This document outlines the proposed network infrastructure for the 3rd Cavalry Aviation Brigade stationed at Hunter Army Airfield. The solution involves replacing older server hardware with new Dell server blades, NetApps storage devices, and Cisco switches housed in ruggedized cases. The network will use VMware virtualization and Windows Server 2008 operating systems. Key components include Active Directory, DHCP, DNS, and certificate services. The document describes the installation and configuration of the hardware, storage, switches, and protocols needed to set up the new tactical network.
DDS, JMS, REST APIs
Data-Centric Publish/Subscribe
Pluggable Discovery
Reliability, Serialization, Transport
Persistence Service
Monitoring, Logging, Replay
Connext Messaging adds:
- Request/reply
- Guaranteed messaging
- JMS API
- Persistence
- Additional transports
- Security
- Future: REST API
It is built on top of Connext DDS for data distribution.
<XML>
MongoDB supports replication for failover and redundancy. In this session we will introduce the basic concepts around replica sets, which provide automated failover and recovery of nodes. We'll cover how to set up, configure, and initiate a replica set; methods for using replication to scale reads; and proper architecture for durability.
This document provides an overview of the Red Hat Cluster Suite, which delivers high availability solutions. It discusses the Cluster Manager technology, which provides application failover capability to make applications highly available. Cluster Manager uses shared storage, service monitoring, and communication between servers to detect failures and restart applications on healthy nodes. It ensures data integrity through techniques like I/O barriers, quorum partitions, and active/passive or active/active application configurations across nodes.
This document is a term paper on Software Defined Networking (SDN). It discusses how SDN proposes separating the control plane from the data plane in network architecture, making networks programmable. The key points made are:
1) SDN introduces three planes - data, control, and management. The control plane centralizes network intelligence through a controller.
2) Benefits of SDN include simpler network management through centralized control and programming. It also enables network virtualization.
3) The document outlines the layers in the SDN architecture, including the data plane (forwarding devices), southbound interface, network operating system controller, and northbound interface for programming.
Hyper v and live migration on cisco unified computing system - virtualized on...Louis Göhl
Learn how Cisco's new unified computing architecture, purpose built for virtualization, with Microsoft's Windows Server 2008 R2 Hyper-V and Live Migration, allow administrations to quickly allocate additional compute and storage resources for on-demand provisioning of new applications and users.
The Veryx Optimal Server Selection Algorithm relies on performance of Intel® Xeon® processors to select the right infrastructure for workload placement.
Class lecture by Prof. Raj Jain on Data Center Network Topologies. The talk covers Google’s Data Center, Cooling Plant, Modular Data Centers, Containerized Data Center, Unstructured Cabling, Structured Cabling, Data Center Equipment Cabinets, Data Center Physical Layout, ANSI/TIA-942-2005 Standard, ANSI/TIA-942-2005 Standard, Data Center Network Topologies, Data Center Networks, Switch Locations, ToR vs EoR, Hierarchical Network Design, Access Aggregation Connections, Data Center Networking Issues, DCN Requirements, 4-Post Architecture at Facebook, Clos Networks, Fat-Tree DCN Example. Video recording available on You
Migrate server identities and data access 34 percent faster with Cisco UCS an...Principled Technologies
As your IT organization grows, migrating server identities between servers with data ownership, regardless of form factor, is a critical capability. Workload demands and data center realities will mandate that maximum flexibility be “built-in” to the architecture and management processes to optimize performance and productivity. Making server migration seamless and repeatable requires that it be a largely automated process. Automation is critical to maintain maximum uptime, reduce the burden on your IT staff’s time, and to reduce the potential for human error. All of these make your enterprise more efficient, resilient, and sustainable.
The Cisco Unified Computing System and UCS SingleConnect make such a scenario possible. UCS Manager’s automated processes let you migrate identities between servers seamlessly within your existing infrastructure, letting your IT staff take a largely hands-off approach. Fewer touch points mean less time spent on the process and less chance of error. In our tests, migrating from a blade server to a rack server with the Cisco UCS solution was 34 percent faster and required 83 percent fewer steps than with the HP solution.
DDS, JMS, REST APIs
Data-Centric Publish/Subscribe
Pluggable Discovery
Reliability, Serialization, Transport
Persistence Service
Monitoring, Logging, Replay
Connext Messaging adds:
- Request/reply
- Guaranteed messaging
- JMS API
- Persistence
- Additional transports
- Security
- Future: REST API
It is built on top of Connext DDS for data distribution.
<XML>
MongoDB supports replication for failover and redundancy. In this session we will introduce the basic concepts around replica sets, which provide automated failover and recovery of nodes. We'll cover how to set up, configure, and initiate a replica set; methods for using replication to scale reads; and proper architecture for durability.
This document provides an overview of the Red Hat Cluster Suite, which delivers high availability solutions. It discusses the Cluster Manager technology, which provides application failover capability to make applications highly available. Cluster Manager uses shared storage, service monitoring, and communication between servers to detect failures and restart applications on healthy nodes. It ensures data integrity through techniques like I/O barriers, quorum partitions, and active/passive or active/active application configurations across nodes.
This document is a term paper on Software Defined Networking (SDN). It discusses how SDN proposes separating the control plane from the data plane in network architecture, making networks programmable. The key points made are:
1) SDN introduces three planes - data, control, and management. The control plane centralizes network intelligence through a controller.
2) Benefits of SDN include simpler network management through centralized control and programming. It also enables network virtualization.
3) The document outlines the layers in the SDN architecture, including the data plane (forwarding devices), southbound interface, network operating system controller, and northbound interface for programming.
Hyper v and live migration on cisco unified computing system - virtualized on...Louis Göhl
Learn how Cisco's new unified computing architecture, purpose built for virtualization, with Microsoft's Windows Server 2008 R2 Hyper-V and Live Migration, allow administrations to quickly allocate additional compute and storage resources for on-demand provisioning of new applications and users.
The Veryx Optimal Server Selection Algorithm relies on performance of Intel® Xeon® processors to select the right infrastructure for workload placement.
Class lecture by Prof. Raj Jain on Data Center Network Topologies. The talk covers Google’s Data Center, Cooling Plant, Modular Data Centers, Containerized Data Center, Unstructured Cabling, Structured Cabling, Data Center Equipment Cabinets, Data Center Physical Layout, ANSI/TIA-942-2005 Standard, ANSI/TIA-942-2005 Standard, Data Center Network Topologies, Data Center Networks, Switch Locations, ToR vs EoR, Hierarchical Network Design, Access Aggregation Connections, Data Center Networking Issues, DCN Requirements, 4-Post Architecture at Facebook, Clos Networks, Fat-Tree DCN Example. Video recording available on You
Migrate server identities and data access 34 percent faster with Cisco UCS an...Principled Technologies
As your IT organization grows, migrating server identities between servers with data ownership, regardless of form factor, is a critical capability. Workload demands and data center realities will mandate that maximum flexibility be “built-in” to the architecture and management processes to optimize performance and productivity. Making server migration seamless and repeatable requires that it be a largely automated process. Automation is critical to maintain maximum uptime, reduce the burden on your IT staff’s time, and to reduce the potential for human error. All of these make your enterprise more efficient, resilient, and sustainable.
The Cisco Unified Computing System and UCS SingleConnect make such a scenario possible. UCS Manager’s automated processes let you migrate identities between servers seamlessly within your existing infrastructure, letting your IT staff take a largely hands-off approach. Fewer touch points mean less time spent on the process and less chance of error. In our tests, migrating from a blade server to a rack server with the Cisco UCS solution was 34 percent faster and required 83 percent fewer steps than with the HP solution.
SDN Control Plane scalability research proposalYatindra shashi
The document proposes a hybrid SDN control plane scalability model to handle millions of flows per second with low latency for large networks. It combines hierarchical and distributed control by using local controllers to manage specific switches, a logical central controller with a global view, and distributed physical controllers running ONIX instances with a shared network information base to reduce load on the central controller. The proposed model aims to scale control plane capacity while maintaining SDN principles of separating the control and data planes. It is argued this hybrid approach could improve performance and reliability compared to simple OpenFlow architectures.
The CMS online cluster consists of more than 2700 computers, mostly running under Scientific Linux CERN. They run the 15000 application instances responsible for the data acquisition and experiment control in a private network. The high availability of the network and services and the independence from external networks allows their operation around the clock. After testing virtualization, it is being deployed to further enhance high availability while allowing even easier servicing. Due to the ever increasing luminosity provided to CMS by the LHC, the cluster size and software running in it has been evolving to meet the increased demand of performance. Only in the last year, the processing power of the High Level Trigger farm was increased by 50% without disruption to ongoing operations and it is foreseen to continue growing. At the same time, large updates of the running software happen once every two weeks with smaller updates occurring all the time due to the many developers of the different subsystems. The configuration management infrastructure based on quattor has been instrumented accordingly to be flexible and easy to use by the software librarians while still performant and robust. Big parts of the cluster can be reconfigured and failing computers reinstalled in only a few minutes. The monitoring infrastructure is being revamped to increase performance and allow a fine grained and user configurable notification that will allow the final experts to receive the notifications of the problems directly and on demand. Details will be given on the adopted solutions which include the following topics: implementation of the redundant and load balanced network and core IT services; deployment and configuration management infrastructure and its customization; the new monitoring infrastructure; virtualization techniques for redundant services… Special emphasis will be put on the scalable approach allowing to increase the size of the cluster with no administration overhead. Finally, the lessons learnt from the two years of running will be presented together with the prospects for the short and long term upgrades and the new technologies now in the pipeline.
Data Center Network Trends - Lin NeaseHPDutchWorld
This document discusses trends in data center networks and strategies for addressing challenges. It describes how legacy data centers can be transformed into next generation data centers through standardization, virtualization, and automation. This allows for reduced costs, better asset utilization, lower power consumption, and higher system uptime. It also discusses various types of data center networks, the growth of 10Gb Ethernet, and topology approaches like using top-of-rack switches. The document outlines a strategy for network automation and virtualizing the data center network through representing it as an inventory of virtual connections.
SDN 101: Software Defined Networking Course - Sameh Zaghloul/IBM - 2014SAMeh Zaghloul
This document provides an overview of software defined networking (SDN). It discusses how SDN enables data center teams to use software to efficiently control network resources, compared to traditional network switches. The document outlines several SDN topics and related technologies, including SDN standards, network function virtualization, use cases, sample projects, surveys, case studies, online courses, and software tools. It also includes sections on SDN architecture and how SDN is important for virtual environments and VM mobility.
IRJET- Load Balancing Cluster based on Linux Virtual ServerIRJET Journal
1) The document discusses load balancing techniques for distributed server clusters using Linux Virtual Server (LVS). LVS allows building a virtual server from a cluster of real servers to improve scalability and availability.
2) It presents an LVS cluster architecture with multiple front-ends that can also act as back-ends to remove bottlenecks and balance loads more effectively as requests increase.
3) The proposed scheduling algorithm distributes requests equally among servers considering their loads, allowing servers to redirect requests to less busy backends to avoid overloading.
The document discusses Cisco's expertise in Hadoop and big data technologies. It provides an agenda for a Hadoop Summit presentation that includes topics like Hadoop optimization, scheduling and prioritization, and visibility plugins. Performance tests show the benefits of SSD drives, dual NICs, and 10GbE networking for Hadoop workloads. The presentation aims to demonstrate Cisco's solutions for high performance, scalable and highly available Hadoop deployments.
This document discusses the Dynamic Host Configuration Protocol (DHCP) features in Windows Server 2003. Key features include integration with DNS for name resolution, enhanced monitoring and reporting, support for vendor-specific options, multicast address allocation, protection against unauthorized DHCP servers, high availability through clustering, automatic and alternate client configuration, and command-line management. It provides an overview of DHCP including servers, clients, and relay agents, and best practices for deployment and configuration.
Web-Based User Interface for the Floodlight SDN ControllerEswar Publications
Software Defined Networking (SDN) was born as a solution for next-generation network design. Due to its flexible architecture, SDN promises to make network devices simpler while giving better centralized control ability over network and improving parameters such as flexibility, resilience, reliability, and security. In this paper, we briefly introduce the SDN architecture and the Floodlight Controller that is one of the popular SDN controllers. We build a web-based user interface for the Floodlight Controller by using REST API. This application is the first program in the Floodlight SDN Controller literature to view the controller upon several properties such as device connections and flow tables.
TECHNICAL WHITE PAPER: NetBackup Appliances WAN OptimizationSymantec
In a world of ever increasing data flow as well as globalization of data centers the effectiveness and utilization of the networks connecting sites is of the highest importance to end users. Even with network enhancement and improvement, the ability of the infrastructure to keep pace with the flow of data has proved not to be in lockstep. To optimize the flow of data verses increasing the pipe that is flows along is seen as critical to keeping operations running and costs minimal. This paper discusses the new WAN Optimization technology that has been introduced in the NetBackup 5220 and 5020 appliances.
This document outlines the WAN Optimization feature enhancements introduced on the NetBackup 5220 and NetBackup 5020 and applies to:
• NetBackup 5220 & 5230 appliances with version N2.5 and above installed
• NetBackup 5020 & 5030 appliances with version D1.4.2 and above installed
Popeye - Using Fine-grained Network Access Control to Support Mobile Users an...Tal Lavian Ph.D.
We are facing a trend towards ubiquitous connectivity where users demand access at anytime, anywhere. This has lead to the deployment of public network ports and wireless networks. Current solutions to network access control are in exible and only provide all-or-nothing access. It is also increasing important to protect Intranet hosts from other mobile and static hosts on the same
Intranet, in order to contain damages in the case that a host gets compromised. We present an architecture that addresses these issues by using a programmable router to provide dynamic
ne-grained network access control. The Javaenabled router dynamically generates and enforces
access control rules using policies and user proles as input, reducing administrative overhead. Our modular design integrates well with existing authentication and directory servers, further reducing admininstrative costs. Our prototype is implemented using Nortel's Accelar router and moves users to VLANs with the appropriate access privilege.
Experience with adapting a WS-BPEL runtime for eScience workflowsThilina Gunarathne
Scientists believe in the concept of collective intelligence and are increasingly collaborating with their peers, sharing data and simulation techniques. These collaborations are made possible by building eScience infrastructures. eScience infrastructures build and assemble various scientific workflow and data management tools which provide rich end user functionality while abstracting the complexities of many underlying technologies. For instance, workflow systems provide a means to execute complex sequence of tasks with or without intensive user intervention and in ways that support flexible reordering and reconfiguration of the workflow. As the workflow technologies continue to emerge, the need for interoperability and standardization clamorous. The Web Services Business Process Execution Language (WS-BPEL) provides one such standard way of defining workflows. WS-BPEL specification encompasses broad range of workflow composition and description capabilities that can be applied to both abstract as well as concrete executable components.
Scientific workflows with their agile characteristics present significant challenges in embracing WS-BPEL for eScience purposes. In this paper we discuss the experiences in adopting a WS-BPEL runtime within an eScience infrastructure with reference to an early implementation of a custom eScience motivated BPEL like workflow engine. Specifically the paper focuses on replacing the early adopter research system with a widely used open source WS-BPEL runtime, Apache ODE, while retaining the interoperable design to switch to any WS-BPEL compliant workflow runtime in future. The paper discusses the challenges encountered in extending a business motivated workflow engine for scientific workflow executions. Further, the paper presents performance benchmarks for the developed system.
From Nemertes Research: Data center architects need to consider designs that limit complexity and reduce the
possibility of chaotic behavior. Learn more at http://www.juniper.net/us/en/dm/datacenter/
Software defined networking(sdn) vahid sadriVahid Sadri
This document provides an overview of software-defined networking (SDN) and network functions virtualization (NFV). It discusses the motivation for SDN and NFV, including making networks more flexible and reducing costs. Key benefits mentioned are reduced equipment costs, increased speed of service deployment, and more flexible allocation of network resources. OpenFlow is introduced as an SDN protocol. The relationship between SDN and NFV is explored, noting they are complementary approaches. Examples of potential applications of NFV are listed.
Network Configuration Example: Configuring Assured Forwarding for High-Defini...Juniper Networks
This document provides examples for configuring assured forwarding to ensure quality of service for high-definition videoconferencing. It describes using three service tiers to prioritize video traffic based on endpoint type and user needs. The solution uses Juniper and Polycom equipment like the DMA, SRC software, RMX, MX routers and SRX gateways to coordinate network resources and call admission control for guaranteed bandwidth.
Software Defined Networking (SDN) Technology BriefZivaro Inc
An overview of Software-Defined Networking (SDN) and the key benefits of moving to a virtualized network, including:
- Improved time to market through automation
- Optimal trafficking with a global view of the network
- Quicker enablement of new services
- Reduced operating costs
- Improved management and visibility
- Simplified operation of network devices
From "Introduction to Software Defined Networking" webinar presented by GTRI CTO Scott Hogg on March 10, 2016. Webinar recording: https://youtu.be/gRXnctYDBjE
This document summarizes distributed computing environment (DCE). DCE provides a vendor-independent platform for building distributed applications. It uses remote procedure calls (RPC) to allow systems to access remote procedures simply by calling them. DCE provides security services like authentication, authorization, and encryption. Its components include a thread package, RPC facility, time service, name service, and file and security services. DCE has applications in security, the world wide web, and distributed objects.
Dell CloudIQ provides a single console for proactive monitoring and had negli...Principled Technologies
Dell CloudIQ provides a single console for proactively monitoring infrastructure from any location with negligible impact on network bandwidth. Testing showed that CloudIQ efficiently packaged and encrypted data from servers it monitored, transferring on average 0.056 KBps with two hosts and 0.089 KBps with three hosts. Across tests, CloudIQ monitored servers and reported health information while maintaining small data transfers over the network.
The first Technology driven reality competition showcasing the incredible virtualization community members and their talents. Virtually Everywhere · virtualdesignmaster.com
#VirtualDesignMaster 3 Challenge 3 – James Brownvdmchallenge
While things on Mars have been going well, since we now have multiple options for our infrastructure, the fact remains that we are working on the colonization of a foreign planet.
SDN Control Plane scalability research proposalYatindra shashi
The document proposes a hybrid SDN control plane scalability model to handle millions of flows per second with low latency for large networks. It combines hierarchical and distributed control by using local controllers to manage specific switches, a logical central controller with a global view, and distributed physical controllers running ONIX instances with a shared network information base to reduce load on the central controller. The proposed model aims to scale control plane capacity while maintaining SDN principles of separating the control and data planes. It is argued this hybrid approach could improve performance and reliability compared to simple OpenFlow architectures.
The CMS online cluster consists of more than 2700 computers, mostly running under Scientific Linux CERN. They run the 15000 application instances responsible for the data acquisition and experiment control in a private network. The high availability of the network and services and the independence from external networks allows their operation around the clock. After testing virtualization, it is being deployed to further enhance high availability while allowing even easier servicing. Due to the ever increasing luminosity provided to CMS by the LHC, the cluster size and software running in it has been evolving to meet the increased demand of performance. Only in the last year, the processing power of the High Level Trigger farm was increased by 50% without disruption to ongoing operations and it is foreseen to continue growing. At the same time, large updates of the running software happen once every two weeks with smaller updates occurring all the time due to the many developers of the different subsystems. The configuration management infrastructure based on quattor has been instrumented accordingly to be flexible and easy to use by the software librarians while still performant and robust. Big parts of the cluster can be reconfigured and failing computers reinstalled in only a few minutes. The monitoring infrastructure is being revamped to increase performance and allow a fine grained and user configurable notification that will allow the final experts to receive the notifications of the problems directly and on demand. Details will be given on the adopted solutions which include the following topics: implementation of the redundant and load balanced network and core IT services; deployment and configuration management infrastructure and its customization; the new monitoring infrastructure; virtualization techniques for redundant services… Special emphasis will be put on the scalable approach allowing to increase the size of the cluster with no administration overhead. Finally, the lessons learnt from the two years of running will be presented together with the prospects for the short and long term upgrades and the new technologies now in the pipeline.
Data Center Network Trends - Lin NeaseHPDutchWorld
This document discusses trends in data center networks and strategies for addressing challenges. It describes how legacy data centers can be transformed into next generation data centers through standardization, virtualization, and automation. This allows for reduced costs, better asset utilization, lower power consumption, and higher system uptime. It also discusses various types of data center networks, the growth of 10Gb Ethernet, and topology approaches like using top-of-rack switches. The document outlines a strategy for network automation and virtualizing the data center network through representing it as an inventory of virtual connections.
SDN 101: Software Defined Networking Course - Sameh Zaghloul/IBM - 2014SAMeh Zaghloul
This document provides an overview of software defined networking (SDN). It discusses how SDN enables data center teams to use software to efficiently control network resources, compared to traditional network switches. The document outlines several SDN topics and related technologies, including SDN standards, network function virtualization, use cases, sample projects, surveys, case studies, online courses, and software tools. It also includes sections on SDN architecture and how SDN is important for virtual environments and VM mobility.
IRJET- Load Balancing Cluster based on Linux Virtual ServerIRJET Journal
1) The document discusses load balancing techniques for distributed server clusters using Linux Virtual Server (LVS). LVS allows building a virtual server from a cluster of real servers to improve scalability and availability.
2) It presents an LVS cluster architecture with multiple front-ends that can also act as back-ends to remove bottlenecks and balance loads more effectively as requests increase.
3) The proposed scheduling algorithm distributes requests equally among servers considering their loads, allowing servers to redirect requests to less busy backends to avoid overloading.
The document discusses Cisco's expertise in Hadoop and big data technologies. It provides an agenda for a Hadoop Summit presentation that includes topics like Hadoop optimization, scheduling and prioritization, and visibility plugins. Performance tests show the benefits of SSD drives, dual NICs, and 10GbE networking for Hadoop workloads. The presentation aims to demonstrate Cisco's solutions for high performance, scalable and highly available Hadoop deployments.
This document discusses the Dynamic Host Configuration Protocol (DHCP) features in Windows Server 2003. Key features include integration with DNS for name resolution, enhanced monitoring and reporting, support for vendor-specific options, multicast address allocation, protection against unauthorized DHCP servers, high availability through clustering, automatic and alternate client configuration, and command-line management. It provides an overview of DHCP including servers, clients, and relay agents, and best practices for deployment and configuration.
Web-Based User Interface for the Floodlight SDN ControllerEswar Publications
Software Defined Networking (SDN) was born as a solution for next-generation network design. Due to its flexible architecture, SDN promises to make network devices simpler while giving better centralized control ability over network and improving parameters such as flexibility, resilience, reliability, and security. In this paper, we briefly introduce the SDN architecture and the Floodlight Controller that is one of the popular SDN controllers. We build a web-based user interface for the Floodlight Controller by using REST API. This application is the first program in the Floodlight SDN Controller literature to view the controller upon several properties such as device connections and flow tables.
TECHNICAL WHITE PAPER: NetBackup Appliances WAN OptimizationSymantec
In a world of ever increasing data flow as well as globalization of data centers the effectiveness and utilization of the networks connecting sites is of the highest importance to end users. Even with network enhancement and improvement, the ability of the infrastructure to keep pace with the flow of data has proved not to be in lockstep. To optimize the flow of data verses increasing the pipe that is flows along is seen as critical to keeping operations running and costs minimal. This paper discusses the new WAN Optimization technology that has been introduced in the NetBackup 5220 and 5020 appliances.
This document outlines the WAN Optimization feature enhancements introduced on the NetBackup 5220 and NetBackup 5020 and applies to:
• NetBackup 5220 & 5230 appliances with version N2.5 and above installed
• NetBackup 5020 & 5030 appliances with version D1.4.2 and above installed
Popeye - Using Fine-grained Network Access Control to Support Mobile Users an...Tal Lavian Ph.D.
We are facing a trend towards ubiquitous connectivity where users demand access at anytime, anywhere. This has lead to the deployment of public network ports and wireless networks. Current solutions to network access control are in exible and only provide all-or-nothing access. It is also increasing important to protect Intranet hosts from other mobile and static hosts on the same
Intranet, in order to contain damages in the case that a host gets compromised. We present an architecture that addresses these issues by using a programmable router to provide dynamic
ne-grained network access control. The Javaenabled router dynamically generates and enforces
access control rules using policies and user proles as input, reducing administrative overhead. Our modular design integrates well with existing authentication and directory servers, further reducing admininstrative costs. Our prototype is implemented using Nortel's Accelar router and moves users to VLANs with the appropriate access privilege.
Experience with adapting a WS-BPEL runtime for eScience workflowsThilina Gunarathne
Scientists believe in the concept of collective intelligence and are increasingly collaborating with their peers, sharing data and simulation techniques. These collaborations are made possible by building eScience infrastructures. eScience infrastructures build and assemble various scientific workflow and data management tools which provide rich end user functionality while abstracting the complexities of many underlying technologies. For instance, workflow systems provide a means to execute complex sequence of tasks with or without intensive user intervention and in ways that support flexible reordering and reconfiguration of the workflow. As the workflow technologies continue to emerge, the need for interoperability and standardization clamorous. The Web Services Business Process Execution Language (WS-BPEL) provides one such standard way of defining workflows. WS-BPEL specification encompasses broad range of workflow composition and description capabilities that can be applied to both abstract as well as concrete executable components.
Scientific workflows with their agile characteristics present significant challenges in embracing WS-BPEL for eScience purposes. In this paper we discuss the experiences in adopting a WS-BPEL runtime within an eScience infrastructure with reference to an early implementation of a custom eScience motivated BPEL like workflow engine. Specifically the paper focuses on replacing the early adopter research system with a widely used open source WS-BPEL runtime, Apache ODE, while retaining the interoperable design to switch to any WS-BPEL compliant workflow runtime in future. The paper discusses the challenges encountered in extending a business motivated workflow engine for scientific workflow executions. Further, the paper presents performance benchmarks for the developed system.
From Nemertes Research: Data center architects need to consider designs that limit complexity and reduce the
possibility of chaotic behavior. Learn more at http://www.juniper.net/us/en/dm/datacenter/
Software defined networking(sdn) vahid sadriVahid Sadri
This document provides an overview of software-defined networking (SDN) and network functions virtualization (NFV). It discusses the motivation for SDN and NFV, including making networks more flexible and reducing costs. Key benefits mentioned are reduced equipment costs, increased speed of service deployment, and more flexible allocation of network resources. OpenFlow is introduced as an SDN protocol. The relationship between SDN and NFV is explored, noting they are complementary approaches. Examples of potential applications of NFV are listed.
Network Configuration Example: Configuring Assured Forwarding for High-Defini...Juniper Networks
This document provides examples for configuring assured forwarding to ensure quality of service for high-definition videoconferencing. It describes using three service tiers to prioritize video traffic based on endpoint type and user needs. The solution uses Juniper and Polycom equipment like the DMA, SRC software, RMX, MX routers and SRX gateways to coordinate network resources and call admission control for guaranteed bandwidth.
Software Defined Networking (SDN) Technology BriefZivaro Inc
An overview of Software-Defined Networking (SDN) and the key benefits of moving to a virtualized network, including:
- Improved time to market through automation
- Optimal trafficking with a global view of the network
- Quicker enablement of new services
- Reduced operating costs
- Improved management and visibility
- Simplified operation of network devices
From "Introduction to Software Defined Networking" webinar presented by GTRI CTO Scott Hogg on March 10, 2016. Webinar recording: https://youtu.be/gRXnctYDBjE
This document summarizes distributed computing environment (DCE). DCE provides a vendor-independent platform for building distributed applications. It uses remote procedure calls (RPC) to allow systems to access remote procedures simply by calling them. DCE provides security services like authentication, authorization, and encryption. Its components include a thread package, RPC facility, time service, name service, and file and security services. DCE has applications in security, the world wide web, and distributed objects.
Dell CloudIQ provides a single console for proactive monitoring and had negli...Principled Technologies
Dell CloudIQ provides a single console for proactively monitoring infrastructure from any location with negligible impact on network bandwidth. Testing showed that CloudIQ efficiently packaged and encrypted data from servers it monitored, transferring on average 0.056 KBps with two hosts and 0.089 KBps with three hosts. Across tests, CloudIQ monitored servers and reported health information while maintaining small data transfers over the network.
The first Technology driven reality competition showcasing the incredible virtualization community members and their talents. Virtually Everywhere · virtualdesignmaster.com
#VirtualDesignMaster 3 Challenge 3 – James Brownvdmchallenge
While things on Mars have been going well, since we now have multiple options for our infrastructure, the fact remains that we are working on the colonization of a foreign planet.
A data center network is a system in which multiple server are connected to each other to share information and resources. Multiple remote office or user connected to data center network and server for resource or information sharing.
Multiple remote office connected to data center server via VPN. Multiple ISP connected each branch and give failover service and using routing protocol OSPF.
This document provides a summary of Joseph V. San Severo's experience and qualifications. It outlines his extensive experience working as a senior network engineer for various companies, where he designed, implemented and supported complex network infrastructures utilizing technologies such as Cisco, Juniper, Linux and more. It also lists the various hardware, software, protocols and projects he has worked with throughout his career spanning over 20 years in the industry.
Running head NETWORK INFRASTRUCTURE AND SECURITY 1NETWOR.docxtodd581
Running head: NETWORK INFRASTRUCTURE AND SECURITY
1
NETWORK INFRASTRUCTURE AND SECURITY
2
Project Deliverable 5: Network Infrastructure and Security
CIS 499 – Information Systems Capstone
November 25, 2018
Project Scope
The project will comprise of a network design to meet Acme Corporation network infrastructure requirements. The network should accommodate occasional guest users of up to 10 users. The network design will incorporate an FTP server that will use for sharing files. The project should involve separate subnet for guest and LAN networks; the guest network should be restricted to access only FTP service on the FTP server while all other access to the LAN network will be blocked. The project will also involve IP Network Design as well as identification and configuration details of the hardware utilized (Switches and Routers). Included in the network design is the implementation of a Wireless LAN (WLAN) that minimizes the management effort to configure and manage while allowing effective data transmission between the Wireless Application Protocols (WAPs).
Network design
The network will use a star topology where it provides centralized handling of the network and its’ associated security. Each of the floors of the building will have a central server which host switches that link the different rooms via ethernet cables. Each of the rooms will have a switch that is linked to the central server's router. The servers will be linked via fiber optic cables. The ethernet cables will be utilized for connecting individual devices to their associated switches. The network design will involve the utilization of both wired and wireless media. The wireless media will allow for a network connection for portable devices like tablets, cell phones, and laptops.
The switch links allow the traffic getting into the Acme’s LAN from the MAN not to be congested. As more tablets are utilized in the company, the WLAN bandwidth increases significantly to each room. This requires that the WAPs supporting the 802.11n protocol as well as faster 802.11ac standard require additional power. As a result, switches with PoE+ give the required power. These Switches utilize the existing Category-6 cable (Ethernet cables) that allow for remote administration and configuration (Karris, 2009).
Virtual LANs (VLAN) will be used to enables the network administrator to group users into shared broadcast domains irrespective of their physical position in the internetwork. For instance, computer devices utilized by employees on two different floors may be placed on the same VLAN. The staff has their VLAN while the Guest VLAN is used by guests when using wireless access points.
The company's network perimeter that detaches it from the Internet comprises of two border core routers. The border routers should then link to the Virtual Private Network (VPN) Gateway. The Routers link to the servers, wireless access points and switches as well as the LAN (internal network)..
Running head NETWORK INFRASTRUCTURE AND SECURITY 1NETWOR.docxglendar3
Running head: NETWORK INFRASTRUCTURE AND SECURITY
1
NETWORK INFRASTRUCTURE AND SECURITY
2
Project Deliverable 5: Network Infrastructure and Security
CIS 499 – Information Systems Capstone
November 25, 2018
Project Scope
The project will comprise of a network design to meet Acme Corporation network infrastructure requirements. The network should accommodate occasional guest users of up to 10 users. The network design will incorporate an FTP server that will use for sharing files. The project should involve separate subnet for guest and LAN networks; the guest network should be restricted to access only FTP service on the FTP server while all other access to the LAN network will be blocked. The project will also involve IP Network Design as well as identification and configuration details of the hardware utilized (Switches and Routers). Included in the network design is the implementation of a Wireless LAN (WLAN) that minimizes the management effort to configure and manage while allowing effective data transmission between the Wireless Application Protocols (WAPs).
Network design
The network will use a star topology where it provides centralized handling of the network and its’ associated security. Each of the floors of the building will have a central server which host switches that link the different rooms via ethernet cables. Each of the rooms will have a switch that is linked to the central server's router. The servers will be linked via fiber optic cables. The ethernet cables will be utilized for connecting individual devices to their associated switches. The network design will involve the utilization of both wired and wireless media. The wireless media will allow for a network connection for portable devices like tablets, cell phones, and laptops.
The switch links allow the traffic getting into the Acme’s LAN from the MAN not to be congested. As more tablets are utilized in the company, the WLAN bandwidth increases significantly to each room. This requires that the WAPs supporting the 802.11n protocol as well as faster 802.11ac standard require additional power. As a result, switches with PoE+ give the required power. These Switches utilize the existing Category-6 cable (Ethernet cables) that allow for remote administration and configuration (Karris, 2009).
Virtual LANs (VLAN) will be used to enables the network administrator to group users into shared broadcast domains irrespective of their physical position in the internetwork. For instance, computer devices utilized by employees on two different floors may be placed on the same VLAN. The staff has their VLAN while the Guest VLAN is used by guests when using wireless access points.
The company's network perimeter that detaches it from the Internet comprises of two border core routers. The border routers should then link to the Virtual Private Network (VPN) Gateway. The Routers link to the servers, wireless access points and switches as well as the LAN (internal network)..
#VirtualDesignMaster 3 Challenge 1 – James Brownvdmchallenge
We are now settled on Mars, and ready to build a more permanentinfrastructure. Keep in mind that power, cooling, and space are extremelyexpensive resources on Mars. In order to save space, we have decidednot to use a traditional FiberChannel infrastructure, meaning there will beno dedicated FiberChannel Switches.
This document contains exam questions and answers about networking topics such as wireless networking benefits, router types, Ethernet trunking, switch failure domains, router configuration commands, spanning tree protocol, device management, and high availability features. Some key points covered include the benefits of wireless flexibility and reduced costs, that a modular router should replace a fixed router that lacks interfaces, and that redundant power supplies and failover capabilities help maintain high network uptime.
Distrix provides a software defined infrastructure that overlays existing networks to increase flexibility, security and management capabilities. It applies management, routing, rules, redundancy and security to data at any network layer. Distrix tunnels establish secure communication channels that can transmit data efficiently regardless of the physical infrastructure by tagging data streams. This allows data to be dynamically routed based on changing network conditions and application needs. Distrix also increases network performance through capabilities like adding metadata, filtering data, prioritizing traffic and translating data formats.
Software Defined Networking: A Concept and Related IssuesEswar Publications
SDN (Software Defined Networking) is the networking architecture that has gained attention of researchers in recent past. It is the future of programmable networks. Traditional networks were very complex and difficult to manage. SDN is going to change this by offering a standard interface (OpenFlow) between the control plane and the networking devices (data plane). Its implementation is fully supported by software so that we can control the behavior of networking devices through programmatic control. This programmatic control provides various new ways to find breakpoints and failures in networking devices. Today SDN has become an important part of networking, so it is important to emulate its behavior. SDN support virtualization which makes it scalable and flexible. Data traffic resides in the data plane. The main function of intelligent controller is to decide the routing
policy and manage the traffic in data plane. So effectively SDN emerges as a networking architecture that has the ability to solve all problems those were found in traditional architecture In this paper the authors discussed historical perspective of SDN, languages that support SDN, emulation tools, security issues with SDN and advantages that makes SDN suitable choice for today’s network.
As computer network grow larger and more complex, there is a need for a new simple kind of approach to configure them. SDN has emerged as promising network architecture. It takes the control plane away from the individual nodes and centralize the network control by utilizing a flow based traffic management. Mininet is a cost effective and an efficient way to emulate and study SDN.This paper presents a study of programmable networks with basics of Mininet.
Microx - A Unix like kernel for Embedded Systems written from scratch.Waqar Sheikh
Microx is a new operating system kernel designed for embedded systems. It is small, streamlined, and efficient. Microx is POSIX compliant and has a similar ABI to Linux, allowing Linux programs to run unmodified. It has a monolithic kernel design and supports over 150 system calls. Microx provides a capable UNIX-like kernel that is easy to customize and modify for embedded applications. It implements common kernel components like processes, memory management, filesystems, and networking. Benchmarking shows it has good performance compared to Linux. Microx also includes integrated firewall and quality of service functionality.
The document provides an overview of the Oracle Private Cloud Appliance (PCA). It discusses that the PCA is a pre-configured, integrated system that provides private cloud capabilities dedicated to a single organization. The PCA hardware includes management nodes, compute nodes, a ZFS storage appliance for system storage, and a network infrastructure with Cisco switches. The document describes the roles and configurations of these core PCA components.
Prem Yadav is a Senior Engineer with over 5 years of experience in system and network administration. He has expertise in Linux, Windows servers, and network security.
He is currently working at Altran Technologies, where he manages Linux and Windows servers, implements security solutions, and coordinates with global teams. Previously he has worked on network infrastructure projects for the Commonwealth Games and other organizations.
Prem holds several technical certifications including MCITP, CCNA, RHCE, and has a Master's degree in Computer Application. He is looking for a challenging position as a Linux System Security Administrator.
This document provides details on network design for a commercial company with four sites across a city. It summarizes the key findings of the network design, which includes provision of connectivity between the four sites and to the internet. It then discusses various aspects of the network design such as collision domains, broadcast domains, physical media, VPN configuration, and suitable network topologies. Star topology is identified as most suitable for the VPN configuration, with a centralized VPN concentrator creating secure tunnels to remote hosts.
Using Kubernetes to make cellular data plans cheaper for 50M usersMirantis
Use case of Kubernetes based NFV infrastructure used in production to run an open source evolved packet core. Presented by Facebook Connectivity and Mirantis at KubeCon + CloudNativeCon Europe 2020.
International Journal of Computational Engineering Research(IJCER)ijceronline
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity
GMNS will design and implement a computer network for First Bourne Tax Services including installing hardware such as servers, switches, routers, firewalls, and access points. The network will utilize virtualization and cloud services including containers for functions like DHCP, DNS, file sharing, and security cameras. Hardware specifications are provided for the EMC storage servers and considerations for storage configuration, RAID levels, and calculating disk IOPS.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
1. Running head: NETWORK INFRASTRUCTURE ADMINISTRATION 1
IT326-1401B-01:
Network Infrastructure Administration
Phase 5 Individual Project
Jay T Sexton
March 24, 2014
Portions of this assignment had previously been submitted during IT245 Introduction to Network
Management on 26 December 2013 with Mohammed Majid.
3. NETWORK INFRASTRUCTURE ADMINISTRATION 3
Target Organization
The organization that this network implementation plan will cover is a military Army
Aviation Brigade that is a subordinate unit to 3rd Infantry Division. The Brigade’s name is 3rd
Calvary Aviation Brigade (3CAB). This army unit is based at Hunter Army Airfield. It is a
satellite installation in downtown Savannah, Georgia that is controlled by Fort Stewart’s 3rd
Infantry Division. “3CAB join the 3rd Infantry Division on February 16, 1996 and became the air
asset for the 3ID” (Stewart, 2014). The organization has five subordinate organizations that are
commanded by the Brigade but are stationed at Hunter Army Airfield as well.
The Brigade is comprised of 10,450 soldiers and 1287 civilian contractors that conduct
daily aviation operations. Most of these personnel need internet and phone access during their
periods of work both at Hunter Army Airfield and while deployed to foreign countries. The unit
has two network infrastructure requirements that they need in order to conduct mission essential
operations. The organization requires an unclassified network to operate when back at home
station. This network is in place and controlled by the Department of Information Management
(DOIM) government agency. They also need a classified network infrastructure. Sexton’s Inc
was hired to design and develop a network infrastructure to bring 3CAB into the fast paced
digital network communications century. Currently the Brigade has eight Hewlett Packer 308
server blades with two NetAPPS, Fast Access San (FAS) 270 Storage devices, and four Cisco 12
port 10T based switches that they use while at home station and when deploy to support their
war time missions. When the Brigade deploys all the subordinate Battalions deploy also and can
be spread across extremely large areas of operations. Sexton’s Inc, the 3 CAB Commander,
subordinate Battalion Commanders and each organizations staff’s in order to work out all
hardware, software, and support requirements for two new tactical network infrastructures.
4. NETWORK INFRASTRUCTURE ADMINISTRATION 4
3CAB will need a deployable unclassified network infrastructure providing internet connections
to the worldwide web so soldiers can communicate back home with family and friends as well as
stay up with world events and even pay bills and manage finances. 3CAB will also need a
classified network infrastructure that will be a standalone network infrastructure, but connect to
higher organizations to share tactical information with any and all units that need that secure
classified information.
5. NETWORK INFRASTRUCTURE ADMINISTRATION 5
Proposed Network Solution
Sexton’s Inc., after the meeting with the senior management, stakeholder’s, hardware,
software’s, location, and user’s assembled all the wanted and needed requirements that was
presented for the design, development and implementation of the two new network
infrastructures that would best suite 3 CAB both at home station and deployed. The solution that
Sexton’s Inc. proposes to #CAB is that we implement a complete Hardware and software
upgrade while continuing to use the older systems until all new systems are setup, configured,
and all data has been migrated from the older systems to the newer systems.
Proposed Hardware Components
It is proposed that all current servers be replaced with Dell 1130 Dart Frog rugged server
blades which has “2 X intel Xeon processors, 96 gigabyte of memory, 2 X 40gigabyte 2.5 Serial
ATA II solid state drives, 10 network interface cards, intel Gigabit quad port Ethernet adapter,
and an LSI 3081E-R add-in Raid controller” (Dell, 2014), in a ruggedized carry case. The
NetAPPS FAS270 storage devices be replaced with the NetAPPS FAS2240 storage area network
device. The FAS2240 has “24x 3terabyte hot swappable SATA 300 hard drives, 4 Ethernet
10base-T/100Base-T/1000Base-T ports, 6 gigabytes of cache, and configurable as RAID 4, 6, or
DP”(CNET, 2014). The four Cisco 12 port switches will be replaced with Cisco Catalyst 2950
switches. These switches have 24 ports which are fast Ethernet , full duplex capability, VLAN
supportable, Auto sensing, auto negotiation with 16 megabytes of random access memory
(RAM), and 8 megabyte of flash memory.
6. NETWORK INFRASTRUCTURE ADMINISTRATION 6
Proposed Software Components
It is also proposed that this network operate in a virtual environment using VMWare 5.1
version ESXi virtual software. Within this virtual environment each virtual machine will use
Windows Server 2008 R2 operating systems. All enterprise applications such as Active
directory, Exchange 2010, SharePoint 2010, SQL 2008, DOMAIN Name Systems (DNS),
Dynamic Host Configuration Protocol (DHCP), and Windows Internet Name System (WINS).
As the network is setup it is proposed to use IP routing be configured to allow all necessary
protocols to be opened, accessible and used as applications need them when transferring data. It
is important to use DHCP to retrieved system IP addresses for the both network but there will be
some client workstations that will require static IP addressing in order to route to the proper
servers and to allow interaction between clients. It is also proposed that during logging into the
clients and those clients sending traffic across the network that certificate service be active and
require authentication across the network.
Finally it is proposed that during the implementation of the newer network that the older
network continues to operate to allow for continue network operations. This technique will allow
proper setup and configuration of the new systems. While operating both for a short timeline data
will be able to be migrated from the older software platforms into the newer virtualized operating
system virtual machines. The process of operating both server environments together will
migrating data will prevent or reduce operational downtime for the organization. This new
upgrade will provide a more robust network infrastructure while reducing the overall footprint of
servers for the unit. Since these server suites are in rugged plastic carrying cases it makes it
easier to use in home station and while deployed to off-site locations
7. NETWORK INFRASTRUCTURE ADMINISTRATION 7
Network Design
The network Design for 3rd Cavalry Aviation Brigade (3CAB) of the United States Army
stationed at Hunter Army Airfield in down town Savannah will provide a detailed description of
the proposed network infrastructure. 3CAB is a unit that is assigned to provide helicopter support
to any mission anywhere in the world. 3CAB needs a network infrastructure that is both used in
home station and can rapidly be deployed to support conflicts as needed. Anytime you talk about
a network infrastructure you must also talk about DOMAIN forest, Active Directories, Network
Protocols, Dynamic Host Configuration Protocol (DHCP), Internet Protocol Routing, Domain
Name System (DNS), Windows Internet Name Service (WINS) and Certificate Services. One
might ask why these are important. These are the backbone protocols, systems and services that
are required for a network to operate.
Network Hardware Components
The 3CAB organization will require an independent network which will use a specific
Internet Protocol (IP) address Schema and IP routing to communicate across the network. The
purposed network architecture will consist of four deployable tough boxed server stack’s which
will contain two Dell 1130 1U Rugged Dart Frogs server blades sporting two Intel Xeon E5645
Processors that has 12M Cache, 2.40 GHZ operation speed. Each blade has “96 Gigabyte of
DDR3 Memory operating at 1333MHz LV, two 40 Gigabyte 2.5 Serial ATA II Solid State
Drives, ten Network Interface cards (NICs), an Intel Gigabit Quad Port Ethernet adapter, using a
LSI 3081E-R add-in RAID controller” (Dell, 2014). Each Stack will also have a NetApps Flash
Accel Server (FAS) 2240 unified storage device for Storage Area Network (SAN) or Network-
attached Storage. This storage device will contain a “dual controller which will support 24 hard
drives (12 per controller) for a total of 576 terabyte of storage for all kinds of data. The FAS
8. NETWORK INFRASTRUCTURE ADMINISTRATION 8
2240 will also have 12 gigabyte of ECC memory 8 onboard GbE and 4 onboard SAS ports, 2
dual-port 8/4/2 gigabyte FC disk and 2 Dual port 10GbE Ethernet adapters” (NetApp, 2014). All
four stacks will also have a Cisco Catalyst 2960-48TC 48 port “Fast Ethernet remote manageable
switches with 32 megabyte of flash memory, 8K MAC address table entries that uses SSL
encryption as well as having the secure shell (SSH), RADIUS, and TACACS authentication
methods” (Vology, 2014). Each server stack will also have a APC universal power supply for
extended power availability in case of a loss of power source. To complete the network
infrastructure the 3CAB will have two Cisco routers, a Intrusion Detection System, a Intrusion
Prevention System, and a firewall device to use between their network architecture and their
Joint Network Node which has a transceiver and receiver server that will be the packet switching
device for the network. The network will also have cisco IP phones for telephony
communications across the network Infrastructure.
Network Software Components
These servers will use the VMware Linux shell operating virtualization system software
on the hardware but will use Microsoft Windows server 2008 R2 in the virtual machines that will
be loaded for operations. The unit will need a Active Directory DOMAIN which will use a
DHCP server to assign IP addresses to any and all connecting systems. Once the Active
Directory has been configured then Organizational units must be established. To connect this
DOMAIN to the outside world 3CAB will have to establish a DNS account with the national
Communication Center at Fort Gordon and then setup a DNS server connection to publish the
units IP routing schema to the outside agencies. Since this network infrastructure will be on a
classified closed network there will be no requirement for WINS services. The main protocols
that are already built inside of Windows server is Internet Protocols (IP) Transmission Control
9. NETWORK INFRASTRUCTURE ADMINISTRATION 9
Protocol (TCP) User Datagram Protocol (UDP), Hypertext Transfer Protocol (HTTP), and File
Transfer Protocol (FTP) are just a few named. During the configuration of the network switches
and routers the ports that these protocols use to communication must be opened for sending and
receiving packets through those ports or nothing will work this is known as the IP routing
scheme. Other protocols that are considered lower level are Address Resolution Protocol (ARP)
and Internet Control Message Protocol (ICMP).
When clients are added to the network each system’s system will establish a link with the
local switch or router to retrieve a IP address from the DHCP server and then the DHCP server
records the clients MAC address to allow that system to continue to use the specific IP address it
collected. Each client will join the DOMAIN and will have to load the DNS servers IP address
into either the IPv4 or IPv6 configuration table of that client so it can communication with other
sites on the internet. The network will use the Secure Shell (SSH), RADIUS and TACAS
authentication processes to gain access to the client system, network and interaction with any and
all servers on the network. Each of these systems will have certification services on to allow
client to server connections as well as connections to other domains across the network so that
data and messages can transit without being halted by improper IP routing protocols.
11. NETWORK INFRASTRUCTURE ADMINISTRATION 11
Installation and Configuration
During this section the 3CAB network implementation plan will cover the major
component and protocols installation for the network systems. As described in a previous section
the Dell dart Frogs server blades and cisco switch are already mounted in a deployable tough box
carry case. The NetApps FAS 2240 is also in its own tough box carrying case. Finally the APC
universal power supply is in its own tough box carrying case. Each of these three tough boxes
stack on top of each other with the UPS as the base with the server blades and cisco switch on
top of it and then the NetApps on top of the servers box. Since 3CAB has four stacks all they
have to do is remove the front and back covers of each tough box and then make four separate
stacks as described in the before sentences. Each server blade is already wired to the switch
using Cat 5 shielded twisted pair cabling. Each NetApps FAS 2240 is connected to the switch by
fiber optic cabling and all power cables are plugged into a power strip that is plugged into the
UPS at the bottom of the stack which draws it power from either a generator or fixed facility
power source.
The servers already have a Linux shell operating system which is the VMWare ESXi
software which allows the use of Microsoft Windows Server 2008 R2 operating system. To
install the operating system simply insert the OS disk into the virtual DVD drive and then reboot
the server and press F12 to select the CD/DVD drive and then allow the server operating system
to complete its installation and prep. Once the server OS is install then it is important to have an
idea of what major protocols are already designed in windows server. The following is a list of
the some of the most used protocols:
Transmission Control Protocol/Internet Protocol (TCP/IP) suite,
User Diagram Protocol (UDP),
12. NETWORK INFRASTRUCTURE ADMINISTRATION 12
NetBios Enhanced User Interface (NetBEUI),
Internet Network Packet Exchange/Sequential Packet Exchange (IPX/SPX)
File Transfer Protocol (FTP)
Hypertext Transfer Protocol (HTTP)
Simple Mail Transfer Protocol (SMTP)
Domain Name Service (DNS)
Dynamic Host Configuration Protocol (DHCP)
Routing Information Protocol (RIP)
Simple Network Management Protocol (SNMP)
Internet Control Messaging Protocol (ICMP)
Address Resolution Protocol (ARP)
Bootstrap Protocol (BOOTP)
Real-time Transport Protocol (RTP)
These are just a handful of protocols that will be used or need configuration for them to operate.
A protocol is “Set of rules or language use by computer and networking devices to communicate
with one another” (escotal, 2013). Most of the protocols are already for use with the installation
of the windows server and client operating systems.
The NetApps uses a “Linux shell” (Sandirect, 1999) that provides windows operating
system support. This device comes from the manufacturer with it own internetwork operating
system. There is no installation required. The Internetwork operating system requires the use of
HyperTerminal and putty application to gain access to storage device to conduct reset and
configuration procedures. The protocols used by the NetApps are Common Internet File System
(CIFS) Protocol, Fiber Channel protocol, Internet Small Computer Systems Interface (iSCSI),
and Network File System V2, V3, V4 Protocols. All Cisco switches use the Cisco internetwork
operating system. These devices also come preloaded from the manufacturer as well and they
also require the use of HyperTerminal or putty to conduct reset and configuration of the switches
13. NETWORK INFRASTRUCTURE ADMINISTRATION 13
and routers. The servers and FAS2240 storage area network devices connect directly to the
switches and the switches connect to the routers for the transmission of data and message traffic.
These are some protocols “Routing Information Protocol (RIP), Open Shortest Path First (OSPF)
, TCP/IP (Transmission Control Protocol/Internet Protocol), EIGRP (Enhanced Interior Gateway
Routing Protocol), passive FTP, Intermediate system to intermediate system (IS-IS), Exterior
Gateway Protocol (EGP), Interior Gateway Protocol (IGP), registered port numbers, IPX
(Internetwork Packet Exchange), frame” (escotal, 2013).
The IDS, IPS, and Firewall will be installed along the network path between the outside
router and the demilitarized Zone just before the Joint Network Node trailer mounted satellite
Disc Each of these devices also come pre-installed with their operating systems but still require
the same applications to reset and configure as the before mentioned hardware devices. As for
the clients system to accomplish the operating system you repeat the same steps with each laptop
as you did with the servers. Place the OS disk in the DVD drive and reboot the system pressing
F12 and choosing the DVD drive to begin the installation process. Then system prep is required
prior to operations. The clients use similar protocols as the servers do to be able to operate.
In the configurations considerations for each server and client it is important to ensure
that all protocols ports are open and allowing the flow of data through them. Most are already
preset as open, but there are a few that require configuration. The first thing that must be
accomplished when configuring the server and client systems is to provide a computer name for
the server so it will be identified on any network. Configure the date and time and time zone.
Then the monitor resolution settings need to be set. The network card needs to be activated and
the network connection configured. To accomplish this, the technician must go to network
connections select the properties of either IPv4 or IPv6 configuration option and then assign a
14. NETWORK INFRASTRUCTURE ADMINISTRATION 14
static IP address subnet mass, gateway and DNS IP address to make connection to the network.
The server can also be configured by adding the server to a domain that is using DCHP and
allow the connection to find its own network IP address, subnet mask, gateway, and DNS
address.
The host file also will need updating with any other host that may need access to the
server or client. The firewall and windows defender need to be set to a secure level to prevent
any and all attacks. The internet browser will need configuration to ensure the HTTP and HTTPs
protocols will allow connections The protocols are used in the configurations of most server and
client systems are DHCP, DNS, WINS, BOOTP, ARP, RARP, ICMP, HTTP, HTTPS, and
SNMP just to name a few. Routers and switches will require configurations of ports, password
establishment, firewall, Internet Group Multicast Protocol(IGMP), Telnet, Network Time
Protocol (NTP), Network Address Translation (NAT), and Internet Connection Sharing (ICS)
protocols along with the before mention routing protocols. All hardware comes preconfigured
with memory, and SATA hard drives that are already formatted with NTFS formats. The
following is a list of protocols and their port numbers each use. During the configuration process
ensure these ports are open for use:
1 TCP Port Service
21 FTP
22 SSH Remote Login Protocol
23 Telnet
25 Simple Mail Transfer Protocol (SMTP)
15. NETWORK INFRASTRUCTURE ADMINISTRATION 15
53 Domain Name System (DNS)
67 Dynamic Host Configuration Protocol (DHCP)
69 Trivial File Transfer Protocol (TFTP)
80 Hypertext Transfer Protocol (HTTP)
110 POP3
115 Simple File Transfer Protocol (SFTP)
123 Network Time Protocol
137 NetBIOS Name Service
143 Interim Mail Access Protocol (IMAP)
150 NetBIOS Session Service
161 Simple Network Management Protocol (SNMP)
190 Gateway Access Control Protocol (GACP)
389 Lightweight Directory Access Protocol (LDAP)
443 Secure Hypertext Transfer Protocol (HTTPS)
445 Active Directories and Server Message Block (SMB) Protocol
One last area to discuss is the ability to remotely access devices and clients across the
network. Most people feel that in the configuration of servers and clients as a technician sets the
computer name they have the ability to turn on Remote Desktop Protocol (RDP) which allows
16. NETWORK INFRASTRUCTURE ADMINISTRATION 16
clients and servers to remotely login to each other to share data and allow repairs of the software
operating systems. The protocols used in gaining remote access are “RDP, Telnet, Point-to-Point
Protocol (PPP), Serial Line Internet Protocol (SLIP), Point to Point Protocol over Ethernet
(PPoE), and File Transfer Protocol (FTP)” (AnswersThatWork, 2008).
17. NETWORK INFRASTRUCTURE ADMINISTRATION 17
Maintenance and Troubleshooting
This section of the Network implementation Plan will cover the most important part after the
design and that is the maintenance and troubleshooting of the network. Let us break down the
network into three areas: Workstation, Server, and Network maintenance. When should each of
these required maintenances take place? Here in this document we break down these three areas
into four stages of scheduled maintenance for 3 CAB’s network. The four stages are Daily,
weekly, monthly and quarterly maintenance. We will also mention all the network operations
that will be monitored, all collected information and what that information might mean as it
relates to potential issues.
Daily Maintenance
During daily maintenance every operator of each will wipe down the outside of each
hardware piece and give it a daily once over to ensure there are no broken pieces of exterior
hardware. Then the operator will start each workstation and monitor the startup making sure
there are no operating system malfunctions during startup. Once the workstation is up and
operational then the operator will ensure they can log into the network using their username and
password and monitor any and all errors that might be shown in the task bar bubble message.
Then the operator will constantly monitor the operations of each software application to ensure it
works as it is supposed to. The operator should be trained to check the event and application
logs of the workstation as well to identify problem areas. If there seems to be a problem then the
operator will submit a trouble ticket to the system administrator for maintenance support.
The maintenance support team will perform daily checks of the servers conducting
exterior inspections for the servers, switches, routers, UPS, and NetApps looking for any fault
18. NETWORK INFRASTRUCTURE ADMINISTRATION 18
light indicator that would present a potential issue. Then the team adds any new user to the active
directory and establishes a new user/computer account for each new user. Then the team will
check the events and applications server logs, firewall logs, intrusion detection system (IDS)
logs, intrusion prevention system (IPS) logs, logical unit number (LUN) logs, core file
permissions, hard disk space, access control list, and all information assurance violations. Once
that is complete the support team will troubleshoot and repair all hardware and software issues
submitted found in any logs or referenced by the trouble ticket process. The 3CAB maintenance
support team will use the “Server Center operations Manager 2012 application which performs
monitoring and management of applications like Active directory, SQL server, Exchange Server,
IIS web server, SharePoint, Office suite applications as well as configuration logs of all network
hardware devices” (eG, 2014).
Weekly Maintenance
Weekly maintenance will cover workstation, server and network maintenance procedures
performed by the maintenance support team. They will conduct remote management
maintenance, run antivirus software checkups, and virus scans. They will ensure scheduled
defragmentation processes and hard disk cleanups are conducted during low peak hours. They
will physically and visibly check disk space utilizations, application functionality, switches,
routers, hubs, print servers, printers, plotters, and conduct internet file purges. The maintenance
support team will perform incremental backups and snapshots of Exchange, SharePoint and SQL
databases, and incremental backups of Microsoft server operating systems.
19. NETWORK INFRASTRUCTURE ADMINISTRATION 19
Monthly and Quarterly Maintenance
During this maintenance time the unit will submit a automation service interruption request to
the senior staff to approve downtime for the servers to conduct a complete cleaning of all server
blades, NetApps, and UPS to remove sand, dust, and dirt to help reduce the operating
temperature. During this time any hardware failures will be removed and repaired or replaced
and all data migrated over to the new hardware. The maintenance support team will troubleshoot
hardware and software issues, conduct antivirus software checkups, check firewall rules and
logs, syslogs, conduct IDS and IPS log analysis. The team will perform full backups of each
server system, check complete security policies and rules, perform redundancy checks and apply
all necessary updates, service packs and security patches to make sure the network is in
information assurance compliance. The team will scan all clients to ensure they all have their
newest updates, service packs and security patches and then “deploy them downward through the
Windows Server Update Services (WSUS)” (technet, 2014) and System Center Configuration
Manager (SCCM) which “enables third party software deployment, system compliance setting
management, and assessment management of servers, desktops, laptops and mobile devices on
the network” (technet. 2014). During this maintenance time the maintenance support team will
check all traffic transmission logs using and application called wire shark. Then they will remove
old accounts from active directory, remove old mailboxes from exchange, clean out the trash
cans and conduct content management of SharePoint application as well as and conduct SQL
shrink commands and then snapshot all to the disaster recovery storage server.
20. NETWORK INFRASTRUCTURE ADMINISTRATION 20
Network Monitoring
Once your maintenance and troubleshooting schedule has been laid out the next thing to consider
is what will you be monitoring? It is important to monitor user login’s to avoid any security
breach issues. In active directory you can set a policy that will lock a user’s account after three
wrong username or password entries. This is accomplished by setting a policy rule in the AD
telling the system to only allow three login attempts. After the third attempt the user’s account
will be disabled and they will be locked out. This will require submitting a trouble ticket and a
personal visit to get it re-established. The meaning of this information is to avoid insider attacks.
The next thing that is important to monitor is network data. This can be accomplished by many
different monitoring applications which work off the SNMP protocol. Using SNMP you can
monitor switches, routers, firewalls, IDs, and IPS devices. The top rated network monitoring tool
that 3CAB uses is solar winds and wire shark to layout a network mapping diagram and monitor
operations. 3CAB can monitor all types of data and messages by capturing packets, filtering
packets and inspecting packets that are sent across the network. The information of all
transferred data and messages is presented in a display user interface window, displaying
information like time source, destination, protocol used, length and other details to help identify
who sent it and to whom it was meant for. These two applications allows all information to be
color coded to show TCP traffic, DNS, UDP, Telnet, ARP and many other protocol
transmissions. The meaning in monitoring this network traffic is to ensure no traffic collisions,
no packet losses, and to proper bandwidth capacity and utilization.
The final and most important thing to monitor is attacks, this can be accomplished by having an
IDS and an IPS in your network. The IDs reviews all in and out bound network activity for
21. NETWORK INFRASTRUCTURE ADMINISTRATION 21
suspicious patterns that is identifiable as a network attack. You monitor for DDSS, DSS, Buffer
flows, man-in-the middle and other attacks that could stop or slow down the network. The
meaning for this information is to help stop or prevent network interruptions.
Network Problem Scenarios
Trouble ticket one states operator’s workstation gives error that There is an IP address
conflict with another system on the network. To troubleshoot this issue first asked if this system
has been off the network for a period of time if so then the DHCP server issued the IPaddress to
another system to troubleshoot who simply go to my computer, right click select manage the
view the event viewer until you find the DHCP error entry. Look for the MAC address of the
system that is currently using the IP address. Then if you need to fix it right away then from a
command prompt just type IPCONFIG/Release to let go of the IP address and then type
IPCONFIG/ Renew to establish a new IP address for the user.
Trouble ticket comes in user types in an http address and continues to get the Microsoft
error screen. Troubleshooting steps are check to see if they have network connectivity in the
Open Network and Sharing Center. If they do then select the change adapter settings, look at the
IPv4 properties and verify that the system has a DNS address. Or you can from a command
prompt type IPCONFIG /ALL to view if they do are not. If all is well then open Internet explorer
and check the security settings of the browser and in the options tab ensure all TSL and SSL
options are selected.
Trouble ticket comes in all traffic is stopping at the DMZ router and being turned back.
Remote access the router using HyperTerminal or putty and check the configuration of the IOS
22. NETWORK INFRASTRUCTURE ADMINISTRATION 22
and access control list to ensure the user can send and receive traffic across the network. If user
is in the ACL then check port number to see if it is opened or closed.
23. NETWORK INFRASTRUCTURE ADMINISTRATION 23
Remote Access
In this section of the 3CAB3ID network implementation plan, the unit decided that the
most important feature they would need for their network would be to use remote connectivity
on their network. What is remote connectivity? “Remote connectivity is a new kind connectivity
which is non-dependent on connection locations while still being able to utilize network
features” (CTU Online, 2014). Now that we know the definition of remote connectivity, what is
it all about? In today’s busy world of networks organizations need to allow technicians remote
repair capabilities as well as other employees having access to network features while they are
away from the organization. 3CAB feels they will need to manage, troubleshoot, maintain, repair
as well as allow access to their network by using remote connectivity features. They will use
remote access servers (RAS), remote access protocols, remote control (RDP), Virtual network
computing (VNC), Web portals, and Virtual private networks (VPN) to accomplish their needs.
Remote Access Connectivity
The three remote connectivity features that will be used to allow soldiers to connect back
to the network will be the remote access server, Virtual private network, and Web portals. The
RAS and the Web portal are virtual machines setup and configured on a dell dart frog hardware
server blade. Virtual Private Network is on both a server blade and on each client that is
authorized to make connections to the unit’s network. The application that has these features is
Microsoft windows. It uses the routing and remote access service software to make connection to
24. NETWORK INFRASTRUCTURE ADMINISTRATION 24
the network using a DSL or broadband provider. Each user must dial into the Remote access
server to authenticate and receive authorization to make their connections to share data and
access files. The second type of remote connectivity is the virtual private network. VPN
connections allow users to log in to an organizations intranet through a secure connection across
a public network. So basically we are looking at a remote access VPN. This connection requires
two components to properly work. They are a “network access server (NAS) and a remote access
server (RAS)” (Tyson&Crawford, 1998) these two servers will allow connection directly to the
intranet and the overall network. The last way users can remotely gain access is through Web
portals. Microsoft Exchange and SharePoint allow users to gain direct access to the organizations
exchange servers to be able to check emails and to the organizations actual SharePoint portal to
access needed data and hang and extract files, pictures, and databases. These remote connectivity
features are the most common features used to gain access to an organization you work for.
Administration Remote Connectivity
As we covered maintenance and troubleshooting there are three remote connectivity
features that 3CAB will use only within the organization. These features will allow remote
access, repair and troubleshooting to be conduct off site from the actual problem. The three
remote connectivity’s features are Remote access protocols, Remote control and virtual
networking computing. Telnet is used to make direct connections to features and applications in
order to conduct repairs, troubleshoot and maintain proper operations of the network. FTP and
25. NETWORK INFRASTRUCTURE ADMINISTRATION 25
TFTP can be used to transfer files from one system to the next and then Telnet can be used to
deploy those files on a remote system. Remote control is another feature that can be used to gain
a direct desktop connection to a system in order to take complete control of an operating system
to conduct repairs, troubleshooting and help maintain all software applications on the remote
system . This feature is also found in Microsoft windows. It is called remote desktop connection
and can be found in the accessories directory. To use all you have to know is the systems IP
address or host name to gain access to any remote system. The last feature is a separate
application called Virtual Network Computing. This remote access application works identical to
remote desktop and will allow the maintenance team takes complete control of a remote
computer to conduct repairs, troubleshoot and maintain operating environments and applications
integrity. VNC requires a server on a server blade and then the client version be added to all
clients so the administrator can remote in and conduct maintenance of the remote system.
3CAB3ID is very big on security that is why they will not use just dial-up networking. It
is the least secure method for access any network. The remote access server will use the proper
authentication and authorization of a login and password and if setup with a third party token key
it could be extremely secure security method of gaining access. “One sure way to secure the
RAS is to use a function called call back. This works by when a user calls into the units network
they use a login and password, then the server disconnects them and calls their number back.
This makes this connection secure because it is hack proof” (PCMicro, 1995). Virtual private
26. NETWORK INFRASTRUCTURE ADMINISTRATION 26
network is like a network within a network it functions across a public network but the files and
data is encrypted as it travels across the network and requires the key at the other end to access.
It uses Internet protocol security (IPsec), Layer 2 tunneling Protocol, Transport Layer security
(SSL/TLS) Microsoft point-to-point encryption (MPPE), Point-to-point tunneling Secure Shell
(SSH) and OpenSSH to secure remote connections. Web portals also require login and
passwords to gain access so they are extremely secure. The one major component that will
breach security is always the user. The remote access protocols, remote control and VNC will
always be secure because they will only be used to gain access to any system on the units
network and will not be used as an outside source to remote connectivity.
Maintenance and troubleshooting these remote connectivity’s is not really complicated
because once all setup and configurations have been set on the servers and clients then as long as
no one makes changes to the connection configurations the connection should always work. If
one was to ever have an issue then the system administrator should use Telnet, Remote desktop
connection or VNC to remote into the client to troubleshoot the VPN or RAS connections and
make changes so the client will again be able to connect to the network.
27. NETWORK INFRASTRUCTURE ADMINISTRATION 27
Network Pro Prep Toolkit
Week 1
0.1 Course Introduction
No Exam
0.2 Using the Simulator
No Exam
1.1 Networking Overview
1.2 Network Topologies
35. NETWORK INFRASTRUCTURE ADMINISTRATION 35
References
AnswersThatWork.com. (2008). List of common TCP/IP port numbers, Retrieved 09 March
2014 from http://www.answersthatwork.com/ ownload_Area/ATW_Library/Networking
/Network__2-List_of_Common_TCPIP_port_numbers.pdf
c/net.com. (2014). NetApp FAS2240-4 specs (network storage server), Retrieved 23 February
2014 from http://reviews.cnet.com/search-results/netapp-fas2240-4-network/4507-5_7-
35175839.html
CTU Online. (2014). MUSE. CTUO, Virtual campus, IT326-1401B-01 Network Infrastructure
Administration. Phase 5 Remote Connectivity. Retrieved from
https://mycampus.ctuonline.edu
Dell.com. (2014). Dell OEM 1130, Retrieved 23 February 2014 from
http://www.dell.com/learn/us/en/555/oem/dell-oem-1130-server
Dell.com. (2014). Dell OEM 1130, Retrieved 02 March 2014 from
http://www.dell.com/learn/us/en/555/oem/dell-oem-1130-server
eG Inovations.com. (2014). Universal Microsoft SCOM Management Pack Enables End-to-End
Monitoring, Retrieved 16 March 2014 from http://www.eginnovations.com/web/eg-
microsoft-scom-plugin.htm
Escotal.com. (2013). Protocols, Retrieved 09 March 2014 from
http://www.escotal.com/protocol.html
36. NETWORK INFRASTRUCTURE ADMINISTRATION 36
NetApps. (2014). NetApp FAS2200 Series Technical Specifications, Retrieved 02 March 2014
from http://www.netapp.com/us/products/storage-systems/fas2200/fas2200-tech-
specs.aspx
PCMicro. (1995). Using Microsoft Remote Access Service (RAS), Retrieved 23 March 2014 from
http://pcmicro.com/support/ras.html
Sandirect.com. (1999). NetApp FAS2240-2 Universal Storage System, Retrieved 09 March 2014
from http://www.sandirect.com/netapp-fas2240-2-universal-storage-system-p-
1765.html?_kk= fas2240&_kt=66354ddf-28bd-41a5-afbe-e28b9bf23197&gclid=CIj6_
OeVib0CFclDMgodqy4A _w
Stewart.army.mil. (2014). 3rd Combat Aviation Brigade History, Retrieved 23 February 2014
from http://www.stewart.army.mil/units/history.asp?u=3CAB
Technet.microsoft.com. (2014). Windows Server Update Services, Retrieved 16 March 2014
from http://technet.microsoft.com/en-us/windowsserver/bb332157.aspx
Technet.microsoft.com. (2014). System Center Configuration Manager, Retrieved 16 March
2014 from http://technet.microsoft.com/en-us/systemcenter/bb507744.aspxVology.com.
(2014). Cisco WS-C2960-48TC-L Switch - Cisco 2960, Retrieved 02 March 2014 from
http://www.vology.com/cisco/network-switches/ws-c2960-48tc-
l?utm_source=Google&utm_medium=Feed&utm_term=WS-C2960-48TC-
L&utm_content=628.00&utm_campaign=Cisco&gclid=CNyL3IjD97wCFYZAMgodaB
EADQ
37. NETWORK INFRASTRUCTURE ADMINISTRATION 37
Tyson, Jeff & Crawford, Stephanie. (1998). How VPNs Work Page 3, Retrieved 23 March 2014
from http://computer.howstuffworks.com/vpn3.htm