Running head: NETWORK DESIGN IMPLEMENTATION PLAN 1

Network Design and Implementation Plan

IT640: Telecommunications and Networking
Dr. Charletta Gutierrez
Colorado Technical University

Table of Contents
Network Architecture Assessment...................................................................................................3
Business Overview......................................................................................................................3
Company Goals and Objectives...................................................................................................3
Current State of Network.............................................................................................................4
Current Network Supports Business............................................................................................4
Current Network Issues...............................................................................................................4
Mission Analysis..........................................................................................................................5
Network Reference Model Comparison..........................................................................................6
OSI Model...................................................................................................................................6
TCP/IP Model..............................................................................................................................7
Old System Diagram....................................................................................................................8
Figure 1....................................................................................................................................8
New System Diagram..................................................................................................................9
Figure 2....................................................................................................................................9
Old Data Flow Diagrams...........................................................................................................11
Figure 3..................................................................................................................................11
New Data Flow Diagram...........................................................................................................13
Figure 4..................................................................................................................................13
Mission Analysis........................................................................................................................13
Network Design Diagram..............................................................................................................15
Current Configuration................................................................................................................15
Figure 5..................................................................................................................................15

NETWORK DESIGN IMPLEMENTATION PLAN 2

Changes Proposed......................................................................................................................16
Figure 6..................................................................................................................................16
Mission Analysis........................................................................................................................18
Telecommunications Plan..............................................................................................................19
Goals and Objectives.................................................................................................................19
Network Diagram with Telecommunications Included.............................................................20
Figure 7..................................................................................................................................20
Resource Sharing Advantages...................................................................................................20
Mission Analysis........................................................................................................................21
Remote Network Implementation Plan.........................................................................................22
Goals and Objectives.................................................................................................................22
Security and Risk Mitigation.....................................................................................................22
VPN.......................................................................................................................................22
The Cloud..............................................................................................................................23
IPsec.......................................................................................................................................23
Mission Analysis........................................................................................................................24
Remote Diagram........................................................................................................................25
Figure 8..................................................................................................................................25
References......................................................................................................................................26

NETWORK DESIGN IMPLEMENTATION PLAN 3

Network Architecture Assessment

Business Overview
JL Office Supplies is a local retail location, supplying a variety of office equipment and
supplies to the community. They currently employ 30 staff members, five of which are direct
sales representatives who are first contact with the public. Some of the products which are
available include pens and paper products, office furniture, computer equipment, and the ability
to custom-order servers, workstations, and other electronics through companies such as Dell,
Gateway, or Xerox. These custom-order services are the primary responsibility of the sales
representatives they employ. The company was recently acquired by a new owner, Michael, who
while he has a successful history in retail sales, does not know very much regarding networking
and related areas the company has been experiencing problems since before he bought the
business (CTU Online, 2013).
Company Goals and Objectives
As with any business, a primary goal is to make a profit and stay in business.
Additionally, JL Office Supplies has a set of secondary goals. One of the other goals of the
business is to provide products and excellence in service to customers through the teamwork
and personalized attention [provided] to our community (CTU Online, 2013). The network
within the business needs to be replaced, and Michael knows this. Additionally, Matt, the
company in-house IT technician, needs to gain networking experience and certifications through
hands-on work with the consultants and class or seminars in an effort to gain networking
certifications.

NETWORK DESIGN IMPLEMENTATION PLAN 4

Current State of Network
The current state of the network is bad. Areas of the network need to be improved, while
others need to be replaced. The overall recommendation will be to replace as much hardware
and telecommunications equipment as possible. In general, the network infrastructure is
outdated, overworked, and ill-maintained. One of the biggest noticeable issues the network
architecture has is slow or failed network connections. In digging through the infrastructure of
the system, Category 4 cable, routers, switches, and hubs more than ten years old, and point of
sale (POS) machines which are relatively new, but incompatible with older equipment
downstream to be efficient were found.
Current Network Supports Business
The current network system supports very little of the business goals and mission. While
the system is unreliable much of the time, it does provide sufficient services to the customers
when it is working properly. This is only available when no more than two staff members are
doing work on the network at the same time.

NETWORK DESIGN IMPLEMENTATION PLAN 5

Current Network Issues
There are several different noticed issues with the current network. According to
Michael, the owner, the network experiences frequent and long periods of outages or lags. This
could be caused by any number of identifiable features of the system. The various hardware
configurations and compatibilities, older-model infrastructure, and insufficient system resources,
are among the top hardware concerns for this network system. The current network does not
allow for any online or remote access by either customers or employees. This is an area which
Michael would like to include in the new networking system (Dean, Guide to
Telecommunications Technology, 2003). Michael also knows and wants to make sure that Matt,
the IT technician, gains networking education and eventually certifications (CTU Online, 2013).
Another area of concern for Michael is the telecommunications aspect of the business.
He recently performed an audit of the PBX system, and found it outrageously unproductive and
inefficient for the needs of the business. The goal for the PBX system is to eliminate it
completely; transforming the services that system would oversee to digital versions with
computers, internet, and email (Dean, Guide to Telecommunications Technology, 2003). This
change will also incorporate the remote access by staff members and online ordering services by
customers (CTU Online, 2013). Secure connections by staff members could be accomplished
through a virtual private network (VPN) (Tanenbaum & Wetherall, 2011).
Mission Analysis
The network architecture assessment is the first step to any redesign or initial design to
improve or build a network system (Oppenheimer, 2004). Without the assessment, the project
team has no idea what is already available, what might be used or must be used in the new
design, the goals of the design, or what must be replaced from the current system design. This

NETWORK DESIGN IMPLEMENTATION PLAN 6

phase of the project fulfills the goal of the company to provide service through teamwork. The
redesign and rebuild of the current network in the company will be a constant teamwork
exercise. Teamwork is required in the actual design and building process, and teamwork is
required in fulfilling hands-on experience to the in-house IT technician. Both of these have the
overall effect on the experience the customer does and will receive.

NETWORK DESIGN IMPLEMENTATION PLAN 7

Network Reference Model Comparison

OSI Model
The open system interconnection (OSI) model (Gutierrez, DataComm_Chat3.ppt, 2013)
is only one of many different network protocol models used by network administrators and
engineers. Not as common among household networks, it is used among enterprise-level
administrators due to its ease of troubleshooting compared to other protocol models (Limoncelli,
Hogan, & Chalup, 2007). The OSI model has seven layers (Betts, 2009).
1. Application Provides send and receive commands for the POS stations, computers,
and other network devices.
2. Presentation The data is standardized for transmission over the network.
3. Session Opens, maintains, and ultimately discontinues the communication paths and
channels between devices on the network. This layer is also responsible for providing
secure communications.
4. Transport Primarily concerned with reliability of the connection and transmission of the
data. The rate of transmission, verification, and interpretation services, are applied to the
data in this layer.
5. Network Responsible for determining the network addresses of all parties on the
network, deciphers addresses, and determines the best path for data transmission between
two users. Routers are part of the network layer.
6. Data Link Divides data into frames to be sent along the network. Frames include the
original data, sender and recipient identifying information, and other information needed
by both sender and recipient for viewing purposes of the data.
7. Physical Accepts frames from the data link layer and generates (or receives) voltage to
transmit those signals across the network. Cabling, and network interface cards (NIC)
are included among the list of physical layer components (Dean, Network+ Guide to
Networks, 2008).

NETWORK DESIGN IMPLEMENTATION PLAN 8

TCP/IP Model
The original TCP/IP model includes only four layers, but handles all the same aspects of
network communications as the OSI model (Gutierrez, DataComm_Chat3.ppt, 2013). It is often
stated that it is this lack of precision among layers why enterprise-level administrators favor the
OSI model over the TCP/IP model, but it is this same lack of complexity which makes it the
perfect model for smaller networks. The four layers and functions for the TCP/IP model are:
1. Application Authentication and compression services are provided to data in this layer.
Programs send and receive requests for data transmissions in this layer also. The
application layer typically is associated with the same functions of the OSI application,
presentation, and session layers.
2. Transport Manages the transfer using TCP and UDP protocols, in addition to managing
the connections. This layer mirrors the OSI transport layer.
3. Network Fragments the data into smaller packets for easier handling by lower level
layers. The TCP/IP and OSI network layers perform the same basic tasks.
4. Link This layer physically links the devices to the network and delivers the data. Error
correction and packet framing services are provided in this layer as well. The link layer
does the same job as the data link and physical layers of the OSI model (Gutierrez,
DataComm_Chat3.ppt, 2013).

NETWORK DESIGN IMPLEMENTATION PLAN 9

Old System Diagram

Figure 1. Old System Diagram

The old system diagram (Figure 1) shows us an overview of the way the network system
currently looks. Components such as client terminals, POS machines, a switch, hubs, a router,
database server, and the outside ISP and internet are all identified. Notice there are no security
measures in place along the network. There is no access point for remote login stations, and only
one printer. The database is acting as stand-alone server at the moment, and the cabling is of
low-grade category 4.

NETWORK DESIGN IMPLEMENTATION PLAN 10

New System Diagram

Figure 2. Revised Network Diagram

The new and improved proposal (Figure 2) shows everything that we have in the old
design with regards to POS systems, a printer, client terminals, and the database server. We have
also upgraded the cabling to Cat 6, added at least two firewalls for added security, a web server
to handle outside internet and remote connections, updated hubs, and a wireless access point
(AP) for customer and staff convenience. The addition of a virtual private network (VPN) to the

NETWORK DESIGN IMPLEMENTATION PLAN 11

system is provided to allow for secure remote connections by our employees while away from
the office (Conklin & White, 2010).

NETWORK DESIGN IMPLEMENTATION PLAN 12

Old Data Flow Diagrams

Figure 3. Old OSI and TCP/IP Data Flow Chart

NETWORK DESIGN IMPLEMENTATION PLAN 13

As our employees access different parts of the system, they currently must (although
unbeknownst to them) navigate through either the seven OSI or four TCP/IP models (Figure 3).
For the network system, this can cause a bottleneck in the connections (and does frequently) if
too many users are attempting to communicate on the network at the same time. As the data
progresses from the origin (POS) of the message, a header is added at each layer. When the data
passes to the next layer, another header is added on top of the previous layers header. By the
time the message reaches the receiving device, where it must run through the process in reverse,
removing each layers header until it is left with original data, the amount of data being received
is enormous compared to what was originally sent. This addition of headers is called
encapsulation, and it can be a serious drain on network resources if the system is not properly
maintained (Dean, Network+ Guide to Networks, 2008). Of course, since there are so many
more layers, the end result of an OSI transmission is greater than the end result of a TCP/IP
transmission.

NETWORK DESIGN IMPLEMENTATION PLAN 14

New Data Flow Diagram

Figure 4. New TCP/IP Data Flow Chart

With the new system proposals, we decided JL Office Supplies should adopt an overall
network protocol model: TCP/IP. The new data will flow as shown in Figure 4. It is virtually
identical to the TCP/IP model of Figure 3, with the added firewall between the transport and
network layers for security. It must be noted that the addition of the firewall in this diagram only
applies where a firewall is present in the path between devices according to Figure 2.
Mission Analysis
One of the many complaints of the store is the unreliability and slowness of their
network. In this phase of the project, proposals for streamlining the overall network and
consolidating network hardware and connections have been made. Notes have also been

NETWORK DESIGN IMPLEMENTATION PLAN 15

documented to upgrade basic components to allow for compatibility and better overall network
performance.

NETWORK DESIGN IMPLEMENTATION PLAN 16

Network Design Diagram

Current Configuration

Figure 5. Current Network Configuration according to in-house IT staff, Matt.

With only a list of components to go by, and the limited understanding of networking that
the in-house IT staffer, Matt, has to work with, the diagram in Figure 5 shows an approximate
rendition of the current local network (LAN) inside JL Office Supplies. Outside network

NETWORK DESIGN IMPLEMENTATION PLAN 17

communication connections are provided by the local cable company (ISP), which connects to
the mainframe of the company. The mainframe communicates with a single router, which as the
database server, file server, and three separate hubs connected to it downstream from the
mainframe. At the end of each of the hubs, there are five workstations where employees access
the network. With this configuration and outdated hardware on the network, it is no wonder they
are experiencing internal network issues. These internal issues are only amplified when the
system tries to communicate outside the LAN and into the World Wide Web.
Changes Proposed

Figure 6. Proposed New Network LAN configuration.

NETWORK DESIGN IMPLEMENTATION PLAN 18

When looking at the changes being proposed, the overall feel of the network has not
changed much. There is still a mainframe being used, a router, hubs connecting five terminals,
and a database and file server on the network. The main change involves the number of different
components which will comprise the new design. The mainframe needs to be redesigned and
brought up to date in order to handle the increased load which is expected in the future. The
switch in between the mainframe and the ring networked hubs, in tandem with the routers in the
configuration, is placed to provide a stop gap measure to help control traffic flow on the network
to the various servers. Routers have been placed to connect all three lower hubs to allow for
multiple paths which data packets can travel. A wireless access point has been added to the
system. This will give employees and customers access to various wireless features, which can
be determined before the system comes online. Moving up the line, a firewall has been added
for security purposes between the switch (which handles all store-front access) and the
mainframe (which handles access to the various servers on the system) (Tanenbaum & Wetherall,
2011).
The existing file and database servers are going to be put to use and should be connected,
but not necessarily directly connected. The additional hub between them provides for this
connection, and the connection to the mainframe. We are adding a print server to handle all print
jobs on site and for orders and communications being sent out or incoming on the internet.
Being an office supply store, there are plenty of occasions where more than one print job is
queued in the system at the same time. The print server will help to manage and coordinate the
print jobs to the various printing devices in the store. The addition of the web server has been a
topic of contention with Matt, but if the added devices are in place to handle the load, there
should be no issues. If anything, the web server will help relieve some (if not most) of the

NETWORK DESIGN IMPLEMENTATION PLAN 19

outbound communication drag on the mainframe which it is currently experiencing. Finally,
another firewall is placed on the line exiting the business en route to the cable company ISP,
again for security purposes. Many people do not agree with or understand the need for such
devices, but when you consider that networks and business systems are constantly being hacked
into, the simple act of having at least one firewall separating your internal network and the
outside web, while not guaranteed to stop all attempts or attacks, is a lot better than not having
anything. Firewalls are a systems first line of defense against hacking and other malicious
attacks (Gutierrez, DataComm_Chat7_Network_Hardware.ppt, 2013).
Mission Analysis
This phase of the process helps to fulfill the overall mission of the company by looking
ahead at how JL Office Supplies can better serve their customers through new and improved
networking technologies. The current and old network has been identified and mapped out. A
new and improved design has been proposed, which incorporates remote (wireless to the extent
of the range), more data transmission options for the system, improved web and internet
communications through a dedicated web server, and a newly designed mainframe to oversee the
entire network. With the new and improved mainframe, and the addition of the wireless and
remote access points, the system is beginning to resemble a distributed network (Riley, et al.,
n.d.). In actuality, several goals have come one step closer to becoming a reality for the
company.

NETWORK DESIGN IMPLEMENTATION PLAN 20

Telecommunications Plan
Goals and Objectives
For the telecommunications of JL Office Supplies, a major overhaul should be done, and
the owner is in agreement after reviewing his own audit of the current PBX systems. The
primary goal will be to remove the PBX system, and transfer to a digitally-based system. This
will not only reduce the time for data transfer through the network system, but provide fax and
phone access to the store as well. This will be done through a voice over IP (VoIP) and fax over
IP (FoIP) system. One of the best advantages of this type of a system configuration is that it
allows for the addition of video conferencing in the future if desired (Dean, Guide to
Telecommunications Technology, 2003).

NETWORK DESIGN IMPLEMENTATION PLAN 21

Network Diagram with Telecommunications Included

Figure 7. Revised Proposed Network Diagram, including PBX systems.

Resource Sharing Advantages
The biggest advantage of sharing resources throughout the system is cost savings. It is
only logical to conclude that the less you must pay for added maintenance and services, the more
you save, no matter what the start-up cost may be. Although the new design does not completely
eliminate the PBX from the system, it is replaced with what is known as a digital, or IP, PBX
and an integrated access device. The access device allows for multiple types of devices to
converge onto a single line; you could call it a smart hub. The IP-PBX is specially designed to

NETWORK DESIGN IMPLEMENTATION PLAN 22

take the packets sent to it by the access device and deliver the data packets to the network
backbone, ultimately leaving the store and arriving at its intended destination. This PBX also
acts as a two-way interface between the outside network and the devices connected to the
system. It can also perform switching functions internally, in case one phone (or client user)
wishes to call another user within the store. Another key cause of the reduction of cost using the
data-packet method is the reduction in required system bandwidth. Since the lines are not
required to remain open and constantly transmit even when no data or information is being sent,
the bandwidth to the system can be utilized in other areas of the network (Dean, Guide to
Telecommunications Technology, 2003).
Mission Analysis
Another aspect of the overall upgrade has been addressed: the large PBX bills. The
owner requested that we devise an appropriate plan to thwart the high monthly cost of the current
PBX, which also increased lag time in other parts of the network, without losing the functions of
phone or fax. We have provided a solution which utilizes a smart PBX, expanding the phone
and fax functions, and tying them into the internet services, reducing monthly costs.

NETWORK DESIGN IMPLEMENTATION PLAN 23

Remote Network Implementation Plan

Goals and Objectives
It has been brought to our attention that the owner of JL Office Supplies wishes to include
an option to his network for employees to be able to log into the system through remote links.
Since this is a business network, with private information on the servers, this remote access
option must be as secure as possible, within reason of our budget. Despite the modest budget,
we can still provide a reasonable level of security through a variety of remote connection
hardware and software options. Authentication protocol software, virtual private networks
(VPNs), and simple hardware configuration settings during installation can all work in concert
with the firewalls and aforementioned security suite software to provide for a hefty level of
security compared to what most people have on their home computers.
Security and Risk Mitigation
There are three main technologies that can be used to initiate the remote access to the
files on the network within the business, or the business network itself: VPN, IPsec, and The
Cloud. There are advantages and drawbacks for each of these systems.
VPN. Virtual Private Networks are nothing more than a remote computer or system
connecting to another system or computer using a secure connection over an insecure network.
There are three types of VPN configurations. The host-to-host VPN connects a single client
computer to a single server. These types of VPNs are sometimes created by online retail servers
to help secure information during the online payment process by consumers. A site-to-site VPN
takes the host-to-host model and applies it to all connected data and computers for two separate
networks. In these configurations, both network sites have VPN gateways which encrypt and
decrypt data as it passes over the private network; many times, multiple simultaneous

NETWORK DESIGN IMPLEMENTATION PLAN 24

communications are passing both directions on the network. The remote access VPN provides a
secure connection of a remote user to the computer systems within the site. A gateway
authenticates and allows access by the remote user to authorized information and resources
(Panko, 2010).
In general, the use of a VPN, in conjunction with IPsec, will provide the best possible
remote access for the employees. The level of security for the information being transmitted
over the internet (unsecure) thanks to the use of the VPN and its built-in security features, out
performs the other, cheaper and less secure option, the Cloud.
The Cloud. The Cloud is simply a world-wide virtual network attached storage
platform. It is used by businesses and consumers alike to store documents and information,
transmit data from one computer or device to another, and in some cases provide a backup for
system files. There is security measures associated with Cloud computing; however, many
administrators and users (I am included) still consider the Cloud to be too new and insecure for
reliable and safe data storage and transmission. If JL Office Supplies were only going to be
storing and transmitting public information, we would not have any major objections to using the
Cloud for remote access. The nature of the business though, retail, dictates that we will be
transmitting and storing private information from our customers and vendors, none of which
should risk being copied or access by unauthorized users of the Cloud.
IPsec. While not the only cryptography protocol for network data transmission, it is
becoming the standard by which other protocols attempt to achieve. Internet Protocol Security
(IPsec) uses two different methods transport and tunneling to provide the various levels of
data security. The transport function encrypts and protects the data itself from unauthorized
views, but lets the network know the data needs to be transmitted. This part of the process only
shows the sender and recipient information, but no actual data from the encrypted message itself.
The tunneling process of the protocol encrypts all information while in transit between the

NETWORK DESIGN IMPLEMENTATION PLAN 25

sending and receiving network servers (or routers). Since the recipient header information is
encrypted through the tunneling process, the tunnel only exists between the network servers (or
routers), where it is then decrypted by the server (or router) and passed onto the appropriate user
computer at the end of the network (Conklin & White, 2010). For cost and firewall friendly
purposes, the use of an IPsec tunnel configuration is recommended. If we were to go with the
transport configuration, the firewall protection would be negated due to the encryption prior to
passing through them (Panko, 2010).
Mission Analysis
Being able to stay abreast of and adequately interpret and suggest configurations and
technologies to a customer are vital for any network administrator or architect. Many times, the
software engineer must be able to do the same, to a certain degree. Understanding the specific
requirements and wishes of the customer, in this case secure remote access, and being able to
share a few different approaches will help them make an informed decision. If they decide on a
suggestion which is not recommended, even though identified, we also need to be ready to
provide sufficient information regarding the added risks and possible mitigation techniques
which may become required now or in the future. This section of the report identifies these
areas, gives a good deal of information about each of the three primary focused technologies
(Cloud, IPsec, VPN), and provides a recommendation why the technology should or should not
be integrated into the final build of the company network system to support the remote access for
employees as requested.

NETWORK DESIGN IMPLEMENTATION PLAN 26

Remote Diagram

Figure 8. Remote Access Network Diagram showing the incorporation of VPN and IPsec.

NETWORK DESIGN IMPLEMENTATION PLAN 27

References
Betts, K. (2009, November 23). Distributed Network Design Patterns. Retrieved from MUSE:
Phase 3 Discussion Board:
https://campus.ctuonline.edu/courses/CS644/p3/hub1/24533.pdf
Conklin, W., & White, G. (2010). Principles of Computer Security: CompTIA Security+ and
Beyond (2nd ed.). New York, NY: McGraw-Hill.
CTU Online. (2013). Task List. Retrieved from IT640-1304B-01: Telecommunications and
Networking: https://campus.ctuonline.edu/classroom/Pages/AssignmentList.aspx?
Class=242274&tid=203
Dean, T. (2003). Guide to Telecommunications Technology. Boston, Mass.: Cengage Learning:
Course Technology.
Dean, T. (2008). Network+ Guide to Networks (4th ed.). Boston, Mass.: Course Technology Cengage Learning.
Gutierrez, C. (2013, November 24). DataComm_Chat3.ppt. Retrieved from IT640-1304B-01:
Telecommunications and Networking:
https://campus.ctuonline.edu/pages/MainFrame.aspx?
ContentFrame=/Home/Pages/Default.aspx
Gutierrez, C. (2013, December 10). DataComm_Chat7_Network_Hardware.ppt. Retrieved from
IT640-1304B-01: Telecommunications and Networking:
https://campus.ctuonline.edu/classroom/Pages/course.aspx?Class=242274&tid=203
Limoncelli, T. A., Hogan, C. J., & Chalup, S. R. (2007). The Practice of System and Network
Administration (2nd ed.). Boston, Mass: Pearson: Addison-Wesley.
Oppenheimer, P. (2004). Top-Down Network Design (2nd ed.). Indianapolis, IN: Cisco Press.
Panko, R. R. (2010). Corporate Computer and Network Security (2nd ed.). Upper Saddle River,
NJ: Pearson-PH.
Riley, G. F., Ammar, M. H., Fugimoto, R. M., Park, A., Perumalla, K., & Xu, D. (n.d.).
Distributed network simulator. Retrieved January 25, 2012, from Georga Institute of
Technology: http://users.ece.gatech.edu/~riley/ece6110/handouts/pdns.pdf

NETWORK DESIGN IMPLEMENTATION PLAN 28

Tanenbaum, A. S., & Wetherall, D. J. (2011). Computer Networks (5th ed.). Boston, Mass, USA:
Prentice Hall.