Transcript Chapter 9: Data Centre

Chapter 9: Data Centre Architecture
Objectives:
• VLAN definition and benefits
* VLANs and broadcast domains
* Routers role in VLANs
* Types of VLANs
* VLANs protocols: ISL and 802.1Q
* Configure static VLANs
* Geographic VLANs
Why we build Data Centre
The data center is the heart of any Organization
Data center is a term used to describe the physical hosting of computer
equipment in a shared data center environment that is mutually beneficial to
various tenants without each incurring the full cost of designing, building,
and maintaining the environment.
Campus data center is designed to function as a hardware facility for the
purpose of housing computing systems providing various mission-critical
services to the campus.
What is it that makes a Data Center?
Security
Power
Cooling
Fire
100% Uptime Puzzle
Data Center Security
There are four levels of security for physical access to securely hosted
servers and equipment in data center .
The first level is code access to the building. Everyone will
need a private code or someone with a code to assist you
to get into the building.
The second level is biometric access to the floor.
employees or data center visitors will need to pass a
biometric Palm scanner to gain access to Data Center.
Data Center Security
The third level is the card reader access to the server area.
All access information such who and when gained access to
the server area are logged. Security manager can review
such access information at anytime.
The fourth level is locked cabinets for securely hosted
servers. Keys are required to open such locked cabinets.
Data Center Security
In addition to four level physical access control, the data
center is also monitored by security cameras.
Fire Detection & Suppression
Supply, Testing and Commissioning of Kidde Fire
Protection System or Approved Equal include optical /
ionization smoke detectors and rate of rise heat
detectors located within floors / ceilings and room
space & Area below raised floor .
Hi Fog fire suppression systems in some of
the larger data centers.
FM200 extinguishing systems in both large data
centers and small computer rooms
Fire Detection & Suppression
zoned fire alarm panel
optical / ionisation
smoke detectors
break glass units,
sounders and alarm bells.
Gas going out valve
Data Center: Computer Room Power
• Ensuring the availability of critical data centre, power is at the top of a
designers list.
• IT equipment must be supplied with a clean, consistent source of
electrical power, which allows the equipment to avoid system errors and /
or a system crash.
• The following systems are available in a Data centre:




Power conditioning and UPS (interruptible Power Supply) systems.
Standby diesel generator systems.
Mains switchgear.
General distribution and lighting.
Data Center: Room Air Conditioning
power and environmental control / cooling are inseparable design
criteria to achieve cost effective and reliable solutions, by using the
following systems :
Air conditioning - close control and comfort.
ventilation and extract systems.
Water detection systems - local and perimeter sensing.
Data Center: Room Build
Raised floor (for cabling)
Control Room
Secure environment
MDF: Main Distribution Facility
IDF: Intermediate Distribution Facility
IDF
< 1500 m
IDF
< 1500 m
OF
IDF
MDF
Data Centre
IDF
< 1500 m
< 1500 m
Data centre bandwidth:
Gigabit and 10 Giga Ethernet
1000BASE-TX
1000BASE-SX
1000BASE-LX
Gigabit Ethernet IEEE 802.3z
Data Centre Architecture
Outside
Zone
Internet
Perimeter Router
Cisco 3600
Zone will get the middle
level of security
DMZ Switch
ISA Firewall and
Caching Server
Adaptive Security
Appliance Cisco
5500 Series
Public
Web Server
SQL 2000
Exchange2000
Front- end Server Front- end Server
Inside
Zone
Management Stations
Core Switch or
Switches
Back-end Cluster
MS SQL Servers
Client machines
SMS Server
Back-end Cluster
MS Exchange
Servers
IntranetWeb Server
Anti-Virus Server
Test Server
Backup Server
Storage Area Network
Domain Controllers
Data Center Network Servers Design
MS SQL Cluster
MS Exchange
Cluster
Internal Web
Server
Public Web
Server
SQL FrontEnd Server
Datbase VLAN
Main Network
Users
Workstation
Exchange Front
-End Server
Domain Controller
Servers
2Gb/s Fiber Channel 16
Ports Switches
2x 2Gbit Fiber
Connections for Storage
SAN to different Fiber
Channel Switches for
Load Balancing and
Failover
ISA Firewall and
Caching Server
Anti-virus Server
SAN
Test Server
Storage
SMS Server
Backup Server
Tap Library Store Edge L500 LTO 2
Storage SAN Fiber Connect
GE (1000Mb/s) connection
FE (100Mb/s) connection
SCSI connection
2x CPUs, 8GB Memory
4x CPUs, 12GB Memory
With Windows 2003 OS
With Windows 2003 OS
Data Center Servers Configuration Design
• Network Services
Application Services
Visualization Services
Storage services
Data Center Secure Connections
Data Center network security are customized to each customer's
needs. It can be a combination of :
• firewall on network routers and switches,
• dedicated network firewalls and checkpoints such as
Netscreen, Cisco Pix, Watchguard firewalls,
• Firewall and antivirus Software on each server.
• Data transfers can be secured by VPN, SSL, and SSH
Security Between Networks
Router
Windows 2000-based
Server/Router
Router
Windows 2000-based
Server/Router