Basic construction of enterprise network and network management

Source: Internet
Author: User
Tags switches

Enterprises are becoming more and more demanding on the network, in order to ensure the high availability of the network, sometimes want to provide equipment, modules and link redundancy in the network.

However, in the two-tier network, redundant links may lead to switching loops, allowing broadcast packets to cycle endlessly in the switched loops, thereby damaging the performance of the devices in the network and even causing the entire network to become paralyzed. Spanning tree technology can solve the problem of switching loops while providing redundancy to the network.

With the Internet as the representative of the tide of information swept the world, the application of network technology increasingly popular and in-depth, along with the rapid development of network technology, enterprise network network needs to be built from the network and network management.

One, the basic network construction

Due to the enterprise network characteristics (large data flow, strong stability, economic and scalability) and the requirements of various departments (Production department and Office Department of Access Control), we use the following scenarios:

1. Network topology Structure selection:

The network uses the star topology structure, it is the most commonly used, the most common LAN topology. Nodes are highly independent and suitable for placing network diagnostic devices in a central location.

2. Networking technology Options:

At present, the common backbone network technology has Fast Ethernet (100Mbps), FTDH, Gigabit Ethernet (1000Mbps), Fast Ethernet is a very mature networking technology, its cost is very low, performance price is very high; FTDH is the optical fiber direct to the customer, is the multimedia application system ideal network platform, but its network bandwidth actual utilization rate is very high;

At present, Gigabit Ethernet has become a mature networking technology, so it is recommended to use Gigabit Ethernet as the backbone, Fast Ethernet switching to the desktop to build a computer broadcast control network.

Second, network management

1. Physical security design.

In order to ensure the physical security of Enterprise Network Information Network system, in addition to network planning and site, environment and other requirements, but also to prevent the spread of the system information in space. computer system through electromagnetic radiation so that information intercepted and compromised the case has been many, the theoretical and technical support of the verification work also confirmed that the interception distance of hundreds of meters or even up to a kilometer of the restoration display technology to the computer system Information security has brought great harm.

In order to prevent the spread of information in the system, it is usually physical to take some protective measures to reduce or interfere with the diffusion of space signals.

The normal prevention measures mainly in three aspects of the host room and important information storage, receiving and dispatching department for shielding treatment, that is, the construction of a shielded room with high efficiency shielding efficiency, with which to install the operation of the main equipment to prevent the drum, tape and high radiation equipment, such as leakage of signals.

In order to improve the effectiveness of the shielding room, in the shielding room and the external contact, the connection should be taken by the corresponding isolation measures and design, such as signal lines, telephone lines, air-conditioning, fire control line, as well as ventilation, waveguide, door closed and so on.

On the local network, LAN transmission lines to the suppression of radiation, due to the inevitable transmission of radiation information, are all using optical cable transmission mode, most of the equipment in the modem out of the electrical conversion interface, with optical cable to connect out of the shielding outdoor transmission.

2. Network sharing resources and data information design.

To solve this problem, we decided to use VLAN technology and computer network physical isolation to achieve.

A VLAN is a logical network that is partitioned on a physical network. This network corresponds to the second layer of the OSI model. By dividing the enterprise network into virtual VLAN, network management and network security can be enhanced, and unnecessary data broadcasting should be controlled.

VLAN divides the network into several broadcast domains, which effectively controls the occurrence of broadcast storms, and can also be used to control the mutual access between different departments and different sites in the network. People are increasingly dependent on the network, in order to ensure the high availability of the network, sometimes want to provide equipment, modules and links in the network redundancy.

However, in the two-tier network, redundant links may lead to switching loops, allowing broadcast packets to cycle endlessly in the switched loops, thereby damaging the performance of the devices in the network and even causing the entire network to become paralyzed. Spanning tree technology can solve the problem of switching loops while providing redundancy to the network.

A company has sales department and technical Department, the technical Department of Computer systems are distributed between the two switches, they need to communicate with each other, sales and technology departments also need to communicate with each other, in order to meet the company's needs, the network equipment to achieve this goal. Enables computer systems on the same VLAN to communicate with each other across switches, requiring relaying between two switches, and computer systems in different VLANs to communicate with each other, and to enable computers to communicate across switches in the same VLAN, The need to establish a relay in the middle of two switches, and in different VLANs of computer systems to achieve mutual communication, to achieve the communication between VLANs requires three layers of technology to achieve, that is, through the router or three-tier switch to achieve. It is recommended that you use a three-tier switch because using routers can cause bottlenecks.

VLAN is to solve the problem of Ethernet broadcast and security, it is based on Ethernet frame to increase the VLAN head, with Vlanid users into a smaller workgroup, limit the different groups of users two levels of mutual visits, each workgroup is a virtual LAN.

The advantage of the virtual LAN is that it can limit the broadcast scope and can form virtual workgroup and manage the network dynamically.

From the current point of view, the way to divide VLANs by Port is one of the most common. Many VLAN vendors use the port of the switch to divide the VLAN members, the set port is in the same broadcast domain, realizes the network management.

The problem of enterprise internal network is not only the problem of equipment and technology, but also the problem of management. For the management of Enterprise network, it is necessary to improve the network management knowledge, strengthen the mastery of network management technology in order to manage the enterprise network well.

Related Article

E-Commerce Solutions

Leverage the same tools powering the Alibaba Ecosystem

Learn more >

Apsara Conference 2019

The Rise of Data Intelligence, September 25th - 27th, Hangzhou, China

Learn more >

Alibaba Cloud Free Trial

Learn and experience the power of Alibaba Cloud with a free trial worth $300-1200 USD

Learn more >

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.