Vin Game

HC VIN CNG NGH BU CHNH VIN THNG C S TI THNH PH H CH MINH
N MN HC : THIT K MNG
THIT K H TNG MNG CHO CNG TY VINAGAME
Gio vin hng dn Th.S Nguyn Hng Sn Nhm sinh vin thc hin 1. Trng nh Hong 2. Nguyn Th Thanh Minh 3. Nguyn Duy Cng 4. V Thanh Tho 5. L T Vit Thng
N THIT K MNG PTIT 04/2010
MC LC
Chng I : Kho st v phn tch cc rng buc yu cu Chng II : Phn tch cc mc tiu k thut Chng III : c tnh ha lu lng mng Chng IV : Thit k topo mng Chng V : Gn a ch v t tn Chng VI : Chn giao thc nh tuyn v chuyn mch Chng VII : Thit k an ninh cho h thng Chng VIII : Qun l mng Chng IX X : Thit k mng vt l cho campus network v enterprise network 47 44 37 33 26 22 14 11 3
CHNG I : KHO ST V PHN TCH CC RNG BUC YU CU

1. Gii thiu v cng ty VinaGame:
c thnh lp vo thng 9/2004, VinaGame l mt trong nhng doanh nghip u tin chuyn kinh doanh loi hnh Tr chi Trc tuyn.Cng ty VinaGame c tr s chnh t ti Tng 2 Siu th Big C-T Hin Thnh, qun 10, thnh ph H Ch Minh. Ngoi ra cn c thm 2 chi nhnh khc ti Nng v H Ni. Sc mnh ca VinaGame trn lnh vc TCTT c khng nh v th nh pht hnh game s 1 Vit Nam vi 3/4 th phn nm gi. Ba trong s bn game online thnh hnh nht Vit Nam ang c VinaGame pht hnh c quyn. Bn cnh , VinaGame cn cung cp phn mm qun l phng my CSM t thng 6 nm 2006 v chnh thc bt u a vo hot ng cc sn phm ca Zing (Zing Chat,Zing Me,Zing News,Zing Mp3...) t nm 2008.
B my t chc :
C tr s chnh t ti khu vc TPHCM, v 2 chi nhnh t ti H Ni v Nng. a) Chi nhnh ti TPHCM: Ban gim c gm: 1 Tng gim c:1 PC, 1 printer 2 Ph Tng gim c:2 PC, 1 printer
Cc phng ban gm: Phng giao dch khch hng:10 PC,1 printer Phng k ton: 15 PC, 1 printer Phng k thut:20 PC, 1 printer Phng hnh chnh: 15 PC, 1 printer

Phng sale: 20 PC, 1 printer Phng pht trin cc dch v web: 20 PC, 1 printer Phng pht trin cc sn phm game: 20 PC, 1 printer Phng marketing: 20 PC, 1 printer Phng nhn s : 15 PC, 1 printer b) Chi nhnh ti H Ni: Ban gim c gm: 1 gim c chi nhnh min Bc:1 PC, 1 printer 2 ph gim c:2 PC, 1 printer
Cc phng ban gm: Phng giao dch khch hng:10 PC,1 printer Phng k ton: 15 PC, 1 printer Phng k thut:20 PC Phng hnh chnh: 15 PC, 1 printer Phng sale: 10 PC, 1 printer Phng pht trin cc dch v web: 20 PC, 1 printer Phng pht trin cc sn phm game: 20 PC, 1 printer Phng marketing: 10 PC, 1 printer Phng nhn s: 15 PC, 1 printer
c) Chi nhnh ti Nng : Ban gim c gm: 1 gim c chi nhnh min Trung:1 PC, 1 printer 2 ph gim c:2 PC, 1 printer
Cc phng ban gm: Phng giao dch khch hng:10 PC,1 printer Phng k ton: 10 PC, 1 printer

Phng k thut:20 PC Phng hnh chnh: 15 PC, 1 printer Phng sale: 10 PC, 1 printer Phng marketing: 10 PC, 1 printer Phng nhn s: 10 PC, 1 printer
2. Cng vic ca cng ty Vinagame:

Lnh vc : game , web.
Th trng : ch yu phc v cho ngi dng trong nc , c th phc v thm mt s b phn ngi Vit Nam ang c tr ti nc ngoi. Sn phm : Zing News , Zing Chat , Zing Mail , Zing Me... Dch v : pht hnh cc game online ti th trng Vit Nam.
Cc u th cnh tranh : l cng ty dn u th trng v cung cp cc th loi game online ti Vit Nam.
3. Yu cu ca cng ty:
i vi nhn vin trong cng ty : Mi nhn vin s dng mt my tnh , cc nhn vin c th trao i thng tin c vi nhau trong tng phng ban v trong cng ty. Mi nhn vin s hu mt hp mail ring , c th gi mail ra bn ngoi v c th truy cp internet vi h thng cp quang tc cao. H thng File Server: qun l h s theo tng phng ban , cc nhn vin ch c th xa ti nguyn ca chnh mnh , c c ch backup khi phc d liu khi cn thit.

i vi khch hng:
Lnh vc game:
Mi khch hng c th s hu nhiu account game khc nhau Thng tin v ti khon ca khch hng phi c lu tr file server m bo truy xut vi tc cao , trnh tnh trng qu ti trn cc server gy ra hin tng lag trong game m bo ti sn trong game cho tng ngi chi
Lnh vc web:
Vn hnh , bo tr , xy dng ni dung cho cc trang web : zing news ( tin tc x hi) , zing mp3 (website nghe nhc trc tuyn) , zing me (h thng mng x hi o)... phc v cho nhu cu ca ngi dng C h thng Mail Server (zing mail) cung cp cc hp mail min ph cho khch hng c nhu cu gi nhn mail v thip in t.
4. Mc tiu khi thit k:

Nhn thy VinaGame l mt cng ty a dch v (v web , game , internet...) c nhiu chi nhnh t ti 3 min Bc ,Trung , Nam nn m hnh mng ca cng ty ny rt ln. Cng ty ang pht trin nn ko theo s pht trin h thng mng LAN ti mi ni v iu quan trng l nhu cu trao i d liu gia cc chi nhnh ca cng ty ti 3 min l rt ln , nhm phc v cho vic qun l , trao i thng tin , h tr k thut ln nhau...Ti mi chi nhnh u c mt mng LAN ni cc my tnh ti mi phng ban vi nhau.
Cng ty c nhu cu kit ni cc mng LAN ca cng ty v kt ni vi my ca nhn vin ti nh h p ng nhu cu thc t t ra , to ra mt mng intranet thng nht. Cc ng kt ni WAN chnh cng ty d nh s s dng cc ng leased line thu t nh cung cp dch v VDC. H thng cp truyn dn cn phi c m bo v yu cu kt ni tc cao, kh nng d phng hn ch thp nht nhng s c xy ra trong qu trnh vn hnh. Yu cu cho mng l phi p ng cc nhu cu hin ti v phi c kh nng nng cp vi cc k thut mi trong tng lai. C th l n phi hot ng n nh , c th m rng theo s ln mnh ca cng ty , c ng truy cp internet , c chc nng qun l v bo mt.
5. Phng php thit k:

S dng phng php top-down . y l phng php module ha ca Cisco vi m hnh phn cp 3 lp.
6. Mc tiu kinh t khi thit k:

Da vo m hnh mng thit k pht trin cng ty, iu hnh qun l cht ch thun li cho pht trin cng vic, pht trin kinh t. iu kin rng buc: s dng cc cng ngh tt nht nhng vn m bo v mt kinh t v cng ty ch mi thnh lp c 6 nm.
7. Cc vn lin quan n chnh sch nhn lc, ngn sch, ni quy, iu l:

M rng thm nhiu trung tm phc v khch hng ni thnh cng nh cc chi nhnh khc, p ng nhu cu ca ngi dng
M rng thm nhiu loi hnh kinh doanh c tim nng khc nh : internet, vin thng... Nng cao chuyn mn ngh nghip cho nhn vin, c chnh sch phc li cho nhn vin lu nm, to iu kin cho nhn vin mi thch nghi vi cng vic ca cng ty. Khng ngng nng cao cht lng dch v v thu li nhun cao, tng ngn sch np cho nh nc.
8. Phn tch yu cu: Cc ng dng s chy trn mng :

Tn ng dng Loi dng ng ng dng l Tnh mi thit cn Lu
Chia s tp tin Chia s my in
User Apps User Apps
Rt cn thit Cn thit Cn thit Cn thit Cn thit Cn thit
Trnh Duyt Web User Apps Mail User Apps
Microsoft Offlice User Apps Domain Controler DHCP Server DNS Server Mail Server Web Server File Server System Apps
System Apps System Apps System Apps System Apps System Apps
Rt cn thit Rt cn thit Cn thit Cn thit Rt cn thit

Administrative Tool System Apps Rt cn thit
9. Checklist:
x x x x x x x x x
kho sot c th ngnh ngh ca cng ty Hiu c t chc ca cng ty Lm r cc mc tiu cng vic Hiu c phm vi ca d n thit k Nm k hoch v cc mc thi gian quan trng Nm c m hnh mng v hot ng ca h thng Nm vng cc kin thc v thit k topo mng Bit ngn sch cung cp cho d n Bit cc ng dng s chy trn mng
11.nh hng m rng ca cng ty trong 5 nm ti:

B sung thm cc c s mi, c th l m thm 3 chi nhnh trn a bn thnh ph HCM, v thm cc chi nhnh cc tnh, phn u mi vng u c c s ca Vinagame. - mi c s, khng ngng nng cao cht lng mng, trang b cc thit b mng c cht lng, nng cao tnh scalability v performance v d dng m rng h thng mng khi cn thit, xy dng thm cc h thng d phng. Tng cng thm nhiu server gim ti cho cc server game ang chy , m rng bng thng phc v cho gamer. - Nng cao tnh bo mt cho h thng, qun l cht ch cc chnh sch p dng cho h thng mng .

-
10
Pht trin thm cc dch v v web , forum , cc trang mua bn hng trc tuyn (123mua.com.vn).
- Pht hnh thm cc sn phm v game , thc y pht trin th trng gameonline ti Vit Nam. Cho ra i sn phm game Vit u tin mang tn Thun Thin Kim . Ngoi ra khng ngng to ra cc sn phm game mini (online) trong Zing Play. - nh hng tr thnh cng ty dn u Vit Nam v game , web, internet , telecom (Zing Phone) vi quy m gn 1000 nhn vin ti 3 min Bc , Trung , Nam.
11
CHNG II : PHN TCH CC MC TIU K THUT

1. Scalability :
- Xy dng thm nhiu chi nhnh ti cc tnh thnh ln nh : Cn Th, Hi Phng ... Cc server m bo tc truy xut vi trng ti cao , khong 70000 CCU (s lng ngi chi ng nhp vo game cng 1 lc). C cu ca cng ty c kh nng m rng trong vng 5 nm ti, d kin tuyn thm 500 nhn vin cho cc phng ban c 3 min. B sung thm nhiu server vo lin mng cho mc ch pht trin game v m rng kinh doanh web.
2. Availability:
C server d phng backup d liu khi gp s c.
- i vi nhn vin trong cng ty m bo truy xut vi tc ti a : 24h/1 ngy; 7 ngy/1 tun. - i vi khch hng: Bo tr cc server vo cc khong thi gian nht nh trong ngy nng cp , sa cha .Ngoi thi gian bo tr tt c ngi dng u c th truy xut vi tc cao.
3. Performance:
Bng thng: p ng tt cc ng dng ca h thng v user. Utilization: 90% Thng lng c ch : gim hao ph trn ng truyn. Tnh chnh xc: 99% Hiu sut: 90% Delay: 100ms Jitter: 5ms BER: 10-5
12
4. Security:
- Nhn din c cc thit b cn phi c bo v nh : DHCP Server, DNS Server, H thng Mail Server , cc server lu tr thng tin ti khon ca khch hng v nhn vin trong cng ty... Xy dng cc h thng pht hin xm nhp, cc h thng firewall chng li s truy cp tri php t bn ngoi, m bo cc thng tin tuyt mt ca cng ty trc s tn cng ca hacker.
5. Qun l c:
B phn k thut c kh nng qun l , gim st hot ng ca mng cng nh ca tng user , c th d on trc cc s c c th xy ra cho h thng mng trong tng lai. - Thng k ti nguyn mng ang c s dng trong h thng , nhiu hay t , c lng ph hay thiu ht ch no hay khng c bin php x l thch hp.
6. Tin dng:
- Nhn vin trong cng ty c th d dng s dng cc ti nguyn hin c , trao i thng tin nhanh chng vi cc phng ban khc v bn ngoi. - Khch hng d dng ng k account s dng cc dch v ca cng ty nh chi game , lt web , gi mail ...
7. Tnh thch ng :
Mng c thit k thch ng vi cc thay i v cng ngh mi.
- Thit k linh hot thch nghi vi cc thay i v traffic v nhu cu v cht lng dch v.
13
8. Chi ph hiu qu:

Chn cc thit b d cu hnh v s dng. C ti liu hng dn s dng chi tit. p ng c yu cu ca nhn vin v khch hng vi mt chi ph ti chnh cho php.
9. Checklist: x x x x x x x x x
Ghi ch v d kin m rng tho lun v mi e da an ninh mng v cc nhu cu bo v xem xt v nhu cu qun l c Ghi li yu cu utilization Ghi li yu cu throughput tho lun vi ch u t v dng kch thc frame ln ti a hiu sut tho lun v nh i gia hiu sut v tr khi thay i kch thc frame cp nht bng cc ng dng Ghi li mc kh dng theo yu cu hay MTBF,MTTR
10.Bng m t cc ng dng mng :

Tn ng dng Remote access Database Loi ng dng Terminal/host flow Client/Server L mi traffic Mi Mi Tm quan trng Quan trng Quan trng
14
CHNG III: C TNH HA LU LNG MNG
1. c tnh ha lung lu lng : Tn cng ng

User
S lng ngi dng

1
V tr
Cc ng dng s dng
Tng gim c
Mail,Web,File,Office,Database,My in,Remote access in,
User
Ph tng gim c Mail,Web,File,Office,Database,My Remote access Gim c ti chi Mail,Web,File,Office,Database,My nhnh min Bc Remote access v min Trung 2 ph gim c Mail,Web,File,Office,Database,My ti chi nhnh Remote access min Bc v min Trung Phng giao dch Mail,Web,File,Office,My in khch hng Phng k ton Phng k thut Mail,Web,File,Office,My in Mail,Web,File,Office, Domain
User
in,
User
in,
User
User Admin
10 20
Controler, DHCP Server,DNS Server,Mail Server,Web Server,File Server,Administrative Tool,Remote Access,Database Server User 10 Phng hnh chnh Mail,Web,File,Office,My in

User User 10 5 Phng sale Mail,Web,File,Office,My in
15
Phng pht trin Mail,Web,File,Office,My in,Cc ng cc dch v web dng phc v cho lp trnh web nh : PHP,MySQL,Photoshop,Flash,3D,Java Phng pht trin Mail,Web,File,Office,My in, Cc ng cc sn phm dng phc v cho pht trin game: game J2EE,C#,3D Phng marketing Mail,Web,File,Office,My in
User
20
User
10
Tn kho d V tr liu
Khu vc 1 Min Bc
Cc ng dng
c dng bi cng ng ngi dng
DHCP Server,DNS Server,Mail User,Admin Server,Web Server,File Server,Database Server DHCP Server,DNS Server,Mail User,Admin Server,Web Server,File Server,Database Server DHCP Server,DNS Server,Mail User,Admin Server,Web Server,File Server,Database Server
Khu vc 2
Min Trung
Khu vc 3
Min Nam
Phn loi lung lu lng:

Terminal/host traffic flow:Chia s tp tin, Remote Access Client/Server traffic flow: Web,Mail,File,Database Server/Server traffice flow:Server d phng vi load balancing
16
2.c tnh ha traffic : a) Chi nhnh ti TPHCM:

Tn ng Loi lung Giao dng lu lng thc c dng bi ng dng Web Client/Server HTTP Mail File Client/Server Client/Server SMTP FTP Cng ng Kho Nhu cu bng thng ngi dng d liu xp x cho ng dng (server, host)
User/Admin Server User/Admin Server User/Admin Server User/Admin Server User/Admin Server
7000Kb/ngy 1400Kb/ngy 200000000Kb/ngy 400000000Kb/ngy 20000000Kb/ngy
Database Client/Server FTP Remote Terminal /host PPP Access traffic flow
Tng lu lng : 80008400Kb Lng nhu cu bng thng trn tng ngdng : WEB S user Tn sut phin Khang thi gian trung bnh ca user S user ng thi
150 500/ngy,15000/thng 10/24 100
MAIL
S user Tn sut phin Khang thi gian trung bnh ca user 150 200/ngy,6000/thng 5/24

S user ng thi 100
17
FILE
S user Tn sut phin Khang thi gian trung bnh ca user S user ng thi 150 100/ngy,3000/thng 5/24 50
DATABASE
REMOTE ACCESS S user Tn sut phin Khang thi gian trung bnh ca user S user ng thi
50 100/ngy,3000/thng 5/24 20
b) Chi nhnh ti H Ni:
Tn ng Loi lung Giao dng lu lng thc c dng bi ng dng
Cng ng Kho Nhu cu bng thng ngi dng d liu xp x cho ng dng (server, host)

Web Mail File Client/Server Client/Server Client/Server HTTP SMTP FTP User/Admin Server User/Admin Server User/Admin Server User/Admin Server User/Admin Server 5000Kb/ngy 1000Kb/ngy
18
150000000Kb/ngy 400000000Kb/ngy 10000000Kb/ngy
Tng lu lng : 650006000Kb Lng nhu cu bng thng trn tng ngdng : WEB S user Tn sut phin Khang thi gian trung bnh ca user S user ng thi
130 400/ngy,12000/thng 10/24 100
MAIL
FILE
N THIT K MNG PTIT 04/2010 DATABASE

19
40 100/ngy,3000/thng 5/24 20
c) Chi nhnh ti Nng:

Tn ng Loi lung Giao dng lu lng thc c dng bi ng dng Web Client/Server HTTP Mail File Client/Server Client/Server SMTP FTP Cng ng Kho Nhu cu bng thng ngi dng d liu xp x cho ng dng (server, host)
User/Admin Server User/Admin Server User/Admin Server User/Admin Server User/Admin Server
3000Kb/ngy 500Kb/ngy 100000000Kb/ngy 200000000Kb/ngy 5000000Kb/ngy
Tng lu lng : 350003500Kb Lng nhu cu bng thng trn tng ngdng :

WEB S user Tn sut phin Khang thi gian trung bnh ca user S user ng thi
20
90 200/ngy,6000/thng 10/24 80
MAIL
FILE
DATABASE
30 50/ngy,3000/thng 5/24 20
N THIT K MNG PTIT 04/2010 Checklisk :

x
21
nhn bit cc ngun lu lng v kho d liu , ghi li cc lung lu lng gia chng
x x x x x x
phn loi lung lu lng cho mi ng dng c lng bng thng cho mi ng dng c lng bng thng yu cu cho mi giao thc nh tuyn c tnh ha lu lng mng theo ng lc hc ca lu lng phn loi theo cc nhu cu QoS cho mi ng dng nu bt cc thch thc lin quan n ci t end to end QoS
22
CHNG IV: THIT K TOPO MNG

H thng mng ca cng ty c thit k theo m hnh 3 lp nh sau: Lp Core Layer Lp Distribution Lp Access
M hnh logic c thit k nh sau:
1. Chi nhnh ti TPHCM:
N THIT K MNG PTIT 04/2010 2. Chi nhnh ti Nng :
23
N THIT K MNG PTIT 04/2010 3.Chi nhnh ti H Ni:
24
Thit k chi tit cho tng lp nh sau:

-
Lp Access Layer:
Cc thit b trong lp ny thng c gi l switch truy cp
Thc hin chia Vlan cho cc phng ban, gip mng c tnh linh hot cao hn, tng tnh bo mt cho cng ty, tit kim bng thng ca h thng.
25
Trin khai cng ngh MPSL h tr cc chi nhnh v vn phng nh d dng truy cp vo mng internetwork Trin khai Spanning Tree Protocol (STP) gip h thng mng n nh v hot ng khng b lp
Lp Distribution
Thc hin nh tuyn gia cc Vlan chia trn. Cho php Load Balancing v Load Sharing Kim sot c lu lng mng.
Kim sot truy xut ti nguyn m bo an ninh cho h thng mng v ti nguyn cng ty. Cung cp cc kt ni bn trong ca gia lp Access v lp Core
Lp Core Layer
y chng ta s dng mt switch backbone c tc cao v c kh nng d phng cao Cung cp cc kt ni ca tt c cc thit b lp Distribution
CHNG V: GN A CH V T TN
26
Da vo thnh phn cc PC hin c chng 1 ca cng ty,ta nhn thy s lng PC nhiu nht ca 1 phng ban l 20 PC. Vi mi phng ban l 1 Vlan,ta c cc a ch IP cho mi phng ban c th l:
1. Chi nhnh ti TPHCM: Ban gim c gm:

Vlan 1:1 Gim c:1 PC 192.168.1.239 trong dy a ch 192.168.1.236/27 - Vlan 2:2 Ph gim c:2 PC 192.168.1.237,192.168.1.238 trong dy a ch 192.168.1.236/27
Cc phng ban gm:

Vlan 3:Phng giao dch khch hng:10 PC 192.168.1.226 -> 192.168.1.236 trong dy a ch 192.168.1.224/27 Vlan 4: Phng k ton: 15 PC 192.168.1.194 -> 192.168.1.209 trong dy a ch 192.168.1.192/27 Vlan 5:Phng k thut:20 PC 192.168.1.162 -> 192.168.1.182 trong dy a ch 192.168.1.160/27 Vlan 6:Phng hnh chnh: 15 PC 192.168.1.130 -> 192.168.1.145 trong dy a ch 192.168.1.128/27 Vlan 7:Phng sale: 20 PC 192.168.1.98 -> 192.168.1.108 trong dy a ch 192.168.1.96/27 Vlan 8:Phng pht trin cc dch v web: 20 PC 192.168.1.66 -> 192.168.1.86 trong dy a ch 192.168.1.64/27 Vlan 9:Phng pht trin cc sn phm game: 20 PC 192.168.1.34>192.168.1.54 trong dy a ch 192.168.1.32/27 Vlan 10:Phng marketing: 20PC 192.168.1.2 -> 192.168.1.22, trong dy a ch 192.168.1.0/27 Cc server c gn IP c nh:

o DHCP server : 10.0.0.1 o DNS server : 10.0.0.2 o File server : 10.0.0.3 o Mail server : 10.0.0.4 o Web server : 10.0.0.5 o Database server : 10.0.0.6
27
Bng tm tt a ch
Phng ban IP 192.168.1.239 Network Default mask gateway 255.255. 192.168. 255.0 1.1 255.255. 192.168. 255.0 1.1 Prefered DNS 192.168. 1.254 192.168. 1.254 192.168. 1.254 Alternate DNS 192.168.1. 253 192.168.1. 253 192.168.1. 253 Domain Giamdoc
Gim c
Ph giam c
192.168.1.237, 192.168.1.238
Phogiamdoc
Phng giao 192.168.1.226 255.255. 192.168. dch khch -> 255.0 1.1 hng 192.168.1.236 Phng ton k 192.168.1.194 -> 192.168.1.209 192.168.1.162 -> 192.168.1.182 255.255. 192.168. 255.0 1.1
Giaodichkhach hang
192.168. 1.254
192.168.1. 253
Ketoan
Phng thut
255.255. 192.168. 255.0 1.1
192.168. 1.254
192.168.1. 253
Kithuat
Phng chnh
hnh
192.168.1.130 255.255. 192.168. -> 255.0 1.1 192.168.1.145 192.168.1.98 255.255. 192.168. -> 255.0 1.1
192.168. 1.254
192.168.1. 253
Hanhchanh
Phng sale
192.168. 1.254
192.168.1. 253
Sale

192.168.1.108 Phng pht 192.168.1.66 255.255. 192.168. trin cc dch -> 255.0 1.1 v web 192.168.1.86 Phng pht 192.168.1.34 trin cc sn -> phm game 192.168.1.54 Phng marketing 192.168.1.2 -> 192.168.1.22 255.255. 192.168. 255.0 1.1 192.168. 1.254 192.168.1. 253
28
Develop_web
192.168. 1.254
192.168.1. 253
Develop_game
255.255. 192.168. 255.0 1.1
192.168. 1.254
192.168.1. 253
Marketing
2. Chi nhnh ti Nng : Ban gim c:

Vlan 1: Phng ph gim c:2 PC 192.168.2.162 , 192.162.2.163 trong dy a ch 192.168.2.160/27 Vlan 2:Phng gim c:1PC 192.168.2.164 trong dy a ch 192.168.2.160/27 Cc phng ban: Vlan 3:Phng marketing&Sales: 20PC 192.168.2.2 -> 192.168.2.22, trong dy a ch 172.16.1.0/27 Vlan 4: Phng k ton: 15 PC 192.168.2.34 -> 192.168.2.49 trong dy a ch 192.168.2.32/27 Vlan 5: Phng k thut:20 PC 192.168.2.66 -> 192.168.2.86 trong dy a ch 192.168.2.64/27 Vlan 6: Phng hnh chnh: 15 PC 192.168.2.98 -> 192.168.2.113 trong dy a ch 192.168.1.96/27 Vlan 7: Phng giao dch khch hng:10 PC 192.168.2.130 -> 192.168.2.140 trong dy a ch 192.168.2.128/27

Cc server c gn IP c nh : o DHCP server : 10.0.1.1 o DNS server : 10.0.1.2 o File server : 10.0.1.3 o Mail server : 10.0.1.4 o Web server : 10.0.1.5 o Database server : 10.0.1.6
29
Bng tm tt a ch
Phng ban IP 192.168.2.164 Network mask 255.255. 255.0 255.255. 255.0 Default gateway Prefered DNS Alternate DNS Domain Giamdoc
Gim c
192.168.2 192.168.2. 192.168. .1 254 2.253 192.168.2 192.168.2. 192.168. .1 254 2.253 192.168.2 192.168.2. 192.168. .1 254 2.253
Ph gim c
192.168.2.162, 192.168.2.163
Phogiamdoc
Phng giao 192.168.2.226 255.255. dch khch -> 255.0 hng 192.168.1.236 Phng k ton 192.168.2.34 -> 192.168.2.49 192.168.2.66 -> 192.168.1.86 192.168.2.98 192.168.2.113 192.168.2.2 255.255. 255.255. 255.0 255.255. 255.0
Giaodichkhachang
192.168.2 192.168.2. 192.168. .1 254 2.253 192.168.2 192.168.2. 192.168. .1 254 2.253 192.168.2 192.168.2. 192.168. .1 254 2.253
Ketoan
Phng k thut
Kithuat
Phng chnh Phng
hnh
255.255. -> 255.0
Hanhchanh
192.168.2 192.168.2. 192.168.
Marketing&Sales

marketing&sa les -> 192.168.2.22 255.0 .1 254 2.253
30
3. Chi nhnh ti H Ni: Ban gim c gm:

Vlan 1:1 Gim c:1 PC 192.168.3.239 trong dy a ch 192.168.3.236/27 - Vlan 2:2 Ph gim c:2 PC 192.168.3.237,192.168.3.238 trong dy a ch 192.168.3.236/27
Cc phng ban gm:

Vlan 3:Phng giao dch khch hng:10 PC 192.168.3.226 -> 192.168.3.236 trong dy a ch 192.168.3.224/27 Vlan 4: Phng k ton: 15 PC 192.168.3.194 -> 192.168.3.209 trong dy a ch 192.168.3.192/27 Vlan 5:Phng k thut:20 PC 192.168.3.162 -> 192.168.3.182 trong dy a ch 192.168.3.160/27 Vlan 6:Phng hnh chnh: 15 PC 192.168.3.130 -> 192.168.3.145 trong dy a ch 192.168.3.128/27 Vlan 7:Phng sale: 20 PC 192.168.3.98 -> 192.168.3.108 trong dy a ch 192.168.3.96/27 Vlan 8:Phng pht trin cc dch v web: 20 PC 192.168.3.66 -> 192.168.3.86 trong dy a ch 192.168.3.64/27 Vlan 9:Phng pht trin cc sn phm game: 20 PC 192.168.3.34>192.168.3.54 trong dy a ch 192.168.3.32/27 Vlan 10:Phng marketing: 20PC 192.168.3.2 -> 192.168.3.22, trong dy a ch 192.168.3.0/27 Cc server c a ch IP c gn c nh:

o DHCP server : 10.0.2.1 o DNS server : 10.0.2.2 o File server : 10.0.2.3 o Mail server : 10.0.2.4 o Web server : 10.0.2.5 o Database server : 10.0.2.6
31
Bng tm tt a ch
Phng ban IP 192.168.3.239 Network Default mask gateway 255.255. 192.168. 255.0 3.1 255.255. 192.168. 255.0 3.1 Prefered DNS 192.168. 3.254 192.168. 3.254 192.168. 3.254 Alternat e DNS 192.168. 3.253 192.168. 3.253 192.168. 3.253 Domain Giamdoc
Gim c
Ph giam c
192.168.3.237, 192.168.3.238
Phogiamdoc
Phng giao 192.168.3.226 255.255. 192.168. dch khch -> 255.0 3.1 hng 192.168.3.236 Phng ton k 192.168.3.194 -> 192.168.3.209 192.168.3.162 -> 192.168.3.182 255.255. 192.168. 255.0 3.1
Giaodichkhach ang
192.168. 3.254
192.168. 3.253
Ketoan
Phng thut
255.255. 192.168. 255.0 3.1
192.168. 3.254
192.168. 3.253
Kithuat
Phng chnh
hnh
192.168.3.130 255.255. 192.168. -> 255.0 3.1 192.168.3.145 192.168.3.98 255.255. 192.168. -> 255.0 3.1
192.168. 3.254
192.168. 3.253
Hanhchanh
Phng sale
192.168. 3.254
192.168. 3.253
Sale

192.168.3.108 Phng pht 192.168.3.66 255.255. 192.168. trin cc dch -> 255.0 3.1 v web 192.168.3.86 Phng pht 192.168.3.34 trin cc sn -> phm game 192.168.3.54 Phng marketing 192.168.3.2 -> 192.168.3.22 255.255. 192.168. 255.0 3.1 192.168. 3.254 192.168. 3.253
32
Develop_web
192.168. 3.254
192.168. 3.253
Develop_game
255.255. 192.168. 255.0 3.1
192.168. 3.254
192.168. 3.253
Marketing
CHNG VI: CHN GIAO THC NH TUYN V CHUYN MCH

H thng chuyn mch v nh tuyn trung tm cho LAN:
H thng chuyn mch chnh bao gm cc switch c kh nng x l tc cao c c cu phn thnh 2 lp l lp phn tn (distribution) v lp cung cp truy nhp (access) cho cc u cui my tnh. Switch truy cp lm nhim v cung cp cng truy nhp cho cc u cui my tnh v tch hp cng truy cp vi mt cao. Cc kt ni gia switch truy cp v switch phn phi l cc kt ni truyn ti d liu qua li cho cc LAN o nn c tc cao 100/100 Mbps. Cc switch truy
33
cp cung cp cc cng truy cp cho my tnh mng c tc thp hn nn cn c cng 10/100 Mbps. H thng switch phn phi theo cu hnh chun s bao gm 5 switch c cu hnh mnh p ng c yu cu chuyn mch d liu tc cao v tp trung lu lng n t cc access switch. Cu hnh 5 switch phn phi cho php mng li c d phng cao (d phng nng 1:1) tuy nhin trong trng hp quy m mng ban u khng ln v chi ph hn ch vn c th trin khai mng vi mt mng switch phn phi p ng c yu cu hot ng. H thng cc switch truy cp cung cp cc my tnh ng kt ni vo mng d liu. Do phn ln cc giao tip mng cho cc my tnh u cui cng nh server hin ti c bng thng 10/100 Mbps nn cc switch truy cp cng s dng cng ngh 10/100 base TX Fast Ethernet v p ng mc tiu cung cp s lng cng truy cp ln cho php m rng s lng ngi truy cp vo mng. Cc ng kt ni gia switch truy cp v switch phn phi c gi l cung cp kt ni ln (up-link). S dng transparnet bridging vi thut ton rapid spanning tree (RSTP) cho php tc hi t nhanh. Kt ni cc switch h tr VLAN bng IEEE 802.1Q
Chn giao thc nh tuyn : Bng so snh:

Distance Interior Classful Metrics or Supported vector or or Link Exterior Classless sate Scalabilit y Convergence Time Supports Security? Authenticat es Routes?
RIPv1
Distance vector
Interior
Classful
Hop count
15 hop
C th lu (nu Khng khng load

balancing)
34
RIPv2
Distance vector
Interior
Classless
Hop count
15 hop
C th lu (nu C khng load balancing)
IGRP
Distance vector
Interior
Classful
Bandwidth, 255 hop Nhanh (dung Khng delay, (mc nh triggered reliability, l 100) updates v load poison reverse)
EIGRP Adva
nced Distance vector
Interior
Classless
Bandwidth, 1000s ca Rt nhanh C delay, routers (dng thut reliability, ton DUAL) load
OSPF
Link state Interior
Classless
Cost (10^8 chia cho bandwidth ca router Cisco)
Mt vi Nhanh (dng C trm qung b linkrouter cho state v ci gi mi khu hello) vc
BGP
Path vector
Exterior
Classless
Ph thuc 1000s ca Nhanh gi tr routers ng i v cc yu t cu hnh khc Cu hnh Hng trm Nhanh gi tr router trn ng mi khu i, vc tr,chi ph v li
IS-IS
Link state Interior
Classless
N THIT K MNG PTIT 04/2010 CC MC TIU CH YU

Tng thch nhanh khi c thay i trong mng BGP OSPF IS-IS IGRP EIGRP RIP x x x x x C th m rng ln n hng trm router Phi theo chun v tng thch vi cc thit b hin c x x x
35
CC MC TIU KHC
Khng qu tn bng thng C th chy trn cc router gi r D dng cu hnh v qun l
x x x x x
8 8 8
7 8 6
7 8 6
- Chn OSPF lm nh tuyn lp 3 v n chy c trn nhiu router ca cc hng khc nhau , hi t nhanh , h tr load balancing v kh n gin cu hnh v bo tr. OSPF gii quyt c cc vn sau: Tc hi t. H tr VLSM (Variable Length Subnet Mask). Kch c mng Chn ng Nhm cc thnh vin. Trong mt h thng mng ln, RIP phi mt t nht vi pht mi c th hi t c v mi router ch trao i bng nh tuyn
36
vi cc router lng ging kt ni trc tip vi mnh m thi. Cn i vi OSPF sau khi hi t vo lc khi ng, khi c thay i th vic hi t s rt nhanh v ch c thng tin v s thay i c pht ra cho mi router trong vng. OSPF c h tr VLSM nn n c xem l mt giao thc nh tuyn khng theo lp a ch. RIPv1 khng h tr VLSM, nhng RIPv2 th c. V tt c nhng l do trn vic chn la giao thc nh tuyn OSPF cho m hnh mng ca cng ty VINAGAME l hon ton hp l.
CHNG VII: THIT K AN NINH CHO H THNG

Trc tin, chng ta cn xc nh cc loi ti nguyn cn c bo v trong h thng ca chng ta l: An ninh cho cc thit b mng: router, switch, cc server An ninh ti nguyn ca h thng mng gm: d liu quan trng ca cng ty, ti khon ca cc nhn vin cng ty cng nh ca khch hng
1. Phn tch cc nguy c c th nh hng n h thng.

K trm t nhp vo cng ty n cp cc thit b mng.

H thng in khng an ton c th gy h hng cc thit b C s d liu b hacker tn cng v ly trm cc ti liu mt D liu ca cng ty b chnh nhn vin trong cng ty n cp S truy cp ca cc nhn vin cha thm quyn Bo mt wireless cha an ton. H thng b virus tn cng.
37
2. K hoch an ninh cho cng ty.

Bm m cng ty c bo v an ton, trnh tnh trng trm cp Thit k h thng in an ton, khng gy nh hng n cc thit b Trang b i ng nhn vin an ninh mng kp thi i ph vi cc trng hp b tn cng t bn ngoi. Trang b cc phn mm Firewall v Security c tnh an ton cao. Bo mt cho cc thit b khng dy. Quy nh quyn hn ca tng nhn vin c th trong vic truy cp ti nguyn
3. Chnh sch an ninh c th

3.1. Bo v cc thit b mng
Tng cng cc nhn vin bo v ln 10 ngi, thc hin lm vic theo ca, thi lm vic tch cc khng l l.
38
Xy dng mt phng ring cha cc server: Web Server, Mail, DHCP c bo v nghim ngoc, t ti phng k thut, admin v i ng k thut c trch nhim mi c s dng Xy dng 3 h thng my pht in cng sut ln 3 campus H Ni, H Ch Minh, Nng hot ng mi khi mt in. vi cc server hay cc thit b quan trng th cn trang b b lu in IPS ring. To 1 i ng k thut vin gm 20 ngi c trnh t i hc tr ln sa cha v thay th cc thit b hng v cc li xy ra.
3.2.
An ninh trn cc thit b mng

y s dng 2 phn mm qun l trn cc thit b mng v trn cc my Server
Cisco Secure Intrusion Detection System: bo m an ninh trn ton b network segment Cisco Secure Intrusion Detection System hay Cisco Secure IDS l mt thit b phn cng kim tra cc loi v ni dung ca cc packet trn mng. Vic s dng v truy cp tri php c th c thc mt trong hai cch: pht hin vic s dng sai bng cch tm nhng tn cng bit ch k n rt ging cch m mt phn mm dit virus d tm virus; pht hin s truy cp bt bnh thng bng cch tm nhng hnh ng bt bnh thng da trn profile ca user v hot ng ca ng dng. Cisco Secure IDS c li th l c th bo v c h thng trn ton b network segment. Kh nng ny ni chung gip vic trin khai Cisco Secure IDS d dng v chi ph va phi. Cisco Secure IDS pht hin vic s dng sai bng vic kim tra c phn d liu v phn header ca mt packet. Cc tn cng da trn ni dung xut pht t phn d liu v cc tn cng da trn phm vi (context) xut pht t phn header ca packet.
39
Cisco Security Agent: bo m an ninh trn my server Cisco Security Agent CSA bao gm mt cng qun l/iu khin (Management Console) t ngay trn my ch Windows 2000 v cc phn h (agents) c trin khai ti cc Host ni c cc d liu quan trng nh database servers, work stations. Cc agent ny dng giao thc HTTP v Secure Sockets Layer-SSL (128 bit SSL) cho cc giao tip qun l v cho s trao i thng tin gia cc agent v cng qun l/iu khin. CSA c ci ngay trn h iu hnh v n c th can thip v thm nh nhng lnh gi phn mm c lm trong h iu hnh v ht nhn h thng (kernel). Ni chung, CSA thc hin vic gim st xm nhp real-time (thi gian thc), pht hin, ngn cn nhng hnh ng ph hoi bng vic phn tch nhng s kin mc kernel, thng tin log ca h thng, v nhng hnh ng mng trn server,c s d liu tn cng CSA l phn mm bo v trn server do s c ci trn nhng my server no cn c bo v. Nhng my server no c d liu mt hoc c cha thng tin nhy cm cn c bo mt th nn c ci CSA phng chng v pht hin xm nhp.
CSA c th d tm nhng truy cp bt thng vo h thng theo thi gian thc (real-time). N kim tra vic xm nhp vo h thng thng qua chnh sch an
40
ninh c nh trc v nhng hnh ng bt thng i vi server, v n s ngn cn nhng hnh ng lm tn hi n server ng thi pht sinh email gi n ngi qun tr thng bo v nhng s kin lin quan ti security. Chng ti khuyn ngh trng nn u t h thng CSA cho cc my ch cha cc d liu quan trng. 3.3. Phn quyn ngi dng H thng server ca chng ta c ci t h iu hnh Window Server 2008. V vi vai tr ngi qun tr mng, chng ta cn phi c cc chnh sch c th quy nh quyn hn ca tng phng ban v ca tng nhn vin trong cng ty nh sau: y chng ta c 8 phng ban c chia thnh 8 group nh sau
41
Quy nh thm quyn c th cho tng phng ban cng nh gim c v cc ph gim c. Mi ti khon nhn vin nm trong Group phng ban nhn vin lm. Trong tng phng ban, c nhng chnh sch c th cho cc cp nhn vin. Gim c c truy cp tt c cc ti nguyn ca cng ty. Trng phng ca cc phng ban c truy cp cc ti nguyn ca phng ban mnh v cc phng ban lin quan vi phng mnh. Trng phng Pht Trin Game c truy cp ti nguyn phng K Thut, phng Pht Trin Web, phng MarketingCc nhn vin trong phng ch c truy cp ti nguyn ca phng mnh. Mi nhn vin trong cng ty u c cp ti khon ring truy cp vo ti nguyn h thng. Mt khu c quy nh bt buc trn 8 k t. S dng c ch xc thc vi mi ln truy cp V mi thng password truy cp s c bt buc thay i sang password mi. Quy nh chnh sch cho tng loi ti nguyn (Read Only, Read/Write, Full Control) trnh tnh trng mt d liu quan trng 3.4. An ninh ti nguyn d liu
i vi nhng d liu t bit quan trng, thc hin sao lu sang ng di ng v c lu gi trong phng ti liu mt. Ti liu mt th ch c gim c, ph gim c v cc trng phng c truy cp Xy dng h thng Firewall v Security m bo an ninh tt:Norton Security, MS Firewall

Xy dng h thng mail server vi phng thc bo mt HTTPs
42
C h thng pht hin xm nhp IDS trn mi phng ban, quyn iu khin v kim sot do i ng k thut ca phng k thut m nhim. 3.5. Wireless Securiry
To cc Access Control List trn cc thit b Access Point, qun l vic truy cp vo cc thit b ny. y mi phng ban chng ta t 1 Access Point. Chng ta to mt Access Control List (ACL) trn cc thit b Access Point ca 8 phng ban. Mi nhn vin trong phng ban ch s dng Access Point ca phng . C th nh sau: t Access Point v tr trung tm trong cc phng ban. Phng gim c v ph gim c dng chung mt Access Point c t trc 2 phng ny. S dng WPA key. Khng cho nhn vin trong cng ty mang Access Point vo cng ty Gim sot cc truy cp ca cc ti khon khng thuc cng ty vo AC 3.6. Bo mt trong VPN
thit lp h thng truy cp t xa vo h thng mng ca cng ty, c th s dng mt router ring chuyn lm chc nng ny. Tuy vy, chng ta cng c th s dng Internet Router nh mt Remote Access router bng vic trang b thm cc module c modem gn sn. C th u t Cisco Router 2611XM lm 1 Remote Access router. Cisco Router 2611XM gm 1 slot network module h tr giao tip tch hp 16 Analog modem v 2 cng giao tip 10/100 Mbps kt ni vo mng LAN ni b. Ngoi ra Cisco Router 2611 cho php thc hin tnh nng VPN v Firewall thng qua phn mm h thng IOS bo v an ninh cho h thng mng ca cng ty.
43
CHNG VIII: QUN L MNG

qun tr mt h tng mng qui m ln nh Vinagame, chng ti ngh s dng gii php qun tr mng ca Cisco. CiscoWorks2000 LAN Management
44
Solution (LMS) l b gii php qun tr trong h sn phm qun tr mng CiscoWorks2000 ca Cisco. y l b cng c qun tr bng giao din Web cho vic cu hnh, qun l, theo di v pht hin li trn mng Campus. Phn mm s dng cho vic qun tr hng ngy cc dch v v kt ni trn mng. Nhng cng c ny bao gm hin th s , cu hnh thit b, phn tch ng dn lp 2/lp 3, theo di lu lng, tracking Campus Manager Campus Manager l mt b ng dng web c thit k cho vic qun tr hng ngy mng chuyn mch ca Cisco. Pht hin v hin th 1 cch thng minh cc mng lp 2 trn bn kt ni Cu hnh cc mng VLAN, mng LANE v cc dch v ATM Hin th trng thi v kt ni da trn cc thng tin ly t SNMP Nhn dng cu hnh lp 2
C cng c trace pht hin cc vn v kt ni gia cc thit b u cui cng nh cc thit b lp 2 v lp 3 T nh v ngi dng bng a ch MAC, a ch IP, tn ng nhp ca NT hay Netware hoc cc host Unix Content Flow Monitor Content Flow Monitor l ng dng theo di hiu sut mng cn bng ti trn mng. Cho php ngi qun tr mng tng hiu sut bng cch thm vo cc thnh phn cn bng ti nh LocalDirector Gim phc tp ca vic qun tr
Cung cp cc thng k hiu sut nh l tng s cc lung v cache entry, tng s kt ni v s lng gi n mi server

TrafficDirector
45
TrafficeDirectorr l ng dng theo di v pht hin li ca cc traffic trn mng c dng RMON. Cho php ngi qun tr sm pht hin cc vn v mng trc khi n xy ra. S dng vi Cisco SwitchProbe o hiu sut kt ni
Pht hin v gii quyt cc li cng nh cung cp s liu thng k, th v bo co theo thi gian thc C th thu thp d liu nu dng chung vi cc SwitchProbe ca Cisco
Resource Manager Essentials y l ng dng qun tr mnh trong h thng mng ln. Cung cp vic lu tr v qun tr cc thay i ca thit b Cng c cu hnh v qun l phn mm Phn tch mng v cc thng tin c ghi li
CiscoView L ng dng qun tr bng hin tr s cc thit b theo kiu ho. C th c c cc thng tin chi tit bt c ni no, lc no
Hin th ha cc thit b vi cc mu cho cc trng thi khc nhau Nh trn ta chn c cc cng c dng qun l.Tip n chn kin trc qun l: - Xy dng h thng cp dng truyn ti cc gi tin qun l- Out-in-band.Vic s dng Out-in-band nhm ko chim bng thng cho cng vic trong cng ty v lu lng ca qun l cng tng i ln.
46
- Lp cc node qun l ti cc thit b mng nh interface ca router,server.Theo di thng xuyn lu lng mng v cc bt thng c th xy ra trn cc thit b c cch khc phc kp thi. Thit lp h thng kim sot phn tn phng mng c s c bt ng,vn c th khc phc m ko lm nh hng n h thng mng - Trin khai 1 phng trung tm qun l,ci t chng trnh qun l cho NMS,cc agent cho cc thit b S dng giao thc qun l SNMP: Thit lp 5 i ng chuyn bit ring nhm qun l 5 loi khc nhau: Performance management Fault management Configution management Security management Accounting management
Tuyn nhng ngi c trnh H tr ln p ng c cng vic v bo m s hiu qu cho cng ty l v cng cn thit. - Sau khi h thng mng i vo hot ng tt thit lp cc thng s baseline do di ng trn lm ra phc v cho cng vic qun l.Cn lu tr v update thng xuyn.
CHNG IX-X : THIT K MNG VT L CHO CAMPUS NETWORK V INTERPRISE NETWORK

1. Thit k s mng cp :
N THIT K MNG PTIT 04/2010 a) Topo mng cp:
47
V h thng cp ch yu phc v cho h thng mng my tnh nn ngoi nhng qui nh v tiu chun ring, vic thit k h thng cp cn ph thuc cht ch vo kin trc ca h thng mng my tnh, vo cch b tr cc thit b ca h thng mng my tnh. Chng ti xin gii thiu hai kin trc thit k cp tiu biu : H thng cp mng theo kiu tp trung
H thng cp ny phc v cho cch b tr thit b theo kiu tp trung ca h thng mng my tnh. Trong cch ny, tt c cc thit b mng nh switch, hub, repeater u lp t chung ti mt im thng gi l phng thit b. T y, cp c ni thng n cc thit b u cui nh cc workstation, my in m khng phi qua mt thit b trung gian no. Trong trng hp ny, h thng thng l mt loi cp duy nht m y s l loi cp xon UTP category 5. Thit b mng ti phng thit b c th l mt thit b duy nht hay nhiu thit b c kt ni chng (stack) hay kt ni lin tip (daisy-chain). H thng cp mng theo kiu phn tn
H thng cp theo kiu ny s dng cho kin trc mng phn tn. Trong kin trc ny, thit b mng khng nm tp trung ti mt im m phn tn ti nhiu v tr khc nhau. Thng thng l mi tng s c mt thit b mng ring v kt ni li vi nhau qua mt thit b mng trung tm. Nh vy, cc thit b u cui nh workstation, my in ch c kt ni vo cc thit b mng trung gian ti mi tng. T cc thit b ny mi kt ni n thit b mng trung tm. Trong trng hp ny, cp s c ct lm hai phn. Phn mt t cc trm u cui n phng thit b mi tng dng cp xon UTP category 5. Phn hai t phng ny n phng thit b trung tm vi hai la chn l cp quang v cp ng. Tuy nhin, cp quang s tt hn v thng c s dng. Kt ni gia cc thit b l theo kiu daisychain.
b) Bng so snh cc loi cp :

Cc loi cp Cp xon cp Cp ng trc Cp ng trc Cp quang mng dy
48
Chi tit
Bng ng, Bng ng, Bng ng, Thy tinh 2 c 4 cp dy 2 dy, ng 2 dy, ng si (loi 3,4,5) knh 5mm knh 10mm 185m 500m 1000m
Chiu di 100m on ti a S u ni ti 2 a trn mt on Chy 10Mbps c Chy 100Mbps Chng nhiu Bo mt tin cy c
30
100
c c
c c
c c
Tt Trung bnh Tt
Tt Trung bnh Trung bnh Khng tt Kh Thp
Tt Trung bnh Kh Khng tt kh Trung bnh
Tt Hon ton Kh Tt Trung bnh Cao
Khc phc li Tt Qun l D dng
Chi ph cho Rt thp mt trm
Sau khi phn tch c tnh ca cc loi topo mng cp v u nhc im ca cc loi cp, p dng vo m hnh thc t ca cng ty chng ti thy rng : Do ton b h thng mng c b tr trong mt ta nh nn h thng cp truyn dn nn ch s dng cp ng xon UTP CT c b tr i ni cch chn tng 30cm t cc switch truy cp n cc v tr t my tinh.
49
T chc topo cp theo kiu phn tn : gm hai h thng cp chnh : h thng cp backbond kt ni cc switch truy cp n h thng switch trung tm v h thng cp UTP kt ni t cc packpanel ti cc u cui backbond n cc outlet.
2. Chn cng ngh LAN : Vi m hnh v quy m ca cng ty, chng ti thy rng cng ngh mng cc b
LAN s c dng l Ethernet/ Fast Ethernet tng ng vi tc 10/100 Mps.
3. Chn cng ngh WAN : S dng cng ngh T1 vi ng truyn ca nh cung cp dch v c th t tc 1,544Mbps. 4. Chn cng ngh Remote Access : Kt ni point-to-point (PPP) l cng ngh kt ni mng WAN c ng dng nhiu nht hin nay. Kt ni trc tip t mng ny n mng khc hoc t mng trong ti mng ca nh cung cp dch v. H tr kt ni mt user hay vn phng xa v trung tm dch v. C th s dng nhiu giao thc truyn tin khc nhau (IP,IPX,AppleTalk). T cc l do trn chng ti chn PPP l cng ngh remote access cho h thng mng trong cng ty. 5. Chn nh cung cp dch v:
Qua qu trnh tm hiu cn k chng ti quyt nh chn VDC l nh cung cp dch v internet cho h thng mng trong cng ty. VDC l n v trc thuc Tp on Bu chnh Vin thng Vit Nam (VNPT) vi s hot ng ca 4 n v 3 min: VDC1 v VDC Online (Min Bc), VDC2 (Min Nam), VDC3 (Min Trung). VDC c mt h thng h tng mng ln nht Vit Nam vi tng dung lng i quc t nm 2008 t 32Gbps, h thng mng li ph khp 63 tnh, thnh v hp tc vi hn 10 tp on a quc gia cung cp cc dch v trn ton th gii.
50
V sn phm - dch v, hin nay VDC ang a vo khai thc cc sn phm dch v chnh sau: - MegaVNN (ADSL) - VNN/Internet Leased Line - VNN/VPN-MPLS - Frame Relay - iFone-VNN - Telehosting (Dedicated, Colocation, VPS) - Webhosting - Mail SMD - Mail Offline - Gii php ng dng phn mm cho cc doanh nghip - Dch v trc tuyn - T vn gii php.
6. Chn nh sn xut v thit b:

Hin ti Vit Nam c kh nhiu cc nh sn xut thit b Vin Thng t nc ngoi u t tm kim th trng, tuy nhin xt cho cng th ch c 04 nh sn xut c kh nng cung cp cc thit b cho mng truyn thng l Nortelnetwork, Intel, Cisco System v Lucent. Tuy nhin mi nh sn xut c nhng im mnh yu khc nhau v la chn sm phm cn c mt s phn tch cc im mnh/yu ca cc nh sn xut ny. Nhng nhn chung Cisco Systems hin vn l tp on sn xut c uy tn vc chim th phn cao nht th gii v cc sn phm kt ni mng.
Cisco Systems L mt hng sn xut thit b CNTT gn nh chim th phn cao nht trn ton cu hin nay v c th phn kh ln ti Vit Nam (cung cp sn phm cho nhiu nh cung cp dch v ln ti Vit Nam nh VDC, Saigon Postel, cc Trung tm Cng ngh phn mm nh SaiGon Software Park
51
Cc sn phm c cung cp vi cht lng cao, kh nng hot ng n nh v tch hp nhiu loi cng ngh, dch v trn nn chung. Tp trung vo 02 thit b chnh l Multi Layer swicth v Router phn tch s nhn thy c cc im sau: Multi-Layer Swicth: khng ch h tr lp 3 m cn h tr cc dch v lp 4 v ln n lp 7 (Application Layer). Kh nng cung cp mt cng cao vi nhiu giao tip khc nh Ethernet 10/100/1000/10000 Mbps, ATM, Token Ring, Frame Relay, Serial.cho php tch hp cc dch v gia tng trn nn IP nh Voice over IP, Video over IP. Kh nng x l gi v chuyn mch ni ti cao (so snh vi Avaya v Nortel) High-End Router: Th phn kh cao ti Vit Nam (c bit l dng sn phm 7500). Cho php tch hp thm dch v nh Voice, Video vi cc cng ngh IP, FR, ATM truyn chung vi data trn nn chung ca thit b m khng yu cu u t thm nhiu cc thit b ri rc khc. Kh nng h tr ca nh sn xut: C vn phng ti VN v cc chnh sch tp trung vo vic h tr khch hng thng qua vic pht trin cc chng trnh hun luyn khch hng, tm kim cc Partner chuyn nghip h tr khch hng (thng qua vic cp chng ch chuyn nghip) v hin nay c cc Partner p ng y cc yu cu v chnh sch ca chnh nh sn xut trong vic h tr khch hng sau bn hng. Xc nh nh sn xut Da vo cc yu t c phn tch trn, chng ti quyt nh chn la cc dng sn phm ca Cisco trong vic t vn d n ny da trn cc yu t chnh nh sau: Kh nng x l ca thit b Kh nng ng b thit b trn ton h thng mng Kh nng qun tr thng nht v tp trung Kh nng h tr dch v v cng ngh trn thit b Kh nng tn ti ca thirt b trong cc iu kin thay i cng ngh- ng dng v kh nng tng thch, m rng ca thit b trong tng lai Kh nng h tr ca nh sn xut/cung cp sau bn hng.
N THIT K MNG PTIT 04/2010 a) Switch :

H tr cc cng ngh bc cu Cc c tnh spanning tree ci tin (802.1w v 802.1s) H tr an ninh (802.1x) H tr cut-through switching H tr adaptive cut-through switching H tr cc cng ngh VLAN,VTP,ISL,802.1Q H tr cc ng dng qung b Dung lng b nh kh dng C sn routing module
52
T cc c im nu trn, c th s dng Switch Cisco Catalyst 2960 cho cc thit b switch truy cp v Switch Cisco Catalyst 3550 cho cc thit b switch trung tm ca hng Cisco.
b) Router :
mnh v hot ng n nh cung cp kt ni truy cp Internet thng sut gia ton b mng ca trng vi mng Internet. Mun nh vy thit b Router ny phi c tc chuyn mch cao v phi m bo c tnh d phng cn thit cho cc hot ng ca h thng. Router phi cho php s dng nhiu loi module giao tip khc nhau cung cp cc loi cng giao tip cho kt ni n nh cung cp dch v Internet, cng giao tip cho cc truy cp t xa qua modem. Router phi m bo c tnh m ca h thng, ngha l n phi lun sn sng v d dng trong vic nng cp m rng h thng trong tng lai.
H tr tnh nng thoi v cc giao tip ph hp thc hin chc nng ca mt voice gateway cho sau ny khi c nhu cu s dng Voice qua mng Internet. C th s dng thit b Router Cisco 3725 ca Cisco, Router ny thuc dng sn phm Cisco Router 3700 series c kin trc di dng modular. Cu hnh thit b Router Cisco 3725 router gm 2 cng 10/100 FE tch hp sn trn khung thit b, 2

khe cm cm cc module mng, 3 khe cm cm cc card giao tip WAN.
53
c) Firewall:
Firewall ng mt vai tr kh quan trng. C rt nhiu loi Firewall khc nhau nh Firewall da trn phn mm cho cc h iu hnh Windows NT, Unix, Firewall da trn phn mm tch hp trn cc Router, Firewall da trn thit b phn cng V th vic chn la mt Firewall thch hp cho h thng bo m tnh an ninh, tin cy cao, kh nng d m rng trong tng lai cng cn phi c cn nhc sao cho hp l. Trong phn h ny chng ti xin ngh chn thit b phn cng CiscoSecure PIX FireWall 515E lm thit b an ninh cho h thng vi nhng l do nh sau: Trc ht l phi cp n tnh tng thch ca Firewall vi Router trong phn h Internet, mi mt loi hnh Firewall u c nhng yu cu khc nhau cho vic h tr cc router gateway, c th Firewall loi ny s h tr tt khi s dng router ny nhng i vi router khc th khng pht huy c ht cc tnh nng. Cho nn CiscoSecure PIX FireWall 515E s c chn lm vic chung vi Cisco router Cisco 3725. CiscoSecure PIX Firewall 515E l mt thit b phn cng c tch hp sn software bn trong v hot ng mt cch c lp khng ph thuc vo cc yu t v nn tng ng dng nh yu cu v cu hnh phn cng, mi trng ng dng (Windows NT, Unix) v th lm n gin ho h thng v qun tr thit b c d dng hn. D dng qun tr v phn cp mc an ninh cho h thng mng bn trong nh yu t s dng cc giao tip vt l (ports) ni n cc mng cp thp, cho php m rng thm cng giao tip vt l bt k lc no khi c nhu cu trong tng lai. Mt im na cng kh quan trng cn c cp n l kh nng m rng cao v mc u t thp. Vic dng CiscoSecure PIX FireWall 515E s an ton hn cc dng Firewall da trn cc h iu hnh hoc Firewall da trn cc phn mm tch hp trong router v khng ph thuc vo cc yu t v nn tng, khi cc ng dng nn tng hot ng khng tt cng khng lm gim mc an ninh ca Firewall v khng lm nh hng n h thng chung. Vic qun tr cng s n gin hn, khng i hi ngi qun tr phi c trnh chuyn mn cao mi c th iu hnh cng nh
54
x l khi c s c xy ra cho Firewall. Mt c tnh ni bt ca PIX 515E l h tr Stateful Failover. La chn cu hnh Stateful Failover bo m tnh sn sng cao v lm gim ti a cc hng hc ring l nh hng n hot ng ca h thng. Vi hai thit b PIX c cu hnh hon ton ging nhau chy song song, nu PIX chnh khng hot ng, quyn iu khin s c t ng chuyn sang PIX d phng.
d) Remote Access router:

thit lp h thng truy cp t xa vo h thng mng ca cng ty, c th s dng mt router ring chuyn lm chc nng ny. Tuy vy, chng ta cng c th s dng Internet Router nh mt Remote Access router bng cc trang b thm cc module c modem gn sn. C th u t Cisco Router 2611XM lm 1 Remote Access router. Cisco Router 2611XM gm 1 slot network module h tr giao tip tch hp 16 Analog modem v 2 cng giao tip 10/100 Mbps kt ni vo mng LAN ni b. Ngoi ra Cisco Router 2611 cho php thc hin tnh nng VPN v Firewall thng qua phn mm h thng IOS bo v an ninh cho h thng mng ca trng.
e) Access point v Wireless Brigde :

H tr dynamic key,unique key,per-packet keying v kim tra MIC H tr one-time password hay token card H tr PSPF H tr cc gii php an ninh tin tin WPA, Robust Security Network hay 802.11i Chng ti ngh s dng Cisco Aironet 1310 Outdoor Access Point/Bridge ca Cisco. Thit b ny h tr 802.11b v 802.11g .
7. D ton chi ph u t : a) Chi nhnh ti TPHCM :
N THIT K MNG PTIT 04/2010 Thit b

Server Workstation Printer Switch Cisco 2960 Switch Cisco 3550 Router Cisco 3725 Cisco Aironet (Access point) 1310
55
S lng 7 150 10 9 8 3 1 1 1
n gi ($) 550 250 150 549 2199 2809 820 2599 1729 800 79758
CiscoSecure PIX Firewall 515E (Firewall) Cisco Router 2611XM (Remote Access) Cc chi ph pht sinh khi lp t h thng
Tng chi ph
b) Chi nhnh ti Nng :
Thit b
Server Workstation Printer
S lng 7 90 5
n gi ($) 550 250 150

Switch Cisco 2950 Switch Cisco 3550 Router Cisco 2821 Cisco Aironet (Access point) 1310
56
5 3 3 1 1 1
549 2199 2809 820 2599 1729 800 50017
Tng chi ph
c) Chi nhnh ti H Ni :
Thit b
Server Workstation Printer Switch Cisco 2960 Switch Cisco 3550 Router Cisco 3725 Cisco Aironet (Access point) 1310
S lng 7 130 8 11 3 3 1
n gi ($) 550 250 150 549 2199 2809 820

57
1 1
2599 1729 800 63761
Tng chi ph

Vin Game

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Vin Game

Uploaded by

Copyright:

Available Formats

HC VIN CNG NGH BU CHNH VIN THNG C S TI THNH PH H CH MINH

THIT K H TNG MNG CHO CNG TY VINAGAME

N THIT K MNG PTIT 04/2010

N THIT K MNG PTIT 04/2010

CHNG I : KHO ST V PHN TCH CC RNG BUC YU CU

N THIT K MNG PTIT 04/2010

N THIT K MNG PTIT 04/2010

2. Cng vic ca cng ty Vinagame:

N THIT K MNG PTIT 04/2010

4. Mc tiu khi thit k:

N THIT K MNG PTIT 04/2010

5. Phng php thit k:

6. Mc tiu kinh t khi thit k:

7. Cc vn lin quan n chnh sch nhn lc, ngn sch, ni quy, iu l:

N THIT K MNG PTIT 04/2010

8. Phn tch yu cu: Cc ng dng s chy trn mng :

Chia s tp tin Chia s my in

User Apps User Apps

Rt cn thit Cn thit Cn thit Cn thit Cn thit Cn thit

Trnh Duyt Web User Apps Mail User Apps

Rt cn thit Rt cn thit Cn thit Cn thit Rt cn thit

N THIT K MNG PTIT 04/2010

11.nh hng m rng ca cng ty trong 5 nm ti:

N THIT K MNG PTIT 04/2010

N THIT K MNG PTIT 04/2010

CHNG II : PHN TCH CC MC TIU K THUT

N THIT K MNG PTIT 04/2010

N THIT K MNG PTIT 04/2010

8. Chi ph hiu qu:

10.Bng m t cc ng dng mng :

N THIT K MNG PTIT 04/2010

CHNG III: C TNH HA LU LNG MNG

1. c tnh ha lung lu lng : Tn cng ng

S lng ngi dng

Mail,Web,File,Office,Database,My in,Remote access in,

N THIT K MNG PTIT 04/2010

c dng bi cng ng ngi dng

Phn loi lung lu lng:

N THIT K MNG PTIT 04/2010

2.c tnh ha traffic : a) Chi nhnh ti TPHCM:

7000Kb/ngy 1400Kb/ngy 200000000Kb/ngy 400000000Kb/ngy 20000000Kb/ngy

150 500/ngy,15000/thng 10/24 100

N THIT K MNG PTIT 04/2010

b) Chi nhnh ti H Ni:

Tn ng Loi lung Giao dng lu lng thc c dng bi ng dng

N THIT K MNG PTIT 04/2010

150000000Kb/ngy 400000000Kb/ngy 10000000Kb/ngy

130 400/ngy,12000/thng 10/24 100

N THIT K MNG PTIT 04/2010 DATABASE

c) Chi nhnh ti Nng:

3000Kb/ngy 500Kb/ngy 100000000Kb/ngy 200000000Kb/ngy 5000000Kb/ngy

N THIT K MNG PTIT 04/2010

N THIT K MNG PTIT 04/2010 Checklisk :

N THIT K MNG PTIT 04/2010

CHNG IV: THIT K TOPO MNG

M hnh logic c thit k nh sau:

1. Chi nhnh ti TPHCM:

N THIT K MNG PTIT 04/2010 2. Chi nhnh ti Nng :

N THIT K MNG PTIT 04/2010 3.Chi nhnh ti H Ni:

Thit k chi tit cho tng lp nh sau:

N THIT K MNG PTIT 04/2010

N THIT K MNG PTIT 04/2010

1. Chi nhnh ti TPHCM: Ban gim c gm:

Cc phng ban gm: