1 An Overview: The request for, Credit for Network Infrastructure Design (IT329) ELP Essay: The request for Network Infrastructure Design (IT329), Daryl Shaver CTU Prior Learning: 7/28/09 2 A credit request for Network Infrastructure Design (IT329) This paper is written to provide a credit request for IT329, through my work/Life Experience related to instruction, beginning with a brief overview of my related training and actual work related to Network Infrastructure Design Engineering. I have developed strong Network Infrastructure design skills a long with Systems information processes foundation and a keen technical understanding, which allowed me to build and design Network Infrastructures and Client/Server management systems, which also have strong security features and network managements systems. Object 1. From IT29 Systems Administration, was met by my experience as a SR Network Design engineer working MCI, and Analyst International, also various other consulting companies in which my duties included explaining and presenting network architectures and networking basic in my designs. In today’s IT departments most production applications will generally require access to the network in order to establish communication with system servers, applications, end users and other networking devices such as VoIP Phone systems. There have been many developments that have changed the network infrastructures such as ecommerce for example which has opened the doors to VMs allowing for multiple server farms to work together in a rack mount system. Additionally; this means that utilizing server virtualization as hosts systems require connections for management also creating the need for storage networking for backup, and storage purposes. Consider these requirements when determining the network configuration for the server virtualization infrastructure. The other networking infrastructures being designed today also include Data base clusters in a distributed architecture across corporate backbone networks over the WAN and connecting the internet 3 using the application requirements collected from analyzing business and technical requirements. These business requirements must be considered for designing the physical server layout and design for each host server, in order to determine the number of physical network adapters and the total throughput requirements for these devices connecting the data and voice networks across the corporate infrastructure. Also, consider redundancy for implementing fault tolerance. The business and technical requirements for each application to be deployed to the virtual network infrastructure should drive these decisions. Objective 2 Diagram the physical layout and components of and organizations internal network infrastructure example Figure 1 taken from a design for a customer’s VoIP infrastructure design created by Daryl Shaver Design Engineer Insight Global Clustered Video SJC-RFD-3750-1 TFTP-1 Cluster 1 Unified CM1 SJC-RFD-DIST-1 WSM Rockford (RFD) Unified CM3 IP SJC-RFD-ACC-5 Cluster 1 Unified CM5 Phones Si Si Unified CM2 Unified CM7 SJC-RFD-FWSM-1 Clustered Unified CM4 First Node TFTP-2 Unified CM6 MOH SJC-RFD-DATA-1 FB-3560-2 h FAX SJC-RFD-3550-2 Unified CM8 TFTP MOH2 3540 MCU IP Gigabit Ethernet SJC-RFD-ACC-3 Phones TFTP2 Unified Fiber Uplinks FAX Cisco Si Emergency Operations SJC-RFD-3550-3 SJC-RFD-ACC-6 Fax Manager Responder RME Server SJC-RFD-DIST-2 AP1200 SIP 3545 MCU SJC-RFD-ACC-1 Unified Phones MeetingPlace Gatekeeper Gatekeeper CMM Unity with MS SJC-RFD-ACC-4 Unified Cluster Cluster MeetingPlace Exchange SIP FB-3560-1 Phones Gigabit Ethernet Cluster 2 Cluster 2 Fiber Uplinks Video Unified CM4 Unified CM1 Unified CM6 Unified CM3 SJC-RFD-ACC-2 Unified CM8 Unified CM5 MOH2 3540 MCU SJC-RFD-3550-5 DS3 Unified CM7 TFTP2 First Node MOH Si Si SFO-ORD-3750-2 TFTP PSTN Chicago (ORD) SFO-ORD-VGW Unified San Francisco SFO-ORD-3750-1 Core-1 Core-2 MeetingPlace (SFO) Express SJC-RFD-WAN SFO-ORD-WAN-2 SFO-ORD-VGW-2 PSTN SFO-ORD-VGW-1 T1 WAN Links SRST Unified CM Unified CM Raleigh with QOS and RSVP w/ SIP Express Express (RDU) Phones RDU-WAN-2821 SIP SFO-ORD-WAN-1 Atlanta First Node/ Phones TFTP (ATL) New Toronto Unified Video York CallManager (YYZ) T1 WAN Links Gatekeeper NYC-WAN-3725 (NYC) V 5.1(1) Unified SRST SCCP with QOS and w/ RSVP Phones RSVP Gateway Agent IP-to-IP Unified Gatekeeper Gateway MeetingPlace V Express PSTN Kalamazoo Unified Gateway Unified DFW-WAN-2691 SRST (AZO) Presence Unified Unity Gateway CallManager First Node/ Unified CM Dallas Connection 4.2(3) TFTP Gateways Business Edition SRST (DFW) RSVP V V Video w/SIP Gateway Phones SCCP PSTN ASA PIX Phones ASA Gateway AZO-WAN Unified SRST w/ RSVP Unified CM1 Unified MeetingPlace Unified CM2 SRST Express SRST w/ Unified CM3 RSVP Unified Unified CM4 SRST First Node Unified TFTP/MOH SRST 4 The attributes for network infrastructure design business requirements are as follows: 1). Determine Host Connectivity Requirements 2). Determine Host Throughput Requirements 3). Create a solution based on the business requirements based on the user’s needs and then design and scale the network architecture to accommodate growth for all the supported user access scenarios including voice, video and data. 4). Determine access types and consider factors such as remote access, access from the Internet, and support for branch offices plus size the bandwidth and connectivity requirements for devices such as routers and switches. 5). Determine the network infrastructures security and regulatory compliance requirements and then diagram the physical layout and components for the organizations internal network infrastructure. Note the following figure 1.0 taken from an actual design diagram I created for a customer. 5 LAUSD Zelzah Project 08CA1588 USB Server Modems <Make and Model> WAN Ethernet Control Interface COMPACT 1> S8400 ,T ier a rr ,C G650 Media Gateway w idth nd (SIPI) <CLAN> ba <Metpro> L ink <SIPI> AN <W Avaya to Customer LAN G650 Media Gateway Link ESD GROUND JACK LAN Switch / Router <Gatekeeper (CLAN) > 10/100Base T Mbps POWER 1 2 3 4 5 6 7 8 9 10 11 12 13 14 POWER Ethernet Interface for the Link LAN FAN OR POWER FAIL FAN AND POWER OK tomer AC INPUT DC INPUT control links – uses ACTIVE RING to Cus AL> crossover cable to connect Avaya <V directly to the SIPI. Avaya to Customer LAN LAN Switch / Router Link <MedPro <T1> <Carrier> Messaging Server UPS D PSTN UPS Messaging Storage Server Analog Links Digital Links Analog Endpoint i 15 j 16 k 17 Menu Ex it Pr ev Next l 18 m 19 n 20 o 21 Speaker Mute Hold p 22 Redial Transf er Ri ng a 07 q 23 AB C DE F b 08 r 24 1 2 3 c 09 s 25 GHI JK L MNO 4 5 6 d 10 t 26 PQRS TUV WXYZ e 11 u 27 7 8 9 f 12 v 28 g 13 w 29 * 0 # h 14 x 30 Dial Plan Volume 1 2 3 4 5 6 A BC D EF 1 2 3 7 8 9 GHI J KL MNO 4 5 6 P QR T UV WX Y Z 7 S 8 9 # 0 * 0 # Digital Endpoint Analog Endpoint Avaya Endpoint LOCATION: CONFIDENTIAL NETWORK DESIGN PREPARED FOR: Zelzah REVISION <rev. #> REVISED <rev. date> PAGE 1 LOCAL AVAYA ACCOUNT TEAM: <SLE> DRAWN BY: Daryl Shaver LAUSD PROJECT: 08CA1588 Fig 1.0 customer LAUSD VoIP Server Communication design by Daryl Shaver Objective 3 Design a Network infrastructure for internet connectivity. Designing the network infrastructure to accommodate internet connectivity usually starts with provided the actual physical topology and showing what type of transmissions is to be used over some type of media which can coaxial, fiber or even satellite and is usually depicted via a circuit or link T1 or greater provided by the Telecommunication company thus allowing the network traffic to run through a main data center site or centralized site via a corporate location. 6 SJC-RFD RDU DFW-WAN-2691 NYC DFW-WAN MFR Bundle 2 T1s Relay GigabitEthernet Multilink Frame SJC-RFD-WAN FastEthernet T1 Links to Other Sites WAN YYZ DFW-4503-1 Si ATL SFO/ORD OUTSIDE-24 DFW-ASA-3550 ASA ASA DFW-2801GW INSIDE-24 DFW-DNS/ V DHCP DFW-3750-1 DFW-CUP DFW-3745GW IPS4240 Loops DATACENTER V DFW- Loops V UNITY DFW-LDAP DFW-2851GW DFW- Loops UNITYC DFW-PUB-1 DFW-SUB-1 DFW-MPX DFW-SUB-2 DFW-SUB-3 PSTN DFW-SUB-4 DFW-TFTPMOH-1 This Figure 3.0 above provides a sample diagram taken from an actual customer design with users connecting to the internet via T1’s and Gigabit Ethernet connection providing both voice and data across sip trunks. The next objective developing management and implementation strategies for networking was met by my working a solution Sales Engineer at Verizon, MCI, Computer Generated Solutions and NEC America. As part of designing a Network Infrastructure one must also consider the deployment and the implementation along the management of those systems devices with network monitoring as while. 7 The understanding of the role of the Sales Engineer as it pertains to a network management strategy for managing the network is to consider the factors involved such as creating the disaster recovery systems, storage application systems and redundant data centers for compliance with the Sarbane Oxley act. As with many enterprise, medium or small networks it is necessary to define how the network and also the communication systems, along with the switches, routers, severs, telecommunication terminating plus any other networking communication or back office systems equipment is going to be monitored. Then the Sales Engineer or Architect, systems administrators and IT staff will work together to determine if the current management strategy is adequate or if new applications, equipment, protocols and processes have considered. Then the next steps in the requirement for the overall strategy will be to identify Management components which are then integrated into the infrastructure plus any security measures systems and devices, such as firewalls, Session Border controllers etc.. These primary elements comprise any well-defined management strategy and should be considered when developing a networking management strategy. Other items for consideration within a management and implementation strategy are as follows: 1). Network Management Strategy, Network Management Group along with the development of the SNMP Applications selecting and installing the Monitoring Devices to track and report Events and alarms. 2). Network Management Groups A. Fault 8 B. Performance C. Device D. Security E. Change F. Configuration G. Implementation H. Fault Management All these items mention above are listed for the parts and pieces used herein which describes the pro-active monitoring of devices, circuits and servers for events, alarms and errors. There are software application and systems such as checkpoint, HP Open view, and Net scout Net Gen equipment used as part of a over system which specifies what events are monitored and thresholds for generating alarms. Once the alarms are generated, there is an escalation process for addressing any errors. It could be a circuit problem, a router interface or a server link. Service level agreements with local loop providers and long distance IXC for circuit repair are important as is vendor equipment repair contracts. Out-of-band router management allows troubleshooting and configuration of routers with an attached modem. The support technician doesn't rely on the primary circuit to reach the router. They will utilize a separate analog dial line with a modem connected to the auxiliary port at the router. Escalation support processes are defined that are used by the network operations center (NOC) employees for effective problem resolution. These are some typical support activities: 9 · Established Tier support levels with job responsibilities well defined for each Tier group · Defined severity levels and what Tier group is responsible · Defined response times for severity levels · Applications for trouble tickets · Established troubleshooting procedures for employees · Root Cause Analysis · Survey support groups for skill levels, identify deficiencies and plan for training programs to address that. Performance Management This describes the pro-active monitoring of device, circuit and server performance levels. That translates to monitoring and reporting on trends with device CPU, memory and link utilization, circuit bandwidth utilization, server CPU, memory and disk input/output rate. As well campus segments and device interfaces should be monitored for collisions, CRC errors and packet drops. Bandwidth capacity planning is an on-going process of monitoring bandwidth utilization trends for the enterprise network and consideration of business growth estimates. That information is utilized for developing a provisioning strategy addressing company bandwidth capacity needs. The dynamic nature of an enterprise network is such that new locations, employees and application deployments will increase network traffic and utilize available bandwidth. Trend monitoring tools are typically run from the network 10 operations center and focus on enterprise traffic patterns and performance of circuits, routers and switches. RMON is a popular protocol that is utilized for monitoring router, switch and campus segment performance with probes at various offices across the enterprise. Information can be collected at all layers of the OSI model for statistics on utilizations, packet size and errors. In addition there are specific SNMP applications designed for bandwidth capacity planning. The bandwidth provisioning strategy could involve faster campus and WAN equipment, increased bandwidth for circuits, quality of service protocols or a combination of any of those elements. Security Management This describes the management of device and server security that is consistent with the policies of the corporation. Typical devices are firewalls, routers, switches, TACACS servers and RADIUS servers. Security includes community strings, password assignment, change policy, dial security and Internet security. Device Management This describes the maintenance of a database inventory that lists all campus and WAN devices, modules, serial numbers, IOS versions, server documentation and design. It is important that companies keep information on these assets for support and warranty issues. Configuration Management 11 This describes the process of configuring, and documenting devices, circuits and servers on the enterprise network. A process for configuring new equipment, modifying current equipment and maintaining TFTP servers should be established. Those scripts should be saved to TFTP servers and documented for later use with subsequent configurations. Build a directory structure with a folder for each equipment type and subdirectories for model types. Change Management This describes a process for approving and coordinating device configuration changes and is essential for network availability. Staff members that make unapproved changes without alerting affected departments can cause problems if the changes don't work and are made during busier times of the day. Any changes to the production network should involve at least the network operation center and someone from the engineering group. As well it could be important to let the application developers know of network changes. Any change management process should have these components: Review Process · Affected departments consider impact of changes and discuss concerns · Proof of concept and quality assurance testing · Develop a timeline for changes approved by all departments · Departments plan contingencies should there be network issues · Approval process: software manages and records approvals from groups 12 · Pro-active monitoring of unauthorized changes Implementation Management This describes the process for managing new implementations such that there is no disruption to the production network and the implementation is efficient and effective. These are some network operations center (NOC) activities that should be part of any typical implementation management strategy. Consider vendor support contracts for support with configuration scripts, testing, and design since that will promote an effective implementation. Standard Network Operations Center Activities: 1) Turn on circuits and ping all new devices to verify connectivity 2) Modify SNMP applications at network operations center for pro-active fault and performance monitoring of new devices 3) Verify devices are SNMP enabled and security is applied 4) Update the inventory database and save configuration scripts to a TFTP server SNMP Applications There are a myriad of SNMP applications on the market that focus on managing servers, devices and circuits. An enterprise customer will sometimes employ several applications including their own software that address each management group. The SNMP version that is implemented should be noted at each device and server. This is a list of popular commercial applications and how they could be utilized. 13 Monitored Devices and Events Typical devices such as routers, switches and circuits are configured and monitored with SNMP applications. Thresholds are defined for each event that will trigger an alarm when that is exceeded. A polling interval is configured for each event, which describes the time interval between sending of status information from device to network management station. An example would be a router CPU utilization threshold of 60% and a polling interval of 10 minutes. The back ground information provided here in the remaining pages of this essay shall apply to the overall defining of the basic responsibilities for my duties and life experiences from that of a network systems administrator to the design and Sales Engineering roles covering most of my 18 years within the Networking industry. The duties can be broken down as follows: (1). Provide Systems IT department leadership and supervision techniques, client systems service strategies, and set standards of personal ethics for the integrity of the IT departmental Systems and those who access them. (2). Administer user accounts, access and resources on computers running server operating systems software in a corporate networked environment. (3). Modify user and computer accounts, also adds move and changes. (4). Enable systems resources for access to various systems with permissions, manage access to files and folders using permissions, and manage permission inheritance. (5). Provide support for remote users with VPN and other remote access networking systems tools, along with security and network-wide printing server systems. 14 (6). Develop IP addressing schemes and also construct IP addresses for each department and isolate addressing issues associated with the IP routing process. (7) Consider Data center recovery solution and Plan for a computer disaster, also assign equipment systems and the features of server’s operating systems to prevent a disaster or recover when one occurs. The system administrator must also consider some network infrastructure issues also; network architecture refers to the concept of isolated components which are put together in such a way that would allow for communication, usually across some type of transmission achieved through signals. These components can usually be broken down into categories which are depicted as 1).Hardware, 2). Software and lastly for the third category which includes all other devices and collective components which make up the network and allow them to interact directly or indirectly. The next item a systems administrator should consider is Troubleshooting the boot process for PC’s and other system related issues. The Boot process or Bootstrapping is the term used when a systems is switched on. The Boot process in steps: The first step is loading and initialization of the kernel in the UNIX systems. The Windows systems boot up process has a list of detailed procedures that the system undergoes to perform all system checks and load all necessary files to bring the computer to an operable state. The UNIX system after loading the kernel does the device detection and configurations, also starts the creation of spontaneous processes for its system. 15 Then within a UNIX boot process you have what’s known as the operator intervention, more commonly referred to as single user boot only. The UNIX systems also have some built in scripts, which can be used for execution at the system startup. The UNIX system can also boot up and use scripts for multi-user operations. The Windows system does a power up self test, and once the test is successful, the microprocessor will then trigger the BIOS to perform a series of operations. Then the windows system will attempt to go through a sequence of devices to load based on the settings stored in the BIOS, starting with the floppy drive if the floppy does not contain the startup boot files it will go to the next device. The next step is the boot-loader or the operating system loader file – NTLDR, found in the primary partition loader code. The next item in the process is the Boot.ini file this process is the NTLDR which will then pass all information from the Windows registry and Boot.ini file into Ntoskrnl.exe. The next boot phase is the Ntdetect.com program which collects and configures all installed hardware devices along with any communication ports. The finally the boot process completes by creating the access security which is the Winlogon.exe, which then allows a user to access the system. The Systems Administrator, must be able to use process management to develop methods for simplifying administration in a heterogeneous network environment, most administrators use tricks and techniques developed by one’s own knowledge and experience. However is important to note that most operating systems have tools and utilities built into the systems to help with the process management of systems. 16 The main mechanisms, for this area is the use of key utilities, command-line chains, and scripts that are used to simplify different processes within these systems. The Windows environment uses some built in tools for these processes called extension mechanisms, such as the Object Manager, Process Manager, and Registry edit, used by most systems administrators for process management. These Processes can be broken down further by some action a systems administrator should be familiar with such as the following examples: 1). Real-Time Applications and how to apply them to an organization. 2). Real-time priority classes for VOIP and other applications. 3). Deferred Procedure Call (DPC) 4). Responding To External Events 5). Real-time applications and the use of interrupts 6). Multiprocessor Systems, Asynchronous I/O, Device drivers, Priorities and Scheduling. My introduction to computer systems and administration began back during the late 1990’s where I worked as a help desk technician as a contractor for ANALYST INTERNATIONAL CORPORATION, where I begin working on trouble shooting PC’s, Servers and networking devices, this exposed me to the first layer of security and the use of directory services for the management of user accounts and access, or in today’s terminology the physical security and LDAP administrations, because I worked for companies running multiple servers on multiple platforms it was very important to understand and utilize the directory services to enhance the administration of these systems in a timely manner which would allow me to quickly handle user accounts and resources and access/ permissions. 17 To illustrate my point let me provide a real world example as follows: Example1. Using the Directory services is important when changing the Domain Admin Password. Exmple2. When changing a Lost Domain User Account, and also using the Control (UAC) Error Messages, found within the user account control policy statements. This can be found by using the Directory Services Restore Mode utility. The Directory services resource most commonly used be most systems administrators would be that of (Lightweight Directory Access Protocol), or LDAP for short, which has been proven to be the answer for many system administrators in today’s IT systems environments. The use of LDAP allows an administrator to integrate a directory server into essential network services across multiple platforms and operating systems, like Microsoft with its active directory along with NOVELL, UNIX, Mac OS X and most Linux for distributions such as mail, DNS, HTTP, and SMB/CIFS etc. The other aspects of that job related to computer systems administration include security as it provided me with the working knowledge of how computers worked from the mainframe to the desktop. This also provided me with the ability to identify and evaluate the administrative, technical and physical security controls for the company as I moved up through the ranks going from help desk to network design consultant. The next items I learned was that of making sure we had the right policies and procedures in place to implement administrative controls, with strong passwords policies for system and network users, card key access to the Data Center, along with the technical controls for the IT infrastructure, which is done by encryption, network segmentation of the LAN. 18 The next development in my career was the training I got from both on the job training working with various enterprise networks as well as, vendor training such as CISCO, Nortel, Microsoft, etc. During the next phase of my career I became a Network design engineer with MCI Corporation; this provided me with a wealth of knowledge and experiences a traveling from one customer site designing networks to another, including the US Postal service network and The GMAC network. The fact that I became a senior Network design engineer allowed me to broaden my skills. This where a met all the objectives of working with Operating Systems and Practical Networking: My main duty or responsibility was to present and design networking solution for fortune 500 companies that were of a nonstandard design meaning very complex, having various components of Voice, Video, and Data. The main aspect of developing a network design centered on fundamental networking concepts, components and functions. The first step within designing a network is gathering the customer requirements, and then determining the data communication signal methods needed to make sure the transmission characteristics meet the needs to present the right amount of bandwidth or signal strength. These operations start with what the customer requirements are which can be as simple as what type of signal is needed such as baseband or Broadband, analog or digital. The next steps can be that of what type of transmission are needed such as Asynchronous or Synchronous in other words start/stop transmission based on character oriented protocols vs. Using byte oriented protocols. This was a big part of network design during the early nineties because of the use of Mainframes, mostly IBM and ATM machines connections for networks 19 such as banks and other intuitions using synchronous transmission. This is where things like BISYNC, ASCII and EBCDIC transmission codes come into play vs. asynchronous transmission which to say stop 7 data bits then start. The Network is simply connecting two or more computers to allow them to share information. These computers can be connected by means of cabling which are electrical or via fiber-optic cables, wireless radio signals also. During my career I have designed various types of networks from PBX voice networks to radio networks such a Page Net a company I worked for back when pagers were used before the cell phone was made available for individual use outside the military. The network is designed for the sharing of resources and the exchange of information, such as documents emails etc. The components of the network are devices such as computers or PC’s called clients and servers, routers, gateways, switches, hubs, also software to allow and enable communications mentioned above. The other hardware components consists of data communication devices such multiplexing for Time Division Multiplexing and Frequency Division Multiplexing which allow for the utilization of channels such as a T1 line for example then there are thing like , modems, also network interface cards found within the computer internal or external The next objective is demonstrating how networks are linked networks can be linked in a number of different way depending on the protocols network standards, distance, network type meaning LAN or WAN and what type of transmission being used for the actual connection. These links usually reside at the upper layer protocols that make up the bulk of a particular type of network, let’s use and older protocol such as SNA for example used with 20 IBM mainframes, the host device is physically connected via multiple transmission lines these as real objects connected within the network. These lines can form what is known as transmission groups, which allow data to move to certain segment within this group to another allowing a specified throughput. This simply means you have a host devices with let’s say three physical lines connecting two other devices these three lines are consider a group and used for the data flow. There is also a logical consideration called a path, this how the data is pass along through these transmissions or route for the data along a certain logical path to determine the best route or path from one device to another. The next idea to show how I mastered this objective would that of the network topology, which is considered the shaping of how the computers and components are connected to each other. The first network device is called a node, this simply a computer within the network, the next item is called a packet, which is the data packages as a message sent over the network from node to another. These topologies describe how nodes are strung together on interconnected for LANS or WANS. The most simple topology is called the bus which is mostly found on LAN’s this where the entire network is viewed as being connected with a single cable, in this type of topology every nodes listen to the packets being sent across the network and make a determination whether or not this packet is intended for them. The next topology is the star, which is as it sounds all nodes are connected to a central devices called a hub or switch. The next topology is what known as the ring topology, this where you have the data sent around a ring from computer to computer, each node looks at 21 the packet to see if it is meant for their use and in passed on, the most common example of this would be the old IBM token ring with speeds for 4 to 16 megabits. The next topology is called the mesh which means you have multiple connections between each node, mostly used in WANS. The next objective is that of cabling, like most IT engineers who started working on the help desk I ran cable, this where I learned about the different cable types, such as your typical Ethernet cable which is made up of four wires inside a single cable or better known as the twisted pair which uses two pairs. The most common UTP cable is the category 5 with speeds from 10, 100 and cat 6 up to 1000. The other cable used today is the coaxial used for video today, based on the old thin net with speeds of ten Mbps; this cable uses the BNC connector. The other thing one should consider is what type of network interface card to use be that it Ethernet UTP based 10/100 depending on what type of hub or switch you are using, maybe a high speed connection such an Gigabit or even fiber which is still too expensive for the common everyday user, however into today’s world even wireless cards are the most commonly used for both home and work. There is another cables which is the fiber cable used mostly for optical networks such as ATM, SONET, DWDM, However we know have fiber to the home such as ATT u-verse and Verizon FIOS. When selecting cable it depends or the distance and the amount of capacity needed to support the amount of traffic going across these wires or radio spectrum if we are taking wireless and radio waves. 22 The Next Objective the OSI reference model. I mastered this objective by attending training from Cisco Systems, Microsoft, IBM, Verizon, And other training vendors and certification and from actual working experience, before we talk about the OSI model, I must address the understanding of standards, which are agreed upon definition for the use of protocols within the networking world. These standards are used to govern the development of standards for protocols, which allow universal standard from a mixture of vendors. These organizations can be broken down as follows: 1). the American National Standards Institute (ANSI). 2). The IEEE which is Institute of Electrical and Electronics Engineers, mostly known for the Ethernet networking standard, IEEE. 802.3, however it is important to note Ethernet was invented by the Xerox Corporation. 3). The IETF Internet Engineering Task Force, responsible for protocols which drive the internet. 4). W3C is the last World Wide Consortium, responsible for the development of standards for the web. The OSI is a seven layer model used for the governing of various aspects of how the computers should communicate and provides an outline for network operation which can be addressed by many deferent vendors and manufactures IT operations network carries etc. The OSI model or the Open Systems Interconnection Reference model is used as a basis for breaking these standards into seven layers as follows: 1). The Physical Layer which include the actual connections such as cabling, devices such hubs, switches and repeaters. Example cat 5 or 6 Cable such as Ethernet connecting two or more devices. 23 2). The Data link or layer 2 which is for MAC addressing for providing a way for nodes to identify themselves with a unique address, sent over the physical layer. Let’s say For example; the packet sizing of data being sent across the network. 3). the network layer or layer 3 this how routers and layer 3 switches handle routing data across network segments. Example TCP addressing 192.168.0.1 4). this Transport Layer or Layer 4 which simply provides reliable delivery of packets across the network. Example TCP and UDP establishing connections between network devices, by acknowledging packets made it through the network without corruption. 5). The Session Layer or Layer 5 this where you would setup sessions between network application, today’s big buzz in the VOIP world SIP. Let’s say for Example, conversations between networked devices simplex, half duplex and full duplex. 6). The next is called the presentations layer or Layer 6, simply converts data so that different systems can read the format and exchange information. An example of this is the conversion of ASCII to EBCDIC. 7). The higher level or application layer known as layer seven which is for network service request. An example her would be that of services SMTP, FTP file transfers and downloads telneting into a router to configure it. The next Objective is to describe how networks grow for LANS to WANS, I lived this objective in the old days of using hubs and switches networks mainly used the LAN to segment traffic from the hubs and switches clients and servers, this was due to the 80/20 rule. However as networks grow and companies expend their operation across larger geographical areas they needed to communicate across various media and also the advent of the Network 24 operating systems. The development and expansion of the Internet played a major role in the need for LANS growing into WANS, Higher bandwidth better applications global marketing. The next objective is to discuss systems administrator duties in various Oss environments. I meet this objective early in my career working as a consulting for Analysts International, where I was contracted out to various companies as a network administrator. My duties consisted of the following: 1). Main duties: Oversee day to day computer network operations to ensure that they function smoothly, handle ads, move and changes, 2). Handle all configurations for the severs from UNIX to Microsoft Windows NT and other back office system servers such as Lotus Notes and Microsoft Exchange. 3). Make recommendation to corporate clients and department about various program to help the information flow of Data, Voice, and Video run smoothly. I as a contract network administrator, I worked with various Network operating systems from Novell 2.2 to IBM OS2 and UNIX systems in the late 80’s and early 90’s, this allowed me to earn some certifications from the University of Texas at Arlington, covering UNIX and some systems programming. Then I begin to work with RAID 5 disk arrays for storage and backup of company data, also working some data base applications such as Fox Pro, SQL and a application known a Pacer Share, which allowed for the conversation of UNIX to Macintosh at Nortel Networks, then known as Northern Telecom. The other duties as assigned were to ensure that application and updates also patches was pushed out to the users via Systems Management Server (SMS), other aspects of the job or secondary functions was the monitoring and the performance of the network also troubleshooting any problems such as 25 slow performance or network crashes using tools such as HP Open View, and other packet analyzers, along with FLUKE meters to test our network cabling. The next objective of how to integrate various OS on multiple platforms was a part of my daily job duties from client to client and project to project, I worked with all kinds of operating systems from IBM SNA with the Network server (IBM Netfinity 7000) interoperating with Microsoft Windows 95 and Microsoft Windows NT platforms. One of the major duties was ensuring that there was network compatibility, some of simplest sounding problems were some of the hardest to solve such as file naming conventions from MAC OS to UNIX and also windows. This is where terms like Heterogeneous networks or open systems come into play with large Enterprise Data Centers, having many operating systems and platforms also disaster recovery and back systems such as SNA storage area networking become very important to Network Administrators. Selecting the back office system to address the needs of the company and HR and IT policy’s play and strong role in the job of the network administrator, some of the key function for selecting the right OS’s and the integration include enterprise-wide applications for scheduling and automation for system such as the Windows environments and platforms also, Unix, Linux, OS/400, Tandem, z/OS and OVMS are all key consideration, that I experienced as a contract Network Administrator ( reference attached resume from ELP package along with PowerPoint’s for the Operating Systems training I developed). 26 My duties within this position were to work with clients in developing their security requirements, covering all topics from physical security, such as lighting, fencing, device locks, and UPS or surge protection to the development of SLA’s within the telecommunication aspects, also with other items like security management practices such as risk reduction by performing a quantitative analysis and risk assessments. While performing the duties of a network design engineer, I had the opportunity to evaluate numerous client networks and design many access control systems and methodologies using centralized access control such as RADIUS and TACACS also DIAMETER, which can be used in maintaining and controlling user ID’s, access rights and permissions. Also developing and writing network usage policy statements for example “The Dshaver Consulting firm computer network is the property of Shaver Consulting INC and is to be used for legitimate business purposes. Users are provided access to the computer network to assist them in such matters including performing said duties associated with conducting aspects of his or her job responsibilities”. During the early nineties, Network design was very crucial, many companies began upgrading their networks due to the IT communication boom opened up by the Telecommunication Act of 1996, at this point a was very much engaged in all phases of network design training and presentations to customers, I have included some of my training presentations as Artifacts for this credit request, most of my training was learned on the job and outside vendor training from many of the major Network equipment manufacturers, such as Cisco, 3Com, Nortel, and there was also training from Microsoft, Computer Associates and many other Software companies. 27 As a Sales Engineer my role was changed somewhat heading into 2000, my duties included designing and presenting solution for various fortune 100 companies, this allowed me to continue learning and providing knowledge of various type of Security Systems which are a vital part of Networking solutions, such as Applications and Systems Development, many of these solutions I designed covered techniques such as (1). Identifying the system development life cycle, Database design, understanding failure states, all of these action help in explaining to customer process and procedures needed for securing their networks. My responsibilities under the requirements to become a senior sales engineer, allowed me to develop a understanding of all phases of Computer Systems from programming to the communications from network to network, from the server farm to the MDF and IDF’s, from the physical layout and equipment, to the deployment of various types of logical designs for internal and external systems also developing and designing and implementing disaster recovery plans along with Business Continuity of the data centers, call centers and operations for corporate systems and application. With the training and experience I gained in the Telecommunications business working for MCI, GTE, Sprint, AT&T also Verizon, allowed me to significantly enhance my career opportunities and eventually become a Sales Engineering Manager, this provided me the skills necessary to build to team of engineers in which I was responsible for all aspects of their training, in which I had to explain the importance of companies adhering to Laws, Ethics and investigations, such as RFC 1087 which what activities are unethical, and the ISC2 code of ethics, which is to protect society or the commonwealth and the infrastructure. 28 Picture the change : As I was suddenly ask to be responsible for Computer Crime Investigations for my team as whiles making sure our clients did not violate in any laws by not implanting our network design properly or meeting or SLA, requirements, There are many aspects in Computer Crime Investigations such as: Planning and preparing, by laying out the right policies and procedures, also providing training, having a team of engineers or staff to secure and isolate the scene, to prevent contamination, answer official’s questions, help with interviews of suspects and witnesses. The other components we had to make where in place was incident- reporting and responses procedures. Another big problem we in countered was misuse of our network and computers there were we had to develop standards for computer forensics procedures. With the training and experience gained from over almost 20 years within the IT business, I was able to become a Sales Engineering Manager, also a Business Development Manager, and Product Manager all within the Telecommunication world, which allowed me a wealth of knowledge and training, which is the reason why I am now seeking credit through the ELP process. Documentation and Evaluation of Learning Achieved: UNIX Certified Systems Administer University of Texas at Arlington, TX (1995) Cisco Certified CCDA (2007) Ericsson IPT Certified (2000) Verizon Engineer Data Training satisfactory results on examinations PowerPoint Presentations used by me for customer training and conference. 29 Training Camp Certificate of Accomplishment covering: the topics such as the, OSI Model & Layered Communication, Network Management, WAN services, LAN Technologies.
Pages to are hidden for
"ELP Credit Essay for IT - Home"Please download to view full document