Scribd Logo
Upload

Welcome to Scribd!

  • Enterprise Networks 10

    Uploaded by

    Pro Nammo Pro
    24 views35 pages
    Enterprise networks support thousands of users across a company's diverse geographical locations - may involve hundreds of servers Each location may look like a simple system, but the complexity increases as these systems are linked together. From the 'nano' to the 'giga' view Sridhar Iyer IIT Bombay 5 A'micro' level view a single subnet (dept) in an organization - Decentralized resource sharing (printers, files etc)

    Original Description:

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Enterprise networks support thousands of users across a company's diverse geographical locations - may involve hundreds of servers Each location may look like a simple system, but the complexity increases as these systems are linked together. From the 'nano' to the 'giga' view Sridhar Iyer IIT Bombay 5 A'micro' level view a single subnet (dept) in an organization - Decentralized resource sharing (printers, files etc)

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    24 views35 pages

    Enterprise Networks 10

    Uploaded by

    Pro Nammo Pro
    Enterprise networks support thousands of users across a company's diverse geographical locations - may involve hundreds of servers Each location may look like a simple system, but the complexity increases as these systems are linked together. From the 'nano' to the 'giga' view Sridhar Iyer IIT Bombay 5 A'micro' level view a single subnet (dept) in an organization - Decentralized resource sharing (printers, files etc)

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 35

    EnterpriseNetworks:

    Ananotoagigaperspective

    SridharIyer IITBombay www.it.iitb.ac.in/~sri

    WhatareEnterpriseNetworks?

    SridharIyer

    IITBombay

    WhatareEnterpriseNetworks?
    Supportthousandsofusersacrossacompanys diversegeographicallocations
    Mayinvolvehundredsofservers

    Eachlocationmaylooklikeasimplesystem, butthecomplexityincreasesasthesesystems arelinkedtogether IstheInternetanEnterpriseNetwork?


    SridharIyer IITBombay 3

    EnterpriseNetworks:Onedefinition
    Large
    105edgedevices,103networkdevices

    Geographicallydistributed
    Multiplecontinents,102countries

    Tightlycontrolled
    ITdepartmenthas(nearly)completecontrolover userdesktopsandnetworkconnectedequipment
    SridharIyer IITBombay 4

    DrivingforceConvergence
    Notaboutgadgetsoraccesstechnologies
    Theseareactuallyincreasingindiversity

    Butaboutservicesandapplications
    ThequestforAnytime,Anywhere,Anyformaccessto anyintranet/extranetapplication

    Enterprisesneedtocopewithdemandfornew servicesandapplications
    Supportedbycomputingandcommunicationsfabrics

    Weneedtounderstandtheissuesinvolved
    Agoodwaytobegin:Fromthenanotothegigaview
    SridharIyer IITBombay 5

    Ananolevelview
    Asinglemachineinan organization
    Smallestcomponent Ex:AstudentinKReSIT

    Hardware:Desktop/Laptop Software:Applicationpkgs TypicalITspending


    AroundRs.50,000/ Upgradeevery2years? Internetaccess?
    SridharIyer IITBombay 6

    Behindthescenes

    SridharIyer

    IITBombay

    Issuesatthenanolevel
    Applicationrelated
    Softwareversionincompatibilities Thisprogramwasworkingfineyesterday. Performance Thisiswaytooslow.Ineedafastermachine.

    Networkrelated
    Security Itlookslikethereisavirusonmymachine. Administration IcannotrememberwhichgatewayIamsupposedtouse.

    Onesolutionstrategy
    Rudimentarysystemadministration;Moveuponelevel
    SridharIyer IITBombay 8

    Amicrolevelview
    Asinglesubnet(dept)inan organization
    Decentralizedresource sharing(printers,filesetc) Ex:AlabinKReSIT

    Hardware:Switches,cables Software:Security,Mgmt TypicalITspending


    AroundRs.500,000/ (excludingdesktops)
    9

    Approx10sofmachines 12switches,1000mcabling

    SridharIyer

    IITBombay

    SridharIyer

    IITBombay

    10

    Issuesatthemicrolevel
    Applicationrelated
    ResourceSharing Somebodyhaschangedthesettingonthisprinter. ScalabilityandPerformance Thisistooslowduringtheday.Illtryitatnight.

    Networkrelated
    Security Somebodyseemstohavebrokenintomymachine. Administration Hey,thereisanIPaddressconflict.

    Onesolutionstrategy
    RudimentaryITadministration;Moveuponelevel
    SridharIyer IITBombay 11

    Amillilevelview
    Asingleentityinan largeorganization
    100sofusers Ex:KReSITinIITBombay Centralizedmodelfordata storage,security,running applicationsandnetwork administration Hardware:Routers,Servers Software:Applications,Mgmt Approx100sofmachines 1020switches,23routers 45servers
    SridharIyer IITBombay

    TypicalITspending
    Rs.50,00,000/fornetwork Rs.3,00,00,000/servers Annualmaintenancecost! 12

    SridharIyer

    IITBombay

    13

    Issuesatthemillilevel
    Applicationrelated Sizing HowmanyserversdoIneedandofwhatperformance? Deployment HowshouldIdeploymyapplicationsandothersystems? Networkrelated Sizing HowmuchbandwidthdoIneedtokeepusershappy? Security MACflooding;ARPspoofing;DenialofService Administration DHCP;Firewalls;Proxyservers;Logging Thecosttomanagestorageistypicallytwicethecostoftheactual storagesystem.
    SridharIyer IITBombay 14

    ITmanager, administrator, alreadyhasto dealwithterrific complexity.

    Theworst possiblesituation tobeinis:trying toidentify,root cause,and resolveproblems insuchcomplex setups.


    SridharIyer IITBombay 15

    Atypicalenterpriselevelview
    Asingleorganization
    1000sofusers Ex:IITBombay Multipleduplicateservers andmorecomplexnetwork Hardware:Routers,Servers Software:ERP,CRM,security, accountingandothersystems

    TypicalITspending
    Approx10soflocations Approx1000sofmachines 100sofswitches,10sofrouters
    SridharIyer IITBombay

    Requirementsareever increasing Boundedonlybybudget constraints!


    16

    SridharIyer

    IITBombay

    17

    Issuesatthetypicallevel
    Applicationrelated Interfaces HowmanyinterfacesshouldIprovideforaserviceaccess? LAN,WAN,web,handhelddevices Monitoring HowshouldIensureapplicationqualityofservice? Minimizedowntime,Autoalertsforoverload Networkrelated Sizing:HowmuchInternetbandwidthdoIneed? Wireless:HowshouldIhandlewirelessdevices? Security:HowshouldIsetupfirewalls,proxiesandDMZ? Administration:Whataremyauthentication/accesspolicies?
    SridharIyer IITBombay 18

    SridharIyer

    IITBombay

    19

    TieredViewofanEnterprise
    SW Load Balancer Web Server App Server Process Server Message & Event Bus

    Application tier
    Balancer

    DNS Server

    Load

    OS HW OS HW

    Storage DB

    Compute tier

    Access Router

    Switch Network

    Firewall

    I nternet Extranet

    Network tier
    SridharIyer IITBombay
    Source:UmeshBellur,IITBombay

    20

    Akilolevelview
    Anationalnetworkfora singleorganization
    Ex:LIC,NSDL

    Needtoleaselinesor useroutingservices providedbyISPs. CreationofaWideArea NetworkBackbone


    Approx100soflocations Approx10000sofmachines 1000sofswitches,100sofrouters
    SridharIyer IITBombay

    TypicalITspending
    Variesfromtensto hundredsofcrores
    21

    Complexheterogeneousinfrastructures
    Directory andSecurity Services

    Dozensof systemsand applications

    Existing Applications andData Business Data

    DNS Server

    Web Server

    Web Application Server

    Data Server

    Thousandsof tuning parameters


    StorageArea Network

    Data

    Hundredsof components

    BPsand External Services

    SridharIyer

    IITBombay

    22

    Issuesatthekilolevel
    Applicationrelated Placement Whataretheoptimallocationsformyvariousapplications? Tuning HowshouldItunemyapplicationsforoptimalperformance? Scalability HowshouldIscalemyapplicationsforincreasingusage? Networkrelated Sizing:HowshouldIprovisionmyWAN/Internetconnectivity? Security:HowdoIcopewithmysecurityvulnerabilities? Backup:Whataremystandbyandfailovermechanisms? Administration:WhataremypoliciesforVPNandothers?
    SridharIyer IITBombay 23

    eBusinessFunctionalArchitecture

    Financials P O R T A L CRM Service Apps Billing

    HRD Supplier B2B External Gateway Partner Network Business Partner ERP

    Customer Network

    Customers

    Example:Amazon
    SridharIyer IITBombay 24

    Source:UmeshBellur,IITBombay

    OneSolutionArchitecture
    UserTier Web,http,XML
    Voice WAP

    WebTier
    Web ServerFarm eCommerce Portal

    MiddleTiers
    J2EEOR CORBA Containers, Workflow Expert systems BusinessLogic BackOffice Systems

    Front HTTP End Integration XML

    RMI Messaging CORBA

    Other

    SridharIyer

    IITBombay

    Source:UmeshBellur,IITBombay

    25

    SolutionArchitecture(contd.)
    DataTier
    Distributed Databases, Warehousing Data Storage Logicand Reporting

    SQLvia JDBCor ODBC

    Application complexity OnlineData overshadows Backup thenetwork


    Services

    Applicationmay beunavailable despitenetwork andbandwidth availability


    Partner Networkor Internet (EDI,Web Services,XML OverHTTPetc.)
    IITBombay

    RMI Messaging CORBA

    B2B Gateways, Payment serversetc.

    Supplier Integration

    Needtoarchitect systemsfor greaterreliability, faulttolerance, scalabilityetc.


    Source:UmeshBellur,IITBombay

    SridharIyer

    26

    Amegalevelview
    local ISP Tier 3 ISP local local ISP local ISP ISP Tier-2 ISP Tier-2 ISP

    Aninternationalnetwork forasingleorganization
    Ex:Intel Needtocoordinatewith internationalbandwidth providers

    Tier-2 ISP local ISP

    Tier 1 ISP

    NAP

    Tier 1 ISP
    Tier-2 ISP local ISP local ISP

    Tier 1 ISP
    Tier-2 ISP local ISP

    Apacketmayhaveto passthroughmany networks!

    tier-2 ISP is customer of tier-1 provider

    Approx10sofcountries 1000soflocations
    SridharIyer IITBombay

    TypicalITspending?
    27

    Issuesatthemegalevel
    Applicationrelated Aggregation Centralizedv/sdistributedschemesforaggregationatthe variousdatacentersandapplications. Replication Replicationandcachingmechanismsforfasteraccess. Robustness Ensuringapplicationavailabilitydespitevariousfailures. Networkrelated SLA:ServiceLevelAgreementswithbandwidthproviders. Administration:Earlyfaultdiagnosisandwarningsystems. Security:Thisproblemonlygetsworse!
    SridharIyer IITBombay 28

    Security:Speedofnetworkattacks

    1980s1990s Usuallyhadweeksor monthstoputsome defenseinplace.

    20002003 Attacksprogressedover hours,timetoassess dangerandimpact. Timetoimplementdefense.

    2003Future Attacksprogressonthe timelineofseconds. SQLSlammerWorm: Doubledevery8.5seconds After3min:55Mscans/sec 1GbLinkissaturatedafter oneminute 29

    SridharIyer

    IITBombay

    Security:ThreatEvolution
    Global Impact Regional Networks Multiple Networks Individual Networks Individual Computer

    ScopeofDamage

    NextGen
    Infrastructure Hacking,Flash Threats, MassiveWorm DrivenDDoS, Negative payload Viruses, Wormsand Trojans

    3rdGen 2ndGen
    MacroViruses, Trojans,Email, SingleServer DoS,Limited Targeted Hacking MultiServer DoS,DDoS, BlendedThreat (Worm+Virus+ Trojan),Turbo Worms, Widespread System Hacking

    1stGen
    BootViruses

    1980s
    SridharIyer

    SophisticationofThreats
    IITBombay

    1990s

    Today

    Future
    30

    Agigalevelview
    Internet Computers Internet Users
    93 Million

    407 Million

    Automobiles
    663 Million 1.5 Billion

    Impactofnew technologies Todays Internet Wirelessaccess Embeddedctrl RFIDtagging X-Internet

    Telephones Electronic Chips


    30 Billion

    Nothardtoimagine aninternational network,spanning acrossmultiple, diverseorganizations InternetofThings

    100soforganizations 100sofcountries Millionsandbillionsofdevices


    SridharIyer IITBombay

    Forrester Research, 2001

    31

    TheEPCmodel:InternetofThings

    SridharIyer

    IITBombay

    Source:www.epcglobalinc.org

    32

    Enterprisenetworks:Thecompletepicture

    NetworkingandApplications ConnectivityandServices Maintenance Scalabilityandrobustness Faulttolerance Loadbalancing Integrationacrosssystems Security


    SridharIyer IITBombay 33

    References
    A.S.Tanenbaum.ComputerNetworks.PearsonEducation, 2003. L.L.PetersonandB.S.Davie.ComputerNetworks:A SystemsApproach.MorganKaufmann,2002. J.Schiller,MobileCommunications,AddisonWesley, 2003. YB.LinandIChlamtac,WirelessandMobileNetwork Architectures,Wiley,2001.

    SridharIyer

    IITBombay

    34

    ThankYou
    OtherTutorialsat:www.it.iitb.ac.in/~sri GoogleSearch:SridharIyerIITBombay ContactDetails: SridharIyer SchoolofInformationTechnology IITBombay,Powai,Mumbai400076 Email:sri@it.iitb.ac.in
    SridharIyer IITBombay 35

    You might also like