Intern- A Nightmare at Sonali Bank Limited

Overview of Data Center, Network Infrastructure and Monitoring System of Sonali Bank Limited



A Practicum Report Submitted By

Abdullah Al Masud

ID# 13103050

In Partial Fulfillment of the Requirements for the Award of

Bachelor of Computer Science and Engineering



Department of Computer Science and Engineering

College of Engineering and Technology

IUBAT– International University of Business Agriculture and Technology


Summer 2017

Letter of Transmittal



16th August 2017

Chairman, Practicum & Placement Board

College of Engineering and Technology (CEAT)

IUBAT- International University of Business Agriculture and Technology

4 Embankment Drive Road, Sector-10

Uttara Model Town, Dhaka-1230, Bangladesh.


Subject: Letter of Transmittal.


Dear Sir,


With due respect, I would like to approach you that it is a great opportunity as well as immense pleasure for me to submit this practicum project titled as “Overview of Data Center, Network Infrastructure and Monitoring System of Sonali Bank Limited.” for the partial fulfillment of the requirement of Bachelor in Computer Science & Engineering degree.

It was undoubtedly a wonderful opportunity for me to work on this project to actualize my theoretical knowledge and great experience in the corporate environment.

I have given my best effort to the project and hope you will appreciate the project report and oblige thereby.


Sincerely yours



Abdullah Al Masud

ID# 13103050

Program: BCSE

Letter of Acceptance




This is to certify that Abdullah Al Masud, ID: 13103050, program of BCSE is a regular student of Department of Computer Science and Engineering under the College of Engineering and Technology (CEAT), IUBAT–International University of Business Agriculture and Technology. He has successfully completed his Internship in Sonali Bank Ltd. and has prepared this project under my supervision. His assigned internship topic is entitled as “Overview of Data Center, Network Infrastructure and Monitoring System of Sonali Bank Limited”

He is very active, sincere, hard-working, and careful as well as possesses good moral character.

I wish him all success at every step of his life.






Md. Alamgir Bhuyan

Assistant Professor

Department of Computer Science and Engineering



Letter of Authorization


This is to certify that Abdullah Al Masud, ID: 13103050, program of BCSE is a regular student of Department of Computer Science and Engineering under the College of Engineering and Technology (CEAT), IUBAT–International University of Business Agriculture and Technology. He has successfully completed his Internship program in Sonali Bank Ltd. and has prepared this project under the supervision of Md. Alamgir Bhuyan. His assigned internship topic is entitled as “Overview of Data Center, Network Infrastructure and Monitoring System of Sonali Bank Limited”


He is very active, sincere, hard-working, and careful as well as possesses good moral




We wish him all successes at every step of his life.







(Supervisor)                                          (Coordinator)                                           (Chair)






Md. Alamgir BhuyanDr. Utpal Kanti DasDr. Abdul Haque
Asst. Professor     CoordinatorChair
Department of Department ofDepartment of
Computer Science Computer ScienceComputer Science
and Engineering and Engineeringand Engineering


In the name of ALLAH who is the most merciful and the most graceful

At first, I am very appreciative to our honorable Vice Chancellor Prof. Dr. M. Alimullah Miyan (Founder of IUBAT) for giving me chance to study in this university. I would like to express my hearty respect to the chair of CEAT, Prof. Dr. Md. Monirul Islam, and chair of CSE Dept. Prof. Dr. Abdul Haque.

I am especially thankful to Dr. Utpal Kanti Das, Respected Coordinator, Department of Computer Science and Engineering, IUBAT for his better direction and sustain throughout the semester.

I am really pleased and proud to express my feeling of gratefulness and profound respect to my

internship Supervisor Md. Alamgir Bhuyan, Assistant Professor, Department of Computer Science and Engineering, IUBAT for his scholastic guidance, helpful and unwiring efforts to execute this report. He has been a constant shield of support and guidance for me and without him, it would not have been possible to complete this successfully.

Finally, I am extremely indebted to the DGM Kabita Kolpona Lota (IT Division 1) and Rezaul Karim(SPO) for giving me such a great opportunity to work here. I must acknowledge my supervisor Md. Mamunur Rashid Bhuian(SPO), Head of System & Network, pleasing me as an intern in Sonali Bank Ltd. I also express my honor and respect to Md. Ajimul Haque Khan-PO (Network Admin), Mohammed Rahat Hasan Khan – Senior Officer (Network Admin), Syed Shoyeb Chowdhury – Head of Core Team and Ahmed Shamim- Head of LAN Team, Md. Al-Amin- Senior Officer LAN, Md. Mahbub Alam- Officer WAN for giving me immense support. Not only they have taught me everything from the start but also, they have given me a friendly and comfortable environment that has increased my interest in learning over there. Once again, I would like to thank everyone for giving me this platform of knowledge.

Student’s Declaration

I am Abdullah Al Masud, ID: 13103050, a student of IUBAT-International University of Business Agriculture and Technology. I am declaring that the project has been prepared for the fulfillment of CSC 490 Practicum, as the partial fulfillment of Bachelor of Computer Science and Engineering. I am also declaring that this project has not been prepared or submitted by me before for any Degree, Diploma, and title or Recognition.

It has not been prepared previously for any other purpose, reward or presentation by any one rather than me.


Abdullah Al Masud

ID# 13103050

Program: BCSE


Table of Contents


Letter of Transmittal……………………………………………………………………………..ii

Letter of Acceptance……………………………………………………………………………..iii

Letter of Authorization……………………………………………………………………………iv



Student’s Declaration…………………………………………………………………………….vii

Table of Contents ………………………………………………………………………………..viii

Executive Summary……………………………………………………………………………..xiv

Chapter 01. 1

Introduction. 1

1.1        Overview.. 1

1.2      Objectives of BCSE Program.. 2

1.3        Objectives of Internship Program.. 2

1.4        Source of the Project 3

1.5        Broad Objective. 3

1.6        Specific Objectives. 3

1.7        Background of the Project 4

1.8        Utility of the Project 4

1.9        Methodology. 4

1.10     Limitation of this Project 5

Chapter 02. 6

Organization Overview.. 6

2.1 Networks in Our Daily Lives. 6

2.1.1 Technology Then and Now.. 7

2.1.2 Use of Internet in Bangladesh. 7

2.3 Profile of Sonali Bank Ltd. 7

2.3.1 Background of Sonali Bank Ltd. 8

2.3.2 Corporate Profile. 10

2.4 Services of Sonali Bank. 11

2.5 Network Vendors of Sonali Bank. 11

2.6 The vision. 12

2.8 The Mission. 12

2.9 Organization Summary. 12

2.10 Divisions of Head Office. 13

2.11 Board of Directors. 14

2.12 Contact Details of the Organization. 16

3.1 What is Network Cabling?. 17

3.1.1 Unshielded Twisted Pair (UTP) Cable: 18 Categories of Unshielded Twisted Pair 18 Unshielded Twisted Pair Connector 19

3.1.2 Shielded Twisted Pair (STP) Cable. 20

3.1.3 Coaxial Cable. 20 Coaxial Cable Connectors. 21

3.1.4 Fiber Optic Cable. 21

3.2 Installing Cable – Some Guidelines. 23

3.3 Ethernet Cable Wiring. 23

3.3.1 Straight-Through Wired Cables. 23

3.3.2 Crossover Wired Cables. 24

3.3.3 Rollover Wired Cables. 25

3.4 Wireless LANs. 26

3.4.1 Wireless standards and speeds. 27

3.4.2 Wireless Security. 27

3.4.3 Advantages of wireless networks: 29

3.4.4 Disadvantages of wireless networks: 29

Chapter-04. 30

Network Hardware & Organization Devices. 30

4.1 What is Networking Hardware?. 30

4.1.1 File/Network Servers. 31

4.1.2 Workstations. 32

4.1.3 Laptops/Mobile Devices. 32

4.1.4 Network Interface Cards. 32 Ethernet Cards. 32 Wireless Adapters. 33

4.1.5 Switches. 33

4.1.6 Repeaters. 33

4.1.7 Bridges. 34

4.1.8 Routers. 34

4.1.9 Firewalls. 36

4.2 Organization Devices. 37





4.2.5 DMZ ROUTER.. 43

4.2.6 DMZ SWITCH.. 44




Chapter-05. 50

Computer Network, Topology, IP & Subnetting. 50

5.1 Network. 50

5.2 Computer Network. 50

5.2.1 LAN-Local Area Network. 51 VLAN.. 52 Advantage of VLAN.. 53

5.2.2 MAN-Metropolitan Area Network. 54

5.2.3 WAN- Wide Area Network. 54

5.3 What is a Network Topology?. 55

5.3.1 BUS Topology. 55

5.3.2 RING Topology. 56

5.3.3 STAR Topology. 58

5.3.4 MESH Topology. 59

5.3.5 TREE Topology. 60

5.3.6 HYBRID Topology. 61

5.3.7 Considerations When Choosing a Topology. 62

5.4 Network IP. 62

5.5 IP Version. 63

5.5.1 IPv4 Addresses. 63

5.5.2. IPv6 Addresses. 64

5.6 Subnetting. 64

5.7 Static IP. 65

5.8 Dynamic IP. 66

Chapter-06. 67

Network Infrastructure & Data Centre. 67

6.1 Overview of Sonali Bank Network. 67

6.1.1 Core Layer 68

6.1.2 Distribution layer 68

6.1.3 Access layer 69

6.2 Benefits of Three-Layer Hierarchical Model 69

6.3 Upstream.. 69

6.4 Network distribution. 70

6.5 POP. 70

6.5 Data Centre. 70

6.5.1 Data center consolidation and colocation. 72

6.5.2 Data center tiers. 72

6.5.3 Data center architecture and design. 73

6.5.4 Energy consumption and efficiency. 74

6.5.5 Data center security and safety. 75

6.5.6 Data center infrastructure management and monitoring. 76

Chapter 07. 78

Network Monitoring. 78

7.1 Sonali Bank IT Dept. Hierarchy. 78

7.1.1 IT Division 1: 78

7.1.2 IT Division 2: 79

7.2 Overview of Network Monitoring System.. 80

7.3 Responsibility of Monitoring Center 81

7.4 Monitoring Tools of Sonali Bank LTD. 81

7.4.1 NPM- Network Performance Monitor 81

7.4.2 Netflow Traffic Analyzer 86

7.4.3 SAM- Server & Application Monitor 92

7.4.4 Live Branch. 98

7.5 Network Monitoring Center of Sonali Bank Ltd. 98

7.5.1 Upstream.. 99

7.5.2 Vendor 99

7.5.3 Downstream.. 99

7.6 Limitation. 99

Chapter 08. 100

Real Life Problem Identification and Solution of NOC Data. 100

8.1 NOC (Network Operation Center) 100

8.2 Analysis of Sonali Bank NOC Data. 101

8.2.1 Major Network Disruption Issues. 103

8.3 Graph of Service Disruption Frequency. 103

8.4 Solution of Network Disruption. 104

Chapter-09. 106

Core Risks & Cyber Risks. 106

9.1        Managing Core Risk in Banking: Investment Risk Management 106

9.1.1 Credit Risk/ Investment Risk Management 107

9.1.2 Asset and Liability / Balance Sheet Risks. 107

9.1.3 Foreign Exchange Risk Management: 108

9.1.4 Internal Control & Compliance Risks Management 108 Definition: 108 Objectives of Internal Control and Compliance (ICC): 108 Functions of ICCD.. 109 Monitoring Unit 109 Audit and Inspection Unit 109

9.1.5 Money Laundering Risk Management: 110

9.1.6 IT Risk Management 111

9.1.7 Environment Risk Management 111

9.2        Cyber Risks. 112

9.2.1         Business Email Compromise (BEC): 112

9.2.2         Distributed Denial of Service (DDoS): 112

9.2.3         Malware: 113

9.2.4         Phishing: 113

9.2.5         Ransomware: 113

9.3        Strixus: A Solution to External Cyber Threats. 114

Chapter-10. 115

Conclusion. 115

10.1 Conclusion. 115

10.2 Books and Data. 117


Executive Summary


The banking system plays a critical role in underpinning economic development. Against the background of Financial Sector Reform Policy in Bangladesh, Sonali Bank Limited (SBL) has resulted in great success in all areas of operation with a view to improve the socio-economic development of the country.

Banking is a very important sector for the development of any economy. Sonali Bank Limited is one of the most renowned banks in our country, which is successfully operating, from several decades. For the keen interest of my university as well as the bank. I have worked in the General Banking System. I have chosen this topic of my internship reports because it helps me to a practical acquaintance on the general banking. Secondary I tried to identify the problem and find out the solution to the shortcoming the general banking and provide the suggestion that may supportive for the betterment of the system thought to compare it with other banks.

This help to know the overall function of the Sonali Bank Limited. While I work on the general banking, I had to know deposit, cash remittance and clearing and accounts department. I have shown different types of account that are provided by the SBL as well as the procedure of opening, maintain and closing of them. All the aspects of remittance are also covered. Others services which are provided by SBL are described in the theoretical part. Supplementary belonging, which is relevant to General Banking such as clearance and cash handling procedure, are including s well. To fulfill the objective, I have done the analysis of some numerical data and showed them with the help of significant graph. The graph shows a clear up word trend SBL’s continues success regarding the financial position and the effect of General Banking of the Foreign Exchange Branch as well as the SBL.

The necessary recommendation is provided to hold the services, which are accelerated by the bank according to the analysis of the report. SBL is institutions this is not only serving people and special service but also with great coverage. For this reason, the profit of SBL is drastically increased from about the last decade, which is clear from the analysis of this report.






Chapter 01






1.1   Overview

Due to globalization and advancement of science and technology it is impossible to even think of a day without information technology. Information plays a huge role in every aspect of life whether in studies, business, communication and everyday life. This project is named as “Data Center, Network Infrastructure and Monitoring System of Sonali Bank Limited.” In my project, I have used some monitoring tools and their banking software to monitor the network and how they serve their clients and give prompt service to branches from their support team of Sonali Bank Ltd.

1.2 Objectives of BCSE Program

The BCSE Program prepares students for a professional career in IT field. The program aims at producing graduates capable of developing and operating computer systems. The areas of computer science have been integrated with computer engineering in a single bachelor’s degree program which enables CEAT to develop manpower capable of handling problems related to both software and hardware to provide country’s ever-increasing need for manpower in the field of computer. The BCSE degree thus help in the promotion and transfer of technology which is rapidly developing and will also prepare students for advanced graduate studies in computer science and computer engineering. The BCSE Program is of 140 credit hours and it requires 4 years for a full-time student to complete the program including a comprehensive and a practicum in a IT or related organization.

1.3  Objectives of Internship Program

IUBAT-International University of Business Agriculture and Technology place a great emphasis on the value of practical work experience in BCSE program. IUBAT places its fourth-year student’s participants of the PRACTICUM with a suitable business or IT organizations. This PRACTICUM is an integral component of the computer science program, worth 9 credits hours. The outcome of the assigned PRACTICUM work of each student must be presented by them in the form of full project which is graded by the College of Engineering and Technology, and a copy of which is submitted to the PRACTICUM organization.

The BCSE program prepares a student for professional career in IT field by academic orientation through 55 credit courses with specialization in a major computer area, and by exposing them to an off-campus job experience through PRACTICUM.

The PRACTICUM requires a student to translate his/her learning into action through an on the job exposure and an opportunity to apply theoretical concepts to real life situations. The PRACTICUM takes the form of a placement-cum-project work based on some real-life IT operations. In the PRACTICUM phase, a student’s is placed in a department which will enable him/her to work within his/her area of concentration. The student is required to submit a project and detent it before an interview board which will include academics, practitioners and organizational representatives. The student must earn a passing grade to identify in the PRACTICUM.

Through the PRACTICUM, the students can have a leading edge along with a moderate possibility of entering into a job within the organization.

1.4  Source of the Project

This project has been prepared as an integral part of the internship program for the PRACTICUM at the University of IUBAT-International University of Business Agriculture and Technology, Uttara, Dhaka. Sonali Bank Ltd. was nominated me in the organization for my practicum attachment. While Honorable faculty members Dr. Abdul Haque-Chair, Dr. Utpal Kanti Das- Coordinator and Md. Alamgir Bhuyan- Assistant Professor of Department of Computer Science and Engineering are the persons belong to the university.  Those person’s kind considerations to academically, supervise the internship program. Also, the organization Sonali Bank Ltd. is giving me highly information to make this project.

1.5  Broad Objective

The primary objective of the project is to fulfill requirement of BCSE program for 9 credit internship purpose based on practical work at the organization.

1.6  Specific Objectives

Following are the secondary objectives that the project will try to accomplish: –

  • Understanding the basic networking
  • Network monitoring
  • Understanding about Banking system
  • Alarm monitoring for network monitoring purpose
  • Understanding the basic fiber transmission
  • Understanding the data transmission
  • Analyzing the Cyber risks of a banking technology

1.7  Background of the Project

This project is based on P2P connection and Radio connection technology on network monitoring and maintenance of Sonali Bank Ltd. This project is the combination of 12 weeks internship program. This project can be very important for any IT company, ICT company, any Banks, Group of Business Company Ltd, officer and stuffs for understanding about the Banking technology, Radio connectivity, secured data transmission, Setup of secured tunnel or VPN, Alarm monitoring and how to manage the NOC (Network Operation Center) of L1 and L2 for maintenance purposes of Sonali Bank Ltd.

1.8  Utility of the Project

The utility of this project is to understand about the Banking technology. For understanding the Banking network, one need to have the basic idea about computer network. For this reason, I prepare Network Monitoring and Maintenance of Sonali Bank Ltd. One chapter named as “Network Technology, Topology and IP Addresses”. On that chapter, I described many fundamental things about computer network including the LAN, MAN, WAN etc. Also, the later chapter describe about the FTTH network and how it works. Finally, the finishing chapters describes about the monitoring tools, techniques and alarms and the disruption solution of Sonali Bank Ltd.

1.9  Methodology

In this project, I have done my data- information collection part step by step. These steps are given bellow:

  • Primary data are collected from Sonali Bank Ltd.
  • Secondary data are collected from different website like Wikipedia, search-networking, network-bulls and from my supervisors.
  • For the purpose of documentations and other knowledge based information I have read different books, e-books, online pdf and ppt etc.

1.10     Limitation of this Project

As our practicum course only 4 months, in this time this is not possible to know everything about big field of banking technology, security system, network monitoring and managing the data center. As a result, it was not possible to prepare a complete project such as statistics, financial involvement etc. regarding this topic.

One of the limitations of this internship project is constraints of time. Also, it is very difficult to

develop the whole network diagram design and find out the limitations of the network for such

a one of the largest bank like Sonali Bank. In some case like core network, server and transmission, authority does not allow me to access those for their security concern.  For this reason, the scope of the project has become short.

Another limitation is to use the actual device and software to make the project part.





Chapter 02




Organization Overview


2.1 Networks in Our Daily Lives

Among all of the essentials for human existence, the need to interact with others ranks just below our need to sustain life. Communication is almost as important to us as our reliance on air, water, food, and shelter.

In today’s world, through the use of networks, we are connected like never before. People with ideas can communicate instantly with others to make those ideas a reality. News events and discoveries are known worldwide in seconds. Individuals can even connect and play games with friends separated by oceans and continents.

            2.1.1 Technology Then and Now

Imagine a world without the Internet. No more Google, YouTube, instant messaging, Facebook, Wikipedia, online gaming, Netflix, iTunes, and easy access to current information. No more price comparison websites, avoiding lines by shopping online, or quickly looking up phone numbers and map directions to various locations at the click of a button. How different would our lives be without all of this? That was the world we lived in just 15 to 20 years ago. But over the years, data networks have slowly expanded and been repurposed to improve the quality of life for people everywhere.

2.1.2 Use of Internet in Bangladesh

A new social class is being created, mainly amongst the young generation who find the Internet an effective tool for their career development and globalization of their thoughts and creativity. Many Internet users have stated that a whole new world has been opened to them, they are getting a new source of knowledge, and they are also marketing relations with many good friends and organizations worldwide. But some say that going online is a very costly habit, which sometimes appears as an addiction and causes a big waste of time. A group of young people, notable from the affluent section of the society, is abusing the Internet by using it mostly for entertainment, which is certainly not a healthy practice for a poor country like us. But the saddest news is that Bangladesh has not yet to set up an academic network to provide Internet access to the large number of university teachers, students, scientists, researchers who play vital roles in building a better nation.

2.3 Profile of Sonali Bank Ltd.

I have chosen Networking and Banking industry to do my internship and the name of the company is Sonali Bank Ltd. It is a govt. Bank of Bangladesh. It provides the services like Finance and insurance, Consumer Banking, Corporate Banking, Investment Banking, Investment Management etc.

Sonali Bank has a total of 1210 branches. Out of them, 343 are located in urban areas, 862 in rural areas, and 2 are located overseas. It also operates the Sonali Exchange Company Inc. in USA and Sonali Bank (UK) Ltd., United Kingdom, to facilitate foreign exchange remittances. Sonali Bank UK remits up to 14 destinations across Bangladesh directly, these include Dhaka, Chittagong, Sylhet, Moulvibazar, Beanibazar, Balaganj, Biswanath, Jagannathpur, Sunamganj, Gopalganj, Nabigonj, Hobigonj, Kulaura or Tajpur. There are currently three branches in the UK, one located in Osborn Street, London, another in Small Heath; Birmingham and in Manchester.

2.3.1 Background of Sonali Bank Ltd.

Soon after independence of the country Sonali Bank emerged as the largest and leading Nationalized Commercial Bank by proclamation of the Banks’ Nationalization Order 1972 (Presidential Order-26) liquidating the then National Bank of Pakistan, Premier Bank and Bank of Bhawalpur. As a fully state-owned institution, the bank had been discharging its nation-building responsibilities by undertaking government entrusted different socio-economic schemes as well as money market activities of its own volition, covering all spheres of the economy.

The bank has been converted to a Public Limited Company with 100% ownership of the government and started functioning as Sonali Bank Limited from November 15, 2007 taking over all assets, liabilities and business of Sonali Bank. After corporatization, the management of the bank has been given required autonomy to make the bank competitive & to run its business effectively.

Sonali Bank Limited is governed by a Board of Directors consisting of 11 (Eleven) members. The Bank is headed by the CEO & Managing Director, who is a well-known Banker and a reputed professional. The corporate head quarter of the bank is located at Motijheel, Dhaka, Bangladesh, the main commercial center of the capital.

Some notable features of the Bank are as follows:

Capital Structure:

Authorized Capital      :           Tk. 6000.00 Crore

Paid up Capital           :           Tk. 3830.00 Crore

Branches & Subsidiaries:

1          Total No of Branches  1210

  1.          No of Foreign branches          2
  2.          No of Local branches  1208
  3.              i)         No of Rural Branches 742
  4.             ii)         No of Urban Branches            466

2          No of Regional Offices          16

3          No of Principal Offices          46

4          No of G.M. Offices    11



Sonali Exchange Company Incorporated (SECI) having 10 (Ten) branches in USA.

Sonali Investment Limited (Merchant Banking) having 4 (Four) branches at Motijheel, Paltan, Uttara, Mirpur in Dhaka and 1 (One) branch in Khulna, Bangladesh.


Sonali Bank (UK) Limited having 2 (Two) branches in UK.

Sonali Polaris FT Limited

Representative Offices           :3: 1(One) in Jeddah, KSA; 1 (One) in Riyadh, KSA and 1 (One) in Kuwait.

Correspondence          :           639

2.3.2 Corporate Profile

Name of the Company:Sonali Bank Limited
Chairman:Mr. Md. Ashraful Moqbul
CEO & Managing Director:Mr. Md. Obayed Ullah Al Masud
Company Secretary:Mr. A.K.M Sajedur Rahman Khan
Legal Status:Public Limited Company
Genesis:Emerged as Nationalised Commercial Bank in 1972, following the Bangladesh Bank (Nationalization) Order No. 1972 (PO No.26 of 1972)
Date of Incorporation:03 June, 2007
Date of Vendor’s Agreement:15 November, 2007
Registered Office:35-42, 44 Motijheel Commercial Area, Dhaka, Bangladesh
Authorized Capital:Taka 6000.00 Crore
Paid-up Capital:Taka 3830.00 Crore
Number of Employee:22,446
Number of Branches:1210
Phone-PABX:9550426-31, 33, 34, 9552924
FAX:88-02-9561410, 9552007

Figure 2.1: Banner

2.4 Services of Sonali Bank

  • Ancillary Services
  • Locker Service
  • Automation Status
  • ATM Services
  • Online Tax Payment Procedure
  • NBR-Sonali Bank e-Payment

2.5 Network Vendors of Sonali Bank

Sonali Bank Ltd doesn’t developed their own network yet. They are taking this network services from different vendors of Bangladesh. Those are creating a private connection through their network for Sonali Bank. For any kind of issues vendors are giving direct services. The IT team of Sonali Bank is not managing the advanced featured. All are controlled by their vendors. Few basic steps are managed by their IT team (Core Team).

 metro net 

Metro Net











2.6 The vision

Socially committed leading banking institution with global presence.

2.8 The Mission

Dedicated to extend a whole range of quality products that support divergent needs of people aiming at enriching their lives, creating value for the stakeholders and contributing towards socio-economic development of the country.

2.9 Organization Summary

The bank has been converted to a Public Limited Company with 100% ownership of the government and started functioning as Sonali Bank Limited from November 15, 2007 taking over all assets, liabilities and business of Sonali Bank. After corporatization, the management of the bank has been given required autonomy to make the bank competitive & to run its business effectively.

Sonali Bank Limited is governed by a Board of Directors consisting of 11 (Eleven) members. The Bank is headed by the CEO & Managing Director, who is a well-known Banker and a reputed professional. The corporate head quarter of the bank is located at Motijheel, Dhaka, Bangladesh, the main commercial center of the capital.

2.10 Divisions of Head Office

  1. Ad Branches Inspection and Monitoring Division
  2. Agri Loan & Micro Credit Complaint and Monitoring Division
  3. Agro Based Project Financing Division
  4. Board Division
  5. Branches Control Division
  6. Card Division
  7. Central Accounts Division-1
  8. Central Accounts Division-2
  9. Common Services Division
  10. Currency Management Division (Cmd)
  11. Disciplinary & Appeal Division
  12. Employees Welfare Transport Division
  13. Establishment & Engineering Division
  14. Foreign Remittance Management Division
  15. General Advances Division
  16. Govt. Accounts and Services Division
  17. Human Resource Development Division
  18. Industrial Project Finance Division-1
  19. Industrial Project Finance Division-2
  20. Information Technology Division-1
  21. Information Technology Division-2
  22. Inspection and Audit Division-1
  23. Inspection and Audit Division-2 (Operation & Policy)
  24. Inspection and Audit Division-3
  25. Internal Control and Compliance Division
  26. International Trade Finance Division-1
  27. International Trade Finance Division-2
  28. Legal Maters Division
  29. Loan Recovery & Classification Division
  30. Managing Director’s Secretariat (Mds)
  31. Marketing & Development Division
  32. Micro Credit Division
  33. Mis & Statistics Division
  34. Personnel Management Division
  35. Public Relation Division
  36. Reconciliation Division
  37. Research, Planning and Modernization Division
  38. Risk Management Division
  39. Rural Credit Division
  40. Sme (Small & Medium Enterprise) Division
  41. Treasury Management Division
  42. Vigilance Division
  43. Sonali Bank Staff College
  44. Security and Protocol Division

2.11 Board of Directors

Mr. Md. Ashraful Moqbul
Director and Chairman
Former Senior Secretary
Bangladesh National Parliament Secretariat
Govt. of the People’s Republic of Bangladesh
Mr. Mohammad Muslim Chowdhury
Additional Secretary
Finance Division, Ministry of Finance
Govt. of the People’s Republic of Bangladesh
Mr. Md. Fazlul Haque
Additional Secretary
Bank & Financial Institutions Division, Ministry of Finance
Govt. of the People’s Republic of Bangladesh
Mr. Md. Mahboob Hossain
Former Joint Secretary
Govt. of the People’s Republic of Bangladesh
Mr. Md. Shaheb Ali Mridha
Former Joint Secretary
Govt. of the People’s Republic of Bangladesh
Mr. Kazi Tariqul Islam
Former Joint Secretary
Govt. of the People’s Republic of Bangladesh
Mrs. Sabera Aktari Jamal
Former Deputy Managing Director, Uttara Bank Limited
Mr. Afzal Hossain
Freedom Fighter,
Former Director, BDBL(BSRS)
and Scout Leader
Mr. Muhammed Asadullah
Retired UN Executive
Mr. A.K.M Kamrul Islam, FCA, FCS
Dr. Md. Nurul Alam Talukder
Ex-Managing Director
Bangladesh House Building Finance Corporation
Mr. Md. Obayed Ullah Al Masud
CEO & Managing Director
Sonali Bank Limited

2.12 Contact Details of the Organization

Head Office:

Sonali Bank Limited, 35-42,44 Motijheel Commercial Area, Dhaka-1000, Bangladesh.

PABX :9550426-31, 33, 34, 9552924, Fax: 88-02-9561410, 88-02-9552007, Telex: 642644 SBD/BJ, 642824 SBD/BJ,










Network Cables and Connectivity


3.1 What is Network Cabling?

Cable is the medium through which information usually moves from one network device to another. There are several types of cable which are commonly used with LANs. In some cases, a network will utilize only one type of cable, other networks will use a variety of cable types. The type of cable chosen for a network is related to the network’s topology, protocol, and size. Understanding the characteristics of different types of cable and how they relate to other aspects of a network is necessary for the development of a successful network.

The following sections discuss the types of cables used in networks and other related topics.

  • Unshielded Twisted Pair (UTP) Cable
  • Shielded Twisted Pair (STP) Cable
  • Coaxial Cable
  • Fiber Optic Cable
  • Cable Installation Guides
  • Wireless LANs

3.1.1 Unshielded Twisted Pair (UTP) Cable:

Twisted pair cabling comes in two varieties: shielded and unshielded. Unshielded twisted pair (UTP) is the most popular and is generally the best option for school networks.

Unshielded twisted pair
Figure.3.1. Unshielded twisted pair

The quality of UTP may vary from telephone-grade wire to extremely high-speed cable. The cable has four pairs of wires inside the jacket. Each pair is twisted with a different number of twists per inch to help eliminate interference from adjacent pairs and other electrical devices. The tighter the twisting, the higher the supported transmission rate and the greater the cost per foot. The EIA/TIA (Electronic Industry Association/Telecommunication Industry Association) has established standards of UTP and rated six categories of wire (additional categories are emerging). Categories of Unshielded Twisted Pair

11 MbpsVoice Only (Telephone Wire)
24 MbpsLocalTalk & Telephone (Rarely used)
316 Mbps10BaseT Ethernet
420 MbpsToken Ring (Rarely used)
5100 Mbps (2 pair)100BaseT Ethernet
1000 Mbps (4 pair)Gigabit Ethernet
5e1,000 MbpsGigabit Ethernet
610,000 MbpsGigabit Ethernet Unshielded Twisted Pair Connector

The standard connector for unshielded twisted pair cabling is an RJ-45 connector. This is a plastic connector that looks like a large telephone-style connector. A slot allows the RJ-45 to be inserted only one way. RJ stands for Registered Jack, implying that the connector follows a standard borrowed from the telephone industry. This standard designates which wire goes with each pin inside the connector.

 RJ-45 connector
Figure 3.2: RJ-45 connector

3.1.2 Shielded Twisted Pair (STP) Cable

Although UTP cable is the least expensive cable, it may be susceptible to radio and electrical frequency interference (it should not be too close to electric motors, fluorescent lights, etc.). If you must place cable in environments with lots of potential interference, or if you must place cable in extremely sensitive environments that may be susceptible to the electrical current in the UTP, shielded twisted pair may be the solution. Shielded cables can also help to extend the maximum distance of the cables.

Shielded twisted pair cable is available in three different configurations:

  1. Each pair of wires is individually shielded with foil.
  2. There is a foil or braid shield inside the jacket covering all wires (as a group).
  3. There is a shield around each individual pair, as well as around the entire group of wires (referred to as double shield twisted pair).

3.1.3 Coaxial Cable

Coaxial cabling has a single copper conductor at its center. A plastic layer provides insulation between the center conductor and a braided metal shield. The metal shield helps to block any outside interference from fluorescent lights, motors, and other computers.

coaxial cable
Figure 3.3: Coaxial cable

Although coaxial cabling is difficult to install, it is highly resistant to signal interference. In addition, it can support greater cable lengths between network devices than twisted pair cable. The two types of coaxial cabling are thick coaxial and thin coaxial.

Thin coaxial cable is also referred to as thinnet. 10Base2 refers to the specifications for thin coaxial cable carrying Ethernet signals. The 2 refers to the approximate maximum segment length being 200 meters. In actual fact, the maximum segment length is 185 meters. Thin coaxial cable has been popular in school networks, especially linear bus networks.

Thick coaxial cable is also referred to as thicknet. 10Base5 refers to the specifications for thick coaxial cable carrying Ethernet signals. The 5 refers to the maximum segment length being 500 meters. Thick coaxial cable has an extra protective plastic cover that helps keep moisture away from the center conductor. This makes thick coaxial a great choice when running longer lengths in a linear bus network. One disadvantage of thick coaxial is that it does not bend easily and is difficult to install. Coaxial Cable Connectors

The most common type of connector used with coaxial cables is the Bayone-Neill-Concelman (BNC) connector. Different types of adapters are available for BNC connectors, including a T-connector, barrel connector, and terminator. Connectors on the cable are the weakest points in any network. To help avoid problems with your network, always use the BNC connectors that crimp, rather screw, onto the cable.

BNC Connector
Figure. 3.4. BNC connector

3.1.4 Fiber Optic Cable

Fiber optic cabling consists of a center glass core surrounded by several layers of protective materials. It transmits light rather than electronic signals eliminating the problem of electrical interference. This makes it ideal for certain environments that contain a large amount of electrical interference. It has also made it the standard for connecting networks between buildings, due to its immunity to the effects of moisture and lighting.

Fiber optic cable has the ability to transmit signals over much longer distances than coaxial and twisted pair. It also has the capability to carry information at vastly greater speeds. This capacity broadens communication possibilities to include services such as video conferencing and interactive services. The cost of fiber optic cabling is comparable to copper cabling; however, it is more difficult to install and modify. 10BaseF refers to the specifications for fiber optic cable carrying Ethernet signals.

The center core of fiber cables is made from glass or plastic fibers. A plastic coating then cushions the fiber center, and kevlar fibers help to strengthen the cables and prevent breakage. The outer insulating jacket made of teflon or PVC.

Fiber Optic Cable
Figure. 3.5. Fiber optic cable

There are two common types of fiber cables — single mode and multimode. Multimode cable has a larger diameter; however, both cables provide high bandwidth at high speeds. Single mode can provide more distance, but it is more expensive.

SpecificationCable Type
10BaseTUnshielded Twisted Pair
10Base2Thin Coaxial
10Base5Thick Coaxial
100BaseTUnshielded Twisted Pair
100BaseFXFiber Optic
100BaseBXSingle mode Fiber
100BaseSXMultimode Fiber
1000BaseTUnshielded Twisted Pair
1000BaseFXFiber Optic
1000BaseBXSingle mode Fiber
1000BaseSXMultimode Fiber

3.2 Installing Cable – Some Guidelines

When running cable, it is best to follow a few simple rules:

  • Always use more cable than we need. Leave plenty of slack.
  • Test every part of a network as we install it. Even if it is brand new, it may have problems that will be difficult to isolate later.
  • Stay at least 3 feet away from fluorescent light boxes and other sources of electrical interference.
  • If it is necessary to run cable across the floor, cover the cable with cable protectors.
  • Label both ends of each cable.
  • Use cable ties (not tape) to keep cables in the same location together.

3.3 Ethernet Cable Wiring

When talking about cable pinouts we often get questions as to the difference in Straight-through, Crossover, and Rollover wiring of cables and the intended use for each type of cable. These terms are referring to the way the cables are wired (which pin on one end is connected to which pin on the other end). Below we will try shed some light on this commonly confused subject.

3.3.1 Straight-Through Wired Cables

Straight-Through refers to cables that have the pin assignments on each end of the cable. In other words, Pin 1 connector A goes to Pin 1 on connector B, Pin 2 to Pin 2 ect. Straight-Through wired cables are most commonly used to connect a host to client. When we talk about cat5e patch cables, the Straight-Through wired cat5e patch cable is used to connect computers, printers and other network client devices to the router switch or hub (the host device in this instance).

Figure. 3.6 Straight Through Color Code
Figure. 3.6 Straight Through Color Code

When we Use?

We usually use straight cable to connect different type of devices. This type of cable will be used most of the time and can be used to:

1) Connect a computer to a switch/hub’s normal port.
2) Connect a computer to a cable/DSL modem’s LAN port.
3) Connect a router’s WAN port to a cable/DSL modem’s LAN port.
4) Connect a router’s LAN port to a switch/hub’s uplink port. (normally used for expanding network)
5) Connect 2 switches/hubs with one of the switch/hub using an uplink port and the other one using normal port.

3.3.2 Crossover Wired Cables

Crossover wired cables (commonly called crossover cables) are very much like Straight-Through cables with the exception that TX and RX lines are crossed (they are at opposite positions on either end of the cable. Using the 568-B standard as an example below you will see that Pin 1 on connector A goes to Pin 3 on connector B. Pin 2 on connector A goes to Pin 6 on connector B ect. Crossover cables are most commonly used to connect two hosts directly. Examples would be connecting a computer directly to another computer, connecting a switch directly to another switch, or connecting a router to a router. Note: While in the past when connecting two host devices directly a crossover cable was required. Now days most devices have auto sensing technology that detects the cable and device and crosses pairs when needed.

Crossover Cable Color Code
Figure. 3.7: Crossover Cable Color Code

When We Use It?

Sometimes you will use crossover cable, it’s usually used to connect same type of devices. A crossover cable can be used to:

1) Connect 2 computers directly.

2) Connect a router’s LAN port to a switch/hub’s normal port. (normally used for expanding network)

3) Connect 2 switches/hubs by using normal port in both switches/hubs.

Rollover Color Code
Figure. 3.8: Rollover Color Code

3.3.3 Rollover Wired Cables

Rollover wired cables most commonly called rollover cables, have opposite Pin assignments on each end of the cable or in other words it is “rolled over”. Pin 1 of connector A would be connected to Pin 8 of connector B. Pin 2 of connector A would be connected to Pin 7 of connector B and so on. Rollover cables, sometimes referred to as Yost cables are most commonly used to connect to a devices console port to make programming changes to the device. Unlike crossover and straight-wired cables, rollover cables are not intended to carry data but instead create an interface with the device.

3.4 Wireless LANs

Wireless LAN
Figure. 3.9: Wireless LAN

More and more networks are operating without cables, in the wireless mode. Wireless LANs use high frequency radio signals, infrared light beams, or lasers to communicate between the workstations, servers, or hubs. Each workstation and file server on a wireless network has some sort of transceiver/antenna to send and receive the data. Information is relayed between transceivers as if they were physically connected. For longer distance, wireless communications can also take place through cellular telephone technology, microwave transmission, or by satellite.

Wireless networks are great for allowing laptop computers, portable devices, or remote computers to connect to the LAN. Wireless networks are also beneficial in older buildings where it may be difficult or impossible to install cables.

The two most common types of infrared communications used in schools are line-of-sight and scattered broadcast. Line-of-sight communication means that there must be an unblocked direct line between the workstation and the transceiver. If a person walks within the line-of-sight while there is a transmission, the information would need to be sent again. This kind of obstruction can slow down the wireless network. Scattered infrared communication is a broadcast of infrared transmissions sent out in multiple directions that bounces off walls and ceilings until it eventually hits the receiver. Networking communications with laser are virtually the same as line-of-sight infrared networks.

3.4.1 Wireless standards and speeds

The Wi-Fi Alliance is a global, non-profit organization that helps to ensure standards and interoperability for wireless networks, and wireless networks are often referred to as Wi-Fi (Wireless Fidelity). The original Wi-Fi standard (IEEE 802.11) was adopted in 1997. Since then many variations have emerged (and will continue to emerge). Wi-Fi networks use the Ethernet protocol.

StandardMax SpeedTypical Range
802.11a54 Mbps150 feet
802.11b11 Mbps300 feet
802.11g54 Mbps300 feet
802.11n100 Mbps300+ feet

3.4.2 Wireless Security

Wireless networks are much more susceptible to unauthorized use than cabled networks. Wireless network devices use radio waves to communicate with each other. The greatest vulnerability to the network is that rogue machines can “eves-drop” on the radio wave communications. Unencrypted information transmitted can be monitored by a third-party, which, with the right tools (free to download), could quickly gain access to your entire network, steal valuable passwords to local servers and online services, alter or destroy data, and/or access personal and confidential information stored in your network servers. To minimize the possibility of this, all modern access points and devices have configuration options to encrypt transmissions. These encryption methodologies are still evolving, as are the tools used by malicious hackers, so always use the strongest encryption available in your access point and connecting devices.

A NOTE ON ENCRYPTION: As of this writing WEP (Wired Equivalent Privacy) encryption can be easily hacked with readily-available free tools which circulate the internet. WPA and WPA2 (Wi-Fi Protected Access versions 1 and 2) are much better at protecting information, but using weak passwords or passphrases when enabling these encryptions may allow them to be easily hacked. If your network is running WEP, you must be very careful about your use of sensitive passwords or other data.

Three basic techniques are used to protect networks from unauthorized wireless use. Use any and all of these techniques when setting up your wireless access points:


Enable the strongest encryption supported by the devices you will be connecting to the network. Use strong passwords (strong passwords are generally defined as passwords containing symbols, numbers, and mixed case letters, at least 14 characters long).


Use a wireless router that places all wireless connections on a subnet independent of the primary private network. This protects your private network data from pass-through internet traffic.

Hidden SSID.

Every access point has a Service Set IDentifier (SSID) that by default is broadcast to client devices so that the access point can be found. By disabling this feature, standard client connection software won’t be able to “see” the access point. However, the eves-dropping programs discussed previously can easily find these access points, so this alone does little more than keep the access point name out of sight for casual wireless users.

3.4.3 Advantages of wireless networks:

  • Mobility – With a laptop computer or mobile device, access can be available throughout a school, at the mall, on an airplane, etc. More and more businesses are also offering free Wi-Fi access (“Hot spots”).
  • Fast setup – If your computer has a wireless adapter, locating a wireless network can be as simple as clicking “Connect to a Network” — in some cases, you will connect automatically to networks within range.
  • Cost – Setting up a wireless network can be much more cost effective than buying and installing cables.
  • Expandability – Adding new computers to a wireless network is as easy as turning the computer on (as long as you do not exceed the maximum number of devices).

3.4.4 Disadvantages of wireless networks:

  • Security – Be careful. Be vigilant. Protect your sensitive data with backups, isolated private networks, strong encryption and passwords, and monitor network access traffic to and from your wireless network.
  • Interference – Because wireless networks use radio signals and similar techniques for transmission, they are susceptible to interference from lights and electronic devices.
  • Inconsistent connections – How many times have you hears “Wait a minute, I just lost my connection?” Because of the interference caused by electrical devices and/or items blocking the path of transmission, wireless connections are not nearly as stable as those through a dedicated cable.
  • Speed – The transmission speed of wireless networks is improving; however, faster options (such as gigabit Ethernet) are available via cables. If you are only using wireless for internet access, the actual internet connection for your home or school is generally slower than the wireless network devices, so that connection is the bottleneck. If you are also moving large amounts of data around a private network, a cabled connection will enable that work to proceed much faster.









Network Hardware & Organization Devices

4.1 What is Networking Hardware?

Networking hardware includes all computers, peripherals, interface cards and other equipment needed to perform data-processing and communications within the network.

This section provides information on the following components:

  • Network Servers
  • Workstations
  • Network Interface Cards
  • Switches
  • Repeaters
  • Bridges
  • Routers
  • Firewalls

4.1.1 File/Network Servers

One or more network servers is a part of nearly every local area network. These are very fast computers with a large amount of RAM and storage space, along with a one or more fast network interface card(s). The network operating system provides tools to share server resources and information with network users. A sophisticated permissions-handling system is included, so that access to sensitive information can be carefully tailored to the needs of the users. For small networks, a single network server may provide access control, file sharing, printer sharing, email, database, and other services.

The network server may be responding to requests from many network users simultaneously. For example, it may be asked to load a word processor program to one workstation, receive a database file from another workstation, and store an e-mail message during the same time period. This requires a computer that can store and quickly share large amounts of information. When configuring such a server, budget is usually the controlling factor. The following guidelines should be followed:

  • Fastest processor(s)
  • Large amount of RAM
  • multiple large, fast hard drives
  • Extra expansion slots
  • Fast network interface card(s)

Optionally (if no other such devices are available on the network):

  • A RAID (Redundant Array of Inexpensive Disks) to preserve large amounts of data (even after a disk failure)
  • A back-up unit (i.e. DAT tape drive, removable hard drives, or CD/DVD/BluRay burner)

4.1.2 Workstations

Computers that humans use are broadly categorized as workstations. A typical workstation is a computer that is configured with a network interface card, networking software, and the appropriate cables. Workstations do not necessarily need large storage hard drives, because files can be saved on the file server. Almost any computer can serve as a network workstation.

4.1.3 Laptops/Mobile Devices

Laptops and other mobile devices are becoming more and more common. These devices typically have modest internal storage, but enough poour to serve as a workstation for users on the go. These machines nearly always have a wireless adapter to allow quick network connections without cumbersome cabling. In a school environment with good wireless coverage, a mobile device user can move about the campus freely, and remain continuously connected to the network.

4.1.4 Network Interface Cards

The network interface card (NIC) provides the physical connection between the network and the computer workstation. Most NICs are internal, and they are included in the purchase of most computers. Network interface cards are a major factor in determining the speed and performance of a network. It is a good idea to use the fastest network card available for the type of workstation we are using.

The most common network interface connections are Ethernet cards and wireless adapters.

    Ethernet Cards

Ethernet cards are usually included with a computer, although additional ethernet cards can be purchased and installed on most computers, Ethernet cards can contain connections for either coaxial or twisted pair cables (or both). If it is designed for coaxial cable, the connection will be BNC. If it is designed for twisted pair, it will have a RJ-45 connection. Some Ethernet cards also contain an AUI connector. This can be used to attach coaxial, twisted pair, or fiber optics cable to an Ethernet card. When this method is used there is always an external transceiver attached to the workstation. Only the RJ-45 connector is found on most modern ethernet cards. Wireless Adapters

Wireless adapters are found in most portable devices, such as laptops, smart phones, and tablet devices. External wireless adapters can be purchased and installed on most computers having an open USB (Universal Serial Bus) port, or unused expansion slot. (See the Cabling section for more information on connectors.)

4.1.5 Switches

An ethernet switch is a device that provides a central connection point for cables from workstations, servers, and peripherals. In a star topology, twisted-pair wire is run from each workstation to a central switch/hub. Most switches are active, that is they electrically amplify the signal as it moves from one device to another. The predecessor of the switch was the hub, which broadcasted all inbound packets out all ports of the device, creating huge amounts of unnecessary network traffic. Modern switches build a port map of all IP address which respond on each port, and only broadcasts on all ports when it doesn’t have a packet’s target IP address already in its port map. Switches are:

  • Usually configured with 8, 12, or 24 RJ-45 ports
  • Often used in a star or tree topology
  • Available as “managed” or “unmanaged”, with the later less expensive, but adequate for smaller networks
  • direct replacements for hubs, immediately reducing network traffic in most networks
  • Usually installed in a standardized metal rack that also may store network servers, bridges, or routers

4.1.6 Repeaters

Since a signal loses strength as it passes along a cable, it is often necessary to boost the signal with a device called a repeater. The repeater electrically amplifies the signal it receives and rebroadcasts it. Repeaters can be separate devices or they can be incorporated into a concentrator. They are used when the total length of our network cable exceeds the standards set for the type of cable being used.

A good example of the use of repeaters would be in a local area network using a star topology with unshielded twisted-pair cabling. The length limit for unshielded twisted-pair cable is 100 meters. The most common configuration is for each workstation to be connected by twisted-pair cable to a multi-port active concentrator. The concentrator amplifies all the signals that pass through it allowing for the total length of cable on the network to exceed the 100-meter limit.

            4.1.7 Bridges

A bridge is a device that allows we to segment a large network into two smaller, more efficient networks. If we are adding to an older wiring scheme and want the new network to be up-to-date, a bridge can connect the two.

A bridge monitors the information traffic on both sides of the network so that it can pass packets of information to the correct location. Most bridges can “listen” to the network and automatically figure out the address of each computer on both sides of the bridge. The bridge can inspect each message and, if necessary, broadcast it on the other side of the network.

The bridge manages the traffic to maintain optimum performance on both sides of the network. We might say that the bridge is like a traffic cop at a busy intersection during rush hour. It keeps information flowing on both sides of the network, but it does not allow unnecessary traffic through. Bridges can be used to connect different types of cabling, or physical topologies. They must, however, be used between networks with the same protocol.

            4.1.8 Routers

Routers are the traffic directors of the global internet. All routers maintain complex routing tables which allow them to determine appropriate paths for packets destined for any address. Routers communicate with each other, and forward network packets out of or into a network. Here’s an example:

We want to search for something on the internet using a search engine. We open a browser on our workstation. The browser opens to a blank page (not usually the default, but appropriate for this example). We type “” into the URL (Universal Resource Locator) address line of the browser. The browser software packages up the URL we typed, and sends it with a request for an IP address to the DNS (Domain Name Server) that has been set in our network adapter’s configuration. The domain server returns an IP, such as (actual address returned by DNS for on June 7th, 2011). The browser ships the request for that IP address off to the network card, which bundles the request into an ethernet packet, destined for The network card sends the packet to the gateway of our network, which opens the header of the packet, and makes a determination that the packet is traveling out of our network, in search of Our network’s router has routing tables which it has been building from communicating with other routers, and potentially augmented with “static routes”, which are specific paths added by our network’s administrators to make the task of accessing certain networks easier, or faster, or in some cases, not possible. In this case, I find that my router knows about another router at my ISP (Internet Service Provider), which in turn has several more routers that are all on networks of which I am just a small node, much like finding an atom of a molecule of a piece of dust on a rock on a moon of a planet of a sun of a galaxy of the universe. In any case, the packet gets passed from router to router, each time moving out of the subnets of the packet sender, towards a router that will know where the desired server is. The packet finally reaches the router of the network at, which dutifully delivers the packet to the server at that IP address. The server carefully crafts a response, and sends a reply back, which follows the same process to get the response “Yes. Go ahead” back to the requester. Whew. And that’s just the initial request.

While bridges know the addresses of all computers on each side of the network, routers know the addresses other routers which in turn know about their own networks. Routers can even “listen” to entire networks to determine which sections are busiest — they can then redirect data around those sections until traffic congestion clears.

So, routers are network gateways. They move network packets from one network to another, and many can convert from one network protocol to another as necessary. Routers select the best path to route a message, based on the destination address of the packet. The router can direct traffic to prevent head-on collisions, and is smart enough to know when to direct traffic along back roads and shortcuts.

If we have a school LAN that we want to connect to the Internet, we will need to purchase a router. In this case, the router serves as the forwarder between the information on our LAN and the Internet. It also determines the best route to send the data over the Internet.

 4.1.9 Firewalls

A firewall is a networking device that is installed at the entrance to a LAN when connecting a network together, particularly when connecting a private network to a public network, such as the internet. The firewall uses rules to filter traffic into and out of the private network, to protect the private network users and data from malevolent hackers.

Firewalls are either hardware or software, depending on their intended use. A firewall used to protect a network is a hardware device that should be installed in the network between the router and the network. Almost all hardware firewalls will have at least two ports, labeled “Trusted” and “Untrusted”. These terms imply the true nature of the firewall’s responsibility to the private network. The public network is connected to the untrusted network port, and the private network is connected to the trusted port.

Firewall rules are usually simple, consisting of a verb, either allow or deny, the direction of the traffic, either inbound or outbound, and an address or other network traffic identifier. Firewall rules are cumulative, so general rules may be specified, and exceptions added as necessary. Some examples are:

  • Allow outbound all (all private network users can do anything on the public network)
  • Deny inbound all (default setting to prevent all traffic from the public or untrusted port, to the private port)
  • Allow inbound port 80 (allow internet web traffic to come into network to find web servers)
  • Allow inbound port 80 destined to (allow inbound web traffic to a specific web server on our private network)
  • Deny inbound from (deny all inbound traffic from a specific IP address or range of addresses)

Software firewalls are commonly included in modern workstation and server operating systems. They operate in a similar way as hardware firewalls, except that they filter traffic in and out of the machine itself. These software firewalls are typically unnoticed by machine users, and only need attention occasionally when an internet-connected application doesn’t work as expected. The software firewall should always be considered a “suspect” in such cases. The problem is easily resolved, by setting an exception rule in the firewall for the software that is attempting to communicate.

4.2 Organization Devices



Cisco ASR 1000 Series Aggregation Services Routers

Gain the resiliency of a digital business. Offer a superior user experience and security and compliance on demand. ASR 1000 Series Aggregation Services Routers can transform your service provider or enterprise network edge for the digital era.

  • ASR 1000 Series routers offer elastic service delivery, automation, and up to five-nines availability.
  • Application-centric SD-WAN
  • High performance and scale
  • Unified communications
  • Virtualization-ready platform
  • Solve problems faster, improve operational efficiency, and reduce your risk of downtime.
Cisco ASR 1000 Router
Figure 4.1: Cisco ASR 1000 Router



Cisco Catalyst 6807-XL Modular Switch

The Cisco Catalyst 6807-XL chassis (Figure 1) is built to be capable of delivering up to 11.4 terabits per second (Tbps) of system bandwidth capacity and up to 440 gigabits per second (Gbps) of per-slot bandwidth. In a system configured for VSS, this translates to a system capacity of up to 22.8 Tbps. With the Supervisor Engine 6T and latest generation of line cards, the 6807-XL chassis supports a maximum of 160 gigabits per second (Gbps) of per slot bandwidth. The Cisco Catalyst 6807-XL Modular Switch is optimized for high-density 10 Gigabit Ethernet and capable of supporting 40 Gigabit Ethernet.


  • Capable of delivering up to 11.4 terabits per second of system bandwidth capacity and 440 Gbps of per-slot bandwidth for all slots. A system configured for VSS is capable of delivering 22.8 terabits per second of system bandwidth.
  • High interface capacity
  • Increased resiliency
  • Standby fabric hot sync
  • Redundant control channel
  • Redundant supervisor engine option
  • Redundant power supply option
  • Fan tray
  • Environmental
  • Side-to-side airflow
  • AC power supply
Cisco Catalyst 6807-XL Switch
Figure 4.2: Cisco Catalyst 6807-XL Switch


Cisco ASA Firewall
Figure 4.3: Cisco ASA Firewall

Cisco ASA with FirePOWER Services

Cisco ASA with FirePOWER Services brings distinctive threat-focused next-generation security services to the Cisco ASA 5500-X Series Next-Generation Firewalls and Cisco ASA 5585-X Adaptive Security Appliance firewall products. It provides comprehensive protection from known and advanced threats, including protection against targeted and persistent malware attacks (Figure 1). Cisco ASA is the worlds most widely deployed, enterprise-class state full firewall. Cisco ASA with FirePOWER Services features these comprehensive capabilities:

  • Site-to-site and remote access VPN and advanced clustering provide highly secure, high-performance access and high availability to help ensure business continuity.
  • Granular Application Visibility and Control (AVC) supports more than 4,000 application-layer and risk-based controls that can launch tailored intrusion prevention system (IPS) threat detection policies to optimize security effectiveness.
  • The industry-leading Cisco ASA with FirePOWER next-generation IPS (NGIPS) provides highly effective threat prevention and full contextual awareness of users, infrastructure, applications, and content to detect multifactor threats and automate defense response.
  • Reputation- and category-based URL filtering offer comprehensive alerting and control over suspicious web traffic and enforce policies on hundreds of millions of URLs in more than 80 categories.
  • AMP provides industry-leading breach detection effectiveness, sandboxing, a low total cost of ownership, and superior protection value that helps you discover, understand, and stop malware and emerging threats missed by other security layers.


Cisco Nexus 7000 Series Switches

Cisco Nexus 7000 Series Switches provide the foundation for Cisco® Unified Fabric. They are a modular data center-class product line designed for highly scalable 1/10/40/100 Gigabit Ethernet networks with a fabric architecture that scales beyond 17 terabits per second (Tbps). Designed to meet the requirements of the most mission-critical data centers, the switches deliver continuous system operation and virtualized, pervasive services. The Cisco Nexus 7000 Series is based on the proven Cisco NX-OS Software operating system, with enhanced features to deliver real-time system upgrades with exceptional manageability and serviceability.

Features and Benefits

Coupled with Cisco NX-OS, the Cisco Nexus 7000 Series delivers a comprehensive set of features with nonstop operation in four chassis form factors:

  • 18-slot chassis with 18 front-accessible module slots and side-to-side airflow in a compact horizontal form factor with purpose-built integrated cable management.
  • 10-slot chassis with 10 front-accessible vertical module slots and front-to-back airflow and an integrated cable management system.
  • 9-slot with 9 front-accessible module slots and side-to-side airflow in a compact horizontal form factor with purpose-built integrated cable management.
  • 4-slot chassis with all front-accessible module slots and side-to-back airflow in a small form factor with purpose-built integrated cable management
  • Side-to-rear airflow increases the system density in a seven-rack-unit (7RU) footprint, optimizing the use of rack space. The optimized density provides the capability to stack up to six 4-slot chassis in a 42RU rack.
  • The fan tray with built-in fan and controller redundancy helps ensure reliability of the system and support for hot swapping of fan trays. The fan tray is on the top side of the chassis and draws the air from the right side of the chassis through the line card and supervisor slots and propagates it through the empty space on the left side of the chassis. The air then flows up to the fan tray on the top side and finally flows out from the vent holes on the back side of the chassis.
  • Even though Nexus 7004 does not have fabric modules, fabric redundancy is still provided. If the local fabric on one of the I/O modules fails, the entire I/O module is taken offline.
  • All modules, including power supplies and the fan tray, are accessible from the front.
  • The Cisco Nexus 7000 9-Slot chassis with up to seven I/O module slots supports up to 336 x 1 and 10 Gigabit Ethernet ports, 42 x 40 Gigabit Ethernet ports, and 14 x 100 Gigabit Ethernet ports, meeting the demands of mission-critical campus core and data center deployments. It has two dedicated supervisor slots to provide full redundancy.
  • Side-to-side airflow increases the system density in a 14RU footprint, optimizing the use of rack space. The optimized density provides the capability to stack up to three 9-slot chassis in a 42RU rack.
  • Independent variable-speed system and fabric fans provide efficient cooling capacity to the entire system. Fan-tray redundancy features help ensure reliability of the system and support for hot swapping of fan trays.
  • I/O modules, supervisor modules, and fabric modules are accessible from the front. Power supplies and fan trays are accessible from the back.
  • Cisco Nexus 7000 10-Slot Switch Chassis
  • The Cisco Nexus 7000 10-Slot chassis with up to eight I/O module slots supports up to 384 x 1 and 10 Gigabit Ethernet ports, 48 x 40 Gigabit Ethernet ports, and 16 x 100 Gigabit Ethernet ports, meeting the demands of large data center deployments. It has two dedicated supervisor slots to provide full redundancy.
  • Front-to-back airflow helps ensure that use of the Cisco Nexus 7000 10-Slot chassis addresses the requirement for hot-aisle and cold-aisle deployments without additional complexity.
  • The system supports an optional air filter to help ensure clean air flow through the system. The addition of the air filter satisfies Network Equipment Building Standards (NEBS) requirements.
  • I/O modules and supervisor modules are accessible from the front, and fabric modules, power supplies, and fan trays are accessible from the back.
  • The Cisco Nexus 7000 18-Slot chassis with up to 16 I/O module slots supports up to 768 x 1 and 10 Gigabit Ethernet ports, 96 x 40 Gigabit Ethernet ports, and 32 x 100 Gigabit Ethernet ports, meeting the demands of the largest data center deployments. It has two dedicated supervisor slots to provide full redundancy.
  • Side-to-side airflow increases the system density in a 25RU footprint, optimizing the use of rack space. The optimized density provides more than 16RU of free space in a standard 42RU rack for cable management and patching systems.
  • Independent variable-speed system and fabric fans provide efficient cooling capacity to the entire system. Fan-tray redundancy features help ensure reliability of the system and support for hot swapping of fan trays.
  • I/O modules and supervisor modules are accessible from the front, and fabric modules, power supplies, and fan trays are accessible from the back.
  • A series of LEDs at the top of the chassis provide a clear summary of the status of the major system components, alerting operators to the need to conduct further investigation. These LEDs report the power supply, fan, fabric, supervisor, and I/O module status.
Cisco Nexus 7000 Series Switches
Figure 4.4: Cisco Nexus 7000 Series Switches



Cisco 3900 Series Integrated Services Routers

Product Overview

The Cisco 3900 Series builds on the best-in-class offering of the existing Cisco 3800 Series Integrated Services Routers by now offering four platforms (Figure 1): The Cisco 3945E, Cisco 3925E, Cisco 3945, and Cisco 3925 Integrated Services Routers.

The Cisco 3900 Series offers embedded hardware encryption acceleration, voice- and video-capable DSP slots, optional firewall, intrusion prevention, call processing, voicemail, and application services. In addition, the platforms support the industry’s widest range of wired and wireless connectivity options such as T1/E1, T3/E3, xDSL, copper, and fiber Gigabit Ethernet.

The Cisco 3900 Series offers superior performance and flexibility for flexible network deployments from small business offices to large enterprise offices – all while providing industry-leading investment protection.

Key Business Benefits

The Cisco® ISR G2 routers provide superior services integration and agility. Designed for scalability, the modular architecture of these platforms enables you to evolve and adapt with your growing business needs. Table 1 lists the business benefits of the Cisco 3900 Series.

  • Services integration
  • Services on demand
  • High performance with integrated services
  • Network agility
  • Energy efficiency
  • Investment protection
Cisco 3900 DMZ Routers
Figure 4.5: Cisco 3900 DMZ Routers



Cisco Catalyst 3750-X and 3560-X Series Switches

The Cisco® Catalyst® 3750-X and 3560-X Series Switches are an enterprise-class lines of stackable and standalone switches, respectively. These switches provide high availability, scalability, security, energy efficiency, and ease of operation with innovative features such as Cisco StackPower (available only on the Catalyst 3750‑X), IEEE 802.3at Power over Ethernet Plus (PoE+) configurations, optional network modules, redundant power supplies, and Media Access Control Security (MACsec) features. The Cisco Catalyst 3750-X Series with StackWise® Plus technology provides scalability, ease of management and investment protection for the evolving business needs. The Cisco Catalyst 3750-X and 3560-X enhance productivity by enabling applications such as IP telephony, wireless, and video for borderless network experience.

Cisco Catalyst 3750-X and 3560-X Series primary features:

  • 24 and 48 10/100/1000 PoE+, non-PoE models, and 12 and 24 GE SFP port models
  • 24 and 48 10/100/1000 UPOE-capable models with Energy Efficient Ethernet (EEE) support
  • Four optional uplink network modules with GE or 10GE ports
  • Industry first PoE+ with 30W power on all ports in 1 rack unit (RU) form factor
  • Dual redundant, modular power supplies and fans
  • Media Access Control Security (MACsec) hardware-based encryption
  • Flexible NetFlow and switch-to-switch hardware encryption with the Service Module uplink
  • Open Shortest Path First (OSPF) for routed access in IP Base image
  • IPv4 and IPv6 routing, Multicast routing, advanced quality of service (QoS), and security features in hardware
  • Enhanced limited lifetime warranty (LLW) with next business day (NBD) advance hardware replacement and 90 day access to Cisco Technical Assistance Center (TAC) support
  • Enhanced Cisco EnergyWise for operational cost optimization by measuring actual power consumption of the PoE devices, reporting, and reducing energy consumption across the network
  • USB Type-A and Type-B ports for storage and console respectively and an out-of-band Ethernet management port
  • In addition to the above features, the Cisco Catalyst 3750-X switches also offer:
  • Cisco StackPower™ technology: An innovative feature and industry first for sharing power among stack members
  • Cisco StackWise Plus technology for ease of use and resiliency with 64 Gbps of throughput
  • Investment protection with backward compatibility with all other models of Cisco Catalyst 3750 Series Switches

Cisco Catalyst 3750-X and 3560-X Switch

Cisco Catalyst 3750-X and 3560-X Switch
Figure 4.6: Cisco Catalyst 3750-X and 3560-X Switch



MikroTik Cloud Core Router CCR1036-8G-2S+EM

MikroTik’s fastest router has now become even better – the new CCR1036-8G-2S+EM now has two SFP+ ports for 10G interface support (SFP+ module available separately). It uses the same 36 core Tilera CPU as their other CCR1036 model, and delivers the same performance, but now, ten gigabit links are possible.  The device comes in a 1U rack mount case, has two SFP+ ports, eight Gigabit Ethernet ports, a serial console cable and a USB port. The CCR1036-8G-2S+EM has two SODIMM slots, by default it is shipped with 16GB of RAM, but has no memory limit in RouterOS (will accept and utilize 16GB or more).

Product Features

  • 36 Core networking CPU
  • 12MB total on-chip cache
  • 8Mpps standard forwarding
  • 41.5Mpps fast path forwarding
  • Up to 28Gbit/s throughput
  • 1U Rack mount Case
  • Color touchscreen LCD display
  • Ports directly connected to CPU
MikroTik Cloud Core Router
Figure 4.7: MikroTik Cloud Core Router



SUN-1000 Media Converter


  • Compliance with IEEE standards
  • MTBF of more than 50000 hours
  • Full & half duplex operation and auto-negotiation
  • Electric interface self-adapting parallel/crossover connections
  • Longest 1552 byte data packet transmission
  • QoS ensuring VoIP data packet transmission
  • STP Spanning Tree forming a redundant network
  • Low power consumption and low heat for longtime stable operation
  • Single/Multi mode and Single/Dual fiber transmission modes
  • Network Management Function (optional)
SUN-1000 Media Converter
Figure 4.8: SUN-1000 Media Converter


Communication has always been the basis of the functioning of any society. In modern times, the use of IT has extended the nature and use of communication, through, basically, a network system using cables or wireless technology. Network systems are actually one large switching field, which allows the physical connection of devices to the communication element.

To address the needs, Conteg offers a choice of solutions.

 The basic element is the cabinet, which complies with international standards like TIA/EIA-310-E and others as to the proper storage of computer cabling and IT equipment. For a dedicated solution for network use, we offer the Premium Cabling cabinet RDF or the universal rack iSEVEN RI7. For support of extended company areas, you can choose solutions from our series of wall-mounting racks.

Our comprehensive solutions allow you to store and maintain copper and fiber optic cables with the correct bend radius, thus to avoid unnecessary reduction in transmission quality, both inside and outside the cabinet.

For guides and wiring inside racks you can use the standard cable management support backbone wiring. For Enterprise users, we have developed High Density Cable Management – HDWM. This is an effective way to organize, support and route large quantities of fiber or UTP cabling. The product meets or exceeds the bend radius and tensioning values for OS and OM fiber, Class E and Fa Copper cabling as stated in Industry Standards, for example, ANSI/TIA/EIA-568; TIA/EIA-942A and ISO/IEL-11801, along with the recommendations in major cable manufacturing specifications.

To support external infrastructure cabling, the appropriate product management system we suggest is OPTIWAY. This system allows easy installation of interconnecting patch cords and optical cables according to constantly changing needs.

Conteg iSEVEN RI7 Rack
Figure 4.9: Conteg iSEVEN RI7 Rack









Computer Network, Topology, IP & Subnetting

5.1 Network

Network is a group of things that connected two or more devices for communication and sharing purpose. In telecommunication sector or computer sector, it is a system containing any combination of computers, printers, audio or visual display devices or telephones interconnected by telecommunication equipment or cables used to transmit or receive information. Networking allows us to share file, devices, internet between the computers. An excellent example of a network is the Internet, which connects millions of people all over the world.

5.2 Computer Network

Computer network or data network is a telecommunications network which allows computers to exchange data. In computer networks, networked computing devices exchange data with each

other along network links (data connections). The connections between nodes are established using either cable media or wireless media. The best-known computer network is the Internet.

Network computer devices that originate, route and terminate the data are called network nodes. Nodes can include hosts such as personal computer, phones, servers as well as networking. Two such devices can be said to be networked together when one device is able to exchange information with the other device, whether or not they have a direct connection to each other.

Computer Network
Figure 5.1: Diagram of Computer Network.

Computer networks differ in the transmission media used to carry their signals, the communication protocol to organize network traffic, the networks size topology and organizational intent. In most cases, communications protocols are layered on other more specific or more general communications protocols, except for the physical layer that directly deals with the transmission media.

Computer network can be categorized in several ways that are: –

  • LAN – Local Area Network
  • MAN- Metropolitan Area Network
  • WAN – Wide Area Network

5.2.1 LAN-Local Area Network

A local area network, or LAN, consists of a computer network at a single site, typically an individual office building. A LAN is very useful for sharing resources, such as data storage and printers. LANs can be built with relatively inexpensive hardware, such as hubs, network adapters and Ethernet cables.

The smallest LAN may only use two computers, while larger LANs can accommodate thousands of computers. A LAN typically relies mostly on wired connections for increased speed and security, but wireless connections can also be part of a LAN. High speed and relatively low cost are the defining characteristics of LANs.

LANs are typically used for single sites where people need to share resources among themselves but not with the rest of the outside world. Think of an office building where everybody should be able to access files on a central server or be able to print a document to one or more central printers. Those tasks should be easy for everybody working in the same office, but you would not want somebody just walking outside to be able to send a document to the printer from their cell phone! If a local area network, or LAN, is entirely wireless, it is referred to as a wireless local area network, or WLAN.

Local Area Network
Figure 5.2: Diagram of Local Area Network. VLAN

VLAN is a logical grouping of networking devices. When we create VLAN, we actually break large broadcast domain in smaller broadcast domains. Consider VLAN as a subnet. Same as two different subnets cannot communicate with each other without router, different VLANs also requires router to communicate. Advantage of VLAN

VLAN provides following advantages: –

  • Solve broadcast problem
  • Reduce the size of broadcast domains
  • Allow us to add additional layer of security
  • Make device management easier

Allow us to implement the logical grouping of devices by function instead of location

Virtual LAN
Figure 5.3: Diagram of Virtual LAN.

5.2.2 MAN-Metropolitan Area Network

A metropolitan area network, or MAN, consists of a computer network across an entire city, college campus or small region. A MAN is larger than a LAN, which is typically limited to a single building or site. Depending on the configuration, this type of network can cover an area from several miles to tens of miles. A MAN is often used to connect several LANs together to form a bigger network. When this type of network is specifically designed for a college campus, it is sometimes referred to as a campus area network, or CAN.

Metropolitan Area Network
Figure 5.4: Diagram of Metropolitan Area Network.

5.2.3 WAN- Wide Area Network

A wide area network (WAN) is a geographically distributed private telecommunications network that interconnects multiple local area networks (LANs). In an enterprise, a WAN may consist of connections to a company’s headquarters, branch offices, colocation facilities, cloud services and other facilities. Typically, a router or other multifunction device is used to connect a LAN to a WAN. Enterprise WANs allow users to share access to applications, services and other centrally located resources. This eliminates the need to install the same application server, firewall or other resource in multiple locations, for example.

WAN-Wide Area Network
Figure 5.5: Diagram of Wide Area Network.

A virtual private network (VPN) facilitates connectivity between WAN sites. An IPsec VPN is more commonly used in continuously open site-to-site connections, such as those between branch offices and headquarters locations. An SSL VPN is often the preferred choice for enabling remote access for individual users because the data transmitted from users across the WAN is encrypted. Direct fiber optic links are also used to connect sites on a WAN – and they almost always offer greater performance, reliability and security than VPNs, but they are cost-prohibitive for most enterprises to procure and operate.

5.3 What is a Network Topology?

A network topology is the arrangement of a network, including its nodes and connecting lines. There are two ways of defining network geometry: the physical topology and the logical (or signal) topology. The physical topology of a network is the actual geometric layout of workstations. There are several common physical topologies, as described below and as shown in the illustration.

5.3.1 BUS Topology

Bus topology is a network type in which every computer and network device is connected to single cable. When it has exactly two endpoints, then it is called Linear Bus topology.

Bus Topology
Figure 5.6: Bus Topology

Bus topology in computer networks

Features of Bus Topology:

  • It transmits data only in one direction.
  • Every device is connected to a single cable

Advantages of Bus Topology

  • It is cost effective.
  • Cable required is least compared to another network topology.
  • Used in small networks.
  • It is easy to understand.
  • Easy to expand joining two cables together.

Disadvantages of Bus Topology

  • Cables fails then whole network fails.
  • If network traffic is heavy or nodes are more the performance of the network decreases.
  • Cable has a limited length.
  • It is slower than the ring topology.

5.3.2 RING Topology

It is called ring topology because it forms a ring as each computer is connected to another computer, with the last one connected to the first. Exactly two neighbors for each device.

Ring Topology
Figure 5.7: Ring Topology

Features of Ring Topology:

  • A number of repeaters are used for Ring topology with large number of nodes, because if someone wants to send some data to the last node in the ring topology with 100 nodes, then the data will have to pass through 99 nodes to reach the 100th node. Hence to prevent data loss repeaters are used in the network.
  • The transmission is unidirectional, but it can be made bidirectional by having 2 connections between each Network Node, it is called Dual Ring Topology.
  • In Dual Ring Topology, two ring networks are formed, and data flow is in opposite direction in them. Also, if one ring fails, the second ring can act as a backup, to keep the network up.
  • Data is transferred in a sequential manner that is bit by bit. Data transmitted, has to pass through each node of the network, till the destination node.

Advantages of Ring Topology

  • Transmitting network is not affected by high traffic or by adding more nodes, as only the nodes having tokens can transmit data.
  • Cheap to install and expand

Disadvantages of Ring Topology

  • Troubleshooting is difficult in ring topology.
  • Adding or deleting the computers disturbs the network activity.
  • Failure of one computer disturbs the whole network.

5.3.3 STAR Topology

In this type of topology all the computers are connected to a single hub through a cable. This hub is the central node and all others nodes are connected to the central node.

Star Topology
Figure 5.8: Star Topology

Features of Star Topology

  • Every node has its own dedicated connection to the hub.
  • Hub acts as a repeater for data flow.
  • Can be used with twisted pair, Optical Fiber or coaxial cable.

Advantages of Star Topology

  • Fast performance with few nodes and low network traffic.
  • Hub can be upgraded easily.
  • Easy to troubleshoot.
  • Easy to setup and modify.
  • Only that node is affected which has failed, rest of the nodes can work smoothly.


Disadvantages of Star Topology

  • Cost of installation is high.
  • Expensive to use.
  • If the hub fails then the whole network is stopped because all the nodes depend on the hub.
  • Performance is based on the hub that is it depends on its capacity

5.3.4 MESH Topology

It is a point-to-point connection to other nodes or devices. All the network nodes are connected to each other. Mesh has n(n-1)/2 physical channels to link n devices. There are two techniques to transmit data over the Mesh topology, they are:

  1. Routing
  2. Flooding

Routing: In routing, the nodes have a routing logic, as per the network requirements. Like routing logic to direct the data to reach the destination using the shortest distance. Or, routing logic which has information about the broken links, and it avoids those nodes etc. We can even have routing logic, to re-configure the failed nodes.

Flooding: In flooding, the same data is transmitted to all the network nodes, hence no routing logic is required. The network is robust, and the its very unlikely to lose the data. But it leads to unwanted load over the network.

Mesh Topology
Figure 5.9: Mesh Topology

Types of Mesh Topology

Partial Mesh Topology: In this topology, some of the systems are connected in the same fashion as mesh topology but some devices are only connected to two or three devices.

Full Mesh Topology: Each and every nodes or devices are connected to each other.

Features of Mesh Topology

  • Fully connected.
  • Not flexible.

Advantages of Mesh Topology

  • Each connection can carry its own data load.
  • It is robust.
  • Fault is diagnosed easily.
  • Provides security and privacy.

Disadvantages of Mesh Topology

  • Installation and configuration is difficult.
  • Cabling cost is more.
  • Bulk wiring is required.

5.3.5 TREE Topology

It has a root node and all other nodes are connected to it forming a hierarchy. It is also called hierarchical topology. It should at least have three levels to the hierarchy.

Tree Topology
Figure 5.10: Tree Topology

Features of Tree Topology

  • Ideal if workstations are located in groups.
  • Used in Wide Area Network.

Advantages of Tree Topology

  • Extension of bus and star topologies.
  • Expansion of nodes is possible and easy.
  • Easily managed and maintained.
  • Error detection is easily done.

Disadvantages of Tree Topology

  • Heavily cabled.
  • If more nodes are added maintenance is difficult.
  • Central hub fails, network fails.

5.3.6 HYBRID Topology

It is two different types of topologies which is a mixture of two or more topologies. For example, if in an office in one department ring topology is used and in another star topology is used, connecting these topologies will result in Hybrid Topology (ring topology and star topology).

Hybrid Topology
Figure 5.11: Hybrid Topology

Features of Hybrid Topology

  • It is a combination of two or topologies
  • Inherits the advantages and disadvantages of the topologies included

Advantages of Hybrid Topology

  • Reliable as Error detecting and troubleshooting is easy.
  • Scalable as size can be increased easily.

Disadvantages of Hybrid Topology

  • Complex in design.

5.3.7 Considerations When Choosing a Topology

  • Money. A linear bus network may be the least expensive way to install a network; you do not have to purchase concentrators.
  • Length of cable needed. The linear bus network uses shorter lengths of cable.
  • Future growth. With a star topology, expanding a network is easily done by adding another concentrator.
  • Cable type. The most common cable in schools is unshielded twisted pair, which is most often used with star topologies.

5.4 Network IP

The Internet Protocol is responsible for addressing hosts and for routing datagram’s (packets) from a source host to a destination host across one or more IP networks. For this purpose, the Internet Protocol defines the format of packets and provides an addressing system that has two functions: Identifying hosts and providing a Logical location service.

Every computer on network requires an IP address to communicate with other computer. This IP address means of Internet Protocol address. It is a 32-bit number comprised of a host number and a network prefix. They are broken up into 4 bytes, or octets, where any 2 bytes are separated by a period. This is commonly referred to as dotted decimal notation. The first part of an Internet address identifies the network on which the host resides, while the second part identifies the particular host on the given network. This creates the two-level addressing hierarchy. All hosts on a given network share the same network prefix but must have a unique host number. Similarly, any two hosts on different networks must have different network prefixes but may have the same host number. IP addresses are usually written and displayed in human-readable notations, such as (IPv4), and 2001:db8:0:1234:0:567:8:1(IPv6).

A simple example of an IP address:

5.5 IP Version

Two versions of the Internet Protocol (IP) are in use: –

  • IP Version 4 and
  • IP Version 6

Each version defines an IP address differently. Because of its prevalence, the generic term IP address typically still refers to the addresses defined by IPv4. The gap in version sequence between IPv4 and IPv6 resulted from the assignment of number 5 to the experimental Internet Stream Protocol in 1979, which however was never referred to as IPv5.

5.5.1 IPv4 Addresses

In IPv4, an address consists of 32 bits which limits the address space to 4294967296 possible unique addresses. It calculates from 232. IPv4 reserves some addresses for special purposes such as private networks (18 million addresses) or multicast addresses (~270 million addresses).

IPv4 addresses are represented in dot-decimal notation, which consists of four decimal numbers, each ranging from 0 to 255, separated by dots, e.g., Each part represents a group of 8 bits (octet) of the address. In some cases of technical writing, IPv4 addresses may be presented in various hexadecimal, octal, or binary representations.

5.5.2. IPv6 Addresses

The rapid exhaustion of IPv4 address space prompted the Internet Engineering Task Force (IETF) to explore new technologies to expand the addressing capability in the Internet. The permanent solution was deemed to be a restore of the Internet Protocol itself. This new generation of the Internet Protocol was eventually named Internet Protocol Version 6 (IPv6) in 1995. The address size was increased from 32 to 128 bits (16 octets), thus providing up to 2128 (approximately3.403×1038) addresses. This is deemed sufficient for the foreseeable future.

5.6 Subnetting

An IP address has two components, the network address and the host address. A subnet mask separates the IP address into the network and host addresses. Subnetting further divides the host part of an IP address into a subnet and host address if additional sub network is needed. Use the Subnet Calculator to retrieve sub network information from IP address and Subnet Mask. It is called a subnet mask because it is used to identify network address of an IP address by performing a bitwise AND operation on the net mask. A Subnet mask is a 32-bit number that masks an IP address, and divides the IP address into network address and host address. Subnet Mask is made by setting network bits to all “1”s and setting host bits to all “0”s. Within a given network, two host addresses are reserved for special purpose, and cannot be assigned to hosts. The “0” address is assigned a network address and “255” is assigned to a broadcast address, and they cannot be assigned to hosts. In the below there is shown a table about subnetting: –

Figure 5.12: Subnetting

5.7 Static IP

A static IP address is one that doesn’t change. Also, can stated like, A static IP address is a number that is assigned to a computer by an Internet service provider (ISP) to be its permanent address on the Internet. If anyone feels the need to always know what IP address is in use then need a Static IP address, because it is constant. Static IP addresses are more reliable for Voice over Internet Protocol (VOIP), more reliable to host a gaming website or to play X-Box, Play Station, use Virtual Private Network for secure access to files from company network computer, etc. Static IP addresses are also great if anyone use computer as a server, as it should give person file server, faster file uploads and downloads.

5.8 Dynamic IP

A dynamic IP address is a DHCP server assigned IP address. Dynamic IP addresses are named such because they can be different each assignment. The biggest advantages of Dynamic IP Addressing are fewer security risks as the computer is assigned a new IP address each time the customer logs on. They are cost effective and there is automatic network configuration. Dynamic addressing is usually used by ISP’s so that one IP address can be assigned to several users. However, some ISP’s use Sticky Dynamic IP Addressing and do not change the IP address very often. Dynamic IP Addressing can be used by families with several computers or by a small business owner who has a home office. The software that comes with a router allows for Dynamic Host Configuration Protocol (DHCP) setup and assigns each computer attached to the router an IP address automatically.

In contrast, Dynamic IP addressing should not be used for VOIP, VPN, playing online games or game hosting because Dynamic IP addressing is less reliable then Static IP addressing and could cause the service to disconnect while you are on a VOIP, VPN or gaming.







Network Infrastructure & Data Centre

6.1 Overview of Sonali Bank Network

Sonali Bank access to the Internet worldwide. They have international branches too. So, the network is distributed for worldwide communication. All the transaction and other things are executed (Store & retrieve) from the data center. They have a large network for maintaining their branches. Currently 1210 branches are connected with their network. That’s why Sonali Bank follows Cisco Three−Tier (Three Layer) hierarchical network model that consists of three layers: The Core layer, the Distribution layer, and the Access layer. Three-Layer network model is the preferred approach to network design.

Three−Tier (Three Layers) Network Model of Sonali Bank LTD.
Figure 6.1: Three−Tier (Three Layers) Network Model of Sonali Bank LTD.

6.1.1 Core Layer

Core Layer consists of biggest, fastest, and most expensive routers with the highest model numbers and Core Layer is considered as the back bone of networks. Core Layer routers are used to merge geographically separated networks. The Core Layer routers move information on the network as fast as possible. The switches operating at core layer switches packets as fast as possible.

6.1.2 Distribution layer

The Distribution Layer is located between the access and core layers. The purpose of this layer is to provide boundary definition by implementing access lists and other filters. Therefore the Distribution Layer defines policy for the network. Distribution Layer includes high-end layer 3 switches. Distribution Layer ensures that packets are properly routed between subnets and VLANs in dedicated enterprise.

6.1.3 Access layer

Access layer includes access switches which are connected to the end devices (Computers, Printers, and Servers etc.). Access layer switches ensures that packets are delivered to the end devices.

6.2 Benefits of Three-Layer Hierarchical Model

The main benefits of Three-Layer hierarchical model are that it helps to design deploy and maintain a scalable, trustworthy, cost effective hierarchical internetwork.

  • Better Performance: Cisco Three Layer Network Model allows in creating high performance networks.
  • Better management & troubleshooting: Cisco Three Layer Network Model allows better network management and isolates causes of network trouble.
  • Better Filter/Policy creation and application:Cisco Three Layer Network Model allows better filter/policy creation application.
  • Better Scalability:Cisco Three Layer Network Model allows us to efficiently accommodate future growth.
  • Better Redundancy:Cisco Three Layer Network Model provides better redundancy. Multiple links across multiple devices provides better redundancy. If one switch is down, Sonali Bank have another alternate path to reach the destination.

6.3 Upstream

In computer networks, upstream refers to sending data from the client or local computer to the server or remote host. Upstream transmissions can take several forms, and the speed at which the data is transferred from the local machine to a server is known as the upstream rate. Upstream traffic can be generated by uploading files or sending emails to a server. Upstream can also refer to signals transmitted from an end user’s computer to a cable service provider. Moreover, upstream speeds are extremely important for peer-to-peer software users.

6.4 Network distribution 

A distribution network is an interrelated arrangement of people, storage facilities and transportation systems that moves goods and services from producers to consumers. A distribution network is the system a company uses to get products from the manufacturer to the retailer. A fast and reliable distribution network is essential to a successful business because customers must be able to get products and services when they want them.

6.5 POP

Point of presence (POP) is the point at which two or more different networks or communication devices build a connection with each other. POP mainly refers to an access point, location or facility that connects to and helps other devices establish a connection with the Internet. It may be either part of the facilities of a telecommunications provider that the Internet service provider (ISP) rents or a location separate from the telecommunications provider. ISPs typically have multiple POPs, sometimes numbering in the thousands. POPs are also located at Internet exchange points and collocation centers.

6.5 Data Centre

A data center (or datacenter) is a facility composed of networked computers and storage that businesses or other organizations use to organize, process, store and disseminate large amounts of data. A business typically relies heavily upon the applications, services and data contained within a data center, making it a focal point and critical asset for everyday operations.

Data Center Blueprint of Sonali Bank Ltd
Figure 6.2: Data Center Blueprint of Sonali Bank Ltd.

Data centers are not a single thing, but rather, a conglomeration of elements. At a minimum, data centers serve as the principal repositories for all manner of IT equipment, including servers, storage subsystems, networking switches, routers and firewalls, as well as the cabling and physical racks used to organize and interconnect the IT equipment. A data center must also contain an adequate infrastructure, such as power distribution and supplemental power subsystems, including electrical switching; uninterruptable power supplies; backup generators and so on; ventilation and data center cooling systems, such as computer room air conditioners; and adequate provisioning for network carrier (telco) connectivity. All of this demands a physical facility with physical security and sufficient physical space to house the entire collection of infrastructure and equipment.

6.5.1 Data center consolidation and colocation

There is no requirement for a single data center, and modern businesses may use two or more data center installations across multiple locations for greater resilience and better application performance, which lowers latency by locating workloads closer to users.

Conversely, a business with multiple data centers may opt to consolidate data centers, reducing the number of locations in order to minimize the costs of IT operations. Consolidation typically occurs during mergers and acquisitions when the majority business doesn’t need the data centers owned by the subordinate business.

Alternatively, data center operators can pay a fee to rent server space and other hardware in a colocation facility. Colocation is an appealing option for organizations that want to avoid the large capital expenditures associated with building and maintaining their own data centers. Today, colocation providers are expanding their offerings to include managed services, such as interconnectivity, allowing customers to connect to the public cloud.

6.5.2 Data center tiers

Data centers are not defined by their physical size or style. Small businesses may operate successfully with several servers and storage arrays networked within a convenient closet or small room, while major computing organizations, such as Facebook, Amazon or Google, may fill an enormous warehouse space with data center equipment and infrastructure. In other cases, data centers can be assembled in mobile installations, such as shipping containers, also known as data centers in a box, which can be moved and deployed as required.

However, data centers can be defined by various levels of reliability or resilience, sometimes referred to as data center tiers. In 2005, the American National Standards Institute (ANSI) and the Telecommunications Industry Association (TIA) published standard ANSI/TIA-942, “Telecommunications Infrastructure Standard for Data Centers,” which defined four tiers of data center design and implementation guidelines. Each subsequent tier is intended to provide more resilience, security and reliability than the previous tier. For example, a tier 1 data center is little more than a server room, while a tier 4 data center offers redundant subsystems and high security.

3-Tier Architecture
Figure 6.3: 3-Tier Architecture

6.5.3 Data center architecture and design

Although almost any suitable space could conceivably serve as a “data center,” the deliberate design and implementation of a data center requires careful consideration. Beyond the basic issues of cost and taxes, sites are selected based on a multitude of criteria, such as geographic location, seismic and meteorological stability, access to roads and airports, availability of energy and telecommunications and even the prevailing political environment.

Once a site is secured, the data center architecture can be designed with attention to the mechanical and electrical infrastructure, as well as the composition and layout of the IT equipment. All of these issues are guided by the availability and efficiency goals of the desired data center tier.

Physical Layout SBL
Figure 6.4: Physical Layout

6.5.4 Energy consumption and efficiency

Data center designs also recognize the importance of energy efficiency. A simple data center may need only a few kilowatts of energy, but an enterprise-scale data center installation can demand tens of megawatts or more. Today, the green data center, which is designed for minimum environmental impact through the use of low-emission building materials, catalytic converters and alternative energy technologies, is growing in popularity.

Organizations often measure data center energy efficiency through a metric called power usage effectiveness (PUE), which represents the ratio of total power entering the data center divided by the power used by IT equipment. However, the subsequent rise of virtualization has allowed for much more productive use of IT equipment, resulting in much higher efficiency, lower energy use and energy cost mitigation. Metrics such as PUE are no longer central to energy efficiency goals, but organizations may still gauge PUE and employ comprehensive power and cooling analyses to better understand and manage energy efficiency.

Power Management of Sonali Bank
Figure 6.5: Power Management of Sonali Bank

6.5.5 Data center security and safety

Data center designs must also implement sound safety and security practices. For example, safety is often reflected in the layout of doorways and access corridors, which must accommodate the movement of large, unwieldy IT equipment, as well as permit employees to access and repair the infrastructure. Fire suppression is another key safety area, and the extensive use of sensitive, high-energy electrical and electronic equipment precludes common sprinklers. Instead, data centers often use environmentally friendly chemical fire suppression systems, which effectively starve a fire of oxygen while mitigating collateral damage to the equipment. Since the data center is also a core business asset, comprehensive security measures, like badge access and video surveillance, help to detect and prevent malfeasance by employees, contractors and intruders.

Data Centre Security Design of Sonali Bank
Figure 6.6: Data Centre Security Design of Sonali Bank

6.5.6 Data center infrastructure management and monitoring

Modern data centers make extensive use of monitoring and management software. Software such as data center infrastructure management tools allow remote IT administrators to oversee the facility and equipment, measure performance, detect failures and implement a wide array of corrective actions, without ever physically entering the data center room.

The growth of virtualization has added another important dimension to data center infrastructure management. Virtualization now supports the abstraction of servers, networks and storage, allowing every computing resource to be organized into pools without regard to their physical location. Administrators can then provision workloads, storage instances and even network configuration from those common resource pools. When administrators no longer need those resources, they can return them to the pool for reuse. All of these actions can be implemented through software, giving traction to the term software-defined data center.

Data Center Infrastructure Management & Monitoring 3D Design of Sonali Bank
Figure 6.7: Data Center Infrastructure Management & Monitoring 3D Design of Sonali Bank





Chapter 07



Network Monitoring

7.1 Sonali Bank IT Dept. Hierarchy

Sonali Bank has a lot of dept. as it is the largest govt. bank in Bangladesh. They are maintaining 44 departments which is stated in chapter 2. I’ll describe here about their IT Dept. where I was assigned to do my internship. They have 2 division in IT Dept.

  1. IT Division 1 &
  2. IT Division 2

Each of the division has some other sections.

7.1.1 IT Division 1:

Sections of IT division 1:

  • CBS
  • EFP
  • Mobile Banking
  • Agent Banking
  • Network

7.1.2 IT Division 2:

Sections of IT division 2:

  • SBS
  • RMS+
  • Computer Hardware
  • CCTV Monitoring

Fortunately, I was assigned in IT division 1 “Network” section. Network section is also having 4 team.

  • Admin
  • Core Team
  • WAN Team
  • LAN Team

I’ve worked with all of them. LAN team is handling the connectivity. WAN team is supporting the branches and monitoring the network. Core team is working on NOC, DC, Security System and other administrative work with the admin team. Admin team is monitoring the whole thing.

SBL IT Dept Hierarchy
Figure 9.1: SBL IT Dept Hierarchy

7.2 Overview of Network Monitoring System

Network Monitoring System is a part of Sonali Bank Ltd. This task is divided into 2 parts. Basic supports are given by WAN team and advanced one is under Core team. This is the department which duty is to

  • Network monitoring Center
  • Branch Support
  • Communicating the vendors

Network monitoring center is implemented by public utilities, business organizations, universities and government agencies that oversee complex networking environment that require high availability. The NMC personnel are responsible for monitoring one or many networks for certain conditions. In branch supporting system, support team find out that which link is down or take calls from the respective branches which are facing the network issue then they give some common solutions. If it is not fixed yet, then send mail to the vendors with the branch number which are facing the network problem. Support center also provide Client support any time.

7.3 Responsibility of Monitoring Center

Network Monitoring Center (NMC) receives problems and then analyzes the problems partially. Also perform troubleshooting, communicate with the technicians, other internal departments of the organization and also the vendors. Even the NMC personnel direct communicate with the NOC- Network Operation Center, Fiber team and the branch IT officers.

When necessary, NMCs escalate problems to the appropriate stakeholders. For strict conditions that are impossible to anticipate, such as a power failure or a cut optical fiber cable, NMCs have procedures in place to immediately contact with fiber team or vendors to remedy the problem.

NMC receives the problem via phone call, electric mail or by SMS. Also, the corresponding team is responsible to keep the entire record document. The NMC personnel are responsible for monitoring one or many networks for certain conditions that may require special attention to avoid degraded service. They are always monitoring the branch IPs whether it is up or not.

The organization has more than one NMC. The purpose for keeping several NMC team might be either to manage different networks or to provide geographic redundancy in the event of one site becoming unavailable.

7.4 Monitoring Tools of Sonali Bank LTD.

Sonali Bank monitoring teams are using different tools for the monitor purpose. They are: –

  • NPM- Network Performance Monitor
  • Netflow Traffic Analyzer
  • SAM- Server & Application Monitor
  • Live Branch

7.4.1 NPM- Network Performance Monitor


Key Features:

  1. Multi-vendor network monitoring

Multi-vendor fault, performance, and availability monitoring with Network Performance Monitor.

Reduce network outages and quickly detect, diagnose, and resolve multi-vendor network performance issues with affordable, easy-to-use network monitoring software.

NPM Network Summary
Figure 9.2: NPM Network Summary
  1. NetPath™ critical path visualization

Advanced network troubleshooting for on-premises, hybrid, and cloud services with critical path hop-by-hop analysis.

  1. Performance analysis dashboard

PerfStack™ cross-stack network data correlation.

Accelerate identification of root cause by dragging-and-dropping network performance metrics on a common timeline for immediate visual correlation across all the network data.

  1. Intelligent alerts

Get to the root cause quicker with intelligent, dependency and topology-aware network alerts.

Reduce the flood of unnecessary network alerts. Create alerts based on simple or complex nested trigger conditions, defined parent/child dependencies, and network topology.

NPM Active Alerts
Figure 9.3: NPM Active Alerts
  1. Network insight for F5® BIG-IP®

Comprehensive monitoring of F5® BIG-IP® family of products.

With Network insight, they can monitor the health and performance of all components of application delivery, including Wide IPs, virtual servers, pool members, and more.

  1. Wireless network monitoring and management

performance metrics for autonomous access points, wireless controllers, and clients.

Easily identify dead zones and improve wireless coverage. With our network monitoring tool, you can access out-of-the-box wireless reports, including wireless availability and rogue access points.

Wireless Summary
Figure 9.4: Wireless Summary
  1. Wireless heat maps

Create custom WiFi heatmaps to identify coverage and location of connected clients. Easily identify dead zones and improve wireless coverage.

NPM WiFi Heatmap
Figure 9.5: NPM WiFi Heatmap
  1. Network performance baselines

Dynamically calculate baseline thresholds from historical network performance data.

Configure alerts accurately by calculating dynamic baseline threshold data with our network performance monitoring software.

Active Alerts
Figure 9.6: Active Alerts
  1. Integrates with SolarWinds Engineer’s Toolset

Engineer’s Toolset’s real-time monitoring tools start directly from elements within Network Performance Monitor (NPM), enabling faster problem-solving.

Access Response Time Monitor, Memory Monitor, CPU Monitor, Interface Monitor, and TraceRoute on any monitored element within NPM.

ETS Differentiator
Figure 7.7: ETS Differentiator

Minimum System Requirements:

NPM System requirements
Figure 7.8: System requirements

7.4.2 Netflow Traffic Analyzer


Key Features:

  1. Bandwidth monitoring

Monitor bandwidth use by application, protocol, and IP address group.

Monitoring of Cisco NetFlow, Juniper, J-Flow, sFlow, Huawei NetStream, and IPFIX flow data identifies which applications, and protocols are consuming the most bandwidth.

Top 10 Applications
Figure 9.9: Top 10 Applications
  1. Network traffic analysis

Analyze network traffic patterns over months, days, or minutes by drilling down into any network element.

NetFlow Traffic Analyzer collects traffic data, correlates it into a useable format, and presents it to the user in a web-based interface for monitoring network traffic.

Traffic Analyzer
Figure 9.10: Traffic Analyzer
  1. Performance Analysis Dashboard

PerfStack™ cross-stack network data correlation.

Accelerate identification of root cause by dragging-and-dropping network performance metrics on a common timeline for immediate visual correlation across all your network data.

  1. CBQoS policy optimization

Measure the effectiveness of pre- and post-policy traffic levels per class map to determine if QoS policies are working as planned.

Business relies on VoIP, e-commerce, or other cloud-based applications, netflow monitoring will help confirm that prioritized traffic passes smoothly through the network.

Figure 9.11: CBQoS Policy

  1. Customizable network traffic reports

Create, schedule, and deliver in-depth network traffic analysis and bandwidth reports with just a few clicks.

Figure 9.12: Application & Receivers

  1. NBAR2 advanced application recognition

Identify which applications and categories consume the most bandwidth for better network traffic visibility with NBAR2 support.

Cisco NBAR2 support gives visibility into HTTP (port 80) and HTTPS (port 443) traffic without the need for additional probes, spanning ports, etc.

Figure 9.13: Applications

  1. WLC traffic monitoring

Monitor Wireless LAN Controller traffic to keep tabs on applications and clients utilizing bandwidth on your wireless network.

In today’s mobile world, it’s important to keep your wireless network running smoothly. With WLC network traffic analysis, you can easily see what’s using your wireless bandwidth.

Figure 9.14: WLC traffic

  1. Integration with SolarWinds User Device Tracker

User Device Tracker (UDT) allows to identify bandwidth hogs slowing down the network when integrated with NTA.

UDT provides user contact info and switch port location – allowing to tell the user to reduce their bandwidth usage or to remove them from the network.

Minimum System Requirements:

Figure 9.15: System Requirements

7.4.3 SAM- Server & Application Monitor

Key Features:

  1. Get started in minutes

Automatic application discovery and dependency mapping.

Download, install, automatically discover the environment, and start monitoring in about an hour. No professional services required.

Figure 9.16: Application Discovery

  1. Monitor across cloud environments

Unified server and application monitoring across private, public, and hybrid cloud environments.

Provide end-to-end visibility and performance monitoring of the server and applications using agent and agentless based technologies.  Monitor across multiple data centers, remote locations, or cloud (Amazon AWS, Microsoft Azure, Google Cloud, etc.)

Figure 9.17: Cloud Server

  1. Application-centric monitoring

Built-in templates provide best practices.

Apply a template for AD, Java, XenApp, IBM WebSphere, Lync, and hundreds of other applications, and start monitoring immediately.

Figure 9.18: SAM Summary

  1. Identify the root cause of application problems

Application-centric infrastructure dependency mapping.

With the AppStack™ dashboard, they can quickly pinpoint the root cause of application issues within physical and virtual server environments. Identify where application issues originate in just a few seconds.

Figure 9.19: SAM-appstack

  1. Built-in virtualization monitoring

Microsoft Hyper-V and VMware ESX health and performance metrics.

Monitor the health and availability of virtual hosts and guests alongside physical servers. Integration with SolarWinds® Virtualization Manager provides deeper insight to troubleshoot virtualization issues.

Figure 9.20: Virtualization

  1. Storage performance and health

Server volume monitoring and capacity planning.

Monitor server storage volumes, disk usage, and capacity metrics out of the box. Integration with SolarWinds Storage Resource Monitor provides deeper insight to troubleshoot storage issues in SAN and NAS environments.

Figure 9.21: SAM-volume monitoring

Minimum System Requirements

Figure 9.22: System Requirements

7.4.4 Live Branch

Live branch is their own monitoring tool developed by their software engineers which shows the data whether a branch router and switches are up or down

Figure 9.22: CBS Live Branch

 7.5 Network Monitoring Center of Sonali Bank Ltd.

In Sonali Bank Ltd. the NMC-Network Monitoring Center divided into three parts. These are Upstream, Downstream and Vendor.

Figure 9.23: Organizational Hierarchy of Network Monitoring System of Sonali Bank.

7.5.1 Upstream

The organizations, which provides bandwidth to Sonali Bank, that organization is called Upstream. MetroNet, AND, Brac, RanksIT, GP are providing bandwidth to Sonali Bank. Those organizations are upstream for Sonali Bank.

7.5.2 Vendor

Which organizations using as media to transmit bandwidth upstream to downstream and downstream to upstream those are called vendor. MetroNet, AND, Brac,RanksIT, GP are media to transmit bandwidth in Sonali Bank. So those are Vendors for Sonali Bank.

7.5.3 Downstream

Those companies who take bandwidth from Sonali Bank are called Downstream. Those companies are located in Bangladesh. Client type is Corporate such as Bank, Financial Institutes, Large cooperation, SMEs-Small and Medium Enterprises, ISP etc.

7.6 Limitation

Due to the govt. bank rules and their security reason they didn’t give me the permission to work on all of their monitoring tools. All of the activities were described by them. Based on that data most of the topics are discussed.





Chapter 08



Real Life Problem Identification and Solution of NOC Data

8.1 NOC (Network Operation Center)

A Network Operations Center, or NOC, is the primary work space engineers utilize to monitor, manage and troubleshoot problems on a network. The Network Operations Center offers oversight of problems, configuration and change management, network security, performance and policy monitoring, reporting, quality assurance, scheduling, and documentation by utilizing sophisticated network management, monitoring and analysis tools. The NOC provides a structured environment that effectively coordinates operational activities with all participants and vendors related to the function of the network. The NOC technicians typically provide support twenty-four hours a day, seven days a week.

Typical daily processes include:

  • Monitoring operations of all backbone links and network devices.
  • Ensuring continuous operation of servers and services.
  • Providing pro support for branch network.
  • Troubleshooting of all network and system related problems.
  • Instant solution if possible otherwise forward the issue to vendors.
  • 12 hours a day, 5 days a week supervised operation by highly skilled network and system engineers and a backup support from vendors

8.2 Analysis of Sonali Bank NOC Data

For any kind of networking services, the company has to face lots of complains every day and if it is for a bank with lots of branches then there is no word because here uptime is the first condition. At the same time, they also have to face some system related issue. Every single day there is lots of complain comes from the different branches and NOC collected those data. So, I have tried to collect some data from NOC and attempt to find out major disruption areas in Sonali Bank network based on data from January 2017 to July 2017. Quality of Service can be improved by focusing on these issues.

  • Time Duration: From 01/01/2017 to 31/07/2017
SL. No.Disruption NameFrequency
Fiber cut840
Switch down422
Speed slow700
Not Browsing56
Mail server problem29
Core broken30
Fiber Burn607
Pigtail broken45
Core bend498
Fiber Bend567
Patch cord560
Backbone down23
Trouble shooting13860
POP down29
UPS faulty37
Poor battery9
Wrong port1367
Maintenance work9
Fiber stolen31
Power Problem9
MC adapter replace11
Backbone down14
Link shift9
Problem at Vendor end17

8.2.1 Major Network Disruption Issues

After my analysis, I have tried to find out the major disruption issue. According to the number of frequency I have made a table. Then I have given my analysis to the NOC department. The department appreciated me for doing this task.

No.Major ProblemsFrequency
1.Trouble shooting13860
2.Wrong port1367
3.Fiber cut840
4.Speed slow700
5.Fiber Burn607
6.Fiber Bend567
7.Patch cord560
8.Core bend498
9.Switch down422
10.Not Browsing56

Table 6.2: Issues are Occurred Most of the Time in the Network

8.3 Graph of Service Disruption Frequency

From the analysis, I have made a graph where I highlight the first 10 major disruption issues. From the graph, we can see that 71% disruption happened because of the Troubleshooting.

8.4 Solution of Network Disruption

For a support solution, focusing on infrastructure and equipment as well as performance, security and domains. Major customers have improved reliability, cyber security and operational efficiency using Sonali Bank network.

At the time of network disruption, they have taken some steps and tried to give the solution to branches as early as possible. Some solutions are given below: –

  1. Fiber cut: For any network, this problem is common and it occurs maximum time. When the fiber is cut then the first duty is to inform the technical team of the vendor. The technical team of respective vendor checks the fiber where it is cut by using Auditor fiber machine. After identifying the place, technical team go that place and join the fiber with splicer machine.
  2. Switch down: When the switch is down, the support team checks that the switch power status is ok or not. At the same time, he also checks the switch up link and UTP cable connection. When all of these are ok, then the switch will be up.
  3. Speed slow: This is also a common problem of Sonali Bank network. Everyday there is at least 5 branches complain about the issue. There is some reason about the speed slow of network. The first reason is connectivity. Sometimes it happens that the internet connector like Rj45 connector is loose. For this reason, the speed is slow. In this time support team tells client to reconnect the connector. Another reason is broadcast. When broadcast is happened, branches gets speed slow. Sometimes branches uses most bandwidth in his target IP. In that moment that branches gets the speed slow. So, the solution is to increase the bandwidth in the target IP.
  4. Not Browsing: At the time of not browsing the engineer checks the following issue: –
  • Fiber laser up/down.
  • Media converter condition good or bad.
  • User end router condition ok or not.
  • Branch Wi-Fi ok or not.

When everything will be ok, the problem will be solved and client can browse the website and internal data server.

  1. Mail server problem: This problem is very sensitive as it is mail server problem. In this time, the engineer first check server log. Then he checks is it the incoming mail problem or outgoing mail problem. According to problem they forward a mail to vendors and their engineers fix the issue.
  2. Core broken: For this kind of problem the solution is given by the technical team. As the core is broken, so the team use splicer machine to join the core again.
  3. Fiber Burn: When the fiber is burn, the technical team of the respected vendor replaces the fiber immediately.
  4. Pigtail broken: When the fiber optic cable is broken then firstly the technical team of the respected vendor find out where the cable is broken. After that by using splicer machine the cable will be joined.
  5. Core bend: When the core is bending then it has to dressing roundly by using splicer machine.








Core Risks & Cyber Risks

9.1   Managing Core Risk in Banking: Investment Risk Management

Introduction: Banking Industry is vulnerable to risks of diverse dimension due to:

  • Banks direct exposure to many sectors of the economy
  • Cross border implication inherent in its activities.

As per Bangladesh Bank guidelines there are seven core risks in banking sector. These are:

  1. Credit Risk/ Investment Risk
  2. Foreign Exchange Risks
  • Internal Control and Compliance Risks
  1. Money Laundering Risk
  2. IT Security Risks &
  3. Environmental Risks

            9.1.1 Credit Risk/ Investment Risk Management

Credit / Investment Risks are associated with Credit activities of the bank. Credit risk arises from the potential that a banks borrower will fail to meet its obligations in accordance with agreed terms. Credit risk also refers the risk of negative effects on the financial result and capital of the bank caused by borrower’s default on its obligations to the bank.

The assessment of credit risk involves evaluating both the probability of default by the borrower and exposure or financial impact on the bank in the even the default. To manage the credit/investment risks the following guidelines are recommended.

9.1.2 Asset and Liability / Balance Sheet Risks

Asset and liability management is the most important function of Bank management. Asset Liability Management ensures balanced fund mobilization and their deployment with respect to their maturity profile, cost, yield as well as risk exposure.

ALM policy statement through ALCO paper Indicates as follows:

  1. Investment Deposit Ratio
  2. Whole sale Borrowing Guidelines
  • Commitments
  1. Medium Term Funding Ratio
  2. Maximum Cumulative Out- flow
  3. Liquidity Contingency Plan
  • Investment Regulatory complain

ALM also discusses the following issues:

  1. Balance sheet Risk
  2. Liquidity Risk
  • Interest Rate Risk and
  1. Capital Adequacy Risk

9.1.3 Foreign Exchange Risk Management:

Foreign Exchange Risk Management in Banks has become inevitable because:

  • Change in regulatory policies in 1993 where Taka was declared convertible in the current account.
  • Commercial Banks were given responsibility to ascertain genuineness of the transactions following withdrawal of Central Bank’s prior approval requirements.
  • The responsibility of exchange rate quotation has been left to the commercial Banks under floating exchange rate.
  • To adapt to the changed environment many banks established dealing rooms.

Burdened with non-performing assets and shortfall in capital adequacy banks are now exploring the possibilities of earning from off balance sheet activities. This led to the emergence of new profit center Treasury Dealing Room. This is not   also free from risk. So, risk management becomes inevitable.

        9.1.4 Internal Control & Compliance Risks Management Definition:

According to IMF publication, Internal Control refers to the Mechanism in place on a permanent basis to control the activities in an organization, both at a central and at a departmental/divisional level. Objectives of Internal Control and Compliance (ICC):

The primary objective of internal control system in a bank is to help the bank perform better through the use of its resources. Through internal control system, bank identifies its weaknesses and takes appropriate measures to overcome the same. The major objectives of internal control are as follows:

  • Efficiency and effectiveness of activities: Performance objective
  • Reliability, Completeness and timelines of financial and management information: Information Objective.
  • Compliance with applicable laws and regulations: Compliance Objective Structure of the ICCD.

Organizational structure plays a vital role in establishing effective internal control system. The essence of the ideal organizational structure that will facilitate effectiveness of the internal control and compliance system is the segregation of duties. The bank should, depending on the structure, size, location of its branches and strength of its manpower, try to establish an organizational structure which allows segregation of duties among its key functions such as marketing, operations, audit, financial administrations etc. Extent of this segregation will depend on an individual bank; that is small or big branch operations.

The Head of Internal Control and Compliance Department (ICCD) should have a reporting line with the bank’s Board while the Audit Committee (AC) of the board will be the “Contact Point” for this dept. This dept. also has a reporting line with the MD/CEO of the Bank. Functions of ICCD

The head of the internal control will be responsible for the both compliance and control related tasks which include compliance with laws and regulation, audits and inspection, monitoring activities and risk assessment. The head of internal control will report directly to the MD and also have an indirect reporting line to the Audit Committee of the Board. Monitoring Unit

  • Monitor the operational performance of branches/dept.
  • Collect relevant data and analyze these to assess the risks of individual
    • Recommend the Head of ICC for sending audit and inspection tea in case of major deviation.
    • Prepare an annual health report of the bank. Audit and Inspection Unit

  • Conduct Risk Based Annual Audit
  • Conduct special audit
  • Surprise audit
  • Prepare a summary report on audit findings
  • Make sure that prompt action is taken in rectification of deficiencies pointed out in the DCFCL

9.1.5 Money Laundering Risk Management:

Money laundering risk is the risk of loss of reputation of the Bank.  It is the process by which proceeds from a criminal activity are dis-guised to conceal their illicit origins. Basically, money laundering involves the proceeds of criminally derived property rather than the property itself. Money launderers send illicit funds through legal channels in order to conceal their criminal origins.

Laundering is not a single act but a process accomplished in 3 basics stages, which may comprise numerous transactions, by the launderers that could alert a financial institution to criminal activity.

Placement– the physical disposal of the initial proceeds derived from illegal activity.

Layering– separating illicit proceeds from their source by creating complex layers of financial transactions designed to disguise the audit trail and provide anonymity.

Integration– the provision of apparent legitimacy to wealth derived criminally. If the layering process has succeeded, integration schemes place the laundered proceeds back into the economy in such a way that they re-enter the financial system appearing as normal business funds.

The three basic steps may occur as separate and distinct phases. They may also occur simultaneously or, more commonly, may overlap.

The Money Laundering Prevention activities in banking include:

  • Obtention of KYC, TP forms & maintenance
  • Record keeping
  • Reporting STR, CTR, Quarterly report etc.
  • Staff training regarding AML activities
  • Communication with regulatory Authority
  • Compliance of AML guidelines by Bank Authority
  • Bank BOD commitment towards AML guideline

9.1.6 IT Risk Management

Information technology (IT) plays a critical role in many businesses. IT risks include hardware and software failure, human error, spam, viruses and malicious attacks, as well as natural disasters such as fires, cyclones or floods.

If our business uses information technology (IT), it’s important to understand the key steps that we can take to minimize IT risk. Risks include hardware and software failure, human error, spam, viruses and malicious attacks, as well as natural disasters.

A code of conduct can provide staff and customers with clear direction and define acceptable behaviors in relation to key IT issues, such as protection of privacy and ethical conduct.

9.1.7 Environment Risk Management

Why add environmentally derived risks:

  • Every business activity has some inherent environmental, health & safety risks.
  • If clients don’t properly manage those inherent environmental health & safety risk, they can create environmentally derived financial, legal and reputational risks and liabilities for our clients.

Environmentally Derived Risks for the Bank:

  • Inability of the client to make payments due to unexpected environmental costs.
  • Over valuation of assets offered for security
  • Decrease in the value of security due to environmental impairment during the term of the investment.
  • Legal liability for clean-up.

Environment Risk Management Procedures

  • Identify Environmentally derived, potential liabilities for the bank in transaction
  • Assess the awareness, commitment and resources of the client manage the environmental risk creating those potential liabilities.
  • Manage & control the bank’s exposure to environmentally derived liabilities

9.2   Cyber Risks

For financial institutions today, getting hacked is an omnipresent danger. The Financial Services Information Sharing and Analysis Center (FS-ISAC), a non-profit threat intelligence sharing group for the financial sector, estimates that its members report an average of 400 potential threats each day, many of them from cyber criminals attempting to penetrate financial systems to access an array of sensitive information.

Hackers use various methods and tools to perpetrate cyber-attacks on financial institutions as well as other businesses. Here are five of the most common:

9.2.1       Business Email Compromise (BEC):

An employee receives an email from a company executive requesting that he immediately wire a large amount of money overseas. The employee, intent on following the boss’s orders, executes the transfer right away…but there’s a problem. The emailed request didn’t come from the executive at all, but rather from a thief who managed to successfully impersonate the executive, either by hacking into her account or creating an email account that looks very similar to hers. BEC scammers stole nearly $215 million dollars around the world between October 2013 and Dec. 1, 2014, according to the FBI.

9.2.2       Distributed Denial of Service (DDoS):

Banks and other financial institutions want their websites and networks to be popular, but not so popular that their systems are overwhelmed and can no longer serve their customers. Hackers use DDoS attacks to achieve such mayhem by using multiple — possibly thousands — of computers to send fake traffic to targeted websites, overloading them to the point of paralysis. The hackers may demand their targets pay a ransom to prevent future attacks, as the criminal group DD4BC infamously did when it attacked financial services firms in 2015.

9.2.3       Malware:

Short for “malicious software,” malware downloaded onto computers and computer networks may destroy or steal data or render networks inoperable, leaving businesses and their customers vulnerable to major financial losses. Computers can often become infected with malware when users click on what appears to be a credible link or download what they believe to be a legitimate program. Late last month, for instance, hackers attempted to trick Internet users into clicking on a malware link disguised as an article about actor Brad Pitt.  In many instances, unfortunately, users may not realize they have downloaded malware or only find out after the fact. Security experts recommend that those who suspect they’ve accidentally downloaded malware run anti-virus scans to identify and address malware problems.

9.2.4       Phishing:

Why use back channels to steal sensitive information when you can trick your target into just handing it over? Through phishing, hackers impersonate legitimate businesses or government organizations over email to request data such as passwords and bank account numbers that they can use to access bank accounts or wreak other havoc. Hackers intending to pursue a BEC scam, for instance, may start by phishing an executive to gain access to her credential and later use them to trick her employees into transferring cash. Scammers can also use phishing emails to trick users into downloading malware.

9.2.5       Ransomware:

Ransomware is a form of malware that seeks to restricts users’ access to their computers and computer networks until they, as the name implies, pay some sort of ransom — often through an electronic currency known as bitcoin — to the hackers behind the ransomware. One particularly aggressive form of ransomware, known as CryptoWall, was responsible for losses of more than $18 million between April 2014 and June 2015, the FBI reported.

9.3   Strixus: A Solution to External Cyber Threats

As 2016 rolls on, so does the Depth of our Strixus Global Threat Intelligence system. As a managed service with close-to-real-time monitoring in 27 languages, backed by an Operations team with deep understanding and access to the underground communities, Strixus has become a common name in corporate security for Cyber Threat Intelligence and external threat reports for banks.









10.1 Conclusion

In today’s competitive job market, employers are looking for the best of the best. They want employee to have a glowing resume, an array of extracurricular hobbies and, on top of that, previous professional experience. But where do employees get experience if no one will hire them because they are looking for someone with experience? The answer to this vicious circle: internships. By doing an internship, students will get all of the personal and cultural perks while simultaneously reaping the professional benefits of doing an internship.

On average, only 30% of graduating seniors have job offers before graduation; however, after completing an internship, that figure rises to 58%.

Along with job shadows and informational interviews, internships are one of the best ways to truly learn about field from a real-world perspective. While the classroom certainly teaches students important information, there’s something different about implementing those teachings with a real client or customer.

The main objective of this Report is to monitor the network and network infrastructure as well as the problem solution of the network. I have learned some practical knowledge how to manage the customer and how a network is monitored by using Live Branch software. I have also learned some physical connection, remotely computer manage for VLAN and WAN, Router Configure, Switch configure, and how to improve the connectivity for smoothly running the network.

This report will satisfy the thirst of knowledge about the Network monitor and Maintenance system. My effort will be successful if this report makes the analyzer satisfy. Sincerity, I have worked very hard to make this project full-fill but as we are human being there always be some errors. I tried to my level best to make it errorless as far as possible and successful in every step. I hope this project serve well to its benefactor.



10.2 Books and Data

  • Data Communications and Networking 9th By Forouzan & Forouzan.
  • Douglas, E. Comer. Computer Networks and Internets: 5th ed. New Delhi: Prentice Hall, 2007.


  • Sonali Bank Ltd, 10 Jun 2017


  • Sonali Bank Ltd, 10 Jun 2017


  • Kevin Hamilton Kennedy Clark. LAN Switching (CCIE Professional Development). Cisco Press, 1999.
  • Network Design. Penttinen A., Chapter 10 – Network Planning and Dimensioning, Lecture Notes: S-38.145 – Introduction to Teletraffic Theory, Helsinki University of Technology, fall 1999.
  • Farr R.E., Telecommunications Traffic, Tariffs and Costs – An Introduction for Managers, Peter Peregrinus Ltd, 1988.
  • “Network Cabling” Blog of FCIT., 22 Jun 2017


  • “Cabling pinouts”, Computer Cable Store, 07 Jul 2017


  • “Straight Cable and Cross Cable”, Network Help Blog, 07 Jul 2017

< >

  • “Hardware”, Florida Center for Instructional Technology, 09 Jul 2017


  • “Topology”, Florida Center for Instructional Technology, 09 Jul 2017


  • “Types of Network”,, 10 Jul 2017


  • “Network Topology”, Tech Target, 09 Jul 2017


  • “Types of Network Topology”, Study Tonight, 09 Jul 2017


  • “Data Center”, Tech Target, 12 Jul 2017


  • “Network Performance Monitor”, Solarwinds, 25 Jul 2017


  • “Netflow Traffic Analyzer”, Solarwinds, 30 Jul 2017


  • “Server Application Monitor”, Solarwinds, 05 Aug 2017


  • “Cyber Threats of Banking Industry”, Massive, 20 Jul 2017


  • “Five Major Cyber Threats”, Finra, 07 Aug 2017




    julie seo toronto real estate says:
    October 4, 2017 Reply

    This is a great tip especially to those new to the blogosphere.
    Simple but very precise information… Thank you for sharing this one.
    A must read post!

Leave a Comment

Your email address will not be published.