Instruction

The final project is to design a network, with appropriate network security / network management, and WAN connectivity for the following situation:

Organization of 80 computer users in three locations (metropolitan areas in different states).

• Ohio — two buildings (campus environment, about 100 yards apart):  30 computer users in the Buckeye Building (headquarters staff and support personnel) and 20 computer users in the Brutus Building (10 researchers / 5 support personnel / 5 techies maintaining primary web / database / file / DNS / application / mail / print / proxy servers).
• Illinois —  one building (Illini Building), 15 computer users (5 management and support staff / 10 researchers with high throughput needs) in a manufacturing environment with lots of EMI.
• Indiana — one building (Hoosier Building), 15 computer users (10 researchers / 2 support personnel / 3 techies maintaining backup web / database / file / DNS / application / mail / print / proxy servers).
• Introduction to the design and explanation of equipment and software used.
• Overall high-level diagram of the entire network.
• Diagrams for each location to include media used (wired / wireless).
• Explanation of security / network management procedures.
• Explanation of WAN services / connections / cloud proposal.

1.              Abstract

This paper presents a comprehensive network design proposal for an organization comprising three locations: Ohio, Illinois, and Indiana. The network design aims to meet the organization’s requirements for network security, network management, and WAN connectivity. The proposal includes recommendations for equipment and software High-level and location-specific network diagrams, security and network management procedures, WAN connectivity options, and a cloud proposal. The design emphasizes scalability, future expansion, and alignment with the organization’s needs.

2.              1. Introduction

The organization, with 80 computer users spread across Ohio, Illinois, and Indiana, requires a robust network infrastructure to support its operations. In today’s interconnected world, network security, network management, and WAN connectivity play vital roles in ensuring smooth and secure communication. N-Able (2021) stated efficient network design is crucial to meeting the organization’s requirements and providing a reliable and secure platform for users to access data and services.

The establishment of network connectivity across a three-location range necessitates a Wide Area Network (WAN) that integrates a common control server and routers to facilitate the transmission of data between each location. A WAN is a computer network that spans multiple geographical areas, and it incorporate an array of smaller networks, including Local Area Networks (LANs) and Metropolitan Area Networks (MANs) stated Breeding, M. (2019). The internet is a prime example of a global and diverse WAN networking system, with the key differentiation between LAN and WAN being scalability. A WAN can extend its reach to encompass numerous cities and countries within its topology.

There is required that each local station within this setup must have a local server that connects to the main server, which in turn links the entire network (N-Able, 2021). Also, the seamless integration of computers, and various information networks is crucial for the success of organizations of all sizes. As these tools facilitate the connection between people and support the smooth operation of numerous applications and services.

In designing the network, several key considerations must be taken into account. Scalability is a significant factor, as the organization aims to expand its operations in the future Breeding, M. (2019). Flexibility is essential to adapt to evolving technological advancements and changing business needs. Additionally, compliance with relevant regulations and industry best practices is crucial to protect sensitive data and ensure the organization’s integrity.

This final project requires designing a network with appropriate network security, network management, and WAN connectivity for an organization consisting of 80 computer users in three different locations. The metropolitan areas in different states include Ohio, Illinois, and Indiana, each with unique requirements for their network infrastructure.

3.              Equipment and Software

To meet the organization’s requirements, the proposal recommends suitable network equipment and software. A robust network infrastructure requires the right mix of routers, switches, firewalls, servers, and other necessary devices. In selecting the equipment, factors such as performance, reliability, scalability, and compatibility with existing systems are considered DeCarlo (2023). For the organization’s headquarters and support personnel in the Buckeye Building, high-performance routers and switches are proposed to handle the increased network traffic. The servers in the Brutus Building, responsible for web, database, file, DNS, application, mail, print, and proxy services, require powerful and reliable hardware with redundancy measures to ensure uninterrupted service.

It is crucial to have a well-designed and properly implemented network infrastructure to ensure smooth and efficient communication and data transfer within an organization. The proposed network equipment and software have been carefully evaluated and selected based on various factors, including performance, reliability, scalability, and compatibility. For the headquarters and support personnel in the Buckeye Building, high-performance routers and switches are recommended to handle the increased network traffic. This will ensure that the network can handle a high volume of data transfer without slowing down or causing interruptions. On the other hand, the servers in the Brutus Building play a critical role in providing various services to the organization. As such, the proposal recommends powerful and reliable hardware with redundancy measures to ensure uninterrupted service of web, database, file, etc.

For the protection of the network from external threats and unauthorized access, this proposal includes advanced firewall solutions that provide robust security features. Additionally, network monitoring and management tools are recommended to ensure optimal performance, proactive troubleshooting, and efficient utilization of network resources.

4.               Overall High-Level Network Diagram

A high-level diagram is presented to illustrate the entire network architecture. This diagram provides an overview of the network’s layout and connectivity between the three locations. It includes the main components such as routers, switches, firewalls, and their relationships. The high-level diagram serves as a visual representation of the proposed network design, enabling stakeholders to understand the overall structure and flow of data.

The diagram highlights the connectivity between the Buckeye Building and the Brutus Building in Ohio, emphasizing the need for a reliable and high-bandwidth connection to support seamless communication and data transfer. It also showcases the connections between the Illinois-based Illini Building and the Indiana-based Hoosier Building, demonstrating the integration of all three locations into a unified network.

5.              Location-Specific Diagrams

In this section, location-specific diagrams are provided for each of the three locations: Ohio (Buckeye Building and Brutus Building), Illinois (Illini Building), and Indiana (Hoosier Building). These diagrams offer a detailed view of the network layout and connectivity at each location, providing insights into the specific requirements and considerations unique to each site.

5.1 Ohio:

The Buckeye Building diagram showcase the network layout and connectivity for users. The diagram includes the placement of routers, switches, and firewalls, ensuring efficient data flow and security. The headquarters staff and support personnel are highlighted, along with their respective devices and workstations. Wired media, such as Ethernet cables are recommended for the Buckeye Building to ensure high-speed and reliable Connectivity.

Wireless connectivity is recommended for the computer users in the Brutus Building, allowing for flexibility and mobility within the building premises. Access points strategically placed throughout the building ensure reliable wireless coverage, enabling seamless connectivity for researchers and support staff who require mobility within their workspaces.

5.2 Illinois:

The Illini Building diagram depicts the network layout and connectivity for the 15 computer users in a manufacturing environment with significant electromagnetic interference (EMI). Considering the challenges posed by EMI, shielded Ethernet cables are recommended to minimize signal degradation and ensure reliable communication.

The diagram highlights the placement of routers, switches, and firewalls to establish a secure and efficient network. The management and support staff are identified, along with their respective workstations and devices. to meet the high throughput needs of the researchers in the manufacturing environment, dedicated high-speed connections and network optimization techniques, such as Quality of Service (QoS),, are implemented to prioritize their data traffic.

5.3 Indiana

The Hoosier Building diagram showcases the network layout and connectivity for the 15 computer users. Similar to the other locations, routers, switches, and firewalls are strategically placed to ensure a secure and efficient network infrastructure The researchers, support personnel, and techies responsible for maintaining backup servers are highlighted, along with their workstations and devices.

To optimize network performance and ensure reliable connectivity, a combination of wired and wireless media is recommended for the Hoosier Building. Ethernet cables provide fast and stable connections for critical operations, while wireless access points cater to the mobility requirements of the researchers and support staff.

The location-specific diagrams provide a detailed understanding of the network layout, connectivity, and specific considerations for each site, enabling stakeholders to visualize the proposed network design and its alignment with the organization’s requirements.

6.               Security and Network Management Procedures

To protect the organization’s network from external threats and ensure efficient network management, comprehensive security and network management procedures are proposed. These procedures are designed to safeguard the network infrastructure, data, and sensitive information while enabling effective monitoring and management of network resources.

To enhance network security, The proposal recommends the implementation of a multi-layered security approach. This includes the deployment of next-generation firewalls with intrusion prevention systems (IPS) and virtual private network (VPN) capabilities DeCarlo (2023). The firewalls are configured to enforce strict access controls and inspect network traffic for potential threats. VPN tunnels are established to provide secure remote access for authorized users.

Additionally, the use of encryption techniques, such as Secure Sockets Layer (SSL) and IPsec, is proposed to ensure the confidentiality, and integrity of data during transmission Breeding, M. (2019).. This protects sensitive information from unauthorized access or interception. Encryption is the process of encoding data in such a way that it is unreadable to anyone who does not have the appropriate decryption key. SSL and IPsec are two widely-used encryption protocols that provide secure communication over the internet.

SSL encrypts data at the application layer, while IPsec encrypts data at the network layer. Both protocols are highly reliable and effective at ensuring secure data transmission.

SSL is commonly implemented in web browsers and is used to secure online transactions, such as credit card payments and online banking. When a user enters sensitive information on a website secured with SSL, the information is encrypted before it is transmitted over the internet. This makes it virtually impossible for hackers to intercept and steal the information.

To effectively manage the network, Network management tools and processes are suggested. These tools enable real-time monitoring of network devices, traffic, and performance metrics. They also facilitate centralized configuration management, allowing administrators to efficiently control and update network settings across multiple locations.

Regular network audits and vulnerability assessments are recommended to identify and address any security vulnerabilities or weaknesses DeCarlo (2023). Incident response procedures are established to quickly respond to and mitigate any security incidents or breaches. User access controls and authentication mechanisms, such as two-factor authentication, are implemented to prevent unauthorized access to network resources.

7.              WAN Connectivity

Interconnecting the three locations requires a reliable and high-performance Wide Area Network (WAN) connectivity solution. Several options are considered, such as Multiprotocol Label Switching (MPLS), Virtual Private Network (VPN), and leased lines.

MPLS is recommended as it offers secure and scalable connectivity between geographically dispersed locations. It provides Quality of Service (QoS) capabilities to prioritize network traffic and ensure optimal performance for critical applications. MPLS also enables the organization to have centralized control over the network, simplifying network management and troubleshooting.

Alternatively, VPN tunnels over the public internet can be utilized, providing cost-effective connectivity while maintaining adequate security through encryption and authentication mechanisms Dhillon et al., (2023). This option is particularly suitable for organizations with budget constraints.

Leased lines, although more expensive, offer dedicated and reliable connectivity with guaranteed bandwidth. Leased lines ensure consistent data transmission and are suitable for organizations that require high-speed and reliable connections.

The choice of WAN connectivity depends on factors such as budget, Performance requirements, security, and scalability. A combination of MPLS and VPN tunnels can be employed, tailoring the solution to meet specific needs for each location.

8.               Cloud Proposal

As part of the network design, the feasibility of utilizing cloud services for specific applications or services is evaluated. The cloud offers numerous benefits, including scalability, cost-efficiency, and flexibility. Migrating certain services to the cloud can help optimize resource utilization and simplify management.

In the proposed design, specific applications or services that can benefit from cloud migration are identified. This includes non-critical applications, email services, document storage, and web hosting Dhillon et al., (2023). By leveraging cloud providers, the organization can offload the infrastructure management, ensuring high availability, and reducing the burden on internal IT resources.

However, it is crucial to consider potential drawbacks and risks associated with cloud adoption. These include data security concerns, data sovereignty, and dependency on external service providers. The proposal addresses these concerns by recommending comprehensive data encryption, data backup, and contractual agreements with cloud service providers to ensure data privacy and compliance with applicable regulations.

Integration with the network design is crucial to ensure seamless connectivity between the on-premises infrastructure and the cloud services. This involves establishing secure VPN connections, configuring appropriate network settings, and implementing identity and access management controls.

9.              Conclusion

In conclusion, this network design proposal addresses the organization’s requirements for network security, network management, and WAN connectivity across its three locations. The recommended equipment and software, along with the high-level and location-specific diagrams, provide a clear understanding, of the proposed network architecture.

The proposed security measures, including firewalls, encryption, access controls, and network management procedures, ensure the protection of network resources and sensitive information. WAN connectivity options, such as MPLS or VPN, enable efficient communication and data transfer between the locations.

Additionally, the cloud proposal, presents an opportunity to leverage cloud services for specific applications or services, enhancing scalability and reducing operational overhead.

The proposed network design emphasizes scalability, future expansion possibilities, and alignment with the organization’s requirements. It provides a robust and secure network infrastructure that can support the organization’s operations, facilitate collaboration, and enable seamless communication.

By implementing this network design, the organization can establish a reliable and efficient network infrastructure, ensuring secure data Transmission, optimized resource utilization, and streamlined network management. Overall, this comprehensive network design proposal aims to meet the organization’s current needs while providing a foundation for future growth and technological advancements.

References

N-Able. (2021). Network Planning and Design. N-able. https://www.n-able.com/blog/how-to-design-a-network

GeeksforGeeks. (2023). Types of area networks  LAN  MAN and WAN. GeeksforGeeks. https://www.geeksforgeeks.org/types-of-area-networks-lan-man-and-wan/

Dhillon, H. S., Huang, H., & Viswanathan, H. (201).8 Wide-area Wireless Communication Challenges for the Internet of Things. arXiv preprint arXiv:1504.03242

Habte, F. (2022, April 25). What is Network Security? The Different Types of Protections. Check Point Software. https://www.checkpoint.com/cyber-hub/network-security/what-is-network-security/

Breeding, M. (2019). Designing and building the best small office network from the ground up. Library Technology Guides. https://librarytechnology.org/document/1236