Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.



Published on

Completed Networking Project


  1. 1. “ Establishing better technology today, for a better tomorrow” CNS-Capstone-Project Team Members Daniel Gonzalez, Mike Oilvieri, Chuck Wright, Carl Dopart, Fatih Bahsi, Nick Solano, Nick Szmyd, Byran D’Amario, John Savage
  2. 2. Group Member Roles <ul><li>Daniel Gonzalez - Project Manager </li></ul><ul><li>Mike Olivieri- Database, Phyisical Security </li></ul><ul><li>Chuck Wright - Network Design </li></ul><ul><li>Byran D’Amario – Backup/DRP </li></ul><ul><li>Nick Solano - Infrastructure Services/Devices </li></ul><ul><li>Nick Szmyd - Desktop/End-user Devices </li></ul><ul><li>Fatih Bahsi - Firewall Security </li></ul><ul><li>Carl Dopart - Purchaser </li></ul><ul><li>John Savage- VOIP option/ Devices </li></ul>
  3. 3. Case Statement <ul><li>The Five Doctors of HealthCare Partners decide to consolidate their businesses to leverage their investments and provide better service for their patients. </li></ul><ul><li>5 offices will be maintained, a central office and 4 other satellite offices. </li></ul><ul><li>All offices are using obsolete computers and equipment. (Dot matrix printers, Novell 4.5 server) </li></ul><ul><li>Modern medical software and office applications will require a complete update of systems, equipment, Servers, Database, Backup and OS </li></ul><ul><li>Growth is expected in the future. Any update will need to accommodate for this growth. </li></ul><ul><li>Security and Disaster Recovery is paramount, applying with HIPPA standards. A Backup location will be needed for any unforeseen breakdown in the network. </li></ul><ul><li>The scope of the network project is to design an infrastructure that connects to each office that will meet the requirements of integrity, storage and movement of related data; as well as supporting current office applications and maintain security, redundancy and operability. </li></ul>
  4. 4. Our Vendor Mission Statement <ul><li>Synergy Network Solutions (SNS) is called upon to design and implement a wide variety of network solutions, both Local and Wide Area Networks </li></ul><ul><li>Preservation of our clients revenue stream is paramount and a resilient network is key to ensuring minimal downtime in the event of an active network component failure </li></ul><ul><li>SNS considers itself a pro-active service provider preferring to fix the problem through initial design rather than react to network issues that could have been avoided at conception </li></ul><ul><li>SNS is an installation focused network integrator, offering both Cabling Infrastructure and Active Network Equipment installation </li></ul><ul><li>We are able to offer installation and configuration of active network equipment as either part of a current installation project or as a single service to compliment our client’s internal IT resource design or configuration. We are able to draw upon a broad spectrum of skills covering both corporate, commercial equipment and software </li></ul>
  5. 5. Request for Proposal Intro <ul><li>This RFP is to be present to HealthCare Partners with the necessary recommendations and steps to complete an estimated 2 week Network implementation project. </li></ul><ul><li>In following with the national TIA/EIA standards, proper equipment, safety protocols and an efficient schedule upon which oversight will be done. Constant documentation will be done once tasks are completed; as well as any changes, with the proper testing to ensure quality control. </li></ul><ul><li>Upon any interruption in the schedule the customer will be notified, and necessary updates to the lead time for completion will be done. </li></ul><ul><li>Payment will be done on a per job basis, and full payment upon inspection and completion approved. </li></ul>
  6. 6. National Standards <ul><li>TIA/EIA- 568B: Commercial Building Telecommunications Wiring Standard </li></ul><ul><li>TSB-36: Technical Systems Bulletin: Additional Cable Specifications for Unshielded Twisted-Pair Cables. </li></ul><ul><li>TSB-40: Technical Systems Bulletin: Additional Transmission Specifications for Unshielded Twisted-Pair Connecting Hardware. </li></ul><ul><li>TIA/EIA-569: Commercial Building Standard for Telecommunications Pathways and Spaces. </li></ul><ul><li>EIA-570: Residential and Light Commercial Telecommunications Wiring Standard. </li></ul><ul><li>EIA-606: The Administration Standard for the Telecommunications Infrastructure of Commercial Buildings. </li></ul>
  7. 7. HIPPA Standards Brief History <ul><li>The federal law entitled the Health Insurance Portability and Accountability Act of 1996, also known as &quot;HIPAA&quot;, mandates how a patient's health information is utilized. </li></ul><ul><li>The aim of the law is to protect against the misuse of a patient's health information and provide protection of patients' health data. </li></ul><ul><li>The catalyst for HIPPA emerged after insurance companies and other health care entities started utilizing accessible health data to select low risk individuals for insurance coverage, essentially cherry picking the best candidates to minimize the health insurer's risk. Consequently, Congress sought to eliminate this practice. Thus, HIPAA was enacted. </li></ul>
  8. 8. HIPPA Applied to Technology <ul><li>Primarily, computer storage and exchange of information is the area where HIPAA intersects with technology. </li></ul><ul><li>Anytime a computer stores patient information, the computer must have HIPAA precautions. </li></ul><ul><li>For instance, the computer should only be accessible by certain persons who have a special access code and/or password to utilize the computer. </li></ul><ul><li>When a computer is not in use, it should be locked and the screen must be inaccessible from unauthorized persons. Furthermore, monitors and screens should be turned away from the public to prevent anyone from seeing private medical information. </li></ul><ul><li>Special computer servers should be utilized to store private patient information. There should also be special firewall programs and other safety software installed on the computers like virus protection. These protections must be available on any computer that is used to store and/or exchange patient medical information. </li></ul>
  9. 9. Cabling Specifications <ul><li>Cabling to be run following EIA/TIA 568B industry standards </li></ul><ul><li>Total of 16 network drops for the main office and 14 network drops for each remote site </li></ul><ul><li>Each drop to consist of 2 RJ-45 data ports totaling 32 available ports for the main office and 28 ports for the remote sites </li></ul><ul><li>Additional ports were added to allow for expansion or possible VOIP functionality or wireless access at a later date </li></ul><ul><li>Estimated time of cabling completion is 1 week with 3 men at the main office and 2 men at each remote site </li></ul>
  10. 10. Main Office Cabling Layout
  11. 11. Basic Network Configuration
  12. 12. Cisco 2811 Integrated Services Router Cisco Catalyst 2960 24PC-L Switch The 2960 Series with LAN based software are a family fixed-configuration standalone intelligent Ethernet devices with Power-Over-Ethernet (POE) or non POE configurations that provide Fast Ethernet and Gigabit Ethernet connectivity, enabling enhanced LAN services for entry-level enterprise, midmarket, and branch office networks. The 2960 offers integrated security, including Network Administration Control (NAC),advanced quality of service (QoS),and resiliency to deliver service to the network edge. The Cisco 2811 provides the ability to deliver multiple high-quality simultaneous services at wire speed up to multiple T1/E1/xDSL connections. With the Cisco IOS Software Advanced Security feature set, the 2811 provides a robust array of security features such as Cisco IOS software firewall, intrusion prevention,IPSec VPN, Secure Shell (SSH) Protocol Version 2.0, and Simple Network Management Protocol (SNMPv3) in one secure solution set. Cisco Call Manager Express (CME) is an optional solution embedded in the Cisco IOS software that provides call processing for Cisco IP phones.
  13. 13. Site Network Design
  14. 14. Site-to site VPN tunneling to be incorporated for additional security
  15. 15. Firewall Security FortiGate 100A
  16. 16. VPN over SSL <ul><li>With Fortigate firewalls we can configure VPN’s over SSL </li></ul><ul><li>There is no need to configure it on the server. </li></ul><ul><li>Users can log in to the their internal network just using their internet browsers. </li></ul>
  17. 17. Firewall FortiGate Web Configuration interface
  18. 18. Configuration <ul><li>Each site will be using FortiNet 100A firewall Devices. </li></ul><ul><li>This will provide an advantage once initial setup the main office firewall is complete. </li></ul><ul><li>Upon completion of the main office setup, all remaining offices will be uploaded with the back up configuration of the main office Firewall. </li></ul><ul><li>This will take approximately 1 day to configure and test it. </li></ul>
  19. 19. Firewall Backup System Configuration Access Screen
  20. 20. Configuring The Other Offices <ul><li>All the policies will be same and utilize the configuration which will backed up from the main office and apply it to the other firewalls. </li></ul><ul><li>We can then change the IP addresses and start testing the firewall. </li></ul><ul><li>The completion at each office will take approximately half day to configure and test them. </li></ul>
  21. 21. Firewall FortiGate Web Configuration interface: IP Addressing
  22. 22. Infrastructure Services Description Hardware <ul><li>Selection of Hardware devices was based on needs of HealthCare Partners . </li></ul><ul><li>This is to allow for network continuity and future expansion of the business. </li></ul><ul><li>HP equipment was selected for advanced support and ease of use. </li></ul>
  23. 23. Servers <ul><li>The Central office will use a HP proliant DL380 G6. The DL380 has 2 Quad core xeon processors to provide ample processing power to supply the demand that the medical office will require. </li></ul><ul><li>The server will host 3 virtual servers to cut costs and power consumption. </li></ul>
  24. 24. Servers con’t <ul><li>The Satellite Offices will use HP Proliant DL320 G6 </li></ul><ul><li>These severs will be paired with 250 GB Hard drive to provide storage needs. </li></ul><ul><li>Operating systems will be previously installed and configured prior to installation at the required locations. </li></ul>
  25. 25. Server Operating Systems <ul><li>The Selected Operating system is Windows Server 2008. </li></ul><ul><li>Server 2008 has the ability to install only “Server Cores”, which is a minimal server environment. </li></ul><ul><li>This allows for less wasted resources for small tasks such as DNS and DHCP. </li></ul><ul><li>Server 2008 also has the Capability to run multiple “Virtual Servers” which will host the DHCP, DNS, and web server roles. </li></ul>
  26. 26. Server Housing <ul><li>The remaining hardware needed to support our infrastructure will be the 42U Server Rack. </li></ul><ul><li>This will hold the servers and network devices. </li></ul><ul><li>A battery backup will be required for the central office and one additional “Hot Site Office” for a redundant connection if the central office experiences technical difficulty. </li></ul>
  27. 27. Virtualization <ul><li>Virtualization is the process of partitioning servers so that they act as multiple servers. </li></ul><ul><li>This allows for the expansion of IT resources without incurring the costs of physically expanding infrastructure. </li></ul><ul><li>The main benefit of virtualization is that it can cut a business' IT costs. </li></ul><ul><li>For instance, a business with multiple servers could use server virtualization to eliminate x number of those physical servers, freeing up space and cutting down on the energy, maintenance and security costs related to their physical IT plant. </li></ul>
  28. 28. Office Hardware Desktop Computers <ul><li>HP Compaq Business Desktop dc7900 </li></ul><ul><li>Phenom X4 9850 / 2.5 GHz and RAM 4 GB for fast acting responsive computers </li></ul><ul><li>DVD±RW (±R DL) / DVD-RAM For easy share of information for potions </li></ul><ul><li>Radeon 3100 for HD viewing of X-ray cat scans and MRI Imaging </li></ul><ul><li>Windows XP OS Pro for versatility and reliability </li></ul><ul><li>Installed with Microsoft Office </li></ul>
  29. 29. Office Hardware con’t Laptop <ul><li>ThinkPad x200 Laptop </li></ul><ul><li>Fingerprint reader for added security </li></ul><ul><li>Microsoft Office </li></ul><ul><li>12.1&quot; Wide screen with high resolution for easy viewing of chart files and X-rays </li></ul><ul><li>Notebook is light weight model for ease of use around the office </li></ul><ul><li>Laptops will be an added device for future business expansion and telecommuting (remote access). </li></ul>
  30. 30. Office Hardware con’t PDA’s <ul><li>BlackBerry Bold 9000 </li></ul><ul><li>Stand by 300hr talk time 270min </li></ul><ul><li>WIFI Web browsing </li></ul><ul><li>1GB of Memory </li></ul><ul><li>Bluetooth </li></ul><ul><li>GPS </li></ul><ul><li>PDA’s will be an added device for future business expansion. </li></ul>
  31. 31. Office Hardware con’t Copier <ul><li>Sharp DX-C311 Color copier </li></ul><ul><li>Copying: 31 ppm BW / 31 ppm Color </li></ul><ul><li>Printing : 31 ppm BW / 31 ppm Color </li></ul><ul><li>600 sheets </li></ul>
  32. 32. Office Hardware con’t Fax machine <ul><li>HP Fax 1040 </li></ul><ul><li>ink-jet </li></ul><ul><li>copying (up to): 4 ppm </li></ul><ul><li>50 sheets </li></ul><ul><li>14.4 Kbps </li></ul>
  33. 33. Cisco Unified IP Phone 7960G <ul><li>The Cisco Unified IP Phone 7960G is designed to meet the communication needs of professional workers in enclosed office environments--employees who experience a high amount of phone traffic in the course of a business day. </li></ul><ul><li>A large pixel-based display provides supplemental information, access to applications, and makes it easy to use telephone features. </li></ul><ul><li>The Cisco Unified IP Phone 7960G allows users to quickly access diverse information such as weather, stocks, quote of the day, or any Web-based information using extensible markup language (XML) to provide a portal to an ever-growing world of features and information. </li></ul><ul><li>VOIP phone was selected for optional telephony needs throughout the business. </li></ul><ul><li>The internal Cisco two-port Ethernet switch allows for a direct connection to a 10/100BASE-T Ethernet network via an RJ-45 interface with single LAN connectivity for both the phone and a co-located PC. </li></ul>
  34. 34. Backup & Disaster Recovery Net Backup on the WAN <ul><li>Application data (local DB’s, office doc’s, etc) will be under incremental policy running everyday in addition to a weekly full file system policy. </li></ul><ul><li>Some data will not be needed to be part of the incremental backups. </li></ul><ul><li>Sys backups will only be once a month and they will be handled locally. </li></ul><ul><li>By using the native OS’s backup application and storing data on the FS as images, they will be grabbed by NB once a month during monthly archive and deleted off of FS. </li></ul>
  35. 35. Who has control? <ul><li>Administrators can control NB remotely as well as locally. </li></ul><ul><li>They can monitor, stop and kick off manual backups as well as configure policies and control the robot. </li></ul>
  36. 36. Moving and Securing the Data
  37. 37. <ul><li>The media we have specified will be LT04 tapes (800GB or 1600GB compressed) that will be handled by a Dell PowerVault TL200 (robot) with one SAS drive and 24 cartridge slots. </li></ul><ul><li>Data will be encrypted while being written to the tape from source. Encryption method will be AES:256 with automated key management. </li></ul><ul><li>As it applies to HIPPA; (HIPPA does not specify encryption method or level according to Code Standards) it is therefore not required; but is an additional precaution. </li></ul><ul><li>Media will be picked up from main site Monday through Saturday by media management vendor and stored according to policy specifications. </li></ul><ul><li>The schedule will be 2 weeks for weekly backups and archived for month and year end. </li></ul>Data management
  38. 38. Disaster Recovery Action Plans Part I: Action Plan Action Item: Total loss of data single or multi-system Expected Outcome: Total restore Key Steps Timeframe Party Responsible Administrator on duty makes determination that system/systems or Data are not recoverable without DR tape. Call is made to DR team lead to assemble team. 1.5 hours On call administrator Place call to media storage vendor to recall tapes needed and have them delivered to local site. 4 hours On Call Administrator DR team arrives on site and continues assessment of issue. 2.5 hours DR team Restore of data begins Contingent on total scope of loss. DR team
  39. 39. Disaster Recovery Action Plans con’t Part II: Action Plan Action Item: Total loss Site Expected Outcome: Total restore Additional Comments: Total timeline will be set after testing. Key Steps Timeframe Party Responsible Administrator on duty makes determination that site is no longer able to sustain proper function. .5 hours On call administrator Place call to media storage vendor to recall tapes needed and have them delivered to DR site. 4 hours On Call Administrator DR team arrives at DR site and continues assessment of issue and preparation for arrival of media. 2.5 hours DR team Restore of data begins ??? DR team
  40. 40. Database & Migration <ul><li>The DBA will utilize SQL Server and will be pre-configured prior to rollover. </li></ul><ul><li>Data will be converted from the Novell server to the DBA SQL server. </li></ul><ul><li>Any errors or anomalies will be verified and corrected prior to production rollover. </li></ul>
  41. 41. Physical Security <ul><li>apC/8X Advanced Processing Controller is an intelligent access control for the server door. </li></ul><ul><li>This also allows for alarm monitoring, which will serve as a basic building block for security management. </li></ul>
  42. 42. Physical Security con’t <ul><li>Door card reader will provide performance, reliability, and is unobtrusive. </li></ul><ul><li>A red LED flashes green and the beeper sounds when reader is presented with a proximity card. The multicolor LED and beeper can also be controlled individually by the host system. </li></ul>
  43. 43. Medical Software Amazing Carts <ul><li>Amazing Charts is a full-featured Electronic Health Record (EHR) system that allows scheduling, intra-office messaging, and complete documentation of the medical encounter in a fast, efficient, and straight-forward manner. </li></ul><ul><li>Designed by physicians for physicians. </li></ul>
  44. 44. Purchasing Costs <ul><li>Hardware Devices: $243,068 </li></ul><ul><li>Physical Security: $26,739 </li></ul><ul><li>Labor Cost: $59, 375 </li></ul><ul><li>Service Agreement: (Optional Quote) </li></ul><ul><li>Final Est. Total: $329,182 </li></ul>
  45. 45. Itemized Hardware List
  46. 46. Physical Security Cost
  47. 47. Labor Hours Cost <ul><li>Network Hardware Installation: 440 Hrs. X $100/hr = $44,000.00 </li></ul><ul><li>Back up Installation and Configuration: 50 Hrs. X $75/hr = $3750.00 </li></ul><ul><li>Firewall set up and Configuration: 24 Hrs. X $75/hr = $1800.00 </li></ul><ul><li>Desktop office hardware Installation and configuration: 95 Hrs. X $75/hr. = $7125. </li></ul><ul><li>Server Installation and Configuration: 20 Hrs. X $75/hr. = $1500.00 </li></ul><ul><li>Installation and Configuration of Medical Software: 16 Hrs. X $75/hr = $1200.00 </li></ul>
  48. 48. Service Agreement <ul><li>We offer several different levels of service agreements. </li></ul><ul><li>Remote support </li></ul><ul><li>24 Hour Onsite Response </li></ul><ul><li>12 Hour Onsite Response </li></ul><ul><li>4 Hour Onsite Response </li></ul>
  49. 49. Service Agreement Remote support <ul><li>You will receive a call from us with in 6 hours of the initial call </li></ul><ul><li>With remote support we will connect to the network remotely </li></ul><ul><li>Check network and server logs for issues </li></ul><ul><li>Diagnose and advise on a plan of action to repair any outstanding issues. </li></ul>
  50. 50. Service Agreement 24 Hour Onsite Response <ul><li>Includes all the services provided with remote support </li></ul><ul><li>If we can’t fix the issue remotely we will come to your offices with in 24 hours. </li></ul>
  51. 51. Service Agreement 12 Hour Onsite Response <ul><li>Includes all the services provided with remote support </li></ul><ul><li>We will respond with an initial call with in an hour with remote support. </li></ul><ul><li>If we can’t fix the issue remotely we will come to your offices with in 12 hours. </li></ul>
  52. 52. Service Agreement 4 Hour Onsite Response <ul><li>Includes all the services provided with remote support </li></ul><ul><li>We will respond with an initial call with in an hour with remote support. </li></ul><ul><li>If we can’t fix the issue remotely we will come to your offices with in 4 hours. </li></ul>
  53. 53. Conclusion/Summary <ul><li>In meeting the necessary requirements of HealthCare Partners , we of SNS have been able to propose a fully functional updated Network environment; that will maintain the HIPPA related standards that are required to secure all Medical Patient records, as well as to promote future growth within the business. </li></ul><ul><li>We hope HealthCare Partners will consider the overall concept and design we at SNS have created for you. Thank you for your time. </li></ul>
  54. 54. Resources Cited <ul><li>Case Statement: Provided by Mike Conroy </li></ul><ul><li>Cisco, (Network Device Info) </li></ul><ul><li>FortiGate, (Firewall Security) </li></ul><ul><li>CDW, (Product Vendor) </li></ul><ul><li>Amazing Charts, (Med Software) </li></ul><ul><li>HID, (Door card reader, Physical Security) </li></ul><ul><li>apC/8X, (Physical Security) </li></ul><ul><li>Virtualization, (Virtual Servers) </li></ul><ul><li>HIPPA, , (HIPPA Laws) </li></ul>