Effective VTP Model Enterprise VLAN Security

Scope and goals of the project

What Is The Effective VTP Model Enterprise VLAN Security?

The main reason for the preparation of this report by the SME is for creating a connection between several branches which are located at different geographical locations, with the headquarter. The report has been prepared after considering the various scopes and goals that the project is having. There exists various types of requirements for the purpose of meeting with the demands of the organization. The needs might include the analysis of the different voluntary services of a University. The later section of the report consist of the proposal in order to obtain solutions which would be very much helpful for organization to increase its efficiency. The adaptation of a methodology has been done in order to frame the network infrastructure. The network infrastructure for this particular case is the Top down Network Design Methodology [1]. The report has also been associated with providing the logical and the physical model. The report is also associated with providing a detailed information about the cost which is needed for the purpose of deploying the new solution for the network. After the completion of all this a test plan has also been proposed which has been provided for eth purpose of analyzing the working process of the network. Along with this the test plan also helps in analyzing the security aspects which are associated with the network. The last section of the report consist of the self-reflection about the technology.

The major scope of the project is the development of the network along with the different network constraints. Besides all this the scope also includes the increasing of the efficiency of the different processes which the business conducts. There exists different types of new technologies which are responsible for making the processes much easier. But selection of the right technology is needed in order to align the technology with the different requirements of the organizations. By selection of the right technology development of the efficient network design of the organization is possible [2]. Besides all this the network solution which would be provided would also be associated with working for the improvement of the communication which exists between the various branches of the offices that are situated in different geographical locations. The use of the VPN would also be associated with favoring the remote access of the various resources of the organization which would be initially responsible for the increase in the efficiency of the organization [24].

Identified tradeoffs

The goals of the business along with the various constraints have been identified in order to develop an appropriate solution for the SME and all this constraints and goals have been listed below:

• Creation of connection with the various universities is considered as one of the main goals of the organization and besides this the providing of services which are related to the academics of the university is also included in the list of major goals of the organization. This is done generally for the purpose of improving the efficiency of the processes related to teaching. Despite of all this there also exists the need of permission in order to create a connection between the several branches and the server of the branches [3].
• Another major goal includes the providing of safety for the information of the customers along with maximum amount of security. This is to be also done for the information of the University as well. The process by which the security and safety can be provided is encryption of the various communication channels and the database. This is mainly done for the purpose of avoiding various types of risks and this risks might include theft of the data or the manipulation of the data. There is a need of selecting a proper encryption algorithm which would be mainly responsible for working as a major constraint of the encryption [23].
• Besides all this the organizations should also have an entire access of the network along with the network. Additionally there is also a need of limiting the user accessibility for the members of the organization for the purpose of ensuring the security of the network [4].

The identified tradeoffs has been listed below which are responsible for the purpose of achieving the various goals of the business:

• Maintenance of the confidentiality of the solutions for the network is needed and for doing this there is a need of providing access only to the authorized personnel’s and this would be initially helping in the preservation of the security of the different information which are sensitive in nature [5].
• There is also a need of maintaining the integrity of the data which is mainly needed for the purpose of making sure that only the authorized personnel’s have the capability of making changes in the network information and also for the purpose of preventing any type of unauthorized access [22].
• Development of a security plan for the purpose of making sure that the various requirements regarding the security of eth organization is met. Besides this there is also a need of listening to the service network which would be very much helpful in the management of the organization [6].

Making of an analysis ID is needed on the groups of the users. This is to be done by making use of the network. Besides this different services and the VLAN are also required. This would also be configured according to the various groups of peoples in order to secure the network from any type of unauthorized access. Small sized public and private universities or the collages are the major users of the infrastructure. The collages or the universities are associated with providing various types of services. Different methods have been adopted by them for the purpose of reducing the cost and this includes the supervising of the research projects for the students and teaching of different subjects [7]. In this way the students would be capable of availing eth various types of services by following simple steps. The steps includes the registration on the information system of the system. This is the initial step which needs to be done in order to use the various services. Once the shortlisting is completed by means of an interview which are generally conducted by the staffs of the university then they move on to the next step [8]. This initially give rise to the need of connecting to the network with the portal of the university besides the need of a registration model which would be followed by merging of  this two and would help the students in getting the information they need.

The following assumptions has been made in order to design the network:

• Development of a central database for eth purpose of connecting with the various branch offices and manage the whole network from a single central point.
• The organization must have the capability of increasing along with the capability of including more number of users to the network as time passes by [21].
• Need of proper availability of the funding while the development of the network is taking place.
• There must exist a proper knowledge about the network amongst the users so as to use the network efficiently.
• The servers are to be locked which would be used by the server and this is to be done in order to ensure the security of the network.

The routing protocols which are to be used in the network has been listed below:

• HDLC-This is the group of protocol which would be used for the purpose of transmission of the packet data amongst various nodes which are connected to the network. The data are mainly combined in order to form the frame which is generally sent over the network for the purpose of verifying the data [9].
• PPP- This is mainly associated with the establishment of the direct contact between the network and the admin PC for the purpose of accessing the servers without any existence of the delay. This would be used in order to maintain the servers.
• Frame Relay- This is mainly used for the purpose of packet switching and are mainly designed for the purpose of transmitting the voice by making use of the same channels in a network. Reduction of the cost for telecommunication is possible by configuring the network channels with the frame relay protocol [10].
• DHCP- when the routers or the servers are configured with the DHCP then the allocation of the IP address to the nodes is possible and this would be done automatically [20]. The nodes are mainly connected to the network and for this reason creation of different types of pools of address happens for the different VLAN. In order to make the process of management much easier the networks can be segmented into several smaller sub parts.
• NAT-This is mainly used for the purpose of increasing the network’s security by means of mapping of the port number with the IP address in an ambiguous way. The HSRP protocol is mainly sued for the purpose of configuring the routers with the NAT. along with this it is also associated with decreasing the number of IP addresses which are required [11].
• PAT- This is mainly associated with working as an extension of the NAT protocol which is generally applied in the LAN in order to permit multiple number of devices in the LAN which needs to eb mapped with a single IP address.
• Ethernet-The LANs are mainly associated with using the Ethernet for the purpose of communicating with each other and this also acts as one of the link layer protocol which is mainly used for the purpose of describing the format which has been maintained by the devices of the network while sending and receiving the data [12].
• L2/L3 Protocol: The layer 2 protocol mainly includes the ATM, ARP, CDP and many more. This layer is mainly used for the WAN in order to manage the transmission and the creating the link between more than one LAN. The layer 3 mainly includes the EGP, IGRP, IPv4, IPv6 and many more and they are mostly used in the local routers for the purpose of communicating with the networks present outside the network [19].

The communication between two networks or two systems by making use of the basic form of network like the LAN. The construction of LAN is very easy with or without including the servers and this is also restricted by the physical location of the system.  A system which has been taking part in the LAN requires a network adapter which needs to be installed in a proper way [13]. A WAN is mainly associated with covering a larger area and along with this the system in the WAN network is capable of saving data on a real time basis. After this it is also possible to sends the inputs in an easy way as an input for the central computers [14]. There exists four types of network communication and this includes the leased line connection, circuit-switching packet, packet switching or relay of the cell. The IS system is associated with providing a large range of the wireless communication in public domain and this is done by making use different resources along with the priorities. The population density which is related to the public services are mainly visited by numerous users and this is considered that it is in the top of the priority list.

Assumptions for designing the network

One of the good security process includes the separation of the management and the traffic of the users. The VLAM management is mainly done by changing the default VLAN1 and distinction the VLA. For the purpose of contacting with the switch in a remotely manner, there must exist an IP address which is to be configured with the VLAN management [15]. This would initially lead to providing of restriction regarding the establishment of any kind of remote access to the sessions by any unauthorized user. This should done till they are routed to the VLAN management. This would help in providing an additional layer of security for the VLAN. Besides all this the switches are also to be configured in order to accept various SSH sessions which are encrypted [16].

LAN and WAN services design and analysis

The following services should be includes in the network solution for increasing the efficiency and scalability of the SME network.            

• Multi location support for the business
• VOIP
• Video surveillance
• VPN SSL
• MPLS
• Teleconferencing solutions
• QoS
• SOHO
• BYOD
• Data backup
• Virtualization of the servers

The implementation of the LAN and WAN service is possible only by analyzing and designing the network infrastructure which is existing. Along with this there is also a need of analyzing the requirements of the infrastructure [17]. This would help in finding the new requirements of the current system and would also help in the designing of the new system. There is also a need of restricting the normal users and provide levels of authentication this would be initially responsible for increasing the security of the network. Different networking technologies should be evaluated for designing a successful local or wide area network and enabling voice and data communication for reducing the telecommunication cost of the network [18]. The risk of security threats arising from different points in the network should be eliminated. The network should be backed up for handling the emergency conditions and a risk response plan should be created for responding against any attacks.

Conclusion:

The above discussed report helps in concluding to the fact that there is a need of designing a high level network architecture for the SME. For this there is need of identifying the scopes and limitations of the project. There is also a need of analyzing the requirements of the business in order to design the total network. The report has also documented the user community and the network application which would be supported by the system. The security features and policies that should be followed for securing the network from external entities are discussed in the report. Besides this the failover and the redundancy plan has also been provided in this report for the purpose of avoiding the risk of link failure and responding during emergency conditions. A logical and a physical design has also been created in this report for the organization and different network topologies have been discussed for the purpose of development of the network.

Routing protocols used

References

Wang Y, Chi N, Wang Y, Tao L, Shi J. Network architecture of a high-speed visible light communication local area network. IEEE Photonics Technology Letters. 2015 Jan 15;27(2):197-200.

Wang Y, Chi N, Wang Y, Tao L, Shi J. Network architecture of a high-speed visible light communication local area network. IEEE Photonics Technology Letters. 2015 Jan 15;27(2):197-200.

Sikdar B. A study of the environmental impact of wired and wireless local area network access. IEEE Transactions on Consumer Electronics. 2013 Feb;59(1):85-92.

Ghosh A, Thomas TA, Cudak MC, Ratasuk R, Moorut P, Vook FW, Rappaport TS, MacCartney GR, Sun S, Nie S. Millimeter-wave enhanced local area systems: A high-data-rate approach for future wireless networks. IEEE Journal on Selected Areas in Communications. 2014 Jun;32(6):1152-63.

Pang L, Li H, Pei Q. Improved multicast key management of Chinese wireless local area network security standard. IET communications. 2012 Jun 14;6(9):1126-30.

Kazemian P, Varghese G, McKeown N. Header Space Analysis: Static Checking for Networks. InNSDI 2012 Apr 25 (Vol. 12, pp. 113-126).

He K, Wang Y, Wang X, Meng W, Liu B. GreenVLAN: An energy-efficient approach for VLAN design. InComputing, Networking and Communications (ICNC), 2012 International Conference on 2012 Jan 30 (pp. 522-526). IEEE.

Rafel A, Parkin N, Farrow K, Wright P, Nesset D. Automatic restoration over a type B dual parented PON using VLAN switching. InOptical Communication (ECOC 2013), 39th European Conference and Exhibition on 2013 Sep 22 (pp. 1-3). IET.

Kim H, Feamster N. Improving network management with software defined networking. IEEE Communications Magazine. 2013 Feb;51(2):114-9.

Alimi IA, Mufutau AO. Enhancement of network performance of an enterprises network with VLAN. American Journal of Mobile Systems, Applications and Services. 2015 Jul;1(2):82-93.

Kim H, Schlansker M, Santos JR, Tourrilhes J, Turner Y, Feamster N. Coronet: Fault tolerance for software defined networks. InNetwork Protocols (ICNP), 2012 20th IEEE International Conference on 2012 Oct 30 (pp. 1-2). IEEE.

Nolan KE, Guibene W, Kelly MY. An evaluation of low power wide area network technologies for the Internet of Things. InWireless Communications and Mobile Computing Conference (IWCMC), 2016 International 2016 Sep 5 (pp. 439-444). IEEE.

Ban YL, Chen JH, Li JL, Wu Y. Small-size printed coupled-fed antenna for eight-band LTE/GSM/UMTS wireless wide area network operation in an internal mobile handset. IET microwaves, antennas & propagation. 2013 Apr 23;7(6):399-407.

Wang S, Chen W, Yin ZQ, Li HW, He DY, Li YH, Zhou Z, Song XT, Li FY, Wang D, Chen H. Field and long-term demonstration of a wide area quantum key distribution network. Optics express. 2014 Sep 8;22(18):21739-56.

Chu FH, Wong KL. Internal coupled?fed loop antenna integrated with notched ground plane for wireless wide area network operation in the mobile handset. Microwave and Optical Technology Letters. 2012 Mar 1;54(3):599-605.

Deng Y, Lin H, Phadke AG, Shukla S, Thorp JS, Mili L. Communication network modeling and simulation for wide area measurement applications. InInnovative Smart Grid Technologies (ISGT), 2012 IEEE PES 2012 Jan 16 (pp. 1-6). IEEE.

Henschel R, Simms S, Hancock D, Michael S, Johnson T, Heald N, William T, Berry D, Allen M, Knepper R, Davy M. Demonstrating Lustre over a 100Gbps wide area network of 3,500 km. InProceedings of the International Conference on High Performance Computing, Networking, Storage and Analysis 2012 Nov 10 (p. 6). IEEE Computer Society Press.

Petäjäjärvi J, Mikhaylov K, Pettissalo M, Janhunen J, Iinatti J. Performance of a low-power wide-area network based on LoRa technology: Doppler robustness, scalability, and coverage. International Journal of Distributed Sensor Networks. 2017 Mar;13(3):1550147717699412.

Verma RO, Shriramwar SS. Effective VTP Model for Enterprise VLAN Security. InCommunication Systems and Network Technologies (CSNT), 2013 International Conference on 2013 Apr 6 (pp. 426-430). IEEE.

Kiravuo T, Sarela M, Manner J. A survey of Ethernet LAN security. IEEE Communications Surveys & Tutorials. 2013 Jul 31;15(3):1477-91.

Fischer K, Geßner J. Security architecture elements for IoT enabled automation networks. InEmerging Technologies & Factory Automation (ETFA), 2012 IEEE 17th Conference on 2012 Sep 17 (pp. 1-8). IEEE.

AlHarthy K, Shawkat W. Implement network security control solutions in BYOD environment. InControl System, Computing and Engineering (ICCSCE), 2013 IEEE International Conference on 2013 Nov 29 (pp. 7-11). IEEE.

Chen L, Chen X, Jiang J, Yin X, Shao G. Research and practice of dynamic network security architecture for IaaS platforms. Tsinghua Science and Technology. 2014 Oct;19(5):496-507.

Rauscher R, Acharya R. A network security architecture to reduce the risk of data leakage for health care organizations. Ine-Health Networking, Applications and Services (Healthcom), 2014 IEEE 16th International Conference on 2014 Oct 15 (pp. 231-236). IEEE.

Order an Essay Now & Get These Features For Free:

Turnitin Report

Formatting

Title Page

Citation

Outline

Place an Order