Riordan Manufacturing 1

bonkburpsNetworking and Communications

Oct 23, 2013 (3 years and 5 months ago)

75 views

Riordan Manufacturing
1

Running Head:
RIORDAN MANUFACTURING NETWORK







Riordan Manufacturing Network


Debra Minahen

University of Phoenix

NTC
/500
Networking
Concepts

Chen Li

August
23
, 2009
Riordan Manufacturing
2

Riordan Manufacturing

Network

Dr.
Michael

Riordan, a professor of chemistry who saw the

potential commercial
applications of several of his polymer processing patents, founded Riordan Manufacturing, Inc.
in 1991. Riordan Manufacturing, Inc. produces plastic bottles, fans, medical supplies and other
custom plastic parts using the plastic inj
ection molding process.

The company’s corporate headquarters
,

including their research and development
department
,

are located in San Jose, California. Riordan has additional locations in Albany,
Georgia where plastic beverage containers are produced, Pon
tiac, Michigan where custom plastic
parts are produced, and Hangzhou, China where fans are manufactured.
A high
-
level network
overview of all facilities is shown in Figure
1

(Apollo
, 2006
)
.

Through continual improvement
and reinvestment in the company’s
systems and employees, Riordan Manufacturing is planting
the seeds for a flourishing
company.

Figure 1
: Riordan Manufacturing


Network Overview
.
1


Over the past year, Riordan’s management and
the
IT organization have made an effort to
standardize compan
y practices and policies to better align the company sites.
Riordan



1

From “Riordan Manufacturing Intranet. Information Technology
.” (2006). Copyright Apollo Group.

Riordan Manufacturing
3

Manufacturing has automated many tasks and upgraded multiple systems to improve operational
efficiencies and be in a position to grow

and conform to changing business needs
.
Improvements

in several business areas have been made, such as, the automation and upgrade of the company’s
Human Resource Information System (HRIS),
and the implementation and integration of
Manufacturing Resource Planning (
MRP
)
,
Enterprise Resource Planning (
ERP
)
, a
nd
configuration control systems.
The company is committed to sharing data and working as one
entity. Cohesive MRP, ERP, and configuration control systems that are compatible between
locations h
ave

been a major step in securing Riordan’s future and makin
g the company
profitable
.

Albany, Georgia Network

This paper will focus on the Albany, Georgia Network
.


For

all intense purposes of this
paper,

the facility is a
single, one
-
story,
manufacturing building where plastic beverage
containers are produced. Fo
rty
-
five employees
work

at the
Albany
site.

As described in Figure
2, the

two primary
business
applications that the Albany location uses are the MRP II and ERP
systems. The MRP system provides an effective method for the planning of all resources of the

manufacturing company, including an inventory control system. The ERP system is an
extension of the MRP system and provides all core functions of the enterprise, such as the HRIS,
and payroll system.

Recent upgrades were made to the Albany

network. D
esk
top computers were upgraded
from a Windows NT environment to Windows XP. The Compaq Proliant PIII servers (file/print
and exchange servers) were upgraded to Windows 2003 Server
s
. The ERP and MRP II servers
are
HP Prol
iant servers
running HP
-
UX 11i, which

is a 64
-
bit UNIX operating system.

Riordan Manufacturing
4

Figure 2
: Albany, Georgia


Network Diagram
.
2


Albany
Network Survey

Moving down through the (Open Source Interconnection) OSI layer model, this paper
will describe what and how layer 3
-
7 protocols are used in the data

network.

Layers 5
-
7 are
known as the host layers and deal with data

units
. Layer 4, the
Transport Layer

is also

considered a host

layer, but it handles

segments (as shown in Table 1).




2

From “Riordan Manufacturing Intranet. Information Technology.” (2006). Copyright Apollo Group. Modified by
D. S
. Minahen 2009.

Riordan Manufacturing
5

Table 1

OSI Model


Note. From “OSI Model,” by Wikipedia, 2009.

Trade
mark of the Wikipedia Foundation, Inc.

The Albany facility connects to the corporate office via a functional T
-
1 line with 256K
Committed Information Rate (CIR) for e
-
mail and 1.5 Mbps CIR for Burst. A fractional T
-
1
circuit varies by Phone Company; a ful
l 1.5M T1 Frame Relay Circuit performs at half the
advertised circuit speed
.
On occasion, the provider may have to burst the speed to 1.5Mbps, but
is only c
ommitted to provide a 768K spee
d (CrossLink,
2006).

Layer 7
:
The
Application

Layer

Layer 7 is known

as the
Application

or
E
nd User layer

of the OSI model; it serves as the
window for users and
provides
application processes to
access the network

services.
This
includes all processes that use
Transport Layer

protocols to deliver data.
This layer provid
es the
actual interface between the user application and the network; the user interacts directly with this
layer
through application layer protocols, such
as FTP (via an FTP client), HTTP

(via a web
-
browser), SMTP (via an email client), and Telnet.
This
layer
also
controls the formatting of user
data (text, video, graphics,
and sound
)

(Balchunas, 2007).

Riordan Manufacturing
6

Applications, such as
the
MS Office Suite, Visio,
and
MS Project

are not at this layer; but
browsers (e.g., Internet Explorer (IE),
Netscape,
Mozilla,
and

Firefox
),
FTP,

and mail clients do
reside here
.
This layer
is the closest to the user and
it
interacts with the
operating system

or
applications whenever the user chooses to transfer
files, read messages, or perform

other
network
-
related activities
.
Layer 7

provides services to the software
/application
.
R
esource
sharing, printer access, directory services, and network management

all take place at this level
.

The
Application Layer

is
the domain of user interaction
and is
where the identity of an
end
-
user is authenticated and verified using usernames and passwords.

Users log on to the
network from their computers (e.g., Compaq Presario desktop computer

as depicted in Figure 2
).
I
f

the

user is authenticated to the server, then access is granted to network services. If not, the
user must try again or contact the help desk to initiate a password reset.
Applications should also
use strong authentication and encryption to validate and pr
o
tect data during transmission.
Furthermore, a
pplications should also implement their own security controls, allowing for
control of privilege to access resources and data
.

Special

protocols and services reside here,
such as

Telnet
(Network Terminal Protoc
ol)
and File
Transfer Protocol (FTP)

for file transfers

(
downloads

and
uploads
)
;
Simple Mail
Transfer Protocol (SMTP)

to delivery email across the
Albany and Riordan
network

infrastructure
.
Telnet provides text communication for remote login and communica
tion across
the network.
Hypertext Transfer Protocol (HTTP), which

is used to access web browser

servers

and Domain Name System (DNS) for naming the computers,
services,

and resources connected
to the Internet and the company
network (maps IP addresses to

Internet domain names) resides

at
this layer
.

DNS is used to translate computer hostnames into IP addresses. For example, in
Figure 3, the
UNIX

server hostname:
alERP

will translate

to
IP address: 205.19.63.114. DNS
Riordan Manufacturing
7

allows network administrators to ass
ign domain names to groups of users independent of their
physi
cal location (h
ostname
s

are easier to remember than IP addresses
)
.

Network devices use
the Routing Information Protocol (RIP) to exchange routing information use. RIP and DNS are
used by the p
rograms and operating routines.

Figure 3
: Server Hostnames on Albany Network.


The
Application

L
ayer

(Layer 7)

supplies
network services

to end
-
user applications.

Network services are typically
protocols

that work with user

data.

For
instance
, in a Web

browser application

the
Application
L
layer

protocol
HTTP

packages the data
that is
needed to
send and receive Web page content
.

Networking application s
ervices that are available on the Albany facility

network are
file/p
rint
,
file transfer
, and email servi
ces.
File and print services hide the network from the end
user
-

t
he file server stores files and makes them available to users

who

can read or write to the
files by using the network. Conversely, the print server allows users to print files to either o
f the
two HP
LaserJet
printers that are attached to the network.

The
Windows 2003

exchange
server
’s

major features consist of
electronic mail
,
calendaring, contacts, and
task

support for mobil
e and
web
-
based access to information

and
support for data storage.
Email clients send
e
-
mail

messages to the email server (Exchange
Server), which

hold
s

the e
-
mail until the recipient checks his or her mail.
The e
-
mail client and
server use SMTP protoco
ls at this level to manage the process of sending and receiving email
.
In
Riordan Manufacturing
8

addition, the Post Office Protocol (POP) allow
s transfer of e
-
mail, like SMTP, yet

it was
specifically designed for use between an email client and its e
-
mail server. POP cannot tr
ansfer
e
-
mail between servers
. POP also provides authentication between devices through a name and
password

(CISCO, 2004
, p. 163).

Clients use POP to obtain email from the exchange server,
while SMTP is responsible for forwarding email to other servers;
it is used to send email. The
Windows 2003 server Exchange Server needs to run both the SMTP and POP servers so
messages can be stored and retrieved from the same location. The Exchange Server also
manages web services for the Albany site.
An applicatio
n web service allows a server to present
multiple text, graphics, video, audio images
, and sounds to the
client/user.

The primary security mechanisms at the seventh layer provides authentication
.
The
Application Layer is the most open layer of the OSI mod
el
.
Layer 7 is the domain of user
interaction where the identity of an end
-
user is authenticated and verified using usernames and
passwords. Applications should also use strong authentication and encryption to validate and
protect data during transmissio
n
.
Applications should also implement their own security
controls, allowing for control of privilege to access resources and data.

Increased use of the Internet has led to an increase in security attacks
.
A security policy
should require auditing at regu
lar intervals and should report any unauthorized access or
activities. Active auditing involves responding to unauthorized logon sessions, which should be
immediately terminated, the blocking of access to hosts, and the ability to trace an unauthorized
ac
tiv
ity back to the point of origin.

The Albany network has a
security system
in place that
notifies

the system administrator in the e
vent of an attack or intrusion.

The
Application L
ayer

provides data to (and obtains data from) the
Presentation

L
ayer

(
Lay
er
6).

Riordan Manufacturing
9

Layer 6
:
The
Presentation

Layer

The
P
resentation

L
ayer

“presents”
(delivers and formats)
the
Session

L
aye
r (Layer 5)
data to the
A
pplication

L
ayer

(Layer 7)
.
Services performed at this level are
data
encryption and
compression

(data transformation)
. Layer 6

acts as the translator for the
Albany
network
.

Many
applications do

not make any
distinction between the
Pre
sentation

and
Application Layer
.

TechF
est (2001
)
describes network functionality

at Layer 6,

Protocols at the presentation layer are pa
rt of the operating system and application the
user runs in a workstation
.
Information is formatted for display or printing in this layer
.
Codes within the data, such as tabs or special graphics sequences, are interpreted
.
Data
encryption and the transl
ation of other character sets

are also handled in this layer

(TechFest, 2001)
.

Layer 6

mitigates

the

A
pplication

L
ayer
’s
(
Layer
7)

concern regarding syntactical
differences in
data

representation
within the end
-
user

systems

(Compaq P
resario desktop
computers
)
.

This layer ensures that the information the application layer of one system sends out
is readable by the

a
pplication l
ayer of another system
. Layer 6 is also
responsible for the format
and structure of the data, data conversion and compression, and data encryption

(the
representation of the data)
.
An example of a service

at this level

is

the conversion of an

EBCDIC
-
coded text
file

to an
ASCII
-
coded file

or vi
ce versa
.

Transport Layer Security (TLS) is
a cryptographic protocol

(predecessor to Secure Sockets Layer (SSL))

that ensures end
-
to
-
end
security and data integrity

over networks (including the Internet)
. This protocol is used in
Riordan’s
web
-
browsing,
electronic mail, instant messaging



the data units are formatted and
encrypted to be sent across the network.

Riordan Manufacturing
10

Another

protocol at this layer is

HTTP

(the protocol used for transferring Web pages)
,
generally regarded as an
Application L
ayer

protocol

has
Presentation

Layer

(Layer 6)

aspects
such as the ability to identify character encoding for proper conversion, which is then done in the
Application Lay
er.
This layer is concerned with data
presentation

to other systems on the
network. For instance, a
t Riordan,

Windows
-
based system
s will need to communicate with the
UNIX system that is used for inventory control.

This
layer
’s protocols

will process the

data or
put it in a format that can be read by another platform. The
Presentation L
ayer

hides the
differences, such as character sets, between machines (e.g., PC, Macintoshes,
and UNIX
).

Layer
6 will be important when employees use their home computers,

some of which are Macintoshes,
to remotely access the company network.

Data compression may also be applied at this level to improve throughput. Encryption
and decryption may be performed at this layer as well
ensuring the security of the data
as it
trav
els down the protocol stack.

The primary security mechanisms at the sixth layer provide access control.
The
Presentation Layer

provides authorization services and

verifies the right of an identified user to
perform a specified operation against specified
data.

Access controls ensure that each user and
system can access only the resource that the security policy allows.

Like the second layer,
it
provides access control to protect against unauthorized use of resources. This includes reading,
writing, or d
eletion of an information resource. It also protects against unauthorized exec
ution of
a processing resource.

T
he
Presentation

Layer

responds to service requests from the
Application Layer

and
issues service requests to the
Session Layer

(Layer 5)
.

Riordan Manufacturing
11

Layer 5:
The
Session

Layer

Layer

5
is responsible for initiating and terminating network connectio
ns

and allows
session establishment between processes running on different stations
.
Examples of the session
layer are Remote Procedure Call (RPC) functions and the login portion of a
n

SQL session

(used
to access Riordan’s database management system)
.

The

Session Layer

provides the mechanism for opening, closing and managing a
session
(s)

between end
-
user application processes. Communication sessions con
sist of requests
and responses that occur between applications.
Session

Layer

services are commonly used in
application environments that make use of
RPC
.

Session layer

services are authentication,
permissions, and session restoration.
Session Layer

pro
tocols
help

recover

a
connection w
hen it
is

dropped
,

otherwise,

if the connection is inactive

for a
period
, the
Session Layer

Protocol may
close it

or reopen it.
An example of a
Session Layer

protocol is
X.225
;

its function is
synchronization.
X.225

allo
ws information of different streams,
possibly

originating from
different sources, to be properly combined or synchronized
. An example
of a Riordan
application is web conferencing, which allows streams of audio and video

that

must be
synchronized to avoid
problems, such as lip
-
synch
.

Session Layer

protocols help manage open
sessions and application processes across the network, specifically between the ERP and MRP II
servers and the end
-
user computers.

Within the service layering semantics of the OSI netwo
rk architecture, the
Session Layer

responds to service requests from the
Presentation Layer

(Layer 6)
and issues service requests to
the
Transport Layer

(Layer 4)
.

The
Session L
ayer

coordinates the exchange o
f information
between systems

using conversational techniques, or dialogues
.
Dialogues are not always
req
uired, but some application
s

require a
means

of knowing where to restart the transmission of
Riordan Manufacturing
12

data if a connection is temporarily lost, or may require a periodic dialog to indicate the end of
one data set and the start of a new one
(TechFest
, 2001
)
.

The primary security mechanism at
the fifth layer ensures that a transferred message has
been sent and received by the non
-
repudiation of origin and delivery.
A method by which the
sender of data is provided with proof of delivery and the recipient is assured of the sender's
identity, so
that neither can later deny having processed the data (TSL)
.

In the Session Layer,
identity is the key factor, and the main controls at this layer focus on the establishment of
identity
.
Cryptography technology allows for both the reliable identification

of remote parties
and the means for protecting the exchange of data
.
This enables both parties to provide proof of
the origin and delivery of a service
.
Confirmation services and time stamps achieve this by
proving that a message was received from a spe
cific sender and delivere
d to a specific recipient
.
Passwords and other user credentials should be passed and stored in encrypted form to prevent
interception or theft
.
User accounts should have expiration dates based on both usage and fixed
time, requir
ing the update of credentials and reauthorization of access
.
Session identification
may need to be based on a cryptography technology in order to protect sensitive communications
in real
-
time environments (Reed
, 2003
).

Layer 4:
The
Transpor
t Layer

Transmi
ssion Control Protocol (
TCP
)

and
User Datagram Protocol (
UDP
) perform

at the
Transport L
ayer
.
Riordan’s

Albany Network uses CAT 5e cabling
and
is a TPC/IP network
,
theref
ore TCP is used to deliver

data from one computer to another on the network
.
TCP
ope
rates at a higher level and is concerned only with the two end systems, for example the
Riordan Web browser (IE 7.0)
,

Web server (Compaq
Proliant
Exchange Server)

and the end
user’s desktop computer
.

TCP provides reliable, ordered delivery of a stream of
bytes from a
Riordan Manufacturing
13

program on one computer to another program on another computer.

Riordan’s
Web

application,
email application, and FTP are
common applications of TCP.

TCP
also
controls segment size,
the rate at which data are exchanged

(flow control)
, and ne
twork traffic congestion

across the
Riordan network.

TCP at the
Transport L
ayer

provides source and destination port numbers that are
commonly associated with applications
.
For example, TCP port 25 is SMTP, 23 is telnet, 22 is
SSH,
and 80

is HTTP
.
These
port numbers are important
in
configuring an
Access Control List
(
ACL
) on the Riordan Windows
-
based

systems. ACLs are applied two
different
ways in
Windows security, one method

is designed to gate access, while the other is designed to audit
access.

The
Albany site will implement
, as a minimum,

the ACL process to audit access across
systems and logical ports.

Data
arriving
at the
Transport L
ayer

is called
a segment. Layer 4

is responsible for
encapsulating application data blocks (on the sending host) in
to data units (datagrams or
segments)
, which are

suitable for transfer

to the network to be forwarded

to the destination host.
The protocols at this layer establish a host
-
to
-
host communication transport medium for
applications.

TCP

is used for connectio
n
-
oriented transmissions, whereas the connectionless
User Datagram Protocol

(UDP) is used for simpler messaging transmissions.

The
Transport L
ayer

provides a hi
gh level of control for moving information between
systems, including more sophisticated error handling, prioritization, and security features.

The
Transport L
ayer

provides quality service and accurate delivery by providing
connection
-
oriented

services be
tween two end systems.

It controls the sequence of packets, regulates traffic flow,
and recognizes duplicate packets.

Layer 4

assigns packetized information a traffic number that is
checked at the destination.

If data is missing from the packet, the
T
ra
nsport L
ayer

protocol at
Riordan Manufacturing
14

the receiving end arranges with the transport layer of the sending system to have packets re
-
transmitted
.
This layer ensures that all data is received and in the proper order

(TechFest
, 2001
)
.

The primary security mechanisms at th
e fourth layer provide data integrity by protecting
against accidental or malicious alteration
.
This process prevents access to unauthorized data and
prevents unauthorized users from modifying or deleting data
.
It provides for the integrity of all
user d
ata on a connection (with or without recovery and detects any modification, insertion,
deletion or replay of data with
in an entire data unit sequence.
It also provides for the integrity of
selected fields within the user data of a data unit transferred ov
er a connection

(Computer
Security
, ND
)
.

Layer 3:
The
Network
Layer

The network layer is where the “IP” part of “TCP/IP”
occurs
.
I
nternet
P
rotocol (IP)

is
responsible for addressing in the network
.

The
Network Layer

is responsible for end
-
to
-
end
(source
to destination) packet
delivery

including
routing

through intermediate hosts
.

The
Network Layer

provides

the functional and procedural means of transferring variable
length
data

sequences from a source to a destination host via one or more networks
,

while
maintaining the
quality of service

and
error control

functions.

Any data at layer 3 is called a
packet
.

Functions of the Network Laye
r include:



Connection model



connection
-
oriented

and
connectionless

communication



Hos
t addressing


all hosts connected to the Albany network have a unique
address



Message forwarding


the Albany network is partitioned into subnetworks and
routers f
orward packets between networks

Riordan Manufacturing
15

Layer 3 handles subnet traffic control, routing, frame fragm
entation, logical and physical
address mapping (packets contain IP address).
T
he
Network Layer

responds to service requests
from the
Transport Layer

and issues service reque
sts to the
Data Link Layer

(Layer 2)
.

The
primary security mechanism at the third layer provides confidentiality.
Its purpose is to protect
data
against disclosure of infor
mation to unauthorized parties. It provides authentication and
communication with peers
.

Conclusion

The
Riordan
Albany site network
is not a complex network and seems to be
straightforward
, partly due to the size of the facility.
The protocols for layers

3 through 7 were
reviewed as they will apply to the Riordan network.

The network

is not a large network with
hundreds of computers, network devices, and various wiring methodologies. The TCP/IP
is the
common
model
and
uses
two
standard
and popular
proto
cols
: TCP an
d IP, which are

network
protocols used

across multiple environments

and works well for connectivity to the other
business sites
.
The physical layout of the network
allows for scalability and growth.

Riordan Manufacturing
16

References

Apollo Group, Inc. (2006). Riord
an Manufacturing Intranet. Information Technology. Retrieved
August 20, 2009. NTC 500


Networking

Concepts.
https://ecampus.phoenix.edu/secure/aapd/ci
st/vop/Business/Riordan/IT/RioITNetwork00
1.htm

Balchunas, A. (2007. “OSI Reference Model.” V1.12. Retrieved August 23, 2009 from
http://www.routeralley.com/ra/docs/osi.pdf
).

CISCO. (2004). Comput
er Networking: first
-
step. Indianapolis: Cisco Systems. P. 163

Computer Security.

(ND).

Retrieved August 21, 2009 from
http://www.outbacksoftware.com/security/security.html

CrossLink. (1995
-
2006). Business T1 Access.
Retrieved

August
19, 2009 from
http://www5.crosslink.net/content.cfm?id=26&tid=1

Reed, D
.
“Applying the

OSI Seven Layer Network Model t
o Information Security.

Jan. 2003.
Retrieved
August 22, 2009

from
http://www.giac.org/practice/GSEC/Damon_Reed_GSEC.pdf

TechFest. (2001). OSI Model.

Layer 6: Presentation layer
.

Retrieved August 21, 2009 from
(http://www.techfest.com/networking/prot/osi.htm)

Wikipedia. (2009)
. OSI Model.
Retrieved August 23, 2009 from
http://en.wikipedia.org/wiki/OSI_model

Riordan Manufacturing
17

Figure

Caption

Figure
1
.

Riordan Manufacturing


Network Overview
.

Figure 2.
Albany, Georgia


Network Diagram
.

Fi
gure 3.
Server Hostnames on Albany Network
.