Professional Documents
Culture Documents
Ananotoagigaperspective
WhatareEnterpriseNetworks?
SridharIyer
IITBombay
WhatareEnterpriseNetworks?
Supportthousandsofusersacrossacompanys diversegeographicallocations
Mayinvolvehundredsofservers
EnterpriseNetworks:Onedefinition
Large
105edgedevices,103networkdevices
Geographicallydistributed
Multiplecontinents,102countries
Tightlycontrolled
ITdepartmenthas(nearly)completecontrolover userdesktopsandnetworkconnectedequipment
SridharIyer IITBombay 4
DrivingforceConvergence
Notaboutgadgetsoraccesstechnologies
Theseareactuallyincreasingindiversity
Butaboutservicesandapplications
ThequestforAnytime,Anywhere,Anyformaccessto anyintranet/extranetapplication
Enterprisesneedtocopewithdemandfornew servicesandapplications
Supportedbycomputingandcommunicationsfabrics
Weneedtounderstandtheissuesinvolved
Agoodwaytobegin:Fromthenanotothegigaview
SridharIyer IITBombay 5
Ananolevelview
Asinglemachineinan organization
Smallestcomponent Ex:AstudentinKReSIT
Behindthescenes
SridharIyer
IITBombay
Issuesatthenanolevel
Applicationrelated
Softwareversionincompatibilities Thisprogramwasworkingfineyesterday. Performance Thisiswaytooslow.Ineedafastermachine.
Networkrelated
Security Itlookslikethereisavirusonmymachine. Administration IcannotrememberwhichgatewayIamsupposedtouse.
Onesolutionstrategy
Rudimentarysystemadministration;Moveuponelevel
SridharIyer IITBombay 8
Amicrolevelview
Asinglesubnet(dept)inan organization
Decentralizedresource sharing(printers,filesetc) Ex:AlabinKReSIT
Approx10sofmachines 12switches,1000mcabling
SridharIyer
IITBombay
SridharIyer
IITBombay
10
Issuesatthemicrolevel
Applicationrelated
ResourceSharing Somebodyhaschangedthesettingonthisprinter. ScalabilityandPerformance Thisistooslowduringtheday.Illtryitatnight.
Networkrelated
Security Somebodyseemstohavebrokenintomymachine. Administration Hey,thereisanIPaddressconflict.
Onesolutionstrategy
RudimentaryITadministration;Moveuponelevel
SridharIyer IITBombay 11
Amillilevelview
Asingleentityinan largeorganization
100sofusers Ex:KReSITinIITBombay Centralizedmodelfordata storage,security,running applicationsandnetwork administration Hardware:Routers,Servers Software:Applications,Mgmt Approx100sofmachines 1020switches,23routers 45servers
SridharIyer IITBombay
TypicalITspending
Rs.50,00,000/fornetwork Rs.3,00,00,000/servers Annualmaintenancecost! 12
SridharIyer
IITBombay
13
Issuesatthemillilevel
Applicationrelated Sizing HowmanyserversdoIneedandofwhatperformance? Deployment HowshouldIdeploymyapplicationsandothersystems? Networkrelated Sizing HowmuchbandwidthdoIneedtokeepusershappy? Security MACflooding;ARPspoofing;DenialofService Administration DHCP;Firewalls;Proxyservers;Logging Thecosttomanagestorageistypicallytwicethecostoftheactual storagesystem.
SridharIyer IITBombay 14
Atypicalenterpriselevelview
Asingleorganization
1000sofusers Ex:IITBombay Multipleduplicateservers andmorecomplexnetwork Hardware:Routers,Servers Software:ERP,CRM,security, accountingandothersystems
TypicalITspending
Approx10soflocations Approx1000sofmachines 100sofswitches,10sofrouters
SridharIyer IITBombay
SridharIyer
IITBombay
17
Issuesatthetypicallevel
Applicationrelated Interfaces HowmanyinterfacesshouldIprovideforaserviceaccess? LAN,WAN,web,handhelddevices Monitoring HowshouldIensureapplicationqualityofservice? Minimizedowntime,Autoalertsforoverload Networkrelated Sizing:HowmuchInternetbandwidthdoIneed? Wireless:HowshouldIhandlewirelessdevices? Security:HowshouldIsetupfirewalls,proxiesandDMZ? Administration:Whataremyauthentication/accesspolicies?
SridharIyer IITBombay 18
SridharIyer
IITBombay
19
TieredViewofanEnterprise
SW Load Balancer Web Server App Server Process Server Message & Event Bus
Application tier
Balancer
DNS Server
Load
OS HW OS HW
Storage DB
Compute tier
Access Router
Switch Network
Firewall
I nternet Extranet
Network tier
SridharIyer IITBombay
Source:UmeshBellur,IITBombay
20
Akilolevelview
Anationalnetworkfora singleorganization
Ex:LIC,NSDL
TypicalITspending
Variesfromtensto hundredsofcrores
21
Complexheterogeneousinfrastructures
Directory andSecurity Services
DNS Server
Web Server
Data Server
Data
Hundredsof components
SridharIyer
IITBombay
22
Issuesatthekilolevel
Applicationrelated Placement Whataretheoptimallocationsformyvariousapplications? Tuning HowshouldItunemyapplicationsforoptimalperformance? Scalability HowshouldIscalemyapplicationsforincreasingusage? Networkrelated Sizing:HowshouldIprovisionmyWAN/Internetconnectivity? Security:HowdoIcopewithmysecurityvulnerabilities? Backup:Whataremystandbyandfailovermechanisms? Administration:WhataremypoliciesforVPNandothers?
SridharIyer IITBombay 23
eBusinessFunctionalArchitecture
HRD Supplier B2B External Gateway Partner Network Business Partner ERP
Customer Network
Customers
Example:Amazon
SridharIyer IITBombay 24
Source:UmeshBellur,IITBombay
OneSolutionArchitecture
UserTier Web,http,XML
Voice WAP
WebTier
Web ServerFarm eCommerce Portal
MiddleTiers
J2EEOR CORBA Containers, Workflow Expert systems BusinessLogic BackOffice Systems
Other
SridharIyer
IITBombay
Source:UmeshBellur,IITBombay
25
SolutionArchitecture(contd.)
DataTier
Distributed Databases, Warehousing Data Storage Logicand Reporting
Supplier Integration
SridharIyer
26
Amegalevelview
local ISP Tier 3 ISP local local ISP local ISP ISP Tier-2 ISP Tier-2 ISP
Aninternationalnetwork forasingleorganization
Ex:Intel Needtocoordinatewith internationalbandwidth providers
Tier 1 ISP
NAP
Tier 1 ISP
Tier-2 ISP local ISP local ISP
Tier 1 ISP
Tier-2 ISP local ISP
Approx10sofcountries 1000soflocations
SridharIyer IITBombay
TypicalITspending?
27
Issuesatthemegalevel
Applicationrelated Aggregation Centralizedv/sdistributedschemesforaggregationatthe variousdatacentersandapplications. Replication Replicationandcachingmechanismsforfasteraccess. Robustness Ensuringapplicationavailabilitydespitevariousfailures. Networkrelated SLA:ServiceLevelAgreementswithbandwidthproviders. Administration:Earlyfaultdiagnosisandwarningsystems. Security:Thisproblemonlygetsworse!
SridharIyer IITBombay 28
Security:Speedofnetworkattacks
SridharIyer
IITBombay
Security:ThreatEvolution
Global Impact Regional Networks Multiple Networks Individual Networks Individual Computer
ScopeofDamage
NextGen
Infrastructure Hacking,Flash Threats, MassiveWorm DrivenDDoS, Negative payload Viruses, Wormsand Trojans
3rdGen 2ndGen
MacroViruses, Trojans,Email, SingleServer DoS,Limited Targeted Hacking MultiServer DoS,DDoS, BlendedThreat (Worm+Virus+ Trojan),Turbo Worms, Widespread System Hacking
1stGen
BootViruses
1980s
SridharIyer
SophisticationofThreats
IITBombay
1990s
Today
Future
30
Agigalevelview
Internet Computers Internet Users
93 Million
407 Million
Automobiles
663 Million 1.5 Billion
31
TheEPCmodel:InternetofThings
SridharIyer
IITBombay
Source:www.epcglobalinc.org
32
Enterprisenetworks:Thecompletepicture
References
A.S.Tanenbaum.ComputerNetworks.PearsonEducation, 2003. L.L.PetersonandB.S.Davie.ComputerNetworks:A SystemsApproach.MorganKaufmann,2002. J.Schiller,MobileCommunications,AddisonWesley, 2003. YB.LinandIChlamtac,WirelessandMobileNetwork Architectures,Wiley,2001.
SridharIyer
IITBombay
34
ThankYou
OtherTutorialsat:www.it.iitb.ac.in/~sri GoogleSearch:SridharIyerIITBombay ContactDetails: SridharIyer SchoolofInformationTechnology IITBombay,Powai,Mumbai400076 Email:sri@it.iitb.ac.in
SridharIyer IITBombay 35