User Requirements
In the following report, user requirements regarding network expansion and implementation are documented side by side analysing the Local Area Network (LAN) of uSoft.com headquarters. The headquarters of the company uSoft is undergoing an expansion and the associated networks are also to be affected.
Having conducted the necessary calculations to provide network accesses to all endpoints of the expanded network, diagrams are created detailing the logical representation and physical orientation of the final network. A handful of assumptions has been made after summarizing the requirements for the propped expansion of uSoft headquarters. The discussion begins with by shortly describing the work of the company after which the report dives deep into the requirements based on the floor plan and talks about securing the network and other details in the logical design. With the calculations sorted out, physical and logical network diagrams are provided and concluding notes are mentioned.
A global software provider, uSoft.com has been in the business of providing custom solutions for institutes in the biomedical engineering field for over 30 years. Its low-code development platform enables modelling of ideas in a simplistic manner. Its solutions and services help organizations in taking educated decisions, managing privacy and biometric authentication (Schindelin et al. 2015).
|
Branch |
Number of Employees |
Servers |
Number of connections |
Number of floors |
|
Headquarters |
70 |
9 |
70*2(PC+IP Phone) + 9 = 149 |
6 |
|
Branch1 |
13 |
2 |
13*2(PC+IP Phone) + 2 = 28 |
2 |
|
Branch2 |
13 |
2 |
13*2(PC+IP Phone) + 2 = 28 |
2 |
|
HQ to B1 |
2 |
|||
|
HQ to B2 |
2 |
|||
|
Total |
209 |
For the complete network, the major network 172.16.123.0/22 is used to create a total offive subnets. These five subnets in combination facilitate the networks uSoft headquarters, branch1, branch2, HQ – branch1 and HQ – branch2 respectively.
The complete network is secured by a state of the art enterprise grade firewall solution which is set up at the company headquarters.
For every branch, the number of devices which include PCs and IP phones is thought to be 28. The total employee count is 13. These employees are placed in six departments across 2 floors of the building of each branch.
All the devices of the branches as well as the headquarters use Wireless Area Networks (WAN) to connect to the network through the wireless access point present in the floor.
The servers are connected directly from the switch with Ethernet cables.
The main router of the headquarters connects to routers of the branches with the help of two dedicated switches.
The complete network is secured by a state of the art enterprise grade firewall solution which is set up at the company headquarters.
Individual PCs and IP phones are further secured via corporate security applications.
Logical and Physical Network Diagrams
To ensure mobility of work each employee is assigned an IP Phone. There are 70 employees in the headquarters so the number of IP phones for headquarters are 70. Similarly the two branches of the company having 13 employees each have a total of 13*2= 26 IP phones.
The complete network is protected by an enterprise grade Firewall solution which is installed in the company headquarters. The firewall provides a security cover for every network component including routers and switches. Apart from that every device from PC to IP Phone is further secured through anti malware application packages.
The company network is allocated a class B IP address with 1022 assignable IPs. The minimum total network bandwidth is chosen to be 2000 MB/s.
The mandatory applications that need to be installed are SOPHOS security for the firewall, Nod32 antivirus for security application on individual devices, VMware to facilitate virtual access along with built in windows application – Remote Desktop.
Remote access is carried out in two ways. In every office and on each floor wireless access points are set up. This helps in accessing the network components and execution of administrative actions on the network remotely. Individual client devices are also remotely accessible through the remote desktop application while VMware helps in establishing miniature virtual LAN connections among selected group of devices.
The performance of the network is expected to meet the accumulated load of all 209 network components simultaneously at any given time. The bandwidth of the network is chosen to meet the above criteria with decent internet speeds at peak load.
The networks for each floor of the offices of the company is internally segmented and admins continuously exercise the Quality of Service (QoS) technology to manage the data traffic in the network by setting priorities on the various types of data.
Voice over Internet protocol (VoIP) is an absolute must for the companies as employees have to actively take part in meetings with either clients or other internal teams and executives and the process follows even beyond their office work hours. For this purpose each employee is assigned an IP phone with VoIP facility enabled.
This section contains all aspect of the proposed solution in details with justification.
May have sub sections such as:
4.1 Security: The entire network is secured primarily with the help of a leading industry standard firewall solution similar to ones provided by Cisco, SOPHOS and is installed in the headquarters of the company uSoft.com (Hils, Young and D’Hoinne 2015). The internet connection is screened by this firewall even before it gets to the router of uSoft headquarters, thus ensuring all components and endpoints pertaining to the network are protected. The client nodes of the network comprising PCs and IP phones are further protected by corporate versions of multi-layered security applications similar to solutions from Eset that excel in preventing viruses and malware from compromising systems (Schuh 2013). These solutions also act as backup security if by any chance the firewall securing the network is down. Malicious files can also spread during file transfers from external devices commonly external hard disks and pen drives.
Network Security
4.2 Wireless Networks: The individual devices namely IP phones and PCs having been connected to the network over WAN with the help of the wireless access point residing in the floor reduces the unnecessary burden of complications relating to cable management in the office rooms (Schulz-Zander et al. 2014). This also alleviates risks concerning cable damage which gradually occur with day to day usage.
4.3 Virtual LANs: As of (Liyanage and Gurtov 2014), Virtual Local Area Networks (VLANs) play a critical role in enterprise networks and are used in the offices of uSoft headquarters as well as that of the branches so as to enable remote access activities like remote desktop access and sharing of printers from every single device.
- IP Address Allocation Plan: Student ID – 23114104
IP Address range: 172.16.1XY.0/22 (X and Y being first two digits of Student ID respectively) à 172.16.123.0/22
Total number of possible IPs from the main network – 1022
172.16.123.0/22 exists within the range 128 and 192 which makes it class B type IP address
Subnet mask of class B type IP address – 255.255.0.0 (since default value of CIDR – 16)
When CIDR = 22, corresponding subnet mask is 255.255.252.0
Here six bits are borrowed from the host address (27+ 26+ 25+ 24+ 23+ 22 = 252)
Total networks available – 26 – 64 (6 – number of borrowed bits).
Total IP addresses available per network – (22 – 2) = 2 (2 – remaining host bits)
But maximum available connections – 127 which is short of what is required for the headquarters (149).
When CIDR = 24,
IP address range: 172.16.123.0/24, corresponding subnet mask is 255.255.255.0
Total networks available – 20 = 1 (0 – number of borrowed bits)
Total IP addresses available per network – (28 – 2) = 254 (8 – remaining host bits)
Here network access is provided to devices in the uSoft headquarters through the network address 172.16.120.0 and broadcasting address 172.16.120.255 with the following range of assignable IPs: 172.16.120.1 – 172.16.120.254
Total number of network connections required for each of the two branches is 28.
So with CIDR = 27, a total of (254-224) = 30 connections can be allocated per network
Subnet mask 255.255.255.224, after borrowing 3 bits from host (27+ 26+ 25 = 224)
Network addresses – 172.16.121.0 and 172.16.121.32 provide network access to the branches with the following range of assignable IPs: 172.16.121.1 to 172.16.121.30 and also 172.16.121.33 to 172.16.121.62.
Two connections are requirement to route between uSoft headquarters and the branches.
Wireless Networks
With CIDR = 30, resulting subnet mask is 255.255.255.252 where 6 bits are borrowed (27 + 26 + 25 + 24 + 23 + 22 = 252)
The network addresses are 172.16.121.64 and 172.16.121.68 with the ranges of assignable IPs: 172.16.121.65 to 172.16.121.66 for one switch and 172.16.121.69 to 172.16.121.70 for the other.
- Logical Network Diagram: Logical network diagrams are used to describe the network implementations that can be found in network layer of Open Systems International (OSI) model and comprises of information regarding systems and devices of the network (Bora et al. 2014). The network layer is the third layer of abstraction and presents a logical representation of the network. The logical network diagram for the expanded network of uSoft is as follows.
- Physical Network Diagram: The purpose of physical network diagrams is to provide a visual representation of computer networks. These diagrams give a precise account of the network layout and the actual orientation of interacting components that include devices, hubs, routers, firewalls/security and all everything that is part of the network. The physical arrangement shown by physical network diagrams even includes cables. In other words, these diagrams serve as blueprints of the physical network implementation similar to what is found in floor plans but exclusively describing the network. Physical network diagram for the expanded network of uSoft is shown below.
Conclusions
This study lastly concludes by carefully elaborating the network implementation following the expansion of uSoft’s headquarters. After providing an in-depth view of how the connections to respective devices of every department of a specific floor can exist along with how devices of various departments of a floor of each branch get interconnected with the headquarters of uSoft. The process by which the IP addresses are allocated is shown in a simple structured manner along with mentioning all the necessary calculations required to create the five subnets of the main network based on the user requirements and the listed assumptions. The report has also shared details on how to ensure the security of the network stays fool proof.
Bora, G., Bora, S., Singh, S. and Arsalan, S.M., 2014. OSI reference model: An overview. International Journal of Computer Trends and Technology (IJCTT), 7(4), pp.214-218.
Hils, A., Young, G. and D’Hoinne, J., 2015. Magic Quadrant for Enterprise Network Firewalls. Gartner Inc, 22, p.30.
Holappa, M., 2013. Performance Comparison of LTE ENODEB OSI Layer 2 Implementations; Preemptive Partitioned Scheduling vs. Non-Preemptive Global Scheduling. Master’s Thesis, Degree Programme in Information Networks.
Levin, D., Canini, M., Schmid, S., Schaffert, F. and Feldmann, A., 2014. Panopticon: Reaping the benefits of incremental sdn deployment in enterprise networks. In USENIX Annual Technical Conference (pp. 333-345). USENIX Association.
Liyanage, M. and Gurtov, A., 2014. Securing virtual private LAN service by efficient key management. Security and Communication Networks, 7(1), pp.1-13.
Popovic, G., Arsic, N., Jaksic, B., Gara, B. and Petrovic, M., 2013. Overview, characteristics and advantages of IP Camera video surveillance systems compared to systems with other kinds of camera. Int. J. Eng. Sci. Innov. Technol, 2(5), pp.356-362.
Schindelin, J., Rueden, C.T., Hiner, M.C. and Eliceiri, K.W., 2015. The ImageJ ecosystem: an open platform for biomedical image analysis. Molecular reproduction and development, 82(7-8), pp.518-529.
Schuh, A., 2013. ESET: From a” Living-Room” Firm to a Global Player in the Antivirus Software Industry. Global Business, Mason: Southwestern Publishing, pp.582-585.
Schulz-Zander, J., Suresh, L., Sarrar, N., Feldmann, A., Hühn, T. and Merz, R., 2014. Programmatic orchestration of wifi networks. In USENIX Annual Technical Conference (pp. 347-358). USENIX Association.
Wang, Y., Li, J., Meng, K., Lin, C. and Cheng, X., 2013. Modeling and security analysis of enterprise network using attack–defense stochastic game Petri nets. Security and Communication Networks, 6(1), pp.89-99.
Order an Essay Now & Get These Features For Free:
Turnitin Report
Formatting
Title Page
Citation
Outline
