Presentation is loading. Please wait.

Presentation is loading. Please wait.

Internet Service Provisioning Phase - I August 29, 2003 TSPT Web:

Similar presentations


Presentation on theme: "Internet Service Provisioning Phase - I August 29, 2003 TSPT Web:"— Presentation transcript:

1 Internet Service Provisioning Phase - I August 29, 2003 TSPT E-mail: tspt@telecom.net.ettspt@telecom.net.et Web: www.tspt.net.etwww.tspt.net.et

2 Agenda  Existing System Architecture  ISP Operations  Security  Existing ISP Problems  TSPT Recommendations

3 Existing System Architecture Insert Pictures here …

4 ISP Operations Network Part System Part

5 ISP Operations Network Part

6 The gateway router Cisco7507 (the Core Layer) Not redundant! What if the Gateway totally fails? Highly overloaded routing traffic towards the two international links and high bandwidth leased line customers. Minimum 100baseT VIP card interfaces required on the gateway to support ever-growing traffic. The BGP configuration needs to be revised with the Gateway Capacity.

7 Catalyst Cisco switch 5509 (the distribution Layer) Needs to be redundant. Should be high-speed gigabit but it isn’t The Ethernet interfaces should be replaced to accommodate Internet traffic growth since it is an aggregate point.

8 Access Points Cisco 3640 for POP’s Recommended to be redundant. Upgrade need to be done. The routing configuration should use dynamic routing in case scalability and flexibility are required.

9 Access Points … Cisco 3640 for Leased line Upgrade needed to support interfaces supporting bandwidth greater than 128Kbs. Policy based routing should be implemented to define security layer. Processing capability should be improved with growing leased line traffic.

10 Access Points … Access Server Cisco AS5300 Upgrade to Cisco AS5400 as CISCO Recommends. Additional Modem cards over the existing 24*E1 to handle increasing dial up users The traffic behavior should be studied

11 ISP Operations System Part

12 Firewall Server  The type and functionality of the firewall currently in use should be revised strictly.  The server in use isn’t designed to accommodate the ever-growing Internet traffic. Thus processor, memory and license issues need to be addressed.  The firewall needs to be upgraded.  Routing and policy of the firewall need to be revised.  Redundancy required.

13 AAA server  The processing capability and the memory should be revised.  The radius server needs to be revised in terms of license and updates with growing dialup user and time.  It should be configured fully redundant in terms of all software and license and should be automatic  The overall capacity needs to be upgraded.

14 Mail server ( mail.telecom.net.et ) Increased Virus attacks via e-mail No Anti-Virus installed. Insufficient Hard disk Space for storing user mail boxes. The SMTP server is not well secured. I.e. anybody can send mass mailings or spam to anyone of our customers using any e-mail address.

15 Freemail server ( www.freemail.et ) Free Mail Server is using a trial version No anti-virus is activated on it. The freemail server is not in a position to accommodate the ever-growing freemail users unless the hard disk capacity is upgraded.

16 Web Server ( www.telecom.net.et ) Poor GUI administration Doesn’t support the famous ASP scripts and PHP scripts. Loss of configuration files when the server is down due to reasons such as power failure.

17 FTP Server No Standalone FTP Server, The Web Server is acting as an FTP Server

18 Security Lack of proper skilled man power and security policy. Lack of proper system password allocation and management. No mass mailing and intrusion detection mechanism. Lack of proper troubleshooting procedure and documentation on the overall system.

19 Existing Problems on Focus

20 Existing ISP Problems Poor system design on both Network and System part: Traffic Analysis Users behavior Redundancy & Hot stand by System Sizing (Memory, Hard disk, Processor speed, etc …) E.g. Gateway Router, Mail Server, Firewall Server Use of 10 base T Interface to the Gateway

21 Continued … System Insecurity Technology wise Spam and Intrusion Detection Anti-virus, etc … Expert wise Security Expert Network Management Expert System Expert Expert on proper resource management Communication Gap

22 Continued … Frequent service interruptions and total service failures Lack of appropriately trained staff Lack of expertise Lack of documentation

23 TSPT Recommendations Short run /immediate solution/ Upgrading the firewall to detect any internal/external attacks Upgrading the Gateway Router. Upgrading the Access Server. Deploying Anti-Virus Solution for ISP. Making the traffic at the gateway to follow simple and dynamic routing as well as to avoid any memory consuming matters like policy editing, avoiding direct leased line connections to the Gateway.

24 TSPT Recommendations … Long run solution A well-designed ISP Network properly addressing the following issues Redundancy Security Versatile NMS and Systematic Troubleshooting Procedures Well trained staff specializing in network, system and security

25 The END!! Thank you!!


Download ppt "Internet Service Provisioning Phase - I August 29, 2003 TSPT Web:"

Similar presentations


Ads by Google