Documente Academic
Documente Profesional
Documente Cultură
Submitted by
Submitted to
Module Code
CE00382-2
Intake Code
HF09B1COM
Assignment Title
Individual Assignment
Due Date
Acknowledgement
I would like to extend my gratitude to those who helped me in completing the
individual assignment for the module Hardware, Software Systems and Networks II.
I‟m very grateful for his guidance and the manner he helped me with the encountered
problems.
Abstract
This project is an individual assignment in the module Hardware, Software Systems
and Networks for the HF09B1SE.
Main aim if this project is to design a network proposal to a popular business company
in Malaysia. Company would like to invest large amount of money to implement new
network system to the company.
Addition to that owner would like to know about the networks before he make a huge
investment.
Table of Contents
Acknowledgement ........................................................................................................... 1
Abstract ........................................................................................................................... 3
1.1.1 Create a LAN (Local area network) within the buildings .............................. 9
1.1.2 Connect the sub branches to the main building by a network...................... 9
1.2 Indirect requirements ....................................................................................... 10
1.3 Assumptions..................................................................................................... 11
2 Research ................................................................................................................ 14
2.3 Connect the computers and other peripherals together to share the resources
within the buildings .................................................................................................... 23
4 Conclusion ............................................................................................................. 58
4.1 Connect the computers and other peripherals together to share the resources
within the buildings .................................................................................................... 58
4.2 Connect the sub branches to the main building to share the resources. .......... 58
4.3 Maintain a centralized database for all the branches around the world to
access. ...................................................................................................................... 59
5 Reference .............................................................................................................. 66
List of Tables
List of Figuers
1 Requirement Analysis
Company requirements can be separate into main 2 parts which are essential
requirements and indirect requirements.
1. Security
a. Establishing a secured network within the branches.
b. Establishing a secured connection between branches when
communicating.
2. Backup
a. Backing up the database and secured them.
3. Communication
a. Establishing a cost effective and fast communication method
between the branches
b. Establishing a cost effective and fast communication method within
the branch.
4. Monitoring
a. Establishing a secured and reliable method to monitor the work
station from a different location.( security purpose)
b. Establishing a secured and reliable method to monitor the payroll
system.
5. Other
a. Establish a reliable method to provide the e-mail accounts to the
company staff.
b. Establishing a fast and reliable system to input the product data to
the system.
c. Establishing a secured and reliable way to make online payments.
10
1.3 Assumptions
Following are the main assumptions.
1. Companies have one main branch and other 3 branches are sub branches
which are located in different countries in Asia.
2. Main branch will handle all the main functionality of the business.
3. Main branch building will have all the main servers
4. Sub branches can access to the database and other servers via internet
5. Main branch and other sub branches have proper internet connections.
6. Sub branches will have the internet capacity to access the servers without
a delay.
7. Cabling is done using the air duct of the building to protect the cables.
8. Building air duct is magnetic fields and noise free.
9. Cables which are connecting the floors are going only through the building
air duct.
10. Cables are well protected within the floors.
11. Each user will need to have a valid username and password to log to the
system
12. Coverage of the Wi-Fi access –point devices are sufficient to the each
floor of the building
13. Backup servers are placed in the main building and it will back up every
transaction on real time.
14. All the diagrams shown in the document are to represent the connections
between the devices.
15. The places of the devices can be changed according to the situation and
the location; diagrams are used to illustrate the logic of the network.
16. All the main switches are locked in a safety box in order to prevent any
damage taken by.
11
17. Cabling within the floor is done on the ceiling so the noise signal
interference will be less.
18. Main branch has 40-50 staff members currently and will grow tit with the
time.
19. Staff will not grow up to 70 within next 2 years.
20. Sub branches has a staff of around 30-40 currently and will grow it with
the time.
21. Printers and other private equipments which are connected to the network
will share among the staff members within the building.
22. In future they will be allowing customers to purchase items online (
electronic commerce)
23. They have a security room to place the CCTV monitors.
24. Each member of the staff want so have their own personal office mail box
25. Each staff member wants to keep their files in the server so they can aces
sot them anytime they want.
26. They already have the CCTV cameras installed in the buildings
27. Company has their own server rooms to place the new servers.
28. User levels are given to the users to authenticate the transactions
29. Transaction will process and data will be copied to the backup server only
after the relevant authorized person gave the approval to the transaction.
30. Backup has 2 partitions. And one partition will hold the old database and
other part will hold the daily updates done to the server.
31. Daily updates should be rolled in by the authorized person after the
transactions are over (daily).
32. All the equipments are mention in this proposal are available in the market
33. Company will buy all the necessary computers to the system.
34. This network proposal is valid for next 2 years
35. Sufficient technically capable people are available in the company to
access the new system
12
1.4 Scope
Main scope is to create the network within the company and connect the sub
branches to the main branch so the main branch can monitor the activities happened in
the sub branches around the world. Also to maintain a centralized database which will
allow other sub branches to access and retrieve the data from the main servers.
13
2 Research
Following research part is based on the fact finding of requirement gathering
process. This chapter will include the technical diagrams and technical reports on
selected topics.
To communicate efficiently
14
According to the Tanenbaum (2006, p.3) following are the main advantages of
having a network within a business,
Resource sharing
Do business electronically
Users can work on a project simultaneously where others will see the
changes on real time and also video conferencing also a main benefit of
having a powerful communication medium where company can hold meeting
without regarding the physical location of the users.
15
This will allow the company to reach to the international market with a very small
invest on the technology where customers can purchase or place the orders via
internet and make the payment using electronic payment method.
According to the Buzzel (2010) following are the main disadvantages of having a
network within a business
Security Issues:
Major drawback of computer network is the security of the data and the network.
Unauthorized people can connect to the network and access the company resources
and data without a problem if there is no mechanism to monitor the network traffic and
to do the authentication.
It is possible to spread the viruses within the network with a very short period of
time if a network computer system gets affected with a computer virus and it might
affect the entire business process by damaging the servers or Programs or the
company database if there is no good mechanism to control the viruses‟ attacks.
16
If the main server of the computer network fails to perform properly the entire
network system will not be functioning properly. So it is necessary to use a server with
high performance and security as a main server.
17
Client server architecture simplify the work of a network administrate and also
make the easier to backup and maintain and it also allow to add more servers to extend
the network with the time. Following illustration will illustrate the architecture of the
Client-Server architecture.
18
No central point of control to the admin so the individual users have to backup
their own system to recover the data and also of user computers will reduce the
performance as the computers needs to respond the requests of the other users.
Following illustration will illustrate the architecture of the peer-to-peer architecture.
19
20
System service failure can cause problems to the availability of the network. To
fix these problems it is need to get the services of a network admin.
Virus outbreak
There are various types of virus can be infected to the network system. These
viruses can cause networking environment to be flooded with the huge traffic
which slow down the network performance also it can harm the files in the
network.
These kinds of network failures may cause grate deal of problems to the network
it will affect to the segments of the network and fill affect the entire network
performance.
21
According to the Mitchell (2010) following are the other problems that can be arising in a
network;
Special Devices Won't Join the Network
22
Following are the main types of networks types which will enable the users to create a
small network.
“High-speed data network that covers a relatively small geographic area, It typically
connects workstations, personal computers, printers, servers, and other devices “
According to the IEEE (2004) (802 LAN and MAN standards) LAN is capable of
supporting around 200 end stations within the area of 2Km, but the distance can be
expanded by using repeaters.
23
A wireless local area network (WLAN) is a local area network (LAN) that doesn't rely on
wired Ethernet connections. A WLAN can be either an extension to a current wired
network or an alternative to it.
According o the U.S. Robotics (nd) following are the reasons to choose wireless
networking over traditional wired networks include:
Flexibility of location
WLAN has its own IEEE standards which are 802.11a, b, or g standards (this also
known as Wi-Fi).
802.11a: Data transfer rates up to 54Mbps, with this standard it is tested that
it has less interference in an area with high radio frequency. This will
broadcast in the range of 5GHz which will unable to go through the physical
barriers.
802.11g: Data transfer rates up to 54Mbps; range is 120 feet which is shorter
than 802.11b. This use the same frequency which used by the 802.11b so it
has the same problems with the interference.
24
Bus
Star
Tree
25
26
Hard to implement, Can connect the One fail of the node will cause the
and Central server is stations but it will entire network failure
Ring not required to Hard Small Business increase the Changes of the nodes affect the
maintain the collision rate of the performance of the network.
connection. packets.
Very High.
Achieve the isolation of the each node
Allow more devices
Failure of the central device (Hub,
Tree Good for the to connect due to
Hard to implement Easy Switch) causes the entire network
Business. the secondary
failure.
Hubs
Allow more device to connect
27
Cost
IEEE Standard
Performance
Installation
Reliability
Security
Mobility
Cost to Cost to
Imple Mainta
ment in
IEEE 802.3
networks- bus
High
topology
LAN Hard High Less High High Low
100-
IEEE
Mbps
802.5Token
Ring
54 Mbp
Easy, but s
IEEE 802.11a
have Rea
11 Mbp
WLA IEEE 802.11b interferenc sona Very
s.
Low Low High
N IEEE 802.11g e from bly high
54 Mbp
other s High
devices
28
According to Cisco Networks (2010) following are the Device Used in LAN networks
Description
A HUB is a physical layer device which enable user to connect multiple user
stations via a dedicated cable. Hub will not look on the routing it will
redistribute the packets which it gets from a port to all the other ports available
in the Hub. So these devices are good to mirror the traffic to another network.
1. Layer 2
2. Layer 3
Repeaters According to the Cisco Networks (2010) A repeater is a physical layer device
which uses to connect the fragment of the same network, main function of the
repeaters is to amplify the signal which it gets and re transmit to the media. By
this network can keep a steady signal throughout the communication and
prevent the signal deterioration by long cable lengths and number of
connected devices.
WLAN According to the windowsnetworking (2010) wireless access points allow the
Access-point : other wireless systems to connect to the network by using wires
communication method, these wireless access points connect to each other by
using cables.
Network According to the windowsnetworking (2010) these network cards are used to
Interface card connect to the Access-Points, normally modern laptops are equipped with
these cards, but desktop computers will not have these cards installed.
29
(Authors work)
30
31
2.5 Connect the sub branches to the main building to share the
resources
Data communications network that covers a relatively broad geographic area and
that often uses transmission facilities provided by common carriers, such as
telephone companies.
32
WAN allows the computers, printers and other devices on a LAN to be shared using
WAN.
33
34
35
Good when
Long connect times
Point-to-Point
Links Short distances
Critical traffic requirements that must be guaranteed
A backup connection is required.
Circuit
Switching You have a small site.
Short-term on-demand access is needed.
Long connect times
Packet Large geographic distances
Switching High link utilization
High peaks of critical traffic
(Authors work)
Advantages Disadvantages
Cost is High
Slow connection
(Authors work)
36
According to the Cisco Systems, Inc (2003, p.56) A virtual private network (VPN)
VPN maintain the same security and management policies as a private network and
VPN is the most cost-effective method of creating a point-to-point connection between
remote and enterprise user.
According to the Cisco Systems, Inc (2003, p.56) there are two common types of VPN
1. Remote-access VPNs
2. Site-to-site VPNs
o Intranet-based
o Extranet-based
37
Types Description
38
(Authors work)
39
2.6 Security
According to the Tyson.J (2010) a well designed VPN and Networks used several
methods to secure the data, following are the main methods to secure the data:
Firewalls
Encryption
IPSec
Proxy Server
2.6.1 Firewall
According to the Tyson.J (2010) Firewall acts as a barrier between the private
network and the internet. Company network administration can restrict the open ports
and can set the rules such as what type of packets are passed through and which
protocols are to be used. Traffic from the trusted side is not restricted. All other traffic
such as mail traffic, ftp, snmp, etc. would not be allowed across the firewall and into the
intranet
To enable the public servers such as web, ftp and e-mail while maintaining tight security
of the intranet companies used method call DMZ (demilitarized zone). In this there are 2
firewalls been used, one between the external network and the DMZ, and another
between the DMZ, all the public servers are placed on the DMZ in here also firewall
should be well programmed to incorporate with new setup. Internal firewall can block all
the incoming connections
40
2.6.2 Encryption
This has 2 categories,
Symmetric-key encryption
Public-key encryption
Type Description
41
According to the Tyson.J (2010) IPSec has two following encryption modes:
Tunnel
Tunnel encryption mode encrypts the header and payload of the each packet.
Transport.
Transport encryption mode only encrypt the payload of the each packet
Gateway-to-gateway
Host-to-gateway
Host-to-host.
42
Gateway-to-gateway “It connects two networks by deploying a gateway to each network and establishing a VPN
connection between the two gateways. The gateway-to-gateway is most often used when
connecting two secured networks. Gateway-to-gateway VPNs are typically transparent to users
and do not involve installing or configuring any software on clients or servers “
Host-to-gateway It connects hosts on various networks with hosts on the organization’s network by deploying a
gateway to the organization’s network and permitting external hosts to establish individual VPN
connections to that gateway. Communications are protected between the hosts and the gateway,
but not between the gateway and the destination hosts within the organization. The host-to-
gateway model is most often used when connecting hosts on unsecured networks to resources on
secured networks, VPNs are typically not transparent to users because each user must
authenticate before using the VPN and each host must have VPN client software installed and
configured.
Host-to-host. It connects hosts to a single target host by deploying VPN software to each host and configuring
the target host to receive VPN connections from the other hosts. This is the only VPN model that
provides protection for data throughout its transit. The host-to-host model is resource-intensive to
implement and maintain because it requires configuration on each host involved, including the
target.
Source: NLST(2010)
43
Source: NLST(2010)
44
2. Coaxial Cable
Twisted-pair cables have divided into 2 types of sub categories according to the
cover of the cable,
45
Registered Jack 45 (RJ-45) is the connecters mainly used in the UTP and it has 8 wire
connectors to connect the end station to a local LAN.
46
STP use special data connectors to connect to the local LAN, however Registered Jack
45 (RJ-45) can also be used to connect.
47
(Authors work)
48
Always use more cables than in necessary and leave plenty of slack for future
enlargement of the network.
Check every part of the network even though the cables are brand-new
Select the lowest interference areas of the building to lay the cables
If the cables are run across the open areas of the building cover the cable by
cable protector.
49
Maximu
m
Techni Cable/ Max.
number Specificatio
cal Wire Segment/w Advantages Speed
of ns
Name type ire Length
Nodes/S
egment
10Base Thick Long cable IEEE 802.3j
500 meters 100 10
5 coaxial length
Mbits/s
RG58
10Base IEEE 10
(thin) 185 meters 30 Low cost
2 802.3ab Mbits/s
coaxial
Twisted
10Base pair (like Easy to 10
100 meters 1024 IEEE 802.3i
T telephon maintain Mbits/s
e wire)
10Base Fiber- 2,000 No noise
1024 10
F optic meters interference IEEE 802.3j
Mbits/s
Source: Networkdictionary, 2010 and eeherald.com, 2010 and Cisco Networks, 1999
50
2.8 Servers
51
52
1. Broadband
2. Leased Line
3. Dial-Up
2.9.1 Broadband
Broadband connection allows high speed and support data, voice and video
information. It is called as broad because multiple kinds of information can be traveled
across the wire. Broadband connections typically always on and no need to dial to
connect to the servers and it provide a very cheap connections as well.
2.9.2 Dial-Up
Dial up is an old method of the internet connection. It has a slow data rate and
cost will be really high. User need to dial each time to connect to the server.
53
3 Critical Evaluation
According to the research based on the „Network types‟ there are main 2 types
have been identified. Those are peer-to-peer and client server architecture.
Peer-to-Peer architecture is less expensive to implement when comparing to the
Client-Server architecture. Each computer in Peer-to-Peer need to take backups
itself to recover the data but in client server model one centralized location can
take the backups so it is easy to maintain the network in client server model.
Security also a major drawback in Peer-to-Peer architecture but in client server
architecture it is easy to maintain the security due to the main server architecture.
Client server architecture is high costly when comparing with the peer-to-peer
architecture because it need to purchase more network equipments to
implement.
Considering the all the facts it is good to use client server architecture to a
network because it provides security, availability, high performance and ease of
management.
According to the research which was conduct based on the small area network
wired LAN technology provides greater values to the network than the wireless
LAN. Wired LAN provides a better connection speed comparing with the wireless
LAN. Even though wireless LAN do not provide much of a security to the network
like wired LAN it provide greater mobility to the network which is really important
factor to the users. But most of these security issues can be overcome using
newly build security mechanisms. Cost to implement is relatively less in wired
LAN comparing with the wireless LAN even though maintain cost of wired LAN is
really high.
54
Four types of network topologies have been identified in the research; those are
ring, bus, tree and star. Tree and star topologies are commonly used in the
industry due to its performances. Tree topology provides a network which allows
connecting more devices than other topologies.
Switches and repeaters are used to create wired LAN.
Wireless access points and WLAN Network Interface card are been used in
addition to switches and repeaters to connect wireless LAN.
CISCO, D-Link, Netgear are the most famous network device providers in the
market.
According to the research which was conduct based on the “Connect the sub
branches to the main building to share the resources”; Wide Area Networks
(WANs) and Virtual Private Networks (VPNs) are been identified as the best
method to create a network.
WAN network type covers a large geographical area; it has 3 main types depend
on the connection type those are Point-to-Point Links, Circuit Switching, and
Packet Switching.
Point-to-Point links are good when it needs to have long connections in a shorter
distance.
Circuit switching good when the network needs to create in a small area and a
backup connection will be preferred.
Packet switching mechanism is used when it need a long connection time in a
large geographical area.
WAN has some major drawbacks. Such as the low security, high latency,
implementing and maintain cost is very high and also the connection is very slow.
Addition to that the company will need to have well skilled IT workers to maintain
the system
VPN provide a great value to the modern networking concepts VPN has main 2
types Remote-access VPNs, Site-to-site VPNs.
55
According to the research VPN is the best method to connect or share resource
with a long distance network. Availability of the WAN is low in some parts of the
world but the availability of VPN is really high comparing to the WAN.WAN
provide a lesser bandwidth when comparing to the VPN and cost to implement is
very high in WAN. Management is very easy with the VPN comparing to the
WAN but having a backup connection will be a good implementation to both the
methods.
Security is a main aspect of the modern networking. According to the research
conduct there are various methods used to implement security features to the
system.
Firewall is a good method to restrict the unwanted traffic to the network. Firewall
can be implemented using hardware and software. DMZ (demilitarized zone) is a
new concept to use in order to allow the users to connect to the public servers.
Encryption also a good way to maintain the security and it also can be achieved
using different encryption mechanisms.
IPsec, L2TP, SSL are the main frameworks which ensuring private
communications over IP networks. Each of these have its own positive and
negatives.
IPsec support most of the operating systems and provide strong encryption
mechanism. But the main drawback is it only can protect IP based
communications and also need a client software to configured. Also does not
protect the communication between client and the IPsec gateway in gateway-to-
gateway architecture
L2TP is a tunneling protocol provides various features. It can protect non IP-
protocols and support multiple sessions per tunnel. L2TP is used along with
IPsec to provide encryption and key management services. L2TP also need to
have client software to be installed and configured.
56
SSL can provide strong encryptions and support all the major systems. But this
only provides TCP based communications and requires application servers and
clients to support SSL/TLS.
IPsec addition with L2TP is the best encryption protocol to use with VPN.
According to the research based on the „Transmission media‟ main 3 categories
have been identified. Twisted Pair Cables, Coaxial Cable and Fiber Optic Cables.
Shielded Twisted Pair (STP) Cable and Unshielded Twisted Pair (UTP) Cables
are the sub types of the Twisted Pair Cables
STP cables and UTP cables both provide same speed and throughput. STP
cables are bit more expensive comparing with the UTP.
UTP cables more prone to electrical noise and interference than UTP. UTP cable
need more signal boosters than STP to maintain a proper signal voltage.
Coaxial cables offer a great speed and throughput comparing with the twisted-
pair cables. It also reduces the electronic interference form the outside and
carries the signal with minimum interrupts. Thickness of the cable will be a
disadvantage over the implementation and also can be run with the fewer signal
boosters.
It is clear that Coaxial cable is a very good transport media to transport signal
when comparing with the twisted pair cables.
57
4 Conclusion
4.1 Connect the computers and other peripherals together to share the
resources within the buildings
Both the Wired LAN and Wireless LAN types been used within the branches to
create a network and to share the resources. Wireless LAN is used in order to give an
access to the Laptop users. Security authentication mechanisms been used in order to
provide the security to network from unauthorized people. Even though the initial cost
will be high to implement both the technologies it will add a great deal of value to the
network.
Virtual LANS will be created within each LAN to categorize the network to different
segments.
4.2 Connect the sub branches to the main building to share the resources.
VPN technology been used over the WAN technology to connect the sub branches
to the main branch because it provide speed and more secure connection. Been small
company and new to the technology it is a must for the company to use more flexible
technology which needs minimum number of technical skilled people to operate.
Addition to that VPN is more cost effective and been a company which operates in Asia
it is good to use a technology which is available in this part of the world
58
4.3 Maintain a centralized database for all the branches around the world to
access.
Client server architecture is used over the peer-to-peer architecture to cope with
the requirement of the company. Client server architecture provides great control over
the security and the maintenance of the servers and can backup the entire
database/server from one location. And also administration can monitor the entire
network from a one place. Addition to all these facts been a new company to the
technology and company also growing its business areas it is a need to expand the
network and add more features to the network in future so the client server architecture
enable to add more servers to extend the network in future without changing the
network architecture.
4.4 Security
To provide the security to the network hardware firewall is been used with a
software firewall. DMZ (demilitarized zone) concept is used when implementing the
firewall to the system because it allows the users to connect to the public servers.
IPsec and L2TP are used over the SSL framework when creating VPN connections
because IPsec support with most of the operating systems and it provide a great
encryption mechanism with the L2TP. It is really need to provide high security to the
VPN connection because remote branches will access the main company building via
VPN connection and they will be transmitting the data via the VPN connection.
.
59
4.5 Backup
Special backup planes been used to backup the database and the connections
and it will be done using a special backup mechanism. Backup is a very essential in this
architecture because entire network is based on the main site of the company and its
servers.
Two internet connections been used in the main company and special database backup
mechanism also been used in here.
4.6 Communication
Voice over IP been used in order to communicate within the branch because it is
cost effective and easy to implement. And also the maintain cost will be really low and
can expand the network without expending lots of money for a normal communication
method.
4.7 Monitoring
Video servers and CCTV cameras were used implement IP cameras to the
network which will allow the company headquarters to monitor the activities of other
branches and its own. This is very cheap method to use to monitor the live activities of
the branches. But to implement this technology it is a must to have a high speed
internet connection.
60
Unshielded Twisted Pair cables are used within the building floors since there are not
much of noises or interferences to the cables comparing with the air duct.
Even though the policies created like this; if the data been traveled in UTP is very
sensitive then the STP cables been used on those situations.
61
Network Diagrams
In here two routers been used to take two connections and that have been done as a
backup connection. Main firewall been used in the system and a separate proxy server
also used to filter the net traffic.
62
All the servers been connected to the one main layer 2 switch and floor switches are
connected to the layer 3 main backbone switch.
Video servers and video cameras are plug to a separate switch which will control the
video traffic of the system. Video record system switch is connected to the main layer 3
switch.
Each floor has its own Wi-Fi access point, which enables the laptop users to work in
different locations.
IP PBX is been used to implement the IP telephony to the network which will reduce the
communication cost of the company.
Separate switch is used to connect database server and the backup server; this is done
to reduce the traffic of the main server switch.
Telephones can be plugged to the switches of the floors to get the connection to them
and also this network implementation allows the company to connect 65 computers to
the network. If they want they can create virtual LAN and section the network.
63
64
VPN is used in order to connect to the main branch and each branch will have its own
Firewall. Main office will have all the main servers and sub branches can connect to the
servers and work as they are in the same network.
65
5 Reference
Angek.C, 2010 Network Topologies, [Online], Available http://cubadak-
angek.blogspot.com/2010/07/network-topologies.html , [Accessed 12th October 2010]
66
Cisco Systems, Inc, 2003, CCNA 1 and 2 Companion Guide, 3rd ed, Cisco Press,
Indiana
IEEE, 2004, Local and metropolitan area networks, IEEE Recommended Practice
[Online], 802.16.2, Available: http://standards.ieee.org/getieee802/download/802-
2001.pdf , [Accessed 12th October 2010]
67
Sridhar.T, 1999, Layer 2 and Layer 3 Switch Evolution, The Internet Protocol Journal
[Online], Volume 1(02), Available:
http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_1-
2/switch_evolution.html , , [Accessed 12th October 2010]
U.S. Robotics, nd, Wireless LAN Networking, Wireless LAN Networking, [Online],
Available:http://www.usr.com/download/whitepapers/wireless-wp.pdf, [Accessed 12th
October 2010]
68