Objectives: Chapter 9: Data Centre Architecture VLAN definition and benefits * VLANs and broadcast...
-
Upload
shaylee-sutliff -
Category
Documents
-
view
271 -
download
0
Transcript of Objectives: Chapter 9: Data Centre Architecture VLAN definition and benefits * VLANs and broadcast...
Objectives:
Chapter 9: Data Centre Architecture
• VLAN definition and benefits * VLANs and broadcast domains * Routers role in VLANs * Types of VLANs * VLANs protocols: ISL and 802.1Q * Configure static VLANs * Geographic VLANs
Why we build Data Centre
Data center is a term used to describe the physical hosting of computer equipment in a shared data center environment that is mutually beneficial to various tenants without each incurring the full cost of designing, building, and maintaining the environment. Campus data center is designed to function as a hardware facility for the purpose of housing computing systems providing various mission-critical services to the campus.
The data center is the heart of any Organization
What is it that makes a Data Center?
Power
Cooling Fire
Security
100% Uptime Puzzle
Data Center Security
There are four levels of security for physical access to securely hosted servers and equipment in data center .
The first level is code access to the building. Everyone will need a private code or someone with a code to assist you to get into the building.
The second level is biometric access to the floor. employees or data center visitors will need to pass a biometric Palm scanner to gain access to Data Center.
Data Center Security
The third level is the card reader access to the server area. All access information such who and when gained access to the server area are logged. Security manager can review such access information at anytime.
The fourth level is locked cabinets for securely hosted servers. Keys are required to open such locked cabinets.
Data Center Security
In addition to four level physical access control, the data center is also monitored by security cameras.
Fire Detection & Suppression
Supply, Testing and Commissioning of Kidde Fire Protection System or Approved Equal include optical / ionization smoke detectors and rate of rise heat detectors located within floors / ceilings and room space & Area below raised floor .
FM200 extinguishing systems in both large data centers and small computer rooms
Hi Fog fire suppression systems in some of the larger data centers.
Fire Detection & Suppression
zoned fire alarm panel break glass units, sounders and alarm bells.
optical / ionisation smoke detectors Gas going out valve
Data Center: Computer Room Power
• Ensuring the availability of critical data centre, power is at the top of a designers list.
• IT equipment must be supplied with a clean, consistent source of electrical power, which allows the equipment to avoid system errors and / or a system crash.
• The following systems are available in a Data centre:
Power conditioning and UPS (interruptible Power Supply) systems. Standby diesel generator systems. Mains switchgear. General distribution and lighting.
Data Center: Room Air Conditioning
power and environmental control / cooling are inseparable design criteria to achieve cost effective and reliable solutions, by using the following systems :
Air conditioning - close control and comfort. ventilation and extract systems. Water detection systems - local and perimeter sensing.
Data Center: Room Build
Raised floor (for cabling)
Control Room Secure environment
< 1500 m
< 1500 m
< 1500 m
Data Data CentreCentre
< 1500 mIDFIDF
IDFIDF
IDFIDF
IDFIDFMDFMDF
OFOF
MDF: MDF: Main Distribution FacilityMain Distribution FacilityIDF: IDF: Intermediate Distribution FacilityIntermediate Distribution Facility
1000BASE-TX
1000BASE-SX
1000BASE-LX
Data centre bandwidth:Gigabit and 10 Giga Ethernet
Gigabit Ethernet IEEE 802.3z
Data Centre Architecture
Internet
Server
Backup Server
IntranetWeb Server
Client machines
Domain Controllers
Management Stations
Test Server
Perimeter Router Cisco 3600
Adaptive Security Appliance Cisco
5500 Series
Back-end Cluster MS Exchange
Servers
Back-end Cluster MS SQL Servers
SMS Server
Anti-Virus Server
Core Switch or Switches
ISA Firewall and Caching Server
Storage Area Network
Zone will get the middle level of security
Outside Zone
Inside Zone
SQL 2000 Front- end
Exchange 2000Front-end Server
PublicWeb Server
DMZ Switch
4x CPUs, 12GB Memory
With Windows 2003 OS
Storage SAN Fiber Connect
GE (1000Mb/s) connection
FE (100Mb/s) connection
SCSI connection
UsersWorkstation
Main Network
Datbase VLAN
2x 2Gbit Fiber Connections for Storage
SAN to different Fiber Channel Switches for Load Balancing and
Failover
2Gb/s Fiber Channel 16 Ports Switches
Tap Library Store Edge L500 LTO 2
MS SQL Cluster MS Exchange Cluster
Internal Web Server
SAN Storage
SQL Front-End Server
Public Web Server
Exchange Front -End Server
Domain Controller Servers
ISA Firewall and Caching Server
Anti-virus Server
Test Server
SMS Server
Backup Server
Data Center Network Servers Design
2x CPUs, 8GB Memory
With Windows 2003 OS
Data Center Servers Configuration Design
• Network Services Application Services Visualization Services Storage services
Data Center Secure Connections
Data Center network security are customized to each customer's needs. It can be a combination of :
• firewall on network routers and switches,
• dedicated network firewalls and checkpoints such as
Netscreen, Cisco Pix, Watchguard firewalls,
• Firewall and antivirus Software on each server.
• Data transfers can be secured by VPN, SSL, and SSH
Windows 2000-basedServer/Router
Windows 2000-basedServer/Router
Security Between Networks
RouterRouterRouterRouter