ദ്ദി •⩊• )

Alpha Phase - Network Architecture & Team Charter

3 min read

───✱*.。:。✱*.:。✧*.。✰*.:。✧*.。:。*.。✱ ───

Skynet Facility Overview

Facility Type and Concept

  • Skynet Development Complex - AI Research and Development Integration
  • A secure R&D site supporting 40 personnel across five divisions with distinct security and performance requirements. The network emphasizes segmented research VLANs, centralized shared services, a hardened core, and strict guest isolation.

Divisions and Functions

  • Neural Intelligence Lab (NIL) → model training & evaluation; requires high-throughput access to lab compute/storage and access to shared code repos
  • Defense Systems Prototyping (DSP) → simulation/test rigs; needs isolated, low-latency segments & controlled data exchange with ISE
  • Integration & Systems Engineering (ISE) → CI/CD, staging, and development; requires reliable access to shared services and selective interop with NIL/DSP
  • Corporate Operations (COO) → admin/finance/PMO; standard office connectivity with access to shared services, VoIP, and printers
  • Personnel & Security (P&S) → HR and facility security (badge controllers, CCTV/NVR); strong isolation and limited northbound flows to auth/time services

Personnel Structure and Endpoints

  • Per spec → each division has 1 division chief, 1 administrative coordinator, 5 research specialists
  • Executive Command → facility director, executive assistant, security liaison, administrative secretary
  • Systems Administrator → 1 (shared)
  • Endpoints per User → workstation (wired for researchers), VoIP phone, mobile device (Wi-Fi)
  • Shared Equipment → 1 MFP per division; conference room VC endpoints; central servers (AD/DNS/DHCP, file, Git/CI runners); lab compute nodes (GPU for NIL, sim servers for DSP); NVR/storage for P&S

Initial Networking Requirements Assessment

  • Availability → core services hosted in Central Processing Core with UPS and environmental monitoring; target single-core stack with room for future HA
  • Segmentation → per division VLANs; shared services voice, management, guest VLANs; default-deny inter-VLAN, allow by policy
  • Addressing → RFC1918 with VLSM; DHCP for endpoints; static for infrastructure and servers
  • Internet → business-class ISP to edge firewall/router performing NAT/PAT, future-ready dual-WAN
  • Security → stateful firewall at edge; ACLs between VLANs; device hardening; management VLAN with restricted jump host access; logging/syslog and NetFlow
  • Wireless → STAFF SSID (WPA3-Enterprise preferred or WPA2-Enterprise fallback), GUEST SSID (PSK, internet-only), VLAN-backed with L2 isolation for guests
  • QoS → prioritize VoIP (EF) and interactive traffic over bulk data; printing and backups treated as low priority
  • Management/Monitoring → centralized syslog, NTP, and SNMPv3; backup configs and documented change control

Scope Definition and Boundaries

In Scope (Alpha)

  • Team charter and roles, facility concept, initial requirements and constraints
  • Basic logical topology and connectivity plan
  • Preliminary VLAN/subnet sketch
  • Packet Tracer starter with core, access, DHCP, and sample hosts

Out of Scope (for later phases)

  • Final hardware SKUs and costs (Beta)
  • Complete IP plan with VLSM tables (Gamma)
  • Full routing/VLAN configs (Delta)
  • Firewall/ACL specifics (Epsilon)
  • Wireless placement survey and tuning (Zeta)

───✱*.。:。✱*.:。✧*.。✰*.:。✧*.。:。*.。✱ ───

Graph View