A STUDY ON ENTERPRISE NETWORK ROLE OF BRAC BANK by Sabina Kamal ID: 0631038 An Internship Report Presented in Partial Fulfillment of the Requirements for the Degree Bachelor of Science in Electronics & Telecommunication Engineering INDEPENDENT UNIVERSITY, BANGLADESH May 2011 Internship A STUDY ON ENTERPRISE NETWORK ROLE OF BRAC BANK by Sabina Kamal ID: 0631038 has been approved May 2011 ______________________________ Dr. Firoz Ahmed Assistant Professor School of Engineering & Computer Science Independent University, Bangladesh ABSTRACT
This internship report is an exclusive study of Enterprise Network role at BRAC Bank Ltd. The main Objective of this report is to get the practical experience through observing all sort of network solution to business systems and applications of Bank through flexible Data communication model, Moreover the strategic direction of enterprise network places high value on data communication systems which can support various distribution channel like Branch, SMESC, CRM, ATM etc. through LAN & WAN and also ensure utilization of internet and intranet effectively. iii ACKNOWLEDGEMENTS
First of all I wish to convey our heartfelt thanks and gratitude to Almighty Allah to complete the internship successfully and also those who all rendered their cooperation in making this report. Without their assistance I could not have completed my internship. I like to convey my sincere and cavernous sense of respect and appreciation to my supervisor Dr. Feroz Ahmed, for his persistent support and guidance throughout the whole program and also for giving me the opportunity to work with this project. I would like to express my heartiest gratitude to my co-supervisor Mr.
Mohammad Morshed, (Analyst, Technology User Infrastructure, BRAC Bank Limited). Discussions with him about various topics have enriched my conception and knowledge about this internship. I also convey grateful thanks to Mohammad Fakrul Alam (Senior Manager of Network Service) and Md. Mahbubul Alam (Network Analyst) of Technology Operations division of BRAC Bank Ltd. The completion of this report would not have been possible without the help of the people who provided tremendous amount of help and support in the making of this report. I acknowledge expressing heartiest gratitude to my honorable supervisor.
My internship achieved its desired success. This internship gives me the opportunity to practically work on the overall technology based banking systems, focusing on the various aspects & analysis. Accomplishing the report, I gathered a thorough idea and view on various Issues about how to maintain or support of a Banking System. iv TABLE OF CONTENTS Page LIST OF TABLES ………………………………………………………………………….. LIST OF FIGURES …………………………………………………………...................... CHAPTER …………………………………………………………………………………… 1 INTRODUCTION …………………………………………………………………. 1. 1 1. 2 1. 3 1. 4 1. 2 Introduction ……………………………………………………………........ Origin of the Report ………. ……………………………………….............. Objective of the internship…….. …………………………........................... Scope……….. …………………………......................................................... About BRAC BANK…………………………………………....................... 1 1 1 2 3 3 6 6 8 8 x xi ENTERPRISE NETWORK ROLE……………... ………………………............... 2. 1 2. 2 Enterprise Network Role at BRAC BANK ………………………………… Daily, Weekly, Monthly & Other regular duties ………………................. 2. 2. 1 Daily Activates……………………………………………………… Monitoring Total Network……………………………….. . 2. 1. 1 8 8 2. 2. 1. 2 LAN & WAN Support for Total Network……………….. v 2. 2. 1. 3 LAN / WAN security……………………………………… 2. 2. 1. 4 Internet connectivity………………………. ……………… 2. 2. 1. 5 Western Union and Other Remittance Program ….. ……... 2. 2. 1. 6 SWIFT server administration ……………. …………... … 2. 2. 1. 7 APN connectivity ……………. ………………. …….. …... 8 8 9 9 9 9 9 10 10 10 10 11 11 13 15 16 17 2. 2. 1. 8 Allocation of IP………………………………………….... 2. 2. 1. 9 Network devices health check ………………. ……. …..... 2. 2. 2 Weekly Activities…………………………………………………... 2. 2. 2. 1 Configuration Back…………………….......................... 2. . 3 Monthly Activities………………. ………………………………… 2. 2. 3. 1 SWIFT archive and backup……………………………… 3 NETWORK ARCHITECTURE DESIGN 3. 1 3. 2 3. 3 3. 4 3. 5 Data Center Architecture …………………............................................ Omnibus Architecture ……………………. …………………………........ Eldorado Architecture …………………………………………………….. Network Architecture of Branches ……….. …………………................. Network Architecture of a sample Branch…………………………... …… vi 3. 6 4 ATM Architecture……………………………………………………....... 22 19 19 20 21 21 21 21 22 22 22 22 23 23 30 30 30 LINK ESTABLISHMENT, CONFIGURATION AND TROUBLESHOOTING 4. 1 4. 4. 3 4. 4 New link deployment……………………………………………………… Link vendor selection ……………………………….............................. Network maintenance……………………………………………………… Link monitoring & maintenance………………………………………….. 4. 4. 1 4. 4. 2 4. 5 Branch Link monitoring & maintenance…………………………. ATM link monitoring & maintenance………... ………………..... Link troubleshoot checklist……………………………………………..... 4. 5. 1 4. 5. 2 Radio Link…………………………. ……………………………. Fiber Link………………………………………………………… 4. 6 5 Remote access policy…………………………. ………………………….. Wi-Fi AND INTERNET CONNECTIVITY…………………………………….. 5. 1 Wi-Fi activation…………………………………………………………… BANDWIDTH MANAGEMENT AND MONITORIN……………………………………. 6. 1 6. 2 Overview of Bandwidth management……………………………………………………. Bandwidth Management at BRAC Bank………………………………………………… vii 6. 3 OpUtils…………………………………………………………………………………………………. 6. 3. 1 Switch Port Mapper………………………………………………………………….. 6. 3. 2 IP Address Manager…………………………………………………………………… 30 32 34 37 37 37 42 44 45 7 MAINTENANCE OF GRAMEENPHONE APN………………... ……………... 7. 1 Maintenance of GP Access point Network……………………………… 7. 1. 1 GP Huawei Modem Installation…………………………………. 7. 1. 2 ZTE Modem Installation………………………………………… 7. 1. 3 ADN Modem Installation……………………….. …………… 8 CONNECTIVITY AND ADMINISTRATION OF ALL PAYMENT NETWORK SOFTWARE……………………………………………………….. 8. 1 Western Union…………………………………………………………… 8. 1. 1 Installation process………………………………………………. 8. 2 SWIFT…………………………………………………………………… 8. 2. 1 BRAC Bank Swift Network Diagram…………………………… 8. 2. 2 SWIFT Infrastructure Overview………………………………… 8. 2. 3 Maintaining the SWIFT environment…………………………… 8. 2. 3. 1 Daily activities…………………………………………… 45 45 65 66 66 68 68 viii 8. 2. 3. 2 Weekly activities…………………………………... ……. 8. 2. 3. 3 Monthly activities ……………………………………….. 8. 2. 3. 4 Yearly activities………………………………………….. MAINTENANCE, MONITORING & SUPPORT……………………………… 9. 1 9. 2 Overview………………………………………………………………….. What's Up Gold…………………………………………………………… 9. 2. 1 Create a New Map……………………………………………....... 9. 2. 2 What’sUpGold Web Server………………………………............ 10 CONCLUSION…………………………………………………………………….. REFFERENCES…………………………………………………………………… 68 68 69 70 70 70 70 74 75 76 ix LIST OF TABLES Table 4. 1 Issues related link vendor selection 8. 1 Support Level 8. 2 User format for Western union 8. 3 Terms and description of SWIFT Page 20 64 65 67 x LIST OF FIGURES Figure 3. 1 3. 2 3. 3 3. 4 3. 5 3. 6 3. 7 4. 1 4. 2 4. 3 4. 4. 5 4. 6 4. 7 BRAC Bank Data Center Architecture Data Center Connectivity Architecture BRAC Bank Omnibus Architecture BRAC Bank Eldorado Architecture Network Architecture of Branches Network Architecture of Entire Branch ATM Architecture of BRAC Bank Link Deployment Process flowchart Network Maintenance flowchart Branch Link monitoring & maintenance flowchart ATM Link monitoring & maintenance flowchart Radio Link Troubleshooting Process Fiber Link Troubleshooting Process Remote Access Policy Process Page 11 12 13 15 16 17 18 19 21 21 21 22 22 22 xi 5. 1 6. 1 6. 2 6. 3 6. 4 6. 5 6. 6 6. 7
Wi-Fi Activation Process OpUtils Login Page OpUtils Home Page (Summary Report) Switch Port Mapper portion List of Switches List of Routers Switch information summary Finding a MAC address IP Address Manager Modem Installation Profile Creation Profile Change Western Union Installation Swift Network Diagram Swift Infrastructure Creat New Map in What's Up Gold Select device for mapping 23 31 31 32 32 33 33 34 6. 8 7. 1 7. 5 7. 9 8. 1 8. 37 8. 38 9. 1 9. 3 35 38 40 42 45 66 66 70 72 xii 9. 4 9. 5 9. 6 Configure device properties Polling device What’sUpGold Web Server Overview 73 73 74 xiii CHAPTER ONE INTRODUCTION . 1 Introduction In the modern age, academic edification is not enough to enable students to compete with self-assurance and reach his/her ambition without having experience with the real world related applications. Internship is highly needed to expand idea, familiarity and experience. Computer networking is one of the most essential terns in order to run a modern organization. This internship report is based on the Enterprise Network Role at BRAC Bank 1. 2 Origin of the Report Independent University, Bangladesh offers a 06 credit course as Internship for the undergraduate students in her course curriculum.
The curriculum requires every student to do an internship in an alleged firm for hands on experience about the proficient works. It is a realistic exposure of theoretically gained knowledge and can be considered as an opening tryout to be acquainted with any organization and to make oneself confident enough to move toward into service life and start building career. As the outside world is very much competitive for anyone after graduation, IUB provides such an opportunity to build up the capability with most appropriate opportunities.
This gives the student great opportunity in the service world and also to get exposure to various diversifications of the service world. Intern students are supervised under a particular faculty member throughout their Internship stage. Here the student gets the chance to apply his theoretical knowledge and practical skill that 2 he has gained in the entire under graduation student life. They are responsible to report weekly or fortnightly to his/her respective Supervisor to get his/her assistance. And the project gets advancement by following the Supervisor’s instruction.
The internship period is for at least 3 months. After that the student submits a report on his project work, which reflects his knowledge gained in the entire B. Sc. course. That is the main purpose of this report to give an outline of the outcome of internship during the entire period of the course in the company. 1. 3 Objectives of the Internship ? Get the practical knowledge about enterprise network. ? Get the clear view about network monitoring and maintenance. ? Relate theory with practice of networking. ? This is the beginning of a student’s professional career. The student’s competency and efficiency in the working environment can be accessed from this course. ? Teaches the student to take up the responsibility and pressure of work. ? Teaches the student to learn from work. ? To help students enhance their creativity and efficiency in dealing with projects related to their field of study. ? Helping students to express dependability, initiative, resource fullness and professionalism in the tasks they are assigned. To increase the confidence level of IUB students, which would help them work after graduation. 3 1. Scope I’ve done my internship in Network Service, Technology Operations department of BRAC BANK LIMITED. Focus of the department is network implementation and management. My main task was to Network Monitoring and design network architecture, implement the Branches, ATM, SME Service Centre which includes implementing Network Topology, Router and Switch Configuration, VLAN, VTP, VPN, NAT, ACL, EDGE Modem Support, Western Union Installation. My task was configuring router and switches; configuring VLAN, VTP and VPN and design of network structures of Branches, ATM and SME, EDGE Modem Support and Western Union Installation.
In the later portion of my internship I was also involved support team of Technology User Infrastructure. The task of Support team is to provide instant pc related support to the users as they call for help. The support may be of two kinds, remote – which is given by using VNC, sometimes this team provides support by being physically present to the user end. Throughout my internship period I was always experiencing the practical implementation of networking topics covered in my academic courses. This internship helped me a lot. Now I’m confident that I could efficiently work in Networking Industry with my full dedication. . 6 About BRAC Bank BRAC Bank Limited (BBL) is a scheduled commercial bank in Bangladesh. It established in Bangladesh under the Banking Companies Act, 1991 and incorporated as private limited company on 20 May 1999 under the Companies Act, 1994. BRAC Bank will be a unique organization in Bangladesh. The primary objective of the Bank 4 is to provide all kinds of banking business. At the very beginning the Bank faced some legal obligation because the High Court of Bangladesh suspended activity of the Bank and it could fail to start its operations till 03 June 2001.
Eventually, the judgment of the High Court was set aside and dismissed by the Appellate Division of the Supreme Court on 04 June 2001 and the Bank has started its operations from July 04, 2001. BRAC Bank will be a unique organization in Bangladesh. It will be a knowledge-based organization where the BRAC Bank professionals will learn continuously from their customers and colleagues worldwide to add value. They will work as a team, stretch themselves, innovate and break barriers to serve customers and create customer loyalty through a value chain of responsive and professional service delivery.
Continuous improvement, problem solution, excellence in service, business prudence, efficiency and adding value will be the operative words of the organization. BRAC Bank will serve its customers with respect and will work very hard to instill a strong customer service culture throughout the bank. It will treat its employees with dignity and will build a company of highly qualified professionals who have integrity and believe in the Bank’s vision and who are committed to its success. BRAC bank will adhere to professional and ethical business principles and internationally acceptable banking and accounting standards. Sustained Growth in Small and Medium sector, continuous low cost deposit growth with controlled growth in retained Assets. • Achieve efficient synergies between the branches, SME unit offices and BRAC field offices for delivery of Remittance and Banks other products and services 5 • Manage various lines of business in fully controlled environment with no compromise on service quality • Keep a diverse, far-flung team fully motivated and driven towards materializing the bank’s vision into reality. BRAC Bank will be the absolute market leader in the number of loans given to small and medium sized enterprises throughout Bangladesh.
It will be a world class organization in terms of service quality and establishing relationships that help its customers to develop and grow successfully. It will be the Bank of choice both for its employees and its customers, the model bank in this part of the world. Bank has adopted trust as a corporate value which is acronym for team work, respect for all people, unquestionable integrity, excellence in everything BRAC Bank of SME do, Sense of urgency in getting things done and total commitment. All employees are expected to conduct themselves in accordance with the rules and regulations of the bank. CHAPTER TWO ENTERPRISE NETWORK ROLE . 1 Enterprise Network role at BRAC Bank Enterprise network maintain all the network related issue of BRAC Bank. Usually this team is committed to give all sort of network solution to business systems and applications of Bank through flexible Data communication model, Moreover the strategic direction of enterprise network places high value on data communication systems which can support various distribution channel like Branch, SMESC, CRM, ATM etc through LAN & WAN and also ensure utilization of internet and intranet effectively. Here is some basic roles discussed and these are going to describe later on this report. . 1. 1 Network Architecture design: Network Layout design for DC, DR, various distribution channels and business applications. 2. 1. 2 Link establishment, configuration and troubleshooting: By selecting vendors, ensure Data connectivity through fiber and radio link and deploy configured network equipment’s to new distribution channel like Branch, SMESC, ATM, Sales Center, CRM center etc. 2. 1. 3 Wi-Fi and Internet connectivity: Ensure Wi-Fi Connectivity by following particular wireless access policy and Provide secure internet connectivity through proxy server. 7 2. 1. Bandwidth Management: Bandwidth Management for BBL network and configure various server like, NTP, Proxy, VPN, and SPAM Filter, also Managing Perimeter firewall for intranet by using OpUtils. 2. 1. 5 Maintenance of GP Access point Network: Maintenance of GP Access Point Network by establishing IPsec tunnel between BBL and GP network to provide intranet facility to SME Unit offices, also use this secure channel for POS transactions. 2. 1. 6 Connectivity and administration of all payment network Software: Ensure connectivity for all payment network software like Western Union, mRemit and SWIFT Server and Workstation Administration. . 1. 7 Maintenance, Monitoring & Support: Maintain all network device, manage network monitoring application and Provide All LAN & WAN related support. Enterprise network also give solution to BRAC Bank subsidiary institution also . e. g. BRAC EPL, bKash and Aarong. 8 2. 2 Daily, Weekly, Monthly & Other regular duties Duties of this concept are divided into sum subgroup like following. 2. 2. 1 Daily Activates 2. 2. 1. 1 Monitoring Total Network Branch connectivity is being monitored on a constant basis. BRAC Bank has redundant links for every branch.
And mechanism has been applied so that if one link goes down, the backup link is activated automatically. Apart from this Primary link is being used for our banking software only. No other services pass their data through it. The backup link is being used for other software and services. If one of the links fail our technical people investigates instantly and communicates the vendors as necessary. 2. 2. 1. 2 LAN & WAN Support for Total Network BRAC Bank technical team provides supports to the remote branches, SMEs and ATM booths.
Since there are a large number of PCs and other network enabled devices, problem could occur. 2. 2. 1. 3 LAN / WAN security Monitoring LAN and WAN for any security breach. As part of the daily operations, this is being monitored by the network personnel. 2. 2. 1. 4 Internet connectivity Connection to internet is required for 24x7. Ensuring the interrupt free internet link and troubleshooting if any problem occurs. Maintaining internet access for all approved users. This is vital role for Web Servers, Internet banking, Eldorado Projects, etc. 9 2. 2. 1. Western Union and Other Remittance Program Support Computer terminals used for Western Union service face various type of problem including connection error, password lock, Western Union ID lock etc. BRAC Bank has to provide these types of services to users. It also includes support for BRAC BDP Locations. 2. 2. 1. 6 SWIFT server administration Keeping the service up and running to provide smooth services. 2. 2. 1. 7 APN connectivity Access Point Network is used to connect out SME Unit offices to our core network. This APN service is provided by Grameen Phone.
Day to day basis we need to maintain this network in usable condition and to provide services to our users so that they can continue their operations in a trouble free and smooth. 2. 2. 1. 8 Allocation of IP Provide IPs to incorporate new computers in the network and maintain the trouble free operations. 2. 2. 1. 9 Network devices health check Closely monitor critical network devices which include bandwidth utilization, process, and memory usages. 10 2. 2. 2 Weekly Activities 2. 2. 2. 1 Configuration Backup Taking weekly backup of critical hardware applications including Core Router, Core Firewall and Core Switch. 2. 2. Monthly Activities 2. 2. 3. 1 SWIFT archive and backup Archive SWIFT live messages and monthly backup. CHAPTER THREE NETWORK ARCHITECTURE DESIGN 3. 1 Data Center Architecture: Data center is a facility used to house computer systems and associated components, such as telecommunications and storage systems. It generally includes redundant or backup power supplies, redundant data communications connections, environmental controls and security devices. Fig- 3. 1 BRAC Bank Data Center Architecture 12 This is the Full Network Architecture of BRAC BANK LIMITED. In this Figure, all remote Branches and office are connected with the Core router.
In top of the figure Unilever, Grameen Phone, Banglalink, Aktel and GP APN Sim are connected with Core Router. In Left side the remote Branches are connected via Radio or Fiber or VSAT link provided by the some ISP named BRACNET, Metronet, Link3, Alap communication, Telnet Communication, ADNSL and X-NET. In the right side all the corporate buildings like Annex 1, 2, 3, 4, and Anik Tower (Head Office) are connected with Core router. In the left side ATMs and Remote Branches are connected with Core router. The ISP’s which provide Internet those are also connected with Core Router via Firewall.
The connectivity diagram of Metronet-BRAC Bank Data Center as followed. Fig- 3. 2 Data Center Connectivity Architecture 13 3. 2 Omnibus Architecture: Omnibus is a Transaction Banking Software. BRAC Bank Ltd, the fastest growing bank in Bangladesh, and ITCL (Q-Cash), a private ATM network presently serving 12 member banks, have launched OMNIBUS, the first neutral inter-bank switch in Bangladesh. Fig- 3. 3 BRAC Bank Omnibus Architecture OMNIBUS is the name of the independent association of member banks and institutions that will operate and manage the central switch.
As a first step, OMNIBUS integrates the ATM & POS networks of BRAC Bank and Q-Cash, enabling cardholders of BRAC Bank and Q-Cash member banks to access their accounts from any of the 150+ ATMs and 14 1,200+ POS terminals. OMNIBUS is modeled around success of 1-Link in Pakistan and TPS has played an instrumental role in terms of technology transfer and adoption of best practices. The shared ATM/POS switch offers significant convenience to customers of its member banks through greater transaction touch points, providing anytime, anywhere banking.
This instant increase in the number of ATMs & POS terminals for the customers to use their cards on, not only gives the cost advantage to the bank, it improves operational efficiency and customer services. The Omnibus Server is also connected with BRAC Bank Core Router and all Banking Server is connected via Metronet & Link3 with Omnibus and Omnibus server is also connected via Metronet & Link3. 15 3. 3 Eldorado Architecture: Eldorado – a web based remittance and payment processing system, which will be a complementary system of BEFTN (Bangladesh Electronic Fund Transfer Network) of Bangladesh Bank.
BRAC Bank is one of the key members of Eldorado. Fig- 3. 4 BRAC Bank Eldorado Architecture Eldorado is a common electronic platform for delivering inward remittances from the originating institutions to ultimate beneficiaries in Bangladesh. Handling inter-bank transactions will be efficient, since electronic reconciliation facility will enhance the capacity to process and payment of large volume of inbound remittances more accurately. This will help the member banks to serve their remittance customers even better and faster. 16
To popularize the formal banking channels among the non-resident Bangladeshis for sending their hard-earned foreign currency, Eldorado will play an extensive role. It is a standardized IT platform that will enable all member banks to execute remittances electronically in the most expeditious and compliant manner. Reliability and pace of receiving individual remittances matter the most to our customers, especially, when need arises. Every single effort of Eldorado members will trickle down to one single objective bringing smile on the faces of their customers. The Eldorado Server is connected with core router of BRAC Bank via Metronet & Link3. . 4 Network Architecture of Branches: Fig- 3. 5: Network Architecture of Branches The Branch is connected with Cisco 1811 Router. The two Vendors set up the link between the remote Branch and Core Router. The two vendors are configured with Tunnel for security issue. One Native VLAN is configured in Remote Branch and the EIGRP Routing Protocol is configured in Cisco Router for Routing. 17 3. 5 Network Architecture of a sample Branch Fig 3. 6: Network Architecture of Entire Branch In entire Branch the router is connected via two vendors. The router is connected with Cisco 2960 Switch. All Desktop and Share Printers are connected with Switch. 8 3. 6 ATM Architecture When a user inserts a card on ATM, ATM hit with Phoenix soft switch. Phoenix is directly connected with HSM (Host security module). Using HSM the soft switch conformed is the PIN number is correct or not. If HSM send green signal for PIN then Phoenix send the CARD number in Finacle. Finacle is core banking database, an account holder all information is saved on Finacle. Last of all as user interest ATM machine operate operation Fig- 3. 7 ATM Architecture of BRAC Bank CHAPTER FOUR LINK ESTABLISHMENT, CONFIGURATION AND TROUBLESHOOTING 4. 1 New link deployment: The process of new link deployment is as followed.
Fig- 4. 1 Link Deployment Process flowchart 20 4. 2 Link vendor selection: The issue consideration and their descriptions are pointed below. Table 4. 1 Issues related link vendor selection Issue Consideration Multiple vendors in same radius Description Any vendor that already has a link running in nearby location should not be given priority. Try to provide the link to another vendor which has no or less links running in that area. Introducing multiple vendors will ensure maximum uptime for that area. Redundant backbone for Intercity Links Select vendors that have different backbone for intercity connectivity.
This will increase uptime incase of intercity backbone fails. Shorter Last mile connectivity Try to select vendors that will be able to provide last mile connectivity with shorter cable distance. As longer cables suffer from higher down time and require more maintenance. Licensed Radio Frequency Tower Height for Radio Links This will ensure better service quality and uptime. Identify vendors that will be able to establish a radio link with shorter tower. One time installation charge increases as tower height increases. Longer tower needs more maintenance cost. Service Quality
Vendors with poor service quality should not be considered even though they have met all other requirements. Support Personnel Select vendors that have dedicated support personnel for remote locations. Also count response time for all previous downtime. Balance of Distribution In order to ensure maximum uptime it is important that we balance the distribution among the vendors. This will decrease the overall downtime. Local Loop Avoid same type of media for Last mile connectivity. Avoid any Point-To-Point Radio equipments at Lat mile. 21 4. 3 Network maintenance: Following process follows for the network maintenance for link troubleshoot.
Fig- 4. 2 Network Maintenance flowchart 4. 4 Link monitoring & maintenance: Link Monitoring and maintenance works in two different ways. 4. 4. 1 Branch Link monitoring & maintenance Fig- 4. 3 Branch Link monitoring & maintenance flowchart 4. 4. 2 ATM link monitoring & maintenance Fig- 4. 4 ATM Link monitoring & maintenance flowchart 22 4. 5 Link troubleshoot checklist 4. 5. 1 Radio Link Fig- 4. 5 Radio Link Troubleshooting Process 4. 5. 2 Fiber Link Fig- 4. 6 Fiber Link Troubleshooting Process 4. 6 Remote access policy Fig- 4. 7 Remote Access Policy Process CHAPTER FIVE Wi-Fi AND INTERNET CONNECTIVITY 5. Wi-Fi activation For security purpose Mac filtering and MAC binding is enabled in Wi-Fi Controlling system. So to give WLAN privilege to users is a three layer process. ? ? ? MAC entry to the Wireless LAN controller’s MAC filter table MAC Binding to the DHCP server for user based IP allocation Internet activation (optional: depends on user’s requirements) MAC entry to the Wireless LAN controller’s MAC filter table For MAC entry need to log in to the below link https://10. 100. 83. 250 Fig- 5. 1 Wi-Fi Activation Process 24 Then login with given user name and password Fig- 5. 2 Wi-Fi Activation Process (Continuing)
Then go to Security>MAC Filtering Fig- 5. 3 Wi-Fi Activation Process (Continuing) 25 Then Select NEW… from the top right side Fig- 5. 4 Wi-Fi Activation Process (Continuing) Fig- 5. 5 Wi-Fi Activation Process (Continuing) 26 Put the MAC Address and select SSID (like BBL) as Profile name, Preferred Interface as Interface Name and give user details and select IP address from the existing Pool Fig- 5. 6 Wi-Fi Activation Process (Continuing) And select Apply after all information given properly. MAC Binding to the DHCP server for user based IP allocation For MAC binding login to https://10. 00. 83. 251:10000 27 Fig- 5. 7 Wi-Fi Activation Process (Continuing) Login with the User Name=Console with its password Fig- 5. 8 Wi-Fi Activation Process (Continuing) 28 Then select DHCP Server Fig- 5. 9 Wi-Fi Activation Process (Continuing) Then select ADD a new host from the Hosts and Host Groups Fig- 5. 10 Wi-Fi Activation Process (Continuing) 29 In Host Description box give the user description, in Host name box give the LAN ID of the user in Hardware Address box put the MAC address and put the IP in to the Fixed IP Address box and then select create to make the user. Fig- 5. 1 Wi-Fi Activation Process (Continuing) Then from the DNS Zones select Apply Changes Fig- 5. 12 Wi-Fi Activation Process (Continuing) CHAPTER SIX BANDWIDTH MANAGEMENT AND MONITORING 6. 1 Overview of Bandwidth management: Bandwidth management is the process of measuring and controlling the communications (traffic, packets) on a network link, to avoid filling the link to capacity or overfilling the link, which would result in network congestion and poor performance of the network. 6. 2 Bandwidth Management at BRAC Bank: BRAC Bank uses some tools for bandwidth management and monitoring.
One of them is OpUtils. 6. 3 OpUtils Manage Engine OpUtils is a software to observe the network in a structured way, to visualize the total network and to troubleshoot the user level problems easily. We can find our user bases IP, MAC, OS and connected switch port related information. Form which we can easily sort out day to day operations and support related works like IP allocation for user, for switch port related MAC releasing where switch port security is deployed, real time bandwidth monitoring, and configuration file management related works. For OpUtils related operations need to login to http://10. 0. 0. 236:7080/ 31 Fig- 6. 1 OpUtils Login Page Log in with given username and password. The Home page shows the summary report of the switch port and IP availability. Fig- 6. 2 OpUtils Home Page (Summary Report) 32 6. 3. 1 Switch Port Mapper It contains switches information and the users connected switch port information tagged with its IP address information. In Switch Port Mapper portion Fig- 6. 3 Switch Port Mapper portion Go to switches to see the list of the switches Fig- 6. 4 List of Switches 33 Go to Routers to see the list of the routers Fig- 6. 5 List of Routers
Summary will show the detail switch information of the network Fig- 6. 6 Switch information summary 34 To find any MAC address we need to select the MAC address options from the search tool box and write the MAC in colon (ff:ff:ff:ff:ff:ff) format to get the total IP related information and the connected switch address. Fig- 6. 7 Finding a MAC address 6. 3. 2 IP Address Manager In IP address manager restrain IP related information where we can allocate the IP with specific user information. The IP segregated into three different types: i. ii. Used IP: Currently using IP addresses.
Transient IP: was used but is not using for couple of days and the system store the IP in this mode for 30 days and after that system will automatically make it as a Available IP iii. Available IP: free IP’s are known as Available IP Address. 35 In the left side of the window we can see the group’s name from where we can select the specific IP subnet. Fig- 6. 8 IP Address Manager Fig- 6. 9 IP Address Manager (Continuous) 36 Fig- 6. 10 IP Address Manager (Continuous) In the same way as shown in the Switch Port Mapper section we can search a user based on the IP address or MAC address. Fig- 6. 1 IP Address Manager (Continuous) CHAPTER SEVEN MAINTENANCE OF GP APN 7. 1 Maintenance of GP Access point Network: 7. 1. 1 GP Huawei Modem Installation: Fig- 7. 1 Modem Installation Click the Next > Button for Starting Installation Fig- 7. 2 Modem Installation (Continuous) 38 Click I Agree for Next Step. Fig- 7. 3 Modem Installation (Continuous) Click Next > for Next Step Fig- 7. 4 Modem Installation (Continuous) 39 Click Install For Starting the Installation Fig- 7. 5 Modem Installation (Continuous) Wait for Installation Fig- 7. 6 Modem Installation (Continuous) Click Finish to Complete the Installation. 0 Fig- 7. 7 Profile Creation Click Profile Management. Then Click New for creating New Profile Write “BRACBANK” in Profile Name. Click Static and write “BRACBANK” in APN and write *99# in access number. Fig- 7. 8 Profile Creation (Continuous) 41 Click OK to Complete.. Then Restart your System. Fig- 7. 9 Profile Creation (Continuous) Select BRACBANK from Profile Name. Fig- 7. 10 Profile Creation (Continuous) Click Connect to connect the Network. 42 7. 1. 2 ZTE Modem Installation: All Installation Processes are same as Huawei Modem. But In case of Profile Change Fig- 7. 11 Profile Change
Click on Tools and Options for creating New Profile. Fig- 7. 12 Profile Change (Continuous) 43 Click Profile Management. Click Add to Create new profile Fig- 7. 13 Profile Change (Continuous) Write “BRACBANK” in Configure Filename and *99# in Dial Number then click OK Fig- 7. 14 Profile Change (Continuous) 44 Click on BRACBANK then Click Set default then OK. Then Restart the PC. Fig- 7. 15 Profile Change (Continuous) Click Connect to connect the network.. 7. 1. 3 ADN Modem Installation: APN settings : AT+CGDCONT=1,"IP","BRACBANK" Phone number : *99***1# or *99# Need to copy ewusbmdm file from d drive IT Use to Windows system32
CHAPTER EIGHT CONNECTIVITY AND ADMINISTRATION OF ALL PAYMENT NETWORK SOFTWARE 8. 1 Western Union: To install the western union Translink and activate a client Terminal these steps are followed: 8. 1. 1 Installation process: 1. Download file from ftp://10. 20. 0. 94 ftp server File name is Translink5. 437. zip Fig-8. 1 Western Union Installation 46 2. Unzip that Translink5. 437. zip Fig-8. 2 Western Union Installation (Continuing) 3. Run WUCD. exe from the unzipped folder Fig-8. 3 Western Union Installation (Continuing) 47 4. Select Install Application Fig-8. 4 Western Union Installation (Continuing) . Select Install Translink and follow the bellow steps: Fig-8. 5 Western Union Installation (Continuing) 48 Fig-8. 6 Western Union Installation (Continuing) Fig-8. 7 Western Union Installation (Continuing) 49 Fig-8. 8 Western Union Installation (Continuing) Fig-8. 9 Western Union Installation (Continuing) 50 Fig-8. 10 Western Union Installation (Continuing) Fig-8. 11 Western Union Installation (Continuing) 51 Fig-8. 12 Western Union Installation (Continuing) Fig-8. 13 Western Union Installation (Continuing) 52 6. Install the software like other conventional software. Fig-8. 4 Western Union Installation (Continuing) 7. Install ESD service which is recommender after the Western Union installation Fig-8. 15 Western Union Installation (Continuing) 53 Fig-8. 16 Western Union Installation (Continuing) 8. Restart the PC Fig-8. 17 Western Union Installation (Continuing) 54 9. Add internet explorer and translink. exe at My computers> properties>Advanced>Performance>Settings>Turn on DEP>Add Fig-8. 18 Western Union Installation (Continuing) 10. Set security permission to everyone at C:>program files>Western Union Fig-8. 19 Western Union Installation (Continuing) 5 11. Then go to Start>all programs>Western Union>Agent config And need to select administrator and write the password ******* den select ok Fig-8. 20 Western Union Installation (Continuing) Fig-8. 21 Western Union Installation (Continuing) 56 12. Go to Agent(ctrl-G) Set terminal ID Fig-8. 22 Western Union Installation (Continuing) 13. Go to Tools (Ctrl-L) And select sign on screen password change Fig-8. 23 Western Union Installation (Continuing) 57 14. Go to Printers (Ctrl-P) Then select: Printer Model: LaserJet Printer Name/Port: Canon LBP3460 PCL6 Paper Feed: Front Single
Fig-8. 24 Western Union Installation (Continuing) Then select Apply and OK to finish the work. 15. Then need to create a VPN Dialer For this purpose Go to Start>Control Panel> Network Connections>Network Tasks>Create a new Connections 58 Fig-8. 25 Western Union Installation (Continuing) Fig-8. 26 Western Union Installation (Continuing) 59 16. Then select> Next Select Connect to the Network at my Workplace Fig-8. 27 Western Union Installation (Continuing) Select Next 17. Then Select Virtual Private Network Connection Fig-8. 28 Western Union Installation (Continuing) 60 Fig-8. 9 Western Union Installation (Continuing) Select Next 18. Then select > Write company Name Company Name: Link1 Fig-8. 30 Western Union Installation (Continuing) Select Next 61 19. If public network page initiated Select Do not dial the initial connection Otherwise Skip this step and go to step 21 Fig-8. 31 Western Union Installation (Continuing) Select> Next 20. Set IP- 10. 20. 0. 251 Fig-8. 32 Western Union Installation (Continuing) 62 Fig-8. 33 Western Union Installation (Continuing) Select Next 21. Then Select Anyone’s Use Fig-8. 34 Western Union Installation (Continuing) Select Next 63 22.
Then Select> Add a Shortcut to this Connection to my Desktop Then Select> Finish Fig-8. 35 Western Union Installation (Continuing) 23. Then Need to Set User Name and Password Select> Save this user name and password for the following users; Select > Connect Fig-8. 36 Western Union Installation (Continuing) 64 24. Then add route from the command prompt GW= Gateway Route add 10. 20. 0. 0 mask 255. 255. 248. 0 GW –p Route add 10. 20. 1. 0 mask 255. 255. 255. 0 GW –p Route add 10. 20. 2. 0 mask 255. 255. 255. 0 GW –p 25. Then go to agent config> Communication And ping the connection points IP; From Start>Run 26.
Telnet through those connection points IP with that specific port if there is any problem in western union login. Table 8. 1: Support Level: Error Type Mom. config Invalid Request Type Out of Memory Error 800 Object error Log Sheet Have To Do Reinstall the software Forward to Trade and Remittance Team Installation error at data execution prevention Restart PPTPD service Reinstall the software Printing C:WINDOWSsystem32drivers Extract the attached file (if it is not present) in C:WINDOWSsystem32 [attachment MSHFLXGD. OCX] go on START -> RUN, Type in: regsvr32 MSHFLXGD. OCX then press ok. problem 65 Table 8. User format for Western union Distribution Type Branch Channel User ID Format Password br+SOL ID+wu1 Skb+SOL ID+wu1 sssc+SOL ID+wu1 ho +LAN ID + wu1 ********* ********* ********* ********* SME Krishi Branch SMESC Head Office 8. 2 SWIFT The Society for Worldwide Interbank Financial Telecommunication ("SWIFT") operates a worldwide financial messaging network which exchanges messages between banks and other financial institutions. SWIFT also markets software and services to financial institutions, much of it for use on the SWIFTNet Network, and ISO 9362 bank identifier codes (BICs) are popularly known as "SWIFT codes".
The majority of international interbank messages use the SWIFT network. As of September 2010, SWIFT linked more than 9,000 financial institutions in 209 countries and territories, who were exchanging an average of over 15 million messages per day. SWIFT transports financial messages in a highly secure way, but does not hold accounts for its members and does not perform any form of clearing or settlement. SWIFT does not facilitate funds transfer, rather, it sends payment orders, which must be settled via correspondent accounts that the institutions have with each other.
Each financial institution, to exchange banking transactions, must have a banking relationship by either being a bank or affiliating itself with one (or more) so as to enjoy those particular business features. 66 8. 2. 1 BRAC Bank Swift Network Diagram Fig-8. 37 Swift Network Diagram 8. 2. 2 SWIFT Infrastructure Overview: A typical SWIFT customer environment consists of a combination of individual components that interact with each other to provide messaging services. Fig-8. 38 Swift Infrastructure 67 Table 8. 3: Terms and description of SWIFT Terms FIN CBT SNL RA MQ HSM HTTPS Vendor product VPN box PKI
Description Software product that processes and that exchanges FIN messages, by using the FIN application through the SWIFT network. Alliance Access and Alliance Entry are FIN CBT products that are provided by SWIFT. As of now, these CBT products also offer the functionality to send messages for your Solutions through the Alliance Messenger interface. SWIFTNet Link. Mandatory SWIFT software component that is required in order to connect to SWIFTNet. Remote API. SWIFT middleware component that is used in order to link back-end applications and workstations to Alliance Gateway, which acts as the messaging concentrator.
Message Queue. IBM middleware component that is used in order to link back-end applications through the Alliance Gateway. Hardware Security Module. A hardware device that is tamper-resistant and that ensures the secure storage and the processing of PKI secrets. HSMs replace the current Secure Card Rearders and the ICCs. There are three types of HSM devices: HSM boxes, HSM tokens, and HSM cards and card readers. Only one type of HSM is supported on the same SWIFTNet Link. Secure Hypertext Transport Protocol. A protocol that is used in order to access web servers that are hosted on SWIFTNet.
The HTTPS proxy, which is a part of Alliance Gateway, is used for routing purposes. Product that is offered by a SWIFT partner and that allows to connect to additional services hosted on SWIFTNet. These products have an embedded SWIFTNet Link, or they connect to Alliance Gateway. Virtual Private Network hardware device. Mandatory SWIFT network component for the connectivity to the multi-vendor secure IP network. A VPN box implements network security that is based on IPsec. Public Key Infrastructure certificate. SWIFT acts as the certification authority on SWIFTNet. 68 8. 2. 3 Maintaining the SWIFT environment: 8. 2. 3. 1 Daily activities ? ? ? ? ? Back up the system and the application data Monitor the systems and review the error logs Login to FIN to process messages that have been received Restart Alliance Access for database maintenance purposes, except if specific Arrangements have been made for continuous operation Export the RMA authorizations and distribute them to your other applications, if required 8. 2. 3. 2 Weekly activities ? Check the SWIFTNet Link connectivity after a weekend when maintenance activities are performed Check the connection to the HSM box by performing the SwHSMSelfTest command (This is applicable for HSM box configurations only) ? Archive the Alliance Gateway logs and journals Archive the messages and events of Alliance Access or Alliance Entry 8. 2. 3. 3 Monthly activities ? Restart SWIFTNet Link and Alliance Gateway, in order to ensure that the processes that use certificates are stopped. By performing this restart, the certificates can be renewed the next time that they are used to log on. 69 ? Open all the PKI certificates at least once. Use the CertInfo command or sign on the Web station or Web platform using these certificates, facilitating renewal and change of passwords. ? Back up all the PKI certificates after you have opened them. Use the SNL_BackUp. l command. (Note: This will back up all the certificates that are stored on disk. It will not back up the certificates that are stored in the HSM) Half 8. 2. 3. 4 Yearly activities ? Reboot all your HSM boxes but not together. (Applicable in HSM box scenarios only) CHAPTER NINE MAINTENANCE, MONITORING & SUPPORT 9. 1 Overview BRAC Bank uses some software to monitoring, support and troubleshooting purpose. One of the software is “What's Up Gold”. 9. 2 What's Up Gold 9. 2. 1 Create a New Map To create a new map, from the File menu, you choose New Map Wizard to view the New Map dialog box. You can select one of the following options:
Discover and Map network devices creates a map using the information sources that you select, such as: SNMP information on your network, information you enter about IP addresses; information in a local hosts file, the Windows registry, Internet Explorer entries in the registry, and Windows Network information. You can specify which of these sources you want to use. Select this option and then click Next. The Discover Devices screen appears. Create a blank map creates an empty map to which you add device icons using any of the create map functions or by cutting and pasting device icons from an existing map. 1 Fig-9. 1 Creat New Map in What's Up Gold Fig-9. 2 Creat New Map in What's Up Gold (Continuing) 72 Now as your Map is created you can start adding new devices for polling and monitoring. Please follow the following steps to add a new device in the map and start monitoring the MAP. Step-1: After creating a Blank Map, drag your desired device from Device Type Panel as directed in the image below. Fig-9. 3 Select device for mapping Now double click on the device you just added from the right panel. And configure the item properties fields as per your requirements.
You have to put a valid IP address in order to start monitoring the device using ICMP. Press OK after entering the details. 73 Fig-9. 4 Configure device properties Now click on the Map as directed in the image below to start polling the devices in the network. Fig-9. 5 Polling device You have to set the poll frequency and default timeout as per your need. These can be done from the device properties. 74 9. 2. 2 What’sUpGold Web Server What’sUpGold provides a web server that lets you view the status of your network from any web browser. You can enable/disable the web server and set access to this server through the web properties.
Set up the web server: Click on the links below Configure > Web Server > General > Enable Web Server > Enable Web Configuration. In addition to this setting, you can set access for each web user account. If Enable Web Configuration is not selected, web users will not be able to change any What’sUpGold settings; they will have only the view capabilities. Fig-9. 6 What’sUpGold Web Server Overview CHAPTER TEN CONCLUSION The internship program gave me a chance not only to work with BRAC Bank Limited but also a chance to learn from the good experts.
This would reflect much onto my experience. Working with a leading business organization was a rare chance for me. I really appreciate the way I have been guided through this internship program with BRAC BANK LIMITED. Beginning from the opportunity to take the time I needed to refresh and expand my knowledge in several issues concerning System Administration. Over a somehow protected period where I could discover and learn to value my new working environment, and finally earned the confidence to deal with assignments myself. It is through them that I did enjoy my work every day.
Having a rare opportunity to use the knowledge and skills that I had acquired, I learned how to handle critical network problems and got the new ideas. It was a great experience to work with networking devices practically and to troubleshoot different problems. REFERENCES [1] http:// www. bracbank. com [2] http:// www. eldorado-bd. com/MDMessage3. aspx [3] http:// www. bankinfobd. com/banks/3/BRAC_Bank [4] http:// www. bobsguide. com/guide/news/2008/Jan/15/OMNIBUS_InterBank_Switch_goes_live_in_Bangladesh_with_Phoenix. html [5] http:// www. bdresearchpublications. com/admin/journal/upload/09164/09164. pdf