Jméno semináře - Masaryk University

Jméno semináře - Masaryk University

IBM IDC Brno Network Services I+II Mgr. Pavel Krumnikl VUT FI Network Services 02/10/20 2006 IBM Corporation IBM IDC Brno Agenda Shared Network Infrastructure Organizan struktura Monitorovn sovch prvk - nstroje LAN Management WAN Management Typick problmy - LAN/WAN Firewall IP Services Bezpenost st Typick problmy FW, IPSE

2 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Agenda Shared Network Infrastructure Organizan struktura Monitorovn sovch prvk - nstroje LAN Management WAN Management Typick problmy LAN/WAN Firewall IP Services Bezpenost st Typick problmy FW, IPSE 3 VUT FI Network Services

02/10/20 2003 IBM Corporation IBM IDC Brno Co je Shared Network Infrastructure (SNI)? Poskytuje bezpen zpsob jak se z IBM vnitn st dostat do vnitn st zkaznka SNI je speciln sov architektura uvnit IBM Global Services data center. Bezpenostn poadavky jsou velmi nron Je zaloena na nkolika sovch segmentech s rznm pstupovmi prvy 4 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno

Tier Definitions for SNI (e.g. eSNI simplified) Security Layer Segments Allowed Communication Tier 0 - Internal IBM Intranet (with secure areas) Tier 1 - Highly Secured Central Infrastructure (within sphere of control) Tier 2 - Secured Shared Infrastructure (within each site) Tier 3 - Controlled

Service Resources, Customer Resources Tier 4 - External (untrusted) 5 Layer Description VUT FI Network Services Internet Other Enterprise Customer Customer Networks, Business Partners, Internet 02/10/20

2003 IBM Corporation IBM IDC Brno Implementation Example (e.g. eSNI simplified) IBM INTRANET Tier 0 Access Firewall CSL CML IAL_IBM SSL Service Firewall DML SSL DAL

IAL Edge Firewall Tier 1 Tier 2 Management Firewall SML DML DAL Tier 3 DAL Internet Firewall 6 Router

Router Customer Firewall Customer 1 Customer 2 Customer 3 VUT FI Network Services 02/10/20 Tier 4 2003 IBM Corporation IBM IDC Brno Abbreviations CML Central Management LAN CSL Central Service LAN SML Shared Management LAN

SSL Shared Service LAN DML Dedicated Management LAN DAL Dedicated Access LAN IAL Infrastructure Access LAN IAL_IBM Infrastructure Access LAN IBM 7 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Jak jsou vhody/nevhody SNI Vhody Nevhody Standardn een pro IBM Sdlen m obrovsk nroky na Bezpen een

Optovn vyuit prosted bezpenost, vt ne management pouze pro jednoho zkaznka Snen nklad Ne vdy je mon sjednotit Standardizace Me nastat problm se vechny standardy stejnmi IP adresami v stch rznch zkaznk Me bt omezeno zkonem v nkterch zemch 8 VUT FI Network Services

02/10/20 2003 IBM Corporation IBM IDC Brno Agenda Shared Network Infrastructure Organizan struktura Monitorovn sovch prvk - nstroje LAN Management WAN Management Typick problmy LAN/WAN Firewall IP Services Bezpenost st Typick problmy FW, IPSE 9 VUT FI Network Services 02/10/20 2003 IBM Corporation

IBM IDC Brno Organizan struktura Network management Inform Web-Interface for Problem/Performance/Reports... Client Call Help Desk (VCSC): Call Handling Ticket opening Problem dispatching ~~ Feedback Monitor VCSC NOC

Ticket # Network Operation Center (NOC) Level 1/level2: Ticket handling Problem isolation Problem correlation Problem # Specialized IBM LAN resolver group and vendors: Permanent Onsite Support for locations >= 400 user's 10 VUT FI Network Services Ticketing System LAN Resolver Group

On Site Support Maintenance 02/10/20 Manufacturer 2003 IBM Corporation IBM IDC Brno NOC - Level 1 support Reaguje na vstupy z rznch nstroj. d een problm a d tok informac mezi ostatnmi tmy. Vyuv jednoduch a jasn procesy. Mus dobe znt pouvan nstroje, systmy a procesy. Nezbytn je fungovn ve 24x7 reimu Pklady Koordinuje een vpadek na zazen poskytovatele. Udruje tikety v rznch systmech a informuje ostatn tmy o aktulnm stavu problmu

Informuje sprvnou skupinu uvnit IBM kdy je poteba vymnit HW u zkaznka 11 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno NOC - Level 2 support e problmy pichzejc od Level 1 supportu a z dalch systm. Level 2 support je t definovat z hlediska proces, vzhledem k tomu, e problm, dokud se nevyskytne, tak nen definovn. Level 2 je pevn o zkuenostech a znalostech o stch. Pklady V ppadn chyb na lince poskytovatele zjistit typ chyb, jejich pravdpodobn pvod a informovat poskytovatele, kter zajist vyeen Pomoci uivateli nap. se sprvnm nastavenm proxy v IE (ve

spoluprci s HD) Najt chybu v routovn, kdy se uivatel neme pipojit na server 12 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Level 3 support Level 3 support pracuje s komplexnmi problmy. Jsou zapojeni do een rznch problm, kter maj ir dopad (vce zem). Pomal s je pklad problmu, kter obvykle kon u level 3. e vtinou jakkoli nestandardn zapojen Spolupracuje a asto d komplexn zmny v stch. Je zaloen nejen na sovc zkuenostech, ale tak na znalostech v ostatnch produktech (Web, DNS, FW, SAP, LN, Terminal Services, atd.) Pklady

Nalezen a opraven patn nastavench routovacch protokol Asistovn poskytovateli s hlednm a eenm problm se sporadickmi vpadky v sti poskytovatele Hledn dvodu pomalho vkonu aplikace Zapojen do zmny poskytovatele pipojen 13 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Agenda Shared Network Infrastructure Organizan struktura Monitorovn sovch prvk - nstroje LAN Management WAN Management Typick problmy LAN/WAN Firewall IP Services

Bezpenost st Typick problmy FW, IPSE 14 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Network Management Toolset Tivoli TEC Zobrazuje problmov udlosti na LAN/WAN zazench Tivoli Netview Poskytuje sovou mapu k jednodu lokalizaci problmu Entuity Eye of the Storm

Poskytuje rozen monosti uren problmu, obvykle pro dleit (core) zazen Monitoruje zazen pes SNMP - vce ne 70 monch chyb. Speciln programy pro management zazen uritho vrobce Cisco Works 3Com Network Supervisor Nortel Enterprise Switch Manager CACTI Statistics WAN performance TACACS/RADIUS Autentikan server

Machine Sheets Database 15 Databze zazen VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Network Management Toolset WAN WANDevices Devices LAN LANDevices Devices Cacti Cacti

Entuity Entuity Eye Eyeofofthe theStorm Storm Cisco CiscoWorks Works 3Com 3ComNetwork Network Supervisor Supervisor Netview Netview TEC TEC 16 VUT FI Network Services

02/10/20 2003 IBM Corporation IBM IDC Brno Tivoli TEC (Tivoli Enterprise Console) Zobrazuje hlky o udlostech, na kter je poteba reagovat Je centrlnm systmem na sbrn udlost, zjitn jejich zvislost a jejich zobrazenm Je uren k pouit pedevm 1. levelem 17 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Tivoli TEC (Tivoli Enterprise Console)

18 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Tivoli Netview Up/Down monitorovn LAN, WAN zazen a firewall Monitoruje pomoc ping, SNMP nebo dostv alerty z jinch nstroj (EotS, CACTI) Me peposlat hlky do TECu Poskytuje sovou mapu pro bli uren problmu Je pouvn vemi rovnmi pro zjitn a analzu problmu 19

VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Tivoli Netview - Map 20 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Tivoli Netview Event Browser 21 VUT FI Network Services

02/10/20 2003 IBM Corporation IBM IDC Brno Entuity Eye of the Storm Rozen monitorovn centrlnch sovch zazen (LAN i WAN) a firewall pomoc SNMP Hls do Netview/TECu problmy, kter teprve mohou nastat M rozen monosti detekovn problm Je pouvn vemi rovnmi pro zjitn a analzu problmu 22 VUT FI Network Services 02/10/20 2003 IBM Corporation

IBM IDC Brno Entuity Eye of the Storm vpis port 23 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Entuity Eye of the Storm device report 24 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno

Entuity Eye of the Storm 25 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Cisco Works Umouje hromadnou konfiguraci Cisco zazen Umouje instalaci novch verz systmu (IOS/CatOS) Cisco zazen Ulehuje zjiovn problm na Cisco zazench Reporty Reload history Availability Config change history atd. Campus Manager Cisco View 26

VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Cisco Works pklad reportu 27 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Cisco Works Campus Manager - user tracking 28 VUT FI Network Services

02/10/20 2003 IBM Corporation IBM IDC Brno Cisco Works Cisco View 29 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno 3Com Network Supervisor Umouje zmnu a zlohovn konfigurace 3com zazen Umouje instalaci novch verz systmu 3com zazen M funkce na zjiovn problm na 3com zazench 30

VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Nortel Enterprise Switch Manager Umouje zmnu a zlohovn konfiguraci Nortel zazen Umouje instalaci novch verz systmu Nortel zazen M funkce na zjiovn problm na Nortel zazench 31 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Nortel - Enterprise Switch Manager 32

VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Nortel - Device Manager 33 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Cacti Statistics Zobrazuje vytenost WAN linek V ppad uit QoS (Quality of Service) zobrazuje i vyuit v jednotlivch kategorich

Poskytuje statistick informace, kter mohou pispt k een kapacitnch problm Sbr netflow data - pomh urovat top talkers, top conversations, top applications Je uren k pouit pedevm 2. a 3. levelem k identifikaci problm na WAN stch dve ne je poct zkaznk 34 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Cacti grafy linek Day Month 35

VUT FI Network Services Week Year 02/10/20 2003 IBM Corporation IBM IDC Brno Cacti Top Talkers 36 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Machine Sheets Database Seznam vech zazen

Obsahuje dleit informace o zazench Typ zazen Lokalita IP adresa, hostname Kontakty na ostatn skupiny/providera Informace o zabezpeen a kontrolch Atd. 37 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Agenda Shared Network Infrastructure Organizan struktura Monitorovn sovch prvk - nstroje LAN Management WAN Management Typick problmy LAN/WAN Firewall

IP Services Bezpenost st Typick problmy FW, IPSE 38 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno LAN Management LAN = Local Area Network Typy zazen Cisco, Nortel, 3com, Alel, Allied Telesyn, Blue Coat, Digital, Dlink, Enterasys, HP, IBM, Intel, Intermac, Kingston, KTI Networks, LANart, LinkSys, Netgear, Nokia, Olicom, Planet, Symbol, Synoptics, Xtreme Dleitost zazen Core (router, switch, kter pipojuje router nebo servery) ir spektrum monitorovn (Eye of the Storm) Non-core (switch, kam jsou pipojen koncov uivatel)

39 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno LAN jednoduch zapojen 40 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno LAN Data Centrum 42

VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Pklad datacentra CC2 BT Cage in CC2 ATT Cage in CC2 Internet Border Router Shared Internet Access Utility CC2 BT Cage in CC1

ATT Cage in CC1 Colt Cage in CC1 ISDN BU GRE Router Internet Border Router Shared Internet Access Utility CC1 DC Border Router 2 x C6506 SIAU CC1 Si Si SIAU CC2 Si

Shared Internet Access-Router C6506 CTL eSNI CC1 Shared Internet Access-Router C6506 CTL eSNI DC Aggregation Switch 4 x C6513 Si Core-Switch ABB C6509 Internet Distribution Block

ABB Internet Distribution Switch C3750-48TS-E CC1 Core SW Si CC1 - Dist SW Si 1 2 CC1 - Core SW CC1 - ABB Dist SW Si n Si CC2 Core SW Si

Server Access Switches C4506 Core-Switch ABB Internet C6509 Distribution Block CC2 - Dist SW 1 2 ABB Internet Distribution Switch C3750-48TS-E n CC2 - Core SW CC2 - ABB Dist SW Server 1 ABB Internet

Server-Cage CC2 Webhosting FW 1 2 Internet Access FW Server Access Switches 1 2 C2950 Internet VPN-FW n Internet Offload 1 2 ABB Internet

Server-Cage CC1 n Internet Offload Server 2 Internet Access Webhosting-Access Internet Access Internet Access FW Webhosting FW Webhosting Access Internet Server Cage CC1 n Internet

VPN FW Internet Server Cage CC2 1 2 WebServer, DNS SMTP n 1 2 n WebServer, DNS SMTP n 2 1 Server Access

Switches C2950 Server n Middle FW Si Server Access Switches 1 2 C2950 Middle FW Si Internet Server Cage CC1 Internet Server Cage CC2 Customer FW n Database -Servers Internet Server Cage CC1

43 Tools-Switch 2 x C3750-48TS-E VUT FI Network Services eSNI eSNI-EFW Si e-SNI Edge-Switch 2 x C3750-48-EMI Database -Servers Si eSNI-EFW 02/10/20 n Server

Access 2 1 Switches C2950 Internet Server Cage CC2 2003 IBM Corporation IBM IDC Brno Agenda Shared Network Infrastructure Organizan struktura Monitorovn sovch prvk - nstroje LAN Management WAN Management Typick problmy LAN/WAN Firewall IP Services Bezpenost st Typick problmy FW, IPSE 44 VUT FI Network Services

02/10/20 2003 IBM Corporation IBM IDC Brno WAN Management Monosti WAN pipojen Pronajat linka (leased line) DSL/ADSL/ISDN Internet tunel WAN propojen poskytuj pevn extern firmy (poskytovatel telekomunikanch slueb) NOC je kontaktn bod mezi providery a zkaznkem 45 VUT FI Network Services 02/10/20 2003 IBM Corporation

IBM IDC Brno Souasn trendy pro WAN MPLS = Multiprotocol Label Switching (http://www.isdn.cz/ clanek.php?cid=3869) QoS = Quality of Service ( http://eldar.cz/manasek/felbox/36mps/qos/index.htm) 46 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno WAN Management poskytovatel P1 P2 MPLS cloud

47 VUT FI Network Services 02/10/20 P3 P4 2003 IBM Corporation IBM IDC Brno Poadavky na WAN Monitoring & Statistics Nastavenm QoS na WAN linkch vede k elnjmu vyuit dan linky 80 100 % WAN link utilization (we pay 100, we use 100) Na monitorovn QoS je poteba efektivn nstroj 48 VUT FI Network Services

02/10/20 2003 IBM Corporation IBM IDC Brno Metody odhalen problm ve WAN Efektivn WAN management je zaloen na vyuit: Up/Down Management (IF) Odhalen HW problm a vpadk QoS Statistics and Reports (WHERE) Odhalen problm s vkonem a zahlcen linky Netflow Traffic Analysis (WHAT and WHO) Analza, kter typ komunikace zpsobuje problmy a kdo je pvodcem 50

VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Step One Check IF there is an outage Zjistit, jestli nenastal HW problm pomoc nstroj a informac od providera 51 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Step Two Check WHERE the problem is Projt celou cestu od jednoho konce ke druhmu, a zkontrolovat vechny, kter mohou zpsobit

pehlcen linky, zahazovn paket nebo jin problmy 52 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Graphs reported by IBM Reporting Solution (Cacti) Network Workload & Statistics QoS Traffic share per queue QoS Queue depth per queue Performance Availability Latency QoS Packet drop per queue Traffic Analysis

Errors and discards Packets Rate Switching Collisions Device CPU Usage Device Memory Usage 53 VUT FI Network Services Traffic Flow Analysis Top Talkers Top Applications Top Conversations 02/10/20 2003 IBM Corporation IBM IDC Brno Reality is much more complex There are many different providers and routers where problems can occur.

ABB Corporate Network Provider B Country Network Provider A ABB Location Provider A Reporting Tool data feed User 54 VUT FI Network Services Provider B Reporting Tool data feed Country Network Provider C

Provider C Reporting Tool Datacenter data feed IBM Reporting Solution for ABB Application Server 02/10/20 2003 IBM Corporation IBM IDC Brno Step Three Check WHAT traffic and WHO Prozkoumn typu komunikace, objem dat, v bod zahlcen Netflow dv informace jak typ komunikace zpsobuje peten a kdo je pvodcem

55 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Netflow Accounting must be enabled on all CPE routers Netflow v5 accounting must be enabled on all CPE routers and will be collected and processed by an IBM netflow collector. Collectors for In-Scope countries are placed in the country hub. ingress accounting on IF to LAN ingress accounting on IF to WAN ingress accounting on IF to WAN ingress accounting on IF to LAN

MPLS WAN CPE router PE router PE router CPE router NOC / Country Hub Netflow Collector 56 VUT FI Network Services Legend PE Provider Edge Router CPE

Customer Premises Equipment 02/10/20 2003 IBM Corporation IBM IDC Brno Netflow accounting 57 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Vsledek a akce Identifikace IP adresy zpsobujc problm, upozornn uivatele, odpojen, dn konkrtn zdroj, je poteba linku zkoumat del dobu, jestli je poteba naven

58 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Agenda Shared Network Infrastructure Organizan struktura Monitorovn sovch prvk - nstroje LAN Management WAN Management Typick problmy LAN/WAN Firewall IP Services Bezpenost st Typick problmy FW, IPSE 59 VUT FI Network Services

02/10/20 2003 IBM Corporation IBM IDC Brno Typick Problmy Pomal s LAN Internet WAN Nedostupn zazen LAN Nedostupn lokace WAN problm 60 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno

Pklad 1 Pomal s (lokln) Uivatel hls pomalou s Je poteba zjistit, jestli pouze na lokln fileserver nebo jestli na vzdlen server nebo na Internet Zjistit nastaven rychlosti/modu portu na switchi a nastaven sov karty serveru (uivatelskho PC) Zjistit chybovost na portu na switchi Vmna kabelu 61 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Pklad 2 Pomal s (Internet/WAN) Up/Down Management (IF)

Odhalen HW problm a vpadk QoS Statistics and Reports (WHERE) Odhalen problm s vkonem a zahlcen linky Netflow Traffic Analysis (WHAT and WHO) Analza, kter typ komunikace zpsobuje problmy a kdo je pvodcem 62 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Pklad 3 Nedostupn switch

Zjitn pomoc hlky v Netview Oven hlky (ping, SNMP) Zkusit pipojen z ostatnch zazen v lokaci Kontaktovat lokln podporu pro oven pipojen elektiny a sovch kabel Manuln restart zazen Vmna zazen 63 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Agenda Shared Network Infrastructure Organizan struktura Monitorovn sovch prvk - nstroje LAN Management WAN Management Typick problmy LAN/WAN

Firewall IP Services Bezpenost st Typick problmy FW, IPSE 64 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Firewall Typy firewall Standardn pouvan typy Checkpoint ProviderOne Vyuit FW 65 VUT FI Network Services 02/10/20

2003 IBM Corporation IBM IDC Brno Types of existing Firewalls Software Checkpoint Firewall-1 (diverse versions) Cisco PIX Operating Systems Checkpoint Secure Platform (SPlat) Sun Solaris Microsoft Windows Linux Nokia IPSO Hardware

66 PC Architecture Sun Nokia Cisco PIX Intrusion VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Firewall Standard for all replaced and new build firewalls Software Checkpoint Firewall-1 Next Generation with Application Intelligence Cisco PIX Operating Systems

Checkpoint Secure Platform Cisco PIX Firewall OS Hardware IBM x-Series Servers Cisco PIX 67 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Checkpoint - ProviderOne Struktura Management server FW box(Nokia, SPlat) Management server Uloen FW pravidla Centrln logovn Ovovn uivatel

FW zazen Jednoduch OS 68 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Checkpoint - ProviderOne 69 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno

Checkpoint - ProviderOne 70 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Checkpoint - ProviderOne 71 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Vyuit firewall Internet/DMZ/intern s

Oddlen jednotlivch zem Pipojen zem/lokac pes VPN tunel do Corporate st 72 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Agenda Shared Network Infrastructure Organizan struktura Monitorovn sovch prvk - nstroje LAN Management WAN Management Typick problmy LAN/WAN Firewall IP Services Bezpenost st Typick problmy FW, IPSE

73 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno IP Services (IPSE) DNS/DHCP NTP Proxy SMTP 74 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno

QIP centrln systm pro DNS/DHCP Jeden centrln (zlohovan) QIP management server Zmny se propaguj na centrln QIP server v zemi, ze kterho pak na QIP servery ve vtch lokacch Typy lokac: Mn ne 250 uivatel DHCP IP helper 251 a 499 uivatel, lokln DHCP server, nebo IP helper Vce ne 500 uivatel (Super location), lokln DHCP poskytuj redundantn servery Pravidlo Statick adresy pro servery a sov prvky, Dynamick adresy pro PC a tiskrny 75 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Local DHCP

eSNI Ehningen PCs QIP Enterprise Server Firew all DHCP Server Internet VPN Location B location DHCP Server local Installation IP Helper Firew all IP Helper DHCP Server Core DC locations EHN, VAS, WIN, SIN IP

Helper C Location DHCP Server local Installation redundant hardw are 76 VUT FI Network Services A Location PCs 02/10/20 2003 IBM Corporation IBM IDC Brno DNS Centrln management DNS zznam Hlavni domeny (zakaznik.com, zakaznik.cz)

Poddomny (cz.zakaznik.com) Sprva domny me bt delegovna na jin server 77 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Agenda Shared Network Infrastructure Organizan struktura Monitorovn sovch prvk - nstroje LAN Management WAN Management Typick problmy LAN/WAN Firewall IP Services Bezpenost st Typick problmy FW, IPSE

81 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Bezpenost st Standardy konfigurace Ovovn skuten konfigurace Aktulnost SW/HW Revalidace uivatel 82 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno

Bezpenost st - Standardy konfigurace Obecn pravidla Nutno aplikovat na rzn zazen Standardy pro Cisco, Nortel, 83 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Bezpenost st - Ovovn skuten konfigurace Sprvn nastaven pi pipojen novho zazen Kontrola probh v uritch intervalech (pl roku) Zdokumentovn vsledku Oprava ppadnch nedostatk 84 VUT FI Network Services 02/10/20

2003 IBM Corporation IBM IDC Brno Bezpenost st - Aktulnost SW/HW Monitorovn informac od vrobc Zplaty Nov verze Hodnocen zjitnch rizik Naplnovn upgradu 85 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Agenda Shared Network Infrastructure Organizan struktura

Monitorovn sovch prvk - nstroje LAN Management WAN Management Typick problmy LAN/WAN Firewall IP Services Bezpenost st Typick problmy FW, IPSE 87 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Pklad 1 Uivatel se neme pipojit k sti Zjistit IP adresu PC Pokud nem sprvnou podle lokace me bt problm s DHCP Zkontrolovat DHCP slubu na serveru Zkontrolovat, jestli jsou voln IP adresy v DHCP

rozsahu 88 VUT FI Network Services 02/10/20 2003 IBM Corporation IBM IDC Brno Pklad 2 Nov server v DMZ Zajistit potebn povolen Zjistit typ nezbytn komunikace Zjistit pes kter FW bude komunikace probhat Upravit pslun FW pravidla 89 VUT FI Network Services 02/10/20 2003 IBM Corporation

IBM IDC Brno Odkazy Tivoli Netview http://www-306.ibm.com/software/tivoli/products/netview/ Tivoli TEC http://www-306.ibm.com/software/tivoli/products/enterprise-console/ Eye of the Storm http://www.entuity.com/ Cisco Works http://www.cisco.com/en/US/products/sw/cscowork/ps2425/index.html CACTI http://www.cacti.net/ 91 VUT FI Network Services 02/10/20 2003 IBM Corporation

IBM IDC Brno Odkazy Checkpoint ProviderOne http://www.checkpoint.com/ QIP http://www.lucent.com/solutions/netops_enter.html 92 VUT FI Network Services 02/10/20 2003 IBM Corporation

Recently Viewed Presentations

 • I and II Peter - Brigham Young University-Idaho

  I and II Peter - Brigham Young University-Idaho

  Joseph Smith noted in a discussion on First Peter, "Peter penned the most sublime language of any of the apostles" (Teachings, 301) ... "Whenever the Lord has a people on earth he offers to make them a nation of kings...
 • A Gathering of Old Men - Central Dauphin School District

  A Gathering of Old Men - Central Dauphin School District

  Conspirators. Pg. 125- "I supposed she felt that since we were all . conspirators. together, one was no better than the others, so she just started dishing out the sandwiches to the first person she got to and fussing all...
 • Coordinator & Assessor Training

  Coordinator & Assessor Training

  After all tests are scored, the campus GT Assessor enters the results on the GT web app profile and changes the status to "committee." Data must be in by the third Thursdayof the month - January to April. ... They...
 • Navigation to PeopleSoft - Time and Labour

  Navigation to PeopleSoft - Time and Labour

  Navigation to PeopleSoft - Time and Labour. The quickest way to the timesheet is to go through Bear Tracks. Where you would go to view your Pay Cheque. Bear Tracks is a portal to PeopleSoft. Click Time and Leave Link...
 • Presentazione del volume

  Presentazione del volume

  Nel livello programmazione, i programmi sono scritti in Java e sono sviluppati e testati in modo indipendente dagli studenti. Triennio Istituti Tecnici I programmi si basano anche su tre competizioni RoboCup Junior: Dance Rescue Soccer La missione più popolare è...
 • Financial Aid Basics - sbac.edu

  Financial Aid Basics - sbac.edu

  Apply Early ! www.fafsa.ed.gov. Early applicants may get more money than late applicants! October 1 of each year is the earliestyou can apply for the following academic year which begins in August.
 • Field Experiences with Mobile Screening Technologies Carmen Strigel,

  Field Experiences with Mobile Screening Technologies Carmen Strigel,

  Vision acuity screening. Screener-administered. Already piloted in Ethiopia and several other countries in Africa and Asia. Clinically validated (De Venecia et al., 2018) Proprietary tool. Peek Acuity is a vision screening tool that utilizes the tumbling E optotype standardized vision...
 • PowerDesigenrs' Rapid Charging Technology

  PowerDesigenrs' Rapid Charging Technology

  Nasser Kutkut Last modified by: laurad Created Date: 9/21/2000 5:04:23 PM Document presentation format: On-screen Show Company: PowerDesigners Other titles: Times New Roman Arial Monotype Sorts Wingdings Dads Tie PowerPoint Presentation PowerTrac SP - Motive Battery Monitors PowerTrac ...