Presentation is loading. Please wait.

Presentation is loading. Please wait.

CCSE NETWORK STRUCTURE. CCSE NETWORK OUTLINE Mid-sized Building Network spanning over Building 22 and Building 23. Autonomous from ITC’s KFUPM Domain.

Similar presentations


Presentation on theme: "CCSE NETWORK STRUCTURE. CCSE NETWORK OUTLINE Mid-sized Building Network spanning over Building 22 and Building 23. Autonomous from ITC’s KFUPM Domain."— Presentation transcript:

1 CCSE NETWORK STRUCTURE

2 CCSE NETWORK OUTLINE Mid-sized Building Network spanning over Building 22 and Building 23. Autonomous from ITC’s KFUPM Domain –Different IP domain –Independent Services –Separate Network Administration and Management –Separate Budgeting

3 CCSE Network Administration CCSE Network Administration is broken down into four groups –Windows PC Administration Group –Unix Administration Group –Network and Hardware Services –User Support Services

4 CCSE Network Administration Windows Administration –Responsible for Windows Labs, User Accounts, Student Storage Drives, Faculty Teaching Support Unix Administration –Responsible for Unix Labs, Majority of servers and services, research groups, Faculty Teaching Support Network & Hardware Services –Network Infrastructure installation, maintenance and management. –Installation of servers, Printers and PCs –All Hardware Services

5 CCSE NETWORK OUTLINE Six networks, segmented based on functionality comprise the overall CCSE Network –Faculty Network (196.1.65.0/24) –Student Network (172.16.0.0/16) –Unix Network (196.1.64.0/24) –Management Network (196.1.67.0/24) –Wireless Network (192.168.100.0/24) –Remote Access Service (RAS) – Dialup connections (10.222.0.0/24) ITC uses the 10.0.0.0 network, with variable subnetting.

6 CCSE Network Structure 196.1.64.0/24 196.1.67.0/24 172.16.0.0/16 196.1.65.0/24 10.222.0.0/24 ITC Network 192.168.100.0/24

7 CCSE NETWORK OUTLINE

8 CCSE NETWORK INFRASTRUCTURE Initial Network Structuring used Coaxial Cable In early 1990s, decision was taken to scrap Coaxial and move to UTP/Fiber. UTP – Category 5/5E –Ability to scale up to Gigabit connectivity –Deliver Gigabit to Desktop if required in future Fiber – MultiMode Fiber –Works till 500 meters. Suits CCSE requirements –Easier to work with and deploy –Scalability Guaranteed –Fiber deployed at Distribution layer

9 CCSE NETWORK INFRASTRUCTURE Layer-2 at both Access and Distribution layer is 3Com Comparatively Inexpensive with good ROI Educational Institution – No Enterprise demands such as VPNs or Multimedia Conferencing Layer-3 at Distribution and Core is Cisco Core and Distribution layer is where Servers are located and it is the Backbone of the network Need for reliability and extensive features for segmentation, security and traffic control.

10 CCSE INTER-NETWORKING Dynamic Routing implemented at the CCSE Cisco backbone. No static routes RIPv1 is used for routing within CCSE and between CCSE/ITC. –No real subnetting within CCSE. Hence RIPv1 suffices –ITC uses VLSM to segment its network and hence uses EIGRP on its network

11 CCSE NETWORK SERVERS AND SERVICES -Unix Services -Solaris, Linux, Unix, and MacOS Environments -Email on username@ccse.kfupm.edu.sa domainusername@ccse.kfupm.edu.sa -Shell Terminal accounts and storage -VNC Terminal Emulation -Web-hosting -High Performance, Parallel and Distributed Computing -OPNET -Windows Services -Windows Active Directory based student, faculty and staff accounts -Student accounts and storage -Exchange Server and Calendaring Facility for faculty -Numerous Software and applications

12

13 Network Peculiarities A very large IP address space is in use for Student’s network. The 172.16.0.0/16 offers 65000+ addresses while host machines in the network are approximately 500. Use of /24 network mask [~254 hosts] for faculty network. This is pushing the network with around 235 IP addresses in use. Use of public IP addresses – 196.1.65.0, 196.1.64.0 and 196.1.67.0 Ad hoc growth pattern implies lack of layered structure – No proper distinction between Access/Distributed/Core layers Using RIP prevents route summarization on our Core router for ITC networks i.e., CCSE router has to keep a route map for ALL networks on ITC instead of one summarized route.

14 Network Peculiarities - Solutions Reallocate IP addressing to segment the 172.16.0.0 network Use EIGRP or OSPF within our network so that we can use Route Summarization to relieve memory resources on Backbone. Restructure network into properly layered structure Proper server location with respect to bandwidth demands

15 CCSE Network – Security Security is addressed in two layers –Network Level Security On routes using Access Control Lists An Intrusion Detection System on CCSE-ITC network (more of an academic exercise) Port Security on Switches – Binds Ports to pre-defined MAC addresses. Users cannot plug in their machines. Binded MAC – IPs. MAC addresses of user machines have to be first registered before they can get a network IP.

16 CCSE Network – Security Security at Hosts Host-based ACLs and rulesets Firewalls Central Active Directory, LDAP based User authentication/authorization Logging

17 CCSE Network - Management Management achieved through different network tools –3Com Network Supervisor Topology Discovery Resources Utilization –MRTG Traffic plotting. Publicly available at http://196.1.67.151 –Ntop Traffic Characterization

18 CCSE Network – Wireless Network Rudimentary Wireless Network covering Department locations in the building Cisco centric with 802.11b at 11Mbps Security – –Static WEP key 128 Bit. –Traffic Control via ACLs on router between Wireless and Wired network.


Download ppt "CCSE NETWORK STRUCTURE. CCSE NETWORK OUTLINE Mid-sized Building Network spanning over Building 22 and Building 23. Autonomous from ITC’s KFUPM Domain."

Similar presentations


Ads by Google