TeamE JonathanSullivan

02-12-2012
Project Proposal
IIS Dallas Consolidation
Team 3
Andre Young-Sang Jonathan Sullivan Mike Williams
PROJECT PROPOSAL - IIS DALLAS CONSOLIDATION
Table of Contents
Executive Summary ................................................................. 3 1. 0 Revision History ................................................................ 5 2.0 Project Overview ................................................................ 6
2.1 Project Overview ....................................................................................6 2.2 Project Description .................................................................................7 2.3 Chosen Solution .....................................................................................7
3.0 Solution Strategy................................................................ 9

3.1 Project Definition and Kick-off................................................................9 3.2 Business Needs .....................................................................................9 3.3 Solution Overview ..................................................................................9 3.4 Organizational Benefits ....................................................................... 10
4.0 Solution Scope ................................................................. 11

4.1 Solution Details.................................................................................... 11 4.2 Testing before installation ................................................................... 17 4.3 Installation details ................................................................................ 17 4.4 Post-Installation Testing details .......................................................... 17 4.5 Network Documentation details.......................................................... 18 4.6 Training details .................................................................................... 18
5.0 FINANCIALS...................................................................... 19
5.1 Customer Budgetary Guidelines ........................................................ 19 5.2 Materials .............................................................................................. 19 5.3 Summary Project Budget.................................................................... 20
6.0 PROJECT CONDITIONS .................................................. 22 7.0 PROJECT CLOSE OUT .................................................... 23 8.0 PROJECT ORGANIZATION............................................. 24 9.0 COMMUNICATION............................................................ 25
PROJECT PROPOSAL IIS DALLAS CONSOLIDATION PAGE
10.0 SIGNATURES.................................................................. 26 11.0 APPENDIX ....................................................................... 27

11.1 Existing System Diagrams ............................................................ 27 11.2 Proposed System Diagrams ......................................................... 31 11.3 Project Schedule in Gantt Chart Format.......................................... 36
REFERENCES ......................................................................... 38
PROJECT PROPOSAL IIS DALLAS CONSOLIDATION
PAGE
Executive Summary
Intelligent Imaging Solutions is a Dallas, Texas based company that develops consumer and military-oriented navigation systems (GPS). They have a total of 2,334 full time employees working within the organization that consists of two divisions: the Commercial Division and the Defense Division. The Commercial Division is responsible for the designing, building and testing of all prototypes, and is shared between the Dallas and Shanghai locations. The Shanghai location is the primary manufacturing site which houses a staff of manufacturing engineers that are responsible for taking the prototype engineering specifications and creating the engineered products that are efficiently and cost effectively produced. The other international location in London is primarily responsible for sales, customer support and distribution. The Military Division, which is located in Fairfax, VA, is where IIS design engineers collaborate with the MSA (Military Security Agency) to design and produce highly classified algorithms and models. These algorithms and models are often integrated with the works of other contractors, and need to be protected by the highest level of security. As a result, this division is isolated from the Commercial Division for security purposes, which is the cause of the hodgepodge that the organizations network is now experiencing. These factors contributed to the decision that the current network infrastructure of IIS will not be able to keep up with the growth that the company is expecting in the future, and as such, a complete overhaul is necessary. There needs to be an improvement in security among all the branches, especially the Fairfax location, remote access for home-agents, a unified email system, network redundancy, new network management capabilities, and uniform technologies throughout the entire network. The Board has approved a budget of $2 million for a successful and timely completion of the project, but will approve additional funds if the expenses can be justified. Team E was contracted to design the new network infrastructure that would cover all the requirements of the company. New routers and switches will provide Quality of Service (QoS) capabilities for data, voice and video. VoIP will also be the method of technology for communication purposes, and is predicted to deliver a large Return on Investment (ROI) for the organization. The security requirements of the company will be addressed through the installation and configuration of Untangle, which is open source software that will act as a firewall, antivirus, antispyware, adblocker and web filter. Additional features can be added on at reasonable costs. The Fairfax location will have its own network due to the confidential nature of the business it does there. It will be completely independent of all the other locations and will comply with the strict security protocols it requires.
The new infrastructure will be managed and monitoring will be handled by Nagios, an open source application that will allow administrators to be proactive in their efforts to maintain uptime. Exchange servers will be installed and configure at the Dallas and Fairfax locations to satisfy their emails needs. London and Shanghai will connect to these serves via VPN or Outlook 2010 log in. The entire for the project estimated by Team E will be $1,894,792.00, which is in compliance with the allotted budget established by IIS. The design is robust, secure, and scalable, and satisfies all the requirements that a growing company like IIS would need in a network and communication system.
PAGE
Section
1. 0 Revision History
Revision
1 2 3 4 5 6 7 8
Date
2/12/2012 2/15/2012 2/16/2012 2/17/2012 2/18/2012 2/19/2012 2/19/2012 2/19/2012 All All All All All
Author
Description
Rough draft submitted to Professor Baig for evaluation Updated diagrams IP Addressing Scheme Revised Updated Budget Numbers and Monthly Costs Updated Section 4.1 Solution Details for each location Revised and Edited Revised and Edited Revised and Edited
Andre Jonathan Mike
PAGE
Section
2.0 Project Overview
2.1 Project Overview

The proposed network is designed to serve the IIS Dallas headquarters /Consumer Division Prototyping building, the Shanghai manufacturing facility, the London Sales, Support, and Distribution Center; as well as the Fairfax, Virginia location which handles military defense contracts and houses a team from the Military Security Agency. IIS Currently has three separate buildings in Dallas, of which all will be consolidated into the new Dallas headquarters /Consumer Division Prototyping building which is 150,000 sq. ft. spread over three floors. The new Dallas headquarters building will consist of totally new infrastructure and equipment. The Shanghai, London, and Fairfax locations will all undergo network infrastructure upgrades, modifications and minor equipment upgrades as needed to optimize performance and consistency throughout the IIS corporate network. Intelligent Imaging Solutions designs and produces navigation system products globally to consumers from their Commercial Division. They also work in conjunction with other contractors and the United States Military Security Agency towards the design and production of sophisticated algorithms and models. IIS is experiencing constant growth, and as a result, they have now reached the maximum potential of the existing network. The organization has decided to revamp its network infrastructure to make it more efficient, secure and scalable for future growth of the company. IIS has decided to consolidate all of its Dallas headquarter employees into a single building, thus taking a step towards improving upon the mismatch of technologies that currently plagues the existing infrastructure that stretches across all the offices and warehouses in the various locations in Dallas, Fairfax, London, and Shanghai. IIS also has a number of engineers and sales representatives that maintain home offices. These employees need remote access capabilities to perform their job responsibilities. The IIS board has approved a budget of $2M (million) for the projects successful completion. Additional funds can be provided if Team E can justify the expenses to the board in advance. The major requirements of the company should be satisfied after the completion of the project. These requirements are: budget, availability, security, and access.
PAGE
2.2 Project Description

The main purpose of this project is to provide a solution that addresses the current issues of IIS network infrastructure as well as allow growth. Issues such as mismatching of technologies, security, remote access for home employees, unavailability for customers, expandability, redundancy capabilities, will all be addressed with a robust solution that will contribute to the growth of the company. There will also be the implementation of a VoIP system that is predicted to save the company a substantial amount of money on communication every month Team E was contracted to implement the new system, and the scope is as follows: The acquiring, installing and configuring of all equipment necessary for the network overhaul. Team E is also responsible for making sure that all connections are up and running before the project is signed off on for completion IIS is responsible for the following: Provide access to all locations that require equipment installation Provide schedule for installation date and time Coordinate implementation activities on site Make sure that all connections are up and running before final sign off
2.3 Chosen Solution

The solution that Team E has designed for Intelligent Imaging Solutions is a complete overhaul of the existing infrastructure. Pertaining to the switching and routing equipment currently in place at all locations, all devices will be replaced. Team E will bring in all new top of the line Cisco equipment across the board, to supply the best technology available to properly mesh the networks that IIS has across the globe. With the Cisco infrastructure in place, all users at each location will be able to easily access all of the information that they need, while meeting all security requirements IIS has put in place. Redundancy will be built in from the core at the levels where it is required, primarily Dallas and Fairfax. A state of the art VSphere virtual system will be implemented to host the server load required for a company this size. With the VCenter managing the 10 servers initially planned, the physical resources of the three host servers can be shared by all VMs to provide maximum performance, reliability and recoverability. VCenter provides DRS (distributed resource scheduling) with vMotion capability and HA (High Availability) options. DRS can use vMotion to automatically move live machines to different hosts when it sees an opportunity for a performance boost, while HA will automatically
PAGE
restart a failed VM on a different host in the event of a hardware failure. All of these capabilities will greatly enhance the uptime seen by the end users on the IIS network. Additionally, all users will be moved to the recent Exchange Server 2010 platform. This move will offer users larger mailbox sizes, while making many of the smaller tasks that admins do every day substantially easier: Calendar sharing is a breeze, archiving is handled natively (no more PST files everywhere), and replication and backups are much simpler. Finally, the new WAN technology that Team E will be implementing is an MPLS inter-company trunk solution. MPLS offers a variety of advantages to IIS, including Quality of Service (QoS) and Class of Service (CoS), which allows the grouping and prioritizing of traffic based on similarity. The switch over to MPLS and an all-digital VOIP system will offer marked improvements in the phone system for all users. Not to mention an incredible cost savings, in comparison to traditional telephony technology.
PAGE
Section
3.0 Solution Strategy
3.1 Project Definition and Kick-off

Team E will work closely with Intelligent Imaging Design personnel during this time to review the technical, cost and schedule baseline of the project. The project requirements will be reviewed with Intelligent Imaging Design to ensure all aspects of the project are covered in Team Es scope. Points of contact will be finalized, a preliminary schedule will be discussed and project team member roles and responsibilities will be discussed.
3.2 Business Needs

First and foremost IIS is looking for a secure, functional, and future-proof communications infrastructure. This new network design must be cost-effective yet redundant, in order to minimize/eliminate downtime. Fault-tolerance is vital and must be incorporated into the design of the network from the ground up. All telecom infrastructures currently in place at Dallas locations must be completely replaced. All branch office locations will be maintained to the highest degree possible. However, networking and communications infrastructure will be upgraded as required in order providing for a companywide unified communications network. As part of creating a unified communications infrastructure the project will implement a full true VoIP solution which utilizes the latest and greatest SIP phone technology. We will also be installing a unified email system with uses Microsoft Exchange and will be integrated into the new VoIP system for easy to use companywide communication. The reason for going with Microsoft Exchange as a corporate wide email solution is simple. Due to the proprietary nature of the business and for security reasons it must remain a hosted system and cannot be outsourced to the cloud by any means. At least two different ISP's are needed at the Dallas Headquarters location for peering, and redundancy.
3.3 Solution Overview

Team E proposes the following general solutions to meet the criteria given by Intelligent Imaging Solution: Implement new VoIP communication system across all branches Deploy MPLS network to unify communication between all branches Install and configure Microsoft Exchange Server for IIS email needs Install and configure new network devices across all branches (switches, routers, servers)
PAGE
Implement Firewall to improve security capabilities across all branches, especially Fairfax Configure secure VPN access for all home agents
3.4 Organizational Benefits

Increased efficiency and productivity for end users Cost savings on communication due to VoIP implementation. Research has shown that VoIP has the potential to save a company 40% on local calls, and up to 90% on international calls Increased accessibility for customers at all sites Increased network security, especially Fairfax, and home agents across all branches Better email capabilities More room for company growth; scalability Better troubleshooting capabilities due to network uniformity
Intangible Benefits: Improved communications on all fronts Staff becomes more technologically inclined due to training and exposure to new technology Customer satisfaction increases due to an increase accessibility More efficient use of network resources Overhauling the network will ensure compliance with the latest technology standards Improved network management capabilities allow accurate identification of branch down time and peak hours
PAGE
10
Section
4.0 Solution Scope
4.1 Solution Details

DALLAS The new Dallas location will be the hub of all activity on the IIS network, and as such will require redundancy at all levels to ensure constant uptime and accessibility for all IIS employees. Team E will have two WAN service providers each bringing in a 1Gbps connection to the new Dallas building. Two Cisco ASR 1002 WAN Routers will be installed to handle these incoming connections, with Time Warner and Comcast being aggregated by one device, while Level 3 Communications comes in through the second router. All of the ISP terminations will be done within the secure server room at the Dallas facility. Equally, all of the networking equipment listed within this section will be within the server room unless otherwise noted. This will provide an essential layer of physical security to the IIS network. Team E will have a passcard system installed on the server room door, and will train IIS personnel on the management of the system. There will also be standard keylock entry for occasions when the power is out or some other issue has caused the passcard system to be nonfunctional. Team E will work with IIS IT staff to devise a list of users with key access. Behind these routers, Team E will install two Dell PowerEdge T410 servers running the Untangle software package. This application will handle the firewall security, web filtering and VPN functionality that they require for their users. The VPN authentication from these devices will be handled by RADIUS back to the IIS Domain Controllers, and all IIS IT personnel will be trained in VPN rights management once installation is complete. Both of these servers will each have connections to both WAN Routers for redundancy. The next link within the IIS server room will be the backbone of the Dallas network: Dual Cisco Catalyst 4500-E switches. Both of the Untangle systems will be connected to each Catalyst 4500 to supply redundant connections. All cabling within the Dallas building will comply with the standards agreed upon between Team E and IIS staff: fiber communications when possible within the server room, cat 6 wiring throughout the rest of the building. The Catalyst switches will be configured for all VLANing necessary as documented in the diagrams section, and all DHCP will be handled by the domain controllers. The Dallas location has been assigned addresses within the 10.0.0.0 network. The VLANs assigned to the departments within the building will each have their own specific subnet within the buildings network, to allow for easy management of departmental traffic. The specified VLANs will be as shown in Figure 1.
11
Dallas, TX Headquarters
Blocks/ Section Infrastructure Sales/Marketing Engineering Management Finance Call Center/Other Human Resources Teleworkers Other Phone System
Figure 1 The next item to be installed within the Dallas server room will be the Cisco WS-3750X switches required to handle the connections to all first floor locations. We will be installing 12 of these 48 port switches to handle the approximately 500 workstation to be wired on the ground floor. A patch panel will be mounted on the wall adjacent to the racks to handle all cross connects. Proceeding up from the ground floor server room, Team E will require a network closet on the second and third floors to house additional patch panels and switches. On each floor we will install an additional 11 Cisco WS-3750X switches to handle all switching needs on the floor in question, as well as a patch panel setup identical to the first floor. All of the Cisco WS-3750X switches are PoE, allowing the Aastra IP phones that will be installed at each desk to be powered from these switches. Due to these power concerns, Team E will install sufficient uninterruptible power supplies within the second and third floor network closets to mitigate any concerns of brown outs or spikes affecting the desk phones. All of the network cabling installation will be handled by a licensed and bonded subcontractor. All wiring installed throughout the new building will be Cat6 and will meet all required code. Multiple UPS systems will also be in place within the server room on the ground floor to ensure power protection for all devices and servers within. Each UPS system within the building will have a network address to allow for easy monitoring and management of all units. Furthermore, Team E will also install an Asterisk FreePBX phone system that will work in conjunction with the new Aastra IP phones. All Cisco networking equipment that is being purchased is capable of handling the Quality of Service (QoS) requirements that are needed to get the most of this VOIP system. IIS will buy the external trunks necessary for the phone systems, and the FreePBX system will be used to setup internal company SIP trunks linking the PBX at each branch
Network 10.0.0.0/21 10.0.8.0/22 10.0.12.0/23 10.0.14.0/23 10.0.16.0/23 10.0.18.0/23 10.0.20.0/24 10.0.21.0/24 10.0.24.0/21 10.0.32.0/21
Range of IP Address From To 10.0.0.1 10.0.7.254 10.0.8.1 10.0.11.254 10.0.12.1 10.0.13.254 10.0.14.1 10.0.15.254 10.0.16.1 10.0.17.254 10.0.18.1 10.0.19.254 10.0.20.1 10.0.20.254 10.0.21.1 10.0.21.254 10.0.24.1 10.0.31.254 10.0.32.1 10.0.39.254
Gateway Subnet Mask 10.0.0.1 10.0.0.1 10.0.0.1 10.0.0.1 10.0.0.1 10.0.0.1 10.0.0.1 10.0.0.1 10.0.0.1 10.0.0.1 255.255.248.0 255.255.252.0 255.255.254.0 255.255.254.0 255.255.254.0 255.255.254.0 255.255.255.0 255.255.255.0 255.255.248.0 255.255.248.0
DNS Servers 10.0.0.50, 10.0.0.51 10.0.0.50, 10.0.0.51 10.0.0.50, 10.0.0.51 10.0.0.50, 10.0.0.51 10.0.0.50, 10.0.0.51 10.0.0.50, 10.0.0.51 10.0.0.50, 10.0.0.51 10.0.0.50, 10.0.0.51 10.0.0.50, 10.0.0.51 10.0.0.50, 10.0.0.51
VLAN 1 2 3 4 5 6 7 8 9 10
Hosts 480 240 180 120 120 60 1200
Usable Hosts 2046 1022 510 510 510 510 254 254 2046 2046
PAGE
12
office location. Thus, allowing for inter-company calls to take place without being billed by the outside SIP trunk provider which is nexVortex. IIS currently has a domain controller and an Exchange Server that will remain within the new setup. The Exchange box will be reconfigured as a front-end to the incoming Exchange 2010 system. All other servers that are currently running will either be converted to a virtual machine or phased out. Other than the two servers just mentioned, and a new Asterisk server that will be purchased, all other servers in the IIS domain will be virtual on the new infrastructure. The existing domain controller, the new virtual domain controller, and the Exchange boxes will all handle DNS and DHCP respectively. In addition, three new physical servers will be purchased and installed in the Dallas server room, along with two Dell Storage Area Network units. The two SAN devices will be configured as shared storage for the two powerful redundant servers, which will all run VMWares vSphere 4.1 software. The virtual environment will host the following: A second domain controller A second Microsoft Exchange 2010 front-end server Dual Microsoft Exchange back-end servers Nagios network management server Database servers (as necessary; existing units will be P2Vd for inclusion) Application servers (as necessary; existing units will be P2Vd for inclusion) File servers (as necessary; existing units will be P2Vd for inclusion)
Each physical server within the Dallas server room will have a minimum of two network interface cards. These connections will be teamed within the operating system, but the cable from each card will go to separate Catalyst switches, ensuring that although each server only has one network address, there will be redundant connections to ensure uptime in the case of any hardware issues within the core network. One component that was requested that we install was a company wide web filter. The Untangle applications that will be installed at each site will all have their web filter components configured with identical settings, supplying all users with the same set of restrictions, and allowing for easy rebuilding of an Untangle server should there be any hardware issues. Untangle will provide administrators with an easy to interface for monitoring employees and controlling access. Team E will work with the Dallas technical team to upgrade the existing workstations to Microsoft Windows 7 Professional with Office 2010 professional. A coordinated effort will be required with the assistance of the entire Dallas support team in order to get this many computers upgraded in the time allotted. All efforts will be made to maintain PC
13
PAGE
naming conventions that were in place previous to this project. All usernames will remain the same as well. Team E will coordinate with the Dallas IT staff to implement the backups of all pertinent servers to alternate locations across the WAN connections. These will be done during off hours due to bandwidth concerns.
FAIRFAX The Fairfax branch office, which is home to all military defense contractor work, is the most secure facility that Team E will manage. The facility is completely independent of all other offices as it has to adhere to strict security protocols (*With the exception of the HR subnet and the Phone System). Aside from that, Fairfax is very similar to the headquarters office in that they both utilize a vSphere virtual environment to host many of their servers. This helps to cut costs, increase efficiency and upgradeability. Starting out with the ISPs, Fairfax uses a 1Gbps line from Time Warner in conjunction with another 1Gpbs line from Level3 Communications. The Level3 line is dark fiber and is only used in the event of a failure from Time Warner. This redundancy ensures little to no downtime. Both ISPs have outstanding service level agreements which allows great uptime guarantees. Both ISPs are fed into a Cisco ASR 1002 WAN Router which will perform the failover to the dark fiber automatically and re-establish itself to the company wide MPLS network through agreements made with the ISP. Next, all traffic is passed through the Untangle Unified Threat Management Server via 10G Ethernet, which will act as a firewall, web filter, and cached web proxy all in one. The Untangle UTM will also provide outside VPN connectivity to remote teleworkers utilizing OpenVPN technologies. Untangle will control and secure all inbound connections and ensure the proper conformance to all security protocols put in place by the Department of Defense. We then enter the backbone switch which is a Cisco WS-C3750x-24T-L gigabit switch that is connected via a 10G Ethernet cable. Attached to the backbone switch is the main domain controller. Aside from the domain controllers regular duties they will also serve as the DHCP servers and the main DNS servers for the entire Fairfax facility. Isolation and security of the Fairfax facility is handled at the layer 2 level in the form of VLANs which will isolate all devices at the Fairfax facility from talking to any other facility. The two exceptions are the phone system VLAN and the HR department VLAN, as companywide connectivity is a requirement for devices within those individual VLANs. The rest of the Fairfax network infrastructure is identical to that of the headquarters office. IP addressing will be handled in accordance with Figure 2 below.
PAGE
14
Fairfax, VA Defense Contractor Office

Blocks/ Section Infrastructure Management Engineering Sales/Marketing Other Teleworkers Phone System
Figure 2 London and Shanghai Requirements: Both London and Shanghai locations are currently connected using a mix-and-match of technologies and require the same communication infrastructure as the other corporate offices to achieve uniformity. Employees should be able to access corporate resources at any time and from anywhere. There is also a need for a network security upgrade at both locations since the networks were never properly managed and were not flexible enough to grow with the companys needs over time. Team Es design will make sure that there is uniformity throughout the entire network infrastructure, employees have multiple ways to access company resources, and security is up to the standards of the requirements of IIS. The London branch location is mainly responsible for the sales, support and distribution of IIS products, and has a total of 160 employees including home agents and is responsible for the sales, support and distribution of IIS products, while Shanghai is responsible for manufacturing. Both have a total of 160 and 846 employees respectively. Solution: Both locations will have similar solutions to satisfy their requirements, with minor differences to compensate for the number of employees. The ISP will be providing a 1Gbps connection to both buildings, which will be handled by a Cisco ASR 1002 WAN router. The WAN router will be connected via gigabit link to an Untangled UTM Server that will handle firewall security, web filtering and VPN functionality that is required by users. Untangle provides a multi-function firewall solution without the need for expensive hardware and the space that they require. Beneath the Untangle firewall, a Cisco WS-C3750X-24T-L switch that will handle the domain controller, file server and FreePBX features of the network. London will have a single domain controller server for its 160 employees, while Shanghai will have two domain controllers to support its 846 employees. The domain controller will be configured to handle regular tasks such as authentication and permission checking, as well as DNS and DHCP responsibilities.
15
Network 10.1.0.0/23 10.1.2.0/23 10.1.4.0/23 10.1.6.0/23 10.1.8.0/23 10.1.10.0/23 10.1.12.0/23
Range of IP Address From To 10.1.0.1 10.1.1.254 10.1.2.1 10.1.3.254 10.1.4.1 10.1.5.254 10.1.6.1 10.1.7.254 10.1.8.1 10.1.9.254 10.1.10.1 10.1.11.254 10.1.12.1 10.1.13.254
Gateway Subnet Mask 10.1.0.1 10.1.0.1 10.1.0.1 10.1.0.1 10.1.0.1 10.1.0.1 10.1.0.1 255.255.254.0 255.255.254.0 255.255.254.0 255.255.254.0 255.255.254.0 255.255.254.0 255.255.254.0
DNS Servers 10.1.0.50, 10.1.0.51 10.1.0.50, 10.1.0.51 10.1.0.50, 10.1.0.51 10.1.0.50, 10.1.0.51 10.1.0.50, 10.1.0.51 10.1.0.50, 10.1.0.51 10.1.0.50, 10.1.0.51
VLAN 11 12 13 14 7 15 10
Hosts Usable Hosts 45 56 102 22 10 235 510 510 510 510 510 510 510
PAGE
Each location is equipped with FreePBX servers working in conjunction with AASTRA phones that will be installed for each user. Each AATSRA phone is integrated with a gigabit Ethernet switch that will connect each workstation to the network. Also connected to the Cisco WS-C3750X-24T-L switch 4 Cisco WS-C3750X-48P-S switches to handle the 132 employees that the London location will have on site, and 18 WS-C3750X-48P-S to handle 838 on site employees in Shanghai; this not only satisfies the number of employees, but also provides extra stations in case of growth. These devices will be secured in the server room at the Shanghai facility, which will have the same level of security as the corporate headquarters. Emails will be remotely handled by the exchange server located in Dallas via the web login over the VPN, or through Outlook 2010. VLANs: VLANs will be handled by the WS-C3750X-24T-L at each location which will give each department their own subnet to manage traffic more efficiently. Both locations will have separate VLANs for Human Resources, Management, Finance, Engineering, sales/marketing, teleworkers, phone system and miscellaneous uses. A breakdown of the addressing scheme is represented below in figure 3:
London, UK Branch Office

Blocks/ Section Infrastructure Management Human Resources Finance Engineering Sales/Marketing Other Teleworkers Phone System Network 10.3.0.0/23 10.3.2.0/23 10.3.0.0/23 10.3.4.0/23 10.3.6.0/23 10.3.8.0/23 10.3.10.0/23 10.3.12.0/23 10.3.14.0/23 Range of IP Address From To 10.3.0.1 10.3.1.254 10.3.2.1 10.3.3.254 10.3.4.1 10.3.5.254 10.3.6.1 10.3.7.254 10.3.8.1 10.3.9.254 10.3.10.1 10.3.11.254 10.3.12.1 10.3.13.254 10.3.14.1 10.3.15.254 10.3.16.1 10.3.17.254 Gateway Subnet Mask 10.3.0.1 10.3.0.1 10.3.0.1 10.3.0.1 10.3.0.1 10.3.0.1 10.3.0.1 10.3.0.1 10.3.0.1 255.255.254.0 255.255.254.0 255.255.254.0 255.255.254.0 255.255.254.0 255.255.254.0 255.255.254.0 255.255.254.0 255.255.254.0 DNS Servers 10.3.0.50, 10.3.0.51 10.3.0.50, 10.3.0.51 10.3.0.50, 10.3.0.51 10.3.0.50, 10.3.0.51 10.3.0.50, 10.3.0.51 10.3.0.50, 10.3.0.51 10.3.0.50, 10.3.0.51 10.3.0.50, 10.3.0.51 10.3.0.50, 10.3.0.51 VLAN 1 4 7 5 3 2 9 8 10 Hosts 24 8 16 32 64 16 28 188 Usable Hosts 510 510 510 510 510 510 510 510 510
Figure 3
Shanghai Branch Office

Blocks/ Section Infrastructure Management Human Resources Finance Engineering Sales/Marketing Other Teleworkers Phone System Network 10.2.0.0/21 10.2.8.0/23 10.2.10.0/23 10.2.12.0/23 10.2.14.0/23 10.2.8.0/22 10.2.20.0/23 10.2.22.0/23 10.2.24.0/21 Range of IP Address From To 10.2.0.1 10.2.7.254 10.2.8.1 10.2.9.254 10.2.10.1 10.2.11.254 10.2.12.1 10.2.13.254 10.2.14.1 10.2.15.254 10.2.16.1 10.2.19.254 10.2.20.1 10.2.21.254 10.2.22.1 10.2.23.254 10.2.24.1 10.2.31.254 Gateway Subnet Mask 10.1.0.1 10.2.0.1 10.2.0.1 10.2.0.1 10.2.0.1 10.2.0.1 10.2.0.1 10.2.0.1 10.2.0.1 255.255.248.0 255.255.254.0 255.255.254.0 255.255.254.0 255.255.254.0 255.255.252.0 255.255.254.0 255.255.254.0 255.255.248.0 DNS Servers 10.2.0.50, 10.2.0.51 10.2.0.50, 10.2.0.51 10.2.0.50, 10.2.0.51 10.2.0.50, 10.2.0.51 10.2.0.50, 10.2.0.51 10.2.0.50, 10.2.0.51 10.2.0.50, 10.2.0.51 10.2.0.50, 10.2.0.51 10.2.0.50, 10.2.0.51 VLAN 1 4 7 5 3 2 9 8 10 Hosts 127 42 85 170 340 85 10 860 Usable Hosts 2046 510 510 510 510 1022 510 510 2046
Figure 4
16
PAGE
4.2 Testing before installation

Team E will conduct offline testing, according to the following schedule, prior to installing the system.
Test Detail: Establish Isolated Environment Test Physical to Virtual Migration ISP Connectivity Bandwidth and Load Testing
Proposed Date: 01/30/12 02/07/12 02/20/12
4.3 Installation details

Team E will install the hardware and software listed in the budget as follows:
Installation Detail: Run Cables Install Virtual Environment Hardware Load Configuration Files to Devices Ship Devices to Branch Offices Install Preconfigured Devices Install Datacenter Servers Physical to Virtual Migration
Proposed Date: 03/01/12 02/02/12 02/12/12 02/19/12 04/12/12 05/03/12 05/06/12
4.4 Post-Installation Testing details

Team E will conduct online testing, according to the following schedule, after installing the system.
Test Detail: Monitor and test network infrastructure for stability Test management and content filtering Network ISP and MPLS Failover Testing
Proposed Date: 04/26/12 04/26/12 05/30/12
PAGE
17
4.5 Network Documentation details

Team E will provide Intelligent Imaging Solutions personnel with the following network documentation upon completion of this project: Logical Network Diagram (updated) Physical Network Diagram (updated) Basic Network Users Manual Administrators Manual IP Address Listing Hardware Inventory o o o In Use Available in storage Other
4.6 Training details

Team E will train Intelligent Imaging Solutions personnel on maintenance, troubleshooting, and configuration. Training will be scheduled to meet both the teams and clients scheduling limitations. The following training documents will be provided for distribution to all personnel: Windows 7 Basics Office 2010 Basics Phone System Usage for end users
The proposed training plan is: Topic Exchange 2010 Management Passcard System Use and User Management Phone System User and System Management VPN User Rights Management Dallas IT Dept 02/27/2012 2:00 PM Dallas Dallas IT Dept 02/27/2012 1:00 PM Dallas Customer Dallas IT Dept Dallas IT Dept Date 02/27/2012 02/27/2012 Time 9:00 AM 11:00 AM Location Dallas Dallas
PAGE
18
Section
5.0 FINANCIALS
5.1 Customer Budgetary Guidelines

The budget for the consolidation of the three Dallas locations into one new building has been capped at 2 million dollars per IIS staffing. If Team E feels that there are valid reasons to exceed this cap, we will discuss the extra costs that we would like to incur with the IIS executives for approval.
5.2 Materials
Item Manufacturer, Model, and Specs. Quantity Required Cisco ASR 1002 WAN Router Cisco WS-C3750X-24T-L Switch Cisco Catalyst 4503-E Switch Cisco WS-C3750X-48P-S Switch FreePBX Asterisk Phone Server Aastra 6735i Voip Phones Dallas Server Room Passcard System Dell PowerEdge R410 Server Dell PowerEdge R710 Server Dell PowerVault MD3600i APC Smart-UPS 1500v VSphere Essentials Plus Bundle Microsoft Windows Server 2008 R2 License Microsoft Exchange Server 2010 Enterprise Microsoft Exchange Server 2010 Ent. CAL Cisco Aironet 1200 Wireless Access Point Microsoft Office Professional 2010 Upgrade 5 3 2 52 4 2500 1 5 3 2 20 1 9 4 2400 6 2334 $10,000 $2,000 $3,500 $4,000 $4,000 $110 $5,000 $2,000 $6,000 $16,500 $400 $8,000 $1,200 $4,000 $35 $300 $100 Purchase Price Value / Expected Cost $50,000 $6,000 $7,000 $208,000 $16,000 $275,000 $5,000 $10,000 $18,000 $33,000 $8,000 $8,000 $10,800 $16,000 $84,000 $1,800 $233,400
PAGE
19
Microsoft Windows 7 Professional Upgrade Location Wiring (per drop) Misc. Onsite wiring upgrades
2334 1200 ----
$80 $120 ----
$186,720 $144,000 $20,000
5.3 Summary Project Budget

The following table shows a breakdown of the costs by area for the Intelligent Imaging Solutions project.
Total Cost Hardware .............................................................................................. $ 636,000.00 Software ................................................................................................ $ 540,720.00 Installation (Wiring) labor and materials .............................................. $ 164,000.00 Configuration labor ............................................................................... $ 300,000.00 Training labor ....................................................................................... $ 75,000.00 Estimated travel expense ................................................................... $ 45,000.00
Cost To Client $ 699,600.00 $ 594,792.00 $ 180,400.00 $ 300,000.00 $ 75,000.00 $ 45,000.00
Total .................................................................................................... $1,770,720.00
$1,894,792.00
The following lists a breakdown of the monthly costs incurred by Intelligent Imaging Solutions for their regional Internet Service Providers. Monthly Cost To Client London Linx ISP .................................................................................................................... $ 1020.00 Shanghai ISP ........................................................................................................... $ 760.00 Fairfax Time Warner ISP ...................................................................................................... $ 1100.00 Fairfax Level3 ISP ................................................................................................................. $ 1240.00 Dallas Time Warner ISP ......................................................................................................... $ 960.00 Dallas Level3 ISP ................................................................................................................... $1150.00 Dallas Comcast ISP ................................................................................................................ $ 700.00
PAGE
20
Total Monthly Internet Service Provider Costs for IIS
$ 6,930.00
PAGE
21
Section
6.0 PROJECT CONDITIONS
EXCLUSIONS / CLARIFICATIONS / ASSUMPTIONS

1. The DeVry Senior Project Team, Team E, is responsible for completion of this project as detailed in this agreement. All team members listed in section 9.0 share this responsibility regardless of their standing as students. 2. The project must be completed no later than February 26 , 2012 for Sr. Project credit, although all students in Team E accept the individual responsibility of completing all project details if they remain at that time. Failure to complete the project in a timely manner, or to adhere to the original scope of the project may subject the students to failure of the Senior Project course.
th
PAGE
22
Section
7.0 PROJECT CLOSE OUT
An internal post project review will be held to determine what areas of improvement have been identified during the project and make sure that positives will be repeated in future projects.
A customer post project review will be held on June 18th, 2012 via conference call to discuss aspects of our performance and provide Team E an opportunity to get customer feedback for areas of improvement.
PAGE
23
Section
8.0 PROJECT ORGANIZATION
Client:
Intelligent Imaging Systems: Professor Baig Chief Executive Grader (CEG)
Direct Phone:
(610) 6629037
E-mail address: billbaig@gmail.com
Team:
Team E: Andre Young-Sang Direct Phone: (561) 674 6266
E-mail address: youngi_lethal@msn.com
Team E: Jonathan Sullivan Direct Phone: (407) 802 7244
E-mail address: jonathan.sullivan@refreshcomputers.net
Team E: Mike Williams Direct Phone: (847) 222 3349
E-mail address: williamsm2001@gmail.com
PAGE
24
Section
9.0 COMMUNICATION
Weekly Status Reports will be issued to cover outstanding issues and the status of the project.
Jonathan Sullivan will serve as Team E designated single point of contact.
Professor Baig will serve as Intelligent Imaging Solutions point of contact for the project.
Team E suggests all communication relating to this project be conveyed via email and, if possible, any additional team members be copied to ensure that everyone involved is working with the most current information.
PAGE
25
10
Client:
Section
10.0 SIGNATURES
Professor Jabeel Baig Clients Representative Printed Name Here
Intelligent Imaging Solutions
February 19, 2012 Date
Team: E
Andre Young-sang Team Member 1s Printed Name Here
Mike Williams Team Member 2s Printed Name Here
Jonathan Sullivan Team Member 3s Printed Name Here
Members of Team E
February 19, 2012 Date
PAGE
26
11
Section
11.0 APPENDIX
11.1 Existing System Diagrams

Existing Fairfax Diagram
PAGE
27
Existing Dallas Diagram
PAGE
28
Existing London Diagram
PAGE
29
Existing Shanghai Diagram
PAGE
30
11.2 Proposed System Diagrams

Proposed MPLS Diagram
PAGE
31
Proposed Dallas network diagram
PAGE
32
Proposed Fairfax network diagram
PAGE
33
Proposed London network diagram
PAGE
34
Proposed Shanghai network diagram
PAGE
35
11.3 Project Schedule in Gantt Chart Format
PAGE
36
IIS Server / Infastructure IP Addressing

Dallas, TX Headquarters Shanghai Branch Office
IP Address 172.16.0.1/31 10.2.0.1/21 10.2.0.5/21 10.2.0.10/21 10.2.0.11/21 10.2.0.12/21 10.2.0.13/21 10.2.0.14/21 10.2.0.15/21 10.2.0.16/21 10.2.0.17/21 10.2.0.18/21 10.2.0.19/21 10.2.0.20/21 10.2.0.21/21 10.2.0.22/21 10.2.0.23/21 10.2.0.24/21 10.2.0.25/21 10.2.0.26/21 10.2.0.27/21 10.2.0.50/21 10.2.0.51/21 10.2.0.70/21 10.2.0.71/21
Fairfax, VA Defense Contractor

Device Name IP Address WAN Router 172.16.0.1/31 Untangle UTM 10.1.0.1/21 Backbone Switch 10.1.0.5/21 Core Switch 1 10.1.0.10/21 Core Switch 2 10.1.0.11/21 Core Switch 3 10.1.0.12/21 Core Switch 4 10.1.0.13/21 Core Switch 5 10.1.0.14/21 Domain Controller 10.1.0.50/21 Exchange Front End 10.1.0.70/21 FreePBX Server 10.1.0.71/21 vSphere SAN 10.1.0.72/21 VM - Web Server 10.1.0.73/21 VM - Network Mgmt. Server 10.1.0.74/21 VM- Secondary Domain Controller 10.1.0.75/21 VM- Exchange Back End 10.1.0.76/21 VM- Application Server 10.1.0.77/21 VM- File Server 10.1.0.78/21 VM- Database Server 10.1.0.79/21
London, UK Branch Office

Device Name IP Address WAN Router 172.16.0.1/31 Untangle UTM 10.3.0.1/21 Backbone Switch 10.3.0.5/21 Core Switch 1 10.3.0.10/21 Core Switch 2 10.3.0.11/21 Core Switch 3 10.3.0.12/21 Core Switch 4 10.3.0.13/21 Domian Controller 10.3.0.50/21 Secondary Domain Controller 10.3.0.51/21 File Server 10.3.0.70/21 FreePBX Server 10.3.0.71/21
Device Name IP Address Device Name WAN Router 1 172.16.0.1/31 WAN Router WAN Router 2 172.16.0.2/31 Untangle UTM Untangle UTM 1 10.0.0.1/21 Backbone Switch Untangle UTM 2 10.0.0.2/21 Core Switch 1 Backbone Switch 1 10.0.0.5/21 Core Switch 2 Backbone Switch 2 10.0.0.6/21 Core Switch 3 Core Switch 1 10.0.0.10/21 Core Switch 4 Core Switch 2 10.0.0.11/21 Core Switch 5 Core Switch 3 10.0.0.12/21 Core Switch 6 Core Switch 4 10.0.0.13/21 Core Switch 7 Core Switch 5 10.0.0.14/21 Core Switch 8 Core Switch 6 10.0.0.15/21 Core Switch 9 Core Switch 7 10.0.0.16/21 Core Switch 10 Core Switch 8 10.0.0.17/21 Core Switch 11 Core Switch 9 10.0.0.18/21 Core Switch 12 Core Switch 10 10.0.0.19/21 Core Switch 13 Core Switch 11 10.0.0.20/21 Core Switch 14 Core Switch 12 10.0.0.21/21 Core Switch 15 Core Switch 13 10.0.0.22/21 Core Switch 16 Core Switch 14 10.0.0.23/21 Core Switch 17 Core Switch 15 10.0.0.24/21 Core Switch 18 Core Switch 16 10.0.0.25/21 Domian Controller Core Switch 17 10.0.0.26/21 Secondary Domain Controller Core Switch 18 10.0.0.27/21 File Server Core Switch 19 10.0.0.28/21 FreePBX Server Core Switch 20 10.0.0.29/21 Core Switch 21 10.0.0.30/21 Core Switch 22 10.0.0.31/21 Core Switch 23 10.0.0.32/21 Core Switch 24 10.0.0.33/21 Core Switch 25 10.0.0.34/21 Domain Controller 10.0.0.50/21 Exchange Front End 10.0.0.70/21 FreePBX Server 10.0.0.71/21 vSphere SAN 10.0.0.72/21 VM - Web Server 10.0.0.73/21 VM - Network Mgmt. Server 10.0.0.74/21 VM- Domain Controller 2 10.0.0.51/21 VM- Backup Domain Controller 10.0.0.52/21 VM- Exchange Front End 10.0.0.75/21 VM- Exchange Back End 10.0.0.76/21 VM- Exchange Back End 10.0.0.77/21 VM- Application Server 10.0.0.78/21 VM- File Server 1 10.0.0.79/21 VM- File Server 2 10.0.0.80/21 VM- Database Server 10.0.0.81/21
PAGE
37
REFERENCES
http://library.mobrien.com/net.shtml http://www.subnet-calculator.com/subnet.php?net_class=A http://unixwiz.net/techtips/netmask-ref.html http://www.omnisecu.com/tcpip/internet-layer-ip-subnetting-part6.htm https://www.gliffy.com
PAGE
38

TeamE JonathanSullivan

Caricato da

Informazioni sul documento

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

TeamE JonathanSullivan

Caricato da

Copyright:

Formati disponibili

02-12-2012

PROJECT PROPOSAL - IIS DALLAS CONSOLIDATION

3.0 Solution Strategy................................................................ 9

4.0 Solution Scope ................................................................. 11

10.0 SIGNATURES.................................................................. 26 11.0 APPENDIX ....................................................................... 27

PROJECT PROPOSAL IIS DALLAS CONSOLIDATION

PROJECT PROPOSAL IIS DALLAS CONSOLIDATION

Andre Jonathan Mike

PROJECT PROPOSAL IIS DALLAS CONSOLIDATION

2.0 Project Overview

2.1 Project Overview

PROJECT PROPOSAL IIS DALLAS CONSOLIDATION

2.2 Project Description

2.3 Chosen Solution

PROJECT PROPOSAL IIS DALLAS CONSOLIDATION

PROJECT PROPOSAL IIS DALLAS CONSOLIDATION

3.0 Solution Strategy

3.1 Project Definition and Kick-off

3.2 Business Needs

3.3 Solution Overview

PROJECT PROPOSAL IIS DALLAS CONSOLIDATION

3.4 Organizational Benefits

PROJECT PROPOSAL IIS DALLAS CONSOLIDATION

4.0 Solution Scope

4.1 Solution Details

Hosts 480 240 180 120 120 60 1200

PROJECT PROPOSAL IIS DALLAS CONSOLIDATION

PROJECT PROPOSAL IIS DALLAS CONSOLIDATION

PROJECT PROPOSAL IIS DALLAS CONSOLIDATION

Fairfax, VA Defense Contractor Office

Network 10.1.0.0/23 10.1.2.0/23 10.1.4.0/23 10.1.6.0/23 10.1.8.0/23 10.1.10.0/23 10.1.12.0/23

PROJECT PROPOSAL IIS DALLAS CONSOLIDATION

London, UK Branch Office

Shanghai Branch Office

PROJECT PROPOSAL IIS DALLAS CONSOLIDATION

4.2 Testing before installation

Proposed Date: 01/30/12 02/07/12 02/20/12

4.3 Installation details

Proposed Date: 03/01/12 02/02/12 02/12/12 02/19/12 04/12/12 05/03/12 05/06/12

4.4 Post-Installation Testing details

Proposed Date: 04/26/12 04/26/12 05/30/12

PROJECT PROPOSAL IIS DALLAS CONSOLIDATION

4.5 Network Documentation details

4.6 Training details

PROJECT PROPOSAL IIS DALLAS CONSOLIDATION

5.1 Customer Budgetary Guidelines

PROJECT PROPOSAL IIS DALLAS CONSOLIDATION

2334 1200 ----

$80 $120 ----

$186,720 $144,000 $20,000

5.3 Summary Project Budget

Cost To Client $ 699,600.00 $ 594,792.00 $ 180,400.00 $ 300,000.00 $ 75,000.00 $ 45,000.00

Total .................................................................................................... $1,770,720.00

PROJECT PROPOSAL IIS DALLAS CONSOLIDATION

Total Monthly Internet Service Provider Costs for IIS

PROJECT PROPOSAL IIS DALLAS CONSOLIDATION

6.0 PROJECT CONDITIONS

EXCLUSIONS / CLARIFICATIONS / ASSUMPTIONS

PROJECT PROPOSAL IIS DALLAS CONSOLIDATION

7.0 PROJECT CLOSE OUT

PROJECT PROPOSAL IIS DALLAS CONSOLIDATION

8.0 PROJECT ORGANIZATION

Intelligent Imaging Systems: Professor Baig Chief Executive Grader (CEG)