberation has gone into creating
the most cost efficient Voice over IP (VoIP) network possible. At the time of this writing VMO is
expecting to have a total of 1,348 employees within the next three years.
Call Setup
To account for 1,348 phones spread throughout multiple locations, centralized management is
essential. Given the status quo of VoIP, we were left with only one option for the initial call
setup.
MGCP is the only VoIP signaling protocol in existence that offers support for a Client/Server
Architecture that allows for centralized VoIP management. MGCP in its strictest sense does not
initiate any communication, but instead directs traffic to the proper destination in much the
same way as routing protocols. In this sense MGCP is consider the Gatekeeper for IP telephony
network.

Team B
Consulting
P a g e | 15
V
Figure 7 - MGCP within VMO’s VoIP Network

Team B
Consulting
P a g e | 16
Codec Streams
In order to ensure the best voice quality, the G711 codec was selected to encode/decode voice
traffic. G711 codec, a PSTN standard codec, has an average MOS score of 4.03 on average and a
3.2 on congestion. Given its relatively flexible bit rate, 48kbps with 20 milliseconds sample
should yield exceptional voice with minimum strain on network bandwidth and data. To
accommodate for the all data and users within the network we will be deploying two T3s across
two geographically different locations to account for redundancy and location independence.
Product Vendor Quantity Unit Price Ext. Price
T3 for HQ KQ Telco 36 months $2,200 per month $79,200
T3 for Nebraska KQ Telco 36 months $2,200 per month $79,200
Security
The data will be streamed in real time using the Secure Real Time Protocol (sRTP). SRTP, the
industry standard for securing VoIP traffic, offers 128 bit AES encryption for both stream and
block ciphers. In order to secure all VoIP traffic, we will be deploying 128bit block ciphers. So in
the event of data corruption, disruption or a network attack, the conversation goes unaffected
and only the isolated block ciphers are dropped.
IP
IP
Figure 8 – sRTP communication
sRTP reliance against attacks does not end in its DoS robustness. It continues well into the
encryption algorithm itself, in which one key yield 4 different sets of keys all temporary, making
crypto-analysis nearly impossible on short time intervals.
QoS
Voice is time sensitive, and every possible way to conserve bandwidth, and prioritize voice
traffic was considered. In order to give voice traffic higher precedence over regular traffic, we
will be using a mixture of Class-Based Weighted Fair Queuing and traffic tagging to alert both
internal networks (VMO’s network) and external networks (JP Telco) for traffic prioritization.

Team B
Consulting
P a g e | 17
Voice Activity Detection (VAD) will also be used to avoid sending silent audio. This way we won’t
be transmitting any unneeded traffic.
Fax and Modems
Faxes and modems require a constant 64kpbs connection and use their own standard for
communications, it will therefore be allowed to use its native codec T.38 (Fax) and V.34
(Modem) get pass through traffic. By doing so, there will be no VAD and all streams from faxes
and modem will be a raw 64kbps, allowing the traffic to arrive completely untouched.
Gatekeepers
In order to get traffic to the gatekeeper we will be using a mixture of Cisco 7206VXR routers and
Catalyst 6500 switches. Once the traffic has reached the AS5350XM gateway, it will connect to
two independent ISP for redundancy and load balancing. It will also connect to the PSTN
network allowing for the inbound and outbound voice connections.
AS5350XM Gateway
G.711 w/CT3 High Density Bundle
AS535XM-CT3-V-LC
PC
Connection
2 $51,417.48 $ 102,834.96
CT3 DFC card
AS535-DFC-CT3A
ProVantage 2 $14,285.35 $ 2,8570.7
US AC Power Cords
CAB-AC
PC
Connection
2 $18.99 $37.98
Six PVDM DSP Mod Slots
AS5X-FC
PC
Connection
4 $3,083.13 $12,332.52
64 Channel PacketVoice/Fax DSP
Module
AS5X-PVDM2-64
PC
Connection
22 $1,719.00 $37,818

Team B
Consulting
P a g e | 18
Call Agents
Given the high availability of the PBX (99.999%) with 5 minutes downtime or less in a year, the
VMO’s IP telephony has been built to match its resilience with a mixture of call agents. The mix
will be a composite of three Cisco Media Convergence Servers (Cisco Call Managers) to one
LiteScape OnCall server, forming the call Agent Cluster pictured in Figure 8 Given the importance
of voice in the Nebraska call center, there will be two call agent clusters in the network. One call
agent cluster will be located in the Core and another in Nebraska in order to allow for
geographical call agent redundancy with speed and scalability in mind.
Figure 8 – Call Agent Cluster
Within the network the Cisco Call Managers will be responsible for sending and receiving phone
calls from the devices within the network, maintaining connection states and sorting traffic to
the Gatekeepers as needed. It will also responsible for transferring information from the
Gatekeepers to the clients.
Media Convergence
Server 7835-I2
PC Connection 6 $10,025.30 $60,151.80

Team B
Consulting
P a g e | 19
The LiteScape OnCall manager will provide the feature rich services that have often been
associated with IP telephony and thanks to its modular design, plug-ins can be added and
removed as VMO grows well into the future. It also scales well given its tight integration with
Microsoft’s Windows Server. Users can move from location to location and their user name and
phone numbers will follow them. Manageability will also be handled in much the same way so
as to allow for easier maintenance and accountability. Other services will include RSS, VoiceMail,
XML alerts etc.. (see Appendix).
HP ProLiant DL380 G5
Server
HP 2 $3,149 $6,298
LiteScape
OnCall Server OS
LiteScape 2 $791.59 $ 1,583.18

Team B
Consulting
P a g e | 20
Edge Security
All internet traffic passing in or out of the VMO network will have to pass though will be filtered
at three different points. First the edge routers will have ACL’s that will allow and deny based on
source and destination IP’s and source and destination ports. This will keep the majority of
rouge traffic out. Then if the traffic destination is for the internal network it will pass through
one of the firewalls. These firewalls will be able to do stateful inspection of the traffic. This
means that the firewall will only allow traffic in that was specifically requested by an internal
user. Then the firewall will pass the traffic to the proxy server. Here the proxy server has the
ability to look inside the packets that make up the traffic and determine if the content is
appropriate. This is the content filtering of internet traffic. This proxy server will log all internet
traffic so that in necessary the administrator will have the ability to see where someone has
been going on the internet. The three layers of security are important because they each have a
specific propose. Even if one of these layers is compromised or misconfigured, the others still
will maintain the integrity of the networks security.

Team B
Consulting
P a g e | 21
Edge Equipment
Product Vendor Quantity Unit
Price
Ext.
Price
7206VXR with NPE-G1 includes 3GigE/FE/E Ports
and IP SW
JP
Telco
2 $22,000 $44,000
Cisco 7206VXR IPv6/Adv. Ent. Services bundle with
NPE-G2 (MPLS Routers)
JP
Telco
3 $27,000 $81,000
1 Port Multichannel T3 Enhanced Capability JP
Telco
5 $17,500 $ 87,500
4 port multichannel T1 port adapter with
integrated CSU/DSUs
JP
Telco
2 $7,250 $14,500
ASA 5520 Appliance with SW, HA, 4GE+1FE,
3DES/AES
JP
Telco
2 $7,995 $15,990
ASA 5520 VPN Edition w/ 500 SSL User License, HA,
3DES/AES
JP
Telco
1 $37,995 $ 37,995
Cisco Catalyst 6503E, WS-SUP32-GE-3B, Fan Tray
(req. P/S)
JP
Telco
2 $13,000 $26,000
4000Watt AC Power Supply for US (cable attached) JP
Telco
2 $5,000 $10,000
Catalyst 6500 48-port 10/100/1000 w/Jumbo
Frame, RJ-45
JP
Telco
2 $7,000 $14,000
SMARTNET 8X5XNBD WS-C6503E-S32P-GE JP
Telco
2 $2,181 $ 4,362
SMARTNET 8X5XNBD ASA 5520 Appl w/ CSC JP
Telco
2 $1,427 $ 2,854

Team B
Consulting
P a g e | 22
SMARTNET 8X5XNBD 7206VXR, NPE-G1, VAM2+,
AC pwr, 512 sys
JP
Telco
2 $3,308 $ 6,616
SMARTNET 8X5XNBD 7206VXR, NPE-G2, VAM2+,
C7200-JC-PA, AC
JP
Telco
2 $3,308 $ 6,616
Total: $351,433

Team B
Consulting
P a g e | 23
Data Center
Building A Basement Infrastructure Design
Based on VMO’s RFP, building A’s basement has been allocated as the site for a new Data
Center. Construction on this project has yet to start, which provides VMO with the opportunity
to design the data center with power and cooling conservation in mind. Power and cooling is
very important when designing data centers. According to Michael Bell, at the Data Center
Power and Cooling Challenge seminar held at the Gardner IT Infrastructure, Operations and
Management Summit 2007, “By next year, about half the world’s data centers will be
functionally obsolete due to insufficient power and cooling capacity to meet the demands of
high-density equipment.” In addition, 93% of attendees said they will expand/upgrade, relocate
or renovate their facility to accommodate power and cooling needs over the next year.
We recommend VMO take in consideration the floor plan laid out on Figure 9 prior to
construction of the data center. The floor plan shows walls built around the data center to
reduce its size to 50ft by 50ft. We recommend size reduction of this room to concentrate
cooling and reduce the energy consumption needed to keep the room within the safe
temperature range. In addition, this may also reduce the power needed for lighting the data
center. We recommend this approach because we designed the data center architecture using
virtualization technology, which helps reduce the footprint needed for servers while providing
scalability.
Physical Security
Physical security is a concern at this location because building A hosts tenants on the rest of the
four floors above. To limit access to the IT infrastructure, we recommend a security desk be
placed after the stairway and elevators to serve as a checkpoint for individuals trying to gain
access to the data center and the Telco room. A storage room is also placed after the security
desk and outside the data center to allow the security personnel to sign for shipments destined
to the IT department, preventing the need for outside personnel to access the data center. We
also highly recommend that all three rooms be equipped with security doors and manageable
swipe cards to limit access based on the person’s individual role in the company.
Telco Room
The primary point of entry for all outside connections including T1 and T3 lines from the MPLS
WAN and fiber strands from the campus is the Telco Room adjacent to the data center. It
houses network equipment racks for the Core switches and routers. Power and cooling for the
Telco room should be extended from the data center to eliminate the need for extra power and
cooling equipments.

Team B
Consulting
P a g e | 24
Data Center
The Data Center houses two Dell PowerEdge Server Racks, a standalone AS/400 Mainframe, a
Patch Panel Rack, and two Switch Racks. We recommend using the Ortronics Cable
Management Rack to hold the patch panels and network equipment. These Ortronics racks can
bolted on the basement floor for security and stability. Each Server Rack and Switch Rack will
have two 24Amp Power Distribution Units (PDU) with a 24 outlet power strip to plug the servers
and network equipment into.
Power
To provide power to the PDUs, each rack will require a pair of 30Amp, 220V twistlock outlets
running on the conduit below the ceiling. We recommend running at least five pairs of 30Amp
outlets parallel to the switch racks and another five pair parallel to the server racks. Additional
three pairs of outlets should also be extended to the Telco Room to provide power to the Core
network equipments. This gives the rooms enough outlets with plenty of room for growth. All of
the power outlets should then be connected to a Network Power UPS System that can handle
the load and give enough battery power in an event of a power failure. We recommend using
the Liebert NXL model for this purpose.
Cooling
To keep the servers and network equipment cool, the data center will need a cooling system
that will provide cool air strategically around the racks to dissipate the heat coming from the
equipments. The vents should also be extended to the Telco room to protect the core network
equipment. We recommend using the Liebert Deluxe System /3 Precision Cooling System for
this purpose.

Team B
Consulting
P a g e | 25
Figure 9 - Building A Basement Floor Plan

Team B
Consulting
P a g e | 26
Cabling
Cable management plays a big part when it comes to network troubleshooting. Trying to trace a
cable that runs 25 feet across the room bundled with a bunch of other cables can be
challenging. To help minimize this problem, we designed the data center and telco room with
rack-to-rack Cat6 patch connections. Each server rack will have two patch panels on top that will
run through a ladder rack below the ceiling to a corresponding patch panel on the patch rack
next to the switch racks. Another two patch panels from the patch panel rack will directly
connect to the core racks in the Telco room to provide any Cat6 connectivity needs between the
rooms. About ten Cat6 horizontal cable drops will be needed to connect the admin stations on
the far end of the data center to the patch panel rack. Another two Cat6 cables will connect
directly from the AS/400 Mainframe to each of the server access switches. This design should
limit the need for patch cables longer than 7ft when connecting between nodes, which will
simplify cable management. Finally, four multimode fibers will be will be ran from the switch
racks in the data center to the core racks in the Telco room.
Data Center Architecture Design
The data center diagram (Figure 10) shows a group of physical Windows servers, a set of
clustered ESX Hosts with virtual switches, iSCSI SAN arrays, an iSCSI Tape Library, and an AS/400
Mainframe connected on two access layer switches which are setup to forward Layer 2 traffic
between each other through redundant links. The access layer switches are then redundantly
connected to two Layer 3 switches on a loop-free U design, which will handle the Layer 3 traffic
for the Virtual LANs (VLANs). In this loop-free U design, a VLAN is configured on each access
switch and on the 802.1Q inter-switch link between access switches and its corresponding
802.1Q uplink, but it is not extended between aggregation switches; thereby avoiding a looped
topology. All four switches are setup with Rapid PVST+, which provides fast Spanning Tree
convergence, even if no port is in blocking state for loop prevention. The diagram also shows
two access layer DMZ switches connected to the clustered ESX hosts to provide virtual machines
for the DMZ.

Team B
Consulting
P a g e | 27
Figure 10 - Data Center Architecture
The design comprises the Aggregation and Access layers, and provides the following:
• Consolidated Server Infrastructure
• Multiple Uplink options
• Network services (security, load balancing)
• High performance multi-layer switching
• Scalable modular design
There are three key components on this design that makes this architecture simple to deploy
and manage, as well as provide full redundancy and scalability: virtualization, iSCSI, and VLANs.

Team B
Consulting
P a g e | 28
Virtualization
One way to simplify management is to reduce the number of servers. To do this, virtualization
will be used to consolidate the number of servers in the data center.
Why should you virtualize your environment?
Virtualization essentially lets one computer do the job of multiple computers, by sharing the
resources of a single computer across multiple environments. Virtual servers let you host
multiple operating systems and multiple applications locally and in remote locations, freeing you
from physical and geographical limitations. In addition to energy savings and lower capital
expenses due to more efficient use of your hardware resources, you get high availability of
resources, better management, increased security, and improved disaster recovery processes
when you build a virtual infrastructure.
We’ve determined that VMware Infrastructure Enterprise is the best choice for virtualization
because of their proven advanced technology. VMware Infrastructure typically supports double
or more the number of concurrently running virtual machines on the same hardware as do
competing products from Microsoft or Xen. VMware also delivers centralized management and
resource optimization of all virtual machines with highest levels of simplicity, efficiency, security,
and reliability required by IT through the VMware Virtual Center Finally, VMware offers Site
Recovery Manager which integrates tightly with VMware Infrastructure, VMware Virtual Center,
and storage replication software to make failover and recovery rapid, reliable, affordable and
manageable.
iSCSI SAN
Another way to simplify management is to build one network infrastructure to handle
communication between all access layer nodes. Our recommendation is to use pure IP based
infrastructure. Instead of building a second fiber infrastructure to provide a shared storage
solution, a more cost effective approach is to use utilize the Internet SCSI (iSCSI) protocol for
communication between the servers, the Storage Area Network (SAN), and the Tape Library.
The iSCSI SAN is the primary component of this design which drives this architecture’s
functionality. To handle the job, we’ve selected the Dell EqualLogic PS series arrays because of
their affordability, ease of use, performance, reliability, and scalability. From the box through its
simple graphical user interface, the Dell EqualLogic SAN can be configured and be up and
running in minutes. This array comes with dual storage controller with three active Gigabit
Ethernet uplinks and 3 standby uplinks, which makes it highly reliable. In addition, the array

Team B
Consulting
P a g e | 29
features a modular design which allows growth when needed while increasing overall
performance.
VLANs
Different virtual machines in a single host may need to access different virtual networks. This
means different network traffic will need to be segregated inside a single host with a limited
number of network cards. The preferred way to achieve this is through Virtual Switch Tagging
(VST). VST permits the vSwitch to tag all egress traffic and to remove the tags from all ingress
traffic. It works hand-in-hand with VMware’s port grouping to isolate the networks from each
other. Figure 11 shows the Production NICs connected to a trunk port on the switch. Multiple
VLANs can be tagged within a single virtual switch. This diagram also shows how the virtual
machines are connected to different virtual switches to separate traffic between different
networks to increase performance and security on the virtual machines.
Virtual Network Connections
On every ESX host (PowerEdge R805), there is a built-in four port Gigabit Ethernet network card.
A second four port Gigabit Ethernet network card will be needed to provide a total of eight
Gigabit Ethernet connections. The simplest design with VMware consists in spreading the
physical NICs of the ESX Server to two access layer switches, and splitting the NICs for different
types of traffic. With this design, the physical NICs are part of an ESX NIC teaming configuration
except for iSCSI MPIO connections. The four Gigabit Ethernet ports from the built in network
card are labeled vmnic1-4 and the other four additional Gigabit Ethernet ports from the second
card are labeled vmnic5-8. Vmnic1 and vmnic5 will each be configured for as a trunk with to
allow multiple production VLANs access to the different virtual machines. Vmnic2 and vmnic6
will be used strictly for the Service Console and VMkernel for network management and
VMotion. Vmnic3 and vmnic7 will connect to separate virtual switches to handle direct iSCSI
connections from the virtual machines to the iSCSI SAN with multiple I/O paths. Vmnic4 and 8
will each connect to separate DMZ switches isolated from the rest of the internal networks for
publicly accessible web servers. By following this approach, all vmnics are used, connectivity is
fully redundant, iSCSI connections are at optimum performance, and management traffic is
secured.

Team B
Consulting
P a g e | 30
Figure 11 - ESX Server Network Connectivity
Virtual Machine Types
There are three different types of virtual machines on this architecture; a virtual machine
connected to production network only, a virtual machine connected to DMZ only, and a virtual
machine connected to both production and direct iSCSI connection to the SAN. An example of a
virtual machine connected to production network only is a Domain Controller. It does not need
to be connected to the iSCSI network and it should not be connected to the DMZ. An example of
a virtual machine connected to the DMZ network only is a Public Web Server. It should only be
accessible from the DMZ network and should not be connected to the internal production
network. An example of a virtual machine connected to both production and iSCSI network is an
Exchange Email Server or an SQL Database Server. It needs to be accessible from the production
network for user access and it connects directly to the iSCSI SAN for high-speed transactions.

Team B
Consulting
P a g e | 31
iSCSI Network
VLAN tagging also works well when isolating the iSCSI network for optimal performance of the
iSCSI SAN. One way to isolate iSCSI traffic is connect all the iSCSI NICs to a separate switch. A
better way is to use 802.1q VLAN tagging mechanism. Figure 13 shows the logical representation
of the isolated iSCSI network connections to the rest of the production network. As you can see,
physical servers that need direct connection to the iSCSI SAN storage and iSCSI tape library are
the only nodes connected to the iSCSI network.
Figure 13 - Access Layer Logical Diagram

Team B
Consulting
P a g e | 32
Data Center Server Farm
There are two Server Racks in the Data Center next to the AS/400 Mainframe. Figure 14 shows
the physical layout of the Sever Rack 1 and Figure 15 shows Sever Rack 2
PORTS 1-2 4 2 42 0161284 PORTS 25 -48 48444 03 63228
ASYNC 1 ASYNC 2
A1
A2
CONSOLE POWER
CONSOLE
STATUS
BASE- TX
VG 248
10/ 100
L INK
100
RX
TX
Figure 14 - Server Rack 1 Physical Layout
The first rack, “Server Rack 1” consists of; four ESX Hosts, two physical Windows Servers, three
Cisco MCS Servers, and a Cisco Universal Gateway. The first four servers from the bottom will be
used as ESX hosts for the virtual machines. We’ve determined that the Dell PowerEdge R805) is
the most cost effective server to use for the virtual environment. The three main features of this
particular server, which makes it the ideal server for virtualization, are the dual quad core
processor, memory support of up to 128GB, and the integrated four port Gigabit Ethernet with
iSCSI TOE Network Card. We recommend purchasing 64GB (16 X 4GB) of memory for each ESX
Host to handle about 8 or more virtual machine depending on their load. Additional memory
can be purchased later as needed. As we mentioned before, an additional four port Gigabit
Ethernet network card for each host is needed to satisfy your environment.

Team B
Consulting
P a g e | 33
Above the ESX hosts are two Dell Power Edge 1950 III servers for VMware Virtual Center Server
and the Active Directory Root Domain Controller. The first low cost 1U PowerEdge server is
needed to be configured as the first Domain Controller in your environment. In addition to
Active Directory database functions, it will provide Domain Name Service (DNS) for name
resolutions and Network Time Protocol (NTP) service. The ESX Hosts will rely on this Domain
Controller for name resolution, security permissions, and time synchronization.
The second 1U PowerEdge server will be used to install the first VMware Virtual Center (see
Appendix B for details). This server will manage the ESX Hosts and Virtual Machines (VMs) for
High Availability (HA) and Distributed Resource Services (DRS). We highly recommend this
Virtual Center Server to be installed outside the virtual space. Additional Domain Controllers and
a backup Virtual Center can be added in the virtual environment for redundancy later.
PowerEdge 2950 III (Backup Server)
®
EqualLogic PS5000E (iSCSI SAN)
®
EqualLogic PS5000XV (iSCSI SAN)
Overland NEO 4100
Server Rack 2
To Patch Rack
6x Cat6 Patch
48x Cat6 to
Switch Rack
9x Cat6 Patch
Figure 15 - Server Rack 2 Physical Layout

Team B
Consulting
P a g e | 34
The second rack, “Server Rack 2,” consists of; two Dell EqualLogic iSCSI SAN arrays, a Tape
Library, and a physical Windows Backup Server. The iSCSI SAN arrays on the bottom of the rack
are Dell EqualLogic PS5000E and Dell EqaulLogic PS5000XV). We recommend using two different
array configurations to handle different types of data. The PS5000E array will be configured
with 16 x 750GB 7200RPM SATA drives for a total raw capacity of 12TB. This array will be used
more for capacity needs than performance. This array is will be used for non I/O intensive
applications like the Operating System (OS) and Application partitions of the virtual machines. It
can also be used for after hour disk-to-disk backups and other non-mission critical applications.
This array can also serve as a temporary storage to migrate data to in order to install firmware
upgrades on the primary SAN array, which eliminates downtime on production servers. The
PS5000XV array will be configured with 15 x 450GB 15K RPM SAS drives for a total of 7.2TB raw
capacity. This array has less total capacity but provides high performance. This array will be used
for I/O intensive applications like SQL Databases and Exchange Email Databases.
Above the SAN arrays is the Overland NEO 4100 Tape Library. We highly recommend this
particular tape library because of its modular scalability. It can be configured with up to four LTO
drives and it can hold up to 60 LTO media. It can also be configured with up to four iSCSI GEO
network cards each with dual Gigabit Ethernet connections. We priced out this environment to
start with two drives and two GEO cards and 60 LTO 4 media). This library can hold up to 96TB
capacity, which will satisfy one-month data retention policy for more than 3TB of backup data.
We recommend using the Grandfather-father-child tape retention cycle to extend your backup
data retention to more than one month.
Connected to the tape library via iSCSI network connection is the backup server above it. The
backup server is a Dell PowerEdge 2950 III. The server has Dual Core processors, 8GB memory,
and 8 x 146GB hard drives. Although the extra local hard drives are optional, we recommend
purchasing them to serve as temporary storage for data restores. This backup server is also
equipped with six Gigabit Ethernet connections. The first two Gigabit Ethernet ports will be used
to backup servers in the production network. The other four Gigabit Ethernet ports will be used
to backup data from direct iSCSI attached volumes on the SAN. Using four Gigabit Ethernet ports
for iSCSI communication will provide full 4Gbs throughput to the LTO drives connected to the
GEO network cards. This should minimize the amount it of time it takes to backup your data.
This backup server will run Windows Server 2008, VMware Consolidated Backup, and Symantec
Backup Exec 12.5. We recommend using Symantec Backup Exec 12.5 as the backup software
because it provides an agent for backing up unlimited number of virtual machines on an ESX
host which utilizes the VMware Consolidated Backup software to offload processing from the

Team B
Consulting
P a g e | 35
ESX hosts, and it provides a granular recovery technology for critical applications, including
Exchange, Active Directory, Sharepoint, and SQL server.
Finally, all of the physical servers on this architecture will be equipped with a Remote
Management card to allow administrators manage the servers remotely. This eliminates the
need for a KVM on the racks but requires one Ethernet connection on the production network.
Data Center Network Devices
There are three network equipment racks across from the server racks in the data center (Figure
16) and two core racks in the Telco room (Figure 17). These two diagrams show how the
network equipments are physically connected to each other.
In this environment, we recommend using two Cisco 6506-E switches for the server farm access
layer connectivity. These switches will have identical configurations consisting of; Supervisor 720
with 2 ports 10GbE and MSFC3 PFC3C, two 48-port RJ-45 10/100/1000 fabric enabled modules,
an C6K 8 port 10 Gigabit Ethernet module with DFC3C, four X2-10GB-SR 10GBASE-SR X2
modules, and dual 3000W power supplies. All of the connections to Production and iSCSI
networks for Windows Servers, ESX hosts, SAN arrays, AS/400 Mainframe, and the Tape Library
will be evenly distributed between the two Access Layer switches connected to the 48-port RJ-
45 10/100/1000 fabric enabled modules. The two available 10GbE ports on each of the
Supervisor module will be populated with the X2-10GB-SR 10GBASE-SR X2 module. These two
X2 modules will connect via multimode fiber between the two switches to forward Layer 2
traffic and provide redundant connections. The C6K 8 port 10 Gigabit Ethernet module will be
populated with the remaining two X2-10GB-SR 10GBASE-SR X2 modules which will connect via
multimode fiber to the X2 modules on the supervisor module in each of the Cisco 6509-E switch
in the Telco Room to serve as uplinks to the core switches.

Team B
Consulting
P a g e | 36
1
2
3
4
5
6
FAN
STATUS
Power Supply 1 Power Supply 2
Catalyst 6500 SERIES
1
2
3
4
5
6
FAN
STATUS
Catalyst 6500SERIES
200-240 V
23 A
60/50 Hz
INPUT
OK
FAN
OK
OUTPUT
FAIL
RU
NINS
TA
LL
S TATUS PHO NE
WS-X6548-GE -TX 4 7
4 8
3 7
3 8
3 5
36
2 5
26
2 3
2 4
1 3
1 4
11
1 2
1
2
48 P O R T
12119 107 85 63 41 2 242321 2219 2017 1815 1613 14 363533 3431 3229 3027 2825 26 484745 4643 4441 4239 4037 38
10 /1 00 /1 00 0 BASE-T
ETHERNET
SWITCHING MODULE
200-240 V
23 A
60/50 Hz
INPUT
OK
FAN
OK
OUTPUT
FAIL
RU
NINS
TA
LL
200-240 V
23 A
60/50 Hz
INPUT
OK
FAN
OK
OUTPUT
FAIL
RU
NINS
TA
LL
S TATUS PHO NE
WS-X6548-GE -TX 4 7
4 8
3 7
3 8
3 5
36
2 5
26
2 3
2 4
1 3
1 4
11
1 2
1
2
48 P O R T
12119 107 85 63 41 2 242321 2219 2017 1815 1613 14 363533 3431 3229 3027 2825 26 484745 4643 4441 4239 4037 38
10 /1 00 /1 00 0 BASE-T
ETHERNET
SWITCHING MODULE
200-240 V
23 A
60/50 Hz
INPUT
OK
FAN
OK
OUTPUT
FAIL
RU
NINS
TA
LL
STA TUS
PHO NE
WS-X 6548-GE-TX
4 7
4 8
3 73835
3 6
25
2 6
232
4
13
14
1 1
12
1
2
48 P O R T
12
11
9
10
7
8
5
6
3
4
1
2
24
23
21
22
19
20
17
18
15
16
13
14
36
35
33
34
31
32
29
30
27
28
25
26
48
47
45
46
43
44
41
42
39
40
37
38
10 /1 00 /100 0 BASE-T
ETHERNET
SWITCHING MODUL E
S TATUS PHO NE
WS-X6548-GE -TX
4 7
4 8
3 7
3 8
3 5
36
2 5
26
2 3
2 4
1 3
1 4
11
1 2
1
2
48 P O R T
12119 107 85 63 41 2 242321 2219 2017 1815 1613 14 363533 3431 3229 3027 2825 26 484745 4643 4441 4239 4037 38
10 /1 00 /1 00 0 BASE-T
ETHERNET
SWITCHING MODULE
STATUS
PHONE
W S-X6548-RJ-45
47
48
45
46
43
44
41
42
39
40
37
38
35
36
33
34
31
32
29
30
27
28
25
26
23
24
21
22
19
20
17
18
15
16
13
14
11
12
9
10
7
8
5
6
1
2
3
4
37 38 39 40 41 42 43 44 45 46 4847363533 3431 3229 3027 2825 26242321 2219 2017 1815 1613 1412119 107 85 63 41 2
STATUS
PHONE
W S-X6548-RJ-45
47
48
45
46
43
44
41
42
39
40
37
38
35
36
33
34
31
32
29
30
27
28
25
26
23
24
21
22
19
20
17
18
15
16
13
14
11
12
9
10
7
8
5
6
1
2
3
4
37 38 39 40 41 42 43 44 45 46 4847363533 3431 3229 3027 2825 26242321 2219 2017 1815 1613 1412119 107 85 63 41 2
Figure 16 - Data Center Physical Network Layout
Higher up on the data center switch racks are two of Cisco 6503-E switches. These switches will
serve as the Access Layer for the servers connected to the DMZ network. As we mentioned in

Team B
Consulting
P a g e | 37
the ESX server network connectivity section, two network cards from each ESX hosts will
connect to these switches to provide the web servers DMZ connections. Each switch will be
connected to the DMZ port of two separate ASA 5550 in the Telco room via Cat6 patch
connection. The ASA 5550s will then be connected to the Cisco 7206VXR edge router for
internet connectivity to the DMZ. Two other Gigabit Ethernet ports on each of the ASA 5550 will
be connected via Cat6 connection to a 24 port Gigabit Ethernet module on each of the 6509-E
switch for internal Internet connections to the proxy servers.
Data Center Network Equipment Price List
WS-C6506-E (Catalyst 6500 Enhanced 6-slot
chassis,12RU,no PS, no Fan Tray)
JP Telco 2 $5,500 $11,000
VS-S720-10G-3C ( Cat 6500 Supervisor 720
with 2 ports 10GbE and MSFC3 PFC3C)
JP Telco 2 $38,000 $76,000
CF-ADAPTER-SP (SP adapter with compact
flash for SUP720)
JP Telco 2 $995 $1,990
X2-10GB-SR (10GBASE-SR X2 Module) JP Telco 8 $1,995 $15,960
WS-X6748-GE-TX (Cat6500 48-port
10/100/1000 GE Mod: fabric enabled, RJ-
45)
JP Telco 4 $15,000 $60,000
WS-C6506-E-FAN (Catalyst 6506-E Chassis
Fan Tray)
JP Telco 2 $495 $990
WS-CAC-3000W (Catalyst 6500 3000W AC
power supply)
JP Telco 4 $3,000 $12,000
CAB-AC-C6K-TWLK (Power Cord, 250Vac
16A, twist lock NEMA L6-20 plug, US)
JP Telco 4 $45 $180
WS-X6708-10GE (Cat6500 8 port 10 Gigabit
Ethernet module )
JP Telco 2 $37,500 $75,000
CON-SNT-V6506E72 (SMARTNET 8X5XNBD
VS-C6506E-S720-10G) Year 1
JP Telco 2 $5,513 $11,026
VS-C6506E-S720-10G) Year 2
JP Telco 2 $5,513 $11,026
VS-C6506E-S720-10G) Year 3
JP Telco 2 $5,513 $11,026
Total: $286,198

Team B
Consulting
P a g e | 38
The Cisco 6509-E core switches in the Telco room will be equipped with dual supervisors for
redundancy and a 16 port Gigabit Ethernet line card for singlemode fiber connections to
Building N, the Warehouse, and MPLS routers which will be evenly distributed to both switches.
FAN
STATUS
1
2
3
4
5
6
7
8
9
Catalyst 6500SERIES
200-240 V
23 A
60/50 Hz
INPUT
OK
FAN
OK
OUTPUT
FAIL
RU
NINS
TA
LL
200-240 V
23 A
60/50 Hz
INPUT
OK
FAN
OK
OUTPUT
FAIL
RU
NINS
TA
LL
FAN
STATUS
1
2
3
4
5
6
7
8
9
Catalyst 6500 SERIES
200-240 V
23 A
60/50 Hz
INPUT
OK
FAN
OK
OUTPUT
FAIL
RU
NINS
TA
LL
200-240 V
23 A
60/50 Hz
INPUT
OK
FAN
OK
OUTPUT
FAIL
RU
NINS
TA
LL
Cisco
7200 Series
VXR 0
2
4
6
1
3
5
Cisco
7200 Series
VXR 0
2
4
6
1
3
5
STA
TU
S
WS-X6816-GBIC
LI
NK
1 2
LI
NK
L
I NK
3 4
L
I NK
LI
NK
5 6
LI
NK
LI
NK
7 8
LI
NK
LI
NK
9 10
L
I NK
LI
NK
11 12
LI
NK
L
I NK
13 14
LI
NK
LI
N
K
15 16
LI
NK
3
4
1
2
5
6
7
8
9
10
11
12
13
14
1 5
1 6
STA
TUS
WS-X6816-GBIC
L
I NK
1 2
L
I NK
LI
NK
3 4
LI
NK
L
I NK
5 6
LI
NK
L
I NK
7 8
LI
NK
LI
NK
9 10
LI
NK
LI
N
K
11 12
LI
NK
LI
NK
13 14
L
I NK
LI
NK
15 16
LI
N
K
3
4
1
2
5
6
7
8
9
1 0
1 1
1 2
13
14
15
16
STATUS
WS-X6524- 100FX- MM
2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 241
LI NK LINK LINK LI NK LINK LINK LI NK LINK LINK LI NK LINK LINK LI NK LINK LINK L INK LINK LINK L INK LINK LINK L INK LINK LINK
24 PORT 100FX- MMF
STATUS
WS-X6524- 100FX- MM
2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 241
LI NK LINK LINK LI NK LINK LINK LI NK LINK LINK LI NK LINK LINK LI NK LINK LINK L INK LINK LINK L INK LINK LINK L INK LINK LINK
24 PORT 100FX- MMF
Figure 17 - Telco Core Rack Physical Layout

Team B
Consulting
P a g e | 39
Telco Room Core Network Equipment Price List
WS-C6509-E (Catalyst 6500 Enhanced 9-slot
chassis,15RU,no PS,no Fan Tray)
JP Telco 2 $9,500 $19,000
FR-IRC6 (Catalyst 6000 Family InterDomain
Routing Feature License)
JP Telco 2 $5,000 $10,000
VS-S720-10G-3C (Cat 6500 Supervisor 720 with 2
ports 10GbE and MSFC3 PFC3C)
JP Telco 2 $38,000 $76,000
VS-S720-10G-3C (Cat 6500 Supervisor 720 with 2
ports 10GbE and MSFC3 PFC3C)
JP Telco 2 $38,000 $76,000
WS-X6516A-GBIC (Catalyst 6500 16-port GigE
Mod, fabric-enabled)
JP Telco 2 $15,000 $30,000
WS-G5486 (1000BASE-LX/LH long haul GBIC
(singlemode or multimode))
JP Telco 16 $995 $15,920
WS-G5484 (1000BASE-SX Short Wavelength
GBIC (Multimode only))
JP Telco 4 $500 $2,000
WS-X6724-SFP (Catalyst 6500 24-port GigE Mod:
fabric-enabled)
JP Telco 2 $15,000 $30,000
GLC-T (1000BASE-T SFP) JP Telco 8 $395 $3,160
WS-C6509-E-FAN (Catalyst 6509-E Chassis Fan
Tray)
JP Telco 2 $495 $990
WS-CAC-3000W (Catalyst 6500 3000W AC power
supply)
JP Telco 4 $3,000 $12,000
CAB-AC-C6K-TWLK (Power Cord, 250Vac 16A,
twist lock NEMA L6-20 plug, US)
JP Telco 4 $45 $180
CON-SNT-V6509E72 (SMARTNET 8X5XNBD VS-
C6509E-S720-10G) Year 1
JP Telco 2 $6,825 $13,650
C6509E-S720-10G) Year 2
JP Telco 2 $6,825 $13,650
C6509E-S720-10G) Year 3
JP Telco 2 $6,825 $13,650
Total: $332,160

Team B
Consulting
P a g e | 40
Racks and Cabling Price List
Dell 4210 42U Rack with Doors and
Side Panels
Dell 3 $1,336 $4,008
Ortronics Mighty Mo 3 Cable
Management Rack, 6.5" x 8'
HomeNetworkGear 6 $821 $4,927
Tripp Lite 24 AC Outlet 15/20-Amp
Mountable Power Strip with
Locking Plug
TWAcomm 6 $93 $558
Cat6 Horizontal Drop (48 Port
Patch Panel to Patch Panel
Cabling)
JP Telco 120 $200 $24,000
Cat6 Horizontal Drop (Cat6 Cabling
from Data Center to Telco)
JP Telco 48 $200 $9,600
Cat6 Horizontal Drop (Cat6 Cabling
from Admin Stations to Patch
Rack)
JP Telco 6 $200 $1,200
Fiber Connections (6 MMF Strands
From Data Center to Telco Room)
JP Telco 1 $1,200 $1,200
Total: $45,493
Lincoln Server and Network Rack
The Lincoln site will serve a recovery site for VMO. The server rack houses a Dell EqulLogic
PS5000E SAN array, two ESX hosts, a Virtual Center Server, three Cisco MCS 7835-I2 servers, and
a Cisco AS5350XM (Figure 18). The EqualLogic iSCSI SAN array will be setup as a replication
partner for the SAN arrays in the Chicago headquarters. Critical virtual machine files and
database data will be replicated to this site through the MPLS network. To avoid network
congestion on the WAN during production hours, the replication will be scheduled after regular
business hours for the databases and during the weekend for the virtual machines files.
VMware’s Site Recovery Manager will be setup on the Virtual Center server in both Chicago and
Lincoln. This software will manage the automatic migration of virtual machines from Chicago to

Team B
Consulting
P a g e | 41
Lincoln and vice versa in an event of disaster. This disaster recovery solution will keep the critical
applications running until the site is fully recovered.
®
P ORTS 1- 24 2420161284 PORT S 25-48 484440363228
AS YNC1 A SY NC 2
A1
A2
CONS OLE POWE R
CONSOLE
S TATUS
B ASE -TX
VG 248
10/100
LINK
100
RX
TX
1
2
3
4
5
6
FAN
STATUS
Catalyst 6500SERIES
200-240 V
23 A
60/50 Hz
INPUT
OK
FAN
OK
OUTPUT
FAIL
RU
NINS
TA
LL
200-240 V
23 A
60/50 Hz
INPUT
OK
FAN
OK
OUTPUT
FAIL
RU
NINS
TA
LL
W S-X6 72 4-SFP
2 4 PORTGIGABITETHERNETSFP
STATUS
1 2 3 4 21 2 2 2 3 241 7 18 1 9 2013 14 15 1 69 10 11 1 25 6 7 8
Figure 18 - Lincoln Servers and Network Physical Layout

Team B
Consulting
P a g e | 42
ESX and iSCSI SAN Architecture
To understand how virtualization and the iSCSI SAN will benefit the company in terms of storage
and server deployment, we put together a short explanation on how they will work hand-in-
hand in your environment. Figure 19 shows an overview of how the VMware ESX Hosts
communicates with the iSCSI SAN arrays.
Figure 19 - ESX hosts and iSCSI SAN Storage Overview
You can see on this diagram how the two iSCSI SAN arrays are pooled together but store
different types of data. A volume is carved out on the PS5000E array and presented as a
VMDatastore to the ESX hosts. Each ESX host will logon to this array and connect to the volume
via the ESX iSCSI initiator through the IP network. The volume will be formatted with VMFS
partition where the .vmdk (virtual disk) files for the Operating Systems (OS) and Applications will
be stored for multiple virtual machines. Since the virtual machine files are stored on a shared
storage, virtual machines can easily migrate from one ESX host to another without any
interruption in an event of physical host failure. This feature is called VMotion.

Team B
Consulting
P a g e | 43
Another volume can be carved out of the PS5000XV array which has much faster drives to be
used for I/O intensive applications. The Microsoft Windows virtual machine can use the
Microsoft iSCSI initiator to logon to the array and connect to the volume. The new volume will
then be presented to the Windows operating system and formatted with NTFS partition where
the data for databases and logs will be stored.
A special feature of these particular Dell EqualLogic iSCSI SAN arrays is their ability to move
volumes between arrays without any interruption. This feature comes in very handy when
performing maintenance on the arrays. In terms of security, access to the volumes can be
secured via CHAP authentication or IP Address access list.
Virtual Machine Deployment
Simple and rapid deployment of virtual machines on VMware Infrastructure is made possible by
the use templates. Templates are virtual machines that were loaded with an Operating System
through the traditional installation and converted to a template. Several templates can be
created with different parameters based on their resource needs. On this environment we
recommend creating at least three templates (High Performance, Moderate Performance, and
Low Performance). More can be created later as needed. The following configurations will be
used for the initial three templates:
A. High Performance Virtual Machine - this virtual machine be loaded with 64bit Windows
Server 2008, granted with 4 virtual CPU, 8 Gigabytes of RAM, 4 virtual NICs, 50GB HDD
for the Operating System partition, and 20GB for the applications partition.
B. Moderate Performance Virtual Machine - this virtual machine be loaded with 64bit
Windows Server 2008, granted with 2 virtual CPU, 4 Gigabytes of RAM, 2 virtual NICs,
50GB HDD for the Operating System partition, and 20GB for the applications partition.
C. Low Performance Virtual Machine - this virtual machine be loaded with 64bit Windows
Server 2008, granted with 1 virtual CPU, 2 Gigabytes of RAM, 1 virtual NICs, 50GB HDD
for the Operating System partition, and 20GB for the applications partition.
These templates will shrink the time of deployment for your new Windows server environment
on the following sections.

Team B
Consulting
P a g e | 44
Servers, Storage, and Tape Library Price List
PowerEdge R805 (2x Quad Core AMD
Opteron™ 2360SE, 105W, 2.5GHz, 1Ghz
HyperTransport with 3 Year ProSupport for
IT and Mission Critical 4HR 7x24 Onsite
Pack)
Dell 6 $11,828 $70,968
PowerEdge 2950 III (Quad Core Intel®
Xeon® L5410,2x6MB Cache,2.33GHz,
1333MHz FSB, ES with 3 Year ProSupport
for IT and Mission Critical 4HR 7x24 Onsite
Pack)
Dell 1 $8,423 $8,423
PowerEdge 1950 III (Quad Core Intel®
Xeon® L5410, 2x6MB Cache, 2.33GHz,
1333MHz FSB with 3 Year ProSupport for IT
and Mission Critical 4HR 7x24 Onsite Pack)
Dell 3 $5,032 $15,096
SubTotal: $94,487
PS5000E (DELL EQUALLOGIC PS5000E, 12TB
CAPACITY, 16 X 750GB 7.2K SATA, DUAL
CONTROLLER with 1 year warranty and
support
Softchoice 2 $40,888 $81,775
PS5000EXV (DELL EQUALLOGIC PS5000XV,
7.2TB CAPACITY, 16 X 450GB 15K SAS, DUAL
CONTROLLER with 1 year warranty and
support
Softchoice 1 $42,371 $42,371
EQUALLOGIC EQL CCP 4HR,PS50-
3X,APOS,FULL, 1YR HW Warranty
(PROMOTIONAL)
Softchoice 6 $2,778 $16,666
DELL CTO EQL ADV TECH SPT,PS50-
3X,APOS, 1YR - 11/12/2008 - 11/11/2009
HW Warranty (PROMOTIONAL)
Softchoice 6 $959 $5,751
SubTotal: $146,563
Neo 4100 (Overland Storage Neo 4100 -
Tape library - 48 TB / 96 TB with Limited
warranty - 1 year - response time: next
Softchoice 1 $22,483 $22,483

Team B
Consulting
P a g e | 45
business day)
LTO Ultrium Drive (Quantum - Tape library
drive module - LTO Ultrium ( 800 GB / 1.6
TB ) with Limited warranty - 1 year -
response time: next business day)
Softchoice 2 $6,028 $12,057
GEO iSCSI Card (Overland V.I.A. GEO Card -
Network adapter - EN, Fast EN, Gigabit EN
with Limited warranty - 1 year - response
time: next business day)
Softchoice 2 $3,847 $7,695
Tape Media (Quantum - LTO Ultrium 4 - 800
GB / 1.6 TB )
Softchoice 60 $87 $5,245
SubTotal: $47,479
Total: $288,529
Application Servers Design
According to VMO’s RFP, at minimum, three new applications will need to be deployed; the New
Inventory Management Database, File and Print, and Office productivity software including
Outlook e-mail. We recommend using Microsoft SQL Server, Microsoft Sharepoint Server, and
Microsoft Exchange 2007 to handle these requirements.
Inventory Management
Our recommendation is to store the new Inventory Management database on a 64bit Microsoft
SQL Server 2008 Enterprise. We’ve selected Microsoft SQL Server 2008 Enterprise to handle
your database because it provides a comprehensive data platform that can grow with your
business. SQL Server 2008 is packed with technologies to scale-up individual servers and scale-
out very large databases It also offers security feature enhancements that help provide effective
management of security feature configuration, strong authentication and access control,
powerful encryption and key management capabilities, and enhanced auditing.

Team B
Consulting
P a g e | 46
Figure 20 - Inventory Management Architecture
A virtual machine will be deployed from the “High Performance” virtual machine template to
make sure that the application gets enough resources to handle the load. Two separate volumes
will be carved out of the PS5000XV array and presented to the operating system; 250GB HDD for
Database Data, and 50GB for Transaction Logs. An identical configuration will also be configured
for Microsoft SQL Database Mirroring. Database Mirroring is a SQL Server 2008 technology for
increasing database availability. Database mirroring transfers transaction log records directly
from one server to another and can quickly failover to the standby server. Symantec Backup
Exec agent for Microsoft SQL will be configured to backup the databases and commit the
transaction logs every night.

Team B
Consulting
P a g e | 47
The SQL Server 2008 Enterprise will be licensed with a one processor license which allows
unlimited number of client connections. A processor license is based on the number of sockets.
Therefore, in a four core processor like the Dell PowerEdge R805, the SQL Server Processor
License is applicable to four cores. In the case of virtualization, each virtual processor is equal to
one core. Therefore, granting the Windows 2008 Server with four virtual processors will satisfy
the SQL Server processor license. The database mirroring server will not need a license because
no queries are being executed against it.
A third virtual machine will be deployed from the “Moderate Performance” template to run the
new Inventory Management application. It is always a best practice to separate the application
from the database server for performance, security, and management purposes. The inventory
Management application will then be linked to the SQL Servers.
Finally, two web servers will be deployed using the “Low Performance” virtual machine
template. These servers will be identical in terms of their web contents loaded with IIS 7.0 and
the Inventory Management Web Interface. Client requests destined to the Inventory
Management site will be balanced between the two servers through the Microsoft Network
Load Balancing feature.

Team B
Consulting
P a g e | 48
Sharepoint
We highly recommend using Microsoft Office Sharepoint Server 2007 instead of the traditional
file sharing because of its tight integration with other Office products and Exchange 2007 Mail
System. Microsoft Office SharePoint Server 2007 provides a single, integrated location where
employees can efficiently collaborate with team members, find organizational resources,
manage content and workflow, and leverage business insight to make better-informed
decisions.
Figure 21 - Sharepoint Server Architecture
Figure 21 shows a very similar architecture as the Inventory Management for the Microsoft
Office Sharepoint Server 2007. It will use the same SQL Server 2008 Database configuration as
the database server used by the Inventory Manager. The Sharepoint application will also be
installed on a separate “Moderate Performance” server and connect to the database. Any client
request will be load balanced between the two front-end web servers. The differences of this
architecture from the Inventory Management are elementary; multiple Sharepoint application

Team B
Consulting
P a g e | 49
servers are used for different functions of Sharepoint, and the front-end web servers will be
public facing connected to the DMZ network. These servers will need to be setup with 128bit
SSL encryption to encrypt the data being passed through the Internet.
Email System
Microsoft Exchange 2007 is the best choice to integrate the Office products and Sharepoint
services with email collaboration. Its 64bit platform makes it the perfect email system to run on
top of the 64bit Windows Server 2008. It comes with built-in defenses against spam and
phishing e-mail as well as additional integrated filtering and multi-engine scanning capabilities
to provide advanced protection. In terms of performance, improved storage efficiency can be
achieved through the extended memory and larger cache of x64-based architecture even as
mailbox sizes increase; more efficient routing ensures the best use of bandwidth.
Figure 22 shows the architecture of the entire Exchange 2007 environment for VMO. Mailbox
storage for all of VMO’s staff will be distributed across four Storage Groups. Two “High
Performance” virtual machines will be deployed with Mailbox Server role to evenly manage the
storage groups. All databases data and logs will be stored in separate volumes in the PS5000XV
high performance iSCSI SAN. Symantec Backup Exec agent for Exchange will be configured to
backup the databases and commit the transaction logs every night.
Another two “Moderate Performance” virtual machines will be deployed to serve as the Hub
Transport server and Edge transport server. The Hub Transport server will handle routing of
internal email communications between servers as well as route incoming mail from the Edge
Transport to the its appropriate mailbox server. The Hub Transport will also manage outgoing
mail to the Internet. The Edge Transport server will be connected in the DMZ network to filter
email coming in from the internet to eliminate SPAMS and email viruses before they reach the
internal network.
Two other “Low Performance” servers will be deployed to take the Client Access server role.
These two servers are load balanced in the DMZ network with Microsoft Network Load
Balancing feature which will accept Outlook Web access and RPC over HTTPS client requests.
Like the Sharepoint front-end web servers, these servers will need to be setup with 128bit SSL
encryption to encrypt the data being passed through the Internet.

Team B
Consulting
P a g e | 50
Figure 22 - Microsoft Exchange 2007 Architecture

Team B
Consulting
P a g e | 51
Antivirus and Antispyware Protection
To protect VMO’s investments from viruses and spyware, we recommend Symantec Multi-tier
Protection be deployed to all workstations and servers. This comprehensive software will
safeguard enterprise assets including laptops, desktops, mobile devices, and mail servers. It
detects and blocks malicious software in real time, including viruses, worms, Trojans, spyware,
adware, bots, and rootkits.
Software Price List
Product Vendor Quantity Unit Price Ext Price
Microsoft® Exchange Server Enterprise
2007 Single OPEN Level C
Microsoft 6 $3,970 $23,820
Microsoft® Exchange Standard CAL 2007
Single OPEN Level C
Microsoft 1500 $67 $100,500
Microsoft® SQL Server Enterprise Edition
OPEN Level C 1 Processor License
Microsoft 2 $35,146 $70,292
Microsoft® Windows Server Std w/o Hyper-
V 2008 Sngl OPEN Level C
Microsoft 50 $682 $34,100
Microsoft® Office SharePoint Server 2007
Single OPEN Level C
Microsoft 2 $4,389 $8,778
Microsoft® Office SharePoint CAL 2007
Single OPEN Level C User CAL User CAL
Microsoft 1500 $93 $139,500
SubTotal: $376,990
VMware Infrastructure Enterprise for 2
processors + Gold (12x5) 3 Year Support
VMware 6 $8,830 $52,980
VMware VirtualCenter Server for VMware
Infrastructure + Gold (12x5) 3 Year Support
VMware 2 $7,670 $15,340
VMWare Site Recovery Manager for 1
processor + Platinum (24x7) 3 Year Support
VMware 2 $2,865 $5,730
SubTotal: $74,050
Symantec Backup Exec 12.5 with Additional
Essential 36 Months Support
Symantec 1 $107,464 $107,464
Symantec Multi-tier Protection 11.0 with Symantec 1 $60,800 $60,800

Team B
Consulting
P a g e | 52
Basic 12 Months Support
Additional Symantec Multi-tier Protection
Basic 12 Months Support
Symantec 2 $27,360 $54,720
SubTotal: $222,984
Verisign EVSecure Site Pro with EV Verisign 2 3,095 $6,190
SubTotal: $229,174
Total: $909,388
Virtual Machine List
Figure 23 is a list of virtual machines needed in the server environment. This shows the number
physical servers required to be purchased, deployed, and managed if virtualization will be
implemented. In addition, recovery of these servers will take a tremendous amount of time in
case of disaster. The energy it will take to power these servers will take approximately 21,130
watts and cooling power of 26,400 watts. With VMware virtualization these servers will only
take a combined power and cooling consumption of 6,419 watts which translate to annual
savings of around $35,000 – $40,000.

Team B
Consulting
P a g e | 53
Figure 23 - Virtual Machine List
Figure 24 shows a 3-year analysis for Vincent Music Outlets calculates the estimated total cost
of ownership (TCO) comparison between all physical server environment and implementing the
proposed VMware solution. Based upon the information provided for 50 server environment,
implementing VMware Infrastructure provides a potential direct savings of $ 1,456,405 and an
indirect savings of $177,684 over 3 years.

Team B
Consulting
P a g e | 54
Figure 24 - VMware TCO/ROI Calculation

Team B
Consulting
P a g e | 55
LAN
The Local Area Network (LAN) has been carefully designed with the following points in mind:
manageability, reliability, scalability, and security. In order to design a network with all these
points we have used, various proven enterprise models. We have chosen to go with a hybrid of
hierarchal and flat designs in order to accommodate the special situations of every autonomous
system.
Manageability
No matter how big or small a network system is they all need some type of system to monitor it.
For a big network, such as VMO network Management system it needs a sufficient and liable
system for monitoring its network. Network Management System is the best provider for this
type of service.
Monitoring software for VMO network Management system will be Solar Wind Orion. A pool of
engineers who specifically are professionals in the field of networking provides innovation to
today’s technology. They prove to the community of network users that when managing
network, there is no size to limit it. Overall, this company effectively emphasizes that there are
network managing for any size of networks. This company hosts millions of people with their
help through the variety of products. They provide an all-in-one package of the blueprints and
mechanism for the infrastructure of networking, at the same time effective solutions to
maintain the network.
We will be using Network Performance Monitor Version 9.0 software. It provides a detailed and
in-depth analysis of each device that builds up the infrastructure of the network. This software is
the investigator of any changes or problems that can occur. It is the best for simplifying the hard
work put into complex networks. NPM is build to manage all size networks. According to the
customers need, it can rapidly grow and expand. NPM is affordable, easy to use and well
maintained so you can spend less time on NPM software and have extended management
abilities to other software. NPM monitors and analyzes in-depth network performance metric
for all equipments, such as routers, switches, servers and other devices. Orion Application
Performance Monitor provides monitoring, alerting, and reporting the issues in applications and
servers. Some of the add-on modules used for VMO Network Management System are: Orion
NetFlow Traffic Analyzer, Orion VoIP Monitor, Application Performance monitor and Wireless
Network Monitor.

Team B
Consulting
P a g e | 56
Network Traffic analyzer is for monitoring traffic by capturing flow data from network device
like Cisco. There can always be problems with the usage of too much bandwidth for unrelated
purposes. Network Traffic Analyzer is basically controlling the traffic of wrong usage of
bandwidth which can be listening to music or just playing games. This program allows the
management to view the purposes the bandwidth is used for in a graphical data. It also allows
you to see the details of each purpose, such as what and who is hogging the bandwidth. In
addition, it allows you to shut down a particular purpose in order to control the traffic stream.
Orion VoIP Monitor overall analyzes the underlying monitor of VoIP. The software overall gives
historical trends for WAN and LAN bandwidth usage creates network traffic reports, monitors
quality of service (QoS) and isolates suspicious traffic. Voice over IP monitor can help arming you
with the necessary tools to troubleshoot voice quality of service issues. IP SLA system alerts you
to problems with the voice issues and it enables you to fix them as soon as the problem is
determined.
Application performance monitor digs into the network, application, and server monitoring data
to quickly determine the cause of problems in applications. It has a wide range of monitoring
servers and applications. This software is really efficient in figuring out problems within a huge
range of applications quicker.
Orion Wireless Network Monitor allows the network professionals to easily allow the access of
supportive wireless devices. It allows for monitor signal and strength. It records the history of
customers who roam from one access point to another. Furthermore, it provides recordings of
errors that involve in the connected wireless devices. Along with determining the faults, it also
includes performance management for wireless networks.

Team B
Consulting
P a g e | 57
Network Management Pricing:
Solar Wind Orion Software’s No of Licenses Amount
Network Performance Monitor
with 1 Year Maintenance and Support
500 $ 8,475
Network Traffic Analyzer with 1 Year
Maintenance and Support
500 $ 5,995
VoIP with 1 Year Maintenance and Support 500 $ 3,995
Application Performance Monitor with 1
Year Maintenance and Support
50 $ 2,995
Wireless with 1 Year Maintenance and
Support
Don’t Needed $ 2,495
All Software with 2 Year Extended
Maintenance and Support
Same Amount of
Licenses
$ 5,040
Total Amount $ 28,995

Team B
Consulting
P a g e | 58
In order to make the Corporate Locations manageable, the IP addresses have been logically
broken down in a hierarchal order to represent the location of each node. Seeing that there are
only four octets in an ipv4 address, we have decided to break the IP addressing as described by
Network ID:10
Private Class addressing in accordance with RFC1918.
Building ID:1-10
It is expected that no more than 60 building will be at
HQ at any given point.
Department ID:1-60
It is expected that no more than 60 groups are in a
building.
Node ID:1-254
In order to give the nodes the maximum possible
addressing, we have given nodes 254 IPs per
department. Should a Department need more node
address, they shall be assigned a Department ID
block.
Figure 25 – Building IP Schema

Team B
Consulting
P a g e | 59
Scalability
Scalability is crucial in an ever changing business environment. In order to accommodate for
change the network has been designed to grow as VMO's needs, without hampering the
organization. This is reflected in all areas of the LAN design.
Each building has been provided with surplus network connections to make room for the
projected staff growth. VMO will not be limited by its infrastructure when it comes to growth
and expansion. The layer three switches in the basement of building N, the main building at the
Chicago campus, has been thoroughly designed to accommodate for any and all changes for the
next three years.
Security
Security is a crucial part of any enterprise network. In order to keep VMO secure, all connections
to network devices, routing protocols and network nodes have been password protected with
the strictest standards. User traffic has also been isolated into separate collision domains and
filtered by access-lists. Though simple in nature these basic elements make the core of VMO’s
security, very secure. More advance network elements include dynamic ARP inspection for Man-
In-The-Middle attacks, DHCP snoopers to validate bindings, port security, and time-outs among
other things.
Reliability
Reliability is essential in every network, and we have built ours to be redundant from the very
beginning. All switches and routers are connected through stacking cables and redundant fiber
links to the core. We have worked extremely hard to eliminate single points of failure in order to
provide as much uptime as possible.
In order to create rapid convergence we will be implementing rapid spanning tree across the
access layer. All the ports where clients are connected to will be assigned as edge ports for
instant blocking and increase speed for convergence, while at the same time allowing for more
efficient redundancy.

Team B
Consulting
P a g e | 60
Building N - Chicago Headquarters
Overview
Since VMO has decided to consolidate their corporate campus, the new building N will be
hosting the majority of the workforce at the Chicago location. As a result, a robust and reliable
data and voice network will be needed to help business operations run smoothly. This will
include the purchase of new workstations, phones, networking equipment and wiring. Our goal
in designing the LAN was to provide a scalable, secure, and reliable network. To this end, we
have strived to eliminate any point of failure, as well as include as much room for expansion as
is economically feasible.
Building N LAN Proposal
V
Switch
V
Switch
IP
Administartion
Voice
Administration
Data
VLAN 2
Core
Switch
Core
Switch
VLANs
Building N
BasementCore
IP
Staff
Voice Staff Data
VLAN 7
IP
Managemnet
Voice Managemnet
Data
VLAN 6
IP
Operation
Voice
Operation
Data
VLAN 5
IP
Marketing
Voice
Marketing
Data
VLAN 4
IP
HR
Voice HR
Data
VLAN 3
Figure 26 - Building N Logical View

Team B
Consulting
P a g e | 61
Each floor will have two Catalyst 3750E-48PD-F and one Catalyst 3750E-24PD. This will offer 120
Power over Ethernet ports for all current and future staff to use. By daisy chaining the
computers through the phones, the cost of wiring was greatly reduced on each floor. Ports were
also saved allowing for two multipurpose network printers on each floor, as well as any other
additional networking devices deemed necessary by VMO. In addition all switches will be linked
together using Cisco’s Stackwise and Stackwise Plus technology; allowing the switches to act as
one logical unit. By implementing Stackwise, VMO is gaining adaptability, redundancy and
manageability among other benefits. Within each wiring closet will be an Uninterrupted Power
Supply (UPS) in order to keep the network operational in the event of a power failure.
Floors will be connected to the core switches in the basement via 4 multimode fiber
connections, two running to each 6506. This fiber interconnection will support speeds up to
10Gb/S, which is more than enough to facilitate current usage as well as meet any future
demands.
Building N will be connected to the campus WAN via the existing 8 single mode fiber. These fiber
links will terminate in two Catalyst 6500 switches located in the basement of Building A. We
have decided to use two switches in order to provide reliable service. If something were to
happen to one of the switches, traffic will be routed over the other in order to maintain service.
Logical Architecture
In order to provide for ease of management, all users have been grouped into VLAN according
to the department they are associated with. As an added benefit, VLANs grouping also provides
collision-based security. This means users cannot see the network traffic of other groups, but
will still be able to communicate.
To provide for scalability, the IP ranges and Phone Blocks were broken down based on the IP
scheme set forth in Figure 18 .Department have also been assigned two subnets to
accommodate for data and voice traffic. Data will travel on an odd department octets and Voice
shall travel in an even department octets to make management easier.
Phone Numbers, however will be distributed in an uneven proportion. This has been done to
preserve numbers and make efficient use of the numbers that are available. Administration and
HR will only receive an individual block as they are the minority. While in contrast, Marketing,
Operations, Management and Staff will receive two blocks to accommodate their sheer
numbers.

Team B
Consulting
P a g e | 62
VLAN Department IP Voice IP Data Phone Block
2 Administration 10.1.0.0/24 10.1.1.0/24 1-800-866-60xx
3 HR 10.1.2.0/24 10.1.3.0/24 1-800-866-61xx
4 Marketing 10.1.4.0/24 10.1.5.0/24 1-800-866-62xx
1-800-866-63xx
5 Operation 10.1.6.0/24 10.1.7.0/24 1-800-866-64xx
1-800-866-65xx
6 Management 10.1.8.0/24 10.1.9.0/24 1-800-866-66xx
1-800-866-67xx
7 Staff 10.1.10.0/24 10.1.11.0/24 1-800-866-68xx
1-800-866-69xx

Team B
Consulting
P a g e | 63
Telco Closet Equipment Break Down For Each Floor-
Cisco Catalyst 3750E Switch
WS-C3750E-48PD-SF
CDW 2 $15,330 $30,660
Cisco Catalyst 3750E Switch
WS-C3750E-24PD-E
CDW 1 $9,960 $9,960
Cisco Twingig Converter
Module
CVR-X2-SFP=
CDW 3 $140 $420
Cisco 1000BASE-T SFP
Transceiver Module
CDW 6 $312 $1,872
Cisco StackWise Plus –
stacking cable – 1.6 ft
CAB-STK-E-0.5M
CDW 4 $86 $344
CDW 2 Meter Multimode
Fiber Patch Cable
LCST625-02M-CDW
CDW 6 $23 $138
APC Smart-UPS 3000VA USB
& Serial RM 2U 120V
CDW 1 $1,190 $1,190
38U 2 Post Rack Rack Mount
Solutions
1 $190 $190
50 Pack 7” Cat5 Patch
Cables
CDW 4 $87 $348
Total: $45,122

Team B
Consulting
P a g e | 64
Wiring Break Down For Each Floor-
Cat 5e single wiring drop JP Telco 112 $100.00 $11,200.00
Six strands MMF to basement JP Telco 1 $1,200.00 $1,200.00
Total: $12,400.00
Telco Room Equipment Break Down –
Catalyst 6506 WS-6506-E JP Telco 2 $5,500 $11,000
Supervisor WS-SUP720-3B JP Telco 2 $28,000 $56,000
16 port Line Card
WS-X6516A-GBIC
JP Telco 2 $15,000 $30,000
8 port Line Card
WS-X6408A-GBIC
JP Telco 2 $9,995 $19,990
Fan Tray WS-C6506-E-FAN JP Telco 2 $495 $990
Power Supply
WS-CAC-3000W
JP Telco 4 $3,000 $12,000
Cisco GBIC 1000BASE-SX –
transceiver module
CDW 44 $372 $16,368
APC Smart-UPS 3000VA USB
& Serial RM 2U 120V
CDW 2 $1,190 $2,380
Fiber Patch Cable
LCST625-02M-CDW
CDW 44 $23.00 $1,012
38U 2-Post Rack Rack Mount
Solutions
2 $190 $380
Total: $150,120

Team B
Consulting
P a g e | 65
Building C –Warehouse
Overview
The goal for the warehouse was to offer a robust network solution that would increase
productivity for both the office and the warehouse staff. To this end, we have decided to
implement a wireless network coupled with hand held barcode scanners to allow workers
greater flexibility in reviewing and filling orders. The barcode scanners will increase efficiency, as
worker will no longer need to make round trips to print out new shipping lists after every order.
Orders can be viewed with the handheld scanner, and any merchandise scanned will be
automatically removed from the warehouse inventory. This will ensure that no orders are
missed or duplicated, and that the warehouse staff is able to work together in order to fill
orders as quickly and efficiently as possible.
Building C LAN Proposal
IP
V
V
Figure 27 – Warehouse Logical View

Team B
Consulting
P a g e | 66
The warehouse is connected to the data center via six stands of single mode fiber. However,
only four of these six will be used. The fiber connections will terminate into two 3750E-24PD
switches. This will provide 48 Power over Ethernet connections for the existing office workers
and any additional staff that may be added in the future. Extra connections are also available for
additional networking equipment, such as printers. Redundancy is achieved by using two
switches to link back to the core switches in the data center.
Wireless
Wireless access points will be placed throughout the warehouse to ensure that there is
adequate coverage. These wireless access points will also be thoroughly secured using WPA2
with TKIP and 256-bit AES encryption. Once connected users will need to be authenticated into
the network by server located in the Data Center. In order to prevent Wireless bleeding, all
wireless access points will be programmed to use only the required power to cover their area
and nothing more. In addition, antennas will be pointed in such way that they are focused inside
the warehouse and Access Points will not broadcast there SSIDs. Mac Filtering and leasing will
also be done on based on a predetermined file so as to ensure no ARP poisoning, DHCP
snooping or unauthorized access occurs within the Warehouse.
In order to better manage the wired and wireless network portions of the network, both have
been grouped into two different VLANs. Each VLAN consists of one CIDR 24 block for data and
one CIDR 24 for voice. VLAN 13 has been chosen to house the phone block 80xx as this offers
more than enough direct lines.
13 Warehouse LAN 10.1.12.0/24 10.1.13.0/24 1-800-866-80xx
14 Warehouse WLAN 10.1.15.0/24

Team B
Consulting
P a g e | 67
Warehouse Network Hardware Breakdown –
Cisco Catalyst 3750E
WS-C3750E-24PD-E
CDW 2 $9,960 $19,920
Module
CVR-X2-SFP=
CDW 2 $140 $280
Cisco 1000BASE-T SFP
Transceiver Module
CDW 4 $312 $1,248
Cisco StackWise Plus -
stacking cable - 1.6 ft
CAB-STK-E-0.5M
CDW 3 $86 $258
50 Pack 7” Cat5 Patch Cables CDW 2 $87 $174
Fiber Patch Cable
LCST625-02M-CDW
CDW 4 $23 $529
APC Smart-UPS 2200VA CDW 1 $1,000 $1,000
Solutions
1 $190 $190
Total: $23,599
Warehouse Wireless Asset Tracking –
Cisco Aironet 1242AG
AIR-AP1242AG-A-K9
CDW 2 $615 $1,230
Cisco Aironet Antenna
AIR-ANT2422DW-R
CDW 4 $24 $96
Symbol MC3000-K Barcode
Scanner
MC30X0SICP28H-00E
CDW 10 $1,560 $15,600
Total: $16,926

Team B
Consulting
P a g e | 68
Warehouse Cabling
Cat 5e single
wiring drop
JP Telco 32 $100 $3,200

Team B
Consulting
P a g e | 69
Nebraska Call Center
Overview
The Nebraska call center currently hosts 100 customer service representatives and twenty
managers. Due to the projected 40% growth across the board, this number will increase over
the course of the next three years. Keeping this in mind, the LAN has been designed to account
for extra growth.
Nebraska Call Center LAN Proposal
IP
IP
IP
IP
IP
V
V
Figure 28 - Nebraska Logical View
The call center will be connected the WAN via both an MPLS connection as well as a backup
connection of 2 point to point T1 lines to Chicago. These will terminate into the core switch
which has redundant supervisors and redundant power supplies providing the most redundancy
possible. The core switch will be connected via four gigabit fiber connections to the distribution
switches. This will provide an extremely robust link between the WAN and the warehouse LAN.
The central telco closet will house four Catalyst 3750E-48PD switches. This will provide a total of
192 Power over Ethernet ports, which should cover all current staff as well as any future
additions. The switches will be connected using stacking cables, allowing for easier
administration and updates. In addition, the Nebraska Call Center will have its own Gateway and
call gents for added redundancy, speed and convenience.

Team B
Consulting
P a g e | 70
At the present there are only 100 customer service representative, but VMO is expecting a 40%
increase within three years time. This means that there will be 140 customer representatives
after three years or roughly 35 customer service representatives per group. Since VMO has
divided its Customer Service Group into groups of four, the Nebraska Call Center has perhaps
the most complex IP addressing scheme.
Since first octet is for 10, the second octet is the location (in this case 2) and the third octet is
the department (4 groups in one department), some subnetting had to take place in order to
maintain consistency in the IP addressing scheme. Given that there are two subnets per group
(voice and data) and there are four Customer Service Groups, this created the need for four
different subnets from 10.2.0.0/24 and 10.2.1.0/24. To accommodate for the need we divided
each class C address into four blocks of 26. Resulting in the table below.
8 Customer Service
Group # 1
10.2.0.0/26 10.2.1.0/26 1-800-866-70xx
9 Customer Service
Group # 2
10.2.0.65/26 10.2.1.65/26 1-800-866-71xx
10 Customer Service
Group # 3
10.2.0.129/26 10.2.1.129/26 1-800-866-72xx
11 Customer Service
Group # 4
10.2.0.193/26 10.2.1.193/26 1-800-866-73xx
12 Managers 10.2.2.0/24 10.2.3.0/24 1-800-866-74xx

Team B
Consulting
P a g e | 71
Nebraska Call Center Hardware Breakdown-
Catalyst 6506
WS-C6506-E
JP Telco 1 $5,500 $5,500
Supervisor
WS-SUP720-3B
JP Telco 2 $28,000 $56,000
CF-ADAPTER-SP SP
adapter with compact
flash for SUP720
JP Telco 2 $995 $1,990
48-Port 10/100/1000
Ethernet Line Card
WS-X6148-GE-TX
JP Telco 1 $7,500 $7,500
8 port Line Card
WS-X6408A-GBIC
JP Telco 1 $9,995 $9,995
Module
CVR-X2-SFP=
CDW 4 $140 $560
Cisco GBIC 1000BASE-
SX - transceiver module
CDW 16 $312 $4,992
Power Supply
WS-CAC-3000W
JP Telco 2 $3,000 $6,000
Cisco Catalyst 3750E
Switch
WS-C3750E-48PD-SF
CDW 4 $15,330 $61,320
APC Smart-UPS 3000VA
USB & Serial RM 2U
120V
CDW 3 $1,190 $3,570
Cisco StackWise Plus -
stacking cable - 1.6 ft
CAB-STK-E-0.5M
CDW 5 $86 $430
50 Pack 7” Cat5 Patch
Cables
CDW 4 $87 $348
CDW 2 Meter
Multimode Fiber Patch
Cable
LCST625-02M-CDW
CDW 8 $24 $192
Solutions
1 $190 $190
Total: $158,587

Team B
Consulting
P a g e | 72
Nebraska Call Center Wiring-
Product Vendor Quantity Unit Per Price Ext. Price
CAT 5e Single Wiring Drop JP Telco 168 $100 $16,800
Total: $16,800

Team B
Consulting
P a g e | 73
Retail Locations
Overview
VMO currently has 110 retail locations around the United States. However, the number of retail
locations is expected to increase to 200 locations after the first year, and 300 locations after the
second year.
Retail Location LAN Proposal
IP
IP
IP
VV
Figure 29 – Small Retails Logical View
Because of the differences in available telecommunication options, the hardware at each retail
location may differ slightly. WAN connectivity will terminate in a router, which will then feed
into one Catalyst Express 500 24 port switch. We've chosen this particular switch because it's
multifunctional, with four Power over Ethernet ports for use with IP phones and two Gigabit
uplinks to connect to the Router. While we assume there will only be up to three workstations
and phones, the extra ports give the option of adding any other desired networking equipment,
such as printers or IP cameras.

Final

Recommended

Recommended

More Related Content

Viewers also liked

Viewers also liked (7)

Similar to Final

Similar to Final (20)

Final