Network Design Proposal
Unlimited Security International is a diversified company composed of two segments (Security Solutions, and Fire Protection) that provides vital products and services to customers around the world. Security Solutions: Sell, designs, installs and maintains integrated systems to detect intrusion, control access and react to movement, fire, smoke, flooding, environmental conditions, industrial processes and other hazards. Fire Protection: Sell, designs, installs and maintains fire detection, fire sprinkler, fire suppression, emergency communications, and nurse call systems in both new and existing facilities.
Our global reach allows us to anticipate changes across geographies and industries, and deploy the right solutions rapidly. In the most challenging and demanding environments, we help our customers achieve their safety, security and business goals. Unlimited Security International is a market leader in the $100 billion+ global fire protection and security solutions industries. Our 225,000 employees take great pride in knowing that they make a difference in the world: their work helps protect and safeguard people and property. Our products and solutions help protect:
80% of the world’s top retailers
More than 1,000,000 fire fighters around the world
300 international airports
100+ major stadiums around the world
200+ hospitals around the world
Nearly 9 million commercial, government and residential customers Communications Methods used by Unlimited Security International
1. Desktop computers – Used by management, sales, service, and administrative workers to conduct daily transactions, email, and training. 2. Plain old telephone service- Used to conduct routine conversations with customers, and field technicians.
3. VoIP – Used to conduct secure conversations within the organization.
4. Video teleconference, conference calls, and Web-Cast – Used for training, passing word, analyzing plans while saving money from travel expenses.
5. Laptop computers and VPN’s – Used by management, and mobile employees.
6. PDA’s – Used by remote employees to view, and update plans and documents.
7. Smart phones – Used by mobile employees
8. Wireless network
9. Global Positioning System – Track vehicle location and usage
Media Gateway Control Protocol (MGCP)
Domain Name Service (DNS)
Hypertext Transport Protocol (HTTP)
Hypertext Transport Protocol Secure (HTTP)
Trivial File Transfer Protocol (TFTP)
Simple Network Management Protocol (SNMP)
Internet Control Message Protocol (ICMP)
Internet Protocol Security (IPSec)
Session Description Protocol (SDP)
Temporal Key Integrity Protocol (TKIP)
Wi-Fi Protected Access 2 (WPA2)
Management and Monitoring
The goal of our network fault management and monitoring is to detect, log, notify users of, and (to the extent possible) automatically fix network problems to keep the network running effectively. Fault Management—Detect, isolate, notify, and correct faults encountered in the network. Configuration Management—Configuration aspects of network devices such as configuration file management, inventory management, and software management.
Performance Management—Monitor and measure various aspects of performance so that overall performance can be maintained at an acceptable level. Security Management—Provide access to network devices and corporate resources to authorized individuals. Accounting Management—Usage information of network resources. The management and monitoring platform will include:
Topology mapping of network elements
Performance data collector and grapher
Management data browser
Trivial File Transfer Protocol (TFTP) and system log (syslog) servers are crucial components of this troubleshooting infrastructure. The TFTP server is used primarily for storing configuration files and software images for network devices. The routers and switches are capable of sending system log messages to a syslog server. The messages facilitate the troubleshooting function when problems are encountered.
The goal of our security management is to control access to network resources according to local guidelines so that the network cannot be sabotaged (intentionally or unintentionally). The security management subsystem can monitor users logging on to a network resource, refusing access to those who enter inappropriate access codes. Use the following methods of controlling access on the routers and switches: Access Control Lists (ACL)
User IDs and passwords local to the device
Terminal Access Controller Access Control System (TACACS)
TACACS is an Internet Engineering Task Force (RFC 1492) standard security protocol that runs between client devices on a network and against a TACACS server. TACACS is an authentication mechanism that is used to authenticate the identity of a device seeking remote access to a privileged database. Variations of TACACS include TACACS+, the AAA architecture that separates authentication, authorization, and accounting functions
Authentication is the way a user is identified prior to being allowed access to the router or switch. There is a fundamental relationship between
authentication and authorization. The more authorization privileges a user receives, the stronger the authentication will be.
Authorization provides remote access control, including one-time authorization and authorization for each service that is requested by the user.
Accounting allows for the collecting and sending of security information used for billing, auditing, and reporting, such as user identities, start and stop times, and executed commands. Network managers can track the services that users are accessing as well as the amount of network resources they are consuming.
1. Unified Messaging (Voice, Email & Fax)
3. Audio & Video Conferencing
4. Core UC (VoIP, IM, Group chat, webconferencing)
5. PBX Integration and/or Replacement
6. Contact Center
7. Communication enabled Business Process (CEBP)
1. Session Initiation Protocol (SIP)
2. Real-Time Streaming Protocol (RTSP)
3. Real-Time Transport Protocol (RTP)
4. Real-Time Control Protocol (RTCP)