I. Introduction
The local taxation bureau of Anhui Province was distributed in two buildings in the past. Since there is no network connection between the two sets of established local area networks, information sharing and file transmission can only be realized within a certain range. The level of network applications has been low. In August 1999, all departments moved to the new office building. Taking advantage of this opportunity, we redesigned and built the LAN system. After one year's efforts, the network application has made great progress.
Second, the network construction goals and requirements
On the basis of summarizing the construction and application of the old local area network, we have determined the goal of the construction of the new office building local area network: to establish the office network platform of the local tax bureau of Anhui Province in a pragmatic and practical manner, actively develop online applications, and further improve the office of the Bureau through information management measures. The modern management level.
In terms of technology, we are required to adopt current mature technologies as far as possible, and highlight the relevance and practicality. In view of system upgrades and application development, we also reserve a certain amount of expansion capabilities. Pursue the best cost-effectiveness in investment, make full use of the existing network and server equipment, and maximize the protection of existing investments. The key modules of the system are considered to be redundant in terms of system reliability, manageability, safety, etc., equipped with network management software and provide multiple layers of security protection measures.
Third, the network program and implementation process
According to the floor layout of the office building, the LAN center is located in the information center room. In addition to the center room, the building also has seven distribution lines (is the distribution line of the integrated wiring system, used to manage jumpers and networks of three adjacent floors. connection). The network system is divided into two parts according to the business function: the office network of agencies and the branch network directly under the government (provincial branch office). The direct bureau branches are located on the first, third and fifth floors of the building, and the departments on other floors all belong to the office network. Between the two networks, there must be strict security control and some information can be shared. To meet the requirements, we have adopted a virtual network partitioning technology.
The center switch adopts a Catalyst 55O5, and configures a 12-port 100Basefx Ethernet port switch module and a 24-port 100BASE port Ethernet switch module. The former is used to connect the secondary switches between the distribution lines, and the latter is used to connect servers in the central server room. Equipment such as routers and network management workstations; each distribution line allocates one to two Catalyst 1924 switches according to the number of Internet accesses in the first phase, and a Catalyst 2924XL switch is configured for the special requirements for taxation on the first floor. The original Cisco 4000M router is equipped with two 1OObaseTX Fast Ethernet modules and is directly connected to the Catalyst 55O5 port. In addition to continuing to complete the WAN connection with the State Administration of Taxation, the router is also used to implement routing between two virtual networks. Virtual network partitioning and routing is achieved by defining two virtual subnets (VLANs) in advance. Set the ports of the center switch and the secondary switch to the corresponding VLAN according to the department floor distribution, and configure two VLANs on the router. Access rights. Since all newly deployed switches support cross-backbone virtual network partitioning, department office floor changes, permissions changes, or new VLAN assignment requirements can be quickly and easily implemented.
Based on the original three servers, the host system adds an HP LH4 and integrates the application requirements with the original server for CPU, hard disk, and internal growth. To use the network management, configure a 19-inch monitor network management workstation. The EXABYTE EZ17 tape drive and CA backup software were used to perform daily incremental data backup and monthly full backup.
In order to improve the reliability of the entire system, the vertical trunk line of the building wiring system is six-core fiber. When the main fiber fails, the remaining fiber can be replaced. The center switch Catalyst 55O5 is equipped with dual power supplies and dual engines, and is reliable. A higher level of taxation office is required. The Catalyst 2924 with better performance provides a sufficient number of 1OOM ports for the hall room and the collection station.
In terms of system security, security access control lists are currently set up on routers and switches to establish a firewall and CISCO WORKS network management software is used to record and audit network events. With the launch of web applications, we will install a special firewall in the near future.
The entire system lasted more than 8 months from the determination of requirements to the acceptance. The main requirements of the entire system were demand analysis, program verification, and identification of system integrators, and formal identification of project contracts. After a series of procedures such as equipment arrival, inspection, installation and commissioning, and joint adjustment, etc. The system passed the acceptance in one-off in August 1999.
Fourth, network co-use situation
After the acceptance of the system, the Information Center of the Bureau cooperated closely with the business office to actively develop network applications. Currently, there are file transfer, print sharing, e-mail, WEB system browsing, and remote document distribution.
In addition to the NT main domain and backup domain servers, the central computer room has set up file servers, WEB servers, document servers, and mail servers. A shared folder is set up on the file server for each department of the local office for storing files in a small area. Individual folders are created in the department folder and set by the NT user authority to ensure the security of personal files to meet some requirements. Staff special requirements. The file server also contains a large number of software tools, drivers, system software, and anti-virus software for people to use at any time. The mail server and the remote document server mainly receive the mails and documents of the General Administration of Communications from the wide area network, and distribute them to various offices through the local area network. At present, most offices can directly communicate with the General Administration of Administration through the network and NOTES mail system.
We used Microsoft's II S4.O, SQL database and ASP technology to develop a dynamic interactive information browsing system for internal use by both agencies. The comprehensive information, departmental information, and agency notifications are provided to provide working information on the system, bureaus, and offices, such as events, tax updates, important text messages, and notifications from the bureau, etc.; living space, online question and answer, Comprehensive sections such as news hotlines and music salons improve the readability and entertainment of the system. Since the information of each column is provided by the staff through the file uploading and filling out the forms on the Internet, the amount of daily information update is very large, and the number of online users and the number of documents for each person are recorded, counted, and sorted in real time, which also inspired everyone. Use interest.
V. A few experiences and understanding
The author had the privilege to participate in the whole process of this system construction and application development, summed up the work during this period, and had some deeper understanding and understanding of the information system construction.
1. Reasonable investment and pragmatic effect
The construction of information systems must handle the relationship between advanced and practical, so that this practical place is practical and advanced. The local area network of our office adopts fast Ethernet switching network and 100M backbone, and exchanges 10M to desktop network performance, meets the application requirements in the past two to three years, and the technology is mature and easy to maintain and upgrade. The center switch selection and module configuration also reflect the principle of pursuing the best price-to-price ratio, which can be used, adequate, practical, and have certain expansion capabilities, instead of blindly rushing in and seeking advanced technology. On the other hand, in order to achieve the division of two virtual subnets, secure mutual visits and taking into account the needs of the recent business development, we have adopted a more advanced virtual network technology. The author believes that the construction of information systems should put the practicality of the system first, select appropriate technologies and equipment according to the application, invest in a reasonable way, avoid window innovation, and even be conservative enough to avoid idle equipment and wasted capital.
2. Choose a good partner
Currently, there are two methods of cooperation and commissioning that are used in the construction of information systems. It is very important to choose a good partner (consignee). The SIPO chose the network integrators very cautiously. After evaluating the bids, negotiating the bids, and selecting the two processes of the primary and final elections, Nanjing Lianchuang was selected. The partners have rich experience in technology integration and project management, which can not only guarantee the smooth implementation of the project, but also help improve the user's own level.
3. Adhere to strict project management
The LAN project was approved from the project to the acceptance. The project was managed strictly according to the project management method during the entire period. The division of responsibilities between the two parties was clear and the schedule was reasonable. Equipment arrival, acceptance, environmental confirmation, installation and commissioning, as well as joint adjustment, are all carefully documented and accepted, and the corresponding documents are collected and filed. Strict project management measures strongly guarantee the progress and quality of the project. The author thinks that for some large-scale information systems with far-reaching significance and large investment, especially for software system development, project management is more necessary. Only scientific and rigorous project management methods can effectively control personnel, funds, progress, and quality. And management.
4. Actively develop applications
The web application developed by the Bureau not only improves office efficiency and quality, but also improves the overall level of computer applications, laying the foundation for the future use of other application software. Recently, the network has become an indispensable part of the daily work of the Bureau. Many business departments constantly put forward that the application needs are realized by the information center, and the network construction and application mutually promote the formation of a virtuous circle. The author thinks that the construction of information systems must establish the concept of application first, and that it is necessary to pay attention to the application effects. It is of course necessary to invest funds for infrastructure construction. However, it is more important to reflect and create the value of information systems through applications. Grasping applications, informatization work will always be mere formalities, and cause huge waste of human, material and financial resources.
The local taxation bureau of Anhui Province was distributed in two buildings in the past. Since there is no network connection between the two sets of established local area networks, information sharing and file transmission can only be realized within a certain range. The level of network applications has been low. In August 1999, all departments moved to the new office building. Taking advantage of this opportunity, we redesigned and built the LAN system. After one year's efforts, the network application has made great progress.
Second, the network construction goals and requirements
On the basis of summarizing the construction and application of the old local area network, we have determined the goal of the construction of the new office building local area network: to establish the office network platform of the local tax bureau of Anhui Province in a pragmatic and practical manner, actively develop online applications, and further improve the office of the Bureau through information management measures. The modern management level.
In terms of technology, we are required to adopt current mature technologies as far as possible, and highlight the relevance and practicality. In view of system upgrades and application development, we also reserve a certain amount of expansion capabilities. Pursue the best cost-effectiveness in investment, make full use of the existing network and server equipment, and maximize the protection of existing investments. The key modules of the system are considered to be redundant in terms of system reliability, manageability, safety, etc., equipped with network management software and provide multiple layers of security protection measures.
Third, the network program and implementation process
According to the floor layout of the office building, the LAN center is located in the information center room. In addition to the center room, the building also has seven distribution lines (is the distribution line of the integrated wiring system, used to manage jumpers and networks of three adjacent floors. connection). The network system is divided into two parts according to the business function: the office network of agencies and the branch network directly under the government (provincial branch office). The direct bureau branches are located on the first, third and fifth floors of the building, and the departments on other floors all belong to the office network. Between the two networks, there must be strict security control and some information can be shared. To meet the requirements, we have adopted a virtual network partitioning technology.
The center switch adopts a Catalyst 55O5, and configures a 12-port 100Basefx Ethernet port switch module and a 24-port 100BASE port Ethernet switch module. The former is used to connect the secondary switches between the distribution lines, and the latter is used to connect servers in the central server room. Equipment such as routers and network management workstations; each distribution line allocates one to two Catalyst 1924 switches according to the number of Internet accesses in the first phase, and a Catalyst 2924XL switch is configured for the special requirements for taxation on the first floor. The original Cisco 4000M router is equipped with two 1OObaseTX Fast Ethernet modules and is directly connected to the Catalyst 55O5 port. In addition to continuing to complete the WAN connection with the State Administration of Taxation, the router is also used to implement routing between two virtual networks. Virtual network partitioning and routing is achieved by defining two virtual subnets (VLANs) in advance. Set the ports of the center switch and the secondary switch to the corresponding VLAN according to the department floor distribution, and configure two VLANs on the router. Access rights. Since all newly deployed switches support cross-backbone virtual network partitioning, department office floor changes, permissions changes, or new VLAN assignment requirements can be quickly and easily implemented.
Based on the original three servers, the host system adds an HP LH4 and integrates the application requirements with the original server for CPU, hard disk, and internal growth. To use the network management, configure a 19-inch monitor network management workstation. The EXABYTE EZ17 tape drive and CA backup software were used to perform daily incremental data backup and monthly full backup.
In order to improve the reliability of the entire system, the vertical trunk line of the building wiring system is six-core fiber. When the main fiber fails, the remaining fiber can be replaced. The center switch Catalyst 55O5 is equipped with dual power supplies and dual engines, and is reliable. A higher level of taxation office is required. The Catalyst 2924 with better performance provides a sufficient number of 1OOM ports for the hall room and the collection station.
In terms of system security, security access control lists are currently set up on routers and switches to establish a firewall and CISCO WORKS network management software is used to record and audit network events. With the launch of web applications, we will install a special firewall in the near future.
The entire system lasted more than 8 months from the determination of requirements to the acceptance. The main requirements of the entire system were demand analysis, program verification, and identification of system integrators, and formal identification of project contracts. After a series of procedures such as equipment arrival, inspection, installation and commissioning, and joint adjustment, etc. The system passed the acceptance in one-off in August 1999.
Fourth, network co-use situation
After the acceptance of the system, the Information Center of the Bureau cooperated closely with the business office to actively develop network applications. Currently, there are file transfer, print sharing, e-mail, WEB system browsing, and remote document distribution.
In addition to the NT main domain and backup domain servers, the central computer room has set up file servers, WEB servers, document servers, and mail servers. A shared folder is set up on the file server for each department of the local office for storing files in a small area. Individual folders are created in the department folder and set by the NT user authority to ensure the security of personal files to meet some requirements. Staff special requirements. The file server also contains a large number of software tools, drivers, system software, and anti-virus software for people to use at any time. The mail server and the remote document server mainly receive the mails and documents of the General Administration of Communications from the wide area network, and distribute them to various offices through the local area network. At present, most offices can directly communicate with the General Administration of Administration through the network and NOTES mail system.
We used Microsoft's II S4.O, SQL database and ASP technology to develop a dynamic interactive information browsing system for internal use by both agencies. The comprehensive information, departmental information, and agency notifications are provided to provide working information on the system, bureaus, and offices, such as events, tax updates, important text messages, and notifications from the bureau, etc.; living space, online question and answer, Comprehensive sections such as news hotlines and music salons improve the readability and entertainment of the system. Since the information of each column is provided by the staff through the file uploading and filling out the forms on the Internet, the amount of daily information update is very large, and the number of online users and the number of documents for each person are recorded, counted, and sorted in real time, which also inspired everyone. Use interest.
V. A few experiences and understanding
The author had the privilege to participate in the whole process of this system construction and application development, summed up the work during this period, and had some deeper understanding and understanding of the information system construction.
1. Reasonable investment and pragmatic effect
The construction of information systems must handle the relationship between advanced and practical, so that this practical place is practical and advanced. The local area network of our office adopts fast Ethernet switching network and 100M backbone, and exchanges 10M to desktop network performance, meets the application requirements in the past two to three years, and the technology is mature and easy to maintain and upgrade. The center switch selection and module configuration also reflect the principle of pursuing the best price-to-price ratio, which can be used, adequate, practical, and have certain expansion capabilities, instead of blindly rushing in and seeking advanced technology. On the other hand, in order to achieve the division of two virtual subnets, secure mutual visits and taking into account the needs of the recent business development, we have adopted a more advanced virtual network technology. The author believes that the construction of information systems should put the practicality of the system first, select appropriate technologies and equipment according to the application, invest in a reasonable way, avoid window innovation, and even be conservative enough to avoid idle equipment and wasted capital.
2. Choose a good partner
Currently, there are two methods of cooperation and commissioning that are used in the construction of information systems. It is very important to choose a good partner (consignee). The SIPO chose the network integrators very cautiously. After evaluating the bids, negotiating the bids, and selecting the two processes of the primary and final elections, Nanjing Lianchuang was selected. The partners have rich experience in technology integration and project management, which can not only guarantee the smooth implementation of the project, but also help improve the user's own level.
3. Adhere to strict project management
The LAN project was approved from the project to the acceptance. The project was managed strictly according to the project management method during the entire period. The division of responsibilities between the two parties was clear and the schedule was reasonable. Equipment arrival, acceptance, environmental confirmation, installation and commissioning, as well as joint adjustment, are all carefully documented and accepted, and the corresponding documents are collected and filed. Strict project management measures strongly guarantee the progress and quality of the project. The author thinks that for some large-scale information systems with far-reaching significance and large investment, especially for software system development, project management is more necessary. Only scientific and rigorous project management methods can effectively control personnel, funds, progress, and quality. And management.
4. Actively develop applications
The web application developed by the Bureau not only improves office efficiency and quality, but also improves the overall level of computer applications, laying the foundation for the future use of other application software. Recently, the network has become an indispensable part of the daily work of the Bureau. Many business departments constantly put forward that the application needs are realized by the information center, and the network construction and application mutually promote the formation of a virtuous circle. The author thinks that the construction of information systems must establish the concept of application first, and that it is necessary to pay attention to the application effects. It is of course necessary to invest funds for infrastructure construction. However, it is more important to reflect and create the value of information systems through applications. Grasping applications, informatization work will always be mere formalities, and cause huge waste of human, material and financial resources.
Shanghai Liuyuan Trading Co. , Ltd. , https://www.ly-weighing.com