Presentation detailed about SDN (Software Defined Network) overview . It covers from basics like different controllers and touches upon some technical details.
Covers Terminologies used, OpenFlow, Controllers, Open Day light, Cisco ONE, Google B4, NFV,etc
SD WAN Overview | What is SD WAN | Benefits of SD WAN Ashutosh Kaushik
Small Brief on Next Generation SD-WAN
Dynamic business landscape and uncompromised demands of applications and users have driven dramatic transformation in IT Networking after many years of relative stability. Frequent changes in technologies are shifting networking from static Infrastructure to more agile, secured, future ready and hybrid-cloud infrastructure. This created un-precedented network management complexities that has become a growing concern for the enterprise.
Early Generation of SD-WAN providers were primarily focused on cost reduction via replacing MPLS with low-cost broadband.
Infinxt Next Generation SD-WAN handles data and network security with in-built NGFW, SLA based Application Performance Enhancement, Traffic Shaping, Multi/ Hybrid Cloud App aware routing, in addition to the traditional SD-WAN features
Infinxt Product Variants
1. Infinxt – Next Generation SD-WAN
Infinxt provides you with the best of the SD-WAN features that can address any of your WAN challenges. The device itself being a Zone based firewall, provides application visibility and control. The decoupled Data Plane and Control plane provides you with the needed flexibility and efficiency in addressing Day 0, Day 1 and Day 2 challenges.
The solution is industry and business agnostic whereby it would be able to meet any type of WAN requirements. The offering being indigenously made would be able to address unique requirements for niche industries too through customization
Features
2. Infinxt - Next Generation Firewall Powered by Palo Alto Networks
Legacy firewall security solutions react to new threats. Intelligent network security stays ahead of attackers and increases business agility. Infinxt SD-WAN comes with a pre-hosted Palo Alto Networks VM in the Infinxt iEdge devices. This offering is a boon for customers to convert their branches into next generation secured branches with the NGFW security capability of Palo Alto Networks.
3. Infinxt - Next Generation Secure SD-WAN Powered by Palo Alto Networks
The Secure Next Generation SD-WAN offering from Infinity Labs provides its customers with the best of both Network connectivity and Application security. It’s a unique combination where both the VMs are service chained to leverage their proficiency to provide a secured application experience to the users. Along with SD-WAN features it also gives NGFW features Powered by Palo Alto Networks.
Infinxt SD-WAN Console gives a Single UI for both SD-WAN and NGFW for ease of Network Operation and Management.
This feature gives the enterprises a unique proposition to have Palo Alto NGFW on tried and tested Infinxt Edge Device.
Palo Alto Networks Advantages
Analyze the Customer Requirements
Characterize the Existing Network and Sites
Design the Network Topology and Solutions
Design a Network Topology
Design a Model for Network Layer Addressing and Naming
Select the Switching and Routing Protocols
Network Security Design
Network Management Design
Optimize the Network Design
Select Technologies and Devices
Test the Network Design
Document the Network Design
The sole purpose to study Enterprise Network is to create business simplicity across worldwide. The side arms of successful networking are scalability, robustness, fault identification, communication, modularity, security and maintaining privacy. The key for making a network is to provide the essential tools and techniques that will offer the quality of a private/public network.
As I discussed earlier the key purpose is to create business simplicity that means creating IT/Infrastructure simplicity across the cities where an Enterprise Network is connected. Obtaining success in failure/break-down conditions is the main purpose of a network. So to achieve that requirement network designing involves certain topologies, protocols, bandwidth allocation. Topology requirement can be described as maintaining two adjacent networks against any failure in a single link or node. Protocol requirement can be described as using dynamic/static routing protocol to provide routes must be congestion free in a network. Bandwidth allocation is needed to actively allocate extra bandwidth just to maintain the working condition in a network. Design and Modification criteria is all over handed to a person called Network Administrator, who maintains and solely responsible for anything(wanted or unwanted) happens in a network.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Presentation detailed about SDN (Software Defined Network) overview . It covers from basics like different controllers and touches upon some technical details.
Covers Terminologies used, OpenFlow, Controllers, Open Day light, Cisco ONE, Google B4, NFV,etc
SD WAN Overview | What is SD WAN | Benefits of SD WAN Ashutosh Kaushik
Small Brief on Next Generation SD-WAN
Dynamic business landscape and uncompromised demands of applications and users have driven dramatic transformation in IT Networking after many years of relative stability. Frequent changes in technologies are shifting networking from static Infrastructure to more agile, secured, future ready and hybrid-cloud infrastructure. This created un-precedented network management complexities that has become a growing concern for the enterprise.
Early Generation of SD-WAN providers were primarily focused on cost reduction via replacing MPLS with low-cost broadband.
Infinxt Next Generation SD-WAN handles data and network security with in-built NGFW, SLA based Application Performance Enhancement, Traffic Shaping, Multi/ Hybrid Cloud App aware routing, in addition to the traditional SD-WAN features
Infinxt Product Variants
1. Infinxt – Next Generation SD-WAN
Infinxt provides you with the best of the SD-WAN features that can address any of your WAN challenges. The device itself being a Zone based firewall, provides application visibility and control. The decoupled Data Plane and Control plane provides you with the needed flexibility and efficiency in addressing Day 0, Day 1 and Day 2 challenges.
The solution is industry and business agnostic whereby it would be able to meet any type of WAN requirements. The offering being indigenously made would be able to address unique requirements for niche industries too through customization
Features
2. Infinxt - Next Generation Firewall Powered by Palo Alto Networks
Legacy firewall security solutions react to new threats. Intelligent network security stays ahead of attackers and increases business agility. Infinxt SD-WAN comes with a pre-hosted Palo Alto Networks VM in the Infinxt iEdge devices. This offering is a boon for customers to convert their branches into next generation secured branches with the NGFW security capability of Palo Alto Networks.
3. Infinxt - Next Generation Secure SD-WAN Powered by Palo Alto Networks
The Secure Next Generation SD-WAN offering from Infinity Labs provides its customers with the best of both Network connectivity and Application security. It’s a unique combination where both the VMs are service chained to leverage their proficiency to provide a secured application experience to the users. Along with SD-WAN features it also gives NGFW features Powered by Palo Alto Networks.
Infinxt SD-WAN Console gives a Single UI for both SD-WAN and NGFW for ease of Network Operation and Management.
This feature gives the enterprises a unique proposition to have Palo Alto NGFW on tried and tested Infinxt Edge Device.
Palo Alto Networks Advantages
Analyze the Customer Requirements
Characterize the Existing Network and Sites
Design the Network Topology and Solutions
Design a Network Topology
Design a Model for Network Layer Addressing and Naming
Select the Switching and Routing Protocols
Network Security Design
Network Management Design
Optimize the Network Design
Select Technologies and Devices
Test the Network Design
Document the Network Design
The sole purpose to study Enterprise Network is to create business simplicity across worldwide. The side arms of successful networking are scalability, robustness, fault identification, communication, modularity, security and maintaining privacy. The key for making a network is to provide the essential tools and techniques that will offer the quality of a private/public network.
As I discussed earlier the key purpose is to create business simplicity that means creating IT/Infrastructure simplicity across the cities where an Enterprise Network is connected. Obtaining success in failure/break-down conditions is the main purpose of a network. So to achieve that requirement network designing involves certain topologies, protocols, bandwidth allocation. Topology requirement can be described as maintaining two adjacent networks against any failure in a single link or node. Protocol requirement can be described as using dynamic/static routing protocol to provide routes must be congestion free in a network. Bandwidth allocation is needed to actively allocate extra bandwidth just to maintain the working condition in a network. Design and Modification criteria is all over handed to a person called Network Administrator, who maintains and solely responsible for anything(wanted or unwanted) happens in a network.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
According to a new Gartner report1, “Around 10% of enterprise-generated data is created and processed outside a traditional centralized data center or cloud. By 2022, Gartner predicts this
figure will reach 75%”. In addition to hosting new 5G era services, the other major network operator driver for edge compute and edge clouds is deploying virtualized network infrastructure, replacing many dedicated hardware-based elements with virtual network functions (VNFs) running on general purpose edge compute. Even portions of access networks are being virtualized, and many of these functions need to be deployed close to end users. The combination of these infrastructure and applications drivers is a major reason that so much of 5G era network transformation resolves around edge cloud distribution.
This proposal incorporated a vision for the network architecture of a new platform Milliman was creating. It was based on research into what was then new technologies like SQL Server Failover and Catalyst (now Cisco) 6500 series switching.
Module name is Networks 512 As the demand for faster and .pdffreddysarabia1
Module name is Networks 512
As the demand for faster and more efficient high-performance computers grows, so do the
dimensions of the form factors that house them. Computer engineers have been tasked for years
with the difficult task of incorporating increasingly powerful computers into and onto
increasingly smaller chassis and printed circuit boards (PCBs), primarily to meet a growing
demand for more reliable, affordable, size-conscious, energy-efficient, and cost-effective
computer systems. This is why the world of embedded systems continues to see boundary-
pushing size, weight, power, and cost developments. 2.1 Use your knowledge of embedded
systems and devices to answer the question below. 2.1.1 What are embedded systems? 2.1.2
What are the various kinds of embedded systems? 2.1.3 What is the difference between soft and
hard real-time embedded systems?
device may require on both the serial and network sides of a connection. Should the device
always be connected to a specific host or PC? Is it possible that multiple hosts or network
devices will want or need to connect to the newly networked serial device? Are there any
specific requirements for an application that requires the serial device to reject a network
connection under certain conditions? The bottom line is that a server must be able to service a
wide range of application requirements while also meeting all of the demands of those
applications. Discuss how device servers are used to improve the usability of various
applications such as: Data Collection, Factory/Industrial Automation, Security Systems, Bar
Code Readers and Point-of-Sale Scanners, Medical Applications, M2M Wireless
Communication/Networking. (30)
1. An extensive telecommunications infrastructure is provided by a structured cabling system,
which is a complete system of cabling and related components. This infrastructure is used for a
variety of purposes, including phone service provision and data transmission across computer
networks. It shouldn't be hardware-reliant. A structured cabling system is further defined in
terms of ownership. At the termination of the service provider (SP), the structured cabling
system starts. The demarcation point (demarc) or network interface device is at this location
(NID). For instance, in the establishment of a telephone system, the SP provides one or more
service lines (per customer requirements). At the line of demarcation, the SP joins the service
lines. 1.1 Explain the significance of structured cabling and the advantages of structured cabling.
(10) 1.2 As a network architecture, you are tasked with designing a network for a six-story office
building, with each floor connecting 5 computers in 5 offices and having a wireless access point
to connect wireless devices. Design a network plan for the building using your knowledge of
structured cabling and various network devices, labeling all the hardware in devices and cabling.
(20)
A specialized network-based hardware device designe.
The given case study describes about the current scenario of Mundrah. It is one of the popular retirement destinations in the West Australian region due to its coastal lifestyle. Being a favoured city in the region, the population stats have reported to be doubled in the past 15years. Due to this surge in population, a great strain has put on the current Council services and infrastructure of the city. The key buildings across the like Mandurah Head Office, Mandurah Aquatic and Recreation Centre, Mandurah Library, Falcon Library, Mandurah Museum, Mandurah Seniors and Community Centre, and Mandurah Waste Management Centre are not well structured when it comes to IT network implementation. Thus, as a network infrastructure consultant to the city, it is aimed to analyse the current network issues and provide optimal solutions that will make the entire network infrastructure well-connected, advance, and secured.
Running head NETWORK INFRASTRUCTURE AND SECURITY 1NETWOR.docxtodd581
Running head: NETWORK INFRASTRUCTURE AND SECURITY
1
NETWORK INFRASTRUCTURE AND SECURITY
2
Project Deliverable 5: Network Infrastructure and Security
CIS 499 – Information Systems Capstone
November 25, 2018
Project Scope
The project will comprise of a network design to meet Acme Corporation network infrastructure requirements. The network should accommodate occasional guest users of up to 10 users. The network design will incorporate an FTP server that will use for sharing files. The project should involve separate subnet for guest and LAN networks; the guest network should be restricted to access only FTP service on the FTP server while all other access to the LAN network will be blocked. The project will also involve IP Network Design as well as identification and configuration details of the hardware utilized (Switches and Routers). Included in the network design is the implementation of a Wireless LAN (WLAN) that minimizes the management effort to configure and manage while allowing effective data transmission between the Wireless Application Protocols (WAPs).
Network design
The network will use a star topology where it provides centralized handling of the network and its’ associated security. Each of the floors of the building will have a central server which host switches that link the different rooms via ethernet cables. Each of the rooms will have a switch that is linked to the central server's router. The servers will be linked via fiber optic cables. The ethernet cables will be utilized for connecting individual devices to their associated switches. The network design will involve the utilization of both wired and wireless media. The wireless media will allow for a network connection for portable devices like tablets, cell phones, and laptops.
The switch links allow the traffic getting into the Acme’s LAN from the MAN not to be congested. As more tablets are utilized in the company, the WLAN bandwidth increases significantly to each room. This requires that the WAPs supporting the 802.11n protocol as well as faster 802.11ac standard require additional power. As a result, switches with PoE+ give the required power. These Switches utilize the existing Category-6 cable (Ethernet cables) that allow for remote administration and configuration (Karris, 2009).
Virtual LANs (VLAN) will be used to enables the network administrator to group users into shared broadcast domains irrespective of their physical position in the internetwork. For instance, computer devices utilized by employees on two different floors may be placed on the same VLAN. The staff has their VLAN while the Guest VLAN is used by guests when using wireless access points.
The company's network perimeter that detaches it from the Internet comprises of two border core routers. The border routers should then link to the Virtual Private Network (VPN) Gateway. The Routers link to the servers, wireless access points and switches as well as the LAN (internal network)..
Running head NETWORK INFRASTRUCTURE AND SECURITY 1NETWOR.docxglendar3
Running head: NETWORK INFRASTRUCTURE AND SECURITY
1
NETWORK INFRASTRUCTURE AND SECURITY
2
Project Deliverable 5: Network Infrastructure and Security
CIS 499 – Information Systems Capstone
November 25, 2018
Project Scope
The project will comprise of a network design to meet Acme Corporation network infrastructure requirements. The network should accommodate occasional guest users of up to 10 users. The network design will incorporate an FTP server that will use for sharing files. The project should involve separate subnet for guest and LAN networks; the guest network should be restricted to access only FTP service on the FTP server while all other access to the LAN network will be blocked. The project will also involve IP Network Design as well as identification and configuration details of the hardware utilized (Switches and Routers). Included in the network design is the implementation of a Wireless LAN (WLAN) that minimizes the management effort to configure and manage while allowing effective data transmission between the Wireless Application Protocols (WAPs).
Network design
The network will use a star topology where it provides centralized handling of the network and its’ associated security. Each of the floors of the building will have a central server which host switches that link the different rooms via ethernet cables. Each of the rooms will have a switch that is linked to the central server's router. The servers will be linked via fiber optic cables. The ethernet cables will be utilized for connecting individual devices to their associated switches. The network design will involve the utilization of both wired and wireless media. The wireless media will allow for a network connection for portable devices like tablets, cell phones, and laptops.
The switch links allow the traffic getting into the Acme’s LAN from the MAN not to be congested. As more tablets are utilized in the company, the WLAN bandwidth increases significantly to each room. This requires that the WAPs supporting the 802.11n protocol as well as faster 802.11ac standard require additional power. As a result, switches with PoE+ give the required power. These Switches utilize the existing Category-6 cable (Ethernet cables) that allow for remote administration and configuration (Karris, 2009).
Virtual LANs (VLAN) will be used to enables the network administrator to group users into shared broadcast domains irrespective of their physical position in the internetwork. For instance, computer devices utilized by employees on two different floors may be placed on the same VLAN. The staff has their VLAN while the Guest VLAN is used by guests when using wireless access points.
The company's network perimeter that detaches it from the Internet comprises of two border core routers. The border routers should then link to the Virtual Private Network (VPN) Gateway. The Routers link to the servers, wireless access points and switches as well as the LAN (internal network)..
The main purpose of this report is to show the practical uses of networking protocols in a real-world scenario. These protocols can increase the efficiency and the security of a network by configuring and using them in a correct manner.
To demonstrate the networking protocols, the author has chosen Ethernet/LAN network due to the wide use of Ethernet/LAN in the business world. To demonstrate that in a real-world- scenario, the author has chosen the photography industry and the Rythmo Studio as the client.
In this report, the author will discuss some of the networking protocols and provide a new network design for Rythmo Studio with evidence of protocol implementation in a network simulation application.
Running head NETWORK DESIGN PROPOSALNETWORK DESIGN PROPOSAL.docxtoltonkendal
Running head: NETWORK DESIGN PROPOSAL
NETWORK DESIGN PROPOSAL15
NETWORK DESIGN PROPOSAL
Student’s Name
Professor’s Name
UNIVERSITY OF MARYLAND
Course Title
Physical Network Design
1. Network Topology
The purpose of this paper is to present a proposal of network architectural system; it explains analysis of a detailed network arrangement with the networking infrastructure. This paper includes the study of physical topology according to the business needs for establishing a network layout such as premises of campus of “University of Maryland” is connected along with the departments, library, rooms, laboratory, and grounds with the network connections. The data must be secured for the campus teachers as well as students through all network arrangements. The new network system should also take into consideration the future development of the campus with more labs, library, computer, classrooms other offices in the building locations. So the proposed layout of the network layout is worthwhile for University (Stewart, 2008).
A general layout of a network that is topological with a protected system linking within the campus of the college:
Business Needs
The Cisco Enterprise Specialist of the IT Business association is for IT professionals to help them provide their business with innovation to improve their business output. The IT experts will groom their skills as part of this association such as:
· Assessing the technological alternatives within a business connection
· Evaluating and meeting the business needs.
· Behaving and talking courteously with business peers.
· Getting knowledge about an aggregate expense of proprietorship and an arrival on speculation IT arrangement's (Eernet, (n.d)).
Proposed topology
It is important to keep the system documentation brief and comprehensive. Initially, at the establishment of a system, the system documentation is generally concise, but when the system changes or develops more, the documentation needs to be redesign. System topology maps usually present a unique floor arrangement. When there are changes in the floor arrangements, the necessary steps are taken to change the Diagrams or redline are created to demonstrate the alterations. The changed layout is organized and well presented. An outline that is as-assembled represents how actually a system was created, which can be further altered. It is guaranteed that the existing records reflect the all systems topology changes and arrangement of the as-manufactured floor.
(Cisco.com)
Justification for proposed network topology
The Cisco Services – is a global level organization having more than 9,500 workers in more than 120 countries with more than 380 locations – Cisco Enterprise Architecture Services has a trustworthy public image due to best practices, industry based technological developments, and brilliance. Cisco maintains various network emergency response vehicles (NERV)’s that are deployed by the Cisco employees in case of natural disa ...
1.Wireless Communication System_Wireless communication is a broad term that i...JeyaPerumal1
Wireless communication involves the transmission of information over a distance without the help of wires, cables or any other forms of electrical conductors.
Wireless communication is a broad term that incorporates all procedures and forms of connecting and communicating between two or more devices using a wireless signal through wireless communication technologies and devices.
Features of Wireless Communication
The evolution of wireless technology has brought many advancements with its effective features.
The transmitted distance can be anywhere between a few meters (for example, a television's remote control) and thousands of kilometers (for example, radio communication).
Wireless communication can be used for cellular telephony, wireless access to the internet, wireless home networking, and so on.
# Internet Security: Safeguarding Your Digital World
In the contemporary digital age, the internet is a cornerstone of our daily lives. It connects us to vast amounts of information, provides platforms for communication, enables commerce, and offers endless entertainment. However, with these conveniences come significant security challenges. Internet security is essential to protect our digital identities, sensitive data, and overall online experience. This comprehensive guide explores the multifaceted world of internet security, providing insights into its importance, common threats, and effective strategies to safeguard your digital world.
## Understanding Internet Security
Internet security encompasses the measures and protocols used to protect information, devices, and networks from unauthorized access, attacks, and damage. It involves a wide range of practices designed to safeguard data confidentiality, integrity, and availability. Effective internet security is crucial for individuals, businesses, and governments alike, as cyber threats continue to evolve in complexity and scale.
### Key Components of Internet Security
1. **Confidentiality**: Ensuring that information is accessible only to those authorized to access it.
2. **Integrity**: Protecting information from being altered or tampered with by unauthorized parties.
3. **Availability**: Ensuring that authorized users have reliable access to information and resources when needed.
## Common Internet Security Threats
Cyber threats are numerous and constantly evolving. Understanding these threats is the first step in protecting against them. Some of the most common internet security threats include:
### Malware
Malware, or malicious software, is designed to harm, exploit, or otherwise compromise a device, network, or service. Common types of malware include:
- **Viruses**: Programs that attach themselves to legitimate software and replicate, spreading to other programs and files.
- **Worms**: Standalone malware that replicates itself to spread to other computers.
- **Trojan Horses**: Malicious software disguised as legitimate software.
- **Ransomware**: Malware that encrypts a user's files and demands a ransom for the decryption key.
- **Spyware**: Software that secretly monitors and collects user information.
### Phishing
Phishing is a social engineering attack that aims to steal sensitive information such as usernames, passwords, and credit card details. Attackers often masquerade as trusted entities in email or other communication channels, tricking victims into providing their information.
### Man-in-the-Middle (MitM) Attacks
MitM attacks occur when an attacker intercepts and potentially alters communication between two parties without their knowledge. This can lead to the unauthorized acquisition of sensitive information.
### Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC
Ellisha Heppner, Grant Management Lead, presented an update on APNIC Foundation to the PNG DNS Forum held from 6 to 10 May, 2024 in Port Moresby, Papua New Guinea.
This 7-second Brain Wave Ritual Attracts Money To You.!nirahealhty
Discover the power of a simple 7-second brain wave ritual that can attract wealth and abundance into your life. By tapping into specific brain frequencies, this technique helps you manifest financial success effortlessly. Ready to transform your financial future? Try this powerful ritual and start attracting money today!
Multi-cluster Kubernetes Networking- Patterns, Projects and GuidelinesSanjeev Rampal
Talk presented at Kubernetes Community Day, New York, May 2024.
Technical summary of Multi-Cluster Kubernetes Networking architectures with focus on 4 key topics.
1) Key patterns for Multi-cluster architectures
2) Architectural comparison of several OSS/ CNCF projects to address these patterns
3) Evolution trends for the APIs of these projects
4) Some design recommendations & guidelines for adopting/ deploying these solutions.
1. Advanced Computer Networks
Individual Assignment
Network Design Proposal for a SME
H.M.V.T.W BANDARA
DEPARTMENT OF PHYSICAL SCIENCES & TECHNOLOGY
FACULTY OF APPLIED SCIENCES
SABARAGAMUWA UNIVERSITY OF SRI LANKA
2. 2
Table of Contents
Chapter 1 – Project Introduction................................................................................................... 4
Introduction...................................................................................................................................... 4
Problem in Brief............................................................................................................................... 4
Goals and Objectives of the Project ............................................................................................... 5
Network Designing Criteria............................................................................................................ 6
Chapter 2 – Network Design.......................................................................................................... 7
Network Diagram of the Main Office premises of SmartBuildings Limited Company ............ 7
Assumptions made on designing the Network............................................................................... 9
Chapter 3 - Key Areas of Networking.......................................................................................... 10
Core Area........................................................................................................................................ 10
Server Area..................................................................................................................................... 10
Storage Area................................................................................................................................... 10
VLAN Description ......................................................................................................................... 11
IP Addressing in the network design............................................................................................ 13
IP Address Scheme used in the network Design ......................................................................... 14
Chapter 4 - Network Protocols used in the Network Design......................................................... 15
Routing Protocols........................................................................................................................... 15
DNS (Domain Name System) ........................................................................................................ 15
DHCP (Dynamic Host Configuration Protocol).......................................................................... 16
STP (Spanning Tree Protocol)...................................................................................................... 16
NAT (Network Address Translation)........................................................................................... 16
VLAN (Virtual Local Area Network) .......................................................................................... 17
RADIUS (Remote Authentication Dial-In User Service) ........................................................... 17
FTP (File Transfer Protocol) ........................................................................................................ 17
SMTP (Simple Mail Transfer Protocol)....................................................................................... 17
Other Techniques used.................................................................................................................. 18
Chapter 5 - Cost Analysis ............................................................................................................ 19
Chapter 6 – Conclusion................................................................................................................ 20
References ................................................................................................................................... 21
3. 3
Table of Figures
Figure 1: Network Diagram for the Main office premises......................................................7
Figure 2: High Level Network Diagram for SmartBuildings Limited Company.................8
4. 4
Chapter 1 – Project Introduction
Introduction
This specific report will be intended in providing the basic network design document for
SmartBuildings Limited Company which is one of the suppliers of energy efficient sensor based
solutions for smart buildings in South Asia. The document will be comprising of the proposed
technologies, proposed network architecture and diagrams, security mechanisms, required
network services, IP addressing schemes, routing protocols, types of devices, software types, cost
analysis of the proposed network solution, problems and issues that will have to be faced while
maintaining the network, future enhancements etc. This project will be exclusively involved with
planning, designing and implementation of the network for the current four storied building that
SmartBuildings Limited Company is currently operating at and future expansions that have been
planned with opening a new branch in different location from the headquarters.
Problem in Brief
SmartBuidlings Limited Company have recently identified a threat from a recognized competitor
in the industry that will eventually affect their business operations. If they do not adapt to a new
technological solution to challenge the competitor, it may lead putting SamrtBuldings out of
Business. In identification of this key issue, upper level management have thought of upgrading
the computer systems and network system to have a better efficiency in the company operations.
The company have planned on investing a substantial sum of money in redesigning and
upgrading the current computer network system with planning on implementing a new
interconnected network such that the company’s headquarters and a new branch that is scheduled
to be opened in the near future should have uninterrupted, highly secured, 99.9% available,
highly reliable, fast and robust computer network system. This document will be intended on
providing the technical documentation for the proposed network solution.
5. 5
Goals and Objectives of the Project
As the key design goals and business objectives the project, designing, developing and
implementation of a network system with following key functional characteristics can be
identified.
Providing a high rate of performance in providing connection to existing legacy systems.
24/7 operation capability at a 99.9% highest level of availability
Providing adequate storage capabilities and providing high data transfer rates
Proving the maximum possible security, integrity and confidentiality for the company’s
operations
Future scalability should be manageable such that network should cope with the future
expansions of the company
Easy serviceability and manageability
Interoperability between different vendors and platforms should be supported
Easy recoverability from network failures, device malfunctions, crashes of the computer
system etc.
Capacity or the network bandwidth should be enough for the existing network operations,
future enhancements and should be providing a maximum amount of simultaneous user
load.
Total Cost of Ownership (TCO) which covers, design costs, development costs,
implementation costs, costs of the network resources and devices, maintenance costs,
power supply costs and future implementation costs should be at a minimum level.
6. 6
Network Designing Criteria
Consists of 300 staff members (will expand in the future) and will be in 4 different
departments (Should have four different vlans named Sales, Marketing, Engineering and
Operations mainly and some other vlans for other functions).
The building consists of 4 floors with different requirements as follows
Top most floor of the building will be used for the Engineering and Operations
Department with 50 wired host machines each (100 wired machines)
The third floor will be used as the basic work place for the CEO (Chief
Executive Officer) and meeting rooms will be situated in this floor. (Total 12
wired hosts)
Also in the third floor itself datacenter with servers (FTP server, Mail server,
Web server, Database, Storage and Backup server), firewall, core switch, router
and other infrastructure will be placed.
Second floor will be used as for Sales and Marketing departments with 60 hosts
each.
First floor will be used as the housing space for the reception office and the
basic customer handling requirements (10 wired hosts)
For the whole building a total of 100 wireless devices will be incorporated with
three different vlans (360 guest users, 40 operational users, 20 for higher
management functions)
7. 7
Chapter 2 – Network Design
Network Diagram of the Main Office premises of SmartBuildings Limited Company
Figure 1: Network Diagram for the Main office premises
8. 8
High Level Network Diagram for SmartBuildings Limited Company
Figure 2: High Level Network Diagram for SmartBuildings Limited Company
9. 9
Assumptions made on designing the Network
Actual VLAN architecture will be different such that each of the floors will devices which
belongs to different VLANs
The total building complex will be covered with wireless LAN and three different VLAN
schemes will be used
VPN over Internet can be used for establishing a secured communication link between
the main office and the remote office
Remote Workers can work remotely by using VPN over Internet.
For security purposes CCTV will be used in each of the floor.
Cloud based services and storage will be used frequently through the network for
different operations.
IP Telephones and IPTV will be used over the network connection and separate VLANs
will be used for those.
10. 10
Chapter 3 - Key Areas of Networking
In this network design in order to meet the given requirements in the specification, Cisco SAFE
Architecture or three-tier architecture was followed. This model consists of three layers namely,
core layer, distributed layer and access layer. Accordingly following key areas of the network
can be discussed.
Core Area
The center of the proposed network is consisting of the following components which are essential
is delivering the exact functionality from the network. They are
1. External connection to the network
2. Connection to the inner server area
3. Enterprise Intranet
4. DC network
5. Disaster Recovery Centre
Server Area
Server Area of the network will be used for the purpose of deployment of servers along with the
applications which run on these servers that are basically related to the operations of the
company. In this case it is proposed to dedicated server for functions such as DNS, DHCP, Web,
Mail and Proxy server. Other than that file servers, IPTV servers and other required storage
facilities will be directed here. An internal firewall will be used for security purposes.
Storage Area
High speed San and IPSAN are proposed for the network. For this purpose a dedicated high speed
access consolidated, block level architecture for the network is required. Then it will facilitate
interconnection of shared pools of storage devices to multiple server and different applications
that users are engaged with. Also at user level external storage facilities are also proposed.
11. 11
VLAN Description
Virtual Local area Networks or VLANs can be defined as groups of devices on one or more
LANs that are configured to communicate as if they were attached to the same wire. But these
VLANs are located on a number of different LAN segments inside a network. As VLANs are
based on logical connections instead of physical connections, it is extremely flexible to manage
VLANs. Also VLANs are capable of providing a layer of network security and cost reduction
option as they are helpful in logically separating hosts which are connected to the same switch,
so no need of additional switches for each LAN segment. Although in the network diagrams that
has been used in this document represent VLANs as physical LANs within the floors, it is not
so. Those VLANs are drawn in such manner only for easy recognition purpose. When further
explaining, in this network there different hosts which are in the same floor, adjacent to each
other may be not belonging to the same VLAN.
VLAN Number Name of the VLAN Description
VLAN 20 Engineering This VLAN will be used in grouping 50
wired hosts for Engineering department.
VLAN 30 Operations This VLAN will be used in grouping 50
wired hosts for Operations department.
VLAN 40 CEO_Office This VLAN will be used in grouping 12
wired hosts which belongs to CEO Office &
Meeting Rooms
VLAN 50 DMZ This VLAN will be used in grouping 20
wired hosts for severs and other
infrastructure.
VLAN 60 Sales This VLAN will be used in grouping 70
wired hosts for Sales department. (60 hosts
in the 2nd
floor and 10 hosts reception
office)
VLAN 70 Marketing This VLAN will be used in grouping 60
wired hosts for Marketing department.
VLAN 80 Wireless_guests This VLAN will be used in grouping 360
wireless hosts for guest users. Normally
12. 12
anyone in the building including customers
and staff members, will be allowed to use
this wireless connection for connecting to
the internet.
VLAN 90 Wireless_Operational This VLAN will be used in grouping 40
wireless hosts for Operations staff.
(IT/Systems/Networking)
VLAN 100 Wireless_Exclusive This VLAN will be used in grouping 20
wireless hosts for higher level management
including CEO.
VLAN 110 IP_Telephones This VLAN will be used in grouping, 30
host ids for IP telephone functions
VLAN 120 IP_TV This VLAN will be used in grouping 8 host
ids for IP TV functions
VLAN 130 CCTV This VLAN will be used for all the CCTV
related functions in the building (30 hosts)
VLAN 140 Remote This VLAN will be used in grouping hosts
for remote access functions(254 hosts for
VPN over Internet)
VLAN 95 Management This VLAN will be used in grouping hosts
for System Administration purposes (254
hosts)
VLAN 96 Disaster_Recovery This VLAN will be used in grouping hosts
for Disaster Recovery purposes (254 hosts)
13. 13
IP Addressing in the network design
In networks IP addresses are used for uniquely identifying the hosts or devices which are
connected to networks. . As a mechanism of increasing the number of hosts without much
lengthening the address, all IP addresses are divided into portions. One part pinpoints the network
(the network number) and the other part recognizes the specific machine or host within the
network (the host number). Subnet masks and prefixes identify the range of IP addresses that
make up a subnet, or group of IP addresses on the same network. For example, a subnet can be
used to detect all the machines in a building, department, geographic location, or on the same
local area network (LAN).Dividing an organization's network into subnets permits it to be
connected to the Internet with a single shared network address. Subnet masks and prefixes are
used when a host is attempting to communicate with another system. If the system is on the same
network or subnet, it attempts to find that address on the local link. If the system is on a different
network, the packet is sent to a gateway that then routes the packet to the correct IP address. This
routing is called Classless-Inter-Domain Routing (CIDR).
In this network as the mechanisms of transition between IPV4 & IPV6 which will be used
simultaneously, we will be using the techniques such as NAT44, LSN, NAT64 for address
translation and for tunneling following techniques will be utilized.
6to4 (RFC 3056)
6rd – IPv6 Rapid Deployment (RFC 5569)
Teredo – NAT traversal (RFC 4380)
MPLS - 6PE (RFC 4798) and 6VPE (RFC 4659)
IPv6 over IPv4 (RFC 2893) ,
IPv6 over GRE (RFC 2473)
IPv4-compatible addresses (RFC 2893) - IPv6 address is calculated from
IPv4 address (:: 192.168.100.1)
ISATAP (RFC 5214)
In networking tunneling is the process known as port forwarding which involves transmission of
data intended for use only within a private or corporate network through a pblic network.
Therefore the routing nodes in the public network are unaware of the fact that transmission is
part of the private network. This will be done by using the encapsulation technique and in this
network it will be very much useful.
15. 15
Chapter 4 - Network Protocols used in the Network Design
Routing Protocols
Dynamic Routing – OSPF v2 (Open Shortest Path First) protocol which is based on RFC
2328 standards is proposed to be used as the routing protocol to route inside network
traffic to outside of the network. This protocol can be considered as the key alternative to
EIGRP in most LAN routing deployments and unlike in EIGRP, OSPF is always an open
standard protocol for any modern enterprise network architecture. In OSPF the metric is
to calculate the cost to traverse router links to get to the destination, taking the bandwidth
of the links into account. It develops adjacencies with its neighbors when the link status
changes and sends updates to neighbors in every 30 minutes of time after link state
changes happen. As this protocol consists with some advantages when compared with
other types of protocols, like converging quickly compared to distance vector protocols,
not prone to routing loops, supporting VLSM or CIDR, small size of the routing packets,
matching for any kind of network ranging from small to very large it is the ideal type of
routing protocol for this network.
Default routing – This type of routing will be configured on the core router to route traffic
from inside of the network to ISP router for unknown traffic (to outside networks).
Inter VLAN Routing – Core router will be configured to route traffic between different
VLANs in the network. Traffic will reach the core router from the core switch which will
be connected via a trunk link. Here sub interfaces will be configured and all VLAN
networks will be shown as directly connected routes in the core router’s routing table
DNS (Domain Name System)
DNS will be configured in the DNS server, which will be placed in the server room in the 3rd
floor. All the hosts in this network are assumed to be connected to domain. So, each hosts
(workstations & other devices) have their unique domain name. So,users can use the specific
domain name to connect to each host remotely. But computers cannot understand the name. It
should be converted to numbers called IP address. So, DNS server maintain the map of domain
name of each host to its corresponding IP address. Thus with DNS, management will be more
easy and complexity of network can be reduced.
16. 16
DHCP (Dynamic Host Configuration Protocol)
DHCP service will be installed in the DHCP server which resides in the server room. IP address
pool for different VLAN will be created in DHCP server. So DHCP server dynamically assign
the IP address to the hosts in the network. Static IP address that will be used with in the VLAN
can be removed from the IP address pool (excluded address) in DHCP server. Main advantage
of using this protocol is reliability associated in IP address configuration to hosts. That is
configuration error caused by manual IP assignment can be reduced and tasks of network
administration are simplified.
STP (Spanning Tree Protocol)
The redundant link connection is provided between the switches in each floor to the core switch
located in the server room. Also redundant links will be added in between the 2 distribution
switch and the access switches and again there exists two links from the core switch to the
distribution switch. Purpose of having these extra links is that if one link goes down, there will
be no issue for the communication between the devices and less downtime in the network. But
when extra links are added between network switches, it will create a broadcast storm or loop.
In avoiding this issue, STP protocol can be used with the switches in the network. So, at a time
one active link will be present and another link will be in blocked mode. Once the active link
fails, the redundant link come into active mode from blocked mode.
NAT (Network Address Translation)
In this network design a class B IP address range is being used. But the hosts are not capable
communicating with private IP addresses over the internet as private IP addresses are not routable
in internet. Hence it is needed to convert them to public IP addresses to communicate over the
internet. So NAT takes an important part in this network design and PAT (Port Address
Translation) will be used in the core router to map one or two public IP addresses provided by
ISP to map the private IP address used inside the network. By using PAT, we can save the number
of public IP address used for the translation. Static NAT will be used for the communication of
web server over the Internet as the web server should be visible and accessible from the Internet.
By using NAT, public IPv4 address can be saved and internal IP plan of this network can be
hidden from the outside world.
17. 17
VLAN (Virtual Local Area Network)
In this network design 16 different VLANs are proposed. Each VLANs are for different user
levels and different user groups. For wireless access or WiFi connection also three different
VLANs are proposed to remove uncontrolled broadcast traffic reaching the network in and out.
VLANs also helpful in providing a layer of network security and cost reduction option by
logically separating hosts which are connected to the same switch (no need for additional
switches). Here each VLAN is assigned with different IP address subnet. VTP (VLAN Trunking
Protocol) is used here to manage VLANs and maintain consistency throughout the network. VTP
can manage the addition, renaming, deletion of VLANs from a centralized point without manual
intervention thus it reduces the overhead of network administration.
RADIUS (Remote Authentication Dial-In User Service)
RADIUS server is implemented in the server room in 3rd floor. It provides centralized
authentication, authorization and accounting (AAA) services for users who connect and use the
network service. It is mainly used to authenticate the users attached to wireless network in CEO
office & meeting room in the same floor. Reporting and tracking based on the client usernames
becomes easy with this deployment.
FTP (File Transfer Protocol)
FTP server will be also installed in the server room of 3rd floor. This is used for the file transfer
within the network. The files that needs to be shared, will have to be uploaded to the FTP server.
So, the clients can access the shared files using a specialized program called FTP client. The key
motive behind suggesting a FTP server for file transferring purposes within the network is that
efficient bulk transferring of data is possible with FTP server. It will be possible to send not only
multiple files but multiple directories at the same time.
SMTP (Simple Mail Transfer Protocol)
SMTP Mail server will be placed in the server room in the 3rd
floor. SMTP servers are more
reliable when sending mails to clients. They deliver mail to recipients quickly, they offer
reliability in sending email messages (SMTP server will always try to re-send the same email
until the transmission becomes successful), spam messages can be controlled in the central
location and mailbox capacity is limited to hardware capacity.
18. 18
Other Techniques used
ACL – Access control lists are used in firewall to filter traffic from outside, reaching the internal
network. This will provide security from intruders and will avoid suspicious traffic entering the
network.
VPN – Virtual private network is used for the communication between main site and the mobile
worker. VPN is using an encrypted tunnel for the data transfer over the existing Internet
infrastructure. Thus, provide secure and cheap communication for data transfer.
19. 19
Chapter 5 - Cost Analysis
Based on the above design criteria following cost analysis was done which will describe the total
cost involved in the project.
Item No of
Units
Unit Cost Total Cost URL (Click to view)
Workstations 250 Rs.99,500 Rs.3,980,000 Workstations
Monitors 250 Rs.27,500 Rs.6,875,000 Monitors
Other Peripherals(Keyboard,
Mouse)
250 Rs.2,000 Rs.50,000 -
Laptop Computers 40 Rs.295,000 Rs.11,800,000 Laptop Computers
Server 1 Rs.344,800 Rs.344,800 Server
Cabling - - Rs.250,000 Cabling
Core Router 1 Rs.1,190,460 Rs.1,190,460 Core Router
Cisco 8 Port Layer 3 Switch
(Core Switch)
1 Rs.163,700 Rs.163,700 Cisco 8 Port Layer 3
Switch
Cisco 12 Port Layer 2 Switch
(Distribution Switch)
2 Rs.136,900 Rs.273,800 Cisco 12 Port Layer 2
Switch
Cisco 24 Port Layer 2 Switch
(Access Switch)
1 Rs.217,300 Rs.217,300 Cisco 24 Port Layer 2
Switch
Cisco 48 Port Layer 2 Switch
(Access Switch)
7 Rs.300,000 Rs.2,100,000 Cisco 48 Port Layer 2
Switch
External Firewall (IPS
Enabled)
1 Rs.388,940 Rs.388,940 External Firewall
Internal Firewall 1 Rs.181,650 Rs.181,650 Internal Firewall
Wireless Access Points 4 Rs.104190 Rs.416760 Wireless Access Points
IP TV 5 Rs.180,000 Rs.900000 IP TV
IP Telephones 12 Rs.13500 Rs.162000 IP Telephones
Storage (NAS) 1 Rs.161,750 Rs.161,750 Storage (NAS)
Online UPS (Backup Power) 6 Rs.217,580 Rs.1305480 Online UPS
Total Rs.30,761,640
20. 20
Chapter 6 – Conclusion
This report will be providing the basic information related to the network design for
SmartBuildings Limited Company which is one of the suppliers of energy efficient sensor based
solutions for smart buildings in South Asia. In the document the proposed network architecture
with diagrams, tools & technologies, security mechanisms, network services, IP Addressing &
routing protocols, VLAN structure, Cost analysis for the network etc. have been described in
detail. So as the conclusion of the proposed document it is recommended to carry out the project
by referring to the information given in the proposed solution.
21. 21
References
(n.d.). Retrieved 02 16, 2020, from www.lapzone.lk: https://www.lapzone.lk/product-category/servers/
(n.d.). Retrieved 02 16, 2020, from www.router-switch.com: https://www.router-switch.com/
Babalola, L. A. (2012). BASIC DESIGN OF A LOCAL AREA NETWORK FOR SMALL BUSINESSES.
Bachelor's Thesis, CENTRAL OSTROBOTHNIA UNIVERSITY OF APPLIED SCIENCES.
Retrieved 02 14, 2020
Coleman, N. (2012). Network Soluions, Inc. - Statement of Work. Happy Haven Daycare Center.
Retrieved 02 14, 2020
Hernandez, Leonel , VIllanueva,Humberto , Estrada, Sandra. (2018). Proposal for the Design of a New
Technological Infrastructure for the Efficient Management of Network Services and
Applications in a High Complexity Clinic in Columbia. Advances in Intelligent Systems and
COmputing. doi:DOI: 10.1007/978-3-319-67621-0_7
Kugathasan, J. (2017). Network Design Report. Sri Lanka Institue Information of Technology.
Retrieved 02 12, 2020, from
https://www.researchgate.net/publication/322049839_Network_Design_Report?enrichId=rgreq-
b91cca1eb783451dc094d2a00cd35184-
XXX&enrichSource=Y292ZXJQYWdlOzMyMjA0OTgzOTtBUzo2MDg1MDkxMjEwMDM1
MjBAMTUyMjA5MTI4ODY4MA%3D%3D&el=1_x_2&_esc=publicationCoverPdf
Understanding and Configuring VLANs. (2018, 02 15). Retrieved 02 13, 2020, from www.cisco.com:
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-
2/25ew/configuration/guide/conf/vlans.html