Enterprise Internets
Company Intranets and their connections to The Internet are getting
more complex as companies strive for the best service for their
employees and to provide
the best image to their customers who access them over the net. This causes
many companies to have occasional need for some advanced network
expertise, but not a continuous need sufficient for a full-time
employee. We can fill this need and supply the experience needed to
select appropriate points in the extremely large galaxy of potential
choices.
Examples of when such expertise might be called on:
- Intranet to Internet connectivity
- Designing advanced robust server setups
- Web (HTTP) servers to The Internet
- Domain Name Service (see also the DNS services page)
- Incoming and outgoing mail (SMTP services)
- Robust and secure anonymous FTP servers
- Internal information servers (Intranet)
- Selecting an ISP (initially; when switching providers; or when
adding redundancy).
In many cases, a company's internal network group is, in effect, a
full ISP whose customers are the departments and employees of the
company. This can cause them to encounter many of the same problems
that ISPs have. Sometimes just realizing this status
can give an insight on better ways to provide services, by learning
from how outside ISPs have tackled a similar problem. With our
experience in both ISP and Corporate networks, we can act as a useful
conduit for these ideas.
Specific services
These are some of the specific services available. Most contracts
actually involve a synthesis of several of these, along with other,
more esoteric, activities.
Robust multi-homing design
A lot of companies are getting multiple connections to different ISPs
to provide for better connectivity. However, most companies don't
have a BGP expert and this can often lead to overlooking various
options and efficiencies that could be exploited. Even when one or
more of the ISPs involved offer some help in configuring the
connectivity, they are only experts in their own network and do not
have the time or incentive to investigate the options available from
the other ISPs involved.
Without experience, there are a lot of pitfalls with these setups. A
slight error in configuring backup paths can lead to their being
insufficient when they are needed. Other errors can result in your
corporate network connection carrying traffic between the two ISPs to
which you are connected, traffic that has nothing to do with your
company. With an experienced hand to help guide your own network
staff, you can get more value from your multiple providers.
Transition plans for "zero down-time" network changes
We have a lot of experience designing transition strategies that
exhibit "zero down-time" to users. Renumber your web servers. Move
mail servers from one location to another. Change DNS servers.
Switch providers. All of these can be done with no externally visible
outage.
The Internet is global, there is no longer any "unused" time in which
to take systems off the air for reorganization. With careful planning,
however, it is usually possible to arrange a transition with no (or
negligible) visible impact on users. We can design a spectrum of
strategies for any transition with analysis of the costs and benefits
of each option, and then guide you in choosing the tradeoff that is
best for your company.
Purchasing decision support
Selecting the right Internet Provider(s) can be a bet-the-company
decision. As a
report from Data
Communications Magazine
points out, there are lots of pitfalls that an Internet Provider can
fall in, and you want to make sure you don't choose a provider that
will drag your company into the pit with them.
This is a complex decision requiring detailed analysis of both your
business needs and the technical details of the candidate providers
network. While your company presumably has a very good handle on the
former, it normally has no need of expertise in the later, except
during the process of making the purchase decision. Relying on the
provider's information can be extremely misleading. An independent
analysis is needed.
Distributed Offices
Connecting the Corporate headquarters to branch offices using The
Internet rather than leasing long distance phone circuits can be quite
cost effective. However, doing this reliably and securely involves
extensive analysis of the ISPs involved and the company's requirements
for access and privacy.
Routing architecture
There are many aspects that go into designing an overall network
connectivity plan and routing architecture. You need to consider:
- import/export rules: protecting yourself from bogus routes
originating at your provider(s) and preventing accidentally polluting your
provider (and potentially the whole Internet, getting bad publicity).
- Coordinating routing with your provider(s). Especially when
companies have multiple providers, understanding the global routing
system and how your decisions combined with the policies of your
provider(s) can help to prevent problems of visibility in remote parts
of the network.
- config management: controlling changes and generating redundant
parts of configs to be compatible.
- automatic generation or verification of configs from IRR or other
data sources.
A complete routing architecture takes time to design, time which your
engineers may not have to spare right now. But, if you keep putting
it off until there's time to do the whole project, you may never get
there. This works for a while, as your engineers will have a common
understanding, but it will constrain where the network can go.
We can provide an analysis of your existing network routing as well as
your requirements and design an architecture to provide the maximum
reliability, flexibility, and growth. By working with your
engineering staff, we can produce a comprehensive network design / routing
architecture document that can be used and maintained to keep future
decisions consistent and to better plan the growth of the network.
This will improve the productivity of your engineering staff, without
requiring them to expend the time to document it.
Measurement and analysis
Measurement of current usage with trend analysis and projections of
future capacity requirements can be a vital resource for network
planning purposes. But at many companies, the network staff can be
too busy (or too small) to put in the time to evaluate and set up the
various packages. We have experience setting up many of the freeware
packages that can do this, and customizing them to a particular
network. We can help you choose the one that best suits your needs
and then help install it and configure it for your network.
Migration and expansion strategies for maximum flexibility
Network engineers are often so overloaded with day-to-day issues that it
becomes hard to make time to step back and look at the next
migration/expansion step and design it fully. This often leads to
plans which don't cover all contingencies, and can lead to the need
for on-the-fly corrections, which is the source of many later
problems. By carefully planning ahead, you can save much more in
lowered maintenance costs.
Address space utilization
These days, address space allocation, renumbering, and CIDR
aggregation are important to the ability of a network to grow. We have
extensive experience in all these areas.
Since addresses are allocated according to RFC2050 in most cases, a
good allocation strategy can help you reach your goals with more
margin, giving you more lead time to get a new allocation in.
Complete DNS setup and integration with other services (DHCP,
address assignment database, authentication services).
I can provide training for your corporate network operations and
engineering staff, either train existing staff in new technologies
being brought in, or to train new staff to keep from distracting your
(probably overloaded) existing staff with this added task.
Especially useful is the combination of providing some engineering
design from above and concluding with a complete, customized training
series on the results. This will get your staff up to speed on the
new setup as quickly as possible to allow them to maintain and extend
it.
For more on the available training options, see the
separate page with more details.
Page generated 2024-12-26
at 13:52 GMT
Copyright © MMXXIV
MAP Network Engineering
And finally, a random note:
My imaginary friend tells me you have serious mental problems.