Modelo híbrido de arquitectura de red y seguridad altamente disponible para el canal de datos, facultad de ingeniería (Bta)

Vista sencilla de ítem
dc.contributor.advisorTovar Rache, Jesús Guillermo
dc.contributor.authorRamírez Galvis, Elkin Yezith
dc.contributor.researchgroupUNeT (Universidad Nacional\'s Networking and Telecommunications Research Team)spa
dc.coverage.cityBogotá
dc.coverage.countryColombia
dc.date.accessioned2021-10-07T15:23:17Z
dc.date.available2021-10-07T15:23:17Z
dc.date.issued2021-10-05
dc.descriptionilustraciones, gráficas, tablasspa
dc.description.abstractLas arquitecturas de red híbridas permiten desempeñar un mejor papel en la distribución de los recursos y de manera muy importante mejorar la eficiencia y robustez de las redes de datos ayudando a minimizar tanto fallas de conectividad como aislar incidentes de seguridad bien sea de tipo DDoS, TCP/IP, acceso remoto, etc. Para el caso de estudio, el objeto fue identificar fallas críticas en los servicios que la comunidad universitaria usa dentro de la red LAN por medio de servidores encargados de la distribución y almacenamiento de dichos servicios. Otro punto evaluado fue la verificación de la infraestructura networking y computacional, tomando la seguridad como otro de los elementos que bajo ciertas particularidades como políticas de tráfico, usuarios y direccionamiento dentro de la facultad de ingeniería se sumaron a la identificación de las incidencias sobre ciertos activos de la información. En primer lugar, se analizaron los protocolos actuales en la distribución de tráfico y disponibilidad de los equipos ante fallas no esperadas, lo cual nos dió una solución que minimiza la cantidad de fallas en los equipos activos, el estado actual de la red de la facultad de ingeniería y como plus la mejora de la conectividad entre los diferentes dispositivos de red. En segundo lugar, se identificó el mejor uso de las VLAN’s para la prestación de los servicios de red como medio aislado es la operación de servicios bajo entornos virtuales y la debida parametrización de la política de alta disponibilidad bajo el protocolo HSRP, con el fin de garantizar un servicio de calidad para los usuarios de la red y las acciones que estos realicen. Se identificaron adicionalmente, varias actividades que bajo la metodología PMP permitieron identificar los requerimientos, evaluación de la arquitectura de red actual, recolectar datos de incidentes de seguridad y posteriormente el diseño de la red que fue simulada en el modelador GNS3. Acto seguido se realizaron diferentes escenarios como la evaluación de control de acceso administrativo mediante el protocolo SSH hacia los equipos más críticos, también se evaluó el escenario de alta disponibilidad y conectividad de los usuarios hacia los servicios (servidor FTP) para el cargue y descargue de archivos. Finalmente se recolectaron diferentes estadísticas de respuesta para cada uno de los escenarios, identificando en especial en ambientes de alta disponibilidad tiempos de menos de 2mseg, en donde cualquier dispositivo de respaldo (Ej. R3 a R4) responde ante una falla de nodo o conexión sin impactar la operación y gestión de los servicios y/o equipos responsables de mantener el funcionamiento de la red de datos. En cuanto a comunicación se evaluó que entre nodos de diferente segmento a nivel de conectividad ping, la operación y respuesta obtenida fue entre 2 y 5mseg entre los dispositivos de comunicación como por ejemplo Switches y routers, en el canal de comunicación de la facultad de ingeniería (sede Bogotá), reflejando así que el protocolo de alta disponibilidad HSRP contribuyó con los mejores resultados esperados para el modelo diseñado.spa
dc.description.abstractHybrid network architectures can play a better role in the distribution of resources and very importantly improve the efficiency and robustness of data networks, helping to minimize both connectivity failures and isolate security incidents, whether DDoS, TCP/IP, remote access, etc. For the case study, the objective was to identify critical failures in the services that the university community uses within the LAN network through servers responsible for the distribution and storage of these services. Another point evaluated was the verification of the networking and computational infrastructure, taking security as another of the elements that under certain particularities such as traffic policies, users and addressing within the faculty of engineering were added to the identification of incidents on certain information assets. Firstly, we analyzed the current protocols in the distribution of traffic and availability of equipment in the event of unexpected failures, which gave us a solution that minimizes the number of failures in the active equipment, the current state of the network of the faculty of engineering and as a plus the improvement of connectivity between the different network devices. Secondly, the best use of VLAN's was identified for the provision of network services as an isolated medium is the operation of services under virtual environments and the proper parameterization of the high availability policy under the HSRP protocol, in order to ensure a quality service for network users and the actions they perform. In addition, several activities were identified that under the PMP methodology allowed to identify the requirements, evaluate the current network architecture. The network design was then simulated in the GNS3 modeler. Then, different scenarios were performed, such as the evaluation of administrative access control through the SSH protocol to the most critical equipment, as well as the evaluation of the high availability scenario and user connectivity to the services (FTP server) for uploading and downloading files. Finally, different response statistics were collected for each of the scenarios, identifying especially in high availability environments times of less than 2msec, where any backup device (e.g. R3 to R4) responds to a node or connection failure without impacting the operation and management of the services and/or equipment responsible for maintaining the operation of the data network. In terms of communication, it was evaluated that between nodes of different segments at ping connectivity level, the operation and response obtained was between 2 and 5msec between communication devices such as switches and routers, in the communication channel of the faculty of engineering (Bogotá headquarters), thus reflecting that the HSRP high availability protocol contributed with the best results expected for the designed model.eng
dc.description.degreelevelMaestríaspa
dc.description.degreenameMagíster en Ingeniería - Telecomunicacionesspa
dc.description.researchareaRedes y sistemas de Telecomunicacionesspa
dc.format.extent106 páginasspa
dc.format.mimetypeapplication/pdfspa
dc.identifier.instnameUniversidad Nacional de Colombiaspa
dc.identifier.reponameRepositorio Institucional Universidad Nacional de Colombiaspa
dc.identifier.repourlhttps://repositorio.unal.edu.co/spa
dc.identifier.urihttps://repositorio.unal.edu.co/handle/unal/80413
dc.language.isospaspa
dc.publisherUniversidad Nacional de Colombiaspa
dc.publisher.branchUniversidad Nacional de Colombia - Sede Bogotáspa
dc.publisher.departmentDepartamento de Ingeniería de Sistemas e Industrialspa
dc.publisher.facultyFacultad de Ingenieríaspa
dc.publisher.placeBogotá, Colombiaspa
dc.publisher.programBogotá - Ingeniería - Maestría en Ingeniería - Telecomunicacionesspa
dc.relation.references[1]M. Zareei, E. Mahmoud Mohamed, M. H. Anisi, C. Vargas Rosales, K. Tsukamoto y M. Khurram Khan, «On-Demand Hybrid Routing for Cognitive Radio Ad-Hoc Network,» IEEE Access, vol. 4, pp. 8294-8302, 2016.spa
dc.relation.references[2]X. Yu, H. Xu, H. Gu y H. Lan, «Thor: A scalable hybrid switching architecture for data centers,» IEEE Transactions on Communications, vol. 66, nº 10, pp. 4653-4665, 1 10 2018.spa
dc.relation.references[3]J.-B. Yang, C.-T. Wu y C.-H. Tsai, «Selection of an ERP system for a construction firm in Taiwan: A case study,» Automation in Construction, vol. 16, nº 6, pp. 787-796, 9 2007.spa
dc.relation.references[4]Z. Wu y M. Xiao, «Performance evaluation of VPN with different network topologies,» de 2019 2nd International Conference on Electronics Technology, ICET 2019, 2019.spa
dc.relation.references[5]L. Wei, H. Zhu, Z. Cao, X. Dong, W. Jia, Y. Chen y A. V. Vasilakos, «Security and privacy for storage and computation in cloud computing,» Information Sciences, vol. 258, pp. 371-386, 2 2014.spa
dc.relation.references[6]J. Wang y L. Cheng, «qSDS: A QoS-Aware I/O scheduling framework towards software defined storage,» de 2015 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS), 2015.spa
dc.relation.references[7]M. van Oosterhout, E. Waarts y J. van Hillegersberg, «Change factors requiring agility and implications for IT,» European Journal of Information Systems, vol. 15, nº 2, pp. 132-145, 19 4 2006.spa
dc.relation.references[8]E. J. Umble, R. R. Haft y M. Umble, «Enterprise resource planning: Implementation procedures and critical success factors,» European Journal of Operational Research, vol. 146, nº 2, pp. 241-257, 4 2003.spa
dc.relation.references[9]M. Suchara, D. Xu, R. Doverspike, D. Johnson y J. Rexford, «Network architecture for joint failure recovery and traffic engineering,» de Proceedings of the ACM SIGMETRICS joint international conference on Measurement and modeling of computer systems - SIGMETRICS '11, New York, New York, USA, 2011.spa
dc.relation.references[10]M. Sookhak, H. Tang, Y. He y F. R. Yu, «Security and Privacy of Smart Cities: A Survey, Research Issues and Challenges,» IEEE Communications Surveys & Tutorials, pp. 1-1, 2018.spa
dc.relation.references[11]S. Shenbagavalli y S. Karthikeyan, «An efficient low power NoC router architecture design,» de 2015 Online International Conference on Green Engineering and Technologies (IC-GET), 2015.spa
dc.relation.references[12]M. Sheghdara y J. Hassine, «Automatic retrieval and analysis of high availability scenarios from system execution traces: A case study on hot standby router protocol,» Journal of Systems and Software, vol. 161, 1 3 2020.spa
dc.relation.references[13]F. Righetti, C. Vallati y G. Anastasi, «IoT Applications in Smart Cities: A Perspective Into Social and Ethical Issues,» de 2018 IEEE International Conference on Smart Computing (SMARTCOMP), 2018.spa
dc.relation.references[14]C. Rath, T. Niedermair y T. Zefferer, «Towards a Personal Security Device,» 2016, pp. 1-16.spa
dc.relation.references[15]M. R. K. Naik y P. Samundiswary, «Wireless body area network security issues — Survey,» de 2016 International Conference on Control, Instrumentation, Communication and Computational Technologies (ICCICCT), 2016.spa
dc.relation.references[16]B. Metcalfe, «The Next-Generation Internet,» IEEE Internet Computing, vol. 4, nº 1, pp. 58-59, 2000.spa
dc.relation.references[17]N. McKeown, T. Anderson, H. Balakrishnan, G. Parulkar, L. Peterson, J. Rexford, S. Shenker y J. Turner, «OpenFlow,» ACM SIGCOMM Computer Communication Review, vol. 38, nº 2, p. 69, 31 3 2008.spa
dc.relation.references[18]MCB University Press., Journal of organizational change management., MCB University Press, 1988.spa
dc.relation.references[19]J. Matejka, P. Podhradsky y J. Londak, «Security manager for hybrid broadcast broadband architecture evolution,» de 2016 International Symposium ELMAR, 2016.spa
dc.relation.references[20]A. Manzoor, M. Hussain y S. Mehrban, «Performance Analysis and Route Optimization: Redistribution between EIGRP, OSPF & BGP Routing Protocols,» Computer Standards and Interfaces, vol. 68, 1 2 2020.spa
dc.relation.references[21]S. Lunawat y A. Patankar, «Efficient architecture for secure outsourcing of data and computation in hybrid cloud,» de 2014 International Conference on Reliability Optimization and Information Technology (ICROIT), 2014.spa
dc.relation.references[22]M. Ljubojević, A. Bajić y D. Mijić, «Implementation of High-Availability Server Cluster by Using Fencing Concept,» de 2019 18th International Symposium INFOTEH-JAHORINA, INFOTEH 2019 - Proceedings, 2019.spa
dc.relation.references[23]H. Leitold, A. Hollosi y R. Posch, «Security architecture of the Austrian citizen card concept,» de 18th Annual Computer Security Applications Conference, 2002. Proceedings..spa
dc.relation.references[24]A. M. Khalaf, M. S. E. Salam y K. A. Ahmed, «Investigation of different ethernet wiring and different frame size to enhance the performance of LAN,» de International Conference on Advanced Communication Technology, ICACT, 2017.spa
dc.relation.references[25]A. Kanungoe y G. Das, «A novel OLT protection for hybrid WDM-TDM optical access networks,» de 2014 IEEE International Conference on Advanced Networks and Telecommuncations Systems (ANTS), 2014.spa
dc.relation.references[26]T. Janevski, NGN architectures, protocols, and services.spa
dc.relation.references[27]Institute of Electrical and Electronics Engineers. y IEEE Computer Society., IEEE transactions on cloud computing..spa
dc.relation.references[28]C.-T. Hsuan, «The research on “application of the third party policing to social security”,» de 2011 IEEE International Summer Conference of Asia Pacific Business Innovation and Technology Management, 2011.spa
dc.relation.references[29]S. Hong, J. P. Jue, P. Park, H. Yoon, H. Ryu y S. Hong, «Survivable virtual topology design in multi-domain optical networks,» Journal of Optical Communications and Networking, vol. 8, nº 6, pp. 408-416, 1 6 2016.spa
dc.relation.references[30]A. Hameed y M. Wasim, «On the study of SDN for emulating virtual lans,» de 2019 8th International Conference on Information and Communication Technologies, ICICT 2019, 2019.spa
dc.relation.references[31]B. T. Haghighi, M. Othman y F. H. Hashim, «Internet addiction and dependency: A case study in UNITEN, Malaysia,» de 2011 International Conference on Information Technology and Multimedia: "Ubiquitous ICT for Sustainable and Green Living", ICIM 2011, 2011.spa
dc.relation.references[32]S. Gupta, S. C. Misra, N. Kock y D. Roubaud, «Organizational, technological and extrinsic factors in the implementation of cloud ERP in SMEs,» Journal of Organizational Change Management, vol. 31, nº 1, pp. 83-102, 12 2 2018.spa
dc.relation.references[33]P. Gill, N. Jain y N. Nagappan, «Understanding network failures in data centers,» ACM SIGCOMM Computer Communication Review, vol. 41, nº 4, p. 350, 22 10 2011.spa
dc.relation.references[34]H. Emesowum, A. Paraskelidis y M. Adda, «Fault tolerance capability of cloud data center,» de 2017 13th IEEE International Conference on Intelligent Computer Communication and Processing (ICCP), 2017.spa
dc.relation.references[35]K. Chopra, K. Gupta y A. Lambora, «Future Internet: The Internet of Things-A Literature Review,» de Proceedings of the International Conference on Machine Learning, Big Data, Cloud and Parallel Computing: Trends, Prespectives and Prospects, COMITCon 2019, 2019.spa
dc.relation.references[36]J. Bohn, V. Coroamă, M. Langheinrich, F. Mattern y M. Rohs, «Social, Economic, and Ethical Implications of Ambient Intelligence and Ubiquitous Computing,» de Ambient Intelligence, Berlin/Heidelberg, Springer-Verlag, pp. 5-29.spa
dc.relation.references[37]R. Amin, N. Shah y W. Mehmood, «Enforcing optimal [2] policies using K-partite graph in hybrid SDN,» Electronics (Switzerland), vol. 8, nº 6, 1 6 2019.spa
dc.relation.references[38]R. Amin, N. Shah, B. Shah y O. Alfandi, «Auto-Configuration of ACL Policy in Case of Topology Change in Hybrid SDN,» IEEE Access, vol. 4, pp. 9437-9450, 2016.spa
dc.relation.references[39]P. Amaral, P. F. Pinto, L. Bernardo y A. Mazandarani, «Application Aware SDN Architecture using Semi-supervised Traffic Classification,» de 2018 IEEE Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2018, 2018.spa
dc.relation.references[40]L. Alouache, N. Nguyen, M. Aliouat y R. Chelouah, «Toward a hybrid SDN architecture for V2V communication in IoV environment,» de 2018 Fifth International Conference on Software Defined Systems (SDS), 2018.spa
dc.relation.references[41]V. A. Almeida, D. Doneda y M. Monteiro, «Governance challenges for the internet of things,» IEEE Internet Computing, vol. 19, nº 4, pp. 56-59, 1 7 2015.spa
dc.relation.references[42]A. K. Al Mhdawi y H. S. Al-Raweshidy, «IPRDR: Intelligent power reduction decision routing protocol for big traffic flood in hybrid-SDN architecture,» IEEE Access, vol. 6, pp. 10944-10955, 30 1 2018.spa
dc.relation.references[43]A. Aguado, V. Lopez, J. Martinez-Mateo, T. Szyrkowiec, A. Autenrieth, M. Peev, D. Lopez y V. Martin, «Hybrid conventional and quantum security for software defined and virtualized networks,» Journal of Optical Communications and Networking, vol. 9, nº 10, pp. 819-825, 1 10 2017.spa
dc.relation.references[44]«Transition to NGN and Future Evolution,» de NGN Architectures, Protocols and Services, Chichester, UK, John Wiley & Sons, Ltd, 2014, pp. 301-332.spa
dc.relation.references[45]«SDNMS: A software defined network measurement system for NFV networks - IEEE Journals & Magazine,» [En línea]. Available: https://ieeexplore-ieee-org.ezproxy.unal.edu.co/document/8695258.spa
dc.relation.references[46]IEEE P802.3/D3.0, March 2015 (Revision of IEEE Std 802.3-2012).spa
dc.relation.references[47]«Data Security in the Cloud,» [En línea]. Available: https://ieeexplore-ieee-org.ezproxy.unal.edu.co/courses/details/EDP472.spa
dc.relation.references[48]«Cloud Computing Definition, Reference Architecture, and General Use Cases,» [En línea]. Available: https://ieeexplore-ieee-org.ezproxy.unal.edu.co/courses/details/EDP382.spa
dc.relation.references[49]«A survey of ethernet LAN security,»[En línea]. Available: https://ieeexplore-ieee-org.ezproxy.unal.edu.co/document/6407456spa
dc.relation.references[50]«A Survey on Wireless Security: Technical Challenges, Recent Advances, and Future Trends,»[En línea]. Available: https://ieeexplore-ieee-org.ezproxy.unal.edu.co/document/7467419spa
dc.relation.references[51]T. Zhang, M. Chen, X. Wei, B. Chen and C. Hu, "SDNMS: A software defined network measurement system for NFV networks," in China Communications, vol. 16, no. 4, pp. 59-74, April 2019.spa
dc.relation.references[52]A. K. Al Mhdawi and H. S. Al-Raweshidy, "iPRDR: Intelligent Power Reduction Decision Routing Protocol for Big Traffic Flood in Hybrid-SDN Architecture," in IEEE Access, vol. 6, pp. 10944-10955, 2018.spa
dc.rightsDerechos reservados al autorspa
dc.rights.accessrightsinfo:eu-repo/semantics/openAccessspa
dc.rights.licenseAtribución-NoComercial 4.0 Internacionalspa
dc.rights.urihttp://creativecommons.org/licenses/by-nc/4.0/spa
dc.subject.ddc000 - Ciencias de la computación, información y obras generales::004 - Procesamiento de datos Ciencia de los computadoresspa
dc.subject.proposalscalableeng
dc.subject.proposalTelecommunicationseng
dc.subject.proposalTICeng
dc.subject.proposalModelos de red y datosspa
dc.subject.proposalTCP/IP (Protocolo de Control de Transmisión/Protocolo de Internet)spa
dc.subject.proposalescalablespa
dc.subject.proposalTelecomunicacionesspa
dc.subject.proposalTICspa
dc.subject.proposalTCP/IP (Transmission Control Protocol/Internet Protocol)eng
dc.subject.proposalNetwork and data modelseng
dc.subject.proposalOSI ( Interconexión de Sistemas Abiertos)spa
dc.subject.proposalOSI (Open Systems Interconnection)eng
dc.subject.proposalRedes de datosspa
dc.subject.proposalData Networkseng
dc.subject.spinesRedes de informaciónspa
dc.subject.spinesInformation networkseng
dc.subject.spinesAnálisis de redesspa
dc.subject.spinesNetwork analysiseng
dc.titleModelo híbrido de arquitectura de red y seguridad altamente disponible para el canal de datos, facultad de ingeniería (Bta)spa
dc.title.translatedHighly available hybrid network architecture and security model for the data channel, faculty of engineering (Bta)eng
dc.typeTrabajo de grado - Maestríaspa
dc.type.coarhttp://purl.org/coar/resource_type/c_bdccspa
dc.type.coarversionhttp://purl.org/coar/version/c_ab4af688f83e57aaspa
dc.type.contentTextspa
dc.type.driverinfo:eu-repo/semantics/masterThesisspa
dc.type.redcolhttp://purl.org/redcol/resource_type/TMspa
dc.type.versioninfo:eu-repo/semantics/acceptedVersionspa
dcterms.audience.professionaldevelopmentInvestigadoresspa
dcterms.audience.professionaldevelopmentPúblico generalspa
oaire.accessrightshttp://purl.org/coar/access_right/c_abf2spa

Archivos

Bloque original

Mostrando 1 - 1 de 1
Miniatura
Nombre:
1016004990.2021.pdf
Tamaño:
4.48 MB
Formato:
Adobe Portable Document Format
Descripción:
Tesis de Maestría en Ingeniería - Telecomunicaciones
Descargar

Bloque de licencias

Mostrando 1 - 1 de 1
No hay miniatura disponible
Nombre:
license.txt
Tamaño:
3.87 KB
Formato:
Item-specific license agreed upon to submission
Descripción:
Descargar

Colecciones

Maestría en Ingeniería - Telecomunicaciones