Professional Documents
Culture Documents
Arswan HLD 1.2
Arswan HLD 1.2
1
About This Document
The purpose of this document is to provide Project Details to setup and implement
ARSWAN. Each section of this document focuses on specific aspects of the overall design and
Implementation.
Intended Audience
This document is primarily intended for Arunachal SWAN Officials and Inspira.
Revision Control
Author:
Title:
Change Forecast:
Version History
Version number Date Author Reason For change
2
Table of Contents
1. Introduction...............................................................................................................................................................5
2. Project Overview.......................................................................................................................................................5
3. Executive Summary of ARSWAN................................................................................................................................6
4. Objectives..................................................................................................................................................................6
5. Bill of Materials..........................................................................................................................................................6
5.1. SHQ (BOM)......................................................................................................................................................... 6
5.2. DHQ (BOM).......................................................................................................................................................10
5.3. BHQ (BOM).......................................................................................................................................................12
6. Network Overview...................................................................................................................................................13
6.1. Network Topology............................................................................................................................................13
6.2. SHQ...................................................................................................................................................................15
6.2.1. Network Diagram.....................................................................................................................................16
6.3. DHQ (District Head Quarter).............................................................................................................................16
6.3.1. Network Diagram.....................................................................................................................................16
6.3.2. DHQ Location...........................................................................................................................................17
6.4. BHQ (Block Head Quarter)................................................................................................................................18
6.4.1. Network Diagram.....................................................................................................................................18
6.4.2. BHQ Location............................................................................................................................................19
7. Hardwar Overview...................................................................................................................................................23
7.1. MX-104.............................................................................................................................................................23
7.2. SRX-550.............................................................................................................................................................25
7.2.1. SRX 550 Front Panel.................................................................................................................................25
7.2.2. SRX-550 Panel..........................................................................................................................................28
7.3. EX-9208.............................................................................................................................................................30
7.3.1. Chassis Physical Specifications.................................................................................................................30
7.3.2. Craft Interface in EX-9208........................................................................................................................33
7.3.3. Craft Interface in EX-9208........................................................................................................................37
7.3.4. Fan Tray in EX-9208..................................................................................................................................37
7.4. EX4300-24T.......................................................................................................................................................40
7.4.1. EX-4300 Chassis........................................................................................................................................40
7.4.2. EX-4300 LCD Panel...................................................................................................................................42
7.4.3. EX-4300 Cooling System...........................................................................................................................44
7.4.4. EX-4300 Power Supply.............................................................................................................................46
3
7.5. SRX 345.............................................................................................................................................................47
7.5.1. SRX-345 Chassis........................................................................................................................................47
7.5.2. SRX-345 Chassis Status LEDs....................................................................................................................50
7.5.3. SRX-345 Cooling System...........................................................................................................................51
7.6. Fortigate 500 E................................................................................................................................................. 53
7.6.1. FG-500E Chassis..................................................................................................................................55
7.7. Think System SR 630.........................................................................................................................................57
7.8. Polycom RPCS1830...........................................................................................................................................60
7.8.1. RMX 1800 Chassis....................................................................................................................................61
7.8.2. RealPresence Access Director (RPAD)......................................................................................................64
7.8.3. RealPresence Resource Manager (RPRM)................................................................................................65
7.8.4. Distributed Management Application (DMA)..........................................................................................66
7.8.5. Media Suites.............................................................................................................................................69
7.8.6. VC End Points...........................................................................................................................................70
7.8.7. VC End Points DHQ & BHQ.......................................................................................................................72
7.9. IP Telephony.....................................................................................................................................................73
7.9.1. Avaya Aura Communication Manager.....................................................................................................73
7.9.2. Avaya Session Boarder Controller............................................................................................................73
7.9.3. Avaya Converged Platform.......................................................................................................................76
7.9.4. Avaya J129 IP Phone.................................................................................................................................78
7.10. Network Rack................................................................................................................................................... 80
7.11. AAA...................................................................................................................................................................81
7.12. NMS..................................................................................................................................................................84
4
1. Introduction
This document is a description of Arunachal State-Wide Networks (ARSWAN). It includes
Network Architecture, Network Design and Connectivity at a High Level . Detail Design
addressing each aspect will be given in the corresponding Low-level Design of Network.
2. Project Overview
Arunachal Pradesh will harness the Power of Information and Communication Technology to
achieve excellence in governance. Leadership in social and economic development in North
Eastern Region of India and to empower the denizens to contribute to the fullest in the state
prosperity building process.
E-Industry and services: Promotion of electronics hardware manufacturing and IT-ITES
industry.
E- Innovation/R & D: Providing support for creation of innovation infrastructure in emerging
areas of technology
E-Education: Providing support for development of e-Skills and knowledge network Statewide
Area Network (SWAN) is an element of the core infrastructure for supporting e-Governance
initiatives of the Government and provide G2C & C2G services.
5
3. Executive Summary of ARSWAN
State-wide Area Network (SWAN) is one of the core infrastructure components under
the National e-Governance Plan of the Government of India. The main purpose of this network
is to create a dedicated Closed User Group (CUG) network and provide a secured and speed
connectivity for Government functioning and connecting State Headquarters (SHQ), District
Headquarters (DHQ) , Blocks Headquarters (BHQ).
4. Objectives
The reference design provides a unified, low-latency network and Uses of Services that
supports multiple services while maintaining traffic segmentation of ARSWAN Network.
ARSWAN strives to simplify complexity and time consuming for services by leveraging the
understanding of Technology.
The document will provide the high-level network overview and framework for more detailed
requirements and design activities in later phases of the project.
5. Bill of Materials
5.1.SHQ (BOM)
6
MX5-104 on MX5, MX10, M40, MX80, and MX104 Series routers
Security Services (IPSEC, VPN and Group VPN) license
Juniper S-ES-NPU 1
based on a single NPU for MS-MIC, MS-DPC or MS-MPC
PWR-MX104-AC- MX104 AC Power Supply, Base Bundle, Altius-MX104, MX
Juniper 1
BB series
PWR-MX104-AC-
Juniper MX104 AC Power Supply, Altius-MX104, MX Series 1
R
RE-S-MX104-WW- Routing engine for MX104 and 4GB Memory, Base bundle
Juniper 1
BB (JUNOS WW)), Altius-MX104, MX Series
RE-S-MX104-WW- Routing Engine for MX104 and 4GB Memory, Redundant
Juniper 1
R (JUNOS WW), Altius-MX104, MX-Series
GE SFP LX Plug In, Module, Spare, MX, A2/A10,
Juniper SFP-1GE-LX 4
M320/T640/T320, M120
Juniper SFP-1GE-FE-E-T SFP capable of support 10/100/1000 speeds 4
SHQ Internet Router
Part Code Description Quantity
SRX550 Services Gateway with 4G DRAM, 8G CF and 1
Juniper SRX550-645AP-M 1
AC PSU
Juniper CBL-JX-PWR-EU J-Series Power Cable,Europe 1
Small Form Factor Pluggable 1000Base-LX Gigabit
Juniper SRX-SFP-1GE-LX 2
Ethernet Optic Module
645W AC-source power supply for SRX 650. Provides
SRX600-PWR- 397W System Power @ 12V and 248W POE Power @
Juniper 1
645AC-POE 50VDC. - Works with 90-250VAC input. Does not include
Power Cord.
SHQ Core Switch
Part Code Description Quantity
Redundant EX9208 system configuration: 8-slot chassis
EX9208-RED3B- with passive midplane and 1x fan tray, 2x EX9200-RE2
Juniper 1
AC routing engines, 2x switch fabric-2modules, 4x 2520W AC
PSUs, and all necessary blank panels
CBL-M-PWR-RA-
Juniper M320 AC Power Cable, Europe, Right Angle 4
EU
Small Form Factor Pluggable 1000Base-LX Gigabit
Juniper EX-SFP-1GE-LX 12
Ethernet Optics
Juniper EX-SFP-1GE-T Small Form Factor Pluggable 10/100/1000 Copper 20
7
Transceiver Module
EX9200, 40-Port 100FX/1000BASE-X SFP Line Card,
Juniper EX9200-40F 1
requires SFP (Optics Sold Separately)
Juniper EX9200-MPC EX9200 modular port card (MPC) 1
EX9200 Modular Interface Card (MIC) for EX9200-MPC,
Juniper EX9200-10XS-MIC 10-Port 10GbaseX (Half-Slot); Requires SFP+ Optics Sold 1
Separately
Small Form Factor Pluggable 10 Gigabit Ethernet (SFP+)
Juniper EX-SFP-10GE-SR 10
SR Optics
Aten
Aten KN1116VA 1
Aten KA7175 8
Aten CL1000M 1
RACK 42 U =2 NOS
Netrack NETRACK 42 U Rack 2
Servers
Lenovo 7X02CTO1WW ThinkSystem SR630 - 3yr Warranty
Lenovo 5731W16 Windows Server 2016 2
Lenovo 5731WA6 Windows Server 2016 Addl Lic
Vertiv
Vertiv PAC DME07MHP5 with DMC07WT1(F0107334 2
Fortinate
2 x 10GE SFP+ slots, 10 x GE RJ45 ports (including 1 x
Fortinet FG-500E MGMT port, 1 X HA port, 8 x switch ports), 8 x GE SFP 1
slots, SPU NP6 and CP9 hardware accelerated
Unified (UTM) Protection (24x7 FortiCare plus Application
FC-10-0500E-950-
Fortinet Control, IPS, AV, Web Filtering and Antispam, 1
02-60
FortiSandbox Cloud) - 3 Years
Fortinet SP-FG300E-PS AC power supply for FG-300/301E and FG-500/501E 1
Centralized log & analysis appliance - 2 x GE RJ45, 4TB
Fortinet FAZ-200F 1
storage, up to 100GB/Day of logs.
Polycom
RPCS1830 for RealPresence Clariti - IP Only, No
Licenses, Hardware for (50) 1080p30, (100) 720p, or (200)
Polycom 2200-71830-000 1
SD calls. Requires 5230-51X1X-XXX. (Maintenance
Contract Required)
8
Power Supply Unit For RPCS/RMX 1800 and Capture
Polycom 2465-82952-001 Server (RSS 5000). Additional Shipping Surcharge May be 1
Applied. Please Refer to VSHP0015 for Prepaid Shipping
9
85177090
APPLIANCE VIRTUAL PLATFORM R8 UTILITIES DVD ||
Avaya 700513989 1
85238020
ACP 130 DELL R640 SERVER PROFILE 5 WITH VMS
Avaya 700514100 1
BUNDLE || 8544
Avaya 700514194 ACP 120 DELL SRVR P4 BUNDLE ||85176290 2
Avaya 700514239 ASBCE R8.x SYSTEM SOFTWARE DVD || 9983 1
Avaya 700514696 APPLIANCE VRTL PLTFRM R8.0.1.1 DVD 1
Avaya 700514710 AURA SMGR R8.0.1.1 DVD 1
Avaya 700514708 AURA SESSION MGR R8.0.1.1 DVD 1
Avaya 700514508 AURA CM R8.0.1 SOFTWARE DVD ||85238020 1
Avaya 700514510 BREEZE R3.6 INSTANCE MEDIA DVD OVA || 9983 1
UPS 20 KVA
Vertiv Liebert ITA 2 20 kVA ,(3x1/3x3) UPS System 1
DG-Set 30 KVA
Swadeshi Genset 30 Kva 1
5.2.DHQ (BOM)
10
Requires JunOs 13.2 or higher
MX104 AC Power Supply, Base Bundle, Altius-
PWR-MX104-AC-BB 17
Juniper MX104, MX series
Juniper PWR-MX104-AC-R MX104 AC Power Supply, Altius-MX104, MX Series 17
RE-S-MX104-BB
Routing Engine for MX104 and 4GB Memory, Base
( RE-S-MX104-WW- 17
Bundle, Altius-MX104, MX Series
Juniper BB as per SPA )
Security Services (IPSEC, VPN and Group VPN)
S-ES-NPU license based on a single NPU for MS-MIC, MS- 17
Juniper DPC or MS-MPC
GE SFP LX Plug In, Module, Spare, MX, A2/A10,
SFP-1GE-LX 34
Juniper M320/T640/T320, M120
Juniper SFP-1GE-FE-E-T SFP capable of support 10/100/1000 speeds 68
DHQ Core Switch , Qty=17 , per location One Switch
Part Code Description Qunatity
EX4300, 24-Port 10/100/1000BaseT + 350W AC
EX4300-24T 17
Juniper PS
EX4300, 350W AC Power Supply (Power Cord
JPSU-350-AC-AFO needs to be ordered separately), PSU-Side Airflow 17
Juniper Exhaust
EX-QSFP-40GE- QSFP+ 40 Gigabit Ethernet Direct Attach Copper
17
Juniper DAC-50CM (Twinax Copper Cable) for 50cm Transmission
CBL-EX-PWR-C13-
AC Power Cable - India (6A/250V, 2.5m) 17
Juniper IN
Network Racks Qty=17 , per location One 24 U Rack
Netrack NETRACK 24 U Rack 17
Professional Large Format Display , Qty =17, per location one Display
LG Professional Large Format Display 17
AVAYA IP PHONES Qty =17, Per Location =1
Avaya 700512602 Global SNGL PT POE Injector Kit || 85044090 17
Avaya 700511979 C5 POWER CORD India/Bangladesh || 854442 17
Avaya 700513638 J129 IP Phone Global no Power Supply|| 85176290 17
UPS 10 Kva =17 , Per Location =1
Vertiv Liebert ITA 10 kVA (1x1/3x1) UPS System. 17
DG-Set 10 KVA , Qty=17 , Per location-1
Swadeshi Genset 10Kva 17
11
BHQ VC Polycom ,
Polycom 7230-60888-036 RealPresence Debut - 1080p: all-in-one HD codec 17
5.3.BHQ (BOM)
BHQ VC Polycom , 166 Nos , Per location 1 Debut
Polycom 7230-60888-036 RealPresence Debut - 1080p: all-in-one HD codec 149
BHQ Core Router, Qty=166 , Per location=1
Part Code Description Quantity
SRX345 Services Gateway includes hardware 166
(16GE, 4x MPIM slots, 4G RAM, 8G Flash, dual
SRX345-SYS-
Juniper AC power supply, cable and RMK) and Junos
JB-2AC
Software Base (Firewall, NAT, IPSec, Routing,
MPLS and Switching).
SRX-MP- RoHS compliant 1 port T1E1, MPIM form factor
Juniper
1T1E1-R supported on SRX300 and SRX550 166
SRX-SFP-1GE-
Juniper 1GE SFP Optical Transceiver,SX
SX 166
BHQ Switch , Qty=166 , Per Location =1
Part Code Description Qunatity
EX4300, 24-Port 10/100/1000BaseT + 350W AC
Juniper EX4300-24T 166
PS
EX4300, 350W AC Power Supply (Power Cord
JPSU-350-AC-
Juniper needs to be ordered separately), PSU-Side Airflow 166
AFO
Exhaust
Network Racks Qty=166 , per location One 12 U Rack
Netrack NETRACK 12 U Rack 166
UPS 3 Kva =166 , Per Location =1
Liebert GXT RT+ 3 kVA ,Long Backup UPS
Netrack 166
System
DG-Set 7.5 Kva, Qty=166 , Per location-1
Swadesh
i Genset 7.5kVA 166
AVAYA IP PHONES Qty =166, Per BHQ 1 phone
Avaya 700512602 GLOBAL SNGL PT POE INJECTOR KIT 166
Avaya 700513638 J129 IP PHONE GLOBAL 166
12
6. Network Overview
6.1. Network Topology
ARSWAN proposed the network design comprising the Network, Security and Server
component will be based on industry standard.
Internet Router: This layer will be used for the connectivity of Internet to SHQ via ISP .
Internet ISP will terminate the connection On Internet Router.
Firewall: A firewall protects the Network by acting as a gate through which all data pass.
It will protect the network from Unauthorized users and safeguard your data from attack.
The firewall connectivity would be with the Internet and MPLS Router.
MPLS Router: This layer will aggregate all traffic from DHQ and SHQ. MX-104 will make
up the Core Router Connectivity with MPLS Network
Core Switch: This layer will aggregate the various network like Servers , Computer in
SHQ .
MPLS Router : This layer will aggregate all traffic from DHQ and SHQ . MX-104 will
make up the Core Router Connectivity with MPLS Network
Core Switch : This layer will aggregate the various network like Servers , Computer in
SHQ .
MPLS Router: This layer will aggregate all traffic from DHQ and SHQ . SRX-550 will
make up the Core Router Connectivity with MPLS Network
13
Core Switch: This layer will aggregate the various network like Servers , Computer in
SHQ .
14
6.2.SHQ
SHQ will have the connectivity from Internet and Point to Point with ISP .
At SHQ, an Internet will be connected on Internet router and internet router will
be connected over Firewall.
Point to Point link will be terminate on MX-104 (ie. Core Router).
Both the router would be terminating on firewall in SHQ Data Center. and SHQ
would relate to the Core switch which will be segregate the Servers Zone.
Firewall will be connected to core switch, which will filter the Internet packets.
IP telephony and Video Conferencing equipment will be connected on core
switch and services will be provisioned in SWAN networks for users.
Statewide Area Network WAN connection will be terminated on Core router and
core router will be connected on core switch.
On core switch VLAN will be created for Internet and SWAN network and
accordingly Server and Application services will be provisioned.
Servers (NMS Server, AAA Server, Application Server etc...) and Management
users will be connected to Core switch directly.
15
6.2.1. Network Diagram
16
6.3.2. DHQ Location
S. No. Districts
1 Changlang
2 Itanagar Capital Complex
3 Itanagar Capital Complex
4 Papum Pare
5 East Siang
6 Lower Dibang Valley
7 Lower Subansiri
8 Tawang
9 Tirap
10 West Siang
11 Lohit
12 West Kameng
13 Lower Siang
14 Namsai
15 Longding
17
16 Kra Daadi
17 Upper Subansiri
18 Upper Siang
18
6.4.2. BHQ Location
2 Changlang Bordumsa
3 Changlang Nampong
4 Changlang Jairampur
5 Changlang Kharsang
6 Changlang Diyun
18 Tawang Jang
19 Tawang Lumla
20 Tawang Mukto
21 Tawang Dudungar
22 Tawang Zemithang
23 Tawang Kitpi
24 Tawang Bongkhar
25 Tawang Thingbu
26 Tirap Deomali
19
27 Tirap Laju
28 Tirap Dadam
29 Tirap Soha
30 West Siang
31 Lohit Wakro
32 West Kameng Rupa
33 West Kameng Bhalukpong
34 West Kameng Shergaon
35 West Kameng Balemu
35 Lower Siang
37 Namsai Piyong
38 Namsai Lathao
39 Namsai Lekang
40 Namsai Chowkham
41 Longding
42 Kra Daadi
43 Upper Subansiri
44 Upper Siang
There are the department which would be comes under the BOQ
20
12 Economics & Statistics Economics & Statistics, Statistics Colony,
Vivek Vihar, Itanagar
13 Election ESS Sector (Near Ganga), Itanagar
14 PHE & WS(Design & Planning) Itanagar
15 Fire & Emergency Services Fire & Emergency Services, Jully Road,
Ganga, Itanagar
16 Gazetteers Chimpu(Near VKV), Itanagar
17 Health Services (TRIHMS) Naharlagun
18 Family Welfare Family Welfare, C Sector (Near IGNOU),
Naharlagun
19 Horticulture Chimpu, Itanagar
20 PHE & WS Itanagar
21 Industries C Sector Itanagar
22 IPR IPR, Naharlagun
23 Printing & Stationery Papu Nallah, Naharlagun
24 Labour & Employment Labour & Employment, Itanagar
25 Legal Metrology & Consumer Legal Metrology & Consumer Affairs, C
Affairs Sector, Itanagar
26 Panchayat Raj ESS Sector, Itanagar
27 Planning E Sector, Itanagar
28 Power Electrical(CEZ) O Point, Itanagar
(Transmission, Planning &
Monitoring)
29 Power (Eastern Electrical Zone) O Point, Itanagar
30 Cultural Affairs (Public Libraries) ESS Sector, Itanagar
31 Public Works Department O Point, Itanagar
32 Rural Development ESS Sector, Itanagar
33 Rural Works Department Near Police Station (Bank Tinali), Itanagar
(Western Zone)
34 Higher & Technical Education E Sector, Itanagar
35 Secondary Education E Sector, Itanagar
36 Social Justice, Empowerment Circuit House, Itanagar
and Tribal Affairs (SJETA)
37 Sports Chimpu, Itanagar
21
38 Land Management ESS Sector, Itanagar
39 Tax & Excise C Sector, Itanagar
40 Trade and Commerce C Sector, Itanagar
41 Tourism ESS Sector, Itanagar
42 Urban Development & Housing Mowb II, Itanagar
43 Textile & Handicraft Textile & Handloom, C Sector, Itanagar
44 Women & Child Development Women & Child Development, Banquet Hall,
Itanagar
45 Police PHQ, Chimpu, Itanagar
46 Skill Development & Skill Development, C Sector, Itanagar
Entrepreneurship
47 APEDA Niti Vihar, Itanagar
48 Transport Naharlagun
49 Law AP Civil Secretariat, Itanagar
50 CEO Office ESS Sector, Near Land Management,
Itanagar
1 SP Office Department of Police
2 DMO Office DMO Office
3 DDSE Office DDSE Office
4 District Agriculture Office DAO Office
5 PWD Office PWD Office
7. Hardwar Overview
7.1.MX-104
The SDN-ready MX104 Universal Routing Platform is a modular, highly redundant, and full-
featured platform built for space- and power-constrained service provider and enterprise
facilities.
The MX-104 offers 160 Gbps of capacity, a redundant control plane for high availability, as
well as four fixed 10GbE ports and four Modular Interface Card (MIC) slots for flexible
22
network connectivity and virtualized network services. Optimized for mobile applications and
central office deployments, the MX104 is also ETSI 300 compliant, environmentally
hardened for deployment in outside cabinets and remote terminals and supports advanced
timing features.
Powered by Junos OS and the programmable Trio chipset, the MX104 shares the same
advanced routing, switching, security, and service features that are available in large MX
Series platforms, including support for a wide range of L2/L3 VPN services and advanced
broadband network gateway functions.
23
8 1-PPS and 10-MHz GPS input and output 17 MIC slots 0/0 and 1/0
ports
9 ESD point
The MX104 router contains a front panel with slots in which you can install field-replaceable
units (FRUs). From the front of the chassis, you can see the following components :
• Alarm console port labeled ALARM, which accepts a DE-15 alarm cable.
• Alarm LEDs that indicate major or minor alarms.
• Built-in 10-Gigabit Ethernet MIC with four ports that accept 10-Gigabit Ethernet SFP+
transceivers.
• ONLINE/OFFLINE button.
• Chassis status LED labeled SYS OK
• External building integrated timing system (BITS) port labeled EXT REF CLOCK
• Time-of-day (TOD) port
• External clocking ports supporting 1-PPS and 10-MHz input and output
• ESD point
• Fan tray, which contains five fans and an air filter
• Four slots for installing MICs
• Two slots for installing either AC or DC power supplies, labeled PS 0 and PS 1
• Two slots for installing Routing Engine, labeled RE 0 and RE
7.2.SRX-550
The SRX550 Services Gateway is a mid-range dynamic services gateway that consolidates
network infrastructure and security applications for regional offices, large branch offices, and
small to medium enterprises. The services gateway provides cost-effective, scalable integration
of routing, security, and other mid-range applications for these sites.
The SRX550 Services Gateway has a modular 2U chassis that fits a 19-inch rack with a depth
of approximately 18.1 inches.
24
• Symmetric Multiprocessing-based data forwarding.
• Hardware-based control and data plane separation.
• Six on-board 10/100/1000Base-T Gigabit Ethernet ports.
• Four on-board SFP Gigabit Ethernet ports.
• Support for dual AC or dual DC power supplies with a redundant configuration in the
chassis. 645 W AC and DC power supplies with or without Power over Ethernet (PoE)
support. The AC and DC power supplies are hot-swappable.
• Junos OS support for advanced security and routing services on the Services and
Routing Engine (SRE).
• The services gateway supports Gigabit-Backplane Physical Interface Modules (GPIMs)
and also Mini Physical Interface Modules (Mini-PIMs)
25
3 USB Console Port Left side of the Connects a laptop to the services gateway
front chassis for CLI management through a USB
pane interface. The port accepts a Mini-B type
USB cable plug. A USB cable with Mini-B
and Type A USB plugs is supplied with the
services gateway. To use the USB console
port, you must download a USB driver to the
management station from the Juniper
Networks website.
4 AUX Port Left side of the Note:-The Auxiliary port is not supported on
front chassis the SRX550 Services Gateway.
panel
5 2 Mini-PIM slots Left side of the Both slots support Mini-PIMs.
numbered 1 and 2 front chassis
panel
6 6 GPIM slots Front chassis All slots support GPIMs.
numbered 3 through 8. panel Slot 3 supports 10-gigabit XPIMs.
Slot 6 supports 20-gigabit XPIMs.
Slots 3, 4, 6, and 8 support PoE.
7 Mounting brackets Sides of Rack-mounting brackets attached when the
chassis services gateway is mounted on a rack.
The mounting brackets are used to attach
the services gateway to a rack or cabinet.
8 Electrostatic discharge Left side of the While working on the services gateway, use
(ESD) outlet front chassis the ESD outlet to plug in an ESD grounding
panel strap to prevent your body from sending
static charges to the services gateway, which
will damage the device.
9 USB 0 and USB 1 Left side of the The services gateway has two USB ports,
ports front chassis labeled USB 0 and USB 1, that accept a
panel USB storage device. These USB ports
accept USB flash drives with Type A plugs.
When the USB drive is installed and
26
configured, it automatically acts as the
secondary boot device if the primary
CompactFlash card fails on startup.
10 Power button Left side of the Use the Power button to shut-down the
front chassis services gateway. On a services gateway
panel that has been previously shut down using the
Power button, when the power button is
pressed again the services gateway starts
up.
11 RESET CONFIG Left side of the Returns the services gateway to the rescue
Button front chassis configuration or the factory default
panel configuration.
12 6 fixed Gigabit Left side of the The Gigabit Ethernet ports have the following
Ethernet ports: front chassis characteristics:
Port labeled 0/0 panel, lower Use an RJ-45 connector.
Port labeled 0/1 edge Operate in full-duplex and half-duplex
Port labeled 0/2 modes.
Port labeled 0/3 Support flow control.
Port labeled 0/4 Support auto-negotiation.
Port labeled 0/5 The Gigabit Ethernet ports can:
Function as front-end network ports.
Provides link speeds Provide LAN and WAN connectivity to
of 10/100/1000 Mbps. hubs, switches, local servers, and
workstations.
Forward incoming data packets to the
services gateway.
Receive outgoing data packets from
the services gateway.
13 4 SFP Ethernet ports: Middle of the The SFP Ethernet ports have the following
Port labeled 0/6 front chassis characteristics:
Port labeled 0/7 panel, lower Operate in full-duplex and half-duplex
Port labeled 0/8 edge modes.
27
Support auto-negotiation.
Provides link speeds The SFP Ethernet ports can:
of 10/100/1000 Mbps. Function as front-end network ports
Provide LAN and WAN connectivity to
hubs, switches, local servers, and
workstations.
Forward incoming data packets to the
services gateway.
Receive outgoing data packets from
the services gateway.
28
The following power supplies are
available:
645 W AC power supply with PoE
power
645 W DC power supply with PoE
power
2 ACE Slot Top center of the NOTE: This slot is not used.
back panel
3 Grounding point Left side of the Contains two M4screws that you use
back panel to connect the grounding cable to the
services gateway chassis
4 Storage slot Center of the Slot where you can install an extra
back panel, data storage device.
lower edge
5 Electrostatic discharge Right side of the Connector for an ESD wrist band.
(ESD) outlet back panel
6 Air filter cover Right of the back Provides access to the optional air
panel filter.
7.3.EX-9208
Juniper Networks EX9208 Ethernet Switches provide high performance, scalable connectivity,
and carrier-class reliability for high-density environments such as campus-aggregation and
data-center networks. The EX9208 switch has a throughput of up to 4.8 terabits per second
(Tbps) or up to 240 gigabits per second (Gbps) per slot full duplex. The EX9208 switch is a
modular system that provides high availability and redundancy for all major hardware
components, including Routing Engine modules (RE modules), Switch Fabric modules (SF
modules), fan tray (redundant fans), and power supplies.
It can manage EX9208 switches by using the same interfaces that you use for managing other
devices running the Juniper Networks Junos operating system (Junos OS)—the CLI, the
Network and Security Manager (NSM), and Junos Space.
29
and combined campus and data center network environments by collapsing network layers. In
a multi-chassis link aggregation (MC-LAG) configuration in the campus, you can use EX9208
switches to eliminate Spanning Tree Protocol (STP); they collapse the core and aggregation
layers, thereby simplifying the network architecture and network operations. In a data center,
you can use EX9208 switches to collapse core and aggregation layers. In combined campus
and data center environments, EX9208 switches consolidate network layers to simplify the
network architecture and operations.
The EX9208 switch is eight rack units (8 U) in size. Five EX9208 switches can fit in a standard
48 U rack. Each EX9208 switch is designed to optimize rack space and cabling.
30
Fig: Rear View of an EX9208 Switch
The Juniper Networks EX9208 Ethernet Switches are available as fully redundant system. A
redundant EX9208 switch configuration is designed so that no single point of failure can cause
the entire switch to fail.
Host Sub-system:- The host sub-system consists ofa Routing Engine functioning
together with a Switch Fabric. The host subsystem performs switching and routing
functionality, system management, and system control functions of the switch. The
switch can have one or two host subsystems. If two host subsystems are installed, one
functions as the master and the other functions as the backup. If the master host
subsystem (or either of its components) fails, the backup can take over as the master.
To operate, each host subsystem requires a Routing Engine module (RE module)
installed directly into in a Switch Fabric module (SF module).
31
If the Routing Engines are configured for graceful switchover, the backup Routing
Engine automatically synchronizes its configuration and state with the master Routing
Engine. Any update to the master Routing Engine state is replicated on the backup
Routing Engine. If the backup Routing Engine assumes mastership, packet forwarding
continues through the switch without interruption.
Power supplies: -In the low-line (100 V) AC power configuration, the switch contains
three or four AC power supplies, located horizontally at the rear of the chassis in slots
PEM0 through PEM3 (left to right). Each AC power supply provides power to all
components in the switch. When three power supplies are present, they share power
almost equally within a fully populated system. Four AC power supplies provide full
power-redundancy. If one power supply fails or is removed, the remaining power
supplies instantly assume the entire electrical load without interruption. Three power
supplies provide the maximum configuration with full power for as long as the switch is
operational.
Cooling system—The cooling system in EX9208 switches consists of fan tray and air
filter. The fan tray contains six fans. Under normal operating conditions, the fans in the
fan tray run at less than full speed. If one of the fans fails, the host subsystem increases
the speed of the remaining fans to provide sufficient cooling for the switch indefinitely.
Line Card: The EX9208 switch has six horizontal line card slots and supports line rate
for each line card. The line cards in EX9208 switches combine Packet Forwarding
Engine and Ethernet interfaces in a single assembly. Line cards are field-replaceable
units (FRUs) that you can install in the line card slots—labeled 0 through 5—on the front
of the switch chassis. All line cards are hot-removable and hot-insertable.
32
Fig: Craft Interface
Fan LEDs
33
Power Supply (PEM) LEDs
Each power supply has two LEDs on the craft interface that indicate its status. The LEDs—
labeled 0 through 3—are located on the craft interface next to the PEM label.
Each Switch Fabric module has two LEDs on the craft interface that indicates its status. The
LEDs—OK and FAIL—are associated with control buttons and are located along the bottom of
the craft interface. You can turn the SF modules on or off by pressing these buttons on the craft
interface.
Each line card has two LEDs—OK and FAIL—on the craft interface that indicates its status.
The line card LEDs are associated with control buttons and are located along the bottom of the
34
craft interface. You can turn a line card online or offline by using its control button on the craft
interface.
Two large alarm LEDs are located at the upper right of the craft interface. The circular LED
called major alarm LED glows to indicate a critical condition that can result in a system
shutdown. The triangular LED called minor alarm LED glows to indicate a less severe condition
(warning) that requires monitoring or maintenance. Both LEDs can be lit simultaneously.
35
7.3.3. Craft Interface in EX-9208
The midplane is located on the rear of the chassis and forms the rear of the card cage. The
Switch Fabric modules (SF modules) and line cards are installed into the midplane from the
front of the chassis, and the power supplies install into the midplane from the rear of the
chassis. The cooling system components also connect to the midplane.
Provides a data path—Data packets are transferred across the midplane between the
line cards through the Switch Fabric on the host subsystem.
Distributes power—The power supplies connect to the midplane, which distributes
power to all the switch components.
Provides a signal path—The midplane provides the signal path to the line cards, Switch
Fabric, and other system components for monitoring and control of the system.
36
Fig: Fan Tray for an EX9208 Switch
The air intake to cool the chassis is located on the side of the chassis next to the air filter. Air is
pulled through the chassis toward the fan tray, where it is exhausted out through the side of the
chassis. The air intake to cool the power supplies is located in the front of the chassis above
the craft interface.
37
38
7.4.EX4300-24T
Juniper Networks EX4300 Ethernet Switches provide connectivity for high-density
environments and scalability for growing networks. These switches can be deployed wherever
you need high density of Gigabit Ethernet ports or redundancy. Typically,EX4300 switches are
used in large branch offices, campus wiring closets, and data centers. In data centers,EX4300
switches can be positioned as top-of-rack switches; the top devices in a rack to provide
connectivity for all the devices in the rack and provide options for optimized airflow (hot
aisle/cold aisle).
Three variants of the EX4300 switches are available—24-port, 32-port, and 48-port switches,
with or without PoE+, with AC or DC power supplies, and with different airflow directions.
EX4300 switches also provide uplink ports and a slot for installing an optional uplink module.
Benefit
Compact solution—The EX4300 switch is a modular single rack unit device that is an apt
solution for crowded wiring closets and access switch locations such as data center, campus,
and branch office environments. It provides carrier-class reliability of modular systems with the
economics and flexibility of stackable platforms.
Support for Virtual Chassis—EX4300 switches support Virtual Chassis technology. You can
interconnect up to 10 EX4300 switches to form a Virtual Chassis.
Support for MACsec—EX4300 switches support IEEE802.1AE MACsec, providing support for
link-layer data confidentiality, data integrity, and data origin authentication. The MACsec
feature enables EX4300 to support 88 Gbps of near line-rate hardware-based traffic encryption
on all Gigabit Ethernet and 10 Gigabit Ethernet ports.
39
whereas EX4300-24T has no PoE+ ports. 24-port EX4300 switches support AC power supply
and fan module with front-to-back airflow direction and have a slot for installing an optional 4-
port 10-Gigabit Ethernet SFP+ uplink module (model number:EX-UM-4X4SFP),which as
four10-GigabitEthernet small form-factor pluggable plus (SFP+) ports that can house four 10-
gigabit small form-factor pluggable (SFP+) transceivers, four 1-gigabit small form-factor
pluggable (SFP) transceivers, or a combination of four SFP+ and SFP transceivers.
40
6—Fan module in slot 1 13—Console port
7—AC power supply in slot 0
41
degradation.
SYS (System) Green On steadily—Junos OS for EX Series switches has
been loaded on the switch.
Blinking(notapplicableforEX4300-48MPandEX4300-
48MP-Sswitches)—The switch is booting.
Unlit switches is powered off or is halted.
The management port, labeled MGMT, on the rear panel of an EX4300 switch, has two LEDs
that indicate link activity and status of the management port. Figure 28 on page 70 shows the
location of Management port on a 24-port EX4300 switch. The location of the LEDs and their
behavior are similar for all EX4300 switches except EX4300-48MP andEX4300-48MP-S
switches.
42
Fig: LEDs on the Management Port on a 24-Port EX4300 Switch
Fan Modules
In the EX4300 switches the fan modules are hot-insertable and hot-removable field-replaceable
units (FRUs).
43
Fig: Fan Module Used in EX4300 Switches
Airflow
In the EX4300 switch models that have front-to-back airflow, the air intake to cool the chassis is
through the vents on the front panel of the switch and hot air exhausts through the vents on the
rear panel
Each switch has a status LED for each fan module next to the fan module slot on the rear panel
of the chassis. The Status LED indicates the status of the fan module.
44
normally.
• The airflow direction of the fan module
does not match with the airflow direction of
other components.
7.5.SRX 345
Best suited for midsize to large, distributed enterprise branch offices ,the SRX345 Services
gateway consolidates security, routing, switching, and WAN connectivity in a 1 U form factor.
The SRX345 supports up to 5 Gbps firewall and 800 Mbps IPsec VPN in a single, consolidated,
cost-effective networking and security platform.
The SRX345 Services Gateway has a capacity of 5 gigabits per second (Gbps) and is 1 rack
unit (U) tall. The services gateway has eight 1 G Ethernet ports, eight 1 G SFP ports, one
45
management port , 4 GB of DRAM memory, 8 GB of flash memory, and four Mini-Physical
Interface Module (Mini-PIM) slots.The chassis installs in standard800–mm (orlarger) enclosed
cabinets,19in. equipment racks, or telecommunications open-frame racks.
The SRX345 Services Gateway runs the Junos operating system(Junos OS).
The services gateway must be connected to earth ground during normal operation. The
protective earthing terminal on the side of the chassis is provided to connect the services
gateway to ground.
46
t
1 Reset Config button Returns the services gateway to the rescue configuration or
the factory-default configuration.
2, 8 Console ports Serial—Connects a laptop to the services gateway for
CLI management. The port uses an RJ-45 serial
connection and supports the RS-232 (EIA-232)
standard.
USB—Connects a laptop to the services gateway for
CLI management through a USB interface. The port
accepts a Mini-B type USB cable plug. A USB cable
with Mini-B and Type A USB plugs is supplied with the
services gateway
3 Management port Use the management (MGMT) port to connect to the device
over the network.
4 Mini-PIM slots Four slots for Mini-PIMs. The Mini-PIM slots can be used to
provide LAN and WAN functionality along with connectivity
to various media types.
5 ESD point For personal safety, while working on the services gateway,
use the ESD outlet to plug in an ESD grounding strap to
prevent your body from sending static charges to the
services gateway
6 1 G SFP ports Eight 1 G smallform-factor pluggable (SFP) ports for
network traffic.
7 1 G Ethernet ports Eight Gigabit Ethernet LAN ports (0/0 to 0/7)
The Gigabit Ethernet ports have the following
characteristics:
Use an RJ-45 connector
Operate in full-duplex and half-duplex modes
Support auto-negotiation
9 USB port The services gateway has one USB port that accepts a
USB storage device
10 LEDs Indicate component and system status, and troubleshooting
information at a glance.
47
11 Power button Use the Power button to shut down the services gateway.
48
Fig: SRX345 Services Gateway Front Panel LEDs
Component Description
ALARM Solid amber (noncritical alarm)
Solid red (critical alarm)
Off (no alarms)
STAT Solid green (operating normally)
Solid red (error detected)
PWR Solid green (receiving power)
Solid amber (Power-off triggered)
Off (no power)
HA Solid green (all HA links are available)
Solid amber (some HA links are unavailable)
Solid red (HA links are not functional)
Off (HA is disabled)
mPIM1 , mPIM2, mPIM3, and Solid green (Mini-PIM is functioning normally)
mPIM4 Solid red (Mini-PIM hardware failure)
Off (Mini-PIM is not present or Mini-PIM is not detected by
the device)
49
LED Description
Link (LED on the left) Solid green—There is link activity.
Off—There is no link established.
Activity (LED on the right) Blinking green—There is activity on the link.
Off—There is no link established.
50
Fig: Airflow Through the SRX345 Services Gateway Chassis
51
7.6.Fortigate 500 E
The FortiGate 500E series delivers next generation firewall capabilities for mid-sized to large
enterprises, with the flexibility to be deployed at the campus or enterprise branch. Protect
against cyber threats with security processor powered high performance, security efficacy and
deep visibility.
Security:-
Identifies thousands of applications inside network traffic for deep inspection and
granular policy enforcement
Protects against malware, exploits, and malicious websites in both encrypted and non-
encrypted traffic
Prevent and detect against known and unknown attacks using continuous threat
intelligence from AI powered FortiGuard Labs security services
Performance
Delivers industry’s best threat protection performance and ultra-low latency using
purpose built-security processor (SPU) technology
Provides industry-leading performance and protection for SSL encrypted traffic
Networking
Best of Breed SD-WAN capabilities to enable application steering using WAN path
control for high quality of experience
Delivers advanced networking capabilities, high-performance, and scalable IPsec VPN
capabilities to consolidate networking and security
Management
52
Security Fabric
53
7.6.1. FG-500E Chassis
54
Fig: FG-500E Back Panel
55
7.7.Think System SR 630
Lenovo ThinkSystem SR630 is an ideal 2-socket 1U rack server for small businesses up to
large enterprises that need industry-leading reliability, management, and security, as well as
maximizing performance and flexibility for future growth. The SR630 server is designed to
handle a wide range of workloads, such as databases, virtualization and cloud computing,
virtual desktop infrastructure (VDI), infrastructure security, systems management, enterprise
applications, collaboration/email, streaming media, web, and HPC.
Featuring the Intel Xeon Processor Scalable Family, the SR630 server offers scalable
performance and storage capacity. The SR630 server supports up to two processors, up to 3
TB of 2666 MHz TruDDR4 memory, up to 12x 2.5-inch or 4x 3.5-inch drive bays with an
extensive choice of NVMe PCIe SSDs, SAS/SATA SSDs, and SAS/SATA HDDs, and flexible
I/O expansion options with the LOM slot, the dedicated storage controller slot, and up to 3x
PCIe slots.
The SR630 server offers basic or advanced hardware RAID protection and a wide range of
networking options, including selectable LOM, ML2, and PCIe network adapters. The next-
generation Lenovo XClarity Controller, which is built into the SR630 server, provides advanced
service processor control, monitoring, and alerting functions.
Key features
Combining performance and flexibility, the SR630 server is a great choice for small and
medium businesses up to the large enterprise. It can provide outstanding uptime to keep
business-critical applications and cloud deployments running safely. Ease of use and
comprehensive systems management tools help make deployment easier. Outstanding
reliability, availability, and serviceability (RAS) and high-efficiency design improve your
business environment and help save operational costs.
Scalability and performance
56
The SR630 server offers numerous features to boost performance, improve scalability, and
reduce costs:
Improves productivity by offering superior system performance with the Intel Xeon
Processor Scalable Family with up to 28-core processors, up to 38.5 MB of last level
cache (LLC), up to 2666 MHz memory speeds, and up to 10.4 GT/s Ultra Path
Interconnect (UPI) links.
Support for up to two processors, 56 cores, and 112 threads allows to maximize
the concurrent execution of multithreaded applications.
Intelligent and adaptive system performance with energy efficient Intel Turbo
Boost 2.0 Technology allows CPU cores to run at maximum speeds during peak
workloads by temporarily going beyond processor thermal design power (TDP).
Intel Hyper-Threading Technology boosts performance for multithreaded
applications by enabling simultaneous multithreading within each processor core,
up to two threads per core.
Intel Virtualization Technology integrates hardware-level virtualization hooks that
allow operating system vendors to better utilize the hardware for virtualization
workloads.
Intel Advanced Vector Extensions 512 (AVX-512) enable acceleration of
enterprise-class and high performance computing (HPC) workloads.
Helps maximize system performance for data intensive applications with up to 2666 MHz
memory speedsand up to 3 TB of memory capacity (with the processors that support 1.5
TB per socket).
Offers flexible and scalable internal storage in a 1U rack form factor with up to 12x 2.5-
inch drives for performance-optimized configurations or up to 4x 3.5-inch drives for
capacity-optimized configurations, providing a wide selection of SAS/SATA HDD/SSD and
PCIe NVMe SSD types and capacities.
Provides flexibility to use SAS, SATA, or NVMe PCIe drives in the same drive bays with a
unique AnyBay design.
Provides I/O scalability with the LOM slot, PCIe 3.0 slot for an internal storage controller,
and up to three PCI Express (PCIe) 3.0 I/O expansion slots in a 1U rack form factor.
57
Reduces I/O latency and increases overall system performance with Intel Integrated I/O
Technology that embeds the PCI Express 3.0 controller into the Intel Xeon Processor
Scalable Family.
The following figure shows the front of the SR630 server with four 3.5-inch drive bays.
58
The rear of the SR630 server includes the following components:
Up to three PCIe expansion slots (depending on the riser cards selected).
One LOM card slot.
One 1 GbE port for XClarity Controller.
One VGA port.
Two USB 3.0 ports.
Up to two hot-swap power supplies.
7.8.Polycom RPCS1830
Using RealPresence Group Series with the Polycom RealPresence Platform increases the
effectiveness and productivity of visual communications. The RealPresence Platform acts
as the unifying hub in your unified communications environment and works through open
standards-based interoperability with communications and business applications from
hundreds of vendors. The five-pillar platform makes video and voice collaboration simple in
any environment: Universal Video Collaboration, Video Resource Management,
Virtualization Management, Universal Access and Security, and Video Content
Management.
The RealPresence Platform acts as the unifying hub in your unified communications
environment and
works via open standards-based interoperability with communications and business
applications from
hundreds of vendors.
Eliminates collaboration silos caused by systems that don’t talk to each other including
support for emerging standards such as SVC
Facilitates customization through the industry’s most robust suite of APIs for tight integration
into OSS/BSS systems for scheduling, billing, provisioning, and monitoring
Supports up to 25,000 sessions and 75,000 devices in a single video event—at least five
times more than other video platforms
Saves up to 50% of the network bandwidth used by other video platforms
Is standards-based and natively interoperable with UC solutions that already exist in a
customer network, and with third-party vendor solutions, giving customers the best
investment protection in the industry.
59
Summarizing its Features and Benefits
60
complexity by offering the only hybrid solution that natively supports the existing 2M+ AVC
(Advanced Video Coding) based
endpoints and new media routing technology, SVC (Scalable Video Coding). The seamless
support of multiple standards and protocols allows organizations to cost-effectively conduct
wide scale multipoint video calling. Other solutions require gateways or multiple solutions
stitched together which introduces network risks and cost.
61
Green - The system works normally, either in single
mode, or as the master MCU in the hot backup mode
Flickering green - The system works normally, as the
slave MCU in the hot backup mode
5 PWR LED Green - Power normal
Red - Power alarms
6 ON/OFF Turn the RealPresence Collaboration Server 1800 System
button on or off
The RealPresence Collaboration Server (RMX) 1800 rear panel contains built-in power and fan
units, USB,LAN, serial and PRI ports.
62
is enabled, LAN 1is used for both management, media and
signaling network connection.
7 LAN 2 For media and signaling network connection; when LAN
redundancy is enabled, LAN 2 is the backup of LAN 1 port.
8 PRI 3 Note: The ISDN module with PRI ports is only available on
Polycom Firewall Traversal and Security solutions make it easier for users inside or outside the
firewall to collaborate via video safely with anyone in the organization, whether they are in a
secure environment at the office or an unsecure environment at home or on the go in a hotel.
This brings highly scalable video conferencing to applications such as B2B, B2C, and intra-
company collaboration.
For example, IT can easily and effectively deploy, configure, and manage RealPresence
Access Director while reducing the cost of supporting the growing number of video-enabled
workers in the organization without compromising network security. Remote users can securely
and transparently access video services and collaborate with colleagues, customers, and
partners from virtually anywhere, with the same functionality they get in the office. Also,
customers, partners, and vendors can join a video meeting as a guest user or over a federated
network. By providing a seamless video collaboration experience, Polycom lets organizations
focus on what really matters—connecting people, networks, and companies.
63
SIP/H.323 combined support—a single-server application that combines the guest user
and B2B calling scenarios with SIP and H.323 capabilities to enable a seamless video
collaboration experience within and beyond the firewall.
Secure collaboration from anywhere—collaborate via video while on-the-go, in the office,
or at home.
Reduce the cost to scale—support up to a thousand simultaneous video calls securely
without requiring additional client hardware or software.
Investment protection now and for the future—leverage existing investments in UC
products and IT infrastructure as you migrate towards a SIP-based future.
Secure scalability for mobile deployments—easily, securely, and reliably extend video
collaboration to your mobile workforce.
Polycom Video Resource Management solutions are critical to effectively manage thousands of
mobile, desktop, and group telepresence systems.
Administrators can centrally provision, monitor, and manage the entire video collaboration
network with the Resource Manager. Through dynamic provisioning, it automatically configures
and maintains thousands of video clients at pre-determined software baselines. This eliminates
having a variety of software releases in the field, fixing end-user configuration mismatches,
being uncertain about the quality of video being provided, and other typical management
issues.
Built-in reports, application dashboards, and drill-down tabs ensure you can instantly access
troubleshooting and operational metrics.
Scalability to 10,000 devices, to effectively manage large numbers of mobile, desktop,
and group telepresence systems
Easy administration through comprehensive device monitoring, provisioning,
management, and software revision control.
Directories and presence engines that simplify dialing
64
video endpoints, including both high definition telepresence and legacy video conferencing
systems.
The Resource Manager system is an integrated scheduling and device management platform
for video conferencing that can include these features:
The Polycom RealPresence Desktop client—an easy-to-use video and audio-conferencing
application that lets your users see and hear the people they call on their desktop system.
Automatic device provisioning for dynamically managed Polycom RealPresence
Desktop clients and Polycom and third-party room systems
Conference scheduling directly on the MCU pool via the Polycom Web Scheduler
Scheduled device provisioning for standardly managed and legacy devices
Automatic device software updates for dynamically managed Polycom RealPresence
Desktop clients and Polycom and third-party room systems
Scheduled device software updates for standardly managed and legacy devices
On-demand conferencing using embedded MCUs or external MCUs
Advanced routing to distribute audio and video calls across multiple media servers
(MCUs), creating a single seamless resource pool
Firewall management capabilities which enable videoconferencing across firewalls
Access to global user and room directories for on-demand and scheduled calls.
65
collaboration networks. Using a highly reliable and scalable processing architecture, the
RealPresence Virtualization Manager unifies collaboration networks, services, and devices by
providing integrated call control and virtualizing bridging resources for a seamless user
experience. When coupled together in a video network, the RealPresence Resource Manager
and Virtualization Manager can be tightly integrated into operational systems for scheduling,
billing, provisioning, and monitoring through the industry’s most robust and open suite of APIs.
Unlike competitive solutions, DMA provides the highest UC support, geographical redundancy,
resiliency, scale and maximum resource utilization for world class services.
Integrate video collaboration with management application API suite for custom application
development—Companies benefit from end-user self-provisioning and management of
conferences, lower administration costs, and increased user productivity.
Key features of the DMA 7000 are:
Unifying Call Control, H.323 Gatekeeper, SIP Registrar, SIP Proxy, SIP-H.323 Gateway,
Session Border Control Routing
Bridge virtualization ,64 bridges - RMX, & Codian Intelligent load balancing & routing.
Class of Service Bandwidth Management
Resiliency & scale, Redundant Node, Geographical distribution of application servers
75,000 registrations 25,000 Concurrent calls , 64 bridges
The Polycom DMA system is a highly reliable and scalable multipoint conferencing solution. It
uses advanced routing policies to distribute audio and video calls among multiple MCUs,
creating a single resource pool. The system acts much like a virtual MCU, greatly simplifying
video conferencing resource management and improving efficiency.
The Polycom DMA system integrates with your enterprise directory, automating the task of
provisioning users for video conferencing. Combined with its advanced resource management,
this makes reservation less video conferencing on a large scale feasible and efficient, reducing
or eliminating the need for conference scheduling.
The Polycom DMA system’s ability to handle multiple MCU (up to 64) s as a single resource
pool makes it highly scalable. To expand the system, you can add MCUs on the fly without
impacting end users and without requiring re-provisioning and keeping the impact on your
network always optimized through the embedded native Bandwidth Management.
The Polycom DMA provides SIP Proxy and Registrar Functionality enabling Video
Telepresence Systems to connect via SIP protocol and H.323-SIP gateway functionality.
66
In addition, the Polycom DMA offers an embedded Gatekeeper functionality for H.323
endpoints.
The two-server configuration of the Polycom DMA system is designed to have no single point
of failure within the system that could cause the service to become unavailable. To support
this, the system is configured as a cooperative active/standby two-node cluster. Both servers
are actively registered and can immediately accept and process calls when one of the two
fails.
All current calls that are being routed through the failed node are terminated. The H.323 users
simply need to redial the same number as before while the SIP users will be reconnected
automatically. The gatekeeper automatically routes them to the remaining Polycom DMA
system server and they’re placed back into conference.
The Polycom DMA system continuously monitors the used and available resources on each
MCU. If an MCU suffers a catastrophic failure, the Polycom DMA system adjusts its internal
resource counts. All the calls and conferences on the failed MCU are terminated. But as in a
server failure, H.323 callers can dial back into the system using the exact same number that
they used for their initial dial-in, while SIP users are automatically reconnect. The Polycom
DMA system then relocates their new conference to the best available MCU (provided that
there is still sufficient MCU capacity remaining in the system).
The internal databases within each Polycom DMA system server are fully replicated to the
67
other node in the cluster. If a catastrophic failure of one of the database engines occurs, the
system automatically switches itself over to use the database on the other server.
The Polycom DMA can be deployed as a so-called super cluster which consists of a single or
duplicated DMA server in a pre-defined region. These servers have a steady communication
updating each other in real-time.
This assures that in case of a link failure between regions the isolated region stays
operational.
It also enhances the scalability of the DMA from 64 MCU’s supported on a single DMA to up
to 192 within a super-cluster supporting up to 25.000 active participants within the network.
DMA is at the core of Polycom Universal Bridging and redundant architecture,
allowing for:
• Highest Resiliency – Geographically distributed super clusters, eliminate single points
of failure for high availability
• Simplified Administration – Virtual personal meeting rooms are automatically
provisioned centrally, with minimal administrative effort
• Bridging Virtualization – Intelligent routing algorithms maximize resource utilization
and dynamically distribute calls.
68
• Intelligent recording – Through customizable virtual recording rooms, administrators can
set rules and logic including conference layouts, resolutions, routing to external servers
and CDNs to fully automate recording.
Benefits
Breakthrough simple user interface and Polycom ® Smart Pairing ™ so your employees can
start collaborating instantly with their mobile device.
Interoperable SVC delivers a wonderful experience even on bandwidth-limited networks
- High-performance architecture meets your most demanding needs today and into
the future.
69
Polycom® EagleEye Director II
Automatic people-tracking
By zooming in and framing active speakers, everyone will be able to clearly see vital facial
expressions and any subtle body language which allows for deeper engagement and more
effective meetings. Utilizing the latest in speaker tracking and facial recognition
technologies, EagleEye Director II continually scans the room and commands the cameras to
appropriately frame everyone in the room. When someone in the room starts to speak, the
system seamlessly transitions to an up-close view of that speaker, similar to a TV-production
experience.
Maintaining engagement with everyone in the room, not just the active speaker, is critical for
every meeting. EagleEye Director II does this seamlessly, keeping everyone connected by
highlighting the active speaker up close at the same time as providing a smaller view of the
whole group in one video stream.
Benefits
More engaging and less stressful meeting experience with automatic camera technology that
zooms in on an active speaker without anyone using a remote control.
See nonverbal cues up close & maintain context of the room with single stream video of both the
70
active speaker and everyone in the room.
Measure return on investment with powerful data analytics for IT administrators
Extend into larger rooms up to 10 m such as boardrooms, classrooms and assembly meeting
spaces.
Easy to upgrade existing video systems for immersive-like meeting experience
Get ready for your close-up with the only smart camera that makes every video conference a
true face-to-face experience.
Spaces and organizations of all sizes need enterprise-quality tools to keep up in today’s
increasingly competitive global market. RealPresence Debut delivers video collaboration that
is sharp, rich and reliable, with full 1080p HD quality you can count on.
Polycom® Lost Packet Recovery™ (LPR™) technology keeps your meetings clear and on
track, even though tough network conditions.
Stunning voice quality sounds as real as being there thanks to fine-tuning from the leading
experts in conferencing audio, while Polycom NoiseBlock™ technology keeps distracting
background sounds from interrupting your conversations. Sharing content is just as easy and
reliable. Simply plug a cable into your laptop to automatically start sharing or wirelessly
connect your mobile device to share and annotate.
Benefits
• Simple to set up and use
• Compact all-in-one design eliminates cable clutter
• Sharp, rich and reliable 1080p HD video collaboration
• Ensure everyone is in view with a camera specially designed for huddle rooms and other
71
smaller spaces
• Hear everyone clearly with innovative Polycom Noise Block technology and fine-tuned voice
quality
• Flexible control options using touch display interface or included remote control.
7.9.IP Telephony
7.9.1. Avaya Aura Communication Manager
Deploy an Avaya Aura® Communication Manager (CM) Main solution, configuration of one
G4x0 gateway and up to two digital trunk cards connecting to a single public switched
telephone network (PSTN) Service Provider or one SIP trunk group. Deliverables include
data gathering, license activation, software implementation and configuration, basic system
translations for trunking and network connectivity, testing and cutover support. The bundle
applies to a duplex configuration in a Customer provided VMware platform.
72
install and manage. Standard Services is a Plug and Play solution for Enterprises and Small
to Medium Businesses.
With this product, customers can benefit from Avaya’s extensive experience in SIP trunk
deployments and supporting large numbers of enterprise users. Avaya SBCE Standard
Services features the unique Signaling Manipulation module (SigMa module), which
dramatically simplifies the deployment of SIP trunks. The SigMa module streamlines
integration of SIP trunks into thousands of variations of enterprise SIP telephony
environments, greatly reducing implementation time. As a result, SIP trunk deployment in
many standard configurations can occur in 2 hours or less.
Avaya SBCE security products perform security functions using three interrelated and
complementary functional entities: signaling, media, and intelligence.
The Avaya SBCE servers are fully integrated, user-installable chassis.
Number Description
1 The power-on indicator lights when the system power is on. The power button
controls the power supply output to the system.
2 NMI button used to troubleshoot software and device driver errors when running
certain operating systems.
This button can be pressed using the end of a paper clip. Use this button only if
directed to do so by qualified support personnel or by the operating system
documentation.
3 The System identification buttons on the front and back panels can be used to
locate a particular system within a rack. When one of these buttons is pressed,
the LCD panel on the front and the system status indicator on the back flashes
blue until one of the buttons are pressed again.
73
Press to toggle the system ID on and off. If the system stops responding during
POST, press and hold the system ID button for more than five seconds to enter
BIOS progress mode.
To reset the iDRAC (if not disabled in F2 iDRAC setup) press and hold the button
for more than 15 seconds.
4 The video connector allows you to connect a VGA display to the system.
5 The LCD menu button allows you to navigate the control panel LCD menu
6 The LCD panel displays system ID, status information, and system error
messages. The LCD lights blue during normal system operation. When the
system needs attention, the LCD lights amber.
7 The USB management port or iDRAC managed USB port functions as a regular
USB port or provides access to iDRAC Direct features.
8 The USB 2.0 port allows you to insert USB devices to the system. The ports are
USB 2.0-compliant.
9 The information tag is a slide-out label panel, which allows you to record system
information, such as Service Tag, NIC, MAC address.
10 The hard drive slots enable you to install up to four 3.5–inch hot-swappable hard
drives or four 2.5–inch hot-swappable hard drives in 3.5–inch hard drive
adapters.
11 The optical drive slot enables you to install one optional SATA DVD-ROM drive
or DVD+/-RW drive.
74
Fig: Rear view of Dell R330 server
Number Description
1 Serial console connection is not supported on Dell R330 server. Use VGA
console connection for new installations.
2 The vFlash card slot enables you to connect the vFlash card.
3 The iDRAC port enables you to install a dedicated management port card.
4 The PCIe expansion card slots enable you to connect PCI Express expansion
cards
5 The power supply unit enables you to connect up to two 350W redundant AC
power supply units.
6 The USB 3.0 connectors enable you to connect USB devices to the system
7 The ethernet connectors enable you to connect integrated 10/100/1000 Mbps
NIC connectors.
8 The system identification button on the front and back panels enables you to
locate a system within a rack. When the system identification button is
pressed, the LCD panel on the front and the system status indicator on the
back blink until one of the buttons is pressed again.
Press to toggle the system ID on and off. If the system stops responding
during POST, press and hold the button for more than five seconds to enter
the BIOS progress mode.
75
To disable iDRAC, if not disabled in F2 iDRAC setup, press and hold the
button for more than 15 seconds.
9 The system identification connector connects the optional system status
indicator assembly through the optional cable management arm.
10 The video connector enables you to connect a VGA display to the system
Avaya Converged Platform 130 Appliance: Supports virtualization using VMware vSphere ESXi
Standard License.
The Avaya Dell PowerEdge R640 is the underlying server hardware for the Avaya Converged
Platform 100 series. The PowerEdge R640 is a dual-socket, 1U platform designed for Avaya’s
portfolio of applications. The R640 represents updates to the CPU and other server
technologies over previous Avaya Common Server releases. It will be used as the base
platform for all new Avaya offers. The architecture of the R640 is designed to maximize
performance and provide the flexibility to optimize configurations based on Avaya’s applications
and customer use cases.
76
system health LED (Chassis health and system ID) bar.
2 Optical drive One slim SATA DVD-ROM drive
3 USB port The USB port is USB 3.0 compliant.
4 VGA port Enables you to connect a display device to the system.
5 Right control Contains the power button, USB port, iDRAC Direct micro port,
panel and the iDRAC Direct status LED.
6 Drive slots Enable you to install hard drives that are supported on your
system.
77
7.9.4. Avaya J129 IP Phone
The Avaya J129 IP Phone is a SIP-based IP phone for unified communications. Avaya J129 IP
Phone supports a single line with two call appearances on a dual line display.
78
11 Volume Increases or decreases the volume of the handset, or speaker
when you are on a call. Adjusts the ringer volume when you are
not on a call
12 Mute Mutes and unmutes the microphone
79
7.11. AAA
Pulse Secure is a centrally managed solution for defining network security policy. It pulls in
relevant context from multiple sources within an organization, leverages that context to
determine the appropriate policy, and then coordinates that policy across multiple enforcement
mechanisms. Pulse Secure integrates with a range of third-party products and solutions to
improve user experience and increase security. With a suite of modules, Pulse Secure provides
a range of options for securing different types of users and devices that access the network.
AAA/RADIUS is vital to an organization’s core ability to manage local, remote, and wireless
LAN (WLAN) users. AAA/RADIUS dictates and manages secure access to the enterprise
network, as well as controlling how users connect to and what resources they can access on
the enterprise network. It also aids in accounting for users’ actions while they are connected to
the enterprise network. For small through large organizations and government agencies
worldwide, the robust and reliable Pulse Secure® SBR Enterprise Series Steel-Belted Radius
Servers deliver the ideal AAA/RADIUS solution.
SBR Enterprise Series servers have been deployed and are operational around the clock in
many of the busiest networks in the world. These time- and industry-tested AAA/RADIUS
servers demonstrate, day in and day out, the reliability, flexibility, and interoperability necessary
to authenticate, manage, and account for tens of thousands of users. SBR Enterprise Series
servers control and record network access, and manage users on wired or WLANs deploying
the IEEE 802.1X standard from a single administration interface.
Pulse Secure’s dependable, standards-based SBR Enterprise Series Steel-Belted Radius
Servers—SBR Enterprise Edition and SBR Global Enterprise Edition—significantly enhance
the security and manageability of enterprise and government networks. SBR Enterprise Series
Servers deliver scalable authentication control, robust access policy management, and
centralized configuration management with the performance needed to tackle tens of
thousands of concurrent users.
SBR Enterprise Edition is the market-leading AAA/RADIUS server for small to mid-sized
enterprises. SBR Global Enterprise Edition leverages the breadth of capabilities of SBR EE,
with organizations also enjoying many additional features designed specifically to address
deployment in the world’s largest, most active networks.
80
These features—ensuring reliable uptime, flexibility, and powerful user management, in
addition to compatibility with virtually any network environment—allow organizations to safely
implement SBR GE as the centerpiece of their network security and access control
architecture.
No other AAA/RADIUS products offer the robust functionality and dependability of Pulse
Secure SBR Enterprise Series Steel-Belted Radius Servers.
Capability Description
81
Saves support staff time and expense while increasing
productivity through dynamic reporting and statistics, as well as
Easy deployment, comprehensive, granularly detailed log files
administration, and Decreases administrative time, load, and cost while
maintenance limiting administration and configuration errors via centralized
administration and management features, and automated or
customized configuration tools and processes
82
7.12. NMS
Motadata is a unified Product suite for IT operations and big data analytics. The robust platform
is flexible to monitor & manage heterogeneous infrastructure components in public, private and
virtual environment. It also enables IT teams to diagnose and resolve network issues.
Collect, consolidates, indexes, stores any log and machine generated data, whether structured
or unstructured. The data is then used to search, correlate, analyze and report any operational
or security related issues in the network quickly.
Key Highlights
• Handle and processes log data from any sources
• Manage security breaches with Security Forensic
• Analytics
• Detect and manage policy violations
• Retain larger volume of raw log data
• Unified data modelling to structure different log
• formats
• Use pre-built patterns to customize notifications
• Drill-down conversion from data model mapping
• Supports SNMP traps and Syslog
• Event log monitoring
• Normalize bulk log data without any data compression & retain them for longer period
• Satisfy compliance requirements with proactive log management
83
• Analyze machine data to identify trends and unleash undiscovered insights
• Detect and identify operational and configuration issues immediately
• Correlate metric data with logs
• No limit on data retention
• Full-text search on retained log data
84