Enterprise Networks 10

8/6/2019 Enterprise Networks 10

1/35

Enterprise Networks:

A nano to a giga perspective

Sridhar Iyer

IIT Bombay

www.it.iitb.ac.in/~sri


2/35

Sridhar Iyer IIT Bombay 2

What are Enterprise Networks?


3/35


What are Enterprise Networks?

Support thousands of users across a companysdiverse geographical locations

May involve hundreds of servers

Each location may look like a simple system,

but the complexity increases as these systems

are linked together

Is the Internet an Enterprise Network?


4/35


Enterprise Networks: One definition

Large

105 edge devices, 103 network devices

Geographically distributed

Multiple continents, 102 countries

Tightly controlledIT department has (nearly) complete control over

user desktops and network connected equipment


5/35


Driving force Convergence

Not about gadgets or access technologies These are actually increasing in diversity

But about servicesand applications

The quest for Anytime, Anywhere, Anyform access to

any intranet/extranet application

Enterprises need to cope with demand for newservices and applications

Supported by computing and communications fabrics

We need to understand the issues involved

A good way to begin: From the nano to the giga view


6/35


A nano level view

A single machine in an

organization Smallest component

Ex: A student in KReSIT

Hardware: Desktop/Laptop

Software: Application pkgs

Typical IT spending

Around Rs. 50,000/

Upgrade every 2 years?

Internet access?
http://images.google.co.in/imgres?imgurl=http://www.sdhis.nhs.uk/etd/images/Computer%2520User.jpg&imgrefurl=http://www.sdhis.nhs.uk/etd/&h=150&w=195&sz=12&tbnid=FREf3N1WhmQJ:&tbnh=75&tbnw=98&start=16&prev=/images%3Fq%3Duser%2Bcomputer%2Bimages%26hl%3Den%26lr%3D%26rls%3DGGLD,GGLD:2004-36,GGLD:en%26sa%3DN


7/35


8/35


Issues at the nano level

Application related

Software version incompatibilities

This program was working fine yesterday.

Performance

This is way too slow. I need a faster machine.

Network related Security

It looks like there is a virus on my machine.

Administration

I cannot remember which gateway I am supposed to use.

One solution strategy


9/35


A micro level view

A single subnet (dept) in an

organization Decentralized resource

sharing (printers, files etc)

Ex: A lab in KReSIT

Hardware: Switches, cables

Software: Security, Mgmt

Typical IT spending

Around Rs. 500,000/

(excluding desktops)

Approx 10s of machines

1 2 switches, 1000m cabling


10/35



11/35


Issues at the micro level

Application related

Resource Sharing Somebody has changed the setting on this printer.

Scalability and Performance

This is too slow during the day. Ill try it at night.

Network related Security

Somebody seems to have broken into my machine.

Administration

Hey, there is an IP address conflict.

One solution strategy


12/35


A milli level view A single entity in an

large organization 100s of users Ex: KReSIT in IIT Bombay

Centralized model for datastorage, security, running

applications and networkadministration

Hardware: Routers, Servers

Software: Applications, Mgmt

Typical IT spending

Rs. 50,00,000/ for network

Rs. 3,00,00,000/ servers

Annual maintenance cost!


10 20 switches, 2 3 routers

4 5 servers


13/35



14/35


Issues at the milli level

Application related

Sizing How many servers do I need and of what performance?

Deployment

How should I deploy my applications and other systems?

Network related Sizing

How much bandwidth do I need to keep users happy?

Security

MAC flooding; ARP spoofing; Denial of Service

Administration DHCP; Firewalls; Proxy servers; Logging

The cost to manage storage is typically twice the cost of the actualstora e s stem.


15/35


IT manager,

administrator,

already has to

deal with terrific

complexity.

The worst

possible situation

to be in is: trying

to identify, root

cause, andresolve problems

in such complex

setups.


16/35


A typical enterprise level view

A single organization

1000s of users Ex: IIT Bombay

Multiple duplicate serversand more complex network

Hardware: Routers, Servers

Software: ERP, CRM, security,accounting and other systems

Typical IT spending Requirements are ever

increasing

Bounded only by budget

constraints!

Approx 10s of locations


100s of switches, 10s of routers


17/35



18/35


Issues at the typical level

Application related

Interfaces How many interfaces should I provide for a service access?

LAN, WAN, web, handheld devices

Monitoring

How should I ensure application quality of service? Minimize down time, Auto alerts for overload

Network related

Sizing: How much Internet bandwidth do I need?

Wireless: How should I handle wireless devices?

Security:How should I setup firewalls, proxies and DMZ?

Administration: What are my authentication/access policies?


19/35



20/35


Network tier

AccessRouter

SwitchNetwork

InternetExtranet

Firewall

OSHW

DBLoad

Bala

ncer

WebServer

AppServer

SW Load Balancer

ProcessServer

Message & Event Bus

OSHW

Compute tier

Application tier

Storage

DNSServer

Network tier

AccessRouter

SwitchNetwork

InternetExtranet

Firewall

OSHW

DBLoad

Bala

ncer

WebServer

AppServer

SW Load Balancer

ProcessServer

Message & Event Bus

OSHW

Compute tier

Application tier

Storage

DNSServer

Tiered View of an Enterprise

Source: Umesh Bellur, IIT Bombay


21/35


A kilo level view

A national network for a

single organization Ex: LIC, NSDL

Need to lease lines or

use routing servicesprovided by ISPs.

Creation of a Wide AreaNetwork Backbone

Typical IT spending Varies from tens to

hundreds of crores

Approx 100s of locations


1000s of switches, 100s of routers


22/35


DirectoryDirectory

and Securityand Security

ServicesServices

ExistingExisting

ApplicationsApplications

and Dataand Data

BusinessBusiness

DataData

DataData

ServerServerWebWeb

ApplicationApplication

ServerServer

Storage AreaStorage AreaNetworkNetwork

BPs andBPs and

ExternalExternal

ServicesServices

WebWeb

ServerServer

DNSDNS

ServerServer

DataData

Dozens of

systems and

applications

Hundreds of

components

Thousands of

tuning

parameters

Complex heterogeneous infrastructures


23/35


24/35


eBusiness Functional Architecture

External

Partner

Network

Example: Amazon

Business

Partner

Supplier

ERP

Financials

Service

Apps

CRMCustomerNetwork

Customers

P

OR

T

A

L

B2B

Gateway

HRD

Billing



25/35


Web Tier

WebWeb

Server FarmServer Farm

eCommerceeCommerce

PortalPortal

User Tier

Web, http, XML

Voice

WAP

Other

HTTP

XML

Front

End

Integration

Middle Tiers

J2EE ORJ2EE OR

CORBACORBA

Containers,Containers,

WorkflowWorkflow

ExpertExpert

systemssystems

Business LogicBusiness Logic

Back Office Back Office

SystemsSystems

RMI

MessagingCORBA

One Solution Architecture



26/35


Solution Architecture (contd.)Data Tier

DistributedDistributedDatabases,Databases,

WarehousingWarehousing

DataData

StorageStorage

Logic andLogic andReportingReporting

RMI

Messaging

CORBA

SQL via

JDBC or

ODBC

B2BB2B

Gateways,Gateways,

PaymentPayment

servers etc.servers etc.

SupplierSupplier

IntegrationIntegration

Partner

Network orInternet

(EDI, Web

Services, XML

Over HTTP etc.)

Online Data

Backup

Services


Application

complexityovershadowsthe network

Application may

be unavailabledespite networkand bandwidthavailability

Need to architectsystems forgreater reliability,fault tolerance,

scalability etc.


27/35


A mega level view

An international network

for a single organization Ex: Intel

Need to co ordinate withinternational bandwidthproviders

A packet may have to

pass through many

networks!

tier-2 ISP is customerof tier-1provider

Typical IT spending? Approx 10s of countries

1000s of locations

Tier 1 ISP

Tier 1 ISP

Tier 1 ISP

NAP

Tier-2 ISPTier-2 ISP

Tier-2 ISP Tier-2 ISP

Tier-2 ISP

localISPlocalISP

localISP

localISP

local

ISP Tier 3ISP

localISP localISP

localISP


28/35


Issues at the mega level

Application related

Aggregation Centralized v/s distributed schemes for aggregation at the

various data centers and applications.

Replication

Replication and caching mechanisms for faster access.

Robustness

Ensuring application availability despite various failures.

Network related

SLA: Service Level Agreements with bandwidth providers.

Administration:Early fault diagnosis and warning systems.

Security:This problem only gets worse!


29/35


30/35


Security: Threat Evolution

ScopeofD

amage

1980s 1990s Today Future

IndividualComputer

1st GenBoot Viruses

Sophistication of Threats

Next GenInfrastructure

Hacking, Flash

Threats,Massive Worm

Driven DDoS,

Negative

payload

Viruses,

Worms andTrojans

Global

Impact

Regional

Networks

3rd GenMulti Server

DoS, DDoS,

Blended Threat

(Worm+ Virus+

Trojan), Turbo

Worms,

Widespread

System

Hacking

Multiple

Networks

2nd GenMacro Viruses,

Trojans, Email,

Single Server

DoS, LimitedTargeted

Hacking

Individual

Networks


31/35


A giga level view

Impact of new

technologies Wireless access

Embedded ctrl

RFID tagging

Not hard to imaginean internationalnetwork, spanningacross multiple,

diverse organizations

Internet of Things 100s of organizations

100s of countries

Millions and billions of devices

Automobiles663 Million

Telephones1.5 Billion

Electronic Chips30 Billion

X-Internet

Forrester Research, 2001

93Million

407 Million

Internet Computers

Internet Users

Todays Internet

Th EPC d l I t t f Thi


32/35


The EPC model: Internet of Things

Source: www.epcglobalinc.org


33/35


Enterprise networks: The complete picture

Networking and Applications

Connectivity and Services

Maintenance

Scalability and robustness

Fault tolerance

Load balancing

Integration across systems

Securit


34/35


References

A.S. Tanenbaum. Computer Networks. Pearson Education,2003. L.L. Peterson and B.S. Davie. Computer Networks: A

Systems Approach. Morgan Kaufmann, 2002.

J. Schiller, Mobile Communications, Addison Wesley,2003.

Y B. Lin and I Chlamtac, Wireless and Mobile NetworkArchitectures, Wiley, 2001.


35/35


Thank You

Other Tutorials at: www.it.iitb.ac.in/~sri

Google Search: Sridhar Iyer IIT Bombay

Contact Details:

Sridhar Iyer

School of Information Technology

IIT Bombay, Powai, Mumbai 400 076

Email: [email protected]

Documents

Enterprise Networks 10