Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Deep packet inspection wikipedia , lookup
Zero-configuration networking wikipedia , lookup
TV Everywhere wikipedia , lookup
Computer network wikipedia , lookup
Computer security wikipedia , lookup
Policies promoting wireless broadband in the United States wikipedia , lookup
Distributed firewall wikipedia , lookup
Network tap wikipedia , lookup
Airborne Networking wikipedia , lookup
Wireless security wikipedia , lookup
ICT Solution for Small Manufacturing Campus Quick Reference for Sales 1.1 Design Principle The lightweight manufacturing enterprise's IT project system design complies with the principle of unified planning and standards, providing great support for rapid network information transmission and construction of various application systems. Network design follows the overall roadmap of high performance, standard openness, manageability, security, flexibility, and scalability, compatibility, and cost-effectiveness to provide high-bandwidth, highly reliable, and wired and wireless integrated infrastructure network. Data center design involves the enterprise's service volumes and actual equipment room space, It is recommended to use the flexible and easy-to-deploy MicroDC solution, which deploys firewalls in data centers and controls users' access to R&D and non-R&D services based on user role. In addition, devices in two equipment rooms work in active/standby mode. Communication system design fully uses internal network resources. Voice, video, and data media information services are transmitted simultaneously to lower the enterprise's investment costs. VoIP communication is implemented through IP private networks to reduce communication costs. Multiple communication modes such as telephone, conference, and Instant Messaging (IM) are integrated to improve employees' work efficiency. The service management system interface is user-friendly and feature high ease of use, reducing the enterprise's maintenance costs and improves employees' work efficiency. 1.2 Design Roadmap 1. Put forth the all-member authentication solution that allows a certain employee to access core assets through a certain network to meet information security requirements in high-density office areas. Specific ICT requirements for information security are as follows: (1) Access to core R&D assets through dedicated networks Part of the internal enterprise network must be used as R&D network that is isolated from other networks to allow employees access core R&D assets in the specified areas (for example, R&D area) inside the campus. (2) Only specified personnel can access core R&D assets Only R&D personnel and terminals can access the R&D network and can access the core R&D assets within the range of rights. (3) R&D personnel cannot access wireless networks. Wireless network coverage is unstable and has a low security level. As a result, wireless networks only work as a supplementation for non-R&D networks. To prevent R&D terminals (including core R&D assets) from accessing non-R&D networks through wireless signals, identity authentication must be performed for wireless access. R&D users and R&D terminals must be prohibited from access wireless networks. 2. Put forth a highly scalable and reliable data center solution to satisfy the customer's data center requirements. Specific ICT requirements for a highly scalable and reliable data center are as follows: (1) Use the MicroDC3000H integrated data center. The customer has two 9m² equipment rooms. The data center using traditional architecture has devices dispersedly distributed. The space is too small. Device installation, use, and maintenance are inconvenient. Subsequent expansion is also a tricky problem. Huawei MicroDC3000H is a micro data center that integrates power supply and distribution devices, chassis, heat dissipation, network devices, servers, security, cloud operating system, and integrated management software. Dimensions (W x D x H) of the chassis are 42 U (2000 mm × 600 mm × 1200 mm). The chassis covers a land area of only 0.72 m². As a result, even the 9 m² equipment room is large enough. (2) Key nodes work in redundancy backup mode. Core service servers, switches, and storage devices use dual nodes and dual links. Core services are deployed in cluster mode. Data is copied at two storage devices simultaneously and is backed up to physical tape libraries through the IP periodically to ensure high data security and reliability. (3) Use server virtualization and FC-SAN to ensure high scalability. Server virtualization can allocate computing resources based on user demands. FC-SAN ensures smooth capacity expansion of storage devices. 3. Put forth a mobile UC solution to satisfy the customer's requirements for cost-effective and mobile UC. Specific ICT requirements for cost-effective and mobile UC are as follows: (1) Voice over WLAN (VoWLAN) Huawei eSpace client is installed on mobile terminals, and wireless networks are used to transmit services to implement clear and smooth IP voice communication between internal employees inside the campus and employees outside the campus. This supplements carrier network signals inside the campus. (2) One number for one employee Enterprise numbers that use wireless networks can be bound to mobile phone numbers. Each employee has only one enterprise number. If one fails to call a number of an employee who works mobile office mode inside the campus due to mobile phone signal problems, the call will be automatically transferred to the bound number on the wireless network to ensure the corresponding employee can be contacted in a timely manner. (3) Adapt to growth of the number of employees The current number of employees in only 30, but the future number will increase to 600 to 700 or even more. Therefore, private branch exchanges (PBXs) must have high scalability to adapt to the growth of the number of employees. (4) Guarantee the quality of wireless network services Deploy WLAN APs to enhance poor wireless network signals in certain areas, especially closed areas without wireless signals. The signal strength must be greater than -75 dBm. Electromagnetic compatibility (EMC) in production areas such as the production zone is strong, so the signal-to-noise ratio (SNR) must be greater than 10 dB. APs are deployed every 20 m in the office area and every 50 m in the outdoor commissioning area. AP roaming is frequent during a mobile phone call. To ensure the phone call quality, AP roaming switchover delay must be less than 200 ms. A maximum of 20 users access to one AP in the office area. In conference rooms and training rooms with a high density of users, access of too many users results in lowered service quality of each user (the voice service will be affected if the wireless network bandwidth is lower than 64 kbit/s). Preferential AP access policies must be configured to solve this problem. To meet the customer's ICT requirements, the mobile UC solution will be designed in details from the aspects of voice communication, One Number Link You (ONLY), wireless network, and logical networking in chapter 8. 4. Put forth an IP-based infrastructure network solution that adapts to service changes and features functional equivalence based on the preceding IT system construction requirements. Transmitting the lightweight manufacturing enterprise's R&D design, production and manufacturing, administration, and campus management services, the infrastructure network is the foundation of the entire enterprise's operations. Specific ICT requirements for the infrastructure network are as follows: (1) Network isolation: Build a campus backbone network. The enterprise's R&D design system, production and manufacturing system, administration system, and campus management system can assess the network in a unified manner. Each service system is isolated from another service system and can access another service system through the DMZ. R&D personnel can access the R&D design system and the administration system. Production personnel can access the production and manufacturing system as well as the administration system. Administrators can access only the administration system. Campus management personnel can access the administration system and the campus management system. Different personnel cannot access each other but only communicate with each other using email and UC systems. (2) R&D and production personnel can access the R&D design system, production and manufacturing system through wired networks that transmit the enterprise's operation data including R&D 3D design drawing (common files: 10 to 100 MB; advanced rendering files: > 200 MB), production plan, procurement, logistics, purchase order (PO), and goods demanding order. These data must be preferentially transmitted by the core network. Based on the customer's expectation, bandwidth for uploading and downloading 3D graphic files (> 200 MB) must be higher than 1000 Mbit/s to reduce transmission delay and prevent network congestion. 50% of the R&D design personnel must be able to perform operations concurrently. According to the existing number of access switch ports, upstream bandwidth must be higher than 24,000 Mbit/s, that is, 48 (number of access switch ports) x 50% x 1000 Mbit/s (access bandwidth). Therefore, two 10 Gbit/s upstream links are used to build a backbone network. (3) Network SLA: Employees can access the administration system through wired and wireless networks that transmit data, voice, video, and multimedia services. The customer plans to deploy advanced video conference systems in conference rooms in the R&D building and offices of three executives to conduct video conferences with other institutes across the globe. The customer requires that the video conference system provide an immersive experience and clear and smooth images. Based on the one-channel Telepresence HD video format (1080p/60 fps), bandwidth must meet the requirement of 8 Mbit/s in optimal situations. Quality of service (QoS) must meet Type-A standards: delay ≤ 100 ms, jitter ≤ 10 ms, packet loss ratio ≤ 0.5%. The customer requires concurrent use of all video conference systems. The customer also requires that, on the premise of not changing the network architecture, the video conference system process concurrent service traffic of 700 users. In addition, the customer may introduce video services of a higher definition, requiring that the network should not be replaced within 3 to 5 years. (4) WLAN: The customer urgently needs a stable, clear, and cost-effective mobile communication system that satisfies the voice communication requirements inside and outside the campus. Therefore, WLAN coverage must be implemented. The customer requires full coverage of the campus and ubiquitous and rapid access to the WLAN. The VoIP must be clear and smooth, and users must not be aware of the cross-area VoIP experience. In addition, the customer requires mobile office services inside the campus be implemented. Based on bandwidth requirements of VoIP and most mobile office services, the lowest WLAN bandwidth for a single user should be 2 Mbit/s, and the inter-AP roaming delay should be approximately 100 ms. 1.3 Overall Solution Design Figure 1-1 Solution architecture High-density office Non-R&D PC Non-R&D mobile terminal R&D PC Executive's office R&D PC Non-R&D zone R&D PC R&D zone Internet WAN Enterprise Intranet Room1 Server Storage Power Air Switch conditioningdistribution cabinet Distributed Deployment cabinet Room N Server Storage Switch Power Air conditioningdistribution cabinet Distributed Deployment cabinet Outdoor commissioning area/production area Multiple dispersedly distributed equipment rooms The lightweight manufacturing enterprise IT solution consists of infrastructure network solution, information security solution, data center solution, and mobile UC solution. Each system connects to the infrastructure network. Infrastructure network solution: Infrastructure network is the transmission network of the entire IT system of the enterprise. Reliability, openness, security, scalability, and cost-effectiveness must be ensured to provide high-bandwidth, high-reliability, and wired and wireless infrastructure network. Information security solution: This solution solves information security problems in high-density office areas. Security, advancement, and cost-effectiveness must be ensured. The R&D network must be isolated from the non-R&D network. In addition, high work efficiency must be ensured. Data center solution: The data center bears all application systems of the entire IT system and data storage and backup. Security, scalability, and openness must be ensured to adapt to the enterprise's continuous service growth. Mobile UC solution: This solution solves the mobile communication problems and enterprise phone call cost problems inside the campus. Advancement, reliability, and ease of use, and cost-effectiveness must be ensured to reduce enterprise phone call cost and improve work efficiency.