BULRIS

Network environment

The WAN network unifies diverse communications environments while providing full network connectivity between sites and hardware, ensuring the necessary information exchange. Internet connection is established through a firewall. It has built fiber optics connectivity between operational RIS center and the backup RIS center in Varna. The backbone network is divided into segments using the VLAN. At the operations center network infrastructure is divided into two parts - peripheral and support network to ensure business continuity and maximum level of security.

Routers are used as a leading manufacturer of communication equipment. Their modular architecture allows the addition of new interfaces. Routers are high-performance, ability to add firewall supports IPSec, DHCP server, QoS support filtering of traffic using the lists for access control (ACL). Management is via console, HTTP and HTTPS. Supports DNS, TFTP, NTP, FTP, SSHv2 and SNMPv3.

Used switches are from a leading manufacturer of communication equipment. All switches needed to build the network infrastructure have a minimum performance of 38 Mpps and maintain the MAC table with a minimum of 10,000 MAC addresses. Hardware platform supports routing table with 10,000 route unicast and multicast routings including 1000 and IGMP groups. Supporting 24 10/100/1000 interface number 4 1000Baѕe-X interface connectors of type SFP, PoE according to the standard IEEE 802.3af, virtual networks, console interface and Web-based interface for configuration.

Firewall is a high throughput. Supporting IPSec tunneling, simultaneous TCP / UDP sessions, Telnet, SSH v1 / 2, HTTPS remote access.

WAN infrastructure integrates communications between objects. Remote sites use wireless transmission medium for connection to the router from the WAN communications equipment using Ethernet ports relay equipment.

Central focal point for the network infrastructure is the operational center in Ruse, where the sites are connected via air or fiber optics. The technology on which is built a secure encrypted link from the site to the operative center is a dynamic multipoint VPN (DMVPN). In case of traffic, a VPN "any to any" is created, the delay is reduced, the bandwidth is retained and the installation and operation of the VPN is simplified. DMVPN functionality is based on the basis of routing protocols, GRE, Next Hop Resolution Protocol (NHRP), OSPF and EIGRP, allowing VPN to be dynamically constructed in the presence of traffic. The dynamic configuration of VPN tunnels, combined with technologies such as QoS and Multicast, optimize delay-sensitive applications such as voice and video, without VPN configuration and operations pose a serious burden. DMVPN simplifies the administrative burden to zero configuration of the central point when adding new remote routers and establish a connection between them.

In every location there is a 24 port switch positioned, configured to the local requirements to which will connect terminal devices and communications equipment to link to the WAN and Internet. By using VLAN-network and are segmented into broadcast domains in functionality, in order to separate different types of traffic, such as voice and data. Maintain standard 802.3af switches and IP phones can be powered over the network. At the operations center switches differentiate Layer3 center of the network and it is exported segment for servers - server farm perimeter and network management stations and voice gateways. Operational center Ruse is also divided into zones in functionality - VLAN-and by routing between VLAN-s will be done from the center of the network, as there Layer3 functionality. It is achieved modular architecture of the network operations center and perimeter Center, which is a prerequisite for continuity of workflow and maximum security level.

Network Monitoring

Subsystem management and monitoring of networks of servers and applications and subsystem for generating reports take data from the observed sites (IT systems) via the intelligent integrated agent or SNMP (v1 and v2c), process and store the received information, visualizing it as necessary on the screens of the operators or forwarding it automatically to the subsystem which processes incidents. Subsystem management servers operate in parallel in the main and backup centers in Rousse and Varna. Subsystem processing incidents is based on the ITIL processes and is based on a database configurations. Deploying working Help desk provides so called single point of contact for both business and IT. This way order in the relationships between the different units of the organization is maintained. Building and maintaining a complete and accurate CMDB gives a clear picture to the business for the IT infrastructure. The implementation of management of changes, incident and problem allows businesses to monitor all changes, identify the most common incidents and problems, ways in which the IT department handles their removal and preventive measures that are needed not to arise problems in the future.

To the management system of server and applications all other subsystems to monitor as security modules and control module controls the state power module to control environmental parameters in the premises with equipment module for video as well as control module of the radio relay lines Nera NetMaster will be integrated. This way a centralized console for monitoring and management of all subsystems of the proposed solution will be built .

Control Module for the state of radio relay lines


The module which controls the state of the radio relay lines is based on the system NERA NetMaster NMS. NetMaster provides a complete set of tools to manage all Nera based network elements. The system has a function for automatic detection of the existing network topology based on the actual configuration of the devices. Different components can be accessed through an intuitive graphical interface. NetMaster visualizes the status of the radio relay equipment in real time and records all events registered in a database for further analysis.

NetMaster provides the following management features:

  • Damage control
  • Configuration management
  • Performance monitoring
  • Management of security policies
  • Inventory of hardware and software of the radio relay equipment
  • Interface for communication with the control systems at a higher level

Management of signal strength and BER of the radio relay lines

Nera NetMaster is integrated with HP Operations Manager supplied by Nera SNMP Northbound SNMP Interface, as this way the signals to operate the microwave subsystem will be available in the central system for monitoring and management.

Control Module for the power supply status

The software product HP Operations Manager for Windows will be used as a control module for the power supply state. Data for the status of the electrical distribution on the ground is collected from primary devices (diesel generators, etc.) over the SNMP protocol. Through integrated policies for the monitoring and management of HP Operations Manager for Windows, the following is provided:

  • Generating alert when switching from primary to backup(emergency power supply) and vice versa;
  • Generate alert in case of problems with the batteries;
  • Generating alert when problems with diesel generators arise;
  • The alert messages will be shown in the center console;

Control Module for the WAN network status


For the purpose of the project a module for control of the state of the WAN network Network Node Manager (NNM) is delivered and implemented. This component is designed for monitoring and management of networks regardless of size and complexity, with capabilities to quickly detect the main cause of any problem supporting the understanding of the physical network, network services and their complex interrelations. It provides easy to use tools to identify, diagnose and foresee potential problems before they affect the network and allows full customization and configuration to the specific IT environment and complete integration with HP Operations Manager.

Key features


Key features of the Network Node Manager are to detect, monitor and manage the physical network, provides rapid identification of problems and helps identify network services and their relations, the impact of issues, increasing the efficiency of IT staff through built-in logic, automatic actions, and customizable user interface. The time of return on investment (ROI) is reduced providing high reliability of the monitored systems and also great stability. Highly scalable solution maintains and adds functionality as needed based on modules (Smart Plug-ins).

Detection of network problems


The Network Node Manager filters and processes a large number of network events to present aggregated information to assist in troubleshooting the issue. Correlation Composer module provides an opportunity to define different rules for correlation of events to the specific needs of the client without having to require specific programming skills. The new multithreaded module for collection and analysis of data processes already collected information, combines it with the definition of physical network topology, enriched when necessary with additional information collected with specific requests to network devices and determine the main cause of every problem. From the list of active alarms, operators can choose specific views of the network topology, showing only affected devices. Lightweight and simple interface supports quick and easy fix of the network problems. In the intelligent collection, storage and processing of data, Network Node Manager collects information from the web, store it into raw format and provides reports on accumulated data. The reports clearly show a trend of availability, reliability and the load of the devices and the services. The analysis of accumulated data provides a clear definition of the standard values ​​in the normal behavior of the system and monitoring of deviations allows problems to be detected at an early stage, before they affect the network and from there the services provided by BULRIS services.

Control Module of IP-based equipment status

For the purpose of the project an HP Performance Insight is delivered and implemented, which provides reports based on information for the networks, systems and applications availability of monitored services, providing the data needed for the effective monitoring of service levels. Key features

-provides availability and performance of systems, networks and services

-diagnose performance problems based on current and historical data

-provides the necessary information for the analysis, planning and development of IT systems

-determines congested and off-peak systems

-assists understanding of how the systems and networks have on the productivity of IT services

-stores information on the current state of the workload of the systems, in both ways - an operational point, as well as to monitor service levels

-possibility of integration with HP Network Node Manager

Module for security control and module for control of environmental parameters in equipment rooms

 

The modul for security control Paradox is based on a previous version of Paradox EVO48. The module is controlled by a control system monitoring and management via Paradox IPR 512 installed in operational and booking center. The relationship between controllers and centers is carried out with internet module Paradox IP 100. As security module associated magneto-contact detectors, microwave detectors, fire-optical smoke detectors.

The module for control of the parameters of the environment in the premises is based on the controller CMC-TC Basic CMC 7320.111 from Rittal. There are temperature and humidity sensors connected to the controller which monitor the temperature and the humidity in the premisses.

The surveillance module is based on the products from Milestone. Video surveillance will be carried out through video cameras connected to the CCTV module Milestone Xprotect Enterprise. The connection to the module is via the Internet trough installed Milestone XProtect Remote Clients. The software allows videosurveillance in real time from an operators station or a PDA unit.

Created by: logo_dppi