CMC Giaiphap Wifi Pcung Tvienso Dhks

Gii php nng cp phn cng cho TV S v trang b h thng Wifi tp trung

1

CMC SI

THUYT MINH GII PHP K THUT

Gii php nng cp phn cng cho Th vin s v trang b

h thng Wifi tp trung cho ta nh KTX A1 n A5 Trng i hc Kim St H Ni

H Ni, nm 2014


2

MC LC NI DUNG

1. Hin trng v yu cu cho h thng mng Trng HKS H Ni ............................ 3

1.1. Hin trng h thng mng ................................................................................................ 3

1.2. Yu cu nng cp h thng v u t mng Wifi cho KTX nh A1 A5 .......................... 5

1.3. Li ch mang li h thng khng dy (Wifi) ..................................................................... 8

2. Tng quan nng cp h thng mng v h thng Wifi cho ta A1- A5 ...................... 9 2.1. xut cc thit b mng nng cp cho Trng HKS H Ni...................................... 10

2.2. H thng mng khng dy qun l tp trung .................................................................. 12

2.3. Phng thc kt ni h thng Wifi tp trung .................................................................. 13

3. Danh mc xut cc thit b .................................................................................... 14

4. Gii php xut cc thit b .................................................................................... 15

5. D kin phn b cc im truy cp Access Point...................................................... 23

6. Kt lun ...................................................................................................................... 24


3

1. Hin trng v yu cu cho h thng mng Trng HKS H Ni

1.1. Hin trng h thng mng

Hnh 1: S hin trng ca cc ta nh Trng HKS H Ni

V mng cc b

Mng cc b ca Trng HKS H Ni l mng phng, mt tn min. C 02 ng cp quang kt ni

Internet (WAN 1, WAN 2, 1 cng FastEthernet u vi Switch chnh t ti Phng my ch ca Hi trng

A 2 tng), t Switch chnh ny ni ti cc Switch phn phi ca cc ta nh khc, t ni vi cc my

tnh ca cc khoa, phng, trung tm. Tt c cc My tnh trong h thng c cng 1 Subnet Mask IP v cng

mt Default Gateway. Do vy, kh nng bo mt khng cao, lng ph v lu lng, kh khn cho qun tr

mng, qun l h thng

V ng truyn : Hin nh trng c 02 ng truyn cp quang : 01 ng WAN - 160 Mb, v 01

ng WAN - 40 Mb (sp ti s nng cp t 40 Mb ln 80 Mb).

V h thng nh tuyn : thit b Draytek Vigo3900 dng lm 02 chc nng : nh tuyn v cn bng ti

02 ng cp quang. Thit b ny khng phi thit b chuyn nh tuyn v hn ch hiu nng.


4

V h thng switch : gm 03 b Cisco Linksys SG92-24- Gigabit 24-port, trong :

+ 01 Switch Cisco Linksys SG92-24 dng lm Switch Core :

- Kt ni cc my ch trong phng

- Kt ni n cc Switch tng ca Nh ging ng, nh hiu b, nh A5, Access Point ca nh

A1 A5, t phn b n cc nt mng ngi dng v cc im truy cp khng dy Access

Point.

+ 02 Switch Cisco Linksys SG92-24 lm Switch phn phi

- Kt ni 49 PCs trong phng lab (Cnh phng my ch tng 2 ca hi trng A 2 tng).

V h thng Access Point phn b cc tng ca cc ta nh :

- Nh ging ng 4 tng (mi tng 03 phng v 03 Hi trng);

- Hi trng 1 tng (3 phng);

- Nh KTX c A1 A5 (Tng lai sau khi xy xong KTX mi s ph b nh A1, A2 (Nh A1,

A2, A3 : 2 tng - 8 phng / tng, mi phng tm 8 sinh vin, Nh A4 1 tng (12 phng), Nh

A5 1 tng (5 phng).

H tng my ch

S lng my ch : Trong phng my ch c 01 my ch HP ML310 T04 Intel Xeon 3050 c trang

b t nm 2007 cu hnh thp 2,13Ghz//1Gb/72GB, cc dch v mng c bn c ci t trn my ny, do

vy i khi ton Trng mt kt ni internet do server ny s c (mt in cc b, b li khng chy) . Cui

nm 2013 nh trng c trang b thm 02 my ch mi chy phn mm th vin in t :

1) 01 my ch rack HP DL360p G8 : 32GB ram, 3TB hdd

2) 01 my ch tower IBM x3500 M4 : 24GB ram, 4TB hdd

Chc nng ca my ch : V cc ng dng Trng HKS H Ni u c kin trc 1 hoc 2 lp, nn

khng c my ch chuyn v cc ng dng, my ch web, khng c cc my ch qun l v truyn thng.

Mi trng vn hnh : Trng HKS H Ni khng c mi trng my ch tch bit theo ng tiu

chun. Phng my ch l mt phn khng gian hnh lang ca Phng hc my tnh, khng c thit b bo

chy, thit b chng chy, thit b chng sc in, thit b chng st,

H thng an ninh, bo mt

An ninh vt l : Vic truy cp vo cc my ch, my trm khng c gim st qua cng c phn mm

hay bt k thit b gim st no.

An ninh CSDL : Nh trng cha c mt m hnh d liu v cc quy tc bo mt km theo. Bo mt

d liu hin ti ch da vo chc nng bo mt ca mi ng dng.

An ninh ng dng : Mi ng dng (nh thng tin ni b trn Website ca Trng, th vin in t,)

duy tr mt ti khon ngi dng c xc nh trc vi quyn truy cp c cp theo cc chc nng ca

phn mm. Qun tr ng dng s dng cc chc nng ca phn mm to v qun l ti khon ngi dng.


5

Tn v mt khu truy nhp l c ch duy nht xc thc ngi dng. Thng tin ny c lu tr ti ch

trong bn CSDL ng dng c m ho.

An ninh mng : Mng LAN ca nh trng c cu trc phng, ngha l khng c thit k phn

mng. Trong mng LAN phng, tt c cc my trm, cc my ch trc tip kt ni cng nhau v c t

trong cng khng gian lm vic. Do vy, Worms, Trojans hoc virus c th d thm nhp t my ny sang

my khc.

Hnh 2: S logic kt ni h thng mng hin ti Trng HKS H Ni

Ngoi cc thng tin v H thng mng, an ninh mng, h thng my ch, lu tr nu trn, th trong

Trng HKS H Ni cn bn n cc vn quan trng khc : V ng dng CNTT v v ngun nhn

lc ng dng CNTT. Cc ng dng CNTT hot ng da trn nn tng h thng CNTT, xoay quanh cc

ng dng ny l nhu cu v nhn lc, v b tr v cht lng ca nhn lc. Cc vn ny s cp n

trong cc gii php khc.

1.2. Yu cu nng cp h thng v u t mng Wifi cho KTX nh A1 A5

Yu cu hin ti t ra i vi hin trng h thng ca Trng HKS H Ni l:

Nng cp v b sung h thng mng trng HKS H Ni

u t h thng mng Wifi qun tr tp trung cho KTX nh A1 - A5


6

1.2.1. Nng cp v b sung h thng mng trng HKS H Ni

Cn c trn vic kho st h thng mng ca Nh trng v yu cu nng cp trc mt ca nh trng,

chng ti xut trang b thm 01 s hng mc thit b nhm p ng nhu cu hot ng ng dng ca nh

trng HKS H Ni :

V h thng h tng mng :

Trang b thit b nh tuyn (Router) cu hnh cao thc hin chc nng nh tuyn ring bit, c

hiu nng cao nhm thay th v gim ti cho thit b Draytek Vigo3900, thit b Draytek

Vigo3900 s ch lm cn bng ti cho cc ng truyn quang.

Trang b thit b tng la cho h thng mng, nhm bo mt an ton thng tin, pht hin chng

xm nhp. V hin ti, nh trng cha c bt k h thng bo mt no.

Trang b Core Switch hiu nng cao chuyn mch thay cho Cisco Linksys SG92-24, cn

Cisco Linksys SG92-24 s lm Switch phn phi ca cc ta nh.

V h thng h tng my ch v lu tr :

Trang b h thng my ch mi cho phn mm th vin s : 02 my ch cu hnh p ng (my

ch Database v my ch ng dng)

Trang b h thng sao lu d liu d phng. Hin nh trng c nhu cu lu tr d liu ln, v

an ton, nht l sau khi xy dng h thng phn mm Th vin in t v th vin s, s pht

sinh nhiu c s d liu s ha. H thng ny ng mt vai tr quan trng trong vic lu tr d

liu khi c s c xy ra.

1.2.2. u t h thng mng Wifi qun tr tp trung cho KTX nh A1 - A5

1.2.2.1. Nhu cu u t

p ng nhu cu hin ti ca nh trng, chng ti xut trang b h thng khng dy tp trung cho

05 ta nh A1 A5, c tnh n thu ph.

Hin trng nh KTX c A1 A5 ca Trng HKS H Ni : Nh A1, A2, A3 : 2 tng - 8 phng /

tng, mi phng tm 8 sinh vin, din tch tm 8 x 40 m), Nh A4 : 1 tng (12 phng), din tch tm 8 x 40

m, Nh A5 : 1 tng (5 phng), din tch tm 5 x 20 m. Tng lai sau khi xy xong KTX mi s ph b nh

A1, A2 c khng gian dng vo mc ch khc.

Xy dng mt h thng mng khng dy tp trung, ph sng cc ta nh KTX t A1 - A5 ca Trng

HKS H Ni, m bo h thng thng tin hot ng an ton, n nh v c tin cy cao v t c cc

hiu qu sau:

+ Hiu nng h thng p ng nhu cu hc tp v ging dy, lm vic ca cc b v hc vin Trng

HKS H ni (Hiu nng ca h thng)

+ Kim sot ngi s dng h thng ng mc ch (C tnh bo mt v qun tr tt)


7

+ Hiu qu v kinh t ph hp vi hiu qu k thut (C tnh n thu ph v kim sot hiu qu cn c

trn bng thng ngi dng)

H thng mng khng dy Wifi s phc v vic tra cu, tm kim thng tin trn Internet, phc v vic

hc tp ngoi ng v nghin cu ti liu ca cc hc vin.

C th nh sau: H thng mng khng dy phi m bo c cc mc tiu hin ti, ng thi vn p ng c yu

cu m rng, nng cp ph hp vi nhu cu tng dn trong tng lai. Nh vy, h thng s c thit k,

xy dng m bo cc tiu ch nh sau :

- Tnh sn sng cao

- Cng ngh tin tin

- Tnh m

- Tnh c ng

- n nh

- tin cy

- An ton v bo mt

- Hiu nng

- Vn hnh v qun tr hiu qu

- Bo v u t

C tnh n thu ph :

H thng mng khng dy s c qun tr vn hnh, theo di, kim sot t xa qua thit b qun tr

Wireless LAN Controller. Mi hc vin s c cp 01 ti khon ngi dng (Username + password), ti

khon ny c th trng vi m th hc vin vin, th vin m nh trng cp cho hc vin, hoc t ti

khon vi tn khc. Trn thit b qun tr tp trung, cu hnh mi ti khon theo chnh sch quy nh ca nh

trng.

Hnh thc thu ph xut :

khng mt qu nhiu nhn lc vo vic tnh ton dung lng, ti khon ngi dng dng bao nhiu,

cp bao nhiu l hp l. Nh trng c th c nh mi hc vin ng 50,000/thng truy cp internet

(hoc ng theo qu, theo k). C th thu cng hc ph hoc thu sau . Nhn vin qun tr c nhim v

kim sot bng thng hp l vi nhu cu s dng ca cc ti khon (V d, t tc thng lng l

upload/download 100 Kbps cho ton b h thng khng dy tp trung).


8

1.3. Li ch mang li h thng khng dy (Wifi) i vi trng nh Trng HKS H Ni, mt h thng mng khng dy tp trung ph sng cc ta

nh KTX A1 A5 s mang li nhiu ch li. l mt phng thc cho php truy cp ti nguyn khng gii

hn khng gian thi gian trn internet, cho php tng tc lin tc gia hc vin, cn b, ging vin trong

qu trnh nghin cu.

H thng mng Wifi khng ch n thun l mt lot cc Access Point kt ni vo mng ni b sn

sng cung cp kt ni v tuyn m yu t quan trng li l s kim sot kt ni v cp php truy cp. Chnh

v th, h thng mng cn phi c cc thit b chuyn dng qun l h thng ny, trong nhng yu t

cn xem xt thng trc l phm vi ph sng ca cc client, mt kt ni cc client, cc chnh sch kim

sot bng thng v lu lng, cc chnh sch bo mt ton b h thng (cm/cho php theo user/passsword,

lc a ch, chng tn cng)

H thng mng Wifi ti cc ta nh KTX A1 A5 ca Trng HKS H Ni bao gm cc AP t ri

rc ti cc im tng ca cc ta nh v ng vai tr l im truy cp cho cc my tnh ca hc vin, v cn

b khi kt ni vo mng.

Hnh 3 : Hot ng kt ni xc thc trong mng khng dy


9

2. Tng quan nng cp h thng mng v h thng Wifi cho ta A1- A5

phc v m bo an ninh, an ton cho h thng cc my ch, lu tr, sao lu phc hi d liu cng nh cung cp kt ni vi ton b h tng v ng dng ca b, chng ti xut thit thit k h thng mng v bo mt nh sau:

SiSi

U N I V E R S I T YU N I V E R S I T Y

Hnh 4. S tng quan nng cp h thng mng v h thng Wifi cho cc ta A1 A5

y l m hnh tng th phn lp theo cc module : Core Module : c nhim v kt ni tt c cc module ti h thng mng nh trng vi mng bn

ngoi, n c vai tr trung chuyn lu lng gia cc module. Do , lun c mt lu lng d liu

ln c truyn qua v x l bi Core Module, do cn thit b chuyn mch c hiu nng cao.

y l thit b chuyn mch li Core Switch

ServerFarm Module : Bao gm cc switch cung cp kt ni ti cc my ch Application, Database,

File Server, v h thng sao lu backup d liu ln

DMZ Module : l vng my ch cung cp cc ng dng c public ra ngoi internet.

Internet Module : l ni cung cp dch v Internet cho ton b h thng

o Cung cp ng truyn truy cp Internet o Router dng cung cp kt ni Internet. o H thng tng la bo v cho h thng mng

LAN Module : chc nng ca Module LAN l kt ni cc ngi dng cui ti cc ta nh ca

trng HKS H Ni.


10

2.1. xut cc thit b mng nng cp cho Trng HKS H Ni

Nhm nng cao hiu sut h thng mng ca nh trng v b sung cc bin php an ninh an ton

thng tin, chng ti xut cc thit b c tnh nng bo mt v hiu nng cao :

Thit b chuyn mch trung tm (Switch trung tm): Cung cp kt ni, chuyn mch trung tm

cho ton b h thng mng khng dy v c dy (S lng 1)

Hnh 5 : M hnh thit k tng th

Thit b nh tuyn (Router) : Cc thit b nh tuyn c s dng ni nhiu mng vi nhau.

Thit b nh tuyn ng vai tr mt nhn vin iu vn (dispatcher), la chn tuyn ng tt nht

cho thng tin ca bn i qua nh c th nhn c n mt cch nhanh chng. Cc thit b nh

tuyn phn tch d liu ang c gi qua mt mng li, thay i cch n c ng gi v gi n

qua mt kiu mng khc. (S lng 1)

Thit b tng la bo mt : Thit b ny t ngay sau thit b nh tuyn ca h thng mng, c

nhim v pht hin v ngn chn cc v xm nhp mng ni b, cc cuc tn cng mng, v ly

nhim virus. Cu hnh firewall c kh nng tch hp y cc tnh nng bo v h thng mt cch

tt nht. (S lng : 1)

i vi mt h thng bo mt ngn cch mng ni b vi Internet, thng s c nhng

thnh phn nh: Firewall, IPS, Antivirus Gateways, Web filtering. Cc thnh phn ny gi y c

th tch hp trong cng mt thit b phn cng. y l mt hng mi trong vic ng dng cc sn

phm bo mt, dng sn phm (Unified Thread Management UTM) c tch hp y cc chc

nng (Firewall, IPS, Antivirus Gateways, Web filtering, Traffic Shaping) s c kh nng phi hp

cc thnh phn khc nhau mang li kh nng bo mt cao nht cho h thng.


11

Hnh 6 : M hnh Firewall

Firewall c kh nng thc hin:

o Network Firewalling/VPN o Chng xm nhp (IPS) o Nhng chc nng qut Virus/Spam o Nhng chc nng lc Web o Bo mt cho VoIP o Truy cp t xa thng qua SSL, IPSec o Qun l truy cp mng (Network access control - NAC) o Bo mt mng khng dy (Wireless security) o Lc cc giao thc giao tip mng ngang hng (P2P filter) o Lc cc chng trnh tin nhn (IM filter)

My ch cho gii php th vin s : Nhm trang b my ch cho mc ch ci t h thng th

vin s v lu tr c s d liu. Chng ti xut 02 my ch : 01 my ch CSDL v 01 my ch

ng dng

T a lu tr v tape backup vi dung lng ln (hng TB) : Lu tr ton b d liu ca cc

my ch ng dng. H thng Lu tr c thit k theo m hnh mng SAN (Storage Area

Network). T a lu tr SAN gip tp trung ha lu tr v qun l d liu. T a lu tr c th kt

hp c vi thit b Tape backup lu tr d liu vi dung lng ln, vi tc cao, v tnh n

vic gi an ton d liu.

Hnh 7 : M hnh h thng SAN


12

2.2. H thng mng khng dy qun l tp trung Trng HKS H Ni cn c mt h thng mng LAN khng dy (WLAN) c vng ph sng rng, c

hiu sut v tin cy cao. l mt h thng WLAN qun l tp trung, d trin khai v d qun tr. Trc

ht u t ti khu KTX nh A1 n A5, v c thu ph truy cp internet.

Hnh 8 : M hnh hot ng h thng Wifi ta nh KTX A1 A5

H thng WLAN c xy dng c kh nng thch ng cao, cung cp cho Trng HKS H Ni s

tin dng v qun tr ngi dng linh ng (vi i ng IT ca Trng HKS H Ni hin mng nn cn c

gii php qun l tp trung nhm n nh h thng, d dng lp t, qun tr hc vin, pht hin v tr hng

hc hay b li ca cc Access Point v c th khc phc sa cha nhanh chng)

Thit b Wireless Lan Controller : Cu hnh tp trung cho cc mng khng dy, y cu hnh ti

cc Access Point (AP) bao gm m SSID, chun m ha (WEP, WPA..), phng thc xc thc

(preshare key, EAP). Thit b ny d kin c t ti phng phng my ch tng 02 Hi

trng A.

Thit b truy cp Access Point (AP): Thit lp knh kt ni ti Wireless Lan Controller nhn

cu hnh v cung cp sng khng dy cho cc my client ca hc vin. Cc thit b ny thng c

t theo tng phng hoc tng tng cung cp sng khng dy cho my client ca hc vin.

Server Zone: y l vng t cc my ch ng dng v my ch c s d liu ca nh trng.

Trong c my ch xc thc RADIUS Server , AD Server


13

2.3. Phng thc kt ni h thng Wifi tp trung Trc ht tt c cc im truy cp khng dy indoor s c qun l tp trung bi h thng iu khin

tp trung (Wireless Controller - WLC). Thng tin cu hnh, chnh sch bo an, tn s, knh pht, tt c u

c thit lp ti WLC v p t xung cc im truy cp. Vic cu hnh, thit lp cc chnh sch bo an,

chnh sch cht lng dch v, qun l tn s, qun l di ng u c thc hin tp trung trn h thng

qun tr, sau p t n cc im truy cp AP.

+ Thit b WLC (Wireless Lan Controller) c kt ni vi h thng my ch xc thc RADIUS thng

qua h thng switch trung tm, ngi dng c xc thc thng qua b ti khon trn cc my ch ny.

+ Thng qua thit b chuyn mch trung tm (Switch tng) t ti phng my ch ti tng 02 hi trng

nh A, mi nhnh mng ko n cc ta nh A1 n A5, c phn chia mng VLANs (mng LAN o) mt

cch hp l.

2.3.1. Cch thc xc thc Cc vn v bo mt h thng wireless tp trung trong c ch xc thc ngi dng. Mt c ch xc

thc cht ch s bo v h thng wireless rt nhiu bi im yu ca h thng khng dy (Wifi) l nm

y. Bin php bo mt Wireless thng s dng hin nay nng cao tnh an ton l s dng chun WPA

(xc thc ngi dng da trn user + password v Certificate). Ta thng xy dng RADIUS Server, Active

Directory xc thc

Vi cch thc bo mt ny, c th dng mt RADIUS server (My ch xc thc) xc thc cho cc

user (ngi dng) cn ng nhp vo mng khng dy. Ngha l user (ngi dng) mun s dng khng dy

cn phi c username v password hp php mi c th gia nhp mng.

Hnh 9. M hnh xc thc ngi dng trong h thng mng khng dy.


14

3. Danh mc xut cc thit b

B V H THNG PHN CNG

I V my ch v h thng lu tr H thng 1

1 My ch C s d liu v my ch ng dng My ch 2U Rack IBM B 2

2 T a lu tr d liu T a IBM Dual Control B 1

II V h thng mng chung H thng 1

1 Core Switch cho h thng mng nh trng

Cisco Core Switch 24 port + Network module 4 port FC B 1

2 Router nh tuyn Cisco Integrated Services Router B 1

3 Thit b tng la chung cho h thng Tng la FortiGate B 1

III V h thng mng khng dy qun l tp trung cho KTX nh A1 - A5 H thng 1 1 Access point Cisco Aironet Access Point B 12

2 Wireless LAN Controller Cisco Wireless Controller with 15 AP Licenses B 1

3 Switch kt ni Cisco Catalyst Switch 8 port B 2

IV Vt t, ph kin v nhn cng lp t mng khng dy ta nh A1 - A5 (dng u RJ Bm thng cm trc tip vo thit b chuyn mch Switch) v lp t thit b mng nng cp

Ht 1

1 Ph kin trin khai h thng Access Points 2 Nhn cng lp t, trin khai h thng mng khng dy


15

4. Gii php xut cc thit b

4.1. Cc thit b nng cp h thng mng

4.1.1. Core Switch cho h thng mng chung ton trng

Chng ti xut Switch layer lp 03 c hiu nng cao thay th cho Cisco Linksys SG92-24 hin c ca

nh trng :

Core Switch cho h thng mng nh trng Cisco Core Switch 24 port + Network module 4 port FC

Type Switch Layer 3 (Rackmount)

General High-speed stacking bus, Innovative stacking technology Stackable multilayer switch Enterprise-class intelligent services delivered to the network edge.

Interfaces 24 Ethernet 10/100/1000 port Network module for uplink ports (Two 10GbE SFP+ ports network module with four physical ports with two SFP+ and two regular SFP ports)

IOS LAN Base

H iu hnh h tr nng cp ln phin bn mi, y cc giao thc & dch v IP: EIGRP, OSPFv3, BGP, PIM, IPv6, EEM, SLAs)

Performance Switching Fabric 160 Gbps forwarding bandwidth Forwarding rate 65.5 Mpps

Suports

DRAM 256 MB, Flash 64 MB Total VLANs : 1005, VLAN IDs :4000 Total Switched Virtual Interfaces (SVIs) :1000 Jumbo Frame :9216 Byte.

Protocols/standards Network protocol(s) IPv4, IPv6

Layer 2 protocols VLAN, Private VLAN, CDP, ISL, PVST+, PVRST+, PAgP, 802.1q, 802.1d, 802.1s, 802.1w, 802.1x, 802.3ad, Q-in-Q in hardware, Layer 2 protocol tunneling, Jumbo frames on all ports (up to 9216 bytes), automatic QoS

Layer 3 routing protocols RIP, Static routing, IGRP, OSPF, Inter-VLAN IP routing, PIM, DVMRP Accessories and Cables Power Cable, and other accessories and cables that needed Power Supply 2 x Ngun in AC 350 W

Superior Quality of Service

Cross-stack QoS allows QoS 802.1p class of service (CoS) and differentiated services code point (DSCP) Cisco control-plane and data-plane QoS ACLs on all ports Eight egress queues per port Shaped Round Robin (SRR) scheduling


16

Weighted Tail Drop (WTD) Strict priority queuing

Maintenance and Support Service 01 year

4.1.2. Switch phn phi cc tng cc ta nh A1 - A5

Cc switch truy cp ny t phn b ti cc tng ca cc ta nh, kt ni trc tip vi switch tng,

Switch phn phi kt ni cc Access point n cc ta nh A1 A5

Switch kt ni Cisco Catalyst Switch 8 port

Architecture 19 rackmountable Interfaces 8-port 10/100Base-T

Memory DRAM: 64MB FLASH: 32MB

Power Supply AC power supply Forwarding bandwidth 16 Gbps VLANs Max. 64 VLANs

Layer 2 protocols VLAN, Private VLAN, PVST+, PVRST+, 802.1q, 802.1d, 802.1s, 802.1w, 802.1x, 802.1ad, VTP, CDP

Multicast protocols IGMPv3 snooping Network management and security protocols AAA, RADIUS, SNMPv3, SSHv2, TACACS+, Port-based ACL

Protocols 802.1p, Waited Tail Drop (WTD), Shaped Round Robin (SRR), Strict Priority queuing, AutoQoS, CIR


4.1.3. Thit b nh tuyn

Chng ti xut thit b nh tuyn chuyn dng ca Cisco Integrated Services Router nhm thay th v

gim ti cho Draytek Vigo3900, Draytek Vigo3900 s chuyn sang dng lm thit b cn bng ti cho cc

ng truyn ca nh trng.


17

Router nh tuyn Cisco Integrated Services Router General

Architecture

Modular architecture 04 slots for WAN Interface Cards (EHWIC/WIC/HWIC/VWIC) 01 slot for ISM 02 PVDM (DSP) onboard slots 01 x USB Console Port (Type B) (up to 115.2 kbps)

Multisevice support Data, Voice and Video Traffic

Memory Memory DDR2 ECC DRAM - Default 512 MB Memory (DDR2 ECC DRAM) - Maximum 2 GB

Power Supply AC Software IOS UNIVERSAL WAN WAN connectivities Leased line, Dial-up, DSL, ATM

Supported WAN interfaces (if selected)

ADSL, G.SHDSL, ISDN, IDSL, HSSI, Asynchronous, ATM T3/E3, TDM over IP

WAN protocols HDLC, PPP, SLIP, FR, X.25, ATM

Network protocols IP Support IPX, AppleTalk, IBM/SNA with appropriate software

Routing protocols Static, RIP v1/v2, IGRP, OSPF, HSRP WAN Interface card 2-Port Serial WAN Interface Card Total Onboard WAN 10/100/1000 Ports 3 x 10/100/1000 Ports

LAN

LAN interfaces 3-port RJ-45-Based Ports Support IEEE802.1Q Support switching module

QoS

QoS protocols

RSVP (Resource Reservation Protocol) WFQ (Weighted Fair Queuing) CRTP (Compressed Real Time Transport Protocol) DSCP (Differentiated Services Code Protocol) WRED (Weighted Random Early Detection) LLQ (Low Latancy Queuing)

Security Firewall/IPS FW/IPS/VPN features

VPN

Support Hardware VPN Accelerator module. Support 3DES/AES IPSec Support SSL VPN

User Authentication RADIUS


18

TACACS+

Voice/Fax support

Support Voice/Fax Support IP Telephony Control (Call Manager) with appropriate software Support Unified Messaging (Unity) with appropriate software Support FXO/FXS interfaces, E1/T1 digital voice interfaces, BRI interfaces Support PVDM (DSP) - Packet Voice Digital Module

Video support Support IP Multicast Accessories Power Cable and other accessories and cables that needed

Cable DCE and DTE V.35 Cable DCE Female to Smart Serial 10 Feet V.35 Cable DTE Male to Smart Serial 10 Feet


4.1.4. Thit b tng la bo mt

Thit b tng la chung cho h thng Tng la FortiGate

Features & Benefits

Enterprise-class UTM functionality in a single device Consolidated security offers better protection and lower cost of ownership than stand-alone security products Up to 90 x GbE ports facilitate flexible deployment of network segments and promotes network expansion and high availability configurations

Web security

Deliver firewall, VPN (IPSec and SSL), intrusion prevention, antivirus/antispyware, antispam, and web filtering technologies Onboard storage provide local archiving of data for policy compliance and/or web caching.

Firewall Throughput 1518 Bytes 3 Gbps Firewall Throughput 512 Bytes 3 Gbps Firewall Throughput 64 Bytes 3 Gbps Firewall Latency (64 byte UDP packets 73 s

Firewall Throughput (Packets Per Second) 180 Kpps

New Sessions/Sec (TCP) 16,000 Firewall Policies 10,000 Firewall Max Concurrent Session 1.4 Million


19

Firewall New Sessions per second 77,000

IPS Throughput 1.7 Gbps IPSec Throughput 512 Byte Packet 1.3 Gbps

Antivirus Throughput (Proxy) 600 Mbps Antivirus Throughput (Flow) 1.1 Gbps Unlimited User Licenses Yes Total Network Interfaces 16x 10/100/1000 RJ45 LAN, 2x 10/100/1000 RJ45 WAN, 2x SFP Total Storage Capacity 16GB SATA MLC Warranty 1 year

4.1.5. My ch CSDL v my ch ng dng

My ch C s d liu v my ch ng dng My ch 2U Rack IBM

Form factor 2U Rack.

Processor

2 x Intel Xeon Processor E5-2620 v2 six core (15M Cache, 2.10 GHz) Up to two Intel Xeon processor E5-2600 product family CPUs with eight cores (up to 2.9 GHz) or six cores (up to 2.9 GHz) or quad-cores (up to 3.3 GHz). Two QPI links up to 8.0 GT/s each. Up to 1600 MHz memory speed. Up to 20 MB L3 cache.

Chipset Intel C602

Memory

16 GB PC3-10600 CL9 ECC DDR3 1333MHz Up to 24 DIMM sockets (12 DIMMs per processor) Memory speed up to 1600 MHz Up to 768 GB with 24x 32 GB LRDIMMs and two processors

Memory protection ECC, Chipkill, memory mirroring, and memory rank sparing.

Disk drive bays

2 x 500GB 2.5in SFF HS 7.2K 6Gbps NL SATA HDD Up to 32 1.8" SSD bays, or 16 2.5" hot-swap SAS/SATA bays, or up to six 3.5" hot-swap SAS/SATA bays, or up to eight 2.5" Simple Swap SATA bays, or up to six 3.5" Simple Swap SATA bays.

Maximum internal storage Up to 14.4 TB with 900 GB 2.5" SAS HDDs, up to 16 TB with 1 TB 2.5" NL SAS/SATA HDDs, or up to 18 TB with 3 TB 3.5" NL SAS/SATA HDDs RAID support RAID 0, 1, 10 with integrated RAID SAS/SATA Controller Optical drive bays DVD ROM Network interfaces Four integrated Gigabit Ethernet 1000BASE-T ports (RJ-45) PCI Expansion slots Up to six slots depending on the riser cards installed

Ports Two USB 2.0 and one DB-15 video on front. Four USB 2.0, one DB-15 video, one DB-9 serial, one RJ-45 systems management, four RJ-45 GbE network ports Power supply 2 x redundant hot-swap 550 W Video Matrox G200eR2 with 16 MB memory integrated Hot-swap parts Hard drives, power supplies, and fans.

Systems management Integrated Management Module, Predictive Failure Analysis, Light Path Diagnostics, Automatic Server Restart Security features Power-on password, administrator's password, Trusted Platform Module (TPM).


20

Operating systems supported Microsoft Windows Server 2012, 2008 R2 and 2008, Red Hat Enterprise Linux 5 and 6, SUSE Linux Enterprise Server 10 and 11, VMware ESX 4.1 and VMware ESXi 4.1 embedded hypervisor, VMware vSphere 5.

Operating systems Microsoft Windows Server 2012 std with licenses Bo hnh 03 nm

4.1.6. H thng t a lu tr H thng t a lu tr c dung lng 6TB SAS HDD (3 x 2TB 3.5In 7,2K rpm 6Gb SAS NL HDD

) v c th nng cp ln ti a 240TB SAS HDD

T a lu tr d liu T a IBM Dual Control Single/dual controller (Kin trc) Dual controller (2 b iu khin chy song hnh)

Cache per controller 4 GB upgradable to 8 GB cache per controller

Host interface (Giao din kt ni ti host)

6 Gbps SAS and 1 Gbps iSCSI host interface with optional 8 Gbps Fibre Channel, 10 Gbps iSCSI/Fibre Channel over Ethernet host ports or additional 6 Gbps SAS, 1 Gbps iSCSI host ports

User interface Graphical user interface

HDD drives 3 x 2TB 3.5In 7,2K rpm 6Gb SAS NL HDD Up to 240 TB of capacity

Supported drives

SFF 2.5-inch disk drives: 146 GB, 300 GB at 15k rpm 300 GB, 600 GB, 900 GB and 1.2 TB at 10k rpm 500 GB, 1 TB at 7.2k rpm SAS nearline LFF 3.5-inch disk drives: 2 TB, 3 TB and 4 TB at 7.2k rpm 900 GB and 1.2 TB at 10k rpm 300 GB at 15k rpm SSD drives: 200 GB and 400 GB Dual-port, hot-swappable 6 Gb SAS disk drives

Maximum drives supported

SFF enclosure: 24 x 2.5-inch drives LFF enclosure: 12 x 3.5-inch drives Dual-port, hot-swappable 6 Gb SAS disk drives Scale up to 120 2.5-inch disk drives or 60 3.5-inch disk drives with four expansion units Supports up to four expansion units (up to 120 drives per system)

RAID levels RAID 0, 1, 5, 6 and 10 Fans and power supplies Fully redundant, hot-swappable Rack support Standard 19-inch rack-mount enclosure Management software Storage machine code software

Advanced functions included with each system (Tnh nng cn

Tch hp sn kh nng to 64 bn sao ni ti "Point-in-Time" Tch hp sn tnh nng thin provisioning


21

bn) Tch hp sn kh nng o ha trong (Internal Storage Virtualization) Di ch d liu Tch hp sn kh nng di ch d liu mt chiu (one-way data migration)

Ease of management, functionality and interoperability

Ease of use, FlashCopy, Thin provisioning, Internal virtualization, Non disruptive migration, Remote Mirror, Turbo performance

Ngun in D phng y (fully redundant) v c kh nng thay th nng (hot-swappable) Host Interface Card 2 x 6Gb SAS 4 Port Host Interface Card Cable 1 x 3m SAS Cable (mSAS HD to mSAS HD) Warranty 3 year

4.2. H thng mng khng dy qun l tp trung

4.2.1. Thit b pht sng khng dy

Access point Cisco Aironet Access Point Software Unified Wireless Network Software IOS Software Release Type Dual-band controller-based 802.11a/g/n

Integrated Antenna 2.4 GHz, gain 4.0 dBi, horizontal beamwidth 360 5 GHz, gain 3.0 dBi, horizontal beamwidth 360

Interfaces 10/100/1000BASE-T autosensing (RJ-45) Management console port (RJ-45)

Indicators Status LED indicates boot loader status, association status, operating status, boot loader warnings, boot loader errors

System Memory 256 MB DRAM 32 MB flash

Data Link Protocol IEEE 802.11b, IEEE 802.11a, IEEE 802.11g, IEEE 802.11n Frequency Band 2.4 GHz, 5 GHz Power Over Ethernet (PoE) Supported PoE

Input Power Requirements 44 to 57 VDC Power Supply and Power Injector: 100 to 240 VAC; 50 to 60 Hz

Compliance

Standards Safety: UL 60950-1 CAN/CSA-C22.2 No. 60950-1 UL 2043 IEC 60950-1 EN 60950-1

Warranty 1 year


22

4.2.2. Thit b qun tr khng dy (Wireless LAN Controller)

Wireless LAN Controller Cisco Wireless Controller with 15 AP Licenses Licenses 2500 Series Wireless Controller for up to 15 Cisco access points

Scalability Supports up to 75 access points Supports up to 1000 clients

High Performance Wired-network speed and nonblocking performance for 802.11n networks. Supports up to 1 Gbps throughput

Wireless Standards IEEE 802.11a, 802.11b, 802.11g, 802.11d, WMM/802.11e, 802.11h, 802.11k, 802.11n, 802.11r, 802.11u, 802.11w, 802.11ac

Wired/Switching/Routing IEEE 802.3 10BASE-T, IEEE 802.3u 100BASE-TX specification, 1000BASE-T, and IEEE 802.1Q VLAN tagging

Security Standards Wi-Fi Protected Access (WPA), IEEE 802.11i (WPA2, RSN)

Management Interfaces Designed for use with Cisco Wireless Control System Web-based: HTTP/HTTPS individual device manager Command-line interface: Telnet, SSH, serial port

Interfaces and Indicators

Console port: RJ-45 connector Network: Four 1 Gbps Ethernet (RJ-45) LED indicators: Link Activity (each 1 Gigabit Ethernet port), Power, Status, Alarm

Rack 1U Rack Dimensions: 1.73 x 8.00 x 6.75 in. Waranty 1 year


23

5. D kin phn b cc im truy cp Access Point

- H thng my ch xc thc RADIUS (dng cc my ch c sn ca trng lm my ch xc thc)

v cc thit b Wireless LAN Controller s t ti phng my ch t ti tng 02 Hi trng A.

Ngi qun tr c th ngi ti phng my ch hoc Remote t xa vo mn hnh qun tr theo di

tnh trng hot ng ca c h thng. Lp t cc im truy cp khng dy (Access Point) cung cp

mng khng dy n cc phng ca hc vin ti cc ta nh A1 A5.

- B tr cc im truy cp khng dy (Access Point) ti hnh lang cc tng cc ta nh v trong phng

ca hc vin. Da mt bng hin trng ca cc ta nh ca Trng HKS H Ni, chng ti

xut nh sau :

Nh KTX A1 (2 tng x 8

phng)


phng)


phng)


phng)


phng)

Hi trng A 2 tng

U N I V E R S I T YU N I V E R S I T Y

Nh Ging ng Nh hiu b (4 tng)

Hi trng 1 tng (3 phng)

KTX mi, ang xy

CNG RA VO TRNG

Li vo

SiSi

Core Switch (Phng my

ch)

Switch

Switch

Switch

Switch

Switch

Vng ph

sng wifi

AP

AP AP

APAP

AP

APAP

AP

AP AP

AP

Vng ph sng wifi

Vng ph sng wifi

Vng ph sng wifi

Vng ph sng wifi

+ Ta nh A1, A2, A3 : (Nh 02 tng, mi tng 8 phng, S = 8 x 40 = 320m2 /tng), b tr 3

Access Point, v tr lp t ngoi hnh lang. (Tng 01 02 B, tng 02 01 b)

+ Ta nh A4 : (Nh 01 tng, 12 phng, S = 8 x 40 = 320m2/tng), b tr 2 Access Point, v tr lp

t ngoi hnh lang.

+ Ta nh A5 : (Nh 01 tng, 05 phng, S = 8 x 40 = 320m2/tng), b tr 1 Access Point, v tr lp

t ngoi hnh lang.


24

6. Kt lun Sau khi trin khai d n h thng mng khng dy, ton b khu ca hc vin ca cc ta nh KTX A1

A5 ca Trng HKS H Ni c ph sng khng dy v m bo tt cc yu cu t ra :

+ Hiu nng h thng p ng nhu cu hc tp v ging dy, lm vic ca Trng HKS H Ni

+ Kim sot ngi s dng h thng ng mc ch (C tnh bo mt v qun tr tt bng thng)

+ Hiu qu v kinh t ph hp vi hiu qu k thut (C tnh n thu ph ngi dng)

Cc h thng thit b CNTT ca d n (Cc switch kt ni, thit b nh tuyn, thit b qun tr, h thng

mng khng dy) trang b cho h tng CNTT cc ta nh KTX A1- A5 ca Trng HKS H Ni c th

lm tin m rng, pht trin nng cao p ng nhiu nhu cu ng dng khai thc cng ngh thng tin

ca nh trng nhng nm tip theo.

Documents

CMC Giaiphap Wifi Pcung Tvienso Dhks