NSA Capstone Presentation

Orange Creek Inc.Network Build Out

By DataScoptic

ITT TECHNICAL INSTITUTE - 086 GETZVILLE - NSA CAPSTONE - WINTER 2015/16 2

Introduction

John StickneyProject Manager

Minh VuTechnical Manager

Patrice HarperSupply & Marketing

Wanda MorganMaterials Technician

Kelly SchurrBudget Analyst

Carla SperanzaBusiness Analyst

“Coming together is a beginning; keeping together is progress; working together is success.”-Henry Ford

3

Agenda

ITT TECHNICAL INSTITUTE - 086 GETZVILLE - NSA CAPSTONE - WINTER 2015/16

Project Overview Description Scope Objectives &

Dependencies Schedule & Milestones

Solution Back End Backbone Client-side & Security

Implementation Logical Layout Active Directory Physical Layout

Risk Management Cost Analysis Summary

“The secret of your success is determined by your daily agenda.”-John C. Maxwell


Project Overview

“For me, every day is a new thing. I approach each project with a new insecurity, almost like the first project I ever did. And I get the sweats. I go in and start working, I'm not sure where I'm going. If I knew where I was going I wouldn't do it.”

-Frank Gehry


Orange Creek Inc. is requesting bids to implement network infrastructure for their new

location in Lexington, Kentucky. New office space for software

development and testing of their banking software.

The new facility will be dedicated to: Development Testing On-site IT staff Management Administration

Project Description


Project ScopeIn Scope:Network Infrastructure

Installation Storage Area Network (SAN) Active Directory, Email & Test servers Desktop Workstations Wireless Access Points

Installation of a Voice Over IP (VoIP) telephony system

Data Center Design & Installation Dedicated HVAC and Fire Suppression Security & Access

Internal Security Internet Protocol (IP) Cameras Physical access to network

infrastructure

Out of Scope:×External building security×Software Licensing

Microsoft Software Assurance×Wireless support external to

the facility×Handling and/or recycling of

legacy hardware Re-purposing to back-up site


Project Objectives & DependenciesObjectives:Timely Project Completion

Meet Occupancy Timetable for Orange Creek Inc.

Cost-Effectiveness“Best bang for the buck”

Smooth TransitionDocumentationTraining

Meet Infrastructure RequirementsCurrent NeedsFuture Growth

Dependencies:Facility Construction

Commence Network Build-out

Material DeliverySystem Installation &

TestingNetwork Build-out &

TurnoverOrange Creek Inc.

Occupancy

Project Schedule & MilestonesMilestone 1:

Core Infrastructure Installed Cable Drops HVAC & Fire Suppression Trunk Hardware

Milestone 2:Server Delivery &

Installation Operating Systems Basic Configuration

Milestone 3:VoIP System InstalledWorkstations Installed

Operating Systems Configuration

Milestone 4:Full Network Integration &

Testing Functionality Performance Final Configurations

Project Conclusion:DocumentationTrainingTurnover

8ITT TECHNICAL INSTITUTE - 086 GETZVILLE - NSA CAPSTONE - WINTER 2015/16

“Planning is bringing the future into the present so that you can do something about it now. “

-Alan Lakein


Solution

“The solution often turns out more beautiful than the puzzle.”-Richard Dawkins


Solution: Back EndFive Core (Physical) Servers

2x Domain Controllers (DC) Active Directory (AD) Domain Name Service (DNS)

2x Microsoft Exchange 2013 (Email & Collaboration)

1x Linux Server (Code box)

2x Virtual Machine (VM) Servers Versatility & Flexibility Redundancy

Server OS: Windows 2012 R2Uninterruptible Power Supply

Blade System High Integration &

Consolidation Density Expansion & Growth Built-in Network Fabric

Support Gigabit Ethernet Fibre Channel

Storage Area Network 42.6TB Total Capacity Hybrid/Tiered Storage

Solid-State Drives (SSDs) for speed

Traditional Hard-Disk Drives (HDDs) for space

“One of the most feared expressions in modern times is 'The computer is down.‘”

-Norman Ralph Augustine


Solution: Server ConfigurationsServer Domain, Exchange, Linux VirtualizationProcessor 2x Intel Xeon E5-4607

• 2.20GHz Clock-speed• 12MB Cache• 6 (C)ores / 6 (T)hreads• 95 Watt Thermal Design Power (TDP)• 6.4 Giga-Transfers/sec (GT/s) Intel

QuickPath Interconnect (QPI)

4x Intel Xeon E5-4655v3• 2.9GHz• 30MB Cache• 6C / 12T• 135 Watt TDP• 9.60GT/s QPI

Memory 128GB (16GB x8)• 1600 Mega-Transfers/sec (MT/s)• Low Voltage• Advanced Error Correcting Code (AECC)• Registered Dual-Inline Memory Modules

(RDIMM)

512GB (32GB x16)• 2133 MT/s• Low Voltage• AECC• RDIMM

Storage** 3x 300GB SAS 6Gbps 15K RPM HDD 3x 800GB SAS 12Gbps MLC SSD

RAID* RAID 5** RAID 5**

Network Broadcom 57810-k Dual port 10Gb Ethernet

Emulex LPE1205-M 8Gbps Dual Port Fibre Channel

Broadcom 5720 1Gb Quad Port Ethernet

Emulex LPE1205-M 8Gbps Dual Port Fibre Channel

*RAID – Redundant Array of Independent/Inexpensive Disks. Used for fault tolerance/redundancy.** RAID 5 requires a minimum of 3 drives to provide fault tolerance.


Solution: Back Bone4-Port Router

Failover Support Virtual Private Network

(VPN)-capable 500Megabit/sec throughput

Upgradeable to Gigabit

15x 52-port Layer 2-3 Managed Switches (Gigabit) Virtual Local Area Network

(VLAN)-capable Power-over-Ethernet (PoE)

Wireless Access Points Full-range support of

wireless standards (802.11a/b/g/n/ac)

PoE-capable

Dual Physical Firewalls Dedicated firewall protection First line of defense Segregate Wireless Network

Category 6 (Cat6) Cabling Supports Gigabit Ethernet

(1000Base-T)“You can't trust the internet.”

-Nicollette Sheridan


Solution: Client-side & SecuritySingle Workstation

Configuration Uniformity Ease of management

Laptop Systems Executives On-site Technicians

Multifunction Printers Copy, Print, Scan, Fax Versatility

Internet Protocol (IP) Security Cameras Common Infrastructure PoE – Placement not

dependent on power outlet availability

High Resolution (1280x960) Supports most networking

protocols and features Monitor access to facility

entries and network infrastructure

Biometrics Fingerprint reader in addition

to keypad Control and secure access to

network infrastructure


Solution: Client System Configurations

System Workstation Laptop

Processor Intel Core i3 Dual Core @ 3.6GHz Intel Core i3 Dual Core @ 2.0GHz

Memory 4GB 8GB

Storage 500GB HDD 128GB Solid State Drive

Video Integrated Intel Graphic

Network Integrated Ethernet • Wireless A/G/N• Bluetooth 4.0

OS Windows 7

Other• Fingerprint Reader• 65W AC Adapter• 40 Watt-hour Li-Ion Battery


Implementation

“Success is simple. Do what's right, the right way, at the right time.”-Arnold H. Glasow


Implementation: Logical Network Structure

VM Server (x2)GatewayRouter

InternetFirewall

WirelessAccessPoints

WirelessFirewall

Trunk &Switches

Rack Switch

AD Servers (x2) ExchangeServers (x2)

WirelessNetwork

PhoneTrunk

IP Phones Peripherals

Production &Development

Administration

QA Lab 1

QA Lab 2

Prior Site(via VPN)

Switch IP CamerasSecurity

LinuxCodebox

WAN/Internet

Demark

SAN


Implementation: Active Directory Scheme

IT SystemsUsers Infrastructure

Workstations

Peripherals Laptops

Administration Servers

Domain

QualityAssurance

Executive

Production

HumanResources

Reception

SysAdmin Support


15' 0" x 12' 2.032"

Data Center

6' 0.141" x 6' 7.101"

Dedicated HVAC for Data Center

Fire Suppression System

Up

s

Up

Up

250'

HR Director͛=s

Office

QA Lab 2

E2 E4 E3

Executive͛=s Office

Wiring ClosetIT Director͛=s

Office

QA Lab 1

C

C

FC

C

FC

C

Quiet RoomBreak Room

ConferenceRoom

Wiring Closet

C

F C

C

C

C

First FloorImplementation: Physical Layout

C

C

F

C

KeypadCamera Biometric WAP Cable Drop Cubicles Wiring Closet


Implementation: Physical Layout Second Floor

Up

Z

Up

Wiring Closet

Up

250'

250'

Up

72.0 in. x 36.0 in.

2nd Floor Cafe

Wiring Closet

.

.

.

.

.

.

ConferenceRoom

Lounge

C

C

C

C

F C

C

F

C

C

C

F

C

KeypadCamera Biometric WAP Cable Drop Cubicles Wiring Closet


Risk Management

“Carelessness and overconfidence are usually more dangerous than deliberately accepted risks.”

-Orville Wright


Risk Management PlanRisk Area Probability Impact Risk Plan

1. Flooding due to facility location

Low High Elevated the servers to 4 feet from the floor; seal the server room; equip room with flood-proofing safeguards

2. Hardware delay

Medium Medium Investigate cause of delay and formulate appropriate plan of action, such as:• Contact vendor for expedited delivery

of new hardware (lost/damage delivery)

• Find new vendor (vendor-induced delay)


Cost Analysis


Cost Analysis*

Category CostsBack End $162,805.30

Back Bone $123,796.68

Client-side & Security $262,138.21

Utility $56,568.00

Contracting $101,550.00

Fees $82,160.00

Services $1,800.00

Total $790,818.19

*Detailed cost breakdown in proposal package


Summary


Summary

Cost-EfficiencyFramework SolutionTimelinessCustomizationSmooth Transition via:TrainingOngoing Support


Questions

“The price of success is hard work, dedication to the job at hand, and the determination that whether we win or lose, we have applied the best of ourselves to the task at hand.”

-Vince Lombardi


Appendix

“Coming together is a beginning; keeping together is progress; working together is success.”

-Henry Ford

“The price of success is hard work, dedication to the job at hand, and the determination that whether we win or lose, we have applied the best of ourselves to the task at hand.”

-Vince Lombardi

“The secret of your success is determined by your daily agenda.”

-John C. Maxwell

“Carelessness and overconfidence are usually more dangerous than deliberately accepted risks.”

-Orville Wright

“You can't trust the internet.”-Nicollette Sheridan

“Planning is bringing the future into the present so that you can do something about it now. “

-Alan Lakein

“For me, every day is a new thing. I approach each project with a new insecurity, almost like the first project I ever did. And I get the sweats. I go in and start working, I'm not sure where I'm going. If I knew where I was going I wouldn't do it.”

-Frank Gehry

“The solution often turns out more beautiful than the puzzle.”

-Richard Dawkins

“One of the most feared expressions in modern times is 'The computer is down.‘”

-Norman Ralph Augustine

“Success is simple. Do what's right, the right way, at the right time.”

-Arnold H. Glasow

Quotes from: http://www.brainyquote.com


Implementation: Network Activity Diagram

VM Server (x2)

WirelessAccessPoints

Rack Switch

Peripheals

Production &Development

Administration

QA Lab 1

QA Lab 2Switch IP CamerasSecurity

Demark

SAN

GatewayRouter

InternetFirewall

WirelessFirewall

Trunk &Switches

AD Servers (x2) ExchangeServers (x2)

WirelessNetwork

PhoneTrunk

IP Phones

Prior Site(via VPN)

LinuxCodebox

WAN/Internet

29

Workstation Naming Convention

ITT TECHNICAL INSTITUTE - 086 GETZVILLE - NSA CAPSTONE - WINTER 2015/16

Workstation naming scheme will follow a basic standardize convention: OCL[DEPT]Wks[ID#]

• OCL: Orange Creek Lexington – Organization & facility location• [DEPT]: Shorthand identifier of Department

• Wks: Initialism for “Workstation”

• [ID#]: Numeric identifier for the workstation Examples:

• OCLQAL1Wks01: Quality Assurance Lab 1

• OCLProdWks99: Production• OCLExecWks13: Executive Offices

Documents

NSA Capstone Presentation