Enterprise 05 Convergence

IntroductiontoEnterpriseNetworks:
Fromananotoagigaperspective
SridharIyer
IITBombay
www.it.iitb.ac.in/~sri
WhatareEnterpriseNetworks?
Convergence2005 IITBombay 2
WhatareEnterpriseNetworks?
Supportthousandsofusersacrossacompanys
diversegeographicallocations
Mayinvolvehundredsofservers
Eachlocationmaylooklikeasimplesystem,
butthecomplexityincreasesasthesesystems
arelinkedtogether
IstheInternetanEnterpriseNetwork?
EnterpriseNetworks:Onedefinition
Large
105edgedevices,103networkdevices
Geographicallydistributed
Multiplecontinents,102countries
Tightlycontrolled
ITdepartmenthas(nearly)completecontrolover
userdesktopsandnetworkconnectedequipment
WhystudyEnterpriseNetworks?
Thereisalotofmoneyinthisarea
EnterpriseITspendingisexpectedtoincreasesteadily
InStat/MDRestimatesthatenterprisefirmswillspendnearly$256
billiononITproducts,servicesandpersonnel,by2006.
Gartnerforecaststhatglobalenterprisenetworksgrowthat7.6
percentcompoundannualgrowthrate(CAGR)from20042008.
(3.9percentCAGRforserver/clientplatforms)
Therearemanychallengingproblemshere!
Sizing,resourcemanagement,securityandmanymore
ThefocusofthiseventConvergence.
AmazonSearch:
booksforEnterpriseNetworks
results:638booksinMarch2005.
Whereisthemoney?
increasingconnectivity
requirements(remote
access/VPNsolutions)
aggregationofcorporate
informationandresources
expandeduseofservices
(mobileclientdevices)
NewapplicationsandIT
enabledservices
healthcare,legal,
financial,ecommerce
Securitysolutions
DrivingforceConvergence
Notaboutgadgetsoraccesstechnologies
Theseareactuallyincreasingindiversity
Butaboutservicesandapplications
ThequestforAnytime,Anywhere,Anyformaccessto
anyintranet/extranetapplication
Enterprisesneedtocopewithdemandfornew
servicesandapplications
Supportedbycomputingandcommunicationsfabrics
Weneedtounderstandtheissuesinvolved
Agoodwaytobegin:Fromthenanotothegigaview
Ananolevelview
Asinglemachineinan
organization
Smallestcomponent
Ex:AstudentinKReSIT
Hardware:Desktop/Laptop
Software:Applicationpkgs
TypicalITspending
AroundRs.50,000/
Upgradeevery2years?
Internetaccess?
Behindthescenes
Issuesatthenanolevel
Applicationrelated
Softwareversionincompatibilities
Thisprogramwasworkingfineyesterday.
Performance
Thisiswaytooslow.Ineedafastermachine.
Networkrelated
Security
Itlookslikethereisavirusonmymachine.
Administration
IcannotrememberwhichgatewayIamsupposedtouse.
Onesolutionstrategy
Rudimentarysystemadministration;Moveuponelevel
Amicrolevelview
Asinglesubnet(dept)inan
organization
Decentralizedresource
sharing(printers,filesetc)
Ex:AlabinKReSIT
Hardware:Switches,cables
Software:Security,Mgmt
TypicalITspending
Approx10sofmachines AroundRs.500,000/
12switches,1000mcabling (excludingdesktops)
Issuesatthemicrolevel
Applicationrelated
ResourceSharing
Somebodyhaschangedthesettingonthisprinter.
ScalabilityandPerformance
Thisistooslowduringtheday.Illtryitatnight.
Networkrelated
Security
Somebodyseemstohavebrokenintomymachine.
Administration
Hey,thereisanIPaddressconflict.
Onesolutionstrategy
RudimentaryITadministration;Moveuponelevel
Amillilevelview
Asingleentityinan
largeorganization
100sofusers
Ex:KReSITinIITBombay
Centralizedmodelfordata
storage,security,running
applicationsandnetwork
administration
Hardware:Routers,Servers
Software:Applications,Mgmt
TypicalITspending
Approx100sofmachines
1020switches,23routers Rs.50,00,000/fornetwork
45servers Rs.3,00,00,000/servers
Annualmaintenancecost!
Issuesatthemillilevel
Applicationrelated
Sizing
HowmanyserversdoIneedandofwhatperformance?
Deployment
HowshouldIdeploymyapplicationsandothersystems?
Networkrelated
Sizing
HowmuchbandwidthdoIneedtokeepusershappy?
Security
MACflooding;ARPspoofing;DenialofService
Administration
DHCP;Firewalls;Proxyservers;Logging
Thecosttomanagestorageistypicallytwicethecostoftheactual
storagesystem.
ITmanager,
administrator,
alreadyhasto
dealwithterrific
complexity.
Theworst
possiblesituation
tobeinis:trying
toidentify,root
cause,and
resolveproblems
insuchcomplex
setups.
Atypicalenterpriselevelview
Asingleorganization
1000sofusers
Ex:IITBombay
Multipleduplicateservers
andmorecomplexnetwork
Hardware:Routers,Servers
Software:ERP,CRM,security,
accountingandothersystems
TypicalITspending
Requirementsareever
Approx10soflocations
increasing
Approx1000sofmachines
Boundedonlybybudget
100sofswitches,10sofrouters
constraints!
Issuesatthetypicallevel
Applicationrelated
Interfaces
HowmanyinterfacesshouldIprovideforaserviceaccess?
LAN,WAN,web,handhelddevices
Monitoring
HowshouldIensureapplicationqualityofservice?
Minimizedowntime,Autoalertsforoverload
Networkrelated
Sizing:HowmuchInternetbandwidthdoIneed?
Wireless:HowshouldIhandlewirelessdevices?
Security:HowshouldIsetupfirewalls,proxiesandDMZ?
Administration:Whataremyauthentication/accesspolicies?
TieredViewofanEnterprise
SW Load Balancer
Web App Process
Server Server Server
Message & Event Bus
Application tier
Balancer
OS
Storage
Load
HW
DNS DB
Server OS
HW
Compute tier
I nternet
Switch Extranet
Firewall
Access Network
Router
Network tier
Source:UmeshBellur,IITBombay
Akilolevelview
Anationalnetworkfora
singleorganization
Ex:LIC,NSDL
Needtoleaselinesor
useroutingservices
providedbyISPs.
CreationofaWideArea
NetworkBackbone
Approx100soflocations TypicalITspending
Approx10000sofmachines Variesfromtensto
1000sofswitches,100sofrouters hundredsofcrores
Complexheterogeneousinfrastructures
Directory
andSecurity Existing
Dozensof Services Applications
systemsand andData
applications
Business
Data
Data
Web Server
DNS
Server
Web
Application Thousandsof
Server
Server tuning
parameters
StorageArea
Network
Hundredsof
components BPsand
Data External
Services
Issuesatthekilolevel
Applicationrelated
Placement
Whataretheoptimallocationsformyvariousapplications?
Tuning
HowshouldItunemyapplicationsforoptimalperformance?
Scalability
HowshouldIscalemyapplicationsforincreasingusage?
Networkrelated
Sizing:HowshouldIprovisionmyWAN/Internetconnectivity?
Security:HowdoIcopewithmysecurityvulnerabilities?
Backup:Whataremystandbyandfailovermechanisms?
Administration:WhataremypoliciesforVPNandothers?
eBusinessFunctionalArchitecture
Financials HRD
Supplier
P
CRM
Customer O B2B
R External
Network Gateway Partner
T Service
A Network
Apps
L Business
Partner
Billing
Customers ERP
Example:Amazon
OneSolutionArchitecture
UserTier MiddleTiers
WebTier
Web,http,XML
Web J2EEOR
ServerFarm CORBA
Containers,
Voice RMI Workflow
Messaging Expert

WAP
CORBA systems
Front eCommerce
End HTTP Portal
Integration XML BusinessLogic
BackOffice
Other
Systems
SolutionArchitecture(contd.)
DataTier
Application
Distributed complexity
Databases, OnlineData overshadows
SQLvia Warehousing Backup thenetwork
JDBCor Services
ODBC Data
Storage Applicationmay
Logicand beunavailable
Reporting despitenetwork
andbandwidth
availability
B2B
Partner
Gateways, Needtoarchitect
Networkor
RMI Payment systemsfor
serversetc. Internet
Messaging greaterreliability,
(EDI,Web
CORBA faulttolerance,
Services,XML
Supplier scalabilityetc.
OverHTTPetc.)
Integration
Amegalevelview
local
Aninternationalnetwork
ISP Tier 3 local
local ISP local forasingleorganization
ISP ISP Ex:Intel
ISP
Tier-2 ISP Tier-2 ISP Needtocoordinatewith
internationalbandwidth
Tier 1 ISP providers
NAP
Apacketmayhaveto
Tier 1 ISP Tier 1 ISP Tier-2 ISP passthroughmany
Tier-2 ISP Tier-2 ISP
local networks!
ISP
tier-2 ISP is customer of tier-1
local local local
ISP ISP ISP provider
Approx10sofcountries
1000soflocations
TypicalITspending?
Issuesatthemegalevel
Applicationrelated
Aggregation
Centralizedv/sdistributedschemesforaggregationatthe
variousdatacentersandapplications.
Replication
Replicationandcachingmechanismsforfasteraccess.
Robustness
Ensuringapplicationavailabilitydespitevariousfailures.
Networkrelated
SLA:ServiceLevelAgreementswithbandwidthproviders.
Administration:Earlyfaultdiagnosisandwarningsystems.
Security:Thisproblemonlygetsworse!
Security:Speedofnetworkattacks
1980s1990s 20002003 2003Future
Usuallyhadweeksor Attacksprogressedover Attacksprogressonthe

monthstoputsome hours,timetoassess timelineofseconds.
defenseinplace. dangerandimpact.
SQLSlammerWorm:
Timetoimplementdefense. Doubledevery8.5seconds
After3min:55Mscans/sec
1GbLinkissaturatedafter
oneminute
Security:ThreatEvolution
Global
Impact
ScopeofDamage
Regional NextGen
Networks Infrastructure
Hacking,Flash
Multiple Threats,
3rdGen MassiveWorm
Networks MultiServer
DoS,DDoS, DrivenDDoS,
Individual
2ndGen BlendedThreat Negative
MacroViruses, payload
Networks (Worm+Virus+
Trojans,Email,
Trojan),Turbo Viruses,
SingleServer
Worms, Wormsand
Individual 1stGen DoS,Limited
Widespread Trojans
Computer BootViruses Targeted
System
Hacking
Hacking
1980s 1990s Today Future

SophisticationofThreats
Agigalevelview
Impactofnew
93 technologies
Internet Computers
Million Todays Internet Wirelessaccess
Internet Users 407 Million Embeddedctrl
RFIDtagging
Automobiles
663 Million
Telephones X-Internet
1.5 Billion Nothardtoimagine
aninternational
Electronic Chips network,spanning
30 Billion acrossmultiple,
diverseorganizations
100soforganizations InternetofThings
100sofcountries
Millionsandbillionsofdevices
Forrester Research, 2001
TheEPCmodel:InternetofThings
Source:www.epcglobalinc.org
Enterprisenetworks:Thecompletepicture
NetworkingandApplications
ConnectivityandServices
Maintenance
Scalabilityandrobustness
Faulttolerance
Loadbalancing
Integrationacrosssystems
Security
ThankYou
EnjoyandLearninConvergence2005

Enterprise 05 Convergence

Enviado por

Dados do documento

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

Enterprise 05 Convergence

Enviado por

Direitos autorais:

Formatos disponíveis

IntroductiontoEnterpriseNetworks:

1980s1990s 20002003 2003Future

Usuallyhadweeksor Attacksprogressedover Attacksprogressonthe

1980s 1990s Today Future

Você também pode gostar