Lecture2_Network Design and Security

7/28/2019 Lecture2_Network Design and Security

http://slidepdf.com/reader/full/lecture2network-design-and-security 1/27

Network Design Principles

CP3397

Network Design and Security

Lecture 2



Contents

Design goals

Design choices

Design approaches

The design process

Capacity planning



Design goals

Good designs should:

Deliver services requested by users

Deliver acceptable throughput and response times Be within budget and maximise cost efficiencies

Be reliable

Be expandable without major redesign

Be manageable by maintenance and support staff Be well documented



Design Choices

Balance of distribution

Level of transparency

Security

Connectivity technology



Design approaches

Two typical methods

Traditional analytic design

Building block approach

Both use a similar iterative approach



The traditional design processAgree requirements

Information gathering

Design process

Deployment

Commissioning

Modify

Meets constraints?

No



Design Stages - Agreerequirements

Engage end users

Translate requirements

Business objectives –> technicalspecification

Phasing the requirements

Right level of detail at each design stage

Designing the requirements



Design Stages - Designing therequirements

Aim for completeness

Prioritise with a hierarchical system

such as [M] - Mandatory

[H] – Highly desirable

[D] - Desirable [N] - Note



Design Stages - Assessingrequirements

Consider all aspects E.g. support & maintenance, depreciation,

commissioning costs, project management fees,h/w & s/w upgrade costs, b/w/ costs, consultancycharges – over the lifetime of the network

Weighted matrix multipliers M=100, H=10, D=1, N=0 Produce scores and rank suppliers



Design Stages - Informationgathering

Need to find details of user behaviour, applicationuse and location information for example: User: location, numbers, services used, typical access

Sites: number, location, constraints on traffic (security, political or

cost) Servers and services: location, level of distribution

WAN/backbone predicted link traffic

Protocol support: bridged, routed or switched – Gateways needed?

Legacy support: equipment, protocols or services

Specific availability needs? 24-hour/backup links etc

Five-year plan – changes to population or business requirements

Budgetary constraints

Greenfield or existing site

Information is refined and leads to a requirements database andcapacity plan



Design Stages - Siteconstraints

Greenfield or Greenfield sites have no legacy constraints but…

It is difficult to determine the real network loads andstresses

Needs more detail of application use and underlyingprotocols

Could use simulation to predict performance

Existing site

Limited access Access to live network could be restricted but…

Bottlenecks more obvious

Can use traffic/network analysis tools



Design Stages - Designspecification

Detailed document of the design

Acts as a benchmark for design changes

Final design choices and changes need justification and documenting

Should include change history to aidmaintenance

Used for the implementation



Design Stages -Implementation

Needs a project plan to include Phased introduction of new technology

Educating the users (what to expect) Pilot installation (test for possible

problems)

Acceptance testing (to prove performance

meets requirements) Deployment (provide support on going live

and provide fallback position)



Connectivity options

Technology choices

LANs (Ethernet, Token ring, ATM)

MANs (FDDI, SMDS, ATM, SONET/SDH) WANS (Frame relay, ATM, ISDN, X.25,

PDCs, Satellite)

Wireless (802.11, Bluetooth, GPRS, GSM) Dial-up lines

Serial links



Connectivity optiondeterminants

Packet, cell or circuit switching

Wired or wireless

Distance

Performance

Bandwidth

Quality of Service

Availability



Media and bandwidth choices



Capacity Planning - Outline

Concerned with User response times

Application behaviour and performance

characteristics Network utilisation

Needed to Minimise downtime

Maximise service to customers Minimise costs of procurement and maintenance

Avoid unscheduled maintenance or re-design

Avoid costly upgrades and bad publicity



Capacity Planning - Stages

Form a discussion group (involve users etc.)

Quantify user behaviour

Quantify Application behaviourBaseline existing network Traffic profiles

Make traffic projections

Summarize input data for design process Assess other data (environmental, locationrestrictions, deployment constraints etc)



Capacity Planning – Step 1

Form a discussion group (involve users etc.) Needs wide representation

Users, network managers, application groups

To elicit What uses find acceptable and unacceptable

Map of services and users and details of user behaviour

Quantify items using User and service sizing data

Snapshots from data capture and network managementtools

Traces of key services using protocol analysers

Pilot network implementation




Quantify user behaviour

Need to know population and and location

of users Summary of major user groups

Application use by user group

Site location data (country, grid ref., town,postcode, telephone exchange)

Planned changes




Quantify Application behaviour Need to identify

Applications that could affect performance

Location and performance of servers and clients

Key constraints on performance (response times, buffer sizesetc

And define Application behaviour under fault conditions (lost data)

Addressing mechanisms( broad/multi/unicast)

Packet characteristics (frame sizes and direction) Routable and non-routable services (IP, NETBIOS)

Undefined applications allow choice of distributionbalance




Baseline existing network Baselining – a behavioural profile of the network obtained

from

Packet traces, transaction rates, event logs and stats

Router ACLs, firewall rulebases

Inventory of H/W and S/W revisions

Traffic profiles -Capture data for a stable working network with details of B/w utilization by packet type and protocol

Packet/frame size distribution Background error rates

Collision rates

Various tools can be used Network and protocol analysers, SNMP data, RMON probes, OS

tools, traceroute, ping etc




Make traffic projections using some, orall of:

Hand calculation Commercial analytical tools to project

network utilisation

Simulation tools (most detail)




Summarize input data for design process Budget

Database of sites, user populations,

List of key applications and their behaviour Traffic matrix

Need to consider Static or dynamic bandwidth allocation

Max. Delay and Max. hops between sites

Resilience, Availability, degree of meshing

Design constraints and trade-off (e.g. delay v cost)



The building-block designprocess(an alternative)

NeedsAnalysis

Technologydesign

CostAssessment



Summary

Good design

Is an iterative process of continuous

refinement Is logical and consistent

Should deliver acceptable performance andcost metrics (trade-off)

Is more than choosing the technology!

Lecture2_Network Design and Security

Documents

Transcript of Lecture2_Network Design and Security