Sunteți pe pagina 1din 11



Integrative Network Design Project

Jeremy Freeman
November 10, 2014
Dean McIntyre


It has been decided that it will be beneficial to improve the connections of the three locations of
Kudler Fine Foods currently using a Wide Area Network (WAN). The three locations are in Del
Mar, La Jolla, and Encinitas California. The company has seen lots of growth after its first year,
so any changes will need to be designed to support future expansion as new locations are added
at a later date. There are no immediate plans for expansion, but it could be a project at some
point in the future as long as Kudler Fine Foods remains profitable.

Currently, the three locations are connected by a T3 dedicated line WAN. All three locations
have internal networks based around a 100baseT environment. Each location uses an IBM blade
server. That server handles all the network, print, and file services.

The home office is in the La Jolla location. So that location has 3 networked printers and 19
VoIP phones. Currently 19 employees use Dell computers on the network. The other stores are
smaller so the usage is a bit different. At each of the other locations, employees share a single
networked multifunction printer. Each location uses 6 VoIP phones and only 6 employees are
currently using Dell computers at each location.

All three locations are currently using a mix of fiber, WAN and WLAN networking standards.
The La Jolla location also features a fiber link for the 10TB NAS used to back up the server.

The current system is sufficient for the current business, but does not allow for future expansion.
Updating the network now, will allow future growth without major effort.
Todays data communication networks allow for data to be transmitted from one terminal to
another. That other terminal could be on the other side of the room or on the other side of the
world. There are several components between those terminals, such as switches, routers, and

Most of the time the user interaction will take place at a terminal. Terminals can be as little as a
screen and keyboard with no processing power or data storage. Many times, however, the
terminal is a full computer that has data processing capabilities and data storage outside of the
network. These are sometimes referred to as workstations since they have more abilities than
basic terminals. Both terminals and workstations will have hardware to connect to the network. A
network adapter may be built in, or a network interface card may be added to the computer to
allow data transmission.

From the terminal, data travels through the transmission links that actually connect system
components. Those links could be physical, like fiber optic cables, coaxial cables, or twisted pair
copper wires. Those transmission links could also be over the air, like Infrared, microwaves or
satellite options. The different transmission links vary in the amount of data they can transmit at
any given time and on their effective range. Some can cover very long distances and carry lots of

The way the data is transmitted is also affected by the chosen transmission method. Transmission
methods vary from analog to digital. And digital transmission could consist of circuit switching
or packet switching. With circuit switching, the selected path for data to travel is fixed during
the duration of the session. No other users can use that channel until the session has been
completed. Packet switching, on the other hand delivers data in small groups that take different
routes through the network to reach the destination. Upon arrival, the data is put back together in
the proper order. Packet switching does not tie up a channel like circuit switching, since there is
no dedicated path from the sender to the receiver.

Next in the network come switching devices. Switching devices include bridges gateways, and
routers. These components direct the network traffic. Bridges are used to connect networks, even
networks using different wiring. A gateway connects networks that are using different
incompatible protocols. Gateways are complex devices that convert protocols so that the
networks can communicate. Routers are commonly used devices that connect networks that use
either the same or compatible protocols. The router selects the most efficient path to the

Most networks, like the ones within each location of Kudler Fine foods, are local area networks
(LAN). LAN components typically include connected devices, like computers and printers, a
network server, and a way of connecting the devices. This usually means Ethernet cables or
sometimes also wireless technology like wifi. The server acts as the brain of the network and
allows multiple computers to share multiple devices like printers or network attached storage.

The individual locations are connected to each other in what is called a wide area network
(WAN). Many times the locations are connected via phone lines. A modem is required on each
end to facilitate communication across the WAN.

Since there are multiple locations within Kudler Fine Foods, managing network security is more
complex. Every company needs a firewall. A firewall is a piece of hardware or software which
prevents some communications on the network forbidden by the security policy, The firewall
constantly checks network traffic to verify if it should be allowed onto the network. If anything is
questionable, the firewall blocks the communication. In addition, as the company grows, it will
be beneficial to have a virtual private network (VPN), which will allow individuals with secure
access to the companys network. And just like other smaller networks, security software is
needed to filter email and websites so that no viruses, spyware, malware, or other malicious
threats can infect the network.

The upgrades to the Kudler Fine Foods network will need to incorporate a variety of
communication protocols. The main reasons for using multiple protocols are to provide
maximum performance on the network and to ensure compatibility with a variety of different
products. Some of the protocols utilized include TCP/IP, UDP, HTTP, Ethernet, and even POP3.
Both hardware and software protocols are utilized in the existing system and will continue to be
used after the upgrade.

The expansion of the network will have 2 phases. Phase one will improve the existing setup and
improve network performance. Phase two will add a secure wireless network at each location to

allow for the use of multiple new devices in the future. The network architecture will remain the
same. The current Wide Area Network (WAN) uses a T3 dedicated line to connect the three
locations. All three locations have internal networks based around a 100baseT environment. Each
location uses an IBM blade server. That server handles all the network, print, and file services.

For Phase one of the proposed expansion, we must improve the existing network to get better
performance. Adding new users would put more strain on the system so improvements must be
made in advance to prevent any issues. At this stage, the best first step is completes some
network traffic analysis. This step is important to determine who talks to whom and who talks
when. This information is handy when optimizing the network and improving the network
security. An attacker can gain important information by monitoring the frequency and timing of
network packets. To defeat traffic analysis, a combination of encrypting messages and masking
the channel is best. When no data is being sent, sending dummy traffic, which appears to be
similar to the encrypted traffic, can mask the channel. That will keep bandwidth usage constant
and help protect the channel from outside attacks.

Measurements must be taken before and after the completion of phase one to ensure there was a
network performance improvement. Improving the network should reduce latency, improve
response time, and improve jitter or packet delay variation. Latency is a measurement of the
amount of time for a packet to travel from source to destination plus the time from the
destination back to the source not including the amount of time that a destination system spends
processing the packet. Response time is the elapsed time between the end of a command on a
computer system and the beginning of a response. Jitter is the variation in the time between

packets arriving. A network with constant latency has no jitter. Jitter can be caused be caused by
various reasons, such as network congestion or route changes. These measurements will help
determine the quality of service or overall performance of the network

The current network performs well. There have been no complaints regarding response times.
Latency and jitter are within reason considering the distances between the locations. It is
important to remember that speed does not equate to latency. Speed refers to how quickly
something can be downloaded, while latency refers to the length of time it takes a packet to
travel from Point A to Point B. Since the network currently has decent speeds, there may be
software solutions required to improve latency measurements.

Since the business has locations that share information, another important measurement to
consider is the data transfer rate. This is a measurement of the amount of data being moved from
one place to another within a certain timeframe. By increasing bandwidth, we can improve the
data transfer rate.

Phase two of the upgrade will add a secure wireless network at each location. This will require
the use of both network switches and routers. Switches create networks. Routers connect
networks. Switches are used to connect computers, printers and servers within a location. A
router links computers to the Internet, so users can share the connection.

Updating the switches and routers for more capacity and wireless capabilities will allow
additional devices to be connected to the networks at each existing location. Routers will allow

highly secure VPN access for five to 100 remote workers, depending on the model. Built-in
firewalls, advanced encryption, and authentication features protect against external threats.
Additionally, switches will utilize a variety of communication protocols that will connect all the
necessary components. Those include advanced QoS, IPv6 support, and 10 Gigabit Ethernet
connectivity. This should ensure the system is able to deliver the capabilities needed to support
usage today and tomorrow as the system expands.

VoIP functionality will be added as well. A PBX (Private Branch Exchange) is a telephone
switching system. The PBX manages both incoming and outgoing calls for the company's
internal users. A PBX is connected to the public phone system and can automatically route
incoming calls to specific extensions. It also shares and manages multiple lines. The PBX system
will require external and internal phone lines; a computer server that manages call switching and
routing; and a console for manual control. Business VoIP providers usually feature a hosted PBX
as part of their basic packages. A hosted PBX has all of the same features as a traditional PBX
machine without the need for expensive machinery. A switch will be necessary for transferring
calls from one line to another. Switches range in price depending on the number of devices they
can accommodate. For Kudler Fine Foods, a good VoIP solution will include an NEC SL1100
Main KSU, a 16 channel VoIP daughter board which includes 4 SIP Trunk ports, and 6 IP 24Button Business Telephones for each location. The advantage of SIP Trunking is it will allow the
connection of an analog PBX and analog office equipment to the Internet so that VoIP services
can be used without replacing lots of devices.
For security, many companies use firewall software to protect computers against hacker attacks
and other Internet threats. A better method is to deploy a hardware firewall, which also uses

software to block unauthorized access to computers. This method is preferred because it will be
easier to maintain and less expensive in the long run. This is because firewall software programs
must be installed on each individual PC it's meant to protect. To protect all of the company's
computers, each one must have a software firewall installed. This can become expensive and
difficult to maintain and support. So the hardware-based firewall is the better solution for Kudler
Fine Foods. In addition to a firewall, antivirus, antispam, antispyware, and content filtering will
also help to protect the network. To avoid physical vulnerabilities, a common sense security
approach will be used. All Ethernet ports not in use must be inactive. USB ports on computers
will be disabled so that they cannot be used to connect Mass Storage Devices that can upload
malicious files or download sensitive documents. VoIP security systems using security cameras
and sensors that are operated over Internet service, can be included to provide a higher level of
VoIP alarm systems can include a variety of accessories to customize the installation. Things like
bells, alarms, buzzers, and speakers, can be easily programmed and managed over the Internet.
Doors to IT areas will remain locked with the only access allowed for IT personnel. Security
badges must be scanned to enter and will create a time-stamp to verify who entered the room and
when. That should reduce any internal attacks from employees. Daily security scans of the
network will identify any external security breaches so they can be eliminated in a timely

As Kudler Fine Foods grows and expands, the network will continue to be the backbone that
keeps all locations connected. From the existing stores to future locations, a WAN will be used to
tie all locations together. Internally, a WLAN will be the network configuration. Updating the

existing networks can be completed within 1-3 months. Expansion of new locations can be
integrated into the construction of the location. Rollout time will be minimal. The changes
suggested were chosen based on ease of integration and deployment. Minimal changes are
required to the existing system and new locations can be added at will. Each new location will
mirror the existing layout, which will save time and money. Additionally, it will make the
systems easier to support and maintain as each location will use identical hardware and software



Groth, David and Skandler, Toby (2009). Network+ Study Guide, Fourth Edition. Sybex, Inc.
Demichelis, Carlo (November 2000) - "Packet Delay Variation Comparison between
ITU-T and IETF Draft Definitions"
ITU-T Recommendation Y.1540 (February 1999) "Internet
Protocol Data Communication Service - IP Packet Transfer and
Availability Performance Parameters"