Level Wide
Essay Preview: Level Wide
Report this essay
Introduction
The following is top-level enterprise wide telecommunication network solution for an audio and video special effects development company for the entertainment an advertising industry.
Network Design Requirements
The first consideration for design of this network is the global presence of the client. Figure 1 is an organizational chart which lists all enterprise locations with their
functions. Some locations have multiple functions; it is assumed that these are all housed in one building or complex. The enterprise wide minimum network requirements are the ability to handle a constant stream of multimedia traffic between offices (average file size of 25MB) in no more than 5 seconds and full telephone voice capability with conferencing with speed dialing to any location in the company. At the design centers, an average file of 50MB needs to have a response of no more than 20 seconds between workstations. Each location requires Internet access.
WAN Design
The physical design has the challenges faced by the physical distances between offices. These challenges were overcome by a variety of methods each dependent
on the region for which they are located. Offices located in the Continental United States as well as those in Europe are connected via fiber optic buried cable as a primary means for data to travel. London, Tokyo, and Rio de Janeiro tie into the data network via microwave technology. All offices are tied into Corporate Headquarters in Los Angeles via six dedicated leased lines. This network provides telephony capability as well as serves as a secondary route for data flow. All locations are connected to the Internet from local and regional providers via a variety of high-speed options that are dependent
upon services rendered in the area. Firewalls are installed between the Internet and all locations allowing protection for the company intranet.
The logical design is centered on Corporate Headquarters in Los Angeles, which servers as the central hub for information and phone routing throughout the organization. A main consideration in the logical design was to alleviate bottlenecks in information flow Ð- mainly caused by design center traffic. To combat this situation, the logical design ensures that information from a design center to the central office never has to pass through another design center, which could more than double traffic on that path. The telephony requirements are solved with a Voice over Internet Protocol (VoIP) solution which will satisfy corporate needs, with additional savings inherent to this technology.
LAN Design
Threat Management
Since all offices will maintain their own connections to the Internet, it is possible for each to use a different method based on the local services available. In contrast, they will all use the same methods to protect the LAN from viruses, SPAM, and intrusion from the outside.
To keep the LAN free from viruses we will use an enterprise level anti-virus package. A service will be installed on a server responsible for controlling every aspect of detecting and cleaning viruses that may infect an individual PC or server. The anti-virus service will download updated virus definitions from the vendor on the hour and push the updates to the PCs and servers. The assumption that every computer on the network is protected comes from the fact that the anti-virus client application is automatically installed upon logging on to the domain.
Users can waste a lot of time dealing with SPAM. So we will take the process of detecting SPAM seriously. A service will be installed on the email server housed in each location or in a regional office. The service will use multiple methods to detect SPAM including white lists, rule detection, and a SPAM rating system. Each user will have control over his or her white list, which is a list of email addresses from which the user expects to get email. Detection rules are downloaded from the vendor to help in blocking known SPAM friendly domains and URLs. The SPAM rating system is a proprietary application and is kept secret by the vendor.
A hardware based firewall solution will be placed between the Internet and/or WAN connection to thwart off would be hackers. The LAN is the private segment of the network. The rules for the LAN interface should be set to deny any unsolicited traffic into the network. Additional LAN rules may be set to deny outgoing traffic such as instant messaging, or gaming. The DMZ is the somewhat less private network segment. The rules for the DMZ should be set to allow incoming traffic on the services available to the outside world. Services that may be available are SMTP (Simple Mail Transfer Protocol), FTP (File Transfer Protocol), or WWW (World Wide Web).
Every system will have some degree of logging enabled that will be evaluated on periodic intervals for possible attacks or bottlenecks. In the event of a breech in security, a pre determined recovery plan would be followed to help restore affected systems.
Disaster Recovery Plan (DRP)
All of the Network Administrators, for the various locations, recognize that their operational dependency on computer systems, including the Local Area Network (LAN), Database Servers, Internet, Intranet and e-Mail, and the potential loss of revenue and operational control that may occur in the event of a disaster; authorized the preparation, implementation and maintenance of a comprehensive disaster recover plan. The intent of a DRP is to provide a high level plan in order to direct the computer system recovery process in the event of an interruption in continuous service by having a recovery strategy.
A planning group will be established to manage the development and implementation of the disaster recovery strategy and plan. Staff memebers from each location will be members of the team, responsible for all disaster recovery