V.Ivanov - PowerPoint PPT Presentation

About This Presentation
Title:

V.Ivanov

Description:

JINR Network Security, Failover Measures, Network Monitoring V. Ivanov ... Controlled-access (Cisco PIX-525 firewall) at the entrance of the network. – PowerPoint PPT presentation

Number of Views:60
Avg rating:3.0/5.0
Slides: 16
Provided by: STRIZH
Category:
Tags: cisco | firewall | ivanov

less

Transcript and Presenter's Notes

Title: V.Ivanov


1
JINR Network Security, Failover Measures,
Network Monitoring
V. Ivanov Laboratory of Information Technologies
2
Leaders from JINR V. Ivanov V. Korenkov
Leader from Germany H.Frese
Period of realization 2003-2006
Resources in 2004 (funding from BMBF) 25 k
Purchase of materials and equipment (k) 25 k
3
JINR Gigabit Ethernet infrastructure
creation 2003 - first step More than 10
kilometers of 16-wire single-mode fiber optic
cable were placed into so-called cable
canalization in the form of a ring on LNP site,
and as a cable segment to the LHE-LPP site. In
cooperation with a federal Naukograd Dubna
programme 1.5 kilometers of fiber optic cable
connected the JINR network with the Dubna-City
network.
4
(No Transcript)
5
Installation of the Gigabit Ethernet equipment
Gigabit Ethernet Interface card for the main
Catalyst 6509 switch and Cisco Catalyst 3550
family switches (8 devices with optical gigabit
interfaces) in the Laboratories and
Administration.
6
N Item of expenditure Firm Plan, k Actual, k Realization stage
1. Equipment for Gigabit Ethernet backbone structure        
  Cisco Catalyst 3750G-24TS-E USA 7,95 7,90 completed
  Cisco Catalyst 2970G-24TS-E USA 4,50 4,33 completed
  Subtotal,()     12,23  
  8xDGS-703 1-port Gigabit Fiber Converter, LX USA 2,73 2,73 canceled
  2xDGS-707 1-port Gigabit Fiber Converter, SX USA 0,32 0,32 completed
  4xDEM-311GT 1-port mini-GBIC SX MM USA 0,65 0,65 completed
           
2. Main Network Centre Structure        
  6xDES-3226S Switch 24x10/100Base-TX,19" USA 2,48 2,48 completed
  6xDES-132T Module 2x1000Base-T USA 0,66 0,66 completed
  HDD Maxtor 80 GB 6y080P0 DiamondMax Plus 9 USA 0,06 0,06 completed
  Cannon MF 5630 Japan 0,40 0,40 completed
  Subtotal,()     7,30  
  Air Conditioner "Gree" China 5,25 5,25 completed
4. Other expenses     0,22 completed
           
  Total (k)   25,00 25,00  
7
In March 2004 after tests of the lines quality,
conductivity tests, etc., the Gigabit Ethernet
backbone was put into operation
8
In the year 2004 The network of Laboratory of
Information Technologies was left as a part of
the JINR backbone, meanwhile the rest JINR
divisions (7) were isolated off backbone with
their Catalyst 3550 switches.
Controlled-access (Cisco PIX-525 firewall) at the
entrance of the network.
9
(No Transcript)
10
As a result, we have star-like logical
topology of the JINR Gigabit Ethernet backbone
with the Cisco Catalyst 6509 and Cisco Catalyst
3550 switches in the center of the core, and the
Cisco Catalyst 3550 switches in 7 JINR divisions
(in 6 Laboratories and in the JINR
Administration), and Cisco Catalyst 3750 switch
in LIT.
11
  • Characteristics of the network
  • High-speed transport structure(1000 Mbit/sec)
  • Security-Controlled access (Cisco PIX-525
    firewall) at the entrance of the network
  • Partially isolated local traffic (6 divisions
    have their subnetworks with Cisco Catalyst 3550
    as a gateway).

12
Network Monitoring Incoming and outgoing traffic
distribution
Total year 2004 36.1 Tb Incoming
Total year 2004 43.64 Tb Outgoing
13
(No Transcript)
14
What issues have to be solved next Partitioning
the entire JINR network, when the JINR network
address space will be subdivided into 8 parts in
accordance with the number of main JINR divisions
(7 Laboratories and Administration), in order to
use the JINR network backbone only for transport
purposes, and to increase security
level Measures to provide fail-over system
level with required redundancy of the backbone
components Network security issues network
security provision is a process, which needs new
ideas, security state monitoring and analysis,
resources in hardware, in software, and human
resources System to monitor and control the
network performance.
15
The solution is to enforce the core of the JINR
backbone. With the goals to raise the level of
reliability, availability, and avoid a single
point of failure in the core, we consider the
installation of the Cisco Catalyst 6506 switch
with similar set of modules, as the main 6509
switch has. Both 6509 and 6506 switches will work
in parallel in the core of the backbone. In case
of any component failure in either switch, the
core of the backbone will be still alive, and
after repositioning of the clients fiber optic
pairs from a failed switch the whole network
will provide access to its services giving time
to repair the failed equipment.
Table of expenditures within the project in 2005
? Item of expenditures Firm Price, EUR Quantity Sum, EUR
1 Catalyst Switch 6506 Cisco Systems 50000 1 50000
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "V.Ivanov" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!