Telecommunications Network Infrastructure
The Hartnett Enterprise Acceleration Centre network is cabled using Category 6 type cabling. Each company is assigned to a unique Virtual Local Area Network (VLAN) and subnet within the physical network. This creates a separate broadcast domain at Layer 2, ensuring the highest degree of security and confidentiality between the different clients. All clients will use private addressing internally and external access is achieved using Network Address Translation (NAT). Dynamic Host Configuration Protocol (DHCP) services can be provided if necessary.
The firewall solution selected to protect the EAC network is the Fortigate 300A, a product of Fortinet Inc. Fortinet are the current market leaders in Unified Threat Management. This solution provides all the security requirements needed to protect an enterprise network including intrusion detection and prevention, antivirus, content filtering and traffic shaping. Using the unique FortiASCI content processor chip, the Fortigate 300A can also detect and eliminate viruses, worms, trojans and other content based threats without affecting network throughput. The primary firewall device is accompanied by a second 300A working in high-availability mode, ensuring stateful failover in the unlikely case of device failure.
Each client on the network can install the Fortinet antivirus program. This antivirus tool provides virus scan and intrusion prevention services for the host machines.
Each company can arrange to have a site to site VPN connection from the firewall to a remote site such as head office. This would create a secure and encrypted tunnel between the two sites. Remote access VPN connections can also be configured to allow clients access internal machines securely.
Limerick Institute of Technology’s current internet connection is provided by ITNET and is 45Mbps. This will be increased to 1 Gbps within the next few months as part of integration between ITnet and HEAnet. A significant proportion of this link is reserved for EAC external network access.
A 100 pair telephone cable has been run into the EAC building from the main building and connected to the LIT PABX. This effectively allows for 100 extensions in the EAC and direct dial facilities are provided. Telephone usage is logged and will be charged back to individual clients. Plans are progressing to provide VoIP capability on this network.