CONNECT
WITH US (414)795-8518
HOME OFFICE BUILDING HOSPITALS CAMPUS INDUSTRIAL PARKS MULTI-TENANT COMMERCIAL PROPERTIES DATA CENTERS
NETWORK OVERVIEW
Computers and information networks are critical to the
success of businesses, both large and small. They connect people, support
applications and services, and provide access to the resources that keep the
businesses running. To meet the daily requirements of businesses, standard
networks themselves are becom¬ing quite complex and costly.
Today, the Internet-based economy often demands
around-the-clock customer service. This means that business networks must be
available nearly 100 percent of the time. They must be smart enough to
automatically protect against unexpected security incidents. These business
networks must also be able to adjust to changing traffic loads to maintain
consistent application response times. For standard networks it is no longer
practical to construct networks by connecting many standalone components without
careful planning and design.
Functionally reliable networks do not happen by
accident. They are the result of hard work by network designers and technicians,
who identify network requirements and select the best solutions and products to
meet the needs of a business.
The steps we required to design a reliable network for
our customers are as follows:
Audit: Verify the business goals and technical
requirements
Determine the features and functions required to meet
the needs identified in Audit
Perform a network-readiness assessment
Create a solution and site acceptance test plan
Provide a project plan for our customer
After the network requirements have been identified,
we begin the steps in designing a robust network for our customer as the project
implementation moves forward
Designing or network we focus on the network as a way
to access the applications they need, when and how customer needs them to
operate efficiently and effectively
We focus on these main requirements for our customer’s
network requirements
Our network should be robust enough to stay up all the time, even in the event of failed links, equipment failure, and overloaded conditions.
Our network should reliably deliver applications and provide reasonable response times from any host to any host.
Our network will be secure using our optical backbone “bubble” network design. It will protect the data that is transmitted over it and data stored on the devices that connect to it.
Our network is easy to
modify to adapt to network growth and general business changes
Because failures can occasionally occur, our
network provides simple troubleshooting methodology.
Network Fundamentals of
Our Design Goals
Our requirements translate into four fundamental network design goals for
customer
Scalability: our scalable network designs have the capability to expand to include new user groups and remote sites and can support new applications without impacting the level of service delivered to existing users
Availability: our network is designed for robust availability for consistent delivery, reliable perform¬ance, 24 hours a day, and 7 days a week. In addition, the failure of a single link or piece of equipment is not significantly impact network performance
Security: our security “bubble” feature that is the core of our design is built into our topography and not added on after the net¬work is complete as in typical networks. We provide complete Planning on the location of security devices, filters, and firewall features for specifically selected Internet connectivity which is critical to safeguarding the network resources.
Manageability: our network is designed for network staff to manage and support
Optical Hierarchical Network Design
Our optical network is designed to meet four
fundamental design goals and built on an architecture that allows for both
flexibility and growth
In general networking, a hierarchical design is used
to group devices into multiple networks. The networks are organized in a layered
approach. The general hierarchical design model has three basic layers.
• Core layer: Connects distribution
layer devices
• Distribution layer: Interconnects
the smaller local networks
• Access layer: Provides
connectivity for network hosts and end devices
Our optical network provides for these same conditions
for using a different connection methodology
General Hierarchical networks have advantages over
standard flat network designs. The benefit of dividing a flat network into
smaller, more manageable hierarchical blocks is that local traffic remains
local. Only traffic destined for other networks is moved to a higher layer.
Our optical hierarchical network design has capability
of segregating and dividing “flat network” into separate and or layered networks
which provide both security and more manageable network blocks. This gives our
network capability of optically managing traffic within and without the network.
General Layer 2 devices in a flat network provide
little opportunity to control broadcasts or to filter undesirable traffic. As
more devices and applications are added to a flat network, response times
degrade until the network becomes unusable. Our optical layer 2 device provides
a more robust connectivity and distribution in a more granular delivery. Our
optical layer 2 device is capable of dividing the bandwidth into specific data
rates in each port and even to each individual user.
The Tevetron Covalent Connect network (see Figure 4) as the ability to manage further division of the three-layer optical hier¬archical design into modular areas and create the granular connectivity to individual end-users. Figures 3 show standard hierarchical network design versus a flat network design (figure 1). The multicolored pathways module connections represent areas that have different physical or logical connectivity. They designate where different functions occur in the network. This modularity enables flexibility in network design. It facilitates implementation and troubleshooting.
Standard Network Layout
Covalent Connect Layout
Modular Design of Enterprise Architectures
Three areas of focus in modular network design are as
follows:
Enterprise campus: This area contains the network elements required for independent operation within a single campus or branch location. This is where the building access, building distribu¬tion, and campus core are located.
Our optical backbone network provides clearly
defined boundaries-pathways between modules. This provides clear demarcation
points so that the network pathways are exactly defined for network management
in determining where the traffic originates and where it flows.
Our optical backbone network provides ease of the
design by making each module pathway independent. The network connectivity is
focused on the requirements of each area or department separately.
Our optical backbone network provides scalability by
allowing network to add modules easily. As network complexity grows, the optical
backbone network easily incorporates new functional modules and pathways.
The addition of network services and solutions can be
expanded without changing the underlying network connectivity.
Tevetron’s Covalent Connect network design provides
the characteristics of a standard hierarchal model while providing
multiple-secure connection pathways within the Enterprise Architecture to
connect all delivery pathways to the correct location or departments.
Covalent Connect Campus Architecture
Tevetron’s Covalent Connect Optical Network
Design Methodologies
Tevetron’s approach for developing large network
design projects are divided into three distinct steps, identifying the network
requirements, characterize the existing network, and provide a network topology
with customize solutions that meet the current needs of the network and address
future expandability.
Tevetron works closely with the customer to document
the goals of the project. Goals are usually separated into two categories:
• Business goals: Focus on how maximize network
connectivity which in turn make the business more successful
• Technical requirements: Focus on how our solutions
can be implemented within the network with current technology and for future
expansion
Before project is started we implement an audit which
provides Information about the current network and current services and
reviewed. We compare the functionality of the existing network with the defined
goals of the new project and determine how we can integrate both the current
network and are optical backbone network solution. Tevetron uses the audit
process to determine whether any existing equipment, infrastructure, and
protocols can be reused, and how our new equipment and protocols can be
implemented to complete the required design.
Tevetron’s strategy for network design is to start
with a take a “top-down” and segregate topography approach. In this approach,
the network applications, security and service requirements are identified, and
then the network is built to support each department with the specific
connectivity required. Typically the Tevetron network is implemented parallel
with the current network and tested to confirm all specifications and
requirements of the network.
Elements Typically Impacting the Network
When implementing new or additional network systems it
is important to identify the requirements that impact the entire network which
include the following:
Elements Typically Impacting a Portion of
the Network
In certain network upgrades only a portion of the
network requires specific improvements, is important to keep in mind that these
network requirements may only affect a portion of the network which typically
include the following:
• Improving Internet connectivity and adding bandwidth
• Updating access layer LAN cabling
• Providing redundancy for key services
• Supporting wireless access in defined areas
• Upgrading WAN bandwidth
Tevetron’s Covalent Connect Optical Backbone Core Layer Design Considerations
Tevetron’s optical backbone hierarchal model is composed of the optical core-distribution layer, and optical access layer. The optical core-distribution layer is responsible for transporting large amounts of data quickly and reliably. This application ensures that the core-distribution layer is designed with fault tolerance. This device prevents unnecessary delays in network traffic quickly which typically becomes is a top priority for the network functionality.
Optical Core Layer
The Covalent Connect
core-distribution layer is the network backbone. The Covalent Connect functions
as the routers and switches at the core layer providing high-speed connectivity.
In an enterprise LAN, the core-distribution layer, can connect multiple
buildings or multiple sites, and can provide connectivity to the server farm.
The core-distribution layer includes one or more links to the devices at the
enterprise edge to support Internet, virtual private networks (VPN), intranet,
extranet, and WAN access.
Implementing an optical core-distribution layer
reduces the complexity of the network, making it easier to manage and
troubleshoot.
Objective of the Optical Core Layer
The optical core-distribution layer enables the
efficient, high-speed transfer of data between one section of the network and
another. The primary design goals at the optical core-distribution layer are as
follows:
• Provide 100% uptime.
• Maximize throughput.
• Facilitate network growth.
Tevetron Core Layer Technologies
The Tevetron Covalent Connect core layer provides for
Carrier Ethernet as a ubiquitous, standardized, carrier-class service and
network with attributes that distinguish it from standard LAN-based Ethernet
networks. The Covalent Connect attributes are standardized services, security,
scalability, reliability, management and quality of service. Leveraging these
attributes, Carrier Ethernet Services can incorporate the following
characteristics and benefits which enable implementation of robust,
cost-effective, and future proof WAN connectivity solutions.
Tevetron’s Covalent Connect used at the core layer
includes the following:
• Optical Routers or multilayer switch functions that
integrates routing and switching capabilities in the same device layer
• Redundancy and load balancing
• High-speed and aggregate links
• Agnostic Optical Routing format which provides
optimum connectivity
Customers can deploy active Ethernet based network
infrastructure to deliver bandwidth-intensive service applications such as
triple play service. The Covalent Connect also enables the use of E-Line, E-LAN
based Carrier Ethernet services, customers can offer the service type of
Ethernet private line (EPL), Ethernet virtual private line (EVPL), etc to
enterprise, SMB, SOHO customers and eventually bring substantial business
benefits to those customers as well as generate the new revenue income and
customer satisfaction for operators themselves.
The Covalent Connect solution covers Ethernet
demarcation device, that is MEF defined UNI (User Network Interface) solution
from subscriber end (UNI-C) to operator end (UNI-N). The products complies with
the MEF defined standards to guarantee the interoperability with the MEF
certified ones from other equipment providers in the world wide.
The covalent connect core-distribution layer is a
layer 2+ Gigabit access switch solution. It equips multiple port configurations
such as 100Base-FX/1000Base-X dual speed SFP slots with 10GBase-X SFP+ uplink
slots. The Covalent Connect offers the best flexibility and scalability for the
customers or service providers to deploy their Metro Ethernet network. With the
deployment of Covalent Connect core-distribution layer, customers or service
providers can flexibly provision the bandwidth either 100Mbps or 1000Mbps as
well as uplink connection of 10G speed upon their service applications.
Implementing the Covalent Connect solution at the
Metro Ethernet application, the specifications of Covalent Connect fully meet
the attributes of Carrier Ethernet proposed by MEF (Metro Ethernet Forum). The
Covalent Connect complies with MEF 9 standard to support E-Line/E-LAN service,
MEF 14 standard to enable the bandwidth profile configuration delivering SLA
(Service Level Agreement) for end-to-end performance characteristics as well as
MEF21 to support carrier grade service OAM management rapidly detecting and
recovering from the network incidents in real time.
Redundant Links
The Covalent Connect optical core implements redundant links at the core layer
to ensure that network devices can find alternate paths to send data in the
event of a failure. When our Layer 3 devices are placed at the core layer, these
redundant links can be used for load balancing in addition to providing backup.
In our flat, Layer 2 network, we can incorporate Spanning Tree Protocol (STP)
which disables redundant links unless a primary link fails. The STP operations
prevent load balancing over the redundant links in the network.
With our Covalent Connect the core layers in a network are wired in either a
full-mesh or partial-mesh optical link topology. A full-mesh topology is one in
which every device has a connection to every other device using our optical link
topography. Although in typical networks full-mesh topologies provide the
benefit of a fully redundant network, they can be difficult to wire and manage
and are more costly. Using the Covalent Connect core layer devices we can
provide the same connectivity benefits with a simpler management format and a
cost-effective installation. Typically for larger installations, a modified
partial-mesh topology is used. In a partial-mesh topology, each device is
connected to at least two others, creating sufficient redundancy without the
complexity of a full mesh. Using the Covalent Connect core layer device a number
of connection topographies are available.
Covalent Connect
Distribution Layer
Tevetron’s optical hierarchical network design for the distribution layer
includes the capability of routing, filtering, and functions as the point
between the core layer and the access layer. The Covalent Connect technology
provides for the distribution layer devices to communicate to each layer.
The distribution layer provides the routing boundary topography between the
access layer and the core layer. It also serves as a connection point between
remote sites and the core layer.
Our Covalent Connect access layer is an Optical Layer 2 +
switching technology. The distribution layer is built on an optical Layer 3 +
technology. The optical Covalent Connect routers or multilayer switches, located
at the distribution layer, provide many functions critical for meeting the goals
of the network parameters, including the following:
• Filtering and managing traffic flows
• Enforcing access control policies
• Summarizing routes before advertising the routes to the Core
• Isolating the core from access layer failures or disruptions
• Routing between access layer VLANs
Distribution layer devices are also used to manage queues and prioritize traffic
before transmission through the campus core.
Trunks
Trunk links are often configured between access and distribution layer
networking devices. Trunks are used to carry traffic that belongs to multiple
VLANs between devices over the same link.
Redundant Links
When redundant links exist between devices in the distribution layer, the devices can be configured to load balance the traffic across the links. Load balancing is another option that increases the bandwidth available for applications.
Distribution Layer
Topology
The Covalent Connect distribution layer networks are wired in our optical
topography which is usually identified as the “partial-mesh topology” in a
typical network. This optical topography provides complete redundant paths to
ensure that the network can survive a link or device failure. When the Covalent
Connect distribution layer devices are located in the same wiring closet or data
center, they are interconnected using our optical topography gigabit links
enabling the devices to be connected by longer distances to any network mode.
The Covalent Connect supports multiple high-speed fiber connections are
available to provide the desired bandwidth and redundancy.
Covalent Connect Access
Layer
The Covalent Connect access layer is used to provide location connectivity and
control user access to the internetwork resources. The Covalent Connect access
layer manages the traffic generated from the access layer locations within the
segments or other layers of the network. Without an appropriate access layer
configuration communications could quickly become inundated with traffic,
resulting in less-than-acceptable performance for the end users.
The access layer provides for edge connectivity of the network. The Covalent
Connect access layer devices reside inside each building of a campus, or on the
floors of the building for each remote site and server farm, and at the
enterprise edge.
Tevetron Covalent Connect access layer devices used in campus infrastructure are
built on optical Layer 2 + switching technology which provides to the network.
The access can incorporate a permanent wired, optical fiber infrastructure and
connect through wire-less access points. Typically Ethernet over copper wiring
poses distance limitations with the Covalent Connect access layer typical
distance limitations are removed.
Tevetron’s Covalent Connect Layer 2+ device supports Gigabit Ethernet traffic
over fiber, with combined WDM technology. The Covalent Connect provides EMF
compliant services for deploying in carrier Ethernet networks as a first point
of entry into the provider network. Our Covalent Connect access layer
incorporates traffic over fiber enabling EPL (Ethernet Private Line) & EVPL
(Ethernet Virtual Private Line) services with advanced carrier Ethernet features
per MEF-9 and MEF-14 specifications. The covalent connect access layer also
supports link and service Ethernet OAM schemes, and also provides extensive
fault detection and diagnostic capabilities to ensure that actual network
functionality complies with network specifications.
Typically network consists of more than just personal computers and printers
connecting to the access layer. Many different devices may be required that need
to connect to an IP network, including the following:
• IP telephones
• Video cameras
• Videoconferencing systems
With the Tevetron Covalent Connect technology all of these services can be
converged onto a single physical access layer infrastructure. The Covalent
Connect technology support management becomes less complex in order to provide
services such as quality of service (QoS), traffic segregation, and filtering.
Our layer 2+ access devices provide for applications and services, scalability,
availability, security, and complete manageability at the access layer.
Tevetron’s Covalent Connect Access Layer includes improvements with the
manageability of the access layer by providing the capability of increasing in
the number and types of devices connecting at the access layer and of wireless
access points into LAN applications.
Security Measures
The vulnerabilities of general networks show that typical networks are an
extremely unsecure environment. Networks must place security as a top priority
in their capabilities. Antivirus software is one way to prevent an attack, but
add additional costs over time and cannot prevent physical breaches of the
network or its applications.
Physical security of our Covalent Connect network is very important to your
network design. Most network intruders gain physical entry at the access layer.
On some network devices, such as routers and switches, physical access can
provide the opportunity to change passwords and obtain full access to devices.
Obvious measures, such as locking wiring closets and restricting access to
networking devices, are often the most effective ways to prevent security
breaches. In high-risk or easily accessible areas, it might be necessary to
equip wiring closets with additional security, such as cameras or motion
detection devices and alarms.
Securing Access Layer
Networking Devices
The typical measures listed here can provide additional security to networking
devices at the access layer:
• Setting strong passwords
• Using Secure Shell (SSH) to administer devices
• Disabling unused ports
With Tevetron’s covalent connect network switch port security and network access
control can ensure through design and connectivity such that that only known and
trusted devices have access to the network.
Recommended Practice on Security
Security risks cannot be eliminated or prevented
completely. Effective risk management and assessment can significantly minimize
the existing security risks. When considering security measures, it is important
to understand that no single product can make an organization secure. True
network security comes from a combination of products, services, and procedures
and a thorough security policy and commitment to adhere to that policy
Data Center Security
Data center servers can be the target of malicious
attacks and must be protected. Tevetron’s covalent connect optical network
topography has capability of reducing or preventing attacks against server farms
which can result in lost business for e-commerce and business-to-business
applications and in information theft. Using Tevetron’s optical network
topography in both LANs and storage-area networks (SAN) can be secured to reduce
the chances of such attacks. Hackers use a variety of tools to inspect networks
and to launch intrusion and denial-of-service (DoS) attacks which becomes more
difficult using the optical topography network.
Summary
The parameters of a robust and secure network requires
concerted efforts by network designers and technicians, who identify network
requirements and select the best solutions to meet the needs of a business.
The four fundamental technical requirements of network
design are scalability, availability, security, and manageability.
Tevetron’s Covalent Connect optical architecture can
be used to further divide the three-layer hierarchical connectivity into
specific departments and modular areas within each department. These modules
represent access layer devices in areas that have different physical or logical
connectivity.
Large network design projects are normally divided
into three distinct steps:
• Identify the network requirements.
• Characterize the existing network.
• Design the network topology and solutions.
Failure to correctly estimate the scope of a network
or network upgrade of the project can greatly increase the cost and time
required to implement the new applications and requirements. The functionality
of the core layer is extremely important in delivery topography. The
incorporation of Tevetron’s Covalent Connect optical topography and management
system makes delivery task easier.
Functions of the core layer design include the
following:
• Provide 100% uptime.
• Maximize throughput.
• Facilitate network growth.
• Redundancy at the core layer enables the network to
keep functioning even when a device or link
• Layer 3 devices, including multilayer switches, are
usually deployed at the core layer of the network.
• Most core layers in a network are wired in either a
full-mesh or partial-mesh topology.
• Devices at the core layer usually contain redundant
power supplies and hot-swappable components.
• Fast-converging routing protocols, such as OSPF and
EIGRP, are the appropriate choice for the core layer
The distribution layer represents a routing boundary
between the access layer and the core layer. As with the core layer, the
distribution layer goals must also be met. The design goals for the distribution
layer are as follows:
• Filtering and managing traffic flows
• Enforcing access control policies
• Summarizing routes before advertising them to the
core
• Isolating the core from access layer failures or
disruptions
• Routing between access layer VLANs
In the typical hierarchical design model, it is
easiest and usually least expensive to control the size of a failure domain in
the distribution layer. Redundancy at the distribution layer ensures that
failure domains remain small. Providing multiple connections to Layer 2 switches
can cause unstable behavior in a network unless STP is enabled. Traffic
filtering is one way to ensure the smooth flow of traffic between the access and
the core layers. This is accomplished at the distribution layer. ACLs are
commonly applied to routers to ensure that traffic flows continue, and they
provide an additional level of security for the network. With ACLs enabled, the
router examines each packet, and then either forwards or discards it, based on
the conditions specified in the ACL.
The criteria for the decisions can include the
following:
• Source address
• Destination address
• Protocols
• Upper-layer port numbers
• Whether the packet is part of an established stream
In addition to providing basic connectivity at the
access layer, the designer needs to consider the following:
• Naming structures.
• VLAN architecture.
• Traffic patterns.
• Prioritization strategies.
• Most recent Ethernet networks use a star topology,
which is sometimes called a hub-and-spoke topology.
• Using VLANs and IP subnets is the most common method
for segregating user groups and traffic within the access layer network.
• Networks also need mechanisms to control congestion
when traffic increases and queues for delivery.
• Congestion is caused when the demand on the network
resources exceeds the available capacity.
• Classifying data at or near the source enables the
data to be assigned the appropriate priority as it moves through the entire
network.
For networks, it is extremely important that these
goals and considerations be used from the very beginning of the network design
methodology. From the topology used to the level of physical access given to
personnel can mean the difference between a successful network implementation
and a dismal failure.
TEVETRON VISION ADVANTAGES ISP CONNECTIVITY LAN and WAN THE NETWORK NETWORK OVERVIEW
Our COVALENT CONNECT Solution
© 2017 Tevetron LLC. All Right
Reserved.|(414)795-8518|
Info@Tevetron.biz 15350 W National Ave, New Berlin,
WI 53151 USA