Develop Product Network Infrastructure for Warren Center for General MotorsWord文档格式.docx
- 文档编号:18647222
- 上传时间:2022-12-30
- 格式:DOCX
- 页数:9
- 大小:20.44KB
Develop Product Network Infrastructure for Warren Center for General MotorsWord文档格式.docx
《Develop Product Network Infrastructure for Warren Center for General MotorsWord文档格式.docx》由会员分享,可在线阅读,更多相关《Develop Product Network Infrastructure for Warren Center for General MotorsWord文档格式.docx(9页珍藏版)》请在冰豆网上搜索。
LyleBrown.CCIE#3794
KPMGConsulting,LLC
UnderthedirectionofCiscoSystems
TableofContents
ProjectInitiation1
Goalsstatement1
Objectives1
ExecutiveOverview1
Concept1
Architecture3
Design4
GapAnalysis5
Security6
NetworkManagement6
Templates7
AppendixA
StatementofWork
AppendixB
ConceptforDevelopProduct
AppendixC
NetworkArchitectureforDevelopProduct
AppendixD
NetworkDesignSamplesforDevelopProduct
AppendixE
GapAnalysis
AppendixF
SecurityArchitectureforDevelopProduct
AppendixG
NetworkManagementArchitectureforDevelopProduct
AppendixH
RevisedArchitectureTemplateTT-?
?
ProjectInitiation
Goalsstatement
Thegoalofthiseffortistodefinealocal,managedandsecureNetworkInfrastructureforDevelopProductontheWarrencampusthatsupportsGM’sstatedbusinessobjectivesandrequirements.
Objectives
Specificobjectivestobemetinachievingthestatedgoalareto:
-DevelopaconceptualframeworkforDevelopProductontheWarrencampustobeusedasanetworkblueprintdocumentthatlinksstatedrequirements,withthearchitectureforthenetworkinitiative.Theinitialconceptistobepresentedwithintwoweeksofprojectinitiation.
-Conductanddocumenta“gapanalysis”todescribedifferencesbetweenthecurrent(planned)statenetworkandtheconceptualnetwork.
-DevelopaNetworkTopology(Architecture)andcorrespondingDesignTemplates.Thiseffort,whilefocusedonthelocalenvironment,willincludetreatmentsfor
-connectivitytoGM’sotherdesigncenters
-connectivitytosuppliers
-connectivitytoGM’scorporatenetwork,and
-dialincapability.
-DetaildiscussionsregardingNetworkManagementandSecurityimplicationsoftheDesign.
TheoriginalStatementofWorkandamendmentsareincludedinAppendixA.
ExecutiveOverview
Concept
GMhasimplementedacoherentplantointegratetheWarrenTechnicalCentercampusenvironment.Thephysicalsiteconsistsofseverallargebuildingsonasquaremilecampus.TheexistingplanistoconsolidateservicesinasingleDataCenter.Thisiseffectivelya24x7computerroomwhereserversarelocated.ThiscenterwillservicethelocalenvironmentaswellasregionalGMMegaCentersites.ThecurrentconceptistoGeographicallydistributeendusersites.EachbuildingorremotesiteistreatedasadistinctLANenvironmentoperatingatLayer2(switching).TheseGeographicallydistributedsiteswillbeinterconnectedviaLayer3(routing).Connectivitytoexternalentities–Internet,partners,etc.–areallowedthroughtheGMWANenvironment.
Thisenvironmenttreatsallusersatagivenlocationthesame.Thereisnomechanisminplacetofavoroneuseroveranother.Alltrafficismixedandaccessisshared.DevelopProductshasasetofrequirementsthataredifferentfromthegeneralpopulationthusrequiringspecializedtreatment.
WhileDevelopProductsisaglobalenterpriseandconnectivitymustbeestablishedwiththatinmind,therearearelativelyfewsitesontheWarrencampuswithveryhighconcentrationsofDevelopProductusers.ThiswillbecomeevenmoresoasrenovationandconstructionoftheVECbuildingiscompleted.Itisanticipatedthatupto12,000engineerswilloccupythatbuilding.Theengineeringaspectoftheenvironmentcausesdatavolumestobeverylarge.TransferofdatabecomestheprimarydriverforDevelopProduct.Concurrentwithdatamovement,simplicityandreliabilitybecomeveryimportantaswell.
TheDevelopProductNetworkConceptwascreatedfromaverygeneralsetofrequirementsfromDevelopProduct.Essentiallytheinitialsetofrequirementsincluded
-reducethenumberofdevicesbetweenaDevelopProductclientandhisprimaryserver
-reducethenumberofroutinghopsbetweenanyDevelopProductclient,includingglobalclients,andaDevelopProductserver
-minimizetheeffectsofroutingbyminimizingthenumberofLayer3devicestraversedinaconversation
-provideatopologythatwilldeliver50IOPS(1.6Mbps)toeachDevelopProductuser
-allowinterconnectivityforDevelopProductusersandtherestoftheworld
-describeaHighlySecuredenvironmentforthe“crownjewels”(Portfolio)
-describeatopologyinsuchafashionthatcomponentfailurewilldisplacenomorethan500users.
ThreeFunctionalenvironmentswillbeconstructedtosupportdistinctsetsofusers.Thisdoesnotprecludeaccessamongthem.Serverswillbedistributedamongtheseenvironmentsbasedupondataresidentonthem.ThecurrentLANdistributionisGeographical.ACampusAreaNetwork(CAN)interlinksthevariousbuildingsusingrouting,Layer3.EachbuildinghousesasingleLANenvironmentthatcommunicateswithothersviatheCAN.
AllserversfortheregionalMegaCenterarehousedinasingleDataCenterontheWarrencampus.ThisparticularbuildingalsohousesthemajorityoftheDevelopProductusers.
TheconceptistotreatDevelopProductasalogicalbuilding.BecausethemajorityoftheuserswillbehousedinthesamebuildingasDataCenter,itispossibletomoveserversfromtheGeneralPurposeenvironmentdirectlyintotheDevelopProductenvironment.Thisisdonetohelpabbreviatethedistancebetweenclientandserver.Layer3servicesarecollapsedintoasinglelayertominimizeroutingimplications.
DistinctenvironmentsaretobedevelopedforthetwosetsofDevelopProductusers.OneenvironmentisHighlySecuredandwillbeplacedbehindfirewallfunctions.Itwillbeadistincttopologythatislinkedto,butseparatefrom,theGeneralPurposeenvironment.ThesecondsetofuserswillutilizeatopologythatisintegratedwiththeGeneralPurposeenvironment.Whileitisintegratedwiththeexistingenvironment,theselectionofthepathbetweenclientandserverwillcausesegregationoftraffic.Itiscalledlooselycoupled.
TheconceptfortheHighlySecurednetworkisthesameasthatfortheremainderofDevelopProductexceptthatitisphysicallyseparatedfromtheothertwoenvironments.However,initiallyserverswillbeplacedinthesameLayer2environmentasclientsfortheHighlySecuredenvironment.TheonlytopologicaldifferencebetweenthetwoistheconnectionintotheoverallGMenvironment.ThisconnectionwillbethroughasinglefirewalledandcloselymonitoredconnectionfortheHighlySecuredusers.
TheconceptallowsthetopologytospanmultiplebuildingsontheWarrencampus.ConnectivitycanbethroughtheuseofdedicatedfiberorutilizetheexistingCAN.SmallclustersofeitherHighlySecuredorlooselycoupledDevelopProductuserscanresideontheexistingnetworkandretainconnectivitytothedesiredenvironment.Inthecaseoflooselycoupledtherearenospecialconsiderationsthatmustbemade.Accessisallowedthroughnormalrouting.TheremustbespecialconsiderationsintheHighlySecuredenvironmentthough.Someformofauthenticationandauthorizationmustbeimplemented.ThiscanbeaccomplishedthroughtheuseofVPNtechnologyorsomeimplementationofusername/passwordtechnology.
WANconnectivityisnotspecificallyrequiredforeitherthelooselycoupledortheHighlySecuredenvironmentsatthistime.Theconceptdoesnotprecludethistypeofaccess.Remote,evenglobal,usersretainthecapabilitytoaccessbothenvironmentsthroughexistingtopology.
TheConceptdocumentdevelopedisincludedinAppendixB.
Architecture
TheArchitectureconstructedfortheDevelopProductenvironmentreliesontraditionaldefinitionsofLANs.BoththelooselycoupledandtheHighlySecuredenvironmentsaredefinedtobehierarchicalinnature.Eachwillpotentiallyconsistofthreelayers–Access,DistributionandCore.
TheAccesslayerwillconnectclientdevicestothenetwork.ItwillbeLayer2Ethernetswitch.Ontheclientsideitwillsupport10/100Mbpsconnectionsand1000Mbpsconnectionsonthenetworkside.ItwillsupportmultipleLayer2environments–VLANs–foruserattachment.Thisdevicewillsupportboththeaggregationoftrafficonaport,Trunking,andtheaggregationofports,Channeling.TrunkingandChannelingwillbeimplementedonthenetworkside.
TheCorelayerwillbeusedtoconnectclientswithservers.Thiswillbearouted,Layer3,connection.Thisdevicewillbeaswitchwithroutingcapabilities.Itmustbecapableofsupportingalargenumberof1000Mbpsconnections,TrunkingandChanneling.TheintentoftheConceptistoconnecteveryAccesslayerswitchtoeveryserverataCoredevice.ThepurposeofthisistoreducetherequiredroutingcomponenttoasingledeviceconnectingthetwoLayer2environments.
DistributionlayersareallowedintheArchitecturetosupportscalingissues.BecauseofportdensityconsiderationsonCoredevices,itmaynotbepossibletoconnectclientsand/orserversthroughdedicatedports.InthesecasesaDistributionlayercanbeinsertedoneithersideoftheCoretoaggregatetrafficandprovidealogicalconnectiontotheCore.ThesedevicesareLayer2andmustsupportalargenumberof1000Mbpsconnections,TrunkingandChanneling.
Therequirementsforredundancyandthroughputdictatetheuseofmultiplepathsfromclienttoserver.WithinthenetworkthisisresolvedbytheimplementationofCiscoISLTrunkingandChanneling.Throughtheimplementationofstringentplanning,everyAccessswitchcanbedesignedtohavemultiple,loadbalancedLayer2pathstotheCore.Likewise,throughstringentplanning,serverscanhaveLayer2terminationsattheCore.Thiswi
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- Develop Product Network Infrastructure for Warren Center General Motors
![提示](https://static.bdocx.com/images/bang_tan.gif)
链接地址:https://www.bdocx.com/doc/18647222.html