![Page 1: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/1.jpg)
Project HarleyV2
![Page 2: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/2.jpg)
What is HarleyV2
Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy is to implement a
common, global infrastructure for information systems. The goal of this strategy is not only to improve global management, sharing and communication of information but also to greatly reduce the total cost of ownership of information systems.
Project team established at headquarters in Oslo. Local Implementation Managers nominated for each of the 20+
units. The project team in Oslo has the responsibility to produce the
systems design, the systems management processes and the processes for continued management and development of the system. It is a regional responsibility to migrate existing regional infrastructures to the HarleyV2 design.
![Page 3: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/3.jpg)
HarleyV2 Design
![Page 4: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/4.jpg)
Requirements
![Page 5: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/5.jpg)
Requirements analysisRequirements analysis
Requirements collection and analysis done February – March 2003
Resulted in 115 Requirements Statements, defining project scope and functional specifications
Requirements broken down into 9 areas:– Directory– Messaging– Collaboration– Desktop– Application– Security– Networking – Operations– Deployment
![Page 6: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/6.jpg)
Requirements summary (1)Requirements summary (1)
Directory– Microsoft Active Directory (AD) based (Windows 2003)– Provide a global address list for all employees– Accessible and utilised by future applications requiring information about
people, computers and printers.• Example applications: Phone directory, Messaging, Software distribution,
Software license management, Invoice printing …
Messaging– Microsoft Exchange 2003– Outlook client– Outlook Web Access for external (across Internet) access– Internal (WAN) routing of all mail between Norske Skog employees
![Page 7: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/7.jpg)
Requirements summary (2)Requirements summary (2)
Collaboration– Instant messaging available internally– Support information sharing in voice- and video-conferences
Note : Collaboration infrastructure beyond this taken out of HarleyV2 project,handled by Portal project.
Desktop– Limit number of client environments supported to a minimum– Windows XP on all desktop / laptop clients– Standardised “everything” (desktop look, rights, application portfolio,
software distribution, antivirus control …– Roaming capability within the company
![Page 8: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/8.jpg)
Requirements summary (3)Requirements summary (3)
Desktop (cont.)– Access to mail, applications and data from HarleyV2 laptops outside the
company– Automated installation of new applications on all clients– No unauthorized applications on any client
Applications– Standardised Office application portfolio, based on Microsoft software– Support for several languages in Office applications– Only one application for each “function” in the company. To be achieved
through a application portfolio consolidation process (separate project)– All applications to be packaged and distributed through a centralised
scheme
![Page 9: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/9.jpg)
Requirements summary (4)Requirements summary (4)
Security– A secure boundary between Norske Skog internal network and “other
networks”– A complete antivirus solution for the entire chain of components
(servers, clients, mail)– Proxy access to Internet only (browsing)– Single point mail access to/from Internet– No local Internet access points (at mills / offices) - from regional hub only– Provide a secure extranet design to enable external connectivity to
Norske Skog information– A comprehensive security policy for IT infrastructure, including
governance rules and rules of usage (password policy, data storage policy, LAN segmentation policy…)
– Firewall based security scheme for LAN at each mill
![Page 10: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/10.jpg)
Requirements summary (5)Requirements summary (5)
Networking– Company-wide WAN with any-to-any connectivity (provided by separate
WAN project)– New IP plan for the entire company, providing extendibility and
scalability– LAN standard, comprising network equipment and IP schematics
Operations– Centrally managed servers, clients and software, supporting cost savings– External provider of global Operations (HP chosen)– End-to-end responsibility on Operations provider– Integration of 2 local FTEs in global operational model
![Page 11: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/11.jpg)
Requirements summary (6)Requirements summary (6)
Deployment– Rollout to start Autumn 2003 (Europe)– Rollout to complete before Spring 2004 (Australasia last)– Involvement of local resources in preparation and rollout activities (LIM
to coordinate)– Centrally planned and coordinated rollout
![Page 12: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/12.jpg)
WANWAN
Global IP connectivity between all Norske Skog units– Essential to HarleyV2 infrastructure design
MPLS network, provided by Equant– AsiaPacific exception : Frame Relay connections between Mills for Elixir -
kept as is– Sydney currently bridge location for MPLS connection to WAN
![Page 13: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/13.jpg)
WAN - topologyWAN - topology
Rhodes HP
Albury Mill
Brisbane Warehouse
Internet
Melbourne Warehouse
Sydney Warehouse
Kawerau Mill
Sydney Head Office
AucklandMount Maunganui
Melbourne Marketing
Equant
Global
HP Olympic Park
32k/64k
128k/2mb256k/2mb
4-8 mbps
1 mbps
512k/2mb
512k/2mb
512k/2mb
256k/2mb
32k/64k
64k/192k
2Mb/2mb
512k/1mb
368k/1mb
512k/1mb
![Page 14: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/14.jpg)
Global IP schemaGlobal IP schema
Global IP addressing schema– Using 10.0.0.0/8 class A address– Regionally divided
Assigning a class B to every Hub, Mill and Large office (100+ users)– Ex: Skogn: 10.19.0.0/16
Assigning 4 class C to every Small office– Ex: Graz: 10.2.64.0/22
Additional class B defined for migration purposes
![Page 15: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/15.jpg)
HUB locationsHUB locations
Three HUB locations in network– Europe HUB (Oslo) Location code : HEU– AsiaPacific HUB (Sydney) Location code : HAP– South America HUB (to be decided) Location code : HSA
All HUB locations to be hosted and managed by HP (decision pending for South America)
Internet access points at HUB locations only.
All “central” BackOffice services located at HUB locations. Full redundancy built into HUB location LAN and BackOffice services.
![Page 16: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/16.jpg)
LANLAN
Today’s diversity in LAN equipment and logical design (among units) to be merged into a common LAN Standard for all units and HUB locations
Complies with Security Design, zone structure
Standardised network equipment : Cisco
Ethernet only supported (Office Network)
![Page 17: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/17.jpg)
LAN - MillsLAN - Mills
A Mill is divided into security zones– Requiring VLAN, LAN routing
Redundant design within zones and on layer-2
One single layer-2 infrastructure centrally managed
Creating a “ring of switches” cost efficient redundancy– Minimising required cabling– Minimising number of switches– Reducing available bandwidth
Layer-3 based routing
Secure wireless design
Flexible Process and MWS design
![Page 18: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/18.jpg)
LAN – layer 3LAN – layer 3
Servers
WAN
WAN-Router
Core-1-swich (layer3)
Core-2-swich (layer3)
Off
ice
re
sou
rce
s
Servers
Internal FW
Transit
Office Wireless
AP AP
IP telephony LANSH
ea
lth/M
ed
ica
l
Process-router-2
Process transit
MW
S
Process-router-1
Office client LAN 1
Office client LAN 2
Office client LAN 3
Office client LAN 4
IP telephony LANS
IP telephony LANSProcess LANS
Process LANS
Process LANS
Ma
na
ge
me
nt
MWS Wireless
AP AP
![Page 19: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/19.jpg)
LAN – layer 2LAN – layer 2
Building F
Building G
Building E
L2-sw-8
Comp 2
Comp 1
Building D
L2-sw-5
Building C
L2-sw-4
Building B
Building A
Core-sw-1
L2-sw-3
L2-sw-1
1000 Mb
1000 Mb
WAN-Router-1
1000 Mb
L2-sw-7
1000 Mb
1000 Mb
L2-sw-2
1000 Mb
1000 Mb
Core-sw-2
L2-sw-9
L2-sw-10
1000 Mb
100 Mb
1000 Mb
1000 Mb
1000 Mb
1000 Mb
![Page 20: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/20.jpg)
IP subnets - MillsIP subnets - Mills
SUBNET MASK VLAN-ID NAME
10.x.1.0 1000 Management
10.x.2.0 255.255.255.0 2 Transit
10.x.3.0-5.255 Future usage
10.x.6.0 255.255.254.0 6 Office resources
10.x.8-11.0 255.255.255.0 8-11 Office clients
10.x.12.0-63.255 Future usage
10.x.64-67.0 255.255.255.0 64-67 IP telephony
10.x.68.0-119.255 Future usage
10.x.120.0 255.255.255.0 120 Health
10.x.121.0 255.255.255.0 SecureClient
10.x.122.0 255.255.255.0 122 Office Wireless
10.x.124.0 255.255.255.0 124 MWS Wireless
10.x.126.0 255.255.254.0 126 MWS
10.x.128-255.0 N/A 500-699 Process
![Page 21: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/21.jpg)
LAN – Small OfficesLAN – Small Offices
Simple and efficient design– One subnet– No LAN routing – No redundancy
VLAN ready
LAN-segment
PrintersLaptop computer
Desktop PC
IP Telephone
Servers
WAN
WAN-Router
Core switch
Desktop-sw-3Desktop-sw-2Desktop-sw-1
WAN-Router
![Page 22: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/22.jpg)
Migration strategies LANMigration strategies LAN
Small offices: Big Bang– One time incident– Moves everything– Requiring VLAN, LAN routing
Mills:– Phased- OR - – Small Big Bang
![Page 23: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/23.jpg)
Phased (1)Phased (1)
Target Mills:– You are not running any VLAN infrastructure– You are not running pure Ethernet infrastructure– Address spaced allocated for Office zone is in use
Prepare structure for HarleyV2 servers and firewall
Assign new address space to HarleyV2
Roll-out state reached– Clients located in Process zone (wrong side of Mill firewall)– Performance issue in firewall– Complex NAT rules– Entire old network still active in Process zone
![Page 24: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/24.jpg)
Phased (2)Phased (2)
NAT will be used to secure connectivity to non HarleyV2 assigned addresses
Deploy HarleyV2 LAN structure on Mill in addition to old network
Move clients/printers according to Mill specific plan
Move Process and MWS into HarleyV2 LAN structure
Start readdressing
Remove old network infrastructure
Free extra address space
![Page 25: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/25.jpg)
Small Big Bang (1)Small Big Bang (1)
Target Mills:– You are running full or partial VLAN infrastructure– Address spaced used for Office zone is unallocated
Install key LAN router – Separating LAN into “old” and “new”
Move as much of clients, printers and servers as possible in one batch– Quality assurance for critical services must be made
Prepare structure for HarleyV2 servers and firewall
Roll-out state reached– Most equipment available in new infrastructure– Small dependencies on Mill firewall
![Page 26: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/26.jpg)
Small Big Bang (2)Small Big Bang (2)
NAT will be used to secure connectivity to non HarleyV2 assigned addresses
Implement full HarleyV2 LAN infrastructure
Move remaining servers/printers/client onto HarleyV2 LAN infrastructure
Start readdressing
Free extra address space
![Page 27: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/27.jpg)
Naming Standard
![Page 28: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/28.jpg)
Naming standardNaming standard
Naming Standard defined for all components needing names– Examples: Location names & codes, usernames, mail addresses, client
computers, server computers, groups, distribution lists, network equipment…
All objects in Active Directory and relevant properties covered
All relevant physical equipment covered
![Page 29: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/29.jpg)
Naming - examplesNaming - examples
Usernames– <Fname><first initial of Lname> eg: JohnS
Email address– <Fname>.<Lname>[numerical] [email protected]– <Fname>-<Mname>.<Lname>[numerical] John-
Client computers– <domain-code>UNITCODE-Wnnnnn ex: EUOXE-W00001
ex: EUPAR-W00124ex: APTAS-W00031ex: SAPIS-W00003
![Page 30: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/30.jpg)
BackOffice
![Page 31: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/31.jpg)
Overall Design Decisions (1)Overall Design Decisions (1)
Products– Windows 2003– Exchange 2003– HP server hardware - only
All new server hardware, no utilisation of existing servers in initial HarleyV2 rollout.
100% standardised configuration of all servers, 100% remotely managed
Client authentication redundancy built into network
![Page 32: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/32.jpg)
Overall Design Decisions (2)Overall Design Decisions (2)
Large Units : Distributed model for File services, Authentication services and Application services– Local Authentication (Domain Controller) at each unit– File & Print Services at each unit– Terminal server(s) at each unit
Small Units : Centralized model for File services, Authentication services and Application services– No local authentication (Domain Controller), authentication performed
across network to region’s HUB location– No local File Services, files stored at region’s HUB– No local Terminal Services, Applications accessed on Terminal Servers
located at Region’s HUB location– Local Print
![Page 33: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/33.jpg)
Domain DesignDomain Design
Single Active Directory forest, contiguous AD domain name space
Active Directory installed in Windows 2003 native mode, i.e. no Windows 2000 domain controllers or NT4 PDC/BDC possible.– Legacy Member servers possible, though not wanted unless absolutely
necessary
Regional sub-domains, domain boundaries follow geographical regions
Trusts from legacy domains (NT4) allowed for an intermediate time period.– Only if required for single-logon purposes, etc.
No integration with Novell environment, except data access during transition
![Page 34: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/34.jpg)
Organisational Unit structureOrganisational Unit structure
<domain>
<LOCATION>
COMPUTERS
USERS
PRINTERS
SERVERS
TERMINAL
DESKTOPS
LAPTOPS
![Page 35: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/35.jpg)
ServersServers
Large units (mills)– 3 basic servers at each site
1) Domain Controller, Exchange, DNS ex: EUOXE-D0012) File & Print, DHCP, Software distribution ex: EUOXE-M0013) Terminal server ex: EUOXE-M101
– Additional terminal servers may be added, if needed
Small units (sales offices)– No servers, with a possible exception of software distribution support
(design is currently under development)
HarleyV2 project does not affect existing application servers, unless the Application consolidation process does
Existing File & Print, authentication, DNS, WINS, Mail servers will be obsolete when HarleyV2 rollout is completed.
![Page 36: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/36.jpg)
RedundancyRedundancy
Redundancy to the BackOffice infrastructure is by large built into the design.
Basic requirements:– Client authentication shall be possible even though a local DC (Domain
Controller) fails– Access to some core applications (e.g. SAP in Europe) shall be possible
as long as network connection exists
Remains to be done– Identify and describe an overall availability of services, with measurable
metrics– Review the overall design to catch potential conflict with availability
definitions
![Page 37: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/37.jpg)
Messaging (1)Messaging (1)
Exchange 2003 product for all messaging
All Email will be virus-checked (Internet and internal)
Internet Email: Outbound mail will be routed via the European Hub location as the primary route with AsiaPacific hub location providing a fall back route
Internet Email: Inbound, the lowest preference value will be set against the European virus sweeper server with AsiaPacific Hub server providing fall back
SMTP is the only supported inter-messaging
![Page 38: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/38.jpg)
Messaging (2)Messaging (2)
Connectivity to existing mail systems to be made, existing during the entire rollout period. SMTP is the only supported inter-system messaging protocol.
New Internet mail alias for all users : norskeskog.com (without the minus)
Existing Internet mail aliases will work for inbound mail for a period of 6 months
All Internet DNS records (MX) will be maintained by a single provider
![Page 39: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/39.jpg)
Mail Systems, current situationMail Systems, current situation
HarleyV1Groupwise
ParencoExchange5.5
WalsumNotes
South AmericaExchange5.5
NSKOG
AustraliaExchange 5.5
FCL
UnionExchange 5.5
StetiGroupwise
BioBioGroupwise
InternetNorske-skog.com
InternetNorske-skog.cz
Internetunionco.no
Internetnorske-skog.nl
parenco.nl
Internetnorske-skog.de
Internetnorske-skog.cl
Internetnorske-skog.com.br
Internetnorske-skog.com.aunorske-skog.com.nz
smartdist.com.aufcpa.com.aufcpa.com.nz
albury.anm.com.au
![Page 40: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/40.jpg)
Mail Systems, transition phaseMail Systems, transition phase
norskeskog.comnorske-skog.comnorske-skog.nlnorske-skog.de
Exchange2003norskeskog.com
Pri:Outbound
HarleyV1Groupwise
ParencoExchange5.5 Walsum
Notes
South AmericaExchange5.5
NSKOG
Australasia
Exchange 5.5FCL
norske-skog.com.brpisa.com.br
norske-skog.com.aunorske-skog.co.nzsmartdist.com.aufcpa.com.aufcpa.com.nzalbury.anm.com.au
unionco.nonorske-skog.com.aunorske-skog.co.nzsmartdist.com.au
Trend IMSS
UnionExchange 5.5
StetiGroupwise
BioBioGroupwise
norske-skog.cl
norske-skog.cz
norske-skog.com
unionco.co
norske-skog.nlparenco.nl
norske-skog.de
pisa.com.brnorske-skog.com.brnorske-skog.czparenco.nl
albury.anm.com.aunorske-skog.cl smartdist.co.nz
Internet
![Page 41: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/41.jpg)
Message Routing (internally)Message Routing (internally)
Underlying MPLS network gives “any-to-any” connections for all connected sites, i.e. messages are routed directly from originating mail server to destination mail server
![Page 42: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/42.jpg)
Global Address ListGlobal Address List
A single global address list will be available to all users, containing all mail-enabled users and contacts defined
The display name is the key property of any entry in the GAL
Naming standard : <Lname>,<space><Fname><space>UNITNAME– EX: Smith, John (Southport)
Hågensen, Øyvind (Union)
Global Address list available for all HarleyV2 users from point of conversion, to include all users (also users not yet converted)
![Page 43: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/43.jpg)
SOEStandard Office
Environment
![Page 44: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/44.jpg)
Client environmentClient environment
HarleyV2 standardises the client environment for all users, covering– Desktop computers– Laptop computers– Thin clients (Terminal server / Citrix clients)– PDAs
Current working assumption : All desktop, laptop and PDA hardware to be replaced with new models during Rollout
Desktop “locked down” to reduce problem sources, reduced support call environment.
Operating system on desktops / laptops is Windows XP Professional
Client computers to be delivered from vendor with Operating system andRing 0 applications preinstalled
![Page 45: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/45.jpg)
Desktop / Thin client environmentDesktop / Thin client environment
No access to local disk (C:)
Unable to store data or create shortcuts on the desktop
Globally common, standardised start menu
Users may roam to any desktop computer / thin client within the company
Limited roaming for desktop / thin client users to portable computers
All desktop computers / thin clients must be connected to the internal network, i.e. remote access may not be performed from this environment
![Page 46: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/46.jpg)
Laptop client environmentLaptop client environment
Full access to specified directory on local disk (C:), i.e. data may be stored locally
Local disk (C:) data directory secured by backup to network storage
Unable to store data or create shortcuts on the desktop
Ability to connect to Norske Skog network across Internet, GSM, ISDN, ADSL, Wireless.
Globally common, standardised start menu
Limited roaming for laptop client users to desktop computers; access to data stored on local (laptop) disk not possible
A laptop computer is Personal, i.e. may not be used by others (PontSec)
Only client type approved for remote access to internal Norske Skog network
![Page 47: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/47.jpg)
ApplicationsApplications
Most applications installed automatically, some manual installations
All new applications to go through an application acceptance process, which ends up with packaging and distributing the application to appropriate users
Initial application portfolio input from Application consolidation project– Exception : Ring 0 applications (decided by HarleyV2 project)
![Page 48: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/48.jpg)
Applications Ring 0 (Standard PC Build)Applications Ring 0 (Standard PC Build)
System Vendor Application Name Laptop Desktop Fat Thin client (PDA)
Client Operating system Microsoft Windows XP X X X
SW Distribution / PC Deployment Altiris Client Mgmt suite X X X (X)
SW / HW Inventory Altiris Client Mgmt suite X X X X
Remote take over (remote control) Altiris Client Mgmt suite X X X (X)
Antivirus protection Trend Micro Office Scan X X X X
Personal FireWall Checkpoint Secure Client X X
VPN Client Checkpoint Secure Client X X
PDF Reader Adobe Reader X X X
Internet Browser Microsoft Internet Explorer X X X X
Word, Spreadsheet & Presentation Microsoft Office X X X
Instant Messaging Client Microsoft Windows Messenger X X X
Media player Microsoft Windows Mediaplayer X X X
Hard Disk Encryption software PointSec For PC X (X)
Conferencing Microsoft Netmeeting X X
Dialer X
![Page 49: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/49.jpg)
Software distributionSoftware distribution
Altiris software distribution tool for Operating system and applications
Microsoft SUS services for distribution of Microsoft security patches
Company-wide software distribution design, managed and controlled centrally (HP)
![Page 50: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/50.jpg)
Client types (1)Client types (1)
Desktop computer– One model (…)– No floppy drive– Fully managed computer– Delivered pre-installed with Windows XP and Ring 0 Applications– Application Self repair
![Page 51: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/51.jpg)
Client types (2)Client types (2)
Laptop computer– Two models (…)– GSM Phone card (Nokia phone card)– Wireless (Nokia Phone card) – ISDN card (Eicon diva pro)– No floppy drive– Delivered pre-installed with Windows XP and Ring 0 Applications– Fully managed computer– Encrypted Hard disk, personal device, others not able to decrypt the HD– Application Self repair
![Page 52: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/52.jpg)
Client types (3)Client types (3)
PDA– HP iPAQ– Remote sync of e-mail, contacts and calendar– Wireless– Pocket PC secure edition– USB sync with HarleyV2 computer only– Possible to provide access to Citrix, but not as part of initial deployment
Thin client– Same HW as the desktop, but locked down to only run Citrix client and
Internet Explorer– Applications run on Citrix server(s)– Used primarily for small (server-less) offices (Auckland & Mt.Maunganui)
![Page 53: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/53.jpg)
Security
![Page 54: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/54.jpg)
Trend Micro Antivirus
Interscan Messaging Security Suite Virus, content and attachment scanning of all incoming/outgoing SMTP traffic
Interscan WebProtect for ISA Virus and URL filtering of all HTTP traffic
Serverscan for Microsoft server Real time virus scanning of files on Microsoft servers
ScanMail for Microsof Exchange Real time Virus scanning of all internal SMTP traffic and mail boxes
OfficeScan Corporate Edition Real time virus scanning of files on PCs and laptops, and the whole disk once a month
Control Manager Centralized and comprehensive management providing automatic antivirus pattern updates
![Page 55: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/55.jpg)
Check Point VPN/FW-1
Check Point FW-1 Internet, Secure zone and process LAN on mills
CheckPoint VPN-1 VPN connections for remote access and wireless
CheckPoint SecureClient Personal firewall and VPN for laptops
CheckPoint ConnectControl High Availability for servers Check Point Management Centralized log and mgmt of all
firewalls Check Point GUI for Management
![Page 56: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/56.jpg)
RSA SecureID Authentication
RSA SecureID two factor authenticationRemote Internet Access to WANWireless Access to WANSecure Zone AccessOWA AccessPartner Access
Provides a strong authentication scheme using a dynamic passcode generator based on something that you know (4 digit number) and something you have (RSA key fob)
![Page 57: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/57.jpg)
Pointsec Hard Disk Encryption
Laptop hard disk encryption Centralized Management Automated software and profile updates Remote unlocking in case of forgotten password Boot protection and data loss prevention
![Page 58: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/58.jpg)
PDA Security Design
CheckPoint Firewall CheckPoint VPN for remote access Trend PC-cillin to scan for viruses PocketPC Secure Edition to stop any unauthorised PDA’s
syncing to the Norske Skog WAN Access Methods
WirelessRemote accessDedicated secure sync
![Page 59: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/59.jpg)
Hub Security Design
![Page 60: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/60.jpg)
Mill Security Design
![Page 61: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/61.jpg)
General security considerations
Remote access is only allowed through a VPN tunnel using the Internet to connect to one of the HUBs
Remote access will only be granted to employees that have a dedicated HarlyV2 client (laptop, PDA) and has been granted remote access (RSA Token)
Wireless will be offered on all mills and large offices, and will have the same restriction as remote access from the Internet.
Only employees that has been granted access will be able to log into OWA (RSA Token)
The process LAN on the mills will be protected by a dedicated firewall, that also will offer VPN connection to wireless users. The firewall will have a cold standby providing some level of HA.
![Page 62: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/62.jpg)
HP Managed Services – scope (1)
HW– Leasing of servers and workstations with refresh of HW in a predefined
cycle.– HW service, using local depot on each site with spare equipment.– Asset management. Norske Skog will do the local deployment from HW
depot to the users office.
Housing– Housing of HUB locations in Europe, South America and Australasia.
Support– HP will give second and third level support on the delivered services.– Norske Skog will do call handling and first level incident handling
internally.
![Page 63: Project HarleyV2. What is HarleyV2 Ü Norske Skog has developed a new, global IT strategy. A priority action for the new IT strategy](https://reader035.vdocuments.us/reader035/viewer/2022062314/56649e185503460f94b03f39/html5/thumbnails/63.jpg)
HP Managed Services - scope (2)
Operations– HUB sites
• HUB servers• Active directory• MS Exchange• DNS / DHCP• Citrix servers
– Local Norske Skog sites• HarleyV2 servers (DC, Exchange, File/Print, SW distribution, Terminal servers)• Local LAN
– Monitoring– Error corrections (Problem and Incident management)– Backup (local media handled by Norske Skog)– Security management– Anti-virus management– Change management– WAN Management– Software packaging and distribution