IT INFRASTRUCTURE

IT infrastructure

Table of Contents

Introduction3

IT Strategy5

Star topology5

Scalability6

Reliability Mechanisms7

VLANs8

Avoid Spaghetti VLANs9

Protocol-Based VLAN Systems9

Routing Strategies10

Cisco Requirements12

Policy-based routing14

Redundancy in bridged networks16

Trunk protocols17

Implementation details19

Multiple Connections26

Conclusion28

References30

IT infrastructure

Introduction

This paper will be exploring the critical infrastructure required to build two buildings (as mentioned in the case study). The paper will evolve around the IT strategies which will be implemented in the new infrastructure.

Today, the operation of most of Critical Infrastructures (CIS) has to be considered according to the level and the quality of interdependent services required during their daily operations and provided by other infrastructures (Verissimo, 2008, pp. 32). Such heterogeneous CIs are, for example, electrical infrastructures, telecommunication infrastructures or even transport infrastructures, which are today closely bound together (Dondossola, 2008, pp. 3).

The EU FP7 MICIE project aims to improve the Critical Infrastructure's protection capability through the design and implementation of an alerting system that, in real time (Oliva, 2010, pp. 76), identifies the level of possible threats induced on a given CI by undesired events happening in the reference CI and/or in other CIs which are interdependent with the reference one (Caldeira, 2010, pp. 58). This alerting system is able to provide, in real time, for each CI operator a CI risk level (Caldeira, 2010, pp. 55). This risk level allows to assess the probability that, in the near future, no more CI services will be provided with the desired Quality of Service (QoS) due to undesired events happening in the reference CI and/or in other interdependent CIs (Caldeira, 2010, pp.187).

In order to accurately predict the risk level, the alerting system needs information regarding the status of the monitored CI as well as of the interdependent CIs (Caldeira, 2010, pp. 66). Therefore, information sharing between CIs is seen as a key feature to enhance CI protection (Simões, 2010, pp. 77). This paper describes the development of a system able to:

discover all the distributed information relevant for the alerting system (Porter and Millar, 1985, pp. 23);

Overcome the heterogeneity of such information that is related to heterogeneous CIs (i.e., electrical infrastructure, telecommunication infrastructure, water distribution infrastructure, etc.) (Castrucci, 2010, pp. 51);

Exchange this information in a secure way over a communication network considered as untrusted (i.e. over the Internet) (Castrucci, 2010, pp. 51).

To solve all these issues, a proper Secure Mediation Gateway (SMGW) has been designed and this design is presented in detail in this paper (Twidle, 2009, pp. 330). The SMGW is able to discover distributed information via a dedicated information discovery framework (Oliva, 2010, pp. 102). It uses a specific ontology to create a common meta data for all the different CIs and provides the instruments for a secure communication over the communication network). (Such a system needs to seamlessly interoperate and share information in real time. Information become more valuable as it is shared and aggregated (Ciancamerla, 2010, pp. 121). In practice, information sharing and aggregation across infrastructure sectors is almost non-existent, but we believe that in the future, this will become mandatory and ...