Assume you are a consultant for a local business that has as

Assume you are a consultant for a local business that has asked you to propose an enterprise-wide solution that includes topology, network devices, IP infrastructure, and network security. The scenario is as follows:

A small accounting firm, ABC Accounting, Inc., landed a large account a year and a half ago that has already led the company to grow from five employees to 200 employees with expectations to employ 350 within a year’s time. In the face of continuing expansion, ABC plans to add offices in their current building that will span a total of three floors. At least one third of ABC employees have laptops and travel often.

All ABC employees have Windows 7 computers, which currently are not connected to the corporate Local Area Network (LAN).

You have been hired as a consultant to provide a detailed technical proposal that recommends a solution that addresses each of the detailed specifications that follow. Your solution regarding each specification should comprise a separate section of the body of your proposal.

Topology (type of network) and network devices

ABC needs to set up a network and requires clarification regarding the type of network (or topology) in order to properly configure the connections among all PCs within the organization.

The company is looking for guidance regarding the type of network devices that will connect devices to the Local Area Network (LAN). Brand of device is not mandated. The company asks that you explain what internal and external networking components are required (explaining each and justifying WHY you chose the network devices you did).

The network must have the capacity to:

Connect all users to company resources (e.g. printers, scanners, and other items).

Provide file sharing options.

Manage these resources in a central location.

Your proposal should include budgetary cost estimates for the chosen topology.

IP Infrastructure

ABC has asked that you provide details regarding an IP structure (which includes static, DHCP, or the possibility of both, and proper IP Class assignment), which is mindful of the company’s expectation of continued growth.

Security

Basic security has always been in place and now the company would like you to make this a more secure facility in hopes of protecting against internal and external security threats.

Be sure to include details with respect to:

Social engineering/internal threats

Firewalls/switches

VPN’s

Authentication

Security protocols

Vulnerability assessment

Your submission should include each of the following sections, with each preceded by an appropriate heading:

Introduction/Overview

Table of Contents

Body- Including a separate section for each numbered item in the specifications above

Conclusion

APA References

Appendices- Any information you feel is appropriate to include

Yes this is for a final project assignment.

Solution

Topology (type of network) and network devices

We can you use the Ring Topology to fulfill all the requirements of our network configuration.

In this configuration it is forming a ring as each computer is connected to another computer, with the last one connected to first. Exactly 2 neighbors for each node. Transmission can be made bidirectional. Data is transferred sequential bit by bit. Data transmitted has to pass through each of the node of network. The advantage of using this topology is, network is not affected by high traffic or by adding more nodes as only nodes having tokens can transmit the data. Cheap installation cost.

Network devices we can use in the topology are:

Network Interface Card (NIC): Allows our PC to communicate with other PC’s. It converts data transmission technology.

Bridge: To improve the performance, networks are divided in smaller networks. Bridge is used to divide a large network in smaller networks.

Switch: connect multiple computers together in a LAN segment.

Considering all the above network configuration and network devices we can Connect all users to company resources (e.g. printers, scanners, and other items), provide file sharing options, manage these resources in a central location.

IP Infrastructure

The IP infrastructure represents a key boundary between a communications medium and the applications that are built upon this medium.

IP addresses are broken into different classes.

Class A IP addresses are used for huge networks, like those deployed by Internet Service Providers (ISPs).

Class B IP addresses are used for medium and large-sized networks in enterprises and organizations. They support up to 65,000 hosts on 16,000 individual networks.

Class C addresses are most common and used in small business and home networks. These support up to 256 hosts on each of 2 million networks.

Class D and E addresses are least used. Class D is reserved for a not widely used, and reserved for special cases largely for services and applications to stream audio and video to many subscribers at once. Class E addresses are reserved for research purposes by those responsible for Internet networking and IP address research, management, and development.

Here for us Class C ip addresses are good to use, as it is a small firm.

There are different types of IP addresses as below:

Static IP: If your IP address is static, it means that it will remain the same every time you connect.

Advantages of Static IP address:

DHCP: Dynamic Host Configuration Protocol (DHCP) is a client/server protocol that automatically provides an Internet Protocol (IP) host with its IP address and other related configuration information such as the subnet mask and default gateway.

Mixing Configurations

It\'s possible to mix static IP and DHCP addressing schemes.

Which is better and why?.

DCHP provides true \"plug and play\" networking, but it can come at a cost.

Fully dynamic or mixed addressing configurations are just fine.

Security

Firewalls/Switches: A firewall is placed on a position connecting an intranet to internet and it controls the traffic between these 2 networks based on rule/policies. It filter outs, stops unwanted traffic. We can implement packet filter architecture or application level gateway.

VPNs: A VPN allows to run secure seemingly point to point connection between 2 networks similar to direct connection but by actually using unsecure media as network connection->internet. Using VPN person outside of the company’s network can access the services/resources from company’s network in a secure way. For security purpose, we can use IPsec protocol. Also can implement site to site VPN or remote access VPN.

Authentication is the unambiguous identification of the sender of a information or communication peer. We can implement authentication by using token system, biometry, encryption etc.

Vulnerability assessment: For a successful attack successful vulnerabilities should be there. To avoid these kind of attacks proper assessment of vulnerabilities should be done. Assessment must be done in terms of error in design and specification, erroneous implementation of correct specification, administration error etc.

Security Protocols: Network security protocols are a type network protocol that ensures the security and integrity of data in transit over a network connection. Network security protocols define the processes and methodology to secure network data from any illegitimate attempt to review or extract the contents of data. There are cryptographic or encryption protocols which we can implement.

Considering all the above assessment on the network architecture and security protocols, IP architecture, we can say that ABC firm can have secure and productive network.

Thank you.