Professional Documents
Culture Documents
Li Vn Hi
Trng i hc Khoa hc T nhin
Lun vn ThS. ngnh: Bo m ton cho my tnh v h thng tnh ton
M s: 60 46 35
Ngi hng dn: TS. L Trng Vnh
Nm bo v: 2012
Abstract. Kin trc mng campus: Gii thiu mng Campus; Mng Campus truyn
thng; Cc m hnh mng Campus; M hnh mng ba lp ca Cisco; M hnh
Modular trong thit k mng Campus; Mng LAN o (Virtual LAN - VLAN).
Nghin cu thc trng h thng thng tin ca Trng i hc iu dng Nam
nh: T chc, chc nng trng i hc iu Dng (HD) Nam nh; T chc
qun l v Cng ngh thng tin (CNTT); V cc nh hng pht trin nh Trng;
H thng phn mm v CSDL; H tng mng; H tng my ch; H thng an ninh,
bo mt. Thit k mng cho Trng i hc iu dng Nam nh: Tm tt v cc
phn mm trong tng lai ca nh trng; Thit k h tng my ch; Thit k h
tng mng cc b; Phn chia cc VLAN; Vn an ninh h thng.
Keywords. Ton tin; Mng Campus; Kin trc mng; H thng thng tin
Content
M U
Ngy nay vi mt lng ln v thng tin, nhu cu x l thng tin ngy cng cao. Mng my
tnh hin nay tr nn qu quen thuc i vi chng ta, trong mi lnh vc nh khoa hc, qun
s, quc phng, thng mi, dch v, gio dc... Hin nay nhiu ni mng tr thnh mt
nhu cu khng th thiu c. Ngi ta thy c vic kt ni cc my tnh thnh mng cho
chng ta nhng kh nng mi to ln nh:
S dng chung ti nguyn: Nhng ti nguyn ca mng (nh thit b, chng trnh,
d liu) khi c tr thnh cc ti nguyn chung th mi thnh vin ca mng u c
th tip cn c m khng quan tm ti nhng ti nguyn u.
Tng tin cy ca h thng: Ngi ta c th d dng bo tr my mc v lu tr
(backup) cc d liu chung v khi c trc trc trong h thng th chng c th c
khi phc nhanh chng. Trong trng hp c trc trc trn mt trm lm vic th
ngi ta cng c th s dng nhng trm khc thay th.
Nng cao cht lng v hiu qu khai thc thng tin: Khi thng tin c th c s
dng chung th n mang li cho ngi s dng kh nng t chc li cc cng vic vi
nhng thay i v cht nh:
p ng nhng nhu cu ca h thng ng dng kinh doanh hin i.
Cung cp s thng nht gia cc d liu.
Tng cng nng lc x l nh kt hp cc b phn phn tn.
Tng cng truy nhp ti cc dch v mng khc nhau ang c cung cp trn
th gii.
Vi nhu cu i hi ngy cng cao ca x hi nn vn k thut trong mng l mi quan
tm hng u ca cc nh tin hc. V d nh lm th no truy xut thng tin mt cch
nhanh chng v ti u nht, trong khi vic x l thng tin trn mng qu nhiu i khi c th
lm tc nghn trn mng v gy ra mt thng tin mt cch ng tic.
Hin nay vic lm th no thit k mt h thng mng tt, an ton vi li ch kinh t cao
ang rt c quan tm. Mt vn t ra c rt nhiu gii php v cng ngh, mt gii php
c rt nhiu yu t cu thnh, trong mi yu t c nhiu cch la chn. Nh vy a ra
mt gii php hon chnh, ph hp th phi tri qua mt qu trnh chn lc da trn nhng u
im ca tng yu t, tng chi tit rt nh.
gii quyt nhng vn trn, lun vn ny trnh by cch thit k mng Campus theo
cng ngh ca Cico v sau p dng l thuyt vo thc tin thit k mng campus cho
trng i hc iu dng Nam nh. Cu trc ca lun vn c t chc nh sau:
Chng 1: Kin trc mng campus.
Chng 2: Thc trng h thng thng tin ca Trng i hc iu dng Nam nh.
Chng 3: Thit k mng cho Trng i hc iu dng Nam nh.
Chng 1.
KIN TRC MNG CAMPUS
1
1.1. Gii thiu mng Campus
Internet thay i cuc sng chng ta, vi s gia tng s lng ca cc dch v giao dch
trc tuyn, gio dc, v gii tr, iu ny thc y chng ta tm ra nhiu phng php
truyn thng vi nhau.
Lin mng (internetworing) l s truyn thng gia mt hay nhiu mng, gm c nhiu my
tnh kt ni li vi nhau. Lin mng my tnh ngy cng ln mnh h tr cho cc nhu cu
truyn thng khc nhau ca h thng u cui. Mt lin mng i hi nhiu giao thc v tnh
nng cho php s m rng. Cc lin mng ln gm c 3 thnh phn nh sau:
Mng Campus: gm c cc user kt ni cc b trong mt hay mt nhm cc
ta nh.
Mng WAN: kt ni cc mng Campus li vi nhau.
Kt ni t xa: lin kt cc nhnh v cc user n l ti mng Campus hay
Internet.
Hnh 1.1 l mt v d v mt lin mng in hnh:
1.
Thit k mt lin mng l mt cng vic th thch nng lc i vi ngi thit k. thit
k mt lin mng c tin cy v c tnh m rng, th ngi thit k phi hiu r v ba thnh
phn quan trng ca mt lin mng vi nhng i hi thit k khc nhau.
1.2.
Mng Campus truyn thng
Trong cc nm 1990, mng Campus truyn thng bt u l mt mng LAN v ln dn. Tuy
nhin, cc LAN khng th ln dn mi mi, m n mt ln no , chng ta cn phi cn
phn on mng (chia mng thnh cc khu vc hay min cho d qun l) duy tr kh nng
hot ng ca mng sao cho: thi gian p ng (tr li) cn c m bo vi cc chc nng
ca mng. Thm na, phn ln cc ng dng phi c lu tr v chuyn tip c mt iu
cn thit na l cht lng cc dch v ty.
1.2.1. Vn kh nng hot ng ca mng v gii php
Tnh sn sng v kh nng hot ng l hai vn chnh i vi mng Campus truyn thng.
Tnh sn sng b nh hng bi s lng user c gng truy cp mng cng mt thi im,
cng vi tin cy ca chnh mng . Kh nng hot ng trong mng Campus truyn
thng bao gm cc vn nh: ng , bng thng, broadcast, multicast.
ng (Collision)
ng l: hin tng cc tn hiu pht t hai my gy nhiu ln nhau. Hai tn hiu gy
nhiu ln nhau cn gi l xung t.
Min ng (Collision Domain): y l mt vng c kh nng b ng do hai hay nhiu
my tnh cng gi tn hiu ln mi trng truyn thng.
Min qung b (Broadcast Domain): y l mt vng m gi tin pht tn hay qung b (gi
tin broadcast) c th i qua c. Trong min qung b c th bao gm nhiu min ng .
Bng thng (Bandwidth)
rng.
Khong cch.
Broadcast v multicast
VLAN cng l mt gii php, nhng VLAN ch l min broadcast vi ng bin o. Mt
VLAN l mt nhm cc thit b trn cc phn on mng khc nhau, l mt min
broadcast bi ngi qun tr mng. Li ch ca VLAN l v tr vt l khng cn l nhn t
xc nh cng (port) m ta s thm vo mt thit b trong mng. Ta c th thm mt
thit b vo bt k port no ca switch v ngi qun tr mng s gn port cho VLAN.
Mt port cao.
Chc nng bo mt v kt ni da trn chnh sch qua danh sch truy cp hoc
lc gi.
Chi ph cao
Kiu lu lng.
Khi Switch qun l mng thng c lp phn phi kt ni vo cc switch ca khi nhn. V
cc cng c ny c dng pht hin li xy ra ti thit b v cc kt ni, nn li ch ca
n rt quan trng. Cc kt ni d phng v switch d phng u c s dng.
Khi Enterprise bin
Khi nh cung cp dch v bin
1.6.
Mng LAN o (Virtual LAN - VLAN)
Vn v cn bng ti: trong flat network ta khng th thc hin truyn trn nhiu
ng i, v lc mng rt d b lp, to nn broadcast storm nh hng n bng thng
ca ng truyn. Do khng th chia ti (cn gi l cn bng ti).
1.6.1. Cc kiu thnh vin ca VLAN (VLAN Membership)
Khi VLAN c cung cp switch lp Access, th cc u cui ngi dng phi c mt vi
phng php ly cc thnh vin n n. C 2 kiu tn ti trn Cisco Catalyst Switch l:
Static VLAN.
Dynamic VLAN.
Static VLAN
Kiu thnh vin Static VLAN thng c qun l trong phn cng vi mch tch hp ng
dng c bit ASIC (Application Specific Intergrated Circuit) trong switch. Kiu ny cung
cp kh nng hot ng tt v tt c vic nh x cc port c lm mc phn cng v vy
khng cn c bng truy tm phc tp.
Dynamic VLAN
Dynamic VLAN cung cp thnh vin da trn a ch MAC ca thit b ngi dng u cui.
Khi mt thit b kt ni n mt port ca switch, switch phi truy vn n c s d liu
thit lp thnh vin VLAN. Ngi qun tr mng phi gn a ch MAC ca user vo mt
VLAN trong c s d liu ca VMPS (VLAN Membership Policy Server). Hnh 1.12 biu
din Dynamic VLAN vi bng a ch MAC
1.6.2. Trin khai VLAN
thc thi VLAN, ta phi xem xt s thnh vin ca VLAN, thng thng s VLAN s ph
thuc vo kiu lu lng, kiu ng dng, phn on cc nhm lm vin ph bin v cc yu
cu qun tr mng.
End-to-end VLA
Local VLAN
End-to-end VLAN
Local VLAN
Chng 2.
THC TRNG H THNG THNG TIN
CA TRNG I HC IU DNG NAM NH
2.1. T chc, chc nng trng HD Nam nh2
Trng i hc iu dng Nam nh (HD) c c cu t chc v chc nng ca mt
trng i hc theo quyt nh 24/2004/Q-TTg ban hnh ngy 26 thng 02 nm 2004 ca
th Tng Chnh ph qui nh chc nng, nhim v, quyn hn, trch nhim v ch qun
2.
h thng server phc v tc nghip. Khng c h thng server d phng (backup) chy khi
h thng server phc v tc nghip b li. Khng c h thng server phc v vic o to
hoc th nghim cc phn mm mi. Khng c h thng server qun l vic truy nhp mng.
2.7. H thng an ninh, bo mt
2.7.1. An ninh vt l
Vic truy cp vo cc my ch khng c gim st. Vic truy nhp vo phng my ch
c m cho tt c cc cn b CNTT.
2.7.2. An ninh CSDL
Nh trng ang thiu mt m hnh d liu v cc quy tc bo mt km theo. Bo mt d
liu hin ti da hon ton vo chc nng ca mi ng dng.
2.7.3. An ninh ng dng
Mi ng dng duy tr mt b ti khon ngi dng c xc nh trc vi quyn truy cp
c cp theo cc chc nng ca phn mm. Qun tr ng dng s dng cc chc nng ca
phn mm to v qun l ti khon ngi dng. Tn v mt khu truy nhp l c ch duy
nht xc thc ngi dng. Thng tin ny c lu tr ti ch trong bn CSDL ng dng
c m ho.
2.7.4. An ninh mng
Mng LAN ca nh trng c cu trc phng iu c ngha l khng c thit k phn
mng. Trong mng LAN phng, tt c cc my trm trc tip kt ni cng nhau; cc my ch
v cc my trm c t trong cng khng gian lm vic. Worms, Trojans hoc viruses c
th d thm nhp t my ny sang my khc.
Chng 3.
THIT K MNG CAMPUS
CHO TRNG H D NAM NH
3.1. Tm tt v cc phn mm trong tng lai ca nh trng
Phn mm qun l cc hot ng ca nh trng s c u t trong tng lai theo qui m
ca mt trng i hc. Vic u t s c thc hin qua nhiu nm.
3.1.1. H thng ng dng
H thng phn mm qun l (PMQL) ca nh trng s l h thng tch hp, s dng c s
d liu thng nht v tp trung x l. H thng PMQL bao gm cc phn h c m t
trong s di y.
3.1.2. Yu cu h tng my ch
o Nhm my ch qun l v gim st h thng
o Nhm my ch cung cp cc dch v h tng cn bn (xc thc/nh danh,
chia s file v in n, sao lu d phng)
o Nhm my ch chy cc ng dng qun l ni b
o Nhm my ch cung cp cc dch v trao i vi bn ngoi (web, mail, proxy,
tng la)
3.1.3. Yu cu h tng mng
vn hnh c h thng PMQL mi tp trung th iu kin tin quyt l phi xy dng
c h tng mng n nh thng sut trong nh trng.
3.2. Thit k h tng my ch
3.2.1. Phn hoch cc vng h tng my ch
Vng My ch: Bao gm cc my ch phc v cho cc hot ng chnh. Trong mt mi
trng y , vng ny phi bao gm cc mi trng my ch khc nhau nh Mi trng
vn hnh (production), Mi trng d phng (backup), Mi trng o to / kim th
(training / testing). Vng ny c thit k bao gm ton b tt c cc my ch ca cc mi
trng trn v c t trong cng mt VLAN.
Vng Truy cp: thuc phm vi hot ng ca cc phng nghip v, cha cc my trm lm
vic.
3.2.2 Gii php mi trng tr s xut
m bo s hot ng lin tc v an ninh ca h thng my ch chy cc ng
dng tp trung, cn thit phi duy tr mi trng t my ch ring tch ri khi mi trng
lm vic v trang b mt s thit b h tr nh sau
B lu in: Cn b sung thm b lu in 3KVA cho mi h thng my ch
My pht in: Cn trang b mi 01 my pht in h tr cho mi trng my ch
trong trng hp mt in cc b.
Bo chy: Cn trang b h thng bo chy ti ch, lp t cho mi trng my ch
3.3. Thit k h tng mng cc b
3.3.1. Tiu chun mng
Mng cc b ca nh phc v cc nhu cu trao i / chia s ti nguyn cc b gia cc phng
v l h tng chy cc ng dng nghip v cho ton b cc n v nh trng. V c bn v
tr cc phng ban vn s c s thay i v m rng khi nh. Do vy mng cn t c cc
yu cu sau khi thit k
- C hiu sut cao trn on kt ni li. Tiu chun xut l Gigabit Ethernet vi cp
CAT5e tr ln, cc switch thuc phn on ny cn h tr cng 1000Base-T. Cc phn on
khc c th duy tr chun Fast Ethernet vi s n nh v chi ph tit kim.
- Cho php chia mng thnh cc phn on mng ring bit m bo an ninh v
gim xung t d liu, tng hiu sut mng. Cc switch cn h tr VLAN to cc mng
cc b o gia cc nhm ngi dng phng ban khc nhau.
C kh nng m rng cc nt mng m khng nh hng ti kin trc thit k.
Nguyn tc kin trc 3 lp mng ca Cisco c th c p dng.
3.3.2. H tng mng cc b
Trong thit k mi trc phn phi s gm 01 switch t ti mi tng ca ta nh, kt ni cho
y ti cp core switch ca mng, m bo tnh sn sng ngay c mt trong hai ng kt
ni gp s c.
B ngn nga thm nhp (IPS Instrusion Prevention System): lc theo thi gian thc cc
gi tin mc cao pht hin v ngn nga cc cuc tn cng vo h thng.
Tng la (firewall): Thit lp cc quy nh v cc di a ch v cng c cho php
thm nhp h thng.
B nh tuyn (router): chuyn hng gi d liu ra/vo gia mng cc b v pha
bn ngoi.
Trong m hnh ca h thng PMQL mi c thit k x l tp trung ti cp tnh thng qua
h tng mng. Tnh kt ni ca h thng mng tr nn mt yu t quan trng.
3.3.3. S sn
H thng cp UTP c d kin i ni trn cao i vi cc on ngoi phng lm vic (trong
mng nha 60x40mm) v i di chn tng trong phng lm vic (mng nha (39x18mm).
Cc switch s c gn trn cao ti cc gc nh hoc v tr ph hp thc t trnh tm va chm
thng xuyn v nh hng thi tit, nhiu in.
Cc u nt mng ti phng lm vic l cc outlet i cch chn tng khong 20-25cm. Ti
khi core, cc switches s c t trong t v u ni thng qua patch panel.
Thit b Firewall (bc tng la)
Mc ch to ra cc lut ngn chn cc kt khng c php vo h thng mng ca nh
trng. Chn cm cc trang Web c hi. Qun l vic truy nhp internet.
Server Domain control:
References
Ting Vit
1. Trung tm khoa hc t nhin v cng ngh quc gia - vin cng ngh thng tin
2.
3.
4.
5.
6.
7.
Ting Anh