System integration

23/03/2026

1. Storage and server technology

Servers are an indispensable component in information technology systems, considered the central brain of the entire system, and are divided into many different types depending on usage requirements. We offer product lines from many manufacturers such as Cisco UCS, HP, IBM, Dell… These are divided into three main segments:

Entry-Level Servers: Designed for low-demand needs, primarily for small businesses or applications that don't require high-end configurations.

Midrange Level Servers: Designed for small and medium-sized businesses, capable of supporting systems requiring high processing speeds and virtualization.

Enterprise-class servers: Designed for systems with very high performance and virtualization requirements, supporting multiple processors, large amounts of memory, and providing very high I/O and data transfer bandwidth. This segment is represented by servers with a Blade architecture.

2. Virtualization Solutions

Virtual Desktop Infrastructure (VDI) is a solution that uses computing resources from servers combined with virtualization technology to create a system of workstations, which are then virtual machines. Users access the system and are allocated virtual machines for remote use.

Images of the interfaces of the running virtual machines are transmitted to the user's terminal screen, and user actions (keyboard, mouse, etc.) proceed completely normally through remote display protocols (Desktop Display Protocol) established between the user's access device and the workstation within the data center.

3. Collaboration Solution Suite

Currently, there are many models for deploying a Unified Communications system; however, any unified communications system must rely on a central call processing device, the Cisco Unified Communications Manager.

Cisco Unified CallManager is the call processing component in Cisco's Unified Communications system. Cisco Unified CallManager extends enterprise voice capabilities and transforms them into call-packaging devices such as IP Phones, multimedia processing devices, VoIP gateways, and multimedia applications. Furthermore, it integrates services such as unified messaging, multimedia conferencing, contact centers, and interactive multimedia responses with IP telephony solutions through Cisco Unified CallManager application programming interfaces (APIs).

3.1 Basic Components of an IP-based Voice System

Central switchboard:

The Cisco Unified Communication Manager (formerly known as Cisco CallManager or IP PBX) is the central hub for handling all voice calls on an IP Telephony network. Cisco Unified Communication Manager enhances the capabilities of the IP voice network through network devices such as IP phones, media processing devices, VoIP gateways, and multimedia applications.

Voice Gateway System:

A voice gateway provides the ability to communicate between different types of voice control signaling protocols. For example, a voice gateway provides the ability to communicate between voice systems using the H.323 protocol and PBX systems using other protocols through a protocol converter. It also provides the ability to connect IP telephony systems with PSTN systems, traditional PBX systems, or connect to analog phones or fax machines.

Gatekeeper system:

+ To be responsible for managing the registration, acceptance, and status of terminal devices and gateways, the Gatekeeper network element is in charge. It determines the path for transmitting call signaling and content for each call, and in addition, the Gatekeeper can also participate in zone management, call processing, and call signaling.

Endpoint System:

+ Terminal communication devices include desk phones, voice software installed on PCs, and each of these devices has Ethernet connections.

3.2 VoIP Deployment Models

The IP Telephony system deployment model is based on the following platform:

+ Single-Site Model: The Cisco Unified Communication single-site system deployment model includes a call center located at a single site. IP Telephony services are not provided over a WAN. In this deployment model, all equipment serving the IP Telephony system, including the PBX, voice gateway, and endpoint, is located at a single central site, and voice data is centralized at that one point.

+ Multi-Site Model with Centralized Call Center: The Multi-Site deployment model is designed on the principle of having a call center located at the headquarters, providing VoIP services to remote sites connected via the IP WAN network infrastructure. The WAN network will handle the transport of VoIP traffic between the central site and the remote sites. Remote sites will rely on the Cisco Unified Communication Manager system deployed as a cluster to use services such as Voice Mail and IVR (interactive voice response).

+ Distributed call handling multipoint communication model: This model is only applied when a Cisco Unified Communication Manager Cluster is not large and powerful enough to support the entire system, either due to geographical or organizational constraints.

4. Data Center Infrastructure Support Solutions

4.1 Power supply system design

The data center uses the building's grid power, with an automatic transfer switch (ATS) system between the grid and the building's generator. The data center's main switchboard will power the uninterruptible power supply (UPS) system, and the UPS system will provide a stable power supply to the IT equipment.
The main distribution panel will also supply power to the UPS, the CRAC panel will supply power to the two Uniflair cooling units, and the ELV panel will supply power to household appliances and lighting.

4.2 Design of precise air conditioning systems

The data center will be equipped with a precision air conditioning (AC) system to control ambient temperature between 20-24°C and relative humidity between 40-55%. The AC system used in the server room design is a downflow system. The cooling systems are located in the same room as the server racks. The total design capacity meets the electrical power (heat dissipation) of the IT equipment with N+1 redundancy.
Utilizing two cooling systems, each unit provides a cooling capacity of 39kW with 39W of backup power. To ensure operational efficiency, this design provides N+1 redundancy.
Air-cooled refrigeration technology includes one outdoor-mounted condenser for each system. The condensers will be located in the rear area of the building.

4.3 Design of security and fire protection systems

The data center entrances are equipped with magnetic card readers and keypad access control to ensure a high level of access control. The fire protection system uses FM200. The security and fire protection systems are equipped with their own battery power sources, capable of storing power and operating continuously for 24 hours in the event of a power outage.

4.4 Construction Design

All electrical cabling will be routed under the raised floor, and the raised floor will be installed in the data center area. The front facade will be rebuilt with 1-hour fire-resistant drywall including insulation. The drywall will extend from the concrete floor to the false ceiling to ensure absolute watertightness. The entrance doors will be 1-hour fire-resistant steel doors.

4.5 Designing a centralized management system

The centralized management system fulfills four main functions:

+ Centralized monitoring of security cameras installed within the data center.

+ Monitor temperature and humidity in necessary areas within the rooms and for water leaks in the data center.

+ Centralized monitoring and management of UPS, CRAC, and PDU systems distributing power to rack cabinets.

+ Manage and send alerts based on predefined conditions to data center administrators via various formats (SMS, email, etc.).

5. Security Solutions

5.1 RSA SecurID Two-Factor User Authentication Solution

With traditional authentication solutions proving insecure, better authentication solutions are needed in today's business environment. An authentication solution is only considered good when it meets the following key requirements:

Low cost.

+ Easy and convenient to use, and compatible with many systems.

+ Excellent scalability and compatibility with other systems.

+ RSA's SecurID two-factor authentication solution works on the principle that to log into the system, a user must have both: something they know and something they possess. This is similar to withdrawing money from an ATM: you need your ATM card (which you have) and your PIN (which only you know). Without either of these (ATM card or PIN), you cannot withdraw money.

The RSA SecurID® solution consists of three components:

+ RSA SecurID® Authenticators: These are devices linked to the user. They can be hardware or software and are called tokens. Customers can choose the device that best suits their needs.

If it's a hardware device, RSA's solution allows users to use it anytime, anywhere, on any computer without having to install any additional software (a zero-footprint solution).
If it's software, it can be installed on laptops, integrated with browsers, or other handheld devices such as PDAs, wireless phones, etc. These devices generate different numbers over a certain period of time.

+ RSA Authentication Agent: This is software installed on network access points (e.g., gateways, VPNs, remote access servers, etc.), servers, and other information resources that need to be protected within a business. It acts like a gatekeeper. When a user login request is received, it receives the login information and forwards it to the server containing the RSA Authentication Manager component for authentication.

+ RSA Authentication Manager: This is the administrative component of the RSA SecurID solution, used to verify authentication requests and centrally manage authentication policies across the entire enterprise network. RSA Authentication Manager can be scaled to meet any enterprise need. It can authenticate millions of users, including local network users, remote users, VPN users, etc. RSA Authentication Manager is fully compatible with network devices, RAS, VPN, Access Points, etc., from all major manufacturers worldwide. Therefore, with RSA's SecurID solution, users don't have to worry about compatibility issues.

+ RSA Authentication Manager also offers tight integration with standard service systems such as RADIUS, LDAP, etc.

Another outstanding feature of RSA, which no other provider offers, is the ability to create multiple independent work areas (realms) and the ability to allow up to 15 RSA Authentication Manager servers to operate on a single system.

5.2 IronPort Email Security Solution

IronPort has been a leading provider of anti-spam, anti-virus, and anti-spamware devices for organizations ranging from small to Global 2000. IronPort's email security, web security, and usage management product lines utilize SenderBase (the world's largest threat intelligence data provider) to analyze email and web behavior globally, enabling IronPort devices to effectively and quickly mitigate risks that could negatively impact organizational operations.
Solution model: Customers can use IronPort as a mail gateway for both incoming and outgoing email data.
Key features of Iron Port: IronPort can set detailed rules for individual users or groups of users. For example, if we need to monitor an individual user or a department within a company, IronPort supports LDAP and AD for retrieving user or group information.
Iron Port Senderbase Network: Iron Port's SenderBase is the world's largest email traffic monitoring network. Collecting approximately 30% of the world's internet data, IronPort's SenderBase network provides real-time observation of threats from around the globe.