360 likes | 378 Views
Distribution. ED01. English. Case Study. Module No. : Appendix 4. January, 2007. Mail to training@samsung.com. Objectives. After successful completion of the course the trainees should be able to execute the following activities. Contents. IAE EduHouse’s. Gyeonggi Provincial Office.
E N D
Distribution ED01 English Case Study Module No. : Appendix 4 January, 2007 Mail to training@samsung.com
Objectives • After successful completion of the course the trainees should be able to execute the following activities. ⓒ SAMSUNG Electronics Co.,Ltd.
Contents IAE EduHouse’s Gyeonggi Provincial Office Sei Data Lines SifteBerti VLAN Scheme ⓒ SAMSUNG Electronics Co.,Ltd.
IAE EduHouse’s OfficeServ 7400-basedWLAN Network Construction ⓒ SAMSUNG Electronics Co.,Ltd.
IAE EduHouse IAE EduHouse as a leading study abroad provider in Korea administrates its online study-abroad portal site and progresses the offline study-abroad business. The EduHause founded in October 1992 in Korea has its head office in Seoul and has 26 domestic branches and 13 oversea branches including U.S.A., Canada and Australia. Its personnel is about 250 persons. . Its members number 0.6 million via the online site and won "Korea Representative Study-abroad Field Award, 2006".. ⓒ SAMSUNG Electronics Co.,Ltd.
Customer Needs Challenge Problems in the Present Communication Infrastructures • User's complaint against the frequent occurrence of the system fault caused by system aging • Duplicated network cost because of the separate management of data network and telephone network • Increase of communication cost caused by the frequent occurrence of business calls with other branches • Activity time and costs for no-existence of remote maintenance for the Legacy system in use • Frequent occurrence of troubles in calls between internal subscribers because of the use of two systems • Running against the trend of one phone per person business • No-reception of Caller ID(CID) of internal subscriber • Nominal CRM center • Product that can solve frequent call quality troubles • Convergence product supporting Voice and Data communication (e.g. Voice, Router, Switch, WLAN, Mobility and IP Telephony) • Product with rich experiences of IP Telephony construction • Product with "Remote Management Function" supporting the troubleshooting without visiting ⓒ SAMSUNG Electronics Co.,Ltd.
IP Network PSTN Challenge Network Diagram (Before) LG-Nortel GK-50HB LG-Nortel GK-828HB PSTN # Branch 1 # Branch 2 # Branch 26 ⓒ SAMSUNG Electronics Co.,Ltd.
R-NMS All-In-One Integrated Solution Solution WIM + LIM Proposal WLAN Construction AP • • Existing CISCO Router → Replacement into GWIM B’D • Existing L3 Switch→ Replacement into GLIM B’D • Proposal for Voice & Data Convergence Network • DataWireless LAN Construction -. Combo AP : 4 EA -. WIP-5000M : 60 EA + PC WiFi Phone Remote NMS Telecommuting Solution • Management Tool -. Maximization of Administrator Convenience -. Optimization of Maintenance • • Telecommuting Solution for Expectant Mother • Telecommuting Call Center through two-shift system INTERNET DSL IP Phone ⓒ SAMSUNG Electronics Co.,Ltd.
IP Network PSTN Solution Network Diagram (After) Kangnam Branch Telecommuting DSL Line IP Phone 1 Gigabit Bandwidth Digital Phone GLIM PSTN Access Point OfficeServ 7400 GWIM Gateway IP Network WiFi Phone ⓒ SAMSUNG Electronics Co.,Ltd.
Construction Effect Qualitative Effect Mutual Compatibility Mutual compatibility with the existing Cisco device • Interlocking between GWIM and Cisco Router - Interlocking compatibility with the leading MS device in the Router market Welfare Promotion Realization of efficient staff welfare • A three-month maternity leave and a three-month telecommuting for two expectant mothers Construction of VoIP network through PRI, EI and QSIG with the main devices of other branches Interlocking • Inducement to the construction of VoIP network of the gradual nation branch network via the spread of Kookmin bank's case • Promotion of the reliability by providing the verified references for future solution to be introduced ▶ Centralized FAX Server ▶ Web Telephony 800 ▶ Centralized Record Server ▶ Integrated Call Center ▶ Storage Device and others. ⓒ SAMSUNG Electronics Co.,Ltd.
Cost Reduction of the calling charge, system expense and maintenance expense ▶Internet phone calling service → Reduction of PSTN calling charge ▶ Reduction of portable phone calling charge by the user's continuous call answering service and the replacement of the calling method between internal subscribers via the realization of the VOWLAN network mobility within a branch ▶ Extendibility via All IP communication network by introducing 070 service in future ▶ No additional cabling in the position shift of internal subscriber → Cost reduction Initial Investment Cost Reduction of expense for devices and cabling ▶ Introduction of the device with price competitiveness via the adoption of All in One production ▶Drastic reduction of cabling expense via the introduction of IP Telephony tech. ▶ Protection of the existing Data device investment by applying the standard IP tech. Construction Effect Qualitative Effect ⓒ SAMSUNG Electronics Co.,Ltd.
Future Plan Samsung IP solutions established in IAE EduHause are real all-in-one solutions ranging from voice communications to data devices such as routers and L3 switches to home solutions. Starting with this project of Kangnam branch of IAE EduHouse, we will replace the systems of the rest 25 branches in three years step by step. Therefore, it is expected that the demands of additional devices of Samsung Electronics (e.g. central FAX server, central recording server, national integrated call center) will increase. ⓒ SAMSUNG Electronics Co.,Ltd.
Gyeonggi Provincial Office of Education ⓒ SAMSUNG Electronics Co.,Ltd.
Gyeonggi Provincial Office of Education Gyeonggi Provincial Office of Education enforces the business concerned with education and student works entrusted to Gyeonggi Province. Gyeonggi Provincial Office of Education has 25 local offices of education including Suwon Office of Education and Anyang Office of Education and 16 institutes under its direct supervision including training centers and provincial libraries. . Facility branch under Support division of Gyeonggi Provincial Office of Education designs and supervises various facility (Building, Engineering works and facilities) constructions and performs the businesses concerned with school facility order and school facility. . ⓒ SAMSUNG Electronics Co.,Ltd.
Challenge Problems of the Present Communication Infrastructures • The site supervision by the Facility branch of the education office is not efficient. - Wide Area : School facilities and construction sites of 31 administrative cities and counties within Gyeonggi province - Absence of facilities for real-time monitoring - Need of site visit for the business consultation with the related division (Existence of physical and temporal restriction) - Absence of immediate activity plan for emergency • Increase of communication cost caused by the frequent occurrence of business calls between the Facility branch and the site. Customer Needs • Product that enables to grasp the site situation by using Network Camera • Convergence product supporting Multimedia communication - Product that allows Data Sharing during a phone call - Product supporting video conference • Product that enables Gyeonggi Provincial Office of Education to integrates the terminals in each site and manage them in remote site • Product that can reduce the communication cost and promote the business efficiency ⓒ SAMSUNG Electronics Co.,Ltd.
OfficeServ Messenger with IP Phone WhiteBoard OfficeServ Messenger with Softphone Solution Proposed Solution • Installation of OfficeServ 7400, OfficeServ Messenger Server to Gyeonggi Provincial Office of Education - Data Sharing by using the WhiteBoard function of the messenger - Video Conference using the video conference function of the messenger - Real-time site monitoring by interlocking between the network camera and the messenger • IP phone installation to Gyeonggi Provincial Office of Education and each site - Reduction of the communication cost between the facility and sites ⓒ SAMSUNG Electronics Co.,Ltd.
[site Integration Monitor] ① Select a school in Gapyeong county ② Display the image of the selected school ① Gapyeong County A,B,C,… School ② HwaSung City A,B,C,… School Solution Real Time site Integration Monitor ⓒ SAMSUNG Electronics Co.,Ltd.
Solution Network Diagram (After) Gyeonggi Provincial Office of Education OfficeServ Messenger PRI OfficeServ 7400 OfficeServ Messenger & Network Camera Management System PBX Internet A Site B Site C Site IP Network Camera for Site Check OfficeServ Messenger (WhiteBorad & Conference Functions) ⓒ SAMSUNG Electronics Co.,Ltd.
Construction Effect Increase of the facility and business efficiency - Rapid reduction of the site visit counts due to the real time monitoring function - Increase of business progress speed by using the WhiteBoard function - Promotion of business convenience by integrating video chatting and video conference Reduction of communication cost - Reduction of calling charge through IP phone Smooth maintenance and repair - Easy extension only by connecting IP phones to IP switches - Number change and cabling work caused by the location change is unnecessary. Control for the site terminals - Control by the main system in Gyeonggi Provincial Office of Education - Centralized integration management of the system DB change such as extension number change and subscriber level. ⓒ SAMSUNG Electronics Co.,Ltd.
Gyeonggi Provincial Office of Education OfficeServ Messenger PRI OfficeServ 7400 OfficeServ Messenger & Network Camera Management System PBX Internet Hwasung Office of Education -Site A Bucheon Office of Education -Site B Bucheon Office of Education Hwasung Office of Education OfficeServ 7200 OfficeServ 7200 Future Plan Gyeonggi Provincial Education Office is panning on the construction of the integrated communication solution as well as the supervision of the construction site by installing Office 7200 to 25 local education offices within its jurisdiction in near future. ⓒ SAMSUNG Electronics Co.,Ltd.
Sei Data Lines ⓒ SAMSUNG Electronics Co.,Ltd.
Today Uk Korea Internet Main Backup Fastweb Telecom Fastweb Verizon Sei Internet Access Dmz Private Country connectivity CheckPoint + Rainconnector Sei Lan SecuiWall Fastweb Dns + Proxy Telecom Dedicated Lines point to point Telecom Fastweb Fastweb Dmz Web Server MobileWorld Tlc Siso Telecom Bertola Dhl Saiet Self Restaurant Ubm Roma Stand alone internet Access
Sei Data Lines Next Year Korea Self Restaurant Uk Ubm Roma Dhl Bertola Telecom Fastweb Fastweb Telecom Saiet Telecom Telecom Main Backup Backup Main Internet GWIM Verizon Colt Fastweb Sei Internet Access and Tunnel Vpn Dmz Private Country connectivity CheckPoint + Rainconnector Sei Lan Dns + Proxy + WebFiltering Dmz Web Server MobileWorld Tlc Siso
IP Phone Sei Data Lines Next Year (final) Korea Uk Self Restaurant Ubm Roma Dhl NAT/Firewall Bertola Telecom Fastweb Fastweb Telecom Saiet Telecom With VPN Sifte Berti Telecom Backup Main Backup Main Telecom GWIMT Internet CISCO Colt Verizon WIM Fastweb New site Sei Internet Access and Tunnel Vpn Dmz Private Country connectivity CheckPoint + Rainconnector Sei Lan Tunnel Method : GRE over IPSec with OSPF, or GRE over IPSec with EIGRP, or GRE over IPSec with HSRP Fail over : Dynamic Routing by EIGRP(or OSPF) To Internet line with VPN don’t need Dns + Proxy + WebFiltering Dmz Web Server WAN: DSL Line (support 24 Alias IP ) -- Public Static Type – 6 + 1 VPN Tunnels -- NAT & Firewall for ITP ( don’t set default GW for using internet via internal firewall ) LAN : Static Type -- should set default GW for using internet with VPN MobileWorld Tlc Siso
VPN Test Step in SEI ⓒ SAMSUNG Electronics Co.,Ltd.
1st step 0 step: test Samsung H/W in SEI Lab. 1st step: Install two Samsung H/W to SEI and Test Office Requested new Feature: GRE Tunnel over IPSec Application: SIP and Clients for File sharing 106.103.6.68 UK WIM Test Site (Lugli Office) GRE Tunnel over IPSec with OSPF KR GWIM/WIM 106.103.3.4/24 106.103.6.1/24 DMZ-PRIVATE 106.103.3.60/24 106.103.x.x 106.103.4.x 106.103.1.x File Server
2nd step 2nd step: Install two Samsung H/W to SEI and Test Office Requested new Feature: VRRP Application: SIP and Clients for File sharing UK WIM GRE Tunnel over IPSec with OSPF GRE Mutli-tunnel Test Site (Lugli Office) KR GWIM/WIM CISCO VRRP DMZ-PRIVATE
3rd step 3rd step: Install two Samsung H/W to SEI and Real Office Requested new Feature: VRRP Application: SIP and Clients for File sharing UK WIM GRE Tunnel over IPSec with OSPF GRE Mutli-tunnel Real Office (SAIET) KR GWIM/WIM CISCO VRRP DMZ-PRIVATE
4th step 4th step: Install Samsung H/W to another Office UK WIM GRE Tunnel over IPSec with OSPF GRE Multi-Tunnel Another Office KR GWIM/WIM CISCO VRRP DMZ-PRIVATE
Final step INTERNET INTERNET UK DMZ-PRIVATE Milan SEI WAN Use HSRP on inside ethernet and track feature on tunnel interface to fail over KR
SifteBerti ⓒ SAMSUNG Electronics Co.,Ltd.
Net map SifteBerti Y.Y.Y.Y/28 NAT 106.103.X.X/28 INTERNET Sifte Note 1 Note 2 UK DMZ-PRIVATE Note 3 Milan Note 4 SEI WAN Note 5 KR
Net map SifteBerti • Note 1 • At the moment we are not sure that we can use 106.103.3.X/28. • Note 2 • If not possible to setup warehouse PC in the 106.103.3.X range, the VPN router will have to perform NAT. So SEI still use 106.103.3.X to receive or send data to SifteBerti • Note 3 • IpSec tunnel is actually used on our routers. GRE over IPSEC is implemented for sites that have backup facilities (Rome and UBM). The failover is performed using EIGRP dynamic protocol. The SifteBerti connection will use 2 routers in Milan: one Samsung and the other will share the Cisco VPN router used. • Of course the SifteBerti VPN should not have impact on other VPN connections concerning dynamic routing and IPSec Tunnels so please verify in advance the compatibility with EIGRP and Cisco IPSEC • Note 4 • The default gateways for the firewall is the Internet gateways. The routing entries are managed directly using RainFinity balancer that permit to share internet traffic among more ISP. The DMZ-PRIVATE use static routing to divert traffic to the VPN router. Actually We are using HSRP among Cisco routers for backup so when active tunnel go down HSRP switch over the backup tunnel router • I do not want dynamic routing running on firewall for security reason. For the same reason any tunnel should not pass through the firewall encrypted. This is why we have a dedicated DMZ for VPN connection. • Note 5 • We use 802.1q tagging for VLAN implementation and PVSTP for spanning tree ⓒ SAMSUNG Electronics Co.,Ltd.
VLAN Scheme ⓒ SAMSUNG Electronics Co.,Ltd.
VLAN Scheme What’s VLAN protocol ? Ex: MAC Based, Port Based, Tag based, IP Based What’s STP protocol ? Ex: STP, RSTP, MSTP, PVSTP Wireless VLAN 17 To UK Clients VoIP SEI VPN Vlan 11 Vlan14 To Korea Firewall Vlan18 Firewall Dmz Public Dmz Partner Server Farm Vlan3 Vlan 27 Telco Tech Internet Vlan4 Semiconductor