Objectives:

Chapter 9: Data Centre Architecture

• VLAN definition and benefits * VLANs and broadcast domains * Routers role in VLANs * Types of VLANs * VLANs protocols: ISL and 802.1Q * Configure static VLANs * Geographic VLANs

Why we build Data Centre

Data center is a term used to describe the physical hosting of computer equipment in a shared data center environment that is mutually beneficial to various tenants without each incurring the full cost of designing, building, and maintaining the environment. Campus data center is designed to function as a hardware facility for the purpose of housing computing systems providing various mission-critical services to the campus.

The data center is the heart of any Organization

What is it that makes a Data Center?

Power

Cooling Fire

Security

100% Uptime Puzzle

Data Center Security

There are four levels of security for physical access to securely hosted servers and equipment in data center .

The first level is code access to the building. Everyone will need a private code or someone with a code to assist you to get into the building.

The second level is biometric access to the floor. employees or data center visitors will need to pass a biometric Palm scanner to gain access to Data Center.

Data Center Security

The third level is the card reader access to the server area. All access information such who and when gained access to the server area are logged. Security manager can review such access information at anytime.

The fourth level is locked cabinets for securely hosted servers. Keys are required to open such locked cabinets.

Data Center Security

In addition to four level physical access control, the data center is also monitored by security cameras.

Fire Detection & Suppression

Supply, Testing and Commissioning of Kidde Fire Protection System or Approved Equal include optical / ionization smoke detectors and rate of rise heat detectors located within floors / ceilings and room space & Area below raised floor .

FM200 extinguishing systems in both large data centers and small computer rooms

Hi Fog fire suppression systems in some of the larger data centers.

Fire Detection & Suppression

zoned fire alarm panel break glass units, sounders and alarm bells.

optical / ionisation smoke detectors Gas going out valve

Data Center: Computer Room Power

• Ensuring the availability of critical data centre, power is at the top of a designers list.

• IT equipment must be supplied with a clean, consistent source of electrical power, which allows the equipment to avoid system errors and / or a system crash.

• The following systems are available in a Data centre:

Power conditioning and UPS (interruptible Power Supply) systems. Standby diesel generator systems. Mains switchgear. General distribution and lighting.

Data Center: Room Air Conditioning

power and environmental control / cooling are inseparable design criteria to achieve cost effective and reliable solutions, by using the following systems :

Air conditioning - close control and comfort. ventilation and extract systems. Water detection systems - local and perimeter sensing.

Data Center: Room Build

Raised floor (for cabling)

Control Room Secure environment

< 1500 m

< 1500 m

< 1500 m

Data Data CentreCentre

< 1500 mIDFIDF

IDFIDF

IDFIDF

IDFIDFMDFMDF

OFOF

MDF: MDF: Main Distribution FacilityMain Distribution FacilityIDF: IDF: Intermediate Distribution FacilityIntermediate Distribution Facility

1000BASE-TX

1000BASE-SX

1000BASE-LX

Data centre bandwidth:Gigabit and 10 Giga Ethernet

Gigabit Ethernet IEEE 802.3z

Data Centre Architecture

Internet

Server

Backup Server

IntranetWeb Server

Client machines

Domain Controllers

Management Stations

Test Server

Perimeter Router Cisco 3600

Adaptive Security Appliance Cisco

5500 Series

Back-end Cluster MS Exchange

Servers

Back-end Cluster MS SQL Servers

SMS Server

Anti-Virus Server

Core Switch or Switches

ISA Firewall and Caching Server

Storage Area Network

Zone will get the middle level of security

Outside Zone

Inside Zone

SQL 2000 Front- end

Exchange 2000Front-end Server

PublicWeb Server

DMZ Switch

4x CPUs, 12GB Memory

With Windows 2003 OS

Storage SAN Fiber Connect

GE (1000Mb/s) connection

FE (100Mb/s) connection

SCSI connection

UsersWorkstation

Main Network

Datbase VLAN

2x 2Gbit Fiber Connections for Storage

SAN to different Fiber Channel Switches for Load Balancing and

Failover

2Gb/s Fiber Channel 16 Ports Switches

Tap Library Store Edge L500 LTO 2

MS SQL Cluster MS Exchange Cluster

Internal Web Server

SAN Storage

SQL Front-End Server

Public Web Server

Exchange Front -End Server

Domain Controller Servers

ISA Firewall and Caching Server

Anti-virus Server

Test Server

SMS Server

Backup Server

Data Center Network Servers Design

2x CPUs, 8GB Memory

With Windows 2003 OS

Data Center Servers Configuration Design

• Network Services Application Services Visualization Services Storage services

Data Center Secure Connections

Data Center network security are customized to each customer's needs. It can be a combination of :

• firewall on network routers and switches,

• dedicated network firewalls and checkpoints such as

Netscreen, Cisco Pix, Watchguard firewalls,

• Firewall and antivirus Software on each server.

• Data transfers can be secured by VPN, SSL, and SSH

Windows 2000-basedServer/Router

Windows 2000-basedServer/Router

Security Between Networks

RouterRouterRouterRouter