How do I do a WAN connection for 3 sites?

[Oberon103]

I've been working under this professor for my master's degree and this is the problem he gave me. The course is online, and the guy has been far less than helpful in this class. If anybody can give any clues about how to even get this thing started. Yes I do have a basic setup, but I have no clue if I'm right. It is an intensive project and everything I've looked up has helped me to progress but what I'm looking for is a good guide that I can follow to do it. Wikipedia doesn't answer most of the questions I need. PLEASE help?!

The final project is to design a network, network security and WAN connectivity for the following situation: Organization of 100 computer users in three locations. •Location one: two buildings, 25 computer users total in each building. total of 50 •Location two: one building, 15 computer users. •Location three: one building 35 computer users. Document your design as follows: MS Word Doc Paper 1.Introduction to the design Explanation of equipment and software used. 2.Diagram of the entire network. 3.Diagrams for each location. 4.Explanation of security procedures. 5.Explanation of WAN connection.

Sincerely,
Confused Student

 

[bill001g]

Impossible to even predict since the number of computer at a location means very little. The amount of traffic between the sites, how far apart are the sites, where servers are located, where the internet gateway is,does the traffic allow you to run hub and spoke or must you have direct any-any traffic. This is only the start.

If nobody cares about this then just propose unrealistic solutions like put in a 10g dark fiber mesh between all the sites or if they are in different countries use direct satellite earth stations. Or maybe paying someone to drive flash drives back and forth will be good enough.

It is impossible to even guess a design without some information about what types of traffic is expected.

 

[Oberon103]

Impossible to even predict since the number of computer at a location means very little. The amount of traffic between the sites, how far apart are the sites, where servers are located, where the internet gateway is,does the traffic allow you to run hub and spoke or must you have direct any-any traffic. This is only the start.

If nobody cares about this then just propose unrealistic solutions like put in a 10g dark fiber mesh between all the sites or if they are in different countries use direct satellite earth stations. Or maybe paying someone to drive flash drives back and forth will be good enough.

It is impossible to even guess a design without some information about what types of traffic is expected.

 

[Oberon103]

Thanks for the reply bill001g. I understand how difficult this question is, because I'm thoroughly confused. As I said, the teacher has offered no help. I've never put together a network. According to the question I was going to make the site as if it was buildings in an industrial park. I really have no clue as to what I'm doing. I did gather that he wants a realistic solution and the teacher has been extremely anal about everything I've turned in. The papers I've written for his class have all been perfect but he decided to take points off on technicalities (i.e. they were APA papers but I didn't put an abstract in one, the next one I put the abstract in but it wasn't on its own page, third I made the paper correctly and then he said it was incorrectly referenced.) So yea, this guy is going to pick this apart. I'm very nervous about this because of the fact that it's worth 45% of my grade which would basically kill me if I fail. If I can somehow manage a B on the final I'll still mostly likely get an A-.

In any case, the guy seems to want a proposal for a WAN for a company of this style. So that's how I was approaching this.

 

[bill001g]

If it is a industrial part it is a MAN at the very best but it sounds like a LAN. The standard solution in this case really is dark fiber connected between buildings running switches. Either all layer3 in all buildings or layer 2 with only layer3 switch in the main location both are valid designs with cost being the only difference.

A true wan design really needs to take the distance into account.

If he is going to be a jerk then give him the design every major company uses. You make the standard quality and security assumptions that large organizations make.

1. The WAN connection must have a guaranteed throughput level, with guaranteed end to end latency, and a guaranteed repair time in case of faileure...normally this is 4 hrs. The service level must be guaranteed for 5 nines ie 99.999% availability.
2. The circuits to each location will be diverse and protected.
3. The routers will be monitored 24x7x365 for fault as well as utilization.

This is what I put in every day and is really what we deliver, cost is secondary to quality in most wan network and since there is not a budget limit then recommend the best solution.

Now how you actually do this is actually really simple. You call up the major network providers and request bids on a managed MPLS network and tell them the size of the circuits at each location. At this pointy you are only responsible for the LAN at each site. The provider handles making sure all the traffic flows correctly and manages all the wan routers. You would think it would be cheaper to buy your own circuits and hardware but its not. The vendors are so competitive and want to sell managed services so badly that it is cheaper to just outsource this to them than to run it yourself.

This has huge advantages over anything you can build yourself since the network is easily scaled up and down based on need. It is secure because it is private rather than over internet. It tends to be very robust since the provider networks tend to be very redunant.

The only other issue you would be concerned with was internet access and because most corporation need very strict control of data flowing to and from a company due to sarbanes oxley requirements you are best off centralizing this so you can prove conformance and spend the money to do the security only a single time.

Now if you had requirements for protection of medial data because of Hippa or you had government contracts that restrict certain function to be performed only by citizens your deigns can be completely different.

The technical part is actually the easy part in network design. It is meeting all the other requirements that makes it be that there is no standard solution.