| dc.contributor | Tovar Rache, Jesús Guillermo | |
| dc.contributor | UNeT (Universidad Nacional\'s Networking and Telecommunications Research Team) | |
| dc.creator | Ramírez Galvis, Elkin Yezith | |
| dc.date.accessioned | 2021-10-07T15:23:17Z | |
| dc.date.available | 2021-10-07T15:23:17Z | |
| dc.date.created | 2021-10-07T15:23:17Z | |
| dc.date.issued | 2021-10-05 | |
| dc.identifier | https://repositorio.unal.edu.co/handle/unal/80413 | |
| dc.identifier | Universidad Nacional de Colombia | |
| dc.identifier | Repositorio Institucional Universidad Nacional de Colombia | |
| dc.identifier | https://repositorio.unal.edu.co/ | |
| dc.description.abstract | Las arquitecturas de red híbridas permiten desempeñar un mejor papel en la distribución de los recursos y de manera muy importante mejorar la eficiencia y robustez de las redes de datos ayudando a minimizar tanto fallas de conectividad como aislar incidentes de seguridad bien sea de tipo DDoS, TCP/IP, acceso remoto, etc. Para el caso de estudio, el objeto fue identificar fallas críticas en los servicios que la comunidad universitaria usa dentro de la red LAN por medio de servidores encargados de la distribución y almacenamiento de dichos servicios. Otro punto evaluado fue la verificación de la infraestructura networking y computacional, tomando la seguridad como otro de los elementos que bajo ciertas particularidades como políticas de tráfico, usuarios y direccionamiento dentro de la facultad de ingeniería se sumaron a la identificación de las incidencias sobre ciertos activos de la información. En primer lugar, se analizaron los protocolos actuales en la distribución de tráfico y disponibilidad de los equipos ante fallas no esperadas, lo cual nos dió una solución que minimiza la cantidad de fallas en los equipos activos, el estado actual de la red de la facultad de ingeniería y como plus la mejora de la conectividad entre los diferentes dispositivos de red. En segundo lugar, se identificó el mejor uso de las VLAN’s para la prestación de los servicios de red como medio aislado es la operación de servicios bajo entornos virtuales y la debida parametrización de la política de alta disponibilidad bajo el protocolo HSRP, con el fin de garantizar un servicio de calidad para los usuarios de la red y las acciones que estos realicen. Se identificaron adicionalmente, varias actividades que bajo la metodología PMP permitieron identificar los requerimientos, evaluación de la arquitectura de red actual, recolectar datos de incidentes de seguridad y posteriormente el diseño de la red que fue simulada en el modelador GNS3. Acto seguido se realizaron diferentes escenarios como la evaluación de control de acceso administrativo mediante el protocolo SSH hacia los equipos más críticos, también se evaluó el escenario de alta disponibilidad y conectividad de los usuarios hacia los servicios (servidor FTP) para el cargue y descargue de archivos.
Finalmente se recolectaron diferentes estadísticas de respuesta para cada uno de los escenarios, identificando en especial en ambientes de alta disponibilidad tiempos de menos de 2mseg, en donde cualquier dispositivo de respaldo (Ej. R3 a R4) responde ante una falla de nodo o conexión sin impactar la operación y gestión de los servicios y/o equipos responsables de mantener el funcionamiento de la red de datos. En cuanto a comunicación se evaluó que entre nodos de diferente segmento a nivel de conectividad ping, la operación y respuesta obtenida fue entre 2 y 5mseg entre los dispositivos de comunicación como por ejemplo Switches y routers, en el canal de comunicación de la facultad de ingeniería (sede Bogotá), reflejando así que el protocolo de alta disponibilidad HSRP contribuyó con los mejores resultados esperados para el modelo diseñado. | |
| dc.description.abstract | Hybrid network architectures can play a better role in the distribution of resources and very importantly improve the efficiency and robustness of data networks, helping to minimize both connectivity failures and isolate security incidents, whether DDoS, TCP/IP, remote access, etc. For the case study, the objective was to identify critical failures in the services that the university community uses within the LAN network through servers responsible for the distribution and storage of these services. Another point evaluated was the verification of the networking and computational infrastructure, taking security as another of the elements that under certain particularities such as traffic policies, users and addressing within the faculty of engineering were added to the identification of incidents on certain information assets. Firstly, we analyzed the current protocols in the distribution of traffic and availability of equipment in the event of unexpected failures, which gave us a solution that minimizes the number of failures in the active equipment, the current state of the network of the faculty of engineering and as a plus the improvement of connectivity between the different network devices.
Secondly, the best use of VLAN's was identified for the provision of network services as an isolated medium is the operation of services under virtual environments and the proper parameterization of the high availability policy under the HSRP protocol, in order to ensure a quality service for network users and the actions they perform. In addition, several activities were identified that under the PMP methodology allowed to identify the requirements, evaluate the current network architecture. The network design was then simulated in the GNS3 modeler. Then, different scenarios were performed, such as the evaluation of administrative access control through the SSH protocol to the most critical equipment, as well as the evaluation of the high availability scenario and user connectivity to the services (FTP server) for uploading and downloading files.
Finally, different response statistics were collected for each of the scenarios, identifying especially in high availability environments times of less than 2msec, where any backup device (e.g. R3 to R4) responds to a node or connection failure without impacting the operation and management of the services and/or equipment responsible for maintaining the operation of the data network. In terms of communication, it was evaluated that between nodes of different segments at ping connectivity level, the operation and response obtained was between 2 and 5msec between communication devices such as switches and routers, in the communication channel of the faculty of engineering (Bogotá headquarters), thus reflecting that the HSRP high availability protocol contributed with the best results expected for the designed model. | |
| dc.language | spa | |
| dc.publisher | Universidad Nacional de Colombia | |
| dc.publisher | Bogotá - Ingeniería - Maestría en Ingeniería - Telecomunicaciones | |
| dc.publisher | Departamento de Ingeniería de Sistemas e Industrial | |
| dc.publisher | Facultad de Ingeniería | |
| dc.publisher | Bogotá, Colombia | |
| dc.publisher | Universidad Nacional de Colombia - Sede Bogotá | |
| dc.relation | [1]M. Zareei, E. Mahmoud Mohamed, M. H. Anisi, C. Vargas Rosales, K. Tsukamoto y M. Khurram Khan, «On-Demand Hybrid Routing for Cognitive Radio Ad-Hoc Network,» IEEE Access, vol. 4, pp. 8294-8302, 2016. | |
| dc.relation | [2]X. Yu, H. Xu, H. Gu y H. Lan, «Thor: A scalable hybrid switching architecture for data centers,» IEEE Transactions on Communications, vol. 66, nº 10, pp. 4653-4665, 1 10 2018. | |
| dc.relation | [3]J.-B. Yang, C.-T. Wu y C.-H. Tsai, «Selection of an ERP system for a construction firm in Taiwan: A case study,» Automation in Construction, vol. 16, nº 6, pp. 787-796, 9 2007. | |
| dc.relation | [4]Z. Wu y M. Xiao, «Performance evaluation of VPN with different network topologies,» de 2019 2nd International Conference on Electronics Technology, ICET 2019, 2019. | |
| dc.relation | [5]L. Wei, H. Zhu, Z. Cao, X. Dong, W. Jia, Y. Chen y A. V. Vasilakos, «Security and privacy for storage and computation in cloud computing,» Information Sciences, vol. 258, pp. 371-386, 2 2014. | |
| dc.relation | [6]J. Wang y L. Cheng, «qSDS: A QoS-Aware I/O scheduling framework towards software defined storage,» de 2015 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS), 2015. | |
| dc.relation | [7]M. van Oosterhout, E. Waarts y J. van Hillegersberg, «Change factors requiring agility and implications for IT,» European Journal of Information Systems, vol. 15, nº 2, pp. 132-145, 19 4 2006. | |
| dc.relation | [8]E. J. Umble, R. R. Haft y M. Umble, «Enterprise resource planning: Implementation procedures and critical success factors,» European Journal of Operational Research, vol. 146, nº 2, pp. 241-257, 4 2003. | |
| dc.relation | [9]M. Suchara, D. Xu, R. Doverspike, D. Johnson y J. Rexford, «Network architecture for joint failure recovery and traffic engineering,» de Proceedings of the ACM SIGMETRICS joint international conference on Measurement and modeling of computer systems - SIGMETRICS '11, New York, New York, USA, 2011. | |
| dc.relation | [10]M. Sookhak, H. Tang, Y. He y F. R. Yu, «Security and Privacy of Smart Cities: A Survey, Research Issues and Challenges,» IEEE Communications Surveys & Tutorials, pp. 1-1, 2018. | |
| dc.relation | [11]S. Shenbagavalli y S. Karthikeyan, «An efficient low power NoC router architecture design,» de 2015 Online International Conference on Green Engineering and Technologies (IC-GET), 2015. | |
| dc.relation | [12]M. Sheghdara y J. Hassine, «Automatic retrieval and analysis of high availability scenarios from system execution traces: A case study on hot standby router protocol,» Journal of Systems and Software, vol. 161, 1 3 2020. | |
| dc.relation | [13]F. Righetti, C. Vallati y G. Anastasi, «IoT Applications in Smart Cities: A Perspective Into Social and Ethical Issues,» de 2018 IEEE International Conference on Smart Computing (SMARTCOMP), 2018. | |
| dc.relation | [14]C. Rath, T. Niedermair y T. Zefferer, «Towards a Personal Security Device,» 2016, pp. 1-16. | |
| dc.relation | [15]M. R. K. Naik y P. Samundiswary, «Wireless body area network security issues — Survey,» de 2016 International Conference on Control, Instrumentation, Communication and Computational Technologies (ICCICCT), 2016. | |
| dc.relation | [16]B. Metcalfe, «The Next-Generation Internet,» IEEE Internet Computing, vol. 4, nº 1, pp. 58-59, 2000. | |
| dc.relation | [17]N. McKeown, T. Anderson, H. Balakrishnan, G. Parulkar, L. Peterson, J. Rexford, S. Shenker y J. Turner, «OpenFlow,» ACM SIGCOMM Computer Communication Review, vol. 38, nº 2, p. 69, 31 3 2008. | |
| dc.relation | [18]MCB University Press., Journal of organizational change management., MCB University Press, 1988. | |
| dc.relation | [19]J. Matejka, P. Podhradsky y J. Londak, «Security manager for hybrid broadcast broadband architecture evolution,» de 2016 International Symposium ELMAR, 2016. | |
| dc.relation | [20]A. Manzoor, M. Hussain y S. Mehrban, «Performance Analysis and Route Optimization: Redistribution between EIGRP, OSPF & BGP Routing Protocols,» Computer Standards and Interfaces, vol. 68, 1 2 2020. | |
| dc.relation | [21]S. Lunawat y A. Patankar, «Efficient architecture for secure outsourcing of data and computation in hybrid cloud,» de 2014 International Conference on Reliability Optimization and Information Technology (ICROIT), 2014. | |
| dc.relation | [22]M. Ljubojević, A. Bajić y D. Mijić, «Implementation of High-Availability Server Cluster by Using Fencing Concept,» de 2019 18th International Symposium INFOTEH-JAHORINA, INFOTEH 2019 - Proceedings, 2019. | |
| dc.relation | [23]H. Leitold, A. Hollosi y R. Posch, «Security architecture of the Austrian citizen card concept,» de 18th Annual Computer Security Applications Conference, 2002. Proceedings.. | |
| dc.relation | [24]A. M. Khalaf, M. S. E. Salam y K. A. Ahmed, «Investigation of different ethernet wiring and different frame size to enhance the performance of LAN,» de International Conference on Advanced Communication Technology, ICACT, 2017. | |
| dc.relation | [25]A. Kanungoe y G. Das, «A novel OLT protection for hybrid WDM-TDM optical access networks,» de 2014 IEEE International Conference on Advanced Networks and Telecommuncations Systems (ANTS), 2014. | |
| dc.relation | [26]T. Janevski, NGN architectures, protocols, and services. | |
| dc.relation | [27]Institute of Electrical and Electronics Engineers. y IEEE Computer Society., IEEE transactions on cloud computing.. | |
| dc.relation | [28]C.-T. Hsuan, «The research on “application of the third party policing to social security”,» de 2011 IEEE International Summer Conference of Asia Pacific Business Innovation and Technology Management, 2011. | |
| dc.relation | [29]S. Hong, J. P. Jue, P. Park, H. Yoon, H. Ryu y S. Hong, «Survivable virtual topology design in multi-domain optical networks,» Journal of Optical Communications and Networking, vol. 8, nº 6, pp. 408-416, 1 6 2016. | |
| dc.relation | [30]A. Hameed y M. Wasim, «On the study of SDN for emulating virtual lans,» de 2019 8th International Conference on Information and Communication Technologies, ICICT 2019, 2019. | |
| dc.relation | [31]B. T. Haghighi, M. Othman y F. H. Hashim, «Internet addiction and dependency: A case study in UNITEN, Malaysia,» de 2011 International Conference on Information Technology and Multimedia: "Ubiquitous ICT for Sustainable and Green Living", ICIM 2011, 2011. | |
| dc.relation | [32]S. Gupta, S. C. Misra, N. Kock y D. Roubaud, «Organizational, technological and extrinsic factors in the implementation of cloud ERP in SMEs,» Journal of Organizational Change Management, vol. 31, nº 1, pp. 83-102, 12 2 2018. | |
| dc.relation | [33]P. Gill, N. Jain y N. Nagappan, «Understanding network failures in data centers,» ACM SIGCOMM Computer Communication Review, vol. 41, nº 4, p. 350, 22 10 2011. | |
| dc.relation | [34]H. Emesowum, A. Paraskelidis y M. Adda, «Fault tolerance capability of cloud data center,» de 2017 13th IEEE International Conference on Intelligent Computer Communication and Processing (ICCP), 2017. | |
| dc.relation | [35]K. Chopra, K. Gupta y A. Lambora, «Future Internet: The Internet of Things-A Literature Review,» de Proceedings of the International Conference on Machine Learning, Big Data, Cloud and Parallel Computing: Trends, Prespectives and Prospects, COMITCon 2019, 2019. | |
| dc.relation | [36]J. Bohn, V. Coroamă, M. Langheinrich, F. Mattern y M. Rohs, «Social, Economic, and Ethical Implications of Ambient Intelligence and Ubiquitous Computing,» de Ambient Intelligence, Berlin/Heidelberg, Springer-Verlag, pp. 5-29. | |
| dc.relation | [37]R. Amin, N. Shah y W. Mehmood, «Enforcing optimal [2] policies using K-partite graph in hybrid SDN,» Electronics (Switzerland), vol. 8, nº 6, 1 6 2019. | |
| dc.relation | [38]R. Amin, N. Shah, B. Shah y O. Alfandi, «Auto-Configuration of ACL Policy in Case of Topology Change in Hybrid SDN,» IEEE Access, vol. 4, pp. 9437-9450, 2016. | |
| dc.relation | [39]P. Amaral, P. F. Pinto, L. Bernardo y A. Mazandarani, «Application Aware SDN Architecture using Semi-supervised Traffic Classification,» de 2018 IEEE Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2018, 2018. | |
| dc.relation | [40]L. Alouache, N. Nguyen, M. Aliouat y R. Chelouah, «Toward a hybrid SDN architecture for V2V communication in IoV environment,» de 2018 Fifth International Conference on Software Defined Systems (SDS), 2018. | |
| dc.relation | [41]V. A. Almeida, D. Doneda y M. Monteiro, «Governance challenges for the internet of things,» IEEE Internet Computing, vol. 19, nº 4, pp. 56-59, 1 7 2015. | |
| dc.relation | [42]A. K. Al Mhdawi y H. S. Al-Raweshidy, «IPRDR: Intelligent power reduction decision routing protocol for big traffic flood in hybrid-SDN architecture,» IEEE Access, vol. 6, pp. 10944-10955, 30 1 2018. | |
| dc.relation | [43]A. Aguado, V. Lopez, J. Martinez-Mateo, T. Szyrkowiec, A. Autenrieth, M. Peev, D. Lopez y V. Martin, «Hybrid conventional and quantum security for software defined and virtualized networks,» Journal of Optical Communications and Networking, vol. 9, nº 10, pp. 819-825, 1 10 2017. | |
| dc.relation | [44]«Transition to NGN and Future Evolution,» de NGN Architectures, Protocols and Services, Chichester, UK, John Wiley & Sons, Ltd, 2014, pp. 301-332. | |
| dc.relation | [45]«SDNMS: A software defined network measurement system for NFV networks - IEEE Journals & Magazine,» [En línea]. Available: https://ieeexplore-ieee-org.ezproxy.unal.edu.co/document/8695258. | |
| dc.relation | [46]IEEE P802.3/D3.0, March 2015 (Revision of IEEE Std 802.3-2012). | |
| dc.relation | [47]«Data Security in the Cloud,» [En línea]. Available: https://ieeexplore-ieee-org.ezproxy.unal.edu.co/courses/details/EDP472. | |
| dc.relation | [48]«Cloud Computing Definition, Reference Architecture, and General Use Cases,» [En línea]. Available: https://ieeexplore-ieee-org.ezproxy.unal.edu.co/courses/details/EDP382. | |
| dc.relation | [49]«A survey of ethernet LAN security,»[En línea]. Available: https://ieeexplore-ieee-org.ezproxy.unal.edu.co/document/6407456 | |
| dc.relation | [50]«A Survey on Wireless Security: Technical Challenges, Recent Advances, and Future Trends,»[En línea]. Available: https://ieeexplore-ieee-org.ezproxy.unal.edu.co/document/7467419 | |
| dc.relation | [51]T. Zhang, M. Chen, X. Wei, B. Chen and C. Hu, "SDNMS: A software defined network measurement system for NFV networks," in China Communications, vol. 16, no. 4, pp. 59-74, April 2019. | |
| dc.relation | [52]A. K. Al Mhdawi and H. S. Al-Raweshidy, "iPRDR: Intelligent Power Reduction Decision Routing Protocol for Big Traffic Flood in Hybrid-SDN Architecture," in IEEE Access, vol. 6, pp. 10944-10955, 2018. | |
| dc.rights | Atribución-NoComercial 4.0 Internacional | |
| dc.rights | http://creativecommons.org/licenses/by-nc/4.0/ | |
| dc.rights | info:eu-repo/semantics/openAccess | |
| dc.rights | Derechos reservados al autor | |
| dc.title | Modelo híbrido de arquitectura de red y seguridad altamente disponible para el canal de datos, facultad de ingeniería (Bta) | |
| dc.type | Trabajo de grado - Maestría | |
