Date post: | 24-Dec-2015 |
Category: |
Documents |
Upload: | duane-mathews |
View: | 217 times |
Download: | 3 times |
Computerized Networking of HIV Providers
Networking Fundamentals
Presented by:
Tom Lang – LCG Technologies Corp.
May 8, 2003
Agenda
• Network Infrastructure (“plumbing”)
• VPN & the “Internet”
• Network Resources
• Putting IT all together
• Application Architecture
• Networking & HIPAA
• Support Requirements
• Lots of Questions & Some Answers
What is a Computer Network?
A Computer Network
Share computer resources – consists of two major sets of components:• “Plumbing” – roads, traffic lights and signs• Resources – restaurants, gas stations and hotels
LAN – Local Area Network (one domain / office)WAN – Wide Area Network (more than one domain / segment / office)
The “Plumbing” of a Network?
• Cabling – physical connection that ties together all of the resources (roads / highways)
• Hubs / Switches – manage the communication traffic within one “network domain / segment / office” to make sure traffic “continues to move” (side street & city traffic lights and signs)
• Routers – manage the communication traffic between “network domains / segments / offices” to make sure traffic “continues to move” (on / off ramp traffic lights and signs)
Cabling
Manufactured to handle certain levels / speeds of traffic (alley, 2 lane street, 4 lane highway)
• Category 3 – “old” phone cabling• Category 5 – “old” data standard, up to 100 MB and less
than 300 feet• Category 5e – “current” data standard, up to 100 MB and
less than 328 feet / up to 1 GB and less than 290 feet• Category 6 – “new” data standard, up to 10 GB and
longer runs
10 ports each will get their own 100 MB
• Switches – provide a “switched” environment (visualize “stacking” of four lanes on top of each other, each with their own traffic light):
• Hubs – provide a “shared” environment (one traffic light at an intersection of 4 lanes):
Hubs / Switches
Which is better / faster?
10 ports that share 100 MB each port will get 10 MB
“Plumbing” on Network Drawings (Test)
Local Area Network
Which one is it?
Virtual Private Network – what is it?
• A private network (your LAN) thatuses a public network (the Internet)to share resources
• Most common approach – VPN clientsoftware on your home computer / laptopthat connects to your office firewall device
• Allows you to gain access to the same computer resources from home / remote location that you would have as if you were sitting in your office
Virtual Private Network – what it looks like?
PWR
OK
WIC0ACT/CH0
ACT/CH1
WIC0ACT/CH0
ACT/CH1
ETHACT
COL
Router
Home Computerw/ VPN Client
Internet
Firewall w/ VPN
LANResources
RS CS TR RD TD CDTALK / DATA
TALK
CableModem
Headquarters Location
RS CS TR RD TD CDTALK / DATA
TALK
DSLRouter
Firewall w/ VPN
LAN
Remote Location
The Internet – what is it?
• Largest network of computer resources available• Every resource has a mailing address (IP address:
192.168.1.1)• Numbers too hard to remember – use English names
(LCGTech.com = 63.85.252.55)• Servers (domain name) provide the
lookup of names to IP addresses allover the world so that traffic is routedto the correct “physical” server
Network Resources
• Firewall (protection device between an internal “safe” network domain and an “untrusted” or “unsafe” network domain – Internet)
• Server (high-end computer – file sharing, application, database, web, e-mail, network security access, backup responsibilities, logging and auditing, etc.)
• Printer (standalone, directly on thenetwork, connected to a server orworkstation and “shared” for othercomputers to use)
Firewall Specifications
• Separate hardware device (versus software only)• License for number of “nodes” or computers
behind the firewall that need access throughthe firewall
• Virtual private network (VPN) capability• Filtering capability – allows you to turn off access to certain
Internet resources (websites, etc.) for each internal computer / node
• Anti-virus capability (can scan the traffic as it goes through your firewall, before it gets to your computer)
Servers (types)
Primary functions in a small network (“file server”)• File, small application, print, security and backup
If needed, other dedicated functions include:• Application (accounting, etc.)• Database (SQL Server, Oracle, etc.)• Web & E-mail (more cost effective to
look to a hosting company for theseservices)
Server Definitions
• CPU – central processing unit, brains of the computer• OS – operating system, provides the interface between us
and the computer / server components• RAID – Redundant Array of Independent Disks, provides
redundancy levels (0 5) for hard drive configurations (mirrored to data striping)
• IDE/ATA – integrated drive electronics / AT Attachment, less expensive and allows up to 100 MB / second transfer rates (workstation drives)
• UltraSCSI – Ultra fast small computer systems interface, more expensive and allows up to 320+ MB / second transfer rates (server data drives)
Server Specifications (minimum preferred)
• CPU – the faster the better(XEON – server, Pentium4– workstation)
• Memory – we all would like more(minimum 512 MB)
• OS – Microsoft Windows 2000 Server• Hard drives – two types preferred
Boot drives for the OS (two – IDE, RAID 1) Data drives (UltraSCSI, RAID 1 or 5)
• Tape drive – required for backing up data, design a tape rotation scheme for catastrophic failure or accidental failures
• Redundancies – power supplies, network cards, etc.
Putting “IT” All Together
Local Area Network
Internet
Server Laptop
WorkstationPrinter
Printer
PWR
OK
WIC0ACT/CH0
ACT/CH1
WIC0ACT/CH0
ACT/CH1
ETHACT
COL
Router
Home Computerw/ VPN Client
RS CS TR RD TD CDTALK / DATA
TALK
CableModem
Application Architecture (Types)
Standalone Application Networked Application
Application
Database
Single Workstation /Server
Application
Database
Single Server
Workstation
Application
Workstation
Networked Application (LAN deployment)
DatabaseServer
Local Area Network
FileServer
WorkstationWorkstationWorkstation
Running SQL Server
Application(developed in VisualBasic, .NET, Java)
Networked Application (WAN deployment #1)
Home Computer
RS CS TR RD TD CDTALK / DATA
TALK
CableModem
Internet
PWR
OK
WIC0ACT/CH0
ACT/CH1
WIC0ACT/CH0
ACT/CH1
ETHACT
COL
Router
Firewallw/ VPN
Headquarters Location
RS CS TR RD TD CDTALK / DATA
TALK
DSLRouter
Firewall w/ VPN
Local Area Network
Workstation
DatabaseServerFile
Server
LAN
WorkstationWorkstation
Remote Location
Home Location
SQLServer
VB App
VB App
VB Appw/ VPNClient
Networked Application (WAN deployment #2)
Home Computer
RS CS TR RD TD CDTALK / DATA
TALK
CableModem
Internet
PWR
OK
WIC0ACT/CH0
ACT/CH1
WIC0ACT/CH0
ACT/CH1
ETHACT
COL
Router
Firewallw/ VPN
Headquarters Location
RS CS TR RD TD CDTALK / DATA
TALK
DSLRouter
Firewall w/ VPN
Local Area Network
Workstation
DatabaseServerFile
Server
LAN
WorkstationWorkstation
Remote Location
Home Location
SQLServer
VB App
Term Svr(VB App)
Term Svr(VB App)w/ VPNClient
TerminalServer
VB App
Networked Application (Web deployment #1)
Home Computer
RS CS TR RD TD CDTALK / DATA
TALK
CableModem
Internet
PWR
OK
WIC0ACT/CH0
ACT/CH1
WIC0ACT/CH0
ACT/CH1
ETHACT
COL
Router
Firewallw/ VPN
Headquarters Location
RS CS TR RD TD CDTALK / DATA
TALK
DSLRouter
Firewall w/ VPN
Local Area Network
Workstation
DatabaseServerFile
Server
LAN
WorkstationWorkstation
Remote Location
Home Location
Web Appl(.NET / Java)SQL Server
InternetExplorer
InternetExplorer
(with or w/out VPN)
WebServer
InternetExplorer
(with or w/out VPN)
Networked Application (Web deployment #2)
Home Computer
RS CS TR RD TD CDTALK / DATA
TALK
CableModem
Internet
PWR
OK
WIC0ACT/CH0
ACT/CH1
WIC0ACT/CH0
ACT/CH1
ETHACT
COL
Router
Firewallw/ VPN
Headquarters Location
RS CS TR RD TD CDTALK / DATA
TALK
DSLRouter
Firewall w/ VPN
Local Area Network
Workstation
FileServer
LAN
WorkstationWorkstation
Remote Location
Home Location
InternetExplorer
(with or w/out VPN)
InternetExplorer
(with or w/out VPN)
PWR
OK
WIC0ACT/CH0
ACT/CH1
WIC0ACT/CH0
ACT/CH1
ETHACT
COL
Router
Firewallw/ VPN
Hosting (ASP) Location
Local Area Network
DatabaseServer
Web Appl(.NET / Java)SQL ServerWeb
Server
InternetExplorer
(with or w/out VPN)
Networking & HIPAA Security (2 years out)
• Physical: building, data, workstation use,security awareness, data disposal,equipment control, facility, etc.
• Technical: audit controls, role-based &user-based access, transaction security,data and system integrity, encryption, authentication, data backup plan, disaster recovery plan, testing, etc.
• Administrative: Policies, procedures, training, security management, personnel security, contingency planning, chain of trust partner agreements, emergency operations, etc.
Support Requirements
• Break / Fix & Basic Setup(PCs, printers, Windows –A+ Certified)
• Server Systems Configuration(firewall, server, database, webhosting – MCSE, MCBDA,firewall trained, MCP-I / MCSE-I)
• Business Applications (Specialized skills / knowledge for CAREWare, accounting, etc. – direct from vendor)
Questions