Network Design Assignment: Designing Network for Eastern Theatre (ELT) Complex
Question
Task: You are required to develop a new network design for Eastern Theatre (ELT) Complexin La Trobe University. Prepare a network design assignment in not more than 8000 words covering all the essential networking concepts.
Answer
Project Introduction
The proposed project of La Trobe University explored in the segments of network design assignment will focus on designing a new campus network for the Eastern Theatre (ELT) Complex. The project of ELT will integrate the latest devices and protocols in order to support the upcoming technologies and adapt the network accordingly. The report will discuss the system design category, which will deal with design disciplines and the required network design that will follow the analysis stage in which all the network requirements will be generated, and leads the implementation. The new network for ELT will be developed so that it can provide the required platform of all the applications, which will be used by La Trobe University.
The new plan developed in the network design assignmentwill have the capacity to develop the network in which the failure of a particular step will not result in a loss in the overall client-server session. The proposed project will use hardware manufactured by CISCO. The report will also provide details of the cabling standards, security details, and Wi-Fi technology that needs to be used in the project of ELT. Apart from these, the report will discuss on capacity planning for the proposed project. The new network will ensure proper security, protocols, and standards so that it can integrate future technologies and should be flexible enough to make certain changes in its design as per the business requirements. As the University has decided to introduce a wireless network to the Eastern Lecture Theatre Complex, my team got the responsibility to design a new network for ELT. The building has various requirements for the implementation of this network and has some design challenges that need to be considered while designing the new network. Moreover, my responsibility in this project will be to manage the entire team for the designing and implementing the new network for ELT. On the other hand, the team members will need to fulfill the requirements of the University. The team needs to ensure that the new network is future proof, which can incorporate future technologies.
The hardware components that will be used in the proposed network should be manufactured by Cisco, as the services from Cisco is well-known and business-centric. The new network that will be developed by the team ensures a corporate design that will integrate proper security measures. All the stakeholders must be distinguished by the policy that will use by the new network. The team also has to ensure that the students will use wireless devices like mobiles, tablets, and watch. However, the staff will use desktop and laptops as per the requirements. Therefore, the team will be responsible to design a network that will comprise both wired and wireless LAN. Apart from this, the design needs to be flexible enough to accommodate certain changes from the University.
Scope and Timeline
Stakeholder Analysis
The stakeholders of La Tobe University for this project can be any individual or group of individuals who are affected by the University or can impact the accomplishments of University-level objectives. The expectations of the stakeholders must reflect the mission and vision of the University along with the primary strategic goals within the strategies. In the proposed project of a new network will impact various stakeholders of the University, which will include the University Council, Personnel, Students, Guardians, Lecturers, Donors and Funders, Community, and Alumni. Both the students and University Council are profound on value for money and their focus is always on cost-effective programs.
The new network of ELT will be used by the Staffs, Lecturers, and students, who are among the internal stakeholders of the University. However, the other stakeholders will be affected by the new network indirectly such as an increase in revenue and providing cost-effective services to the students. As the ELT will be directly used by the staff, students, and lecturers, they will get the major benefit from the new network that will help them to carry out their daily activities smoothly without any interference or failure. If the students get efficient services from the new network, then the Guardians will also be affected indirectly by the improved performance of the students. Therefore, it can be said herein network design assignment that with the introduction of the proposed network design, both the internal and external stakeholders will have a positive impact by which it will help to improve the revenue of the University
Importance of the proposed network design
Secure and robust network design always helps to carry out the business operations safely and smoothly without any issue. Network security breaches can happen any time and thus, it is important to design a network that will integrate proper security measures that will help to grow the overall revenue of the University. Various potential attackers always look for vulnerabilities for exploiting them, which can cause major loss to the organization. The proposed network design will help to improve the performance, efficiency, and productivity of the University. It is true that without a safe IT infrastructure, the University could not achieve a higher IT predictability. However, to ensure a robust network, the University should invest in networks with higher efficiency, flexibility, and security (He et al. 2019).
The proposed network will consider advanced networking technologies and devices that will provide uninterrupted services to ensure cost-cutting and increase its overall revenue. The network proposed in the network design assignmentwill also ensure proper backup and disaster recovery plans to carry out their operations and secure the sensitive data and minimize the costs of monitoring and maintaining (Wairisal and Surantha 2018). The initial costs of implementing the network might be higher, but it will save the additional costs for the University that will be beneficial for the long run. Therefore, in this way, implementing the proposed network will help to increase the overall revenue by reducing the additional costs with effective services to the students. There may be certain periods of downtime because of data breaches causing a loss in productivity, profits, and stability. However, the proposed network will include proper security measures that will ensure the reduction in network downtime, improves productivity, and will eliminate unnecessary losses. It is, however, not just about proper security and revenue, the proposed design can control the accessibility of the users trying to connect the network. This will help the staff and lecturers to promote safe browsing behaviour. The access control can help to minimize any distraction and enhance employee efficiency (Ogie 2017). The proposed network will also help in continuously evaluate and re-evaluate the existing measures for the identification of potential vulnerabilities and weaknesses of the network. Moreover, various outdated systems and software needs to be updated and should be quickly identified for integrating patches.
Project Scope and Out of Scope
The main scope of this project outlined in the network design assignment is to align the business requirements of ELT strategically so that it can have a robust and secure corporate network. Another scope of this project will be identifying the challenges associated with the project design, which will help to consider those challenges while designing the network. Another scope of this project is selecting the cabling standards and network security measures. Various hardware and software requirement analysis will also come under the project scope. The scope of this project also includes the introduction of Wi-Fi technology and capacity planning. However, some of the factors are out of scope for this project, which includes the availability of proper technician for the implementation and prevention of natural disasters, which can slow down the entire project and hamper the project site in which the new network will be implemented. Moreover, the scope of this very significant ad it requires to determine before designing the network.
Timeline
The timeline of the proposed project tracks the events as well as the orders of the events. This timeline offers teams that help to understand the project at a glimpse. The timeline contains a number of tasks and every task has its own duration, and due date. Therefore, the timeline of the proposed project contains the task name and its duration. Every task of the project will contain a starting data and accomplish datethat is to be executed by the teams of the project and manager of the project. The timeline will be also containing the significant tasks of the project and it contains the cabling of the backbone, device cabling, network design, plan of the project, and many more.
The timeline of the proposed project has been provided below herein network design assignment:
Task Name |
Duration |
Start |
Finish |
Network design and implementation for ELT |
38 days |
Tue 25-08-20 |
Thu 15-10-20 |
Preparation for the proposed project |
3 days |
Tue 25-08-20 |
Thu 27-08-20 |
Planning for the new project |
5 days |
Fri 28-08-20 |
Thu 03-09-20 |
Network design |
8 days |
Fri 04-09-20 |
Tue 15-09-20 |
Implementation |
22 days |
Wed 16-09-20 |
Thu 15-10-20 |
Backbone Cabling |
7 days |
Wed 16-09-20 |
Thu 24-09-20 |
Device Cabling |
7 days |
Fri 25-09-20 |
Mon 05-10-20 |
Installing networking components |
3 days |
Tue 06-10-20 |
Thu 08-10-20 |
Network configuration |
5 days |
Fri 09-10-20 |
Thu 15-10-20 |
Network Testing |
4 days |
Fri 16-10-20 |
Wed 21-10-20 |
Project Handover |
1 day |
Thu 22-10-20 |
Thu 22-10-20 |
Ending the project |
1 day |
Mon 23-11-20 |
Mon 23-11-20 |
Table 1: Project timeline
(Source: Created by the learner)
The above timeline has been selected, as proper planning is essential for completing the required design for ELT. The timeline will help to schedule the resources that are required for this project and understand the tasks that have to be performed sequentially and gather feedback for further improvements. All the networks, irrespective of their size have quite related foundational requirements. As the network will support the voice of IP, it is one of the most critical operations if the University is deciding to merge voice services over the data for reducing the overall network costs. Considering these types of problems and discussing the requirements before initiating the project helps in both financially and technically. Considering the all the aspects of above timeline provided in this network design assignment, it is clear that it has been developed as per the University requirements for ELT. The preparation for the project will include meeting with the stakeholders for understanding their needs and expectations from the new network, which will be followed by the planning, designing, and implementation.
Design Challenges
The design of this proposed network will consider the business requirements of ELT. However, there are some challenges as well that should be considered while designing the network. The network design and its strategies identified in this network design assignment must be adjusted for tackling some of the common technical challenges for all the levels of ELT, which are discussed below:
Poor Performance:It is one of the major challenges for the network engineers and it is not simply the total traffic, but total traffic from all directions (Eminov, Golitsyna, and Eminov 2018). Therefore, there is a need forthe right equipment at the midpoints and endpoints for high-speed communication that can support the audio/video streaming. Poor performance is a significant issue of the project. The poor performance of the network engineers and administrators can degrade the quality of the network. It is not only the traffic of the network but it can able to vary the directions of the overall network. Hence, the network engineers and administrators need the correct device at the endpoint for easy communication.
Security: It is also a major challenge that should be considered for the proposed design. The new network should introduce proper encryption that will not only protect the network but also makes it difficult to monitor the activities within the network (Yuskov and Stroganova 2019). Configuration management: Overseeing the network configuration can result in increasing the difficulty within the network and devices might conflict, which becomes challenging in management. Moreover, manually implementing the policies could result in various inconsistencies and errors.
Cost: In most of the cases, the available budgets are not enough to meet the requirements of a project, when it comes to implementing various conventional business services. Thus, it is clear on this network design assignmentthat the design should consider some additional costs that might incur during the network implementation (Fortuna et al. 2016).
Growth: If the network stays the same then it becomes easier for the network administrator to manage the challenges, but it does not remain the same. However, there is constant growth in the network by an increase in the number of devices in the network. There is a tendency that with the additional connections, there becomes an additional potential failure point (Sun, Karwan, and Kwon 2016). The network designer has to consider this challenge while designing the proposed network that will help to design a flexible network. The flexibility will help to adapt to the changes in the network, which will ensure being future proof.
Vendor Lock-in:In order to bring out the best solutions from modern vendors, it is essential to figure out the process of integrating, interoperability, and supporting other solutions (Kobo, Abu-Mahfouz, and Hancke 2017). Thus, modern vendors having the latest equipment must be considered in the proposed project to ensure efficient networking solutions for ELT.
All these challenges have an impact on network design illustrated in the segments of network design assignment. If the aforementioned challenges are not considered while designing the network, then it might negatively impact the design and it will become difficult to achieve the business objectives. Considering the challenges will help to design the wireless network of ELT efficiently and provide efficient services to the students by the lecturers. The network can provide an uninterrupted service if the design is robust and incorporate the required technologies by considering the challenges as well.
Cabling Standards
Cabling layout plays a significant role in designing the network, as it ensures a physical path for establishing communication for the organization. To carry out the cabling design, a professional will be hired for reducing the potential associated with equipment interference. The professional can help the team with a quality idea for selecting the cable type along with their fire code specifications. The proposed network will follow TIA/EIA structured cabling standards, which help to define the process of design, manage, and develop a cabling system (Herbert et al. 2016). The system will be designed in various blocks, which will incorporate very specific characteristics related to their performance. The integrated blocks are arranged in a hierarchical method for creating a unified communication system (UCS). This standard defines the utilization of mainly three types of cables, which include STP (Shielded Twisted Pair), Optical Fibre Cable (OFC), and UTP (Unshielded Twisted Pair) cable.
Moving forward in this network design assignment, to carry out the cabling in the network, Cat 5 Ethernet cables will be used. The Ethernet cables will ensure a proper connection for the Access Points, Switches, routers, and other networking components. As this is a part of the campus network, backbone cabling is necessary and thus, optical fiber will be used to connect other buildings and levels. Moreover, the network will use a hierarchical design for efficient traffic flow. This schema will ensure fast, efficient, and logical patterns for traffic forwarding in the overall network topologies, and at the same time, it will reduce the costs of individual connections at every endpoint (Hassan, Khan, and Lalitha 2016). This hierarchical design will help to incorporate new technologies by which it is easier to adapt the business expansion, security models, and traffic shaping by isolating a LAN into various logical parts, which corresponding to the organizational requirements. Apart from these, the hierarchical design also ensures traffic multiplexing, ease of design, cost savings, and proper security.
The equipment room will provide a termination point to carry out the backbone cabling, which is connected to the telecommunication closets. Cabling will be done as per the levels, open space, and halls of the ELT. The network design will follow a hierarchical design internetworking model, which will be adopted industry wise for adopting a model that will ensure reliability, scalability, and cost-efficient network (Mao 2016). Individual buildings or levels have different equipment rooms in which the equipment closet is connected and this equipment will be further connected to the central facility providing the main cross-connect to the entire campus. However, the backbone cable will run within the telecommunication closet and equipment room. The limitations of cabling are depended on the cable type and the facilities they are connected to. Considering the UTP is 90 meters, the following cabling table has been provided below in the network design assignment:
Type of Cable |
MC to ER |
Single mode fiber |
3000 meters (9840 ft) |
Multimode fibre |
2000 metres (6560 ft) |
UTP < 5 Hz |
800 meters (2624 ft) |
Table: Cabling details
Moreover, as per the design build in this network design assignment, it can be stated that the wiring subsystem of the working area will include various communication outlets, wirings, and RJ45 connectors for connecting the equipment of the lecture area through the horizontal wiring subsystem towards the telecommunication closet. This standard needs two outlets should be provided at individual wall plates for both voice and data.
Traffic characterization
Potential Traffics in the wireless network
Data traffic or network traffic is the quantity of data passing through a network at a provided point of time. The data of the networks are mostly captured in the packets of the networks, which offers the load in the network. Traffic is generally three types that can harm the wireless network-undesired traffic, best-effort traffic, and sensitive traffic.
Undesired traffic: This kind of traffic normally limited the delivery of traffic and spam developed by various malicious attacks, botnets, and worms. Undesired traffic contains such traffic as video streaming services or non-local VoIP (for instance, skype) to safeguard the network market for the ‘in-house’ services. In this system, the method of traffic classification finds the traffic, permitting the network operator to block the traffic completely, or harshly hamper the network (Draper-Gil et al. 2016). Best-effort traffic:it is the non-detrimental traffic that the service provider of the internet isn’t sensitive to QoS metrics (latency, packet loss, and jitter).
Sensitive traffic: In this traffic, the operator expects to deliver the traffic on time. This traffic contains web browsing, video conference, online gaming, and VoIP. The schemes of traffic management are typically personalized in such a way that the QoS is provided prioritized or guaranteed over different classes of traffic.
Here is the bandwidth, jitter, and latency of the traffic discussed in the next part of network design assignment:
Traffic |
Bandwidth |
Latency |
Jitter |
File transfer |
high |
high |
high |
Voice |
high |
Low |
Low |
Video conferencing |
high |
Low |
Low |
Batch data |
high |
high |
high |
Messaging (WhatsApp, e-mail) |
high |
high |
high |
Transaction data |
Medium |
medium |
medium |
Network management |
|
high |
high |
Potential reasons for traffic are described below within the network design assignment:
- Network traffic can happen in the ELT when the number of hosts in the broadcast domains or wireless LANsis increased very much.
- A broadcast storm is another reason for increasing network traffic. Broadcast scam creates a situation where unexpectedly too many requests are coming in the network and the network does not have the capability to process the requests at once.
- Low bandwidth can able to increase the traffic in the network. Low bandwidth can happen in the ELT during the peak video streaming hours. Netflix is consuming around 40% of the overall internet, which results in congestion.
- Another reason for network congestion is multicasting, which permits many devices of the network to communicate with each other simultaneously. Therefore, two packets exchanged at the same time can create a collision. Ultimately, the traffic in the network increases.
- Data transferred through the internet, servers, routers, and switches can cause congestion. If the hardware is outdated, this creates traffic for data transmission (Ke et al. 2018).
- Bad management of the configuration or misconfiguration can create network congestion.
- Border Gateway Protocol (BGP) can increase the network traffic by sending the traffics through a logical path.
- The Internet service provider is responsible for determining the speed of traffic over the network. They can increase the speed of the traffic sending as well as decreasing the speed of traffic sending and they claim it as network management. It is called artificial congestion.
The potential traffic can increase the chances of attack that attacks are described below within this network design assignment:
While deploying a network, an individual or an organization needs to be aware ofa few basic fundamentals. The first basic fundamental which is need to aware is what frequencies are utilized by the network components which is deployed because it is necessary while designing a wireless network. Two main frequency bands used by the wireless LAN is 2.4 GHz and 5 GHz, bands. The choices of frequency do not hamper the risks of network security. the identification of the wireless networks can be done by endpoint devices by utilizing the set of security parameters and SSID.
- Configuration Issue: It is one of the reasons for network vulnerabilities that happens due to various client uses the access point without configuring the security. mostly, rookie user’ssetup the deices without configuring it (Haan, Zhang and Landis 2020). Therefore, the potential issues with the configuration contain weak deployment of security, default usage of SSID, and weak passphrases.
- Peer-to-peer traffic: It is a kind of traffic outlined in this segment of network design assignment where computers are the peers who are connected with another computer through the internet. This kind of attack happens when multiple devices are associated with the same access points (Wu and Zhang 2017). These devices are vulnerable to attacks from other devices.
- Eavesdropping: Eavesdropping is mainly two types- casual eavesdropping and malicious eavesdropping. Casual eavesdropping is sometimes called WLAN discovery, where a wireless client is responsible for actively scans the wireless APs (Sharafaldin, Lashkari, and Ghorbani 2018). In the malicious eavesdropping, a wireless client is always trying to listen to the data transferred within the access point and clients. Therefore, eavesdropping can harm the wireless network of ELT.
- MAC Spoofing: It is one of the common and easy methods for the attackers as discussed in the network design assignment, by using this attacker can control the MAC filtering and make vulnerable the devices which are connected to the network. In this attack, the attacker sniffs the valid mac address and tries to act as a valid mac address. The attacker presents this MAC address as a default gateway and sniffs all the data which are promoted to the default gateway without being identified (Jiang et al. 2018). Therefore, this process helps the attacker to get valuable details about the destination of the Host IP address and the usage of applications.
- Passive Capturing: This attack is executed by getting in range of the wireless network and then it captures and listens to data. further, the data is utilized for various purposes such as analyzing the non-secured traffic and try to break the current security settings. In the wireless network, this chance of preventing this kind of attack is not possible.
- Denial of Service: this kind of attack happens on the different layers; the attackers are mainly flooding the networks by sending a huge amount of malicious packets. By occurring the DoS attack, an attacker can temporarily or completely shut down the network or machine and making the network inaccessible. This kind of is executed by flooding the target network with malicious packets or traffic. the attacker of the DoS attack mostly targets web servers of the big organizations such as the trade organizations, government, media companies, commerce, and banking sector. The attacker follows two general methods for occurring the DoS attack that is crashing services and flooding services. The most common DoS attack is the SYN flood, ICMP flood, and buffer overflow attacks. the main concept of the DoS attack is to send more malicious data packets to the network server than the organization has designed the network to handle.
- Rough access point:As per the research on network design assignment,it is a device that is not sanctioned by the network administrators but it can operate in the network. The access point is mostly set up by an intruder or by anemployee of any organization. This kind of access point is not listed in an SSID. Attackers mostly preferred to set up a rough access point for targeting the wireless networks. The attacker can try to fool some legitimate device to get the legitimate access points. Hence, this type of attack requires physical access to being more effective. By occurring this kind of attack, an attacker can get access to the network physical ports as well as hook up the access point into the port.A rough access point permits the attacker to perform a man-in-the-middle attack. The cyber attacker develops independent connections with the targets and transmits malicious messages between them. Moreover, the attacker developing believes within the victims that they are communicating with each other directly by using a private connection. The attacker also sends fake SSID advertisements like free internet. When a user clicks in this fake advertisement, a fake SSID is added in the wireless configuration of the user’s and the user starts to broadcast the fake SSID and infecting the other users.
Traffic Segmentation
It is the procedure of setting up a group of visitors that will assist the ELT to identify the various sources from which the traffic is being directed and to examine the particular segments of the traffic. It also permits the ELT to find out their strongest as well as the weakest inbound channel (Li et al. 2017). By using traffic segmentation, ELT can strengthen the links that carry most of the traffic. Traffic segmentation can be done in the network by dividing the traffics into smaller parts. The main goal of traffic segmentation noted in this section of network design assignment is to enhance network security and performance. Segmentation controlling the flow of the traffic among the parts. By using this segmentation, the network administrator, students, and staff of the ELT campus can choose to limit the traffic flow by traffic destination, source, type, and other options or stop the flow of traffic in one part from reaching another part. In this system, the security policy of ELTs restricts the students and staff from accessing the administration reporting system. The segmentation of traffic can implement the security policy by avoiding the traffic from reaching the administration system. Therefore, the administrator of the ELT can work better because the traffic segmentation reduces the traffic of the overall network.
Traffic segmentation is very important as it enhances the overall security of the organizations and protects the networks from various malicious attacks and threats. The cyber threat is the hardest type of network threat that is very impossible to prevent. The segmentation of traffic controls the traffic flows among the parts. It selects all the traffic for stopping the flow from one part into another part and it divided the computer network into smaller parts (Khalid, Muhammad and Sharif 2018). Traffic segmentation not only improves security but also enhance system performance. Traditional technologies of traffic segmentation consist of access control list (ACL), virtual local area network (VLAN), internet firewalls within the network equipment’s but these approaches are costly and difficult.
Traffic segmentation is mainly done to restrict access to services, hosts, and sensitive information while ensuring the ELT can continue to operate efficiently. Various parameters will utilize to segment the traffic. The parameters are described below within this network design assignment:
- Weather conditions (raining or sunny)
- Location (State, country, city)
- Behavior (Time since the last visit, number of views of the page, number of sessions, time on site)
- Custom (data from the CRM, particular cookies, GTM attribute of data layer)
- Technology (operating system, device, resolution, browser)
Implementation of traffic segmentation
Traffic segmentation can be utilized in the following ways as illustrated in this network design assignment:
- Layer 3 switches or routers are utilized to divide a large network into multiple smaller networks that can restrict the flow of traffic.
- Routing protocols and virtualized networking that contains virtual forwarding and routing, Virtual LANs are utilized to segment the network (Chiou, Chen and Hsing 2019).
- Virtual functions, containers, and virtual machines are utilizing to isolate the activities of threat levels or different trusts.
- Network access control is needed to implement to control the devices which are connected to the network.
- Firewall software and host-based security are used to filter the traffic of the network.
The segregation of traffic is the practice to distribute the network into multiple sub-networks within devices that transfer the requirements of security. It can be done by separating access to sensitive services like directory services, network management, and file-sharing services. The user group can further segment the network. After the completion of the network segment, appropriate application aware defenses can be used for securing and isolating the network segments (Cassady et al. 2019). The isolation is very much significant for installing the least privilege principle and to block the lateral movement of challenger through the network. The reduction of device communication among the segments provides better visibility and monitors the attempts of the adversary. Physical segmentation utilizes the network device configuration and physical device’s placement for developing the network segments based on functional importance. Physical segmentation is the most secure method for traffic segmentation as it offers better protection against the lateral movement. Therefore, this technique is expensive because it requires separate infrastructure for the subnetworks. Some practices of traffic segmentation implementation are described below within this network design assignment:
The principles of least privilege and need-to-know using need to use. If the host service and network do not require the communication with another host service or network, then segmentation mustn’t be permitted. If the host, network, or services requires to communicate with other services, networks, or hosts on a particular rule of protocol, then traffic segmentation must be restricted (Tambuscioet al. 2018). Authorize access, authenticate, and identify access through each entity to other entity is required herein network design assignment. Each host, service, and the user must have needed access to other hosts, services, and used to restrict the traffic segmentation. Each local service that bypasses or downgrade the strength of identification, authorization, and authentication services must require to monitor closely or disabled as per the requirements.
A list of network traffic requires implementing that permits the traffic which is listed and rejects the unlisted traffics. It only permits good known traffic instead of blocking bad network traffic. Therefore, it provides better security and significantly increases the capacity of the organizations for measuring and detecting the network interruptions (Fan et al. 2019).
Depending upon the sensitivity or criticality, separate hosts and networks are requiring to utilize for operating the business. The utilizes the different hardware and platform depending upon the security domain's integrity requirements and various security classifications for particular hosts or networks.
Each host and network required to segregate and segmented at the lowest level of the OSI model. Therefore, segmentation applies from the application layer and the data link layer. Physical isolation is a required host based, network wise, and appropriate.
What are the benefits of traffic segmentation with regards to the present case of network design assignment?
- Traffic segmentation reduces congestion in the network. The devices of the students of the ELT can be segmented from the staff’s device so that all the students and staffs are unaffected by web browsing.
- The traffic segmentation also limits the damage due to cyberattacks. Therefore, it can improve the cybersecurity of the ELT by limiting the speed of an attack (Zhu et al. 2017).
- It can stop dangerous traffic from reaching vulnerable devices and protects vulnerable devices form various kinds of attacks.
- The segmentation of traffic also reduces the costs that are connected with regulatory compliance by limiting the scope of compliance.
Network Security
- Encryption is the most efficient way to secure the wireless network from attackers. In this design, two encryption methods are used that is Wired equivalent policy (WEP) and wireless protected access (WPA). The same encryption will be used in every router, computer, and other equipment of the network (Rathore et al. 2017).
- Limiting access to the network can enhance network security. in this system, only specific devices of ELT’s members are permitted to access the wireless network. A unique MAC address is used that is able to communicate with the networks.
- Routers lead the malicious attack between the internet and local network. therefore, the router needs to secure to access the strangers in sensitive financial or personal information.
- The default name and pre-set passwords of the routers will also be changed to protect the wireless network.
- Biometric access control will be used in the laboratory that can improve security by denying the access of an unauthorized person to the lab (Perlman, Kaufman and Speciner 2016).
- A 24/7 wireless camera will be used in the ELT that can monitor the campus.
- Various kinds of fire alarm, smart sensors, and cameras are integrated to improve the security of ELT.
Secure framework
In order to secure the framework, various technologies like firewall, VPN, WPA, and WPA2 is utilized.
- Firewall: It is used to prevent unauthorized access from the network. Each message which is leaving or entering the network ae goes through the firewall, it examines the messages for security measures.
- VPN:As identified in the network design assignment, VPN or Virtual Private Network will offer effective security for the members of ELT. By using the VPN all network managers, administrators, students, staff can produce a secure channel within two or more points on a network (Kurniawan et al. 2019).
- WPA & WPA 2: It is the standard security certification that offers mutual authentication to verify advanced encryption and individual users.
- Rough access point checking: Rough access point is huge security concerning risk in the network. It broadcast the SSID and permits anyone to connect in the network without using the password. The area coverage of the network should be scanned periodically to detect the rough access points. Perfect software is required to check the rough access point. The software helps to detect any kind of wireless traffic that is traveling in the network.
- MAC authentication:The readings used to prepare this network design assignmentsignifies that by enabling the MAC authentication traffic can be limited. It only permits the particular devices to connect in the network. Each wireless device has a unique MAC address and serial number that helps the user to protect their network from malicious traffic.
The secure framework can enhance the improve the security of the ELT campus. Security controls and measures, monitor networks, dynamic security culture development can also be used for enhancing the security of the ELT.
Hardware and software requirements
SL No. |
Device type |
Manufacturer |
Model Name |
Cost |
Number of devices |
Total Costs |
1 |
WLC |
Cisco |
AIR-CT3504-K9 |
$ 1349.99 |
1 |
$ 1349.99 |
2 |
Router |
Cisco |
RV160W-A-K9-NA |
$159.99 |
6 |
$959.94 |
3 |
Switches |
Cisco |
SF500-48P-NA 48 |
$699 |
6 |
$4194 |
4 |
Access Point |
Cisco |
145AC |
$162.36 |
6 |
974.16 |
5 |
Security Camera |
Cisco |
WVC210 |
$285.76 |
12 |
$3429.12 |
Various network equipment like WLC, router, switches, access point, and security camera is utilized to design the network for the ELT campus. All the equipment is manufactured by Cisco because it offers a more diverse selection and greater verities of switches. The router manufacture by the cisco supports 100G Ethernet speed and provides greater scalability. The other product like WLC, switches, access points, and security also provides greater scalability and all the equipment last very long. The network can be expanded in the future by simply upgrading the networking equipment as provided below within the network design assignment.
Cisco AIR-CT3504-K9 WLC: It is a highly secure, fast, and affordable wireless LAN controller, that can monitor the access up to 1500 wireless points.
Cisco RV160W-A-K9-NA router: It contains IP security (IPsec) that provides security on the whole campus of the ELT. The integrated port in this Cisco router is 4 and it contains a gigabit Ethernet switch. The connectivity in this router is SFP WAN and single Ethernet (Xie et al. 2019). Cisco SF500-48P-NA 48 switch:It provides a large space in the server room and offers both wireless and wired connections. The switch is a multi-gigabit switch that contains 48 number of ports and 4 number of expansion slots. The Switch also contains stack ports and provides high security to the network. Cisco 145AC access point: The performance of this access point is very high because it provides enterprise-grade MU-MIMO (2 x2). It provides flexible deployment and its flexibility is match and mix. The speed of this access point is 867 Mbps and it provides advanced enterprise call security.
Wi-Fi technology
As stated in the network design assignment, in this system, 802.11ax is used as a wireless technology that is the latest and it is also known as high-efficiency wireless technology or Wi-Fi 6. 802.11ax technology is the evolution of the 802.11ac technology. It provides better range performance, better client capacity, less congestion in the network, and enhance the speeds (up to 4.8 Gbps). This Wi-Fi technology also provides Target Wake Time (TWT) and orthogonal Frequency Division Multiple Access (OFDMA). The TWT is used to reduce the consumption of power by permitting the devices to determine how and when the devices will wake to receiving and sending information. The TWT technology is also able to extend the battery life of devices such as tablets and smartphones as well as the home devices that powered by the battery such as fire alarms and security camera (Zhang et al. 2019). OFDMA enhances the overall output by dividing the channels of Wi-Fi into sub channels, it also permits up to 30 users to distribute a single channel at the same time. The technology also takes advantage of the radio frequency in order to offer faster 2.4GHz performance. 802.11ax also utilized downlink and uplink bandwidth to offer improved QoS (Quality of Service).
Advantages of this wireless network technology include the following points presented in the network design assignment:
- Faster Wi-Fi:it is a faster wireless network technology that runs too much faster than the previous Wi-Fi technology.
- Power efficiency:802.11ax enhances the efficiency of the power by permitting the clients with 20 MHz frequency. TWT is another way that improves the power efficiency that can improve battery life from 3 x to 10 x.
- High order modulation and high performance: The data rate has increased by 25% than the previous version under good conditions. This wireless network technology uses Quadrature Amplitude Modulation (QAM) which is a higher-order modulation (Khorovet al. 2018).
- Better rate-over-range: It normally offers better rates of the data at the same power levels and distances than the other wireless technology. The radio technology within it is also better at receive and transmit levels.
- Multiuser ability:802.11ax provides multiuser abilities with OFDMA uplink and downlink. The OFDMA in the 802.11ax is designed in such a way that it works more clients at lower latency. It is more efficient for short packages and low data rates for email and voice. This system offers a handful of client devices to do network things.
- Simultaneous servicing:It also provides simultaneous services for multiusers. Every user of ELTcan do the network things at the same time if they are doing lower-bandwidth traffic by using this system.
Capacity Planning
As per the research on network design assignment, the planning of the capacity of the main network is a process to confirm that sufficient bandwidth would be provisioned, so the Service Level Agreement (SLA) of the main network could target delay, loss, jitter as well as availability. Within the main network, the requirements of the SLA could be translated in the requirements of bandwidth where the traffics and bandwidths of the link are highly aggregated. The probability of meeting SLA is totally dependent to confirm that the bandwidth of the main network is provisioned sufficiently. The capacity planning mainly utilizes the passive measurements for the main link utilization statistics and it apply the protocols of thumb. Main target of the capacity planning is to ensure the core links constantly are overprovisioned significantly. It also ensures the enough overprovisioned met the SLA requirements as well as peak load.
The IPFIX or IP protocol flow information export is a standard for the flow of IP information that export routers, probes, and other network devices. Various potential criteria can be utilized for aggregating the information flow for developing traffic matrix. This potential criterion can only have utilized when the edge devices like distribution routers are capable to work at flow level. By using the Border gateway protocol (BGP), every router of edge can refer as the peer of BGP. The BGP router in autonomous system should carry out the recursive lookup for recovering the address of BGP next hop. the hop address of BGP next is utilized for forwarding the packets to the destination as it is interconnected with destination address and looking for Interior gateway protocol (IGP). Therefore, the capacity can be planned by aggregating the IPFIX flow statistics that was based on the BGP next hop IP address.
Several things need to be considered for planning the capacity as mentioned in the following section of network design assignment:
- The bandwidth provided by the access point.
- The bandwidth consumes by each user.
Depending upon the things the capacity will be planned for the ELT campus. The bandwidth required by the network managers, administrators, students, and staff is depending upon the applications in which they are used.
Serial No. |
Application |
Bandwidth |
1 |
Data |
>/=28.8 Kbps |
2 |
Internet |
>/=28.8 Kbps |
3 |
Netflix |
5.0 Mbit/sec |
4 |
YouTube |
4.0 Mbit/sec |
5 |
HD video call |
2.4 Mbit/sec |
Therefore, considering the present scenario of network design assignment, it can be stated that capacity can be planned in terms of AP deployment, network capacity, and network coverage. In this system, the planned capacity is linked to Wi-Fi micro-cells, power planning, and HD wireless scheme. Power is planned in such a way, that it is uniformly distributed to the different floors of the ELT campus and it is done by various automatic and manual tools (Bidhandiet al. 2019). The planning is done according to the usage of different types of clients. In this wireless network, an average of 20 devices can work in a wireless cell, they can easily browse the web as well as stream Netflix and YouTube. The capacity is mainly planned to reduce the interference in the access point. In order to plan the power, what level of power is required for the ELT is determined at first. After determining the complexities in the ELT campus, backup generators and UPS are assigned that can provide the power during power outages. The single UPS can handle the load of the equipment up to 20 to 25 minutes. For this reason, a second UPS needs to install as a back-up of the first UPS (Marotta, Avallone and Kassler 2018).
Summary
The network design assignmenthas provided an insight into the new network design for ELT by which it can provide efficient services to the target audience. The report has discussed the scope and design challenges associated with the project. Moreover, the report has also discussed the cabling standards and traffic characterization that will be followed in the proposed project. Furthermore, the report has also provided details of various hardware and software requirements. Finally, the report has discussed the Wi-Fi technology and capacity planning that will be used in the proposed network in order to ensure efficient services.
Reference List
Bidhandi, H.M., Patrick, J., Noghani, P. and Varshoei, P., 2019. Capacity planning for a network of community health services.Network design assignment European Journal of Operational Research, 275(1), pp.266-279.
Cassady, K., Gagnon, H., Lalwani, P., Simmonite, M., Foerster, B., Park, D., Peltier, S.J., Petrou, M., Taylor, S.F., Weissman, D.H. and Seidler, R.D., 2019. Sensorimotor network segregation declines with age and is linked to GABA and to sensorimotor performance. Neuroimage, 186, pp.234-244.
Chiou, J.M., Chen, Y.T. and Hsing, T., 2019. Identifying multiple changes for a functional data sequence with application to freeway traffic segmentation. The Annals of Applied Statistics, 13(3), pp.1430-1463.
Draper-Gil, G., Lashkari, A.H., Mamun, M.S.I. and Ghorbani, A.A., 2016, February. Characterization of encrypted and vpn traffic using time-related. In Proceedings of the 2nd international conference on information systems security and privacy (ICISSP) (pp. 407-414).
Eminov, F.I., Golitsyna, I.N. and Eminov, B.F., 2018. Enterprise infocommunication infrastructure in training of IT-professionals. In International Conference on Information Technologies in Business and Industry.
Fan, J., Tso, I.F., Maixner, D.F., Abagis, T., Hernandez-Garcia, L. and Taylor, S.F., 2019. Segregation of salience network predicts treatment response of depression to repetitive transcranial magnetic stimulation. NeuroImage: Clinical, 22, p.101719.
Fortuna, C., De Poorter, E., Škraba, P. and Moerman, I., 2016. Data driven wireless network design: a multi-level modeling approach. Wireless Personal Communications, 88(1), pp.63-77.
Haan, N.L., Zhang, Y. and Landis, D.A., 2020. Predicting landscape configuration effects on agricultural pest suppression. Trends in Ecology & Evolution, 35(2), pp.175-186.
Hassan, I.M., Khan, H.U. and Lalitha, V.M., 2016. Pedagogical potentials of IEEE 802.11 WLAN to Nigerian universities: a case study of the university of Uyo. International Journal of Information and Education Technology, 6(4), p.256.
He, M., Alba, A.M., Basta, A., Blenk, A. and Kellerer, W., 2019. Flexibility in softwarized networks: Classifications and research challenges. Network design assignmentIEEE Communications Surveys & Tutorials, 21(3), pp.2600-2636.
Herbert, B.M., Weerasinghe, A., Ens, B. and Billinghurst, M., 2017, November. An Adaptive AR Tutor For Cabling a Network Topology. In ICAT-EGVE (Posters and Demos) (pp. 11-12).
Jiang, P., Wu, H., Wang, C. and Xin, C., 2018, May. Virtual MAC spoofing detection through deep learning. In 2018 IEEE International Conference on Communications (ICC) (pp. 1-6). IEEE.
Ke, X., Shi, L., Guo, W. and Chen, D., 2018. Multi-dimensional traffic congestion detection based on fusion of visual features and convolutional neural network. IEEE Transactions on Intelligent Transportation Systems, 20(6), pp.2157-2170.
Khalid, S., Muhammad, N. and Sharif, M., 2018. Automatic measurement of the traffic sign with digital segmentation and recognition. IET Intelligent Transport Systems, 13(2), pp.269-279.
Khorov, E., Kiryanov, A., Lyakhov, A. and Bianchi, G., 2018. A tutorial on IEEE 802.11 ax high efficiency WLANs. IEEE Communications Surveys & Tutorials, 21(1), pp.197-216.
Kobo, H.I., Abu-Mahfouz, A.M. and Hancke, G.P., 2017. A survey on software-defined wireless sensor networks: Challenges and design requirements. IEEE access, 5, pp.1872-1899.
Kurniawan, D.E., Arif, H., Nelmiawati, N., Tohari, A.H. and Fani, M., 2019, March. Implementation and analysis ipsec-vpn on cisco asa firewall using gns3 network simulator. In Journal of Physics: Conference Series (Vol. 1175, No. 1, p. 012031). IOP Publishing.
Li, L., Qian, B., Lian, J., Zheng, W. and Zhou, Y., 2017. Traffic scene segmentation based on RGB-D image and deep learning. IEEE Transactions on Intelligent Transportation Systems, 19(5), pp.1664-1669.
Mao, H., 2016, September. The Design and Application of Intelligent Network Cabling System for Building.Network design assignment In 2nd International Conference on Electronics, Network and Computer Engineering (ICENCE 2016). Atlantis Press.
Marotta, A., Avallone, S. and Kassler, A., 2018. A Joint Power Efficient Server and Network Consolidation approach for virtualized data centers. Computer Networks, 130, pp.65-80.
Ogie, R.I., 2017, February. Cyber security incidents on critical infrastructure and industrial networks. In Proceedings of the 9th International Conference on Computer and Automation Engineering (pp. 254-258).
Perlman, R., Kaufman, C. and Speciner, M., 2016. Network security: private communication in a public world. Pearson Education India.
Rathore, S., Sharma, P.K., Loia, V., Jeong, Y.S. and Park, J.H., 2017. Social network security: Issues, challenges, threats, and solutions. Information sciences, 421, pp.43-69.
Sharafaldin, I., Lashkari, A.H. and Ghorbani, A.A., 2018, January. Toward generating a new intrusion detection dataset and intrusion traffic characterization. In ICISSP (pp. 108-116).
Sun, L., Karwan, M.H. and Kwon, C., 2016. Incorporating driver behaviors in network design problems: Challenges and opportunities. Transport Reviews, 36(4), pp.454-478.
Tambuscio, M., Oliveira, D.F., Ciampaglia, G.L. and Ruffo, G., 2018. Network segregation in a model of misinformation and fact-checking. Journal of Computational Social Science, 1(2), pp.261-275.
Wairisal, M. and Surantha, N., 2018, September. Design and Evaluation of Efficient Bandwidth Management for a Corporate Network. In 2018 International Conference on Information Management and Technology (ICIMTech) (pp. 98-102). IEEE.
Wu, F. and Zhang, H., 2017, December. Identification on peer to peer traffic based on deep learning. In 2017 IEEE 2nd Information Technology, Networking, Electronic and Automation Control Conference (ITNEC) (pp. 1411-1414). IEEE.
Xie, G., Ma, W., Peng, H., Li, R. and Li, K., 2019. Price performance-driven hardware cost optimization under functional safety requirement in large-scale heterogeneous distributed embedded systems. IEEE Transactions on Industrial Electronics.
Yuskov, I.O. and Stroganova, E.P., 2019, July. Analysis of neural network model design for telecommunication corporate network monitoring. Network design assignmentIn 2019 Systems of Signal Synchronization, Generating and Processing in Telecommunications (SYNCHROINFO) (pp. 1-4). IEEE.
Zhang, R., Yan, B., Guo, H., Zhang, Y., Hu, B., Yang, H., Wang, L. and Wang, Y., 2019. A new environmental monitoring system based on WiFi technology. Procedia CIRP, 83, pp.394-397.
Zhu, Y., Liao, M., Yang, M. and Liu, W., 2017. Cascaded segmentation-detection networks for text-based traffic sign detection. IEEE transactions on intelligent transportation systems, 19(1), pp.209-219.