Contents
TABLE OF FIGURES .................................................................................................................. 3
LIST OF TABLES......................................................................................................................... 5
Chapter 1 ........................................................................................................................................ 6
Context and Preliminary Investigation ....................................................................................... 6
1.0 Introduction ......................................................................................................................... 7
1.1 Project background ............................................................................................................. 8
1.2
Project Aims and Purpose ............................................................................................ 9
1.3
Project problem ............................................................................................................. 9
1.4
Objectives ..................................................................................................................... 10
1.5
Project scope and plan ................................................................................................ 10
Chapter 2 ....................................................................................................................................... 14
Project Analysis ........................................................................................................................... 14
2.0
Review of related literatures and studies .................................................................. 14
2.1
Research methodology ................................................................................................ 19
2.2
Analysis methodology.................................................................................................. 21
2.3
Functional Requirements............................................................................................ 22
Chapter 3 ...................................................................................................................................... 26
Project Design .............................................................................................................................. 26
3.1
Modeling ....................................................................................................................... 27
Chapter 4 ...................................................................................................................................... 31
Project Implementation .............................................................................................................. 31
4.0 Introduction ....................................................................................................................... 32
4.1
Screen shots and configuration .................................................................................. 34
Chapter 5 ...................................................................................................................................... 48
Testing .......................................................................................................................................... 48
Chapter 6 ...................................................................................................................................... 61
Conclusion and recommendations ............................................................................................. 61
6.1- LEARNED SKILLS ...................................................................................................................... 62
6.2- USER EVALUATION ................................................................................................................. 62
1|Page
6.3- THINGS THAT CAN BE REPLACED IF THE PROJECT WILL BE REPEATED .................................. 68
6.4- RECOMMENDATION TO EXTEND THE PROJECT ..................................................................... 69
6.5- CONCLUSION .......................................................................................................................... 69
REFERENCES .............................................................................................................................. 71
APPENDIX ................................................................................................................................... 73
2|Page
TABLE OF FIGURES
Figure 1: Gantt chart...................................................................................................................... 12
Figure 2: model network ............................................................................................................... 14
Figure 3: connection ...................................................................................................................... 15
Figure 4: Network Village Telco ................................................................................................... 17
Figure 5: Network strategy Satira call ........................................................................................... 18
Figure 6: Packet tracer 7.1.0.0222................................................................................................. 19
Figure 7: waterfall method ............................................................................................................ 20
Figure 8: interview......................................................................................................................... 21
Figure 9: Configure IP .................................................................................................................... 23
Figure 10: Configure switch ........................................................................................................... 23
Figure 11: Test a call ...................................................................................................................... 24
Figure 12: Configure VLAN ............................................................................................................ 24
Figure 13: uses case ....................................................................................................................... 28
Figure 14: Dataflow diagram level 0.............................................................................................. 29
Figure 15: Sequence diagram ........................................................................................................ 30
Figure 16: main branch.................................................................................................................. 35
Figure 17:Telephony configuration ............................................................................................... 35
Figure 18: IP Phone screen 2001 to 2002 ...................................................................................... 36
Figure 19: Second branch .............................................................................................................. 40
Figure 20: IP Phone screen 1001 to 1002 ...................................................................................... 41
Figure 21: IP Phone screen 1001 to 2002 Different Branches ...................................................... 44
Figure 22: IP Phone screen 2002 to 1001 Different Branches ...................................................... 45
Figure 23: Host 0 to Host 1 connection ......................................................................................... 50
Figure 24: Host 0 to Host 2 ............................................................................................................ 50
Figure 25: Host Laptop to PC 0 ..................................................................................................... 51
Figure 26: Test between PC 2 and PC 8 ......................................................................................... 52
Figure 27: PC 3 to PC4 ................................................................................................................... 52
Figure 28: PC4 To PC5 .................................................................................................................... 53
Figure 29: Host10 to host 18 ......................................................................................................... 54
Figure 30: Laptop to host 13 ......................................................................................................... 54
Figure 31: VLAN30 and VLAN40 Hosts communication ................................................................ 55
Figure 32: PC12 and PC15.............................................................................................................. 56
Figure 33: TWO branches VLAN connections ................................................................................ 56
Figure 34: 1001 to 1002 call .......................................................................................................... 57
Figure 35: 1001 to 1015 call between two branches .................................................................... 58
Figure 36: Email sent. .................................................................................................................... 58
Figure 37: website displayed ......................................................................................................... 59
Figure 38: Request timeout ........................................................................................................... 60
Figure 39: Survey ........................................................................................................................... 63
Figure 41: Responses on the question number 1 .......................................................................... 64
Figure 43: Responses on the question number 2 .......................................................................... 65
3|Page
Figure 45: Responses on the question number 3 .......................................................................... 66
Figure 47: Responses on the question number 4 .......................................................................... 67
Figure 48:response5 ...................................................................................................................... 68
Figure 49: Responses on the question number 5 .......................................................................... 68
4|Page
LIST OF TABLES
Table 1: Schedules ......................................................................................................................... 11
Table 2: IP and call numbers ......................................................................................................... 36
Table 3:second branch .................................................................................................................. 40
Table 4: Test1 ................................................................................................................................ 49
Table 5: Test2 ................................................................................................................................ 50
Table 6: Test 3 ............................................................................................................................... 51
Table 7: Test 4 ............................................................................................................................... 51
Table 8: Test5 ................................................................................................................................ 52
Table 9: Test6 ................................................................................................................................ 53
Table 10: Test 7 ............................................................................................................................. 53
Table 11: Test8 .............................................................................................................................. 54
Table 12: TEst 9 ............................................................................................................................. 55
Table 13: Test 10 ........................................................................................................................... 55
Table 14: TEst 11 ........................................................................................................................... 56
Table 15: TEst12 ............................................................................................................................ 57
Table 16: Test 13 ........................................................................................................................... 57
Table 17: TEst 14........................................................................................................................... 58
Table 18: TEST 15........................................................................................................................... 59
Table 19: Test 16 ........................................................................................................................... 59
Table 20: response 1 ..................................................................................................................... 64
Table 21:response2 ....................................................................................................................... 65
Table 22: response 3 ..................................................................................................................... 66
5|Page
Acknowledgement
It is a great pleasure to express my thanks to Dr Sebastin in his stand with me to complete
my graduation project. Also, he has provided me with all the means in completing my graduation
projects and answering all the questions I have posed to him — finally, thanks for all those who
are standing with me to deliver the final year project.
ii
Abstract
The network system it one of the most important for establishing your organisation. On this
project, we are going to upgrade the network for one of the private company. Therefore, they are
using 100Mbps for all the computer, server, printers and WIFI. The plan to the analysis they
network and upgrade to 1Gbps, and it will be ten times faster than they are existing network.
Also, they have some protocol to be considered on our projects like FTP, HTTP and VLANs
iii
List of Figures
Figure 1 Gantt Chart phase 1 ........................................................................................................................ 4
Figure 2 Gantt chart phase 1......................................................................................................................... 5
Figure 3 Investigation plan ............................................................................................................................ 5
Figure 4 GNS3 software interface .............................................................................................................. 20
Figure 5 Switches selection ........................................................................................................................ 21
Figure 6 Routers Selection .......................................................................................................................... 21
Figure 7 Client / computers......................................................................................................................... 22
Figure 8 security devices ............................................................................................................................ 22
Figure 9 interview questions....................................................................................................................... 23
Figure 10 1. How fast computer connected to the network Drive? ............................................................ 25
Figure 11 2. Are you satisfied with the existing network? ......................................................................... 25
Figure 12 3. Did you use any application within your network like? ......................................................... 26
Figure 13 4. Did you Feel your network are slow? ..................................................................................... 26
Figure 14 5. Are you using Network Drivers on your computers? ............................................................. 27
iv
List of Tables
Table 1 Tasks Planning .................................................................................................................................. 4
Table 2 Development Plan ............................................................................................................................ 5
Table 3 Test Plan ........................................................................................................................................... 6
Table 4 Evaluation plan ................................................................................................................................. 6
v
Table of Contents
Acknowledgement ........................................................................................................................................ ii
Abstract ........................................................................................................................................................ iii
Chapter 1 ....................................................................................................................................................... 1
Context and Preliminary Investigation ..................................................................................................... 1
1.1
Introduction ................................................................................................................................... 1
1.2
Project ........................................................................................................................................... 1
1.3
Statement of the Problem .............................................................................................................. 2
1.5 Project Objectives ............................................................................................................................... 2
1.6 Project Scope ...................................................................................................................................... 3
1.7 Project Management Plan ................................................................................................................... 3
a. Project Deliverables and milestones with time scale ........................................................................ 4
b. An Investigation Plan ........................................................................................................................ 5
c. A Development Plan ......................................................................................................................... 5
e.An Evaluation and Test Plan .............................................................................................................. 6
f. Risk Management Plan ...................................................................................................................... 6
Chapter 2 ....................................................................................................................................................... 8
Project Analysis ........................................................................................................................................ 8
2.1 Analysis and Problem Solving Method .............................................................................................. 8
2.2 Research Methodology and Data Collection Procedure ..................................................................... 8
Research Methodology ......................................................................................................................... 8
FTP Protocol .............................................................................................................................................. 8
HTTP Protocol ......................................................................................................................................... 10
TCP/IP ...................................................................................................................................................... 11
Network Security .................................................................................................................................... 12
Security Layer 1: Perimeter Defence ...................................................................................................... 13
Security Layer 2: Operating Systems and Applications Servers .............................................................. 13
Security Layer 3: Protecting the Host ..................................................................................................... 13
Security Layer 4: Data Protection and Segmentation ............................................................................. 14
Security Analysis ..................................................................................................................................... 15
Vulnerabilities ......................................................................................................................................... 15
USB thumb drives.................................................................................................................................... 16
Laptop and netbooks .............................................................................................................................. 16
vi
Lack of Effective Network Security Policy ............................................................................................... 16
The Absence of work force ..................................................................................................................... 16
Obscure questions .................................................................................................................................. 16
VLAN........................................................................................................................................................ 17
Design...................................................................................................................................................... 18
Segmentation Significance ...................................................................................................................... 18
Software Model ................................................................................................................................... 20
Similar Projects ................................................................................................................................... 23
Data Collection Procedure .................................................................................................................. 23
Chapter 3 ..................................................................................................................................................... 28
Project Design ............................................................................................................................................. 28
Proposed network Design ........................................................................................................................... 29
References .................................................................................................................................................. 31
Appendices.................................................................................................................................................. 32
vii
Chapter 1
Context and Preliminary Investigation
1.1 Introduction
In the present time, it is hard to believe that computer networks and systems are protected from
all kinds of viruses and attacks. On the other hand, most of the times, the companies do not
protect their data or information since they believe that the information is not worthy enough to
be targeted. In such circumstances, the unprotected data often falls into the hands of corrupt
people who then misuse the information against the company or the targeted individual. All the
resources that are present in the data of a company are highly resourceful whether it is a small
folder or a huge financial record; it is the duty of the company to protect the data at all costs. The
lack of awareness or lack of negligence towards the security issues can often lead to causing
huge loss to the company. Often, the company is responsible for its negligence towards security
issues; whereas, sometimes, the systems that are being implemente in the computer networks are
responsible for the damage. Due to this reason, it is necessary for the company to take adequate
actions to upgrade the systems according to the changing security challenges. The technology is
advancing in the present time, along with it, the challenges associated with the implementation of
systems, cost related to the system and security challenges are taking a new shape. Therefore, the
companies are required to implement networks that protect their data and provide ease to the
staff working in the company.
1.2 Project overview
The project overview, is going to study about the networks infrastructure, analyse their
performance issues, and going to upgrade their network infrastructure for Al Adawi National
LLC, The Company’s internal server which is use for users for sharing files using FTP protocol
also they have used web application using the HTTP protocol. Additional, upgrade each
department should have separate VLANs.
1
Rationale or Justification for Selecting the Project
The selection of this project because it was exciting topics about upgraded network infrastructure
like there are doing refurbished network from the structure, and it involved on design stage then
using some software like Microsoft Visio and GNS3 software for network design and
implementation.
1.3
Statement of the Problem
The staff, are having issues with slowness on the network because of the traffic on their network.
Second, they have an issue with FTP server also is slow and take time to respond. Also, they
don’t have a dedicated server for web application services. All there network is running in one
range with Class C IP range. All the switches are not in redundancy mode, if any link goes down
their network will go down.
1.5 Project Objectives
The main purpose of this Project work is to build awareness among the people about the
Network Infrastructure upgrade requirement for the organization to fulfill the existing necessities
and the achievements that have been done by the network engineers in the current market.
Furthermore, the motivation behind this work is to build the comprehension of network systems
administration and job hunters current market requirement in the network framework. The
network engineer with his work gives information about the job of outsiders inside networking
and present the components in which the outsider can enhance their work to make and extend
relationship s between individuals from the system. The proposition will likewise produce and
spread information about the advantages gave of an outsider and give counsel on how the
outsiders can make and trade learning and assets to give advantages to the accomplices
associated with systems administration.
General Objectives:
The general objective to make sure all the network they have redundancy with each department
also to make sure all servers they have an access with core switch. Additionally, all the
application / services to be separated to the corresponding server to enhance the server
utilizations.
2
Specific Objectives:
The Project objective is to enforce the company to take adequate actions to upgrade the systems
according to the changing security challenges. The technology is advancing in the present time,
along with it, the challenges associated with the implementation of systems, cost related to the
system and security challenges are taking a new shape. Therefore, the companies are required to
implement networks that protect their data and provide ease to the staff working in the company
1.6 Project Scope
One of the main scope of this article is to design an infrastructure network that will be secured ad
helpful for people in an organization. The people benefitting from such network upgrade are the
employees, who are then able to facilitate the customer in a safe and secure environment. The
major aim behind any network upgrade is to attain performance efficiency so that the employees
are able to perform their day-to-day tasks without any hindrance and within the time limit which
will automatically enhance the company’s throughput. The reliability factor and security also
serves as crucial aspects. The businesses also opt for network upgrade to accommodate the
expanded information being stored in the computer systems of the company; moreover, to
consolidate the data and space. Thus, a company failing to achieve these objectives requires a
network upgrade that can help the company to overcome the issues related to the performance,
reliability, and security of the company. The efficient performance of the computer networks
helps the employees to improve their performance without the fear of being attacked by a
network threats.
1.7 Project Management Plan
In this section of the Network Infrastructure upgrade for Al Adawi National LLC company
project, we are going to have scheduled time as below showing with task and date.The Gantt
chart will explain the plaining of this project and scheduled plan for each task as shown below.
3
a. Project Deliverables and milestones with time scale
Gantt Chart
Network Infrastructure
upgrade for Al Adawi
National LLC company
project
Description
Starting date
Gathering the
Gathering the necessary information
information
about the project requirement
Ending date
14-Oct-2018
25-Oct-2018
26-Oct-2018
3-Nov-2018
Make interview with the manager of
Interview
the Information Technology
Make the different plans of the
Planning
project
4-Nov-2018 14-Nov-2018
Design
Design the Network Infrastructure
15-Nov-2018
15-Dec-2018
Table 1 Tasks Planning
Network Infrastructure upgrade for Al Adawi National LLC
company project
Total Days
0
5
10
15
20
25
Design, 15/11/2018 - 15/12/2018
Planning, 04/11/2018 - 14/11/2018
Interview, 26/10/2018 - 03/11/2018
Gathering the information, 14/10/2018 - 25/10/2018
Figure 1 Gantt Chart phase 1
4
30
35
Figure 2 Gantt chart phase 1
b. An Investigation Plan
Network Infrastructure upgrade for Al Adawi National LLC
company project
Total Days
0
1
2
3
4
5
6
7
8
Visite some floors, 04/11/2018 - 05/11/2018
Distribute a Questionnaire about Network, 25/10/2018 - 01/11/2018
Gathering the information IT Manager, 20/10/2018 - 25/10/2018
Figure 3 Investigation plan
c. A Development Plan
Task
Description
Starting date
Designing Stage
Design network using GNS3 software
Ending date
25-JAN-2019
30-JAN-2019
01-FEB-2018
28-FEB-2019
Make reviews with the manager of the
Implantations
Information Technology department and
stage
others in-charge for that.
Table 2 Development Plan
5
e.An Evaluation and Test Plan
Test Type
Objective
Starting date
Ending date
Black box test
Testing the connectivity between
01-March-2019
15-March-2019
computers and servers for all the users
within organizations
Table 3 Test Plan
Evaluation Plan
Evaluation Type
Objective
Starting date
Ending date
User Evaluation
The users he need to evaluate the
15-March-2019
25-March-2019
network performances and
connectivity
Table 4 Evaluation plan
f. Risk Management Plan
The risk management plan should be consider as a point of view. The following are some of the
points to consider:
1. Security
When any new system to be implemented it is important to make sure the IT security are in
place.
2. Users
You have to train all the users if the new system has been implemented and ensure that all the
users understand the new systems.
3. System Usage
Make sure all users are adapted to the new system and get feedback about the new system.
4. Down Time
6
Another majar risk for the company when moving from old system to new system is the possible
of down time when old system finally switch to new system.
5. Untested Technology
Before deployment of the new system make sure you have analyzed the feasibility of the new
system.
•
Communication Challenge
Some of the important communication challenges are the lack of feedback, the lack of
communication and internal - external news
•
lack of feedback
The message transfers in one way only, speech will speedily become unsuccessful. But feedback
is important on several levels. Not only does it support you control how well your staffs have
met their objectives, but it also shows how well they cooperate with their teams, their coworkers, and their higher order management. (Lockley, 2018)
•
lack of communication
The major reasons why staffs are unhappy with their jobs relate to message: not getting sufficient
information from their superiors, constant changes that aren't adequately communicated to
staffs, ignoring general primacy. (Lockley, 2018)
•
Internal and external news
In direction for your staff to feel involved and to completely notified with their business, it is
critical that it be the key source of all company interrelated information. (Lockley, 2018)
7
Chapter 2
Project Analysis
2.1 Analysis and Problem Solving Method
The study was conducted at Al Adawi National LLC Company, Sultanate of Oman. The main
target of the study was to facilitate organisations by lowering the risk of network security and
other attacks on the system. Moreover, the study aims to provide organisations with a software
upgrade that can significantly improve the speed of the processing and can decrease reliance
between several departments regarding sharing information. The software upgrade can
significantly lower the risk of internal factors; therefore, it will be easier for the organisation to
cope up with external factors. Some terms have been discussed in the following research topic.
Thus, the information regarding the following terms have been give in this section.
2.2 Research Methodology and Data Collection Procedure
Research Methodology
…..
FTP Protocol
Recently, the companies have been adopting techniques based on the ad hoc networks that
enable the users to communicate and share files with one another directly. The networks are
considered the Local Area Networks (LANs) where the devices share information and files
directly to other users without actually passing through a centralised access point (Dean, 2010).
FTP is an abbreviation for File Transfer Protocol that is being use during the transfer of such
files. The following protocol has been use for sharing files between the FTP host server and an
FTP host client. Moreover, it is the most common place to download files from the World Wide
Web (WWW). Furthermore, the following protocol is an alternative to HTTP protocol that is
being used to download files for the FTP users.
The popularity of FTP can never be ignore; however, with the introduction of cloud services,
some organisations are moving towards the adoption of cloud systems. Despite it, the FTP
protocols are still used by administrators to download files or to upload files on web server.
8
Moreover, the current researchers are aime at improving the efficiency of the FTP protocol. For
instance, Cam et al. (2015) showed that the performance of FTP protocol could be increase by
integrating it with the virtual network environment. The author introduces a new approach that
involves the copying of data from one virtual machine to another to increase the efficiency of the
network. As a result, the study showed that the performance of the FTP protocol significantly
improved in the virtual network environment. To this end, the current research helps the
researchers to dig more into this area to develop strategies to overcome the performance issues of
the traditional FTP protocol (Clark, 2003).
The FTP protocol is a long-accepted phenomenon in the Internet community. Moreover,
the longevity of the FTP protocol can also not be ignore. To this end, a large number of users are
still associate with the FTP protocol for the sharing of data. All the internet services on the
internet allow FTP, which helps the clients to gain easy access to the websites. Furthermore,
some revisions in the FTP protocol are also taking place to overcome the security issues. The
FTP protocol is being continuously subjecte to research to secure the traffic on the following
server (Gleason, 2005). Hence, the FTP protocol that has been use in the current research helps
the organisation to create a network where all the departments are being attache through a single
platform. Such a network can create security threats thus, leading to exposure or losing data
completely. Therefore, the FTP protocol does not appear to be a viable option for a big
organisation consisting of several departments connected through a single communication
network. Apart from that, FTP protocol can also create challenges for the organisation due to the
slow functioning of the network since a large number of people must be using it at the same
time. Thus, to make the network more secure and efficient, FTP protocol must be upgraded to
secure the connection and to increase the speed.
9
HTTP Protocol
The HTTP protocol is another application-level protocol that is use for collaborative, disturbed,
hypermedia information systems. On the other hand, the following protocol can be use for some
tasks, for instance, the distribution of object management with the help of extension requests
headers, or error codes (Alvestrand, Tags for the Identification of Languages, March 1995). For
the first time, the HTTP protocol was being used by (www) in the year 1990. In the beginning,
the first version of HTTP was called HTTP/0.9 through which simple tasks such as the transfer
of data across the internet was possible. However, with the technological advancement, the
HTTP protocol also upgraded to HTTP/1.0 also known as RFC 1945 (Fielding, 1999). The
following upgrade transformed the messages in the form of MIME, which contained met
information regarding the transfer of data and the modifiers of the generated request/response
semantics (Fielding, 1999). Moreover, HTTP/1.1 possess more stringent features as compared to
HTTP/1.0 (Alvestrand, Tags for the identification of languages, March 1995).
Hence, HTTP is mainly responsible for the formatting and transmission of the messages, in
simple words, the HTTP is responsible for requesting the server to display the web pages on the
screen (Berners-Lee, Universal Resource Identifiers in WWW, June 1994). After the
development of HTTP/1.0, another upgrade HTTP/2 was developed which is responsible for
handling the connections between the browser and the web server. In short, it is responsible for
speeding up the connection so that the web pages load quickly, last longer and show more
content on the screen.
Figure 3 Loading Page of HTTP/1.0 and HTTP/2.0
To this end, the recent researches on the internet are more comprehensive as compared to the
searching took place with the old HTTP. On the other hand, the number of search pages has also
10
increased. Therefore, it is concluded that the upgrade of HTTP was mainly aimed to improve the
loading speed by improving the response multiplexing. The HTTP/2.0 is supporte by the Mozilla
Firefox and Google Chrome; similarly, other browsers that are base on Blink are also found to
support the HTTP/2 protocol (F. Anklesaria, March 1993).
The HTTP protocol is generally used for some web applications. However, the use of
HTTP/1.1 imposes some negative effects on the performance of the application despite of its
several characteristics (Davis, April 1990). For instance, the header field of the HTTP/1.1
protocol often consists of excessive words and repetitive sentences. On the other hand, the
HTTP/2.0 addresses these issues with the help of the mapping of the HTTP’s semantics to an
underlying connection. Similarly, HTTP/2.0 also uses response/request on the same connection;
similarly, it also produces efficient HTTP headers. Also, the importance of HTTP 2.0 can be
highlight in the context of its prioritisation of requests, i.e. those requests that are more important
are resolved first (Davis, April 1990). The HTTP/2.0 protocol consists of binary framing that
also enables the protocol to process the messages efficiently. The HTTP 2.0 consists of a frame,
i.e. each frame is responsible for performing a specific task, which accounts for the efficiency of
the following protocol (Davis, April 1990).
TCP/IP
TCP/IP protocol is an abbreviation for Transmission Control Protocol that is being use in the
communication protocols in the interconnected network devices on the internet. On the other
hand, the following protocol can also be use in private networks. The internet suite follows a set
of rules and procedures that are being referre to as the TCP/IP. The following control protocol
decides how the data will be exchange across the internet. The protocol provides end-to-end
communication in which the data is being segregate into packets which then reaches the
destination and forms a message. The TCP/IP protocol is based on central management and is
aime at making the network more reliable (Braden, Requirements for Internet Hosts –
Application and Support, October 1989). Moreover, the TCP/IP protocol also consists of the
ability to recover the failure of any device on the network, automatically.
11
The TCP/IP protocol defines the system through which the applications can form
communication channels throughout the network. Moreover, the protocol also looks after the
segregation of the message into small packets and keeps track of the transfer of these packets to
the right destination (Braden, Requirements for Internet Hosts – Communication Layers, October
1989). Hence, the transfer of information across the internet passes through some steps to ensure
the accuracy of the data transference. Similar, to further ensure the right destination of the
message, each of the gateway in the computer confirms the IP address before transferring the
information. Thus, it can be state that the TCP/IP protocol is mainly connection-oriented, i.e. the
data transferred is only between two ends (Berners-Lee, Universal Resource Identifiers in
WWW: A Unifying Syntax for the Expression of Names and Addresses of Objects on the
Network as used in the World-Wide Web, June 1994). …Similarly, the benefits of the TCP/IP
include that the flow of data or messages on the network is continuously controlled.
In conclusion, the TCP/IP protocol helps in increasing the efficiency, stability and latency of
the entire network in a particular environment. The latest technological advancement in the field
of computer networks further strengthens the transfer of information across the internet at a
much greater speed than before (T. Berners-Lee, December 1994). However, the transfer of
information on the internet cannot be done without the TCP/IP protocol. Similarly, the
performance of the computer networks is further increase with the help of upgrades in the TCP.
Hence, TCP plays an important role in transferring messages over the internet in a controlled
environment.
Network Security
The activity is designed to secure the integrity and usability of a network. Network security supports
both technologies that are hardware and software. This security system helps to safeguard the threats that
are harmful to the network. Network security is the combination of different layers that are used to protect
the network. Each layer has its controls and policies. The access to network resources is provided to
authorized users only. Moreover, it is very beneficial for the network system.
As we, all know that the digitized system has transformed this world. In the same way, people are
demanding a secured network system from the organisations. Network security also helps to protect the
data and information of a user. Furthermore, the network security system is of many types, some of them
are Access control, Antivirus, and antimalware software, Application security, Behavioral analytics, Data
loss prevention, Email security, Firewalls, Intrusion prevention systems, Mobile device security, Network
12
segmentation, Security information, VPN, Web security, and Wireless security. All these security
networks are used to protect the network system from threats. Some layers that are use in network
security are as follows:…
Security Layer 1: Perimeter Defence
This security layer tends to arrange applications, for example, firewalls and intermediary servers.
Somewhere close to 70-80% of assaults hit associations’ interior systems, so these types of the inward
guard are fundamental. Appropriately, designed switches can ensure against a circulated forswearing of
administration (DDoS) assault, which surges a server and conveys activities to a stop. By blocking
bundles with satirising IPs, organise managers can dull these assaults. Executives can likewise find a way
to keep their systems from partaking in a DDoS assault, to some degree through switch-based directions.
Different advances include; controlling channel arrangements for benefits, dependence on logging that
can follow an assault t5esting channel to guarantee that despite everything they are working…..
Security Layer 2: Operating Systems and Applications Servers
This system framework security layer centres on working frameworks and servers, including
web servers, mail servers, and application servers. Working frameworks are fundamental to
layered security. If benefits inside an OS are imperilled, arrange security everywhere can be
endangered. Chairman benefits in an OS may enable access to firewall settings while uncovering
basic information on the system. Ventures to enhance layer two security include; introducing
working framework refreshes when accessible, actualising a strategy for solid passwords, and
halting administrations in Linux workstations that are turned on as a matter of course, including
HTTP, FTP and send mail…..
Security Layer 3: Protecting the Host
With layers 1 and 2, the border resistance has been built up, and working frameworks have
been anchored. Layer 3 includes onto layer 2 and includes security among workstations. This
layer is imperative since assaults can originate from inside systems. What is more,
notwithstanding their quality, firewalls can neglect to keep assailants from rupturing inner
systems. To secure workstations, managers may create thorough client get to strategies, fresh
fixes crosswise over workstations, run antivirus programming over a system of workstations, and
routinely back up workstation information in case of conceivable information misfortune
13
Security Layer 4: Data Protection and Segmentation
Information encryption includes a fourth layer of insurance, both against inadvertent ruptures
and vindictive assaults. In this layer, IT experts frequently: Kill any auto-fill passwords Scramble
outbound information, making burrowed correspondence among workstations and servers pick
information insurance with LogicNowIn expansion to these four layers of security, specialists
push the significance of system division. By apportioning off assets and applications, MSPs can
guarantee that the most touchy information and resources are not packed in one place. A
sectioned methodology is essential for associations, both little and substantial. Furthermore,
when overlooked, the results can be terrible. In its huge information break in 2013, target was
assaulted when programmers picked up login accreditations from a subcontractor. This
subcontractor was a warming and cooling organization with access to Target’s system. When the
assailants were inside Target’s system framework, they could turn. They before long gotten
entrance the organization’s instalment framework arrange. This enabled the programmers to
introduce malware over Target’s purpose of-offer gadgets and in the end take somewhere in the
range of 40 million credit and check card records. The debacle could have been somewhat
alleviated if Target would do well to divided its systems.
The individuals who work in IT comprehends that organize security are an absolute
necessity. MSPs have a one of a kind business challenge as they work to persuade authoritative
leaders that a more grounded system framework is an advantageous venture. In these dialogs, an
audit of security dangers can help present the defence for solid, layered security. There is a
substantial market for system foundation security arrangements. In what capacity should MSPs
pick a choice? For exhausted MSPs, the errand is to discover an answer that will keep activities
lightweight and productive. That is key while dealing with various systems. In the meantime, any
arrangement needs to keep up shake strong, layered security. It helps, as well, to have the
capacity to gauge the advantages of an answer. This can persuade chiefs that the advantages of
administrations far exceed the expenses. At the end of the day, MSPs should swing to Solar
Winds MSP’s (in the past LOGICnow) layered security arrangement, the most complete
alternative available.
14
Security Analysis
There are some System security protocols, for example, key-management and key exchange
protocols. They are famously hard to structure and troubleshoot. Shortcomings and anomalies
have been found in models and proposed guidelines for an extensive variety of protocols, it also
includes Diffie-Hellman and open key based variations of Kerberos, SSL/TLS, and the 802.11i
(Wi-Fi2) remote validation protocols. However, huge numbers of these protocols may appear to
be generally basic, security protocols must accomplish their objectives when a discretionary
number of sessions are executed simultaneously, and an assailant may utilize data given by one
session to trade off the security of another.
As security protocols frame the foundation of present-day secure organized frameworks, it is
critical to creating useful, exact, and deployable techniques for discovering blunders and
demonstrating that protocols meet their security prerequisites. This discussion will condense two
techniques and talk about a portion of the contextual analyses completed in the course of recent
years. One technique is a generally basic robotized limited state approach that has been utilized
by our examination gathering, others, and quite a long while of understudies in a task course at
Stanford to discover imperfections and create enhancements in an extensive variety of
conventions and security instruments. The second strategy, Protocol Composition Logic (PCL),
it is a state of mind about protocols that is intended to make it conceivable to demonstrate
security properties of vast reasonable conventions. The two strategies are complementary, since
the principal strategy can discover mistakes, yet just the second is reasonable for demonstrating
their nonattendance. The discussion will centre on fundamental standards and precedents from
the IEEE and IETF institutionalization process.
Vulnerabilities
The Vulnerability is a term that is used for cyber-security, it to an imperfection in a
framework that can abandon it open to assault. Vulnerability may further refer to a shortcoming
in a PC framework itself, in an arrangement of techniques, or in anything that leaves data
security presented to a danger. There is some Vulnerability inside the network system.
15
USB thumb drives
USB drives are really one of, if not the most, widely recognized ways you can taint a
system from inside a firewall. There are a few purposes behind this; they are economical, little,
hold a great deal of information and can be utilized between numerous PC types. The
omnipresence of thumb drives has driven programmers to create focused on malware, for
example, the infamous Conficker worm, that can consequently execute after interfacing with a
live USB port.
Laptop and netbooks
Laptops are convenient, incorporate full working frameworks, can work utilizing an inward
battery and accompany a helpful Ethernet port for taking advantage of a system. Likewise, a
notepad may as of now have malignant code running out of sight that is entrusted to scour the
system and discover extra frameworks to taint. This notepad could have a place with an interior
representative or visitor who is meeting and working from an open block or office.
Lack of Effective Network Security Policy
Network suffers because of the lack of effective network policies, for every one of the spaces
a cutting-edge organizes security procedure must address. Nevertheless, it is not constantly
workable for associations to execute even very much structured security designs. There are
various obstructions, including:
The Absence of work force
Numerous IT security positions are unfilled. Symantec Chief noticed that 1.5 million such
employments would at present be vacant by 2019. Tight spending plans: Unassuming spending
modifications, as archived by Spice works in its yearly Territory of IT Report, leave little space
to expedite experienced staff.
Obscure questions
While realized dangers are anything but difficult to plan against, there are others that IT
divisions do not understand they are caught off guard for. Zero-day activities and “low and
16
moderate” progressed tenacious dangers fit into this classification. Without a completely fleshedout system security program, it is difficult to create proper resistances or even to realize what to
tailor against them. Assaults go unfamiliar for a considerable length of time or even months. A
2016 Accenture report discovered that 51 percent of studied venture security specialists took a
long time to discover complex ruptures, while 33% of every single fruitful interruption was
never found by any stretch of the imagination.
VLAN
A VLAN is a gathering of gadgets on at least one LANs that are arranged to convey as
though they were connected to a similar wire when in actuality they are situated on various
diverse LAN fragments. Since VLANs depend on consistent rather than physical associations,
they are to a great degree adaptable. VLANs characterize communicated areas in a Layer 2
arrange. A communicated space is the arrangement of all gadgets that will get communicated
outlines beginning from any gadget inside the set. Switches ordinarily limit communicated areas
since switches do not forward communicate outlines. Layer 2 switches make communicated
spaces dependent on the design of the switch. Switches are multiport spans that enable you to
make numerous communicated spaces. Each communicated space resembles an unmistakable
virtual extension inside a switch. You can characterize one or numerous virtual extensions inside
a switch. Each virtual scaffold you make in the switch characterizes another communicated area
(VLAN). The Movement cannot pass specifically to another VLAN (between communicated
areas) inside the switch or between two switches. To interconnect two diverse VLANs, you
should utilize switches or Layer 3 switches. See the “Diagram of Layer 3 Interfaces” segment for
data on between VLAN steering on Impetus 4500 arrangement switches.
Similarly, with a wired LAN framework, while sending voice in a remote LAN, you should
empower somewhere around two virtual LANs (VLANs) at the Entrance Layer. The Entrance
Layer in a remote LAN condition incorporates the passageway (AP) and the principal jump air
conditioning switch. On the AP and access switch, you ought to design both a local VLAN for
information movement and a voice VLAN (under Cisco IOS programming) and Helper VLAN
(under Impetus Working Framework) for voice activity. A voice/assistant VLAN must be
isolated from the various wired voice VLANs in the system. Likewise, similarly as with voice
17
endpoints on wired LANs, remote voice endpoints ought to be tended to utilizing RFC 1918
private subnet addresses. While conveying a remote foundation, was laud arranging a separate
administration VLAN for the administration of WLAN APs. This administration VLAN ought
not have a WLAN appearance; that is, it ought not to have a related administration set identifier
(SSID) and it ought not to be straightforwardly available from the WLAN.
Design
The key strides to planning a Met Plant wide Ethernet (CPwE) design by utilizing a VLAN
approach include the accompanying advances: Appoint the different Cell/Region zones a VLAN
that compares to an IP subnet in which the gadgets in that zone all have their IP address. Decide
how to send the VLANs into the system framework. Decide how to arrange the VLAN Interface,
end-gadget ports and switch uplinks.
Segmentation Significance
Segmentation of a network has great importance in networking. It helps to increase the
reliability, security, and efficiency of a network. VLANs can likewise be utilized to constrain
client access to a specific system portion, which at that point enables just approved clients to
approach systems with exceptionally touchy data. Moreover, it also allows different devices to
connect virtually. In other words, one method for breaking a bigger system into littler segments
is by actualizing VLANs. VLANs permit division or breaking a huge system into little ones.
Running customary level systems is presently a maturing model and it is an obsolete supposition
that everything within an association’s system ought to be trusted.
By sectioning a system and applying proper controls, we can break a system into a multilayer structure that thwarts risk specialists or activities from achieving solidified frameworks and
confines their development over the system. While it ought to be comprehended, it isn’t
conceivable to make the ideal IT arrange framework guard, diminishing the assault surface and
disposal of undesirable access to organize portions fundamentally decreases the danger of
framework breach. Utilizing the protection inside and out security routine with regards to
organize division, an association’s system address space is subdivided into littler subnets. The
system can be physically divided with switches, firewalls, or all the more usually, coherently
isolated by virtual LANs (VLANs) on system switches. These VLAN zones are interconnected
18
with trunk connections or Exchanged Virtual Interfaces between them. There are various focal
points to executing this sectioned system design.
This sort of division straightforwardly diminishes the number of frameworks on a similar
system fragment and decreases the communicated space; in this manner-lessening gadget
organize handling and noxious surveillance. By constraining steered activity to portions, the
general data transmission utilization in the LAN is diminished. The proliferation of system
worms, for example, Wanna cry and NotPetya over a common convention, for example, SMB is
not restricted on a level system as it would be on a fragmented system. The Division helps the
assistance by isolating zones that contain information with comparative prerequisites while
guaranteeing that frameworks holding delicate information are kept confined. System division
empowers isolation of frameworks by end-client class bunches with the assistance of access
control strategy at the entrance/departure focuses. This granulation of security arrangement can
be executed after some time with ACLs at the zone passage or Firewalls that control the stream
for vast sections. Further division of server frameworks, for instance, shields against danger onscreen characters effectively turning to start with one traded off server then onto the next, for
example, performing parallel development with pass-the-hash assaults (to be specific gathering
hashed certification information for use on various machines, further clarified in references)
Regularly organize division activities can be kept running with current system hardware.
Encourage the expansion of an untrusted VLAN for NAC Arrangement authorization. NAC
arrangements permit organize administrators to characterize strategies for implementation, for
example, the sorts of PCs or jobs of clients permitted to get to territories of the system. This is
then implemented utilizing switches, switches, and firewalls. Executing an untrusted VLAN
fragment can shield the system from rebellious and additionally obscure frameworks.
19
Software used:
Since we are going to develop and achieve this project I am going to use one of the useful tools
called GNS3 (Graphical Network Simulator-3). This software is an emulator, it allow all the
network to be used as virtual like real network equipment. This software is used worldwide for
network engineering for troubleshooting the problem or they do test environment for they exiting
network before they do any changes to be on saved side if they made any mistake on their
network configuration. GNS3 is open source, free software that you can download from
http://gns3.com.
The GNS3 interface showing as below
Figure 4 GNS3 software interface
20
On the below showing where you can browse the switches to be selected and dropped on the
software
Figure 5 Switches selection
On the below showing where you can browse the routers to be selected and dropped on the
software
Figure 6 Routers Selection
21
On the below showing where you can browse the client / computers connected to the networks to
be selected and dropped on the software
Figure 7 Client / computers
On the below showing where you can browse the security devices connected to the networks to
be selected and dropped on the software
Figure 8 security devices
22
Similar Projects
……
Participants of the Project (if applicable)
The particpants on this Project the IT Manager.
Data Collection Procedure
a. Interview
On 26 October 2018, I have interviewed Mr. AlMuhanand Mohammed Abdullah Al Adawi the
Information communication technology Manager of Al Adawi national LLC Company. I have
asked some question to Mr. AlMuhanand regarding the network infrastructure they face
difficulty communication between the client machines the servers are very slow and they are
using 100mbps speed network. Additional to that the FTP protocol some time are very slow and
they are not able to communicate to servers. Moreover, they are looking to upgrade they are
network because they need to be up-to-date and they are using same technology since 2008.
Figure 9 interview questions
Outcome of interview
23
Therefore, the outcome of the interview with IT manager, he was very positive
information and important to the network upgrade project. In fact the project are required to
upgrader they network with 1Gbps speed also they have used FTP protocol also they need to
implement VLANs and HTTP (web application).
b. Questionnaire
The collections of the information about the employee of future upgraded network and their
requirement is distributed online with https://www.surveymonkey.com website.
The below 5 question about the network.
1. How fast computer connected to the network Drive?
•
less than 1 minute
•
less than 2 minute
•
more than 2 minute
2. Are you satisfied with the existing network?
•
Yes
•
No
3. Did you use any application within your network like?
•
FTP
•
HTTP
4. Did you Feel your network are slow?
•
Yes
•
No
5. Are you using Network Drivers on your computers?
•
Yes
No
24
c. Discussion on Survey (select one)
On this question 1. How fast computer connected to the network Drive? Around 95% of the
employee are complained about the slowness of their network.
1. How fast computer connected to the network Drive?
70
60
50
40
30
20
10
0
less than 1 minute
less than 2 minute
more than 2 minute
Series1
Figure 10 1. How fast computer connected to the network Drive?
On this question 2. Are you satisfied with the existing network? Around 100% of the employee
are complained about there are not happy about existing network.
2. Are you satisfied with the existing network?
70
60
50
40
30
20
10
0
Yes
No
Figure 11 2. Are you satisfied with the existing network?
25
On this question 3. Did you use any application within your network like? Around 100% of the
employee there are using HTTP (web application) on their existing network.
3. Did you use any application within your
network like?
70
60
50
40
30
20
10
0
FTP
HTTP
Figure 12 3. Did you use any application within your network like?
On this question 4. Did you Feel your network are slow? Around 98% of the employee there are
feeling the network are very slow.
4. Did you Feel your network are slow?
70
60
50
40
30
20
10
0
Yes
No
Figure 13 4. Did you Feel your network are slow?
26
On this question 5. Are you using Network Drivers on your computers? Around 100% of the
employee there are using network drives.
5. Are you using Network Drivers on your
computers?
70
60
50
40
30
20
10
0
Yes
No
Figure 14 5. Are you using Network Drivers on your computers?
27
Chapter 3
Project Design
3.1 System Overview and Design Constraints
System Overview
We are going to upgrade network infrastructure for al Adawi National LLC and they have one
firewall, one core switch, and four access switchs connected to foure department. The foure
switrchg are conncated with Ethernet cable with speed of 100Mbps.addtional, they have three
server one domain contracller, File Server (which is running Printer Server and application
server) and Exchnage server.
Design Constraints
28
3.2 System Architecture (Hardware and Software Architecture, etc.)
Proposed network Design
We are going to propose the following on this project and the possibilities for structured all their
networks equipment and devices.
1. We need to have two firewall for redundancy propose.
2. We need to have two-core switch for redundancy and creating VLANs to segregate the traffic and
security improvement.
3. Replace the fore existing switches to 1gbps switch speed with SFP (Small form-factor pluggable
transceiver) this used to connect fiber connectivity cable with switch.
4. Creating dedicated FTP Server.
5. Creating dedicated webserver.
29
30
References
Alvestrand, H. (March 1995). Tags for the identification of languages. RFC 1766, UNINETT.
Alvestrand, H. (March 1995). Tags for the Identification of Languages.
Berners-Lee, T. (June 1994). Universal Resource Identifiers in WWW.
Berners-Lee, T. (June 1994). Universal Resource Identifiers in WWW: A Unifying Syntax for the Expression
of Names and Addresses of Objects on the Network as used in the World-Wide Web (RFC 1630,
CERN ed.).
Braden, R. (October 1989). Requirements for Internet Hosts – Application and Support.
Braden, R. (October 1989). Requirements for Internet Hosts – Communication Layers.
Clark, M. (2003). Data Networks IP and the Internet (1st ed.). West Sussex, England: John Wiley & Sons
Ltd.
Davis, F. K. (April 1990). WAIS Interface Protocol Prototype Functional Specification (v1.5 ed.). Thinking
Machines Corporation.
Dean, T. (2010). Network+ Guide to Networks (Delmar. pp. 168–171 ed.).
F. Anklesaria, M. M. (March 1993). The Internet Gopher Protocol: A distributed document search and
retrieval protocol. RFC 1436, University of Minnesota.
G.L., R. F. (1998). Knatterud. Controlled Clinical Trials, 19:477-493.
Gleason, M. (2005). The File Transfer Protocol and Your Firewall/NAT.
Lockley, S. K. (2018, 12 15). 10 Internal Communication Challenges and How to Master Them with an
Employee App. Retrieved from https://insights.staffbase.com/blog/10-communicationchallenges-and-how-to-master-them-with-your-own-branded-employee-app
T. Berners-Lee, L. M. (December 1994). Uniform Resource Locators (URL) (RFC 1738, ed.). CERN, Xerox
PARC, University of Minnesota.
31
Appendices
32
Purchase answer to see full
attachment