With any business that is start up or expanding into ecommerce age; a network design plan is paramount. With that said we understand that C & C headquarters is based in Michigan; and the business will be planning on having facilities positioned in four other states as well. Each facility or office then consist mainly of four departments; maintenance, accounting, receiving, and shipping. With the acknowledgment of responsibility on each department, and the multiple facilities, steady sharing of data, programs and a mixture of applications will need to be accessible over a Local Area Network (LAN); as well as over a Wide Area Network (WAN), and via remote access. The purpose of the network, both LAN and WAN, are to permit for a secure yet easily ever growing network, that permits real-time data transfer.
When planning the LAN for C & C, there were multiple issues to take into account; the main issues being the integrity and ease of access of the data over the network; as well as the accessibility of expanding the network. Along with these interest, it has also been decided that each department needs to be able to share peripherals devices; such as scanners, copiers and printers. For this reasoning, the LAN in each of the facilities will use a star topology for its setup. As we discussed in our design and plan meetings to go with the star topology the LAN will consist of Cat 5 e and 100Base-T cables. These cables will provide the necessary support for the network
design allowing for speed and integrity. As well, this network layout will also allow for network expansion and management; and help support the future goals of the company.
As for the WAN that is to be used to connect the facilities to one another, there are a few key factors that need to be considered; the requirements of the WAN. These requirements include: being able to allow each facility to be able to connect, or rather be connected to the WAN to allow the accountants at headquarters access to all financial data. The WAN must allow for approximately 40 users at any given time on the WAN; that use the WAN for approximately an hour at a time. And due to constant accessing of the data, a synchronous connection needs to be established between each facility’s LAN. So based on factors such as these, it has been decided that a SDSL connection would be optimal for C & C’s WAN.
Like with any company, C & C data are sensitive, and needs to stay secured. So when accessing the information off site, security measures need to be put into place to allow for the viewing of this sensitive data. For this reasoning, a VPN will be used to access the network remotely. VPN remote access connections use authenticated links to ensure that only authorized clients are able to connect to the organization’s LAN. These authenticated links provided by VPNs will allow any of C & C’s offices the ability to connect to its branch offices over a public network while maintaining
secure communications.
In conclusion, it is believed that by implementing the following network specifications, C & C business will be able to continue its network’s growth, and continue to allow the accessibility required to allow production to continue under various circumstances. However, the growth and security of the network is, and will continue to be constrained by the financial backing that the network is allotted.
Cabling Specifications
Network cabling among two buildings will be contracting out to another company; so with that said we will be hiring a third party supplier. Specified by our requirements and the from the contractor recommendation specification, to use a 100Base-TX cable that will be utilize on the WAN section of the network. The connection will be brought inside the building and transfer into our LAN requirements, then to fit RJ45 twisted pair cabling.
In our next phase, due to fire code specification we will be installing plenum-grade Cat (category)-5 grade twisted pair cable for our LAN network and connect all the nodes and in between central hub, wall paneling and patch work, RJ-45 connectors and workstations and NIC cards. But the actual cable uses two twisted pairs in a single covering. The cable most likely will be unshelled twisted pair for the reason that the cost is cheap will not be affected by any electrical disturbance. The cable will run though out the ceiling in some area conduit may be used for neatness. In
addition, this is a very popular class of cabling to work for our WAN.
The RJ-45 connectors will be the standard connection for all the equipment and in some areas it may be necessary for hardwiring. For this reason vital areas require special attention this will allow take full advantage of the broadband speeds and reducing damaged connections. Then again, the maximum distance end to end, between connections on the hub to the connection on the computer’s NIC must not exceed 100 meters of cable length. The supplier is informed of the requirements.
Installation Checklist
100Base-FX cable used to create network into the structure.
CAT-5e twisted pair cable will be utilized for all network station.
Connectors and wall panels will have RJ-45 types.
All wall panels and connections are terminated at every location.
Length requirements between nodes are within specifications.
Label installed at each termination including: any plates, cables, patch panels, ports, and hub connections.
Only plenum cable will be run.
Coaxial cable are not to be touch, only by authorized personal
Upon completion gather all records and document of the cable installation.
Check warranty policy with contractor, what is covered and what is not covered.
Local Area Network (LAN) Topologies
Our Company is small organization that specializes in check authorization at the point
of sale. With strong partnerships and affiliations with some of the nation's prominent payment and retail businesses and associations, we have access to the nation's most powerful negative check databases available. Up to 75% of returned checks are prevented with their sophisticated check verification process, thus stopping returned checks before they happen and reducing fraud. Our organization is comprised of four departments. These departments consist of different groups that keep the daily goals and operations of the company running efficiently. The company needs a fault tolerant network design that will provide network access to the majority of its employees in the event of failed network segment and sufficient cabling to eliminate the possibility of attenuation. They would also like the capability to share peripherals devices such as printers, scanners and copiers, provide external access to internal data for their traveling sales people, a central storage unit for file sharing amongst the four departments, an internal authentication/verification process for employees and expansion capabilities should additional devices be required in the future.
Therefore, the decision has been made to use the star topology in each office setting. This choice for the network is made based on requests that physical aspects of the network are easy to manage. The star topology uses a hub as a central point of connection for the computers or other devices on the Local
Area Network (LAN). These devices that are connected to the network are connected to the hub with their own separate cable. The star topology allows the network to be expanded without difficulty. This depends on how many ports are on the hub that is being used. “If more ports are needed on the hub, two hubs can be linked together to provide more connectivity (Habraken, Joe, 2004)”. Adding additional computers to the network will be easy. This is done by simply connecting the desired computer or computers to the port on the hub. This is an advantage of the star topology because it allows you to expand the network without interfering with the other devices. This topology relies on a lot of cabling that can sometimes result in cost issues but if planned correctly it can fit within any reasonable budget. The manageability of this topology is well worth the cost of the additional cabling. By far the best aspect of the star topology is that if one device on the network goes down, the others will not be affected.
The function of the network will not be disturbed. The only thing that will be able to stop the entire network is the central hub going down. If the hub stops functioning then the entire network will fail.
The network design for our organization will be relatively simple. Each department within the organization will be connected using the star topology and will terminate to separate network devices located in an IDF or intermediate distribution frame
closet. Each of the IDF closets on the network will link to a main distribution frame closet, also referred to as MDF. The main closet will hold a switch that connects to the network’s router. Because our company departments are located within close quarters this is the best layout. It permits the system to be expandable and easily accessible.
The advantage of this topology design is that it can be used with different types of cabling options. These different cable types that this design can accommodate are twisted pair cable, coaxial cable, and fiber optic cable. Twisted pair cables are amongst the more affordable cabling. Twisted pair cables are available in several different categories that range by performance. Category 5 cables are most commonly used to connect personal computers to the network. The twisted pair cables that will be used in Zterm’s network design to connect the hubs the MDF will be 10base-T. This cable is the best choice because of the 10base-T cable maximum length is 100 meters. Coaxial cable is another commonly used cable in LAN networks.
These types of cabling are known to carry large amounts of data and are less likely to susceptible to interferences like telephone cables used with dial up. Fiber optic cable is a faster option. Fiber optic cables come in a variety of types ranging in speed and length. This type of cabling is amazing. It is capable of transmitting data and incredible speeds. “Fiber cabling is used to enhance performance
over short distances as well (Kozel, Art, & Armas, Ruben, 2005)”. Though this can be an effective choice for our company, it can be very pricey. Fiber optic cabling is a great choice for larger networks that rely a lot on data transmission speed. The choice of cables that will be used for our networks will consist of cat5e and 10base-T cables. These will supply the necessary support needed for the network design.
As stated earlier, the LAN topology design of the network for our company will be the star topology. It will be supported by both category 5e and 10base-T cables. This choice is highly recommended for our organizations close network layout. It will provide excellent opportunities for expansion and management as well as help support the goals of the company. I am sure that this cooperation will benefit from this design.
Network cabling is a vital element of sustaining and increasing our company’s network. The check list below provides the requirements for installation of cabling for the new network. This check list will be provided to the cabling contractor that will be designing the network cables.
Network Cabling Specification Checklist
Category 5E Cable
• Category 5E patch cable
o Rj45 connector
Category 5E cable should expand 100meter in length
10base-T cable
• Rj45 connector
Wide Area Network (WAN) Design
Since the beginning of the internet and the advancement of technology; there have be countless ways of finding newer,
faster connection types to tap into the internet. Now with the different types bottom line it comes down to cost and what is best for C & C, home or company needs. When it comes to designing a wide area network (WAN), one of the most demanding issues is electing the proper connection type. WAN enable companies to transfer unlimited data between each other .There are a few factors you need to consider before you do any implementation —first have a solid comprehension of all the connection types is essential this helps in the decision making and to ensure it is the right choice for you. Nearly all carriers offer three connection kinds:
Leased Line: This is the most costly by far of all the types. It operates on a point to point connection from the WAN hub to the certain LAN point. This choice is handled by mainly big software corporations since this is handling by most huge corporations it does present better-quality security features but also higher data transfer rate. It make use of the PPP(Point to point protocol), the SDLC, the HDLC or HNAS protocol. All of them are specialized protocol means intended for safety measures and error-free function. For instance, a T-1 channel is a kind of leased line that offers a greatest communication speed of 1.544 Mbps. You can slit the transmission into different lines for information and voice data or use the channel for one high speed information circuit. Spiting the link is called “multiplexing”.
More and more,
leased lines are taking place and utilized by companies, and even private use, for Internet access since they present faster information transfer rates and are expense - valuable if the Internet is utilized greatly.
A lease line can look like the following diagram, devices used in this setup include program router, Ethernet network.
Frame Relay: is one of many well-liked methods of packet-switched networks. Including support for a diversity of network protocols, Frame Relay can offer bendable, high-bandwidth resolution for most any network. Frame Relay transmits information in packets called “frames” via a communal Frame-Relay network. Every frame holds all the data required to route it to the finial target. So the outcome, every workstation can share with numerous targets over one access connection to the network. As an alternative of being assigned a predetermined amount of bandwidth. Not to mention Frame-Relay services present a CIR (committed information rate) at which information is broadcast.
A benefit to Frame Relay this type of connection has a low overhead; it’s a just right fit for present’s day difficult networks. First, you need what is called Frame-Relay Bearer Service (FRBS), this is obtainable by the local telephone company. A typically connection for a Frame Relay you would need a Frame Routers. Frame routers decode current information communications protocols for broadcast over a Frame-Relay network, after that route the information
through the network to an additional frame router or other Frame-Relay friendly device. In addition you can use bridges, routers, or FRADs (Frame-Relay access devices). All these devices total and transfer the information into Frame-Relay packets
Packet Switching: In Packet Switching they employ dynamic circuit paths by means of single point to multiple points connecting. The information is divided into uneven sized packets irrelevant of its type. Changeable types of information use the similar media connection and as a result there is overcrowding and queuing holdup in transfer. This is based on the X.25 Frame relay protocol well know protocol because it was one of the pioneer protocols developed. To put it simply Packet switching is the technology that breaks up the data in network communications into convenient lesser fragment, we know this as packets. By transmitting a bigger file in numerous lesser amounts over a network, packet switching reduces the shock of information transmission errors. Traffic blockages are prevented too, permitting information to transmit efficiently manner as possible over the network.
As the packets move through the network, good chance it will be split, using separate routing paths, this is influenced by internet traffic. The routers and switches on the network utilize the header data to decide the most capable route for transferring each packet to its target. Packet switching permits for proficient usage of network
bandwidth, as transmitting several lesser packets suitable into the network volume better than transmitting large files together. When the packets are delivered to the target, in spite of the order in which they were delivered the routing software would then reassembles the data properly, using the header information. If all of the packets arrived in one piece and free of mistake, the data is prepare for use. On the other hand, if a packet reaches the destination with an error, the routing application can ask for that the packet be resent. By utilizing packet switching, merely a piece of the total data has to be resent, which decrease overall network traffic.
Wireless WAN
WAN technology has additionally taken the phase to the next stage of network integration not to confuse but it is centered on the mobile phone infrastructure. It offers Internet connectivity through the wireless telecommunication style and is called Wireless Wide Area Network (WWAN). This kind of technology is coupled in part with the third generation (3G) mobile technologies that are being provide. It takes the benefit and advances in mobile technology and the implementation of mobile communication to bring high quality and high speed Internet access. The routing devices and protocols for this are very new technology and different. Actually speaking, these ought to be referred to as Wireless Metropolitan Area Networks or WMAN as these connections are only fitting for somewhat
short distances, normally up to 3 miles per hop. It is feasible to extend over more distances by means of a number of hops if positions are offered to base in-between radio repeater equipment.
Wireless WAN/MAN equipment has seen fast progress in current years. It is now potential to send a full duplex Gigabit Ethernet connection though a short pull microwave connection. It is feasible to switch carrier Extended Ethernet services with a considerably decrease expense wireless on the other hand in many cases a lot faster than waiting for a new Extended Ethernet service to be planned.
The diagram below shows an example of utilizing Wireless WAN solutions
Once, a company has set on determining what type of WAN connection they plan on incorporating into their business first the business need to know if they can supply and keep the bandwidth constant to every workstation. There is a calculation that has to be preformed that will endure proper bandwidth can be achieve so there is not bottleneck or slow connection
Following is the symbolic representation of the formula to find percentage of available bandwidth:
= Percent of obtainable bandwidth
A = Network expense (KB) of the baseline client procedure. Basically this is total number of kilobytes transmitted over the network when a everyday user operation is functioning
B = Number of regular User function per second. The total number of regular
user function per second carried out on the portal site
by the collection of users.
C = Total bandwidth obtainable. The whole bandwidth (Mbps) accessible on the network link or the lint that connects group of clients to the server site.
To calculate total Bandwidth
1. Calculate the predictable information transfer per minute. Let’s say 1500 kilobits per second x 60 minutes x 8 office hours per day= 712800 kilobits per day for the offices, or 9000 bytes (720000/8)
2. 90000/1024 = 87 megabytes required for 8 hour per day.
Calculating the Required Internet Connection Bandwidth
1500 kps x 2 offices = 3000kps between the two offices. 3000/1024 = 2.92mps bandwidth need.
Therefore, WAN has taken communication to a new level and opened up a flood of promises of something never before thought of and possibilities placing enormous power at our finger tips. In the present day, we owe gratitude to this technology; you can keep in touch with any person around the world. It has brought the world to your fingertips, case in point I emailed a friend I had not seen in some time via my cell phone within a matter of min he replied back telling me he had relisted back into the military and was over sea and he too was using his cell phone.
Network Protocols
Protocols are said to rules that determine how communication will be placed. In regards to network, you might think of them as a language that computers used to talk to one another. If two devices speak the same language, then they can understand each
other. In addition, groups of protocols are combined to create protocol suite. One of the most important protocol suite in today's network is Transmission Control Protocol /Internet Protocol (TC/IP).
The TCP/IP protocol suite contains many protocols. These protocols work together to provide communication, management, diagnostic, and troubleshooting for network that uses the TC/IP protocol. To understand TCP/IP, it is essential that you understand all the protocols that suite.
It is important to understand that TCP/IP is not just one protocol, or even to protocols, but it is instead an entire group of protocols that work together to support network communication. Although the OSI model is just a model, the TCP/IP suite represents the continual development of protocols, each of which loosely lines itself to a portion of the OSI model.
Network Remote Access
Defending remote connectivity
The L in LAN stands for local and a classic LAN, all the system including clients and servers are said to be local to each other. Each system connects to the network using some type of dedicated connection, usually a cable. A remote system, in contrast, accesses our LAN via a connection that our organization does not own or control; for example a telephone line or the Internet. The remote system will likely spend at least some of the time disconnected from the network.
Until recently, most remote user access the network using a dial-up connection and data connection
remain common. Dial up remote access requires both the client and server. The remote access server has a dedicated connection to a LAN and some type of modem the server room specific software that requires a modem to listen for rings authenticates the server and provides network access. The remote access client also uses a modem and software to communicate with the server.
Dial in Remote Access:
If you have a remote access server and remote access client, which is local and which are remote? Two Different definitions exist. Many people define the terms remote and local in a relative way from their own viewpoint. Thus, their own system is the one with them and the remote system is the one elsewhere perhaps back at the office. Full remote access terminology however the office based server is always the local system and the users out there somewhere are always remote.
Dial-in remote access in the past, most remote users connected using dial up service. Dial up service include both regular phone lines and ISDN lines. Regular phone lines known as either public switched telephone network (PSTN) lines or plain old telephone service (POTS) lines, support maximum access be between 56-64 Kbps. ISDN lines support speeds of up to 64 Kbps per channel. Although faster alternative exists, PSTN and ISDN lines reach far more users because they piggyback on the existing telephone infrastructure.
Advantages of a Dial-up Remote Access solution:
-Connections are economical
to apply with a remote access user.
-Dial-up connections are somewhat reasonably priced.
-It offers a dependable remote access resolution.
-More or less easy to apply.
Disadvantage of Dial-up Remote Access Solution:
- equipment necessary to operate remote access server can be costly.
-Information transfer speed is commonly time-consuming.
-Dial-up remote access connections are in general flimsy keeping in mind on the area of remote access client.
Virtual Private Network (VPN)
-High-speed Internet's popularity has resulted in a decline in remote access through dial-up connection; -Employees want to exploit the speed of the high-speed link to connect to their corporate office. Most organizations do not want their company’s data to be sent unencrypted over the Internet; however this is where the VPN helps.
-A VPN server is a type of remote access server you actually install the VPN server through the RAS feature on the Windows server, like installing a dial up server for RAS. Space the difference between the RAS server end of the P. and server is that the R. a S. server will use a our ANS protocol for dial-up in such as, PPP, while a VPN server we used a VPN protocol this will also encrypt the data to allow users to connect to the organization's network across the Internet. The common processes used to connect to a corporate network are as follows.
1. The employee gets Internet access at home and help h or some other location.
2. Once
the employee has Internet access he or she can connect to the VPN server by typing the IP address into the new connection dialog box.
3. After the client connects to the server the user is prompted for a user and password.
4. Once the connection is authenticated in a data sent to the VPN server and the client is encrypted using VPN.
Two major VPN protocols are used by different vendors to encrypt traffic traveling across the Internet once the connection to the VPN server has been made.
One of these protocols is called PPTP; The Point-to-Point Tunneling Protocol, this is a popular VPN protocol that came to light with previous versions of Windows. PPTP uses the Microsoft point-to-point encryption (MPPE) protocol to perform the data encryption. PPTP uses TCP port 1723, which needs to be open on the firewall.
The second protocol is L2TP the layer 2 tunneling protocol is a more preferred VPN protocol data encrypt VPN traffic using IP security. L2TP use this UDP 1701 and encrypt data with IP security.
Software requirements
Microsoft's dial-up networking the (DUN), configured through network connections on the operating system like Windows XP, allows you to configure your modem to dial into remote access server. DLAN supports a wide range of authentication protocols including PHP, CHAP, MS-CHAP, MS -CHP v2 and Kerberos. Once you dial-up and log into the network you can use network resources as if you were directly connected to the LAN. You won't enjoy
the same bandwidth you have when directly connected to the 100 Mbps connection, but you can access all our resources.
Like all remote access clients of this type, the setup for DUN requires you to specify a device to use for residents a modem or ISDN, and phone number to dial in any additional special settings, such as type of dial-in server you're connecting to and IP address information.
On the server side, Microsoft remote access server RAS is also easy to set up and provided degree of access control for remote users. One important point to watch for is a choice of data link protocol for our server go port/ phone line PSTN or ISDN link. SLIP is older standard that supports TCP/IP only, using a fixed IP address, and it has been largely replaced by PPP, which supports TCP/IP using a dynamically addressed IP address and/or IPX/SPX and/or NetBEUI.
We believe our network plan should be able to permit additional VPN connection allowed any given moment and therefore we chose Windows Server latest Edition, because it is capable of recognize over 999 VPN connections without any issue. Site of the server may possibly to be centralize inside the LAN, so that data transmission inside the LAN can occur lacking by means of VPN connections, therefore provided that quicker data transmission inside the local network.
Internet connections from a computer operating a Microsoft Server family OS is a standalone connection. A WAN adapter is set up on the computer that
is normally a DDS, T1, Partial T1, or Frame Relay adapter. To operate suitable genuine wiring, we should employ the local telephone service. Prior to commit a good idea would be to test connectivity with the WAN adapter along with the latest OS of Windows Server family before putting into operation.
WAN adapter drivers are pre-installed in the Windows Server 2003 type in order to let the WAN adapter perform as a network adapter. Even though the drivers are in place, it is required to organize and keep TCP/IP settings on the WAN adapter.
Even though we can join to our VPN client to VPN server by means of IP address, it would be sensible to ask for our ISP to register our VPN server and DNS so that we are offered an option to join to our VPN server by designation.
Network Business Applications
If you have multiple locations to connect to do not want to pay for multiple dedicated links or even frame-relay, you could just use the Internet. The only problem would be that the Internet is not very private space through which to send your business traffic. What you would really need is a way to transfers the Internet but keep C & C’s communication secure a VPN would do just that
Advantages of a VPN remote access solution:
Internet can be used to transfer information that lowers the price connected with long distance dial-up rates.
No private link is necessary between remote access and remote access VPN server.
VPN remote server resolutions are more adjustable
than dial-up remote access resolutions.
Disadvantages of VPN remote access solution:
-Functionality can be affected because information must be tunneled.
-Remote access server and remote access users must assist the same tunneling type protocol such as PPTP or L2TP/IPSec.
-As packets are transferred throughout the internet there is a greater risk of protection despite if the information is encrypted.
Backup and Disaster Recovery
Network security over the past few years has become more and more valuable as everyone spend considerable amount of time connected. Compromising network security is frequently much easier than compromising any physical or local security, and is much more frequent.
There is a lot of good software and hardware tools to support with network security, and more are becoming more compatible with Linux distributions. We address these security issues and threats using both hardware and software. Also, many protocols have evolved over the past 20 years or so that are specifically designed to migrate network security threats. I will try to discuss specialized hardware devices software and protocols that are used to dress network security threats.
Network-based firewall
A firewall is a hardware or software system that is used a separate one computer or network from another one. The most common type of firewall is used to protected computer or entire network from unauthorized access from the Internet. Firewalls can also
be used to control the flow data to and from multiple networks within the same organization. Firewalls can be programmed to filter data packets based on the information that is contained in the packets. A network-based firewall is generally located on the edge of the network with the network comes in contact with another network such as the Internet. Some network firewalls are used between two corporate networks to control the flow of information between the two divisions, such as between departments in the same company. In either case, the advantage of a network-based firewall is that is provides general protection for all that host behind it however the disadvantage is that the settings on the firewall will affect all the host behind it and therefore tend to be generally settings and not specific settings for specific network host.
Host- Based firewall
A host-based firewall addresses the issue of specific settings by applying its settings to only one host. Host-based firewalls is generally built into the operating system or installed as an application on the computer. Microsoft Windows XP and Vista have a host-based firewall called the Windows firewall. The Windows firewall computer can be configured on windows XP to filter incoming traffic only, but on this to the firewall can be configured with more specific filters that control network traffic to and from the host computer. Generally traffic is identified and filtered taste on the header information
that contains the source address, destination address, and protocol of the traffic. In other words, most host-based firewall filter traffic based on where it came from, where it wants to go, and what it wants to do when it gets there.
Scanning Services
All firewalls perform a type of scanning service on the packets that pass through them. In other words, they examine the header and sometimes the data in the packet. Some firewalls can also take scanning to new levels combining virus protection or e-mail protection software that blocks traffic containing viruses or any type of malware or spyware. You can even configure firewalls to block e-mail messages that contain attachments that make these e-mails larger than pre-determined size. These types of scanning services can enhance security and network performance.
Content Filtering
The best thing about a firewall is that it can be configured to allow some type of traffic to flow through it while stopping the flow of other types of traffic. This type of content filtering is a central to organizations so that the security and productivity can be maintained simultaneously. The biggest difference between the different types of firewall is the level of content-based filter. For example, a layer 7 stateful firewall can be configured to be much more selective than a layer 3 stateless firewall. Another example, some firewalls can be configured to disallow access to websites that contain data or graphic that
are not deemed acceptable by management standards or company policies standards. The site will then be disallowed not because of IP address or host name or even port address but because of the nature of the material on the site. This gives an administrator much more granular control over users.
It is important that a company have a security policy in place that specifies all the dues and don'ts for employees, management, and network administrators. A security policy will include topics such as:
Appropriate use policy
Password policy
Backup policy
Remote access policy
Chain of custody policy
These are just a few examples of company policies that can ensure that everyone is aware of the best security practices.
Your server faces potential tax 24 hours a day and I'm not just talking about hacker problems. Your server can fall prey to power related problems, environmental issues such as heat, dirt natural disaster, or accidentally kicked, user mistakes, the laws of physics, and plain old theft. All these are potential source of data loss, so do all you can to prevent a catastrophic event.
All computers in a PC run on electrical power. Without a clean, it's daddy supply, they will stop working. Electricity must travel through a number of stages between the power company and those components. A failure at any one of those stages will stop your machine from working. You can take several actions to safeguard your hardware and data to make sure this
doesn't happen.
Dedicated Circuit
A dedicated circuit is electrical apply circuit that runs from the building central power distribution point to a specific power outlets perhaps directly to the computer room. Compare this to a general power circuit that supplies many outlets, feeding computers, water coolers, PCs, printers and other occasional vacuum cleaner or more polishers. Using too many devices on one circuit called the power to sack or dip and this say can cause computer systems to lock up or spontaneously reboot, depending on how lucky or unlucky you are at that moment. Dedicated circuits keep this from happening. They will theoretically prevent some uninformed person from plugging a vacuum cleaner and to the circuit and bringing down the entire corporate computer system.
Surge Suppressor
An electrical surge a sudden increase in voltage on the circuit called from example by a nearby lightning strike in the story and unprotected computer. A in some cases individual components would bear the brunt of the damage, but often the entire computer will be rendered inoperable. All modern PCs and other equipment have a degree of built-in protection, but additionally, external suppressors add an extra layer of security for not much money. When buying a surge suppressor, remember that not all power surges, from the power outlet. Many current Sirs suppressors offer a digital protection for other wires coming in and out of your computers, such as the network
cable and the phone line.
Think about how much work you have done to create your nice, stable servers, workstations, network. Imagine how many hours your users have spent creating data and storing it on those servers. Now imagine a virus or user that deletes critical data or configuration files. As you can imagine the situation is not good for either you or blood pressure or your job security. Having a backup plan from a disaster is crucial for any business company
the goal of backing up is to ensure that whatever a system fails a recent backup will be available to restore the system at first thought you might simply back up the computer system at the end of each day all whichever interval you think is prudent to keep the backup fresh. This can work if the amount of data to be backed up is small enough to be copied to tape during an available off hours timeslot, but if you are responsible for a massive repository of data, this may not be possible. And if you're running a 24 operation, there may be no after hours time so you might want to avoid arranging a mass backup of everything that will slow down the system noticeably with those currently using it. Most backup software solutions have a series of options available other than the old backup.
Always plan for the worst is oppressing thought, but we all know, realistically that bad things do happen. Every IT department should have a disaster recovery plan in our case we like to call this a business
contingency plan this includes real limit the relocation of equipment to a suitable offsite location or the hiring of replacing equipment some disaster recovery we can give you the option to have mobile computer rooms in freight containers that can be brought by trucks to your site this option is also available. Our plan also include procedures for retrieval and restoration of backups using backup power supplies, and setting up network for users, telecom facilities, cell phones, link for remote workers, and so on. We also have trained technicians in the event for a disaster recovery that will be contacted and are trained on their responsibilities will be for such an event.
Another practice to use in case of a any disaster is securing and alternative site. The alternative site is designed to allow business operations to continue, this comes in three different types:
• Hot site
• Cold site
• Warm site
hot site is a location that is completely duplicate of the original office in the same sense that each employee has a place to work, each has its workstation waiting for him or her, servers are waiting, and a current at the location. For the data, each has e-mail and employee data, to be current, the company typically pays a hefty fee to have the data replicated from the primary site to alternative site in case of a disaster, the alternative site is ready to go with no wait time.
Cold site is exact opposite of a hot site in the sense that the company has only
rented the actual facility and has not invested in workstations or servers through ready at the site no current copy of the data exists, so if a disaster occurs at the primary site, employees have to wait for the alternative site to be set up without workstation servers, and current data. Data can be retrieved from the company’s normal backup procedures.
Warm site which is a step above cold site in the sense that the facility is rented, workstations are set up, and servers are ready for use, but no current copies of e-mail or employees data are available on the server. In this case, the wait time is minimal, but more bandwidth and hot site, because everything is set up employees just have to wait for the data to be restored to the servers.
All this is wonderful protection unless if someone walks off with your mission crucial server. Believe me this has happened.
Finally, be aware of the potential hazards from sources of electrical interference (EMI). For example, documented reports have indicated that signals radiated from cell phones can interfere with sensitive electrical equipment some of the organizations banned cell phones from the main computer room.
Network Security
Security thoughtfulness is forever a major subject when deploying a remote access resolution and the obscurity are multifaceted when answer ought to include support for fixed systems. Successful implementations must offer effective verification and access control, and concentration
should also be taken to make certain that vital information is protected for the duration of transmission over the network.
Successful network security is not the support of any one technology or component; it is most beneficial when it is put together using a layered approach, following the OSI Seven Layer Networking Model, with numerous protections contributing to the overall resolution. Additional thoughtfulness occurs when destination devices are hosted as guests on remote networks administered by others. In such instances specific attention should be taken to make certain that your systems do not exposed the hosting network to external threats
Many businesses have by now focused on the problem of wireless device security. Originally many companies and individuals leap onto the wireless networking frenzy for the ease of being able to roam un-hooked by some kind of network cables or being able to install more workstations devoid of having to run network cabling through the walls or ceiling. On the other hand, a lot of those wireless networks operate with no security at all and the ones that do may be utilizing WEP encryption can show to be barely better than hold no security. This is however a crucial problem for many wireless networks, although wireless security have gotten better considerably.
Today numerous businesses are taking pleasure in the cost savings natural; permitting a number of employees to work from home. Additional, higher rankings
individuals and others require connecting to the company network while they are away on the road, and/or need to gain access to the network resources at different times or during weekends from home.
References
Microsoft (2009). L2TP - Based Remote Access VPN Deployment. Retrieved December 31, 2009, from http://technet.microsoft.com/en-us/library/cc787915.aspx
Microsoft (2009). L2TP How Dial-up Remote Access Works. Retrieved December 31, 2009, from
http://technet.microsoft.com/en-us/library/cc738660%28WS.10%29.aspx
Cisco Systems, Inc. (n.d.) Internetworking Technology Handbook. Retrieved Dec,
2009, from http://www.cisco.com/en/US/docs/internetworking/technology/handbook/ito_doc.html
Cisco Systems, Inc. (n.d.) Internetworking Technology Handbook. Retrieved Dec,
2009, from http://www.cisco.com/en/US/docs/internetworking/technology/handbook/Intro-to-WAN.html
Cisco Systems, Inc. (n.d.) Internetworking Technology Handbook. Retrieved Dec,
2009, from http://www.cisco.com/en/US/docs/internetworking/technology/handbook/VPN.html
Cisco Introduction to WAN Technologies. Retrieved Dec 2009 fromhttp://www.cisco.com/en/US/docs/internetworking/technology/handbook/Intro-to-WAN.html
About.com - Network Disaster Recovery. Retrieved January 2010, from http://compnetworking.about.com/od/itinformationtechnology/l/aa083102a.htm
- Matt Curtin March 1997 Introduction to Network Security. Retrieved January 2010, from http://www.interhack.net/pubs/network-security/
0 comments:
Speak up your mind
Tell us what you're thinking... !