ABC Worldwide is a leading video editing and advertising company headquartered in San Francisco with 6 worldwide design centers and over 1500 employees. It was founded in 2014 by a group of friends and has annual sales of $450 million. The company provides corporate videos, commercials, films and web services.
The document then describes ABC Worldwide's network infrastructure which includes redundancy, separation of networks, high speed connectivity, and scalability. It discusses the wide area network connecting the headquarters to design centers around the world, as well as security measures like firewalls, virtual private networks and quarantining of testing systems. Sales teams are provided laptops, smartphones and wireless access to maintain mobility.
ClearPass 6.3.2 is a monthly patch release that provides new features and fixes issues. The document provides upgrade instructions, lists what's new in 6.3.2, enhancements in previous 6.3 releases, issues fixed in previous 6.3 releases, and known issues. Customers should review upgrade steps, plan for downtime, and apply latest updates before upgrading to 6.3.2.
Virtual Intranet Access (VIA) is part of the Aruba remote access solution that includes remote access points(RAPs), Aruba Instant (IAP),and the Remote Node solution. To address the demands of the current mobile workforce, which requires corporate access from hotspots such as those in airport, hotels, and coffee shops . The Aruba VIA solution is designed to provide secure corporate access to employee laptops and smartphones. This guide will walk through planning and deployment of the VIA solution.
This document provides an overview and user guide for ArubaOS 7.3. It covers system basics, profiles management, interface configuration and management, stacking, VLANs, port channels, OAM, and other features. The document includes sections on legal notices, open source software, warranty, and copyright. It provides configuration examples and instructions for using both the CLI and web interface.
This document is the user guide for Linksys' Instant Broadband EtherFast Cable/DSL Firewall Router with 4-Port Switch/VPN Endpoint. It includes information on installing and configuring the router, as well as appendices that describe troubleshooting, glossary terms, and instructions for setting up a VPN connection between the router and a Windows PC. The router provides firewall protection, up to two IPSec VPN tunnels, URL filtering, and other security features to connect a small network to broadband Internet or an Ethernet backbone.
This document provides information about the Cisco SFPOC48SR product, including:
1) It lists contact information for purchasing the Cisco SFPOC48SR and provides a product description noting it is a Cisco OC-48c/STM-16 Short-Reach Transceiver Module.
2) It describes the company Launch 3 Telecom that sells the product and notes they offer same-day shipping, payment options, warranty, and additional services like repair.
3) It provides an overview of the Cisco 7600 Series Internet Router, which the SFPOC48SR can be used with, highlighting its scalability, interfaces, applications for service providers and enterprises.
To find a good job in Networking, join IIHT’s Diploma Programme in Networking and learn all about CompTIA – A+, CCNA, CCNA-Voice, CCNA-Security, Juniper Networking, Security Fundamentals and more. Though there are many training Institutes, courses and coaching centres offering courses in Networking, IIHT is the leading Institute that provides job-oriented training in Networking due to its latest lab facilities, well-experienced faculty, industry based curriculum and 94.3% placement record. Enquire more about IIHT training Institute Now.
The document provides an overview and instructions for configuring Aruba MeshOS 4.7 on Aruba wireless mesh devices. It includes details on using both the web management interface (WMI) and command line interface (CLI) to configure basic settings, interfaces, security, routing, and other network settings. Configuration examples are also provided for building a four node mesh network and configuring an access network.
ClearPass 6.3.2 is a monthly patch release that provides new features and fixes issues. The document provides upgrade instructions, lists what's new in 6.3.2, enhancements in previous 6.3 releases, issues fixed in previous 6.3 releases, and known issues. Customers should review upgrade steps, plan for downtime, and apply latest updates before upgrading to 6.3.2.
Virtual Intranet Access (VIA) is part of the Aruba remote access solution that includes remote access points(RAPs), Aruba Instant (IAP),and the Remote Node solution. To address the demands of the current mobile workforce, which requires corporate access from hotspots such as those in airport, hotels, and coffee shops . The Aruba VIA solution is designed to provide secure corporate access to employee laptops and smartphones. This guide will walk through planning and deployment of the VIA solution.
This document provides an overview and user guide for ArubaOS 7.3. It covers system basics, profiles management, interface configuration and management, stacking, VLANs, port channels, OAM, and other features. The document includes sections on legal notices, open source software, warranty, and copyright. It provides configuration examples and instructions for using both the CLI and web interface.
This document is the user guide for Linksys' Instant Broadband EtherFast Cable/DSL Firewall Router with 4-Port Switch/VPN Endpoint. It includes information on installing and configuring the router, as well as appendices that describe troubleshooting, glossary terms, and instructions for setting up a VPN connection between the router and a Windows PC. The router provides firewall protection, up to two IPSec VPN tunnels, URL filtering, and other security features to connect a small network to broadband Internet or an Ethernet backbone.
This document provides information about the Cisco SFPOC48SR product, including:
1) It lists contact information for purchasing the Cisco SFPOC48SR and provides a product description noting it is a Cisco OC-48c/STM-16 Short-Reach Transceiver Module.
2) It describes the company Launch 3 Telecom that sells the product and notes they offer same-day shipping, payment options, warranty, and additional services like repair.
3) It provides an overview of the Cisco 7600 Series Internet Router, which the SFPOC48SR can be used with, highlighting its scalability, interfaces, applications for service providers and enterprises.
To find a good job in Networking, join IIHT’s Diploma Programme in Networking and learn all about CompTIA – A+, CCNA, CCNA-Voice, CCNA-Security, Juniper Networking, Security Fundamentals and more. Though there are many training Institutes, courses and coaching centres offering courses in Networking, IIHT is the leading Institute that provides job-oriented training in Networking due to its latest lab facilities, well-experienced faculty, industry based curriculum and 94.3% placement record. Enquire more about IIHT training Institute Now.
The document provides an overview and instructions for configuring Aruba MeshOS 4.7 on Aruba wireless mesh devices. It includes details on using both the web management interface (WMI) and command line interface (CLI) to configure basic settings, interfaces, security, routing, and other network settings. Configuration examples are also provided for building a four node mesh network and configuring an access network.
This document describes the Cisco 7609 Internet Router, which delivers optical WAN and MAN networking with a focus on providing high-touch IP services at line rate speeds at the edge of service provider networks. It supports up to 30 Mpps forwarding, IP services processors, and interfaces from DS0 to OC-48 for services like QoS, traffic shaping, and monitoring SLAs. The Cisco 7609 chassis has 9 slots, with slot 1 reserved for the supervisor engine and slot 2 available for a redundant supervisor or other modules.
Over this techtorial you will have an opportunity to explore the following Cisco Meraki product lines: MX security appliances, MS switches and MR wireless access points. Through a hands-on lab we will cover real-world scenarios showcasing how to deploy branch networks for a typical company. Engineers will leave with the experience and confidence to deploy Meraki networks in their own environments. The lab also provides the perfect setting to showcase the tight integration among the Meraki product lines and the benefits of cloud management via the Meraki Dashboard.
The document describes the Cisco XFP-10G-MM-SR, a 10GBASE-SR XFP module for Cisco networks. It provides details on purchasing the module from Launch 3 Telecom, including payment options and same-day shipping. It also discusses the warranty and additional services provided by Launch 3 Telecom, such as repairs, maintenance contracts, and installation services for telecom equipment.
The document discusses Cisco's approach to simplifying cloud adoption. It describes the challenges of a hybrid cloud model with multiple private and public clouds. Cisco provides automation and orchestration tools like UCS, ACI, and CloudCenter to unify management across clouds. These tools implement policies, templates, and workflows to provision and configure infrastructure and applications. Performance and security tools like AppDynamics, Tetration, Umbrella, and Cloudlock provide visibility and protection. The document emphasizes that customers should understand user needs and use Cisco's tools to build a cloud that meets their specific requirements.
Providing voice and data services in ‘under serviced’ areas - By Rael LissoosVoiceSA
The most under serviced sectors of the economy, where services are most needed, are often significantly more complex when providing voice and data services. A practical case study will be provided covering topics from connecting rural schools to a wireless VoIP service, to providing services to high density underserviced residential areas. Insight will be provided into how to create sustainable services using available technologies that help fill the huge services gaps in SA telecoms.
Brocade and VMware are collaborating on a solutions that increases visibility into the infrastructure, simplifies management, prevents issues, and optimizing resources.
The document provides information about the Alcatel-Lucent 7750 SR-1 8-PORT OC12C/STM4C module. It can be purchased from Launch 3 Telecom, who provides telecom equipment and genuine Alcatel-Lucent replacement parts. The document includes details about the product, purchasing and shipping options, warranty, and services offered by Launch 3 Telecom such as repair, maintenance contracts, and installation.
The document discusses planning and designing a small network, including:
- Identifying common devices used such as routers, switches, wireless access points, and IP phones.
- Design considerations for a small network like IP addressing, redundancy, traffic prioritization.
- Common network applications and protocols used, including VoIP, DHCP, DNS.
- Ensuring the network can support real-time applications like voice and video.
- Planning for future growth of the network through documentation, traffic analysis, and protocol analysis.
Liton Kazi has over 25 years of experience in network engineering and management. He currently works as a Senior Communications Analyst for Shoppers Drug Mart, where he manages the core network infrastructure for over 2400 stores. Prior to this, he spent 19 years as a Senior Infrastructure Support Analyst for Mackenzie Financial, where he was responsible for their enterprise network. He has extensive expertise in technologies from Cisco, Avaya, Nortel, F5, Radware, and more.
Wireless Controller Comparative Performance Cisco vs Aruba Miercom ReportCisco Mobility
The document compares the performance of wireless controllers from Cisco and Aruba. Key findings include:
1. The Cisco 8540 delivered over twice the throughput of the Aruba 7240 with small and medium packet sizes as well as mixed packet sizes.
2. The Cisco 5520 and 8540 were able to utilize a higher percentage of their maximum bandwidth (85-95% for Cisco vs. 25-30% for Aruba) across packet sizes.
3. Testing found the Cisco 5520 could handle over 3 times as many wireless client authentications per second compared to an older Cisco model, using the 802.1X authentication standard.
4. TCP throughput performance was notably better with Cisco than
The document provides information about the Alcatel-Lucent 7750 Service Router product line. It describes the 7750 SR as a multiservice edge router designed to concurrently deliver broadband IP services. Key details include the various chassis and module options that provide scalable throughput from 90Gbps to 4.8Tbps. It also outlines the routing, switching, interface, processing and management capabilities of the 7750 SR for supporting converged network services.
Eng. Abd Elrhman has over 10 years of experience in network administration and seeks a challenging position to further develop his skills. He has extensive experience designing, implementing, and troubleshooting networks and infrastructures. Some of his qualifications include Cisco certifications, experience with Active Directory, WAN/LAN administration, real-time systems, security, and team leadership.
This document provides information about the Cisco XFP10GEROC192IR product, including:
- It is a 10GBASE-ER and OC192 IR2 XFP module for networking.
- Launch 3 Telecom sells this product and provides same-day shipping, payment options like credit cards, and a warranty.
- They also offer services like repairs, maintenance contracts, installation, and recycling of telecom equipment.
The Cisco RV110W Wireless-N VPN Firewall provides simple and secure wired and wireless connectivity for small offices and remote workers. It includes an 802.11n wireless access point, a 4-port Ethernet switch, browser-based management, and support for Cisco's network discovery utility. The RV110W also offers IPsec and PPTP VPN support for up to 5 remote clients, separate guest networks, IPv6 support, and easy configuration through wizards.
This document provides a summary of the ClearPass Policy Manager 6.3 User Guide. It includes sections on common tasks in Policy Manager such as importing, exporting, and resetting passwords. It also summarizes the main components of Policy Manager including monitoring, accounting, analysis and trending, identity, policy modeling, services, authentication and authorization, posture, enforcement, network access devices, and proxy targets. The document is a user guide that assists users in configuring and using the ClearPass Policy Manager system.
The document discusses network redundancy and spanning tree protocols. It explains that redundant links between devices provide backup paths in case of failure, but can also cause loops. Spanning tree protocols select the best path and block redundant paths to prevent loops. They dynamically unblock backup paths if the primary path fails to maintain connectivity while avoiding loops.
1) The document outlines a network design for ABC Company to connect its headquarters in San Francisco to remote offices around the world.
2) The design includes VPN connections from remote offices to the HQ network to allow secure sharing of resources. MPLS is used to guarantee quality of service for multimedia files.
3) The network equipment required at each location includes servers, routers, switches, firewalls, and wireless access points to establish secure VLANs and connectivity between all offices.
The document discusses plans for designing a WAN for ABC Company connecting multiple office locations. It outlines that the headquarters in San Francisco will host the active directory domain, with other domains created for each office. It recommends using a star topology with 6 servers per office for file sharing between departments. Wireless and wired connections using Cat6 cabling will connect devices at each office location, with VPN routers providing connectivity between locations over the WAN. Fiber optic cabling will connect buildings at larger office sites. The design adheres to various ANSI/TIA cabling standards for network infrastructure.
This document describes the Cisco 7609 Internet Router, which delivers optical WAN and MAN networking with a focus on providing high-touch IP services at line rate speeds at the edge of service provider networks. It supports up to 30 Mpps forwarding, IP services processors, and interfaces from DS0 to OC-48 for services like QoS, traffic shaping, and monitoring SLAs. The Cisco 7609 chassis has 9 slots, with slot 1 reserved for the supervisor engine and slot 2 available for a redundant supervisor or other modules.
Over this techtorial you will have an opportunity to explore the following Cisco Meraki product lines: MX security appliances, MS switches and MR wireless access points. Through a hands-on lab we will cover real-world scenarios showcasing how to deploy branch networks for a typical company. Engineers will leave with the experience and confidence to deploy Meraki networks in their own environments. The lab also provides the perfect setting to showcase the tight integration among the Meraki product lines and the benefits of cloud management via the Meraki Dashboard.
The document describes the Cisco XFP-10G-MM-SR, a 10GBASE-SR XFP module for Cisco networks. It provides details on purchasing the module from Launch 3 Telecom, including payment options and same-day shipping. It also discusses the warranty and additional services provided by Launch 3 Telecom, such as repairs, maintenance contracts, and installation services for telecom equipment.
The document discusses Cisco's approach to simplifying cloud adoption. It describes the challenges of a hybrid cloud model with multiple private and public clouds. Cisco provides automation and orchestration tools like UCS, ACI, and CloudCenter to unify management across clouds. These tools implement policies, templates, and workflows to provision and configure infrastructure and applications. Performance and security tools like AppDynamics, Tetration, Umbrella, and Cloudlock provide visibility and protection. The document emphasizes that customers should understand user needs and use Cisco's tools to build a cloud that meets their specific requirements.
Providing voice and data services in ‘under serviced’ areas - By Rael LissoosVoiceSA
The most under serviced sectors of the economy, where services are most needed, are often significantly more complex when providing voice and data services. A practical case study will be provided covering topics from connecting rural schools to a wireless VoIP service, to providing services to high density underserviced residential areas. Insight will be provided into how to create sustainable services using available technologies that help fill the huge services gaps in SA telecoms.
Brocade and VMware are collaborating on a solutions that increases visibility into the infrastructure, simplifies management, prevents issues, and optimizing resources.
The document provides information about the Alcatel-Lucent 7750 SR-1 8-PORT OC12C/STM4C module. It can be purchased from Launch 3 Telecom, who provides telecom equipment and genuine Alcatel-Lucent replacement parts. The document includes details about the product, purchasing and shipping options, warranty, and services offered by Launch 3 Telecom such as repair, maintenance contracts, and installation.
The document discusses planning and designing a small network, including:
- Identifying common devices used such as routers, switches, wireless access points, and IP phones.
- Design considerations for a small network like IP addressing, redundancy, traffic prioritization.
- Common network applications and protocols used, including VoIP, DHCP, DNS.
- Ensuring the network can support real-time applications like voice and video.
- Planning for future growth of the network through documentation, traffic analysis, and protocol analysis.
Liton Kazi has over 25 years of experience in network engineering and management. He currently works as a Senior Communications Analyst for Shoppers Drug Mart, where he manages the core network infrastructure for over 2400 stores. Prior to this, he spent 19 years as a Senior Infrastructure Support Analyst for Mackenzie Financial, where he was responsible for their enterprise network. He has extensive expertise in technologies from Cisco, Avaya, Nortel, F5, Radware, and more.
Wireless Controller Comparative Performance Cisco vs Aruba Miercom ReportCisco Mobility
The document compares the performance of wireless controllers from Cisco and Aruba. Key findings include:
1. The Cisco 8540 delivered over twice the throughput of the Aruba 7240 with small and medium packet sizes as well as mixed packet sizes.
2. The Cisco 5520 and 8540 were able to utilize a higher percentage of their maximum bandwidth (85-95% for Cisco vs. 25-30% for Aruba) across packet sizes.
3. Testing found the Cisco 5520 could handle over 3 times as many wireless client authentications per second compared to an older Cisco model, using the 802.1X authentication standard.
4. TCP throughput performance was notably better with Cisco than
The document provides information about the Alcatel-Lucent 7750 Service Router product line. It describes the 7750 SR as a multiservice edge router designed to concurrently deliver broadband IP services. Key details include the various chassis and module options that provide scalable throughput from 90Gbps to 4.8Tbps. It also outlines the routing, switching, interface, processing and management capabilities of the 7750 SR for supporting converged network services.
Eng. Abd Elrhman has over 10 years of experience in network administration and seeks a challenging position to further develop his skills. He has extensive experience designing, implementing, and troubleshooting networks and infrastructures. Some of his qualifications include Cisco certifications, experience with Active Directory, WAN/LAN administration, real-time systems, security, and team leadership.
This document provides information about the Cisco XFP10GEROC192IR product, including:
- It is a 10GBASE-ER and OC192 IR2 XFP module for networking.
- Launch 3 Telecom sells this product and provides same-day shipping, payment options like credit cards, and a warranty.
- They also offer services like repairs, maintenance contracts, installation, and recycling of telecom equipment.
The Cisco RV110W Wireless-N VPN Firewall provides simple and secure wired and wireless connectivity for small offices and remote workers. It includes an 802.11n wireless access point, a 4-port Ethernet switch, browser-based management, and support for Cisco's network discovery utility. The RV110W also offers IPsec and PPTP VPN support for up to 5 remote clients, separate guest networks, IPv6 support, and easy configuration through wizards.
This document provides a summary of the ClearPass Policy Manager 6.3 User Guide. It includes sections on common tasks in Policy Manager such as importing, exporting, and resetting passwords. It also summarizes the main components of Policy Manager including monitoring, accounting, analysis and trending, identity, policy modeling, services, authentication and authorization, posture, enforcement, network access devices, and proxy targets. The document is a user guide that assists users in configuring and using the ClearPass Policy Manager system.
The document discusses network redundancy and spanning tree protocols. It explains that redundant links between devices provide backup paths in case of failure, but can also cause loops. Spanning tree protocols select the best path and block redundant paths to prevent loops. They dynamically unblock backup paths if the primary path fails to maintain connectivity while avoiding loops.
1) The document outlines a network design for ABC Company to connect its headquarters in San Francisco to remote offices around the world.
2) The design includes VPN connections from remote offices to the HQ network to allow secure sharing of resources. MPLS is used to guarantee quality of service for multimedia files.
3) The network equipment required at each location includes servers, routers, switches, firewalls, and wireless access points to establish secure VLANs and connectivity between all offices.
The document discusses plans for designing a WAN for ABC Company connecting multiple office locations. It outlines that the headquarters in San Francisco will host the active directory domain, with other domains created for each office. It recommends using a star topology with 6 servers per office for file sharing between departments. Wireless and wired connections using Cat6 cabling will connect devices at each office location, with VPN routers providing connectivity between locations over the WAN. Fiber optic cabling will connect buildings at larger office sites. The design adheres to various ANSI/TIA cabling standards for network infrastructure.
This document summarizes the network design for ABC Company which has nine offices across multiple countries. The network will use a mesh topology with redundant fiber connections between offices. Servers located in Tokyo, Paris, and Detroit will provide 24/7 connectivity. Each office will use star configurations with fiber connections to switches on each floor. Cisco routers, firewalls, and blade servers will provide routing and security. VOIP phone systems and Cisco WebEx will enable conferencing. The network aims to support file transfers within 20 seconds between workstations using 1Gbps connections where possible.
Computer networks allow users to share resources and to communicate. Can you imagine a world without emails, online newspapers, blogs, web sites and the other services offered by the Internet? Networks also allow users to share resources such as printers, applications, files, directories, and storage drives. This chapter provides an overview of network principles, standards, and purposes. IT professionals must be familiar with networking concepts to meet the expectations and needs of customers and network users.
You will learn the basics of network design and how devices on the network impact the flow of data. These devices include hubs, switches, access points, routers, and firewalls. Different Internet connection types such as DSL, cable, cellular and satellite are also covered. You will learn about the four layers of the TCP/IP model and the functions and protocols associated with each layer. You will also learn about many wireless networks and protocols. This includes IEEE 802.11 Wireless LAN protocols, wireless protocols for close proximity, like Frequency Identification (RFID), Near Field Communication (NFC), and smart home protocol standards like Zigbee and Z-wave. This knowledge will help you successfully design, implement, and troubleshoot networks. The chapter concludes with discussions on network cable types; twisted-pair, fiber-optic, and coaxial. You will learn how each type of cable is constructed, how they carry data signals, and appropriate use cases for each.
It is important to not only learn about computer network operation and components but also to build hands-on skills. In this chapter you will build and to test a straight-through Unshielded Twisted-Pair (UTP) Ethernet network cable.
WWTC is opening a new regional office in New York City and has hired an IT director to design and implement a new network. The network must support increasing revenue, reducing costs, providing secure customer transactions, and accommodating employee and guest devices. It must also integrate voice and data, provide fast wired and wireless access, and enhance security to address prior issues. The proposed design includes firewalls, intrusion detection, encryption, separate networks for classified and unclassified data, and wireless access in lobby and conference rooms. The LAN solution includes subnets divided by job function with capacity for growth. EIGRP routing and wireless access points are included to connect all parts of the network securely and reliably.
This chapter focuses on strategies for scaling wide area networks (WANs) using Cisco routers. It discusses various WAN connection types like dedicated leased lines, asynchronous dial-in, and dial-on-demand routing. Packet switched services are also covered, including Frame Relay, X.25, SMDS, and ATM. Key considerations for WAN design are reviewed, such as availability, bandwidth requirements, cost, ease of management, traffic types, and routing protocols. Cisco provides different connection service options to meet these considerations.
The document provides an overview of Meraki MX security appliances. It discusses the MX product line and features such as application control, security, networking and cloud-based management. It demonstrates the dashboard architecture and provides details on key features like content filtering, intrusion detection, and firewall capabilities. The document also positions Meraki against competitors like Fortinet, SonicWALL, Palo Alto Networks and discusses the Meraki roadmap.
The document proposes a new network for Corporation Techs, a large distribution company. Key points of the proposal include:
- Establishing better network access and control to keep networks safe and profitable for the 4000+ employee, 7 city, 6 country company.
- Creating VLANs for different departments, a DMZ, and VPN for remote users. Wireless access will be on a separate network with 802.11ac and encryption.
- The network will include firewalls, switches, and routers to separate traffic and improve security, performance and redundancy. Core equipment will connect regional offices to allow for communication and file sharing.
The proposed solution provides a secure and resilient network architecture for JVVNL that connects various offices to a centralized IT center and data center. Key elements include MPLS WAN connectivity with failover, network and application security appliances, load balancing, and link load balancing to ensure high availability of critical applications and data. Centralized management and monitoring is also included for effective oversight of IT projects and infrastructure.
This document provides an overview of networking concepts covered in Chapter 5 of the IT Essentials v7.0 curriculum. It describes different types of networks including PANs, LANs, WLANs and WANs. It also covers internet connection types such as DSL, cable, fiber, satellite and cellular. Networking protocols like TCP, UDP and wireless protocols are explained. Finally, it discusses common network devices, network services like DHCP, DNS, print and file servers.
The document describes Cisco Network Academy's CCNA curriculum and Packet Tracer software. The CCNA curriculum validates skills in installing, configuring and troubleshooting medium-sized networks including WAN connections and basic security threats. Packet Tracer is a network simulation program used in the CCNA program to allow students to experiment with networks and troubleshoot issues. It supports simulation of network protocols, devices, and allows creation of network topologies to model real world networks.
The document discusses networking concepts including network components, types of networks like PAN, LAN, WLAN, and WAN. It covers networking protocols such as TCP, UDP, and wireless protocols including Bluetooth, Zigbee, and cellular generations. Internet connection types like DSL, cable, fiber, satellite and cellular are explained. Network services including DHCP, DNS, file, print, web and mail servers are outlined. Basic network devices like NICs, repeaters, bridges and hubs are also summarized.
The document discusses Cisco's next generation SD-WAN solution with Viptela. It highlights how the traditional WAN/branch market is undergoing disruption due to factors such as increased cloud usage and demand for SD-WAN solutions. It then describes some of the key limitations of traditional and legacy architectures. The presentation goes on to outline Cisco's SD-WAN solution, which is built on four pillars - security, applications, services, and connectivity/operations. It provides details on the various components of Cisco's SD-WAN solution such as the vEdge routers, vSmart controllers, vBond orchestration plane, and vManage management plane.
The MathWorks network connects multiple semi-independent networks across locations using wide-area networking technologies like VPN and MPLS. It uses a three-tier architecture at its main campuses with access, distribution, and core layers for flexibility and security. Regional offices have redundant connectivity to hub locations and a collapsed core design. Future considerations include increased virtualization, IP bridging technologies, and software-defined networking.
1Running Head Network Design3Network DesignUn.docxeugeniadean34240
The document provides details on designing a wide area network (WAN) to connect the locations of an organization. It recommends using point-to-point radio or leased line connections between sites. To ensure high availability, it also recommends redundant VPN connections over the internet. The document then discusses determining bandwidth requirements for each connection based on the number of users and applications. It provides specifications for routers, switches, firewalls, and cabling to implement the WAN design across the five locations.
Understanding Cisco Next Generation SD-WAN SolutionCisco Canada
The document discusses Cisco's next generation SD-WAN solution which includes four main planes - orchestration, control, data, and management. The control plane is managed by Cisco vSmart controllers which facilitate fabric discovery, distribute policies to vEdge routers, and implement control plane policies. The data plane consists of Cisco vEdge routers which provide secure connectivity and implement data and application-aware routing policies. The solution offers a single pane of glass management system through Cisco vManage and provides analytics through Cisco vAnalytics.
Legacy Inter-VLAN routing: This is a legacy solution. It does not scale well.
Router-on-a-Stick: This is an acceptable solution for a small- to medium-sized network.
Layer 3 switch using switched virtual interfaces (SVIs): This is the most scalable solution for medium to large organizations.
The Hitch-Hikers Guide to Data Centre Virtualization and Workload Consolidation:Cisco Canada
From Logical Partitions to Containers & SDN Overlays - This session will review the progression of consolidation & virtualization-centric infrastructure to containers, SDN overlays, application-centric microsegmentation and how these technologies are reducing complexity while improving security and reducing application deployment cycles.
The Allied Telesis x610 Series switches provide scalable and high-performing networking solutions for businesses. The switches are available in 24-port and 48-port models with optional 10GbE uplinks, and can be stacked together to scale up to eight units. They feature fully non-blocking switching on all ports, powerful network management tools, and high availability through stacking and ring protection technologies. The switches also offer security, quality of service, and power over Ethernet capabilities.
1. WHAT WE ARE & WHAT WE DO
(Slide 3)
ABC Worldwide: Leading video editing
and advertising Co.
6 Worldwide Design Centers
Headquartered in San Francisco, CA.
Services we provide:
-Corporate videos
-Commercials
-Movie films and trailers
-Web sites
2. Background and Development
(Slide 4)
In 2014 our talented team formed as
a creative collaboration between
long-time friends who decided to
start up a multimedia company, with
a mission to satisfy our clients and
customers’ needs.
3. Company Information (Slide 5)
Name: ABC Worldwide
Address: 600 Ruth Ave, San Francisco,
CA 94107
Phone: (415) 552-0000, Fax (415) 552-
0001
Annual Sales: $450 Million
Employees: 1560
Employees at Headquarters: 300
Primary Business: Video Editing &
Advertising
4. NETWORK CRITERIA (SLIDE 7)
Redundancy:
If one part of the network goes down its twin will
automatically take over.
Separation:
If one area of the network is compromised than the rest of
the network is still sealed off.
Speed:
We value our client’s time and the productivity of our
employees. We strive to provide the tools to use both as
efficiently as possible.
Scalability:
The modular layout of the network will allow easy addition of
network equipment to seamlessly facilitate our growth.
Testing and Quarantine:
Our network will have a safe environment to quarantine and
evaluate malware and test new operating systems and drivers
for any possible problems before being deployed throughout
the network.
5. WIDE AREA NETWORK (SLIDE 8)
What the WAN is:
The WAN consists of a Headquarters and Main Design center in a single
building in San Francisco. Five other Main Design centers will be
located in Detroit, Tampa, Sao Paulo, Paris and Tokyo. Three separate
sales branches will be located in Washington, Indianapolis and London.
A Data Center will also be located as near to the Headquarters as
possible.
How the WAN will communicate:
The WAN will communicate using two technologies. The Main Design
Centers will communicate with the Headquarters using Point To Point
connections while the separate sales branches will use VPN (Virtual
Private Network) technology to communicate.
All the buildings will be located in areas with fiber optic service to the
extent possible. This will facilitate communication on a SONET
(Synchronous Optical Network) with download speeds of 100 Mb/s to
300 Mb/s depending on Internet Service Provider options.
Subnets:
All of the Design Centers and branches will be on their own IP sub nets.
6. FORWARD FACING NETWORK (SLIDE 9)
Router:
The router will be completely isolated by firewalls on all sides.
This will include insulation from both the Internet as well as all
network devices.
Network Separation:
The network devices such as servers and the SAN will be
further isolated from the workstations and their switches. The
active directory domain controller will also be separated from
the SAN. This is due to the fact that the Active directory
domain controller will be hosting the VPN. Any security breech
will be kept isolated from the rest of the network.
Redundancy:
All routers, firewalls and servers will be duplicated and linked
together in the event that one goes out.
Speed:
All of the cabling in the network will be 10 BASE-T Cat 6. This
will support a bandwidth of 10 Mb/s. The SAN components will
be linked together with fiber.
7. CLIENT FACING NETWORK (SLIDE 10)
Network Separation:
The client facing switches will be separated from the router and the servers.
Redundancy:
All switches will be duplicated and linked together in the event that one goes
out.
Speed:
All of the cabling between the switches and the workstations will be 10 BASE-T Cat 6.
This will support a bandwidth of 10 Mb/s.
VTP: VLAN Trunk Protocol:
The client switches will be trunked over to the server switches where data
can go either to the servers or out into the internet.
Having a VTP will reduce the amount of administration needed to set up,
configure and maintain the switches. All of these tasks will be done in the
VTP server switches and replicated to all of the client switches. All of the
switches will be layer three allowing for independent VLANS for Voice over IP,
data and a separate VLAN for clients and vendors who may need access to
the network.
The IT staff will also have a dedicated VLAN as well. IT will be on VLAN 0
while VoIP will be on VLAN 10, Data on VLAN 20 and Client/ Vendors will use
VLAN 30. This will add extra security as well.
8. NETWORK INFRASTRUCTURE WITH
SAN (SLIDE 11)Network Separation:
The SAN will be isolated from the rest of the network. The active
directory domain controller will also be separated from the SAN. This
is due to the fact that the Active directory domain controller will be
hosting the VPN. Any security breech will be kept isolated from the
rest of the network.
Redundancy:
All and servers and switches will be duplicated and linked together in
the event that one goes out. All serves will be RAID 5 which will
stripe data with parity over sets of three hard drives. The SAN
servers will be set up on RAID 10, striping and mirroring, and will use
sets of 4 hard drives. In addition, a tape server will provide data
backup.
Speed:
All of the cabling between the devices in the SAN and the network
will be multi mode fiber. Although multi mode fiber has the same
speed as Cat 6, 10 Mb/s, the extra bandwidth in fiber means that
more signals can be simultaneously sent at one time. Due to the
expense, the rest of the network will not be utilizing the technology
at this time.
9. VIRTUALIZATION (SLIDE 12)
Network Separation:
The servers carrying Hyper-V will be firewall separated from
the reset of the network. In addition to physical separation,
logical separation will be done using Microsoft Hyper-V. VM
Ware is another popular virtual software, however is made by
the same corporation as the server software and will have no
compatibility issues. If a virus completely corrupt the virtual
server it can just be deleted and another one re-created at the
last known good configuration, or mirrored over.
Redundancy:
The physical servers containing the Hyper-V servers will be
duplicated and linked together in the event that one goes out.
Testing:
Instances of all company used software can be set up and
tested on Hyper-V. Operating systems and drivers can be
deployed and studied as well as used to quarantine viruses.
10. DHCP SCOPE (SLIDE 13)
Headquarters:
IP addresses scope for Headquarters will be 10.60.10.01/16 to 10.60.14.254/16
10.60.10.01 to 10.60.10.10 will be reserved for routers.
10.60.10.11 to 10.60.10.254 will be reserved for servers, switches, firewalls and
WAPs.
10.60.11.01 to 10.60.11.254 will be set aside for printers and other
peripheral devices.
10.60.12.01 to 10.60.14.254 will be dynamically assigned.
Design Centers:
IP addresses will go from 10.60.16/16 forward on intervals of 5 in the third octet.
10.60.16.01 to 10.60.16.10 will be reserved for routers.
10.60.16.11 to 10.60.16.254 will be reserved for servers, switches, firewalls and WAPs
10.60.17.01 to 10.60.17.254 will be set aside for printers and other peripheral devices.
10.60.18.01 to 10.60.20.254 will be dynamically assigned
Sales Offices:
IP addresses will go from 10.60.50/16 forward on intervals of 5 in the third octet.
10.60.50.01 to 10.60.50.100 will be reserved for routers, switches WAPs and printers.
10.60.50.101 to 10.60.50.254 will be dynamically assigned.
Initially sales offices will be separated by intervals of 5 on the third octet but new sales
offices can be inserted in between those intervals if necessary.
11. SALES WORKGROUPS (SLISE 14)
Network:
All employees will be on WiFi. Two Wireless Access Points will be connected
by Ethernet to a central router. In the office all employees will communicate
with each other in an “ad-hoc” configuration with the router acting as the
hub in a star topology.
All DNS, DHCP and NAT functions will be provided by the router.
Mobility:
Sales employees are constantly on the go. Therefore they will be issued, in
addition to a laptop, a smart phone. Their smart phone service will include a
hot spot for their laptops so they can access the internet anywhere there is
cell service.
Security
All sales staff will be on a VPN.
Hot Spot Device:
Employees will be issued the iPhone 6s. We have to throw Apple a bone
somewhere. The service provider will be AT&T with the built in hot spot.
12. NETWORK SECURITY (SLIDE 50)
What Network Security IS:
Network security is any activity designed to protect the network. These activities protect the
usability, reliability, integrity and safety of network and data. What are the threats to a
Network? After defining the Network security, our project will focus in the first part of our
discussion on the company Policies and procedures that must be followed in order to protect
the company, and then we will move to the second paragraph by talking about software
security and in the last paragraph, we will talk about company hardware policies.
What threats to a Network are:
There are varieties of threats that want to enter and spread on the network. In these days
the threat on the internet is sophisticated hence, the need for adequate security to stop
them.
There are different kinds of network security threats.
These include: viruses, Trojan horses, spyware, adware, zero-day attack, and hackers attack,
denial of service attack, data interception theft and identity theft. We need to be able to
detect, protect and respond to these ever-changing threats.
Hardware Policies:
Hardware policies must be implemented to keep people from gaining access to devices they
have no authorization to have access to. These security policies also cover protecting areas of
the building where extremely important devices are located and contingencies for device
malfunction and catastrophic damage to network components.
13. Password Policy (Slide 51)
-Minimum 10 characters. (Password Length)
-A minimum of one number, one letter, one capitol letter and one
special character. (Complexity)
-Password must be reset every three months. (Life of Password)
-After three unsuccessful attempts the login will be locked and a
supervisor will have to unlock the account.
(Password Lockout Policy)
-Properly use privileges and permissions: Every computer or
every OS has users with different level of permissions and
privileges. The main user is administrator or the root
account in UNIX or Linux
14. Software Deployment Policy: (Slide 52)
Deployment of Operating Systems and Applications:
All Operating Systems and applications will be deployed
from the server rather than on the individual computer.
Virtual Servers Testing:
Before being put on the server for deployment, all new
and upgraded operating systems, applications and
antivirus software will be tested on the virtual server
beforehand.
Where Antivirus Software is Installed:
Antivirus software will be installed on all company servers
and workstations.
Company provided smart phones will not give employees
the ability to download applications.
15. Antivirus Specifications: (Slide 53)
Reporting:
Software will generate a report of any incidents to the IT
manager. IT will have the discretion as to reporting only
successful or successful and failed attempts.
Types:
Install anti Spyware and Malware (software that collect
information about user names, passwords etc.)
Site Advisor:
We will keep a data base of all the known and reported web
sites with potential problems.
Alerts will be sent out when attempts to access these websites
are made.
Norton Security:
Norton security will be used on all workstations to keep viruses
from corrupting files and bringing down the Operating System.
16. Hardware: (Slide 54)
Firewalls:
Firewalls must have the ability to block ports as prescribed by the IT department.
Firewall separation:
Firewalls will be used to separate the forward facing network from the internet, the
workstations from the SAN and the SAN from the servers hosting the Hypervisor.
WAP:
The Wireless Access Points will have their broadcast turned off.
WAPs will be on a separate LAN.
Once installed any factory WAP credentials will be changed.
Routers:
Routers will have their broadcast turned off.
Routers will have WPA2 encryption using the AES encryption protocol.
Only secure ports including Secure Sockets Layer will be used.
Switches:
Quality of Service will put priority on Voice followed by Data and then Video. This will be
accomplished through separate LANs. Any factory set passwords on the switch will be
changed.
Proxy Server:
Proxy servers will be used to filter accessible web sites, obtain credentials from employees
before going to the internet, monitor bandwidth usage and have their own antivirus software
installed.
Install Site Advisor that will prevent from logging to the bad sites.
17. ACCEPTABLE USE POLICY: (Slide 55)
Properly use privileges and permissions:
Every computer or every OS has users with different level of permissions and privileges. The
main user is administrator or the root account in UNIX or Linux
Under the main administrator account create a hierarchy like user account with different
level of permissions and authorizations.
Web Browsers:
Web browser and Internet explorer: Web browsers are programs that we use to access web
page such google chrome, Firefox, internet explorer and apple safari. The risk with internet
explorer is that it allows you not only to surf the net but also to connect to others computers
in the way that other web browsers don’t. Therefore it will be easy for hacker to connect to
your computer thru the internet explorer.
Secured session:
Have time and date security, allow connection to the server only on a précised time and date.
For instance only allow connection to the network between 7am -10 am. Also set up a length
of the session. For instance, the session will automatically log off after 5 minutes of inactivity.
Hardware Policies
Only authorized personnel will have access to equipment. All workstations will remain
locked when the employee leaves his area.
The server room and computer closet shall remain locked at all times.
No network devices other than company issued mobile devices shall be taken out of the
building without express permission from IT management. They must be first checked in
with IT before being put back into the network.
19. PRIVILEGES AND PERMISSIONS: (Slide 57)
Consumer:
Search, view, copy, documents.
Contributor:
Create documents and folders, Modify documents and
VDs.
Coordinator:
Create cabinets and VD, view hidden documents.
System Administrator:
Access and Manage content servers, Repository, Users
and Groups.
20. COMPANY:
-ITWatchdogs.com
WHAT IS MONITORED:
-Temperature, Humidity, Leaks, Smoke, Power, 5V
Analogue/Sensor Changes.
How Anomalies are Logged:
-SNMP, Audible Alarms, Output Relays, email
alarms, Text messages.
Surveillance:
-Up to 4 IP cameras can be monitored.
Configuration:
-Any sensor can be configured to your choice.
21. CompuCom:
-Look for outages
-Analyze multiple calls coming in from the facility:
-Monitor and alert in case of fiber break.
-Monitor when server room doors have been opened.
-Issue tickets to log events and monitor trends.
22. AT&T:
-Access & Secure vulnerable files
-Respond to suspicious activity
-Insure health of device all the way to tier 3 health
-Analyze security breaches and send alerts.