Network Architecture Upgrades 1

NETWORK ARCHITECTURE UPGRADES 1
NETWORK ARCHITECHTURE UPGRADES
CHANDLER, ARIZONA
Prepared for:
David Demland
Prepared by:
Kiel E. Hawkins, Systems Administrator
Primavera Online High School
October 10, 2013

555 5th Street
Chandler AZ, 85224
(555) 555-5555
Primavera Online High School
555 555th Street
Chandler Arizona, 85225
Attention: David Demland, CEO
NETWORK ARCHITECTURE UPGRADES
Primavera Online High School has been in business for many years without a dedicated Systems
Administrator. During this time, the Primavera network has grown organically as needed,
without the use of best practices or accounting for future growth. As such, the network has come
to a point where it can no longer sustain its current users or future needs.
This proposal consists of research showing the need for better failover and to utilize network
resources more efficiently. Cost analysis was done on three one minor and two major network
architecture revisions. Recommendations are provided that cover a wide range of cost structures
and equipment.
Thank you for your consideration. I look forward to hearing your response on the matter.
Kiel E. Hawkins
Systems Administrator
Table of Contents
INTRODUCTION .............................................................................................................. 6
PROJECT DESCRIPTION ................................................................................................. 6
SCOPE OF STUDY............................................................................................................ 6
REPORT FORMAT............................................................................................................ 6
DISCUSSION ..................................................................................................................... 7
BUSINESS CONTINUITY/DISASTER RECOVERY ..................................................... 7
FAULT TOLERANCE ................................................................................................... 8
SINGLE POINT OF FAILURE...................................................................................... 8
COMPARISON OF TOPOLOGIES .................................................................................. 8
SOLUTION 1: VLANS .................................................................................................. 9
Cost ........................................................................................................................... 10
SOLUTION 2: VLANS, FIREWALLS, VIRTUAL SERVERS.................................. 10
Cost ........................................................................................................................... 11
SOLUTION 3: VLANS, FIREWALLS, VIRTUAL SERVERS, VDI ........................ 11
Cost ........................................................................................................................... 12
CONCLUSION ................................................................................................................. 12
RECOMMENDATIONS .................................................................................................. 13
REFERENCES ................................................................................................................. 14
Illustrations
FIGURES
1. BUSINESS CONTINUITY SUBSECTIONS.7
2. CURRENT NETWORK TOPOLOGY.......9
3. SOLUTION 1 NETWORK TOPOLOGY.10
EXECUTIVE SUMMARY
Primavera Online High School has been in business for many years without a dedicated
Systems Administrator. During this time, the Primavera network has grown organically as
needed, without the use of best practices or accounting for future growth. As such, the network
has come to a point where it can no longer sustain its current users or future needs.
Currently Primavera has approx. 150 users and has the potential for growth to over 200
within the next 12 months. In order to manage current bandwidth usage on the network and
prepare for easy expansion; I recommend that we (1) break the network in the Virtual LANs
(VLANS) to reduce noise on the network, (2) purchase a pair of virtual host servers to be used in
a clustered environment for all servers, (3) purchase two new firewalls to allow for WAN load
balancing and greater control of network flow, (4) consider moving away from desktops and
laptops for users and go towards a Virtual Desktop Infrastructure (VDI) for security and
maintenance.
INTRODUCTION
This proposal discusses the immediate need to increase network performance and
upgrade infrastructure to handle current and future use.
PROJECT DESCRIPTION
Primavera Online High School has grown significantly in the last 5-7 years, while the
network was sufficient at the time, this is no longer the case. A dedicated Systems Admin was
hired to evaluate the current and future networking needs, then implement effective changes to
allow Primavera to expand with minimal growing pains.
SCOPE OF STUDY
This proposals purpose was to research and design solutions that will allow the Systems
Administrators of Primavera Online High School to provide a consistent available and efficient
work experience when using the company network resources. Any solutions must meet certain
criteria:
Minimize Network Noise

Increase availability to resources
Easy to install.
Easy to maintain.
Cost Effective.
Multiple technologies were investigated for use with the network:

VLANS
Virtual Servers
Server Clustering
WAN Load Balancing
Virtual Desktop Infrastructure
REPORT FORMAT
There are 3 main sections in this proposal:

1. Business Continuity Discussion: Shows a need for more redundancy and failover
2. Breakdown in three architectures with regards to equipment, design and cost
3. Conclusions and Recommendations
DISCUSSION
Primavera Online High School has recently had multiple network outages and slow
network speeds that have forced it to look harder at the company Business Continuity Plan. This
plan is designed to ensure continued business even after a catastrophic failure such as power loss
or total network failure.
During this time, additional users have been added to the current environment, but no
changes have been made to optimize the network for the current load, not to mention future load.
BUSINESS CONTINUITY/DISASTER RECOVERY
Over the last few years businesses have been more focused on two things, Business
Continuity (how to maintain business processes despite outside influences) and Disaster
Recovery (the ability to return business to normal after a failure). The IT department has several
disaster recovery plans in place should the network fail and business needs to continue. What was
not in place is sufficient automatic failover with regards to servers and network appliances. As
seen in figure 1 below, IT Disaster Recovery is one of the 4 core sections to Business continuity
and needs to have an equivalent priority.
Figure 1: Business Continuity Subsections
Any process with regards to Business Continuity and Disaster Recovery needs to have
two things addressed:
FAULT TOLERANCE
Fault Tolerance is a necessary part of any essential system. These processes need
to be able to recover from faults or have another pathway they can take to their end goal.
Costs are involved, providing redundant systems and equipment comes with a price, and
the need to provide this level of continuous, uninterrupted operation needs to be carefully
evaluated (Conklin, White, Williams, Roger, Cothren, 2010).
Redundant systems mean 2x the costs. These Highly Available systems need to
have high-speed links between them and they need to be able to sense failure and
automatically recover, which also comes at a premium. As seen in figure 1 below, IT
Disaster Recovery is one of the 4 core sections to Business continuity and needs to have
an equivalent priority.
SINGLE POINT OF FAILURE

Single points of failure are parts of any process that rely on any one way of doing
things and that if interrupted can disrupt the whole process. Single points of failure need
to be identified if high availability is required because they are potentially the weak
links in the chain that can cause disruption of the organizations operations (Conklin,
White, Williams, Roger, Cothren, 2010).
COMPARISON OF TOPOLOGIES
Three primary changes are suggested through this proposal. One consists of just
configuration changes and will likely incur no cost. The two other proposed topologies do require
a financial investment, but the benefit is much greater as the cost increases. Current topologies
are using older hardware and a software firewall which is inefficient and has a potential to break
down at any time (see figure 2 below).
150Mbps Dn 150Mbps Dn
10Mbps XO1 10Mbps XO2 COX1 COX2
30 up 30 up
Cisco Cisco
CM CM
PBX/Avaya QOS Switch
SG500 UTFW UTFW
P.O.E 10.0.2.2
Physical 192.168.4.22
V
O
I
C
E WGFW User GW
Softphones 192.168.4.21
10.10.1.0/24
EFW
Subnet: 192.168.4.0/22
Server GW
192.168.4.1 WGFW
Fax Server
P.O.E
D
A
T
A
Figure 2: Current Network Topology
SOLUTION 1: VLANS
The current network is setup as a flat network with no subnetting or vlans. This
means all devices are on the same subnet able to share data with no routing or
segregation. Due to this fact there is a significant amount of noise on the network that
can be eliminated by breaking up the network in a logical way.
It is proposed that we immediately break the network into the following VLAN
segments.
1. Student Advisor 1
2. Student Advisor 2
3. Server Room
4. IT Office
5. Enrollment Advisor
6. Offices(Default)
7. Maintenance(Native)
8. Guest Wireless
This setup can be done in an evening after all ports have been traced and mapped
to cubicles (see figure 3 below).
30 up 30 up
Cisco Cisco
CM CM
SG500 UTFW UTFW
P.O.E 10.0.2.2
Physical 192.168.4.22
V
O
I
C
E WGFW User GW
10.10.1.0/24
EFW
Subnet: 192.168.4.0/22
Server GW
192.168.4.1 WGFW
D
A
Fax Server T
P.O.E A
VLANS
Figure 3: Solution 1 Network Topology

Cost
Currently there is no cost associated with VLAN creation and
configuration. Current switches are capable of this configuration and just need to
be setup properly during non-business hours.
SOLUTION 2: VLANS, FIREWALLS, VIRTUAL SERVERS

This solution consists of the same VLAN breakdown as solution 1, but with
additional failover and high availability technologies.
Per the diagram below (figure 4), a new Untangle firewall modem u500 would be
purchased. This firewall will be capable of WAN load balancing, which will allow the
school to pair its two Cox internet connections together and use them as a single
connection.
Current servers are over 5 years old, some as old as 9 years. We will be
purchasing a pair of Virtual Hosts and configuring them in a highly available cluster so
that one will failover to the other when issues arise. This setup allows for all servers to
maintain as much uptime as possible. After this is setup, all physical servers will be spun
up on the new virtual cluster.
30 up 30 up
Cisco Cisco
CM CM
Untangle
SG500 Firewall
u500
P.O.E 10.0.2.2
Physical 192.168.4.22
V
O
I
C
E User GW
10.10.1.0/24
EFW
Subnet: 192.168.4.0/22
Server GW
192.168.4.1 WGFW
P.O.E
Fax Server D
A
T Virtual Server Cluster
A
High Speed Network

VLANS Storage
Cost
Current cost breakdown of this solution is below:
Item Quantity Cost Per Item Total

Cost
Dell PowerEdge R910 Rack Server 2 19,702.68 39,405.36
Untangle Firewall model u500 2 5,845.00 11,690.00
Total 51,095.36
SOLUTION 3: VLANS, FIREWALLS, VIRTUAL SERVERS, VDI

Solution 3 builds upon the previous solutions by adding a VDI (Virtual Desktop
Infrastructure) into the network. This solutions removes the need for individual laptops
for each user and instead provides a zero client device which just displays the desktop.
All processing is done by a central server and each user has a virtual desktop they can
access and use.
This provides additional security as no data is actually on the zero client and as
these are virtual images, they can be configured to be very resistant to viruses and
intrusion. The clients are 80% more energy efficient and require much less maintenance
from an end user standpoint than traditional client/server architecture.
30 up 30 up
Cisco Cisco
CM CM
Untangle
SG500 Firewall
u500
P.O.E 10.0.2.2
Physical 192.168.4.22
V
O
I
C
E User GW
10.10.1.0/24
EFW
Subnet: 192.168.4.0/22
Server GW
192.168.4.1 WGFW
Virtual Desktop P.O.E

Fax Server Server Cluster D
A
T Virtual Server Cluster
A
High Speed Network

Storage
Virtual PCs on LAN VLANS

Cost
Current cost breakdown of this solution is below:
Item Quantity Cost Per Item Total Cost

Dell PowerEdge R910 Rack Server 2 19,702.68 39,405.36
Untangle Firewall model u500 2 5,845.00 11,690.00
Vmware V-Sphere Enterprise licenses for VM 4 5,802.36 23,209.44
Servers
Vmware Horizon View 10 user licenses 15 3,025.00 45,375.00
Viewsonic SD-Z225 Zero client 150 499.00 74,850.00
Reclaim 150 laptops for loan program 150 -250.00 -37,500.00
Total 157,029.80
CONCLUSION
In conclusion, the Primavera network is currently outdated and at times can hinder
productivity. At a minimum the network noise needs to be cleaned up and QoS fine-tuned. Future
proofing the network against growth is a major goal and the cost-benefit ratio should be
considered for any technology that is put in place.
RECOMMENDATIONS
Based on the technology involved and cost differences, I recommend that we at the very
least implement VLANs right now to more efficiently utilize the current network resources.
However, Primavera Online High School should consider Solution 3 as something to move
towards. The cost benefit ratio is high and it will allow the school to be future proof for the next
5-7 years.
REFERENCES
Conklin, W. A., White, G., Williams, D., Roger, D., & Cothren, C. (2010). Principles of
computer security comptia security and beyond. (2nd ed., pp. 243-244 and 504).
McGraw-Hill.
Dell. (2013). Poweredge r910 rack server. Retrieved from

http://www.dell.com/us/business/p/poweredge-r910/fs
Untangle. (2013). u500 appliance. Retrieved from http://www.untangle.com/store/u500-

appliance-v2.html
Viewsonic. (2013). Sd-z225 optimized for vmware view. Retrieved from

http://www.viewsonic.com/us/desktop-virtualization/zero-client/sd-z225.html
Vmware. (2013). Desktop virtualization and mobile computing. Retrieved from

http://www.vmware.com/products/

Network Architecture Upgrades 1

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Network Architecture Upgrades 1

Uploaded by

Copyright:

Available Formats

NETWORK ARCHITECTURE UPGRADES 1

NETWORK ARCHITECHTURE UPGRADES

October 10, 2013

555 5th Street

Chandler AZ, 85224

Primavera Online High School

555 555th Street

Chandler Arizona, 85225

Attention: David Demland, CEO

NETWORK ARCHITECTURE UPGRADES

Minimize Network Noise

Multiple technologies were investigated for use with the network:

There are 3 main sections in this proposal:

BUSINESS CONTINUITY/DISASTER RECOVERY

Figure 1: Business Continuity Subsections

SINGLE POINT OF FAILURE

PBX/Avaya QOS Switch

SG500 UTFW UTFW

Figure 2: Current Network Topology

PBX/Avaya QOS Switch

SG500 UTFW UTFW

Figure 3: Solution 1 Network Topology

SOLUTION 2: VLANS, FIREWALLS, VIRTUAL SERVERS

PBX/Avaya QOS Switch

High Speed Network

Figure 4: Solution 2 Network Topology

Item Quantity Cost Per Item Total

SOLUTION 3: VLANS, FIREWALLS, VIRTUAL SERVERS, VDI

PBX/Avaya QOS Switch

Virtual Desktop P.O.E

High Speed Network

Figure 5: Solution 3 Network Topology

Item Quantity Cost Per Item Total Cost

Dell. (2013). Poweredge r910 rack server. Retrieved from

Untangle. (2013). u500 appliance. Retrieved from http://www.untangle.com/store/u500-

Viewsonic. (2013). Sd-z225 optimized for vmware view. Retrieved from

Vmware. (2013). Desktop virtualization and mobile computing. Retrieved from

You might also like