Putting the Network Redesign Principles and Concepts into Practice

Similar documents
Cisco Meraki MX products come in 6 models. The chart below outlines MX hardware properties for each model: MX60 MX60W MX80 MX100 MX400 MX600

Cisco Meraki MX products come in 6 models. The chart below outlines MX hardware properties for each model: MX64 MX64W MX84 MX100 MX400 MX600

White Paper. Using VLAN s in Network Design. Kevin Colo

CCT vs. CCENT Skill Set Comparison

How To Manage A Network Management System (Hitachi)

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

CGN Deployment with MPLS/VPNs

DALLAS INDEPENDENT SCHOOL DISTRICT PURCHASING DEPARTMENT ADDENDUM No. 2 NETWORK ELECTRONICS

SEC , Cisco Systems, Inc. All rights reserved.

IOS NAT Load Balancing for Two ISP Connections

Network Security. Mike Trice, Network Engineer Richard Trice, Systems Specialist Alabama Supercomputer Authority

Securing end devices

Cisco Discovery 3: Introducing Routing and Switching in the Enterprise hours teaching time

vcloud Air - Virtual Private Cloud OnDemand Networking Guide

VMware vcloud Air Networking Guide

CloudStack Networking. Paul Angus Cloud

Document No. FO1101 Issue Date: Work Group: FibreOP Technical Team October 31, 2013 FINAL:

SSVP SIP School VoIP Professional Certification

SSVVP SIP School VVoIP Professional Certification

Deployment Guide AX Series for Palo Alto Networks Firewall Load Balancing

NETE-4635 Computer Network Analysis and Design. Designing a Network Topology. NETE Computer Network Analysis and Design Slide 1

Enterprise Network Solution

Network Architecture Validated designs utilizing MikroTik in the Data Center

Disaster Recovery Design Ehab Ashary University of Colorado at Colorado Springs

Networking 4 Voice and Video over IP (VVoIP)

Enhancing Cisco Networks with Gigamon // White Paper

INTRODUCTION TO FIREWALL SECURITY

SIIT-DC: IPv4 Service Continuity for IPv6 Data Centres. Tore Anderson Redpill Linpro AS 8th Belgian IPv6 Council, Bruxelles, November 2015

Cloud and VM Based Security

IP Telephony Management

Move over, TMG! Replacing TMG with Sophos UTM

SECURE AVAYA FABRIC CONNECT SOLUTIONS WITH SENETAS ETHERNET ENCRYPTORS

Real World IPv6 Migration Solutions. Asoka De Saram Sr. Director of Systems Engineering, A10 Networks

Buyer s Guide to Automated Layer 2 Discovery & Mapping Tools

VLAN 802.1Q. 1. VLAN Overview. 1. VLAN Overview. 2. VLAN Trunk. 3. Why use VLANs? 4. LAN to LAN communication. 5. Management port

Network System Design Lesson Objectives

Open Source Network: Software-Defined Networking (SDN) and OpenFlow

Shortest Path Bridging IEEE 802.1aq Overview

BROCADE NETWORKING: EXPLORING SOFTWARE-DEFINED NETWORK. Gustavo Barros Systems Engineer Brocade Brasil

Set Up a VM-Series Firewall on the Citrix SDX Server

IPv6 Fundamentals, Design, and Deployment

IPv6 Network Management.

Cisco Certified Network Associate Exam. Operation of IP Data Networks. LAN Switching Technologies. IP addressing (IPv4 / IPv6)

AUGUSTA TECHNICAL COLLEGE INFORMATION TECHNOLOGY PLAN

Enabling Multiple Wireless Networks on RV320 VPN Router, WAP321 Wireless-N Access Point, and Sx300 Series Switches

Automating Network Security

IPv6, Perspective from small to medium ISP

Designing Virtual Network Security Architectures Dave Shackleford

ICTTEN6172A Design and configure an IP- MPLS network with virtual private network tunnelling

Rohde & Schwarz R&S SITLine ETH VLAN Encryption Device Functionality & Performance Tests

HughesNet Broadband VPN End-to-End Security Using the Cisco 87x

VLAN and QinQ Technology White Paper

Residential IPv6 IPv6 a t at S wisscom Swisscom a, n an overview overview Martin Gysi

ProCurve Networking IPv6 The Next Generation of Networking

How Cisco IT Protects Against Distributed Denial of Service Attacks

Enterprise Data Center Topology

DDoS Protection. How Cisco IT Protects Against Distributed Denial of Service Attacks. A Cisco on Cisco Case Study: Inside Cisco IT

Effective Security Architecture for Virtualized Data Center Networks

SRX High Availability Design Guide

Project Scope Statement

Networking Devices. Lesson 6

Application Delivery Networking

Status of Open Source and commercial IPv6 firewall implementations

Application Note. Stateful Firewall, IPS or IDS Load- Balancing

SonicWALL Clean VPN. Protect applications with granular access control based on user identity and device identity/integrity

Information Security Assessment and Testing Services RFQ # Questions and Answers September 8, 2014

Values Customer Satisfaction: It is our personal responsibility to satisfy and strive to exceed the expectations of our customers

Designing for Cisco Internetwork Solutions

Top-Down Network Design

Virtual Machine in Data Center Switches Huawei Virtual System

Constructing High Quality IP Core Network

Replacing Expensive MPLS

HP TIPPINGPOINT ADAPTIVE REAL-WORLD SECURITY. Stefan Schmid Sales Manager Central & Eastern Europe & Middle East s.schmid@hp.com

Meraki Wireless Solution Comparison

Software Defined Networking A quantum leap for Devops?

Network Infrastructure

Description: Objective: Upon completing this course, the learner will be able to meet these overall objectives:

the about MPLS security

Installation of the On Site Server (OSS)

VoIP Resilience and Security Jim Credland

NXC5500/2500. Application Note. Captive Portal with QR Code. Version 4.20 Edition 2, 02/2015. Copyright 2015 ZyXEL Communications Corporation

SOFTWARE DEFINED NETWORKING

Joint ITU-T/IEEE Workshop on Carrier-class Ethernet

Norfolk Community Fiber Optic Network

CHAPTER 6 DESIGNING A NETWORK TOPOLOGY

Smart Tips. Enabling WAN Load Balancing. Key Features. Network Diagram. Overview. Featured Products. WAN Failover. Enabling WAN Load Balancing Page 1

ISOM3380 Advanced Network Management. Spring Course Description

Please purchase PDF Split-Merge on to remove this watermark.

Transcription:

Putting the Network Redesign Principles and Concepts into Practice Using the network design and concept principles that have been recently established, Networks has begun to implement its new design. The presentation will show the design, implementation status and future phases and how it will affect you. Gary Bauerschmidt IT Networks gbauers@unm.edu

Purpose of RFP The purpose of the RFP is to solicit recommended Design Principles for a consolidated IT Network Infrastructure

Network RFP Update If you don t know where you are going You ll probably end up somewhere else. Lou Sullo/ Director IT Networks Gary Bauerschmidt/ AD Networks University of New Mexico lsullo@unm.edu / gbauers@unm.edu

Network Design Concepts Conceptual Simplicity Appropriate Sized Pipes Flexibility Holistic Security Continual Improvement Test Documentation

Network Design Principles The Network Core Wireline and Wireless Data Facilities Appropriate Security

Network Redesign 2012 Phase III - Deploy Louis Sullo

Timeline Phase I Phase II Phase III

Deployment Use Network Design Concepts Use Network Design Principles Install and Swap Out Equipment

Network ReDesign Continuing Refresh Uplifting Branch Campuses Los Alamos Complete Gallup Nearing Completion Taos Proposal Review Uplifting Intensive Nodes DataCenter 10 Gig Complete

Intensive Nodes

Network Core ReDesign Discovery Phase Cisco, HP, Juniper Comparing Designs Beta Testing SDN (Software Defined Network) Open Flow

Network Roadmap

More than 15 years Ago What is the life of Fiber?

Have to Replace Fiber George Thorning IT Networks Facilities

How do we Call

How we will Call Mark Reynolds IT Networks Services

Lou Sullo Network Team IT Networks Director Mark Reynolds IT Networks Services Gary Bauerschmidt IT Networks Transport George Thorning IT Networks Facilities

UNM Network Logical Diagram Internet 1 NM ISP TP IPS ACLs Level3 WRN Level3 TP IPS ACLs Core1 Core2 ABQG FW Fiber Zone Hub 1 FW Fiber Zone Hub 7 Fiber Zone Hub Buildings Buildings Experimental Networks CS Virus Pilot IPv6 Pilot Building Business/Research Network IPv6 Pilot MDS

Provider Bridging PROVIDER BRIDGING 802.1AD Provider bridging is conceptually pretty simple, vlan stacking or QinQ (802.1Q in 802.1Q). The customer traffic is identified by a Vlan ID (VID) referred to as the C- tag (customer VID) in the 802.1Q framing format. When the C-tagged frame goes upstream to the service provider, it is encapsulated again by the carriers provider bridging edge network. Using 802.1ad encapsulation, the C-tag is then wrapped up with an S-tag (Service VID). Encapsulation in the carrier network allows for overlapping customer VIDs.

Provider Bridging POS VoIP Data One Data Transfer One Time Classroom Technologies

Network Design Concepts Use Concepts for Network Security Conceptual Simplicity Appropriate Sized Pipes Flexibility Holistic Security Continual Improvement Test Documentation

Network ReDesign IPS and FireWall Deployment

Network Security Roadmap Phase I Deploy Currently Firewalls, IPS Phase II Ongoing Review & Early Discovery NAC, VPN, AD, Web, Integrating AD - Wireless

Intrusion Protection System (IPS) HP (Tipping Point) Selected Deploy into Production Jan 31, 2013 Current Config Digital Vaccine twice/week Dual Boxes for High Availability Reputation Filtering Weekly Meeting to Review Rules

FireWall Palo Alto 5060 20Gbps throughput Dual Boxes Currently in Bid Process Completed Will install in audit mode - Done Tighten down with rules to deny all - Weekly meet to approve Rules into Production

Do we need IPv6? Private IP address ranges The ranges and the amount of usable IP's are as follows: 10.0.0.0-10.255.255.255 Addresses: 16,777,216 Only for translating to Government World

Private IP Space <-> NAT <-> IPv6/IPv4 NAT Network Address Translation

Questions Gary Bauerschmidt Associate Director, IT Networks gbauers@unm.edu

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information