Project C1035 by Amit Maharjan (1801T3080019)

Project on
Machhapuchchhre Bank
By Amit Maharjan
Submitted to Lecturer Ramjit Prasad Koirala
09
Project on Machhapuchchhre Bank 2009
Table of Contents
Introduction: ................................................................................................................................. 5
Acknowledgements ....................................................................................................................... 6
Current System: ............................................................................................................................ 7
Problem Background: .................................................................................................................... 8
Objectives: .................................................................................................................................... 9
Network Architecture.................................................................................................................. 10
WAN Diagram.......................................................................................................................... 10
Diagram explanation for WAN diagram: .............................................................................. 10
Diagram for Corporate office:.................................................................................................. 11
Diagram explanation for Network architecture of corporate office: .................................... 11
Diagram for branch offices: ..................................................................................................... 12
Diagram explanation for Network architecture of branch office: ........................................ 12
Diagram for Disaster Backup: .................................................................................................. 13
Diagram explanation for Network architecture of branch office: ........................................ 13
Network Topology ................................................................................................................... 14
1. Star topology ............................................................................................................... 14
2. Bus topology ................................................................................................................ 15
3. Ring Topology: ............................................................................................................. 16
4. Mesh Topology: ........................................................................................................... 17
Communication Media: ............................................................................................................... 19
Guided media .......................................................................................................................... 20
1. Twisted Pair Cable ....................................................................................................... 20
i. Unshielded twisted-pair cable (UTP) ...................................................................... 21
ii. Shielded twisted pair cable (STP) ........................................................................... 24
2. Coaxial cable ................................................................................................................ 25
a. Thin coaxial cable/10Base2 (Thinnet) .......................................................................... 26
b. Thick coaxial cable/10Base5 (Thicknet)........................................................................ 26
c. Fiber Optic cable .......................................................................................................... 27
Unguided Media:......................................................................................................................... 29
1. Radio Technologies: ......................................................................................................... 29
2. Infrared technologies: ..................................................................................................... 30
3. Microwave Technologies ................................................................................................. 30
Amit Maharjan
ID: 1801T3080019 Page 2
i. Terrestrial microwave systems: ................................................................................... 30
ii. Satellite Microwave systems:....................................................................................... 30
Networking and Internetworking Devices ................................................................................... 31
1. Routers ............................................................................................................................ 31
Advantages of Routers:.................................................................................................... 31
Disadvantages of router: .................................................................................................. 32
2. Switch and Hubs .............................................................................................................. 32
i. Unmanaged switch ...................................................................................................... 32
ii. Managed switch .......................................................................................................... 32
a. Active Hub: .................................................................................................................. 33
b. Passive Hub: ................................................................................................................ 33
c. Intelligent Hub: ............................................................................................................ 33
3. Bridge .............................................................................................................................. 33
Advantages of Bridge ....................................................................................................... 34
Disadvantages of Bridge .................................................................................................. 34
4. Modem ............................................................................................................................ 35
5. Gateway .......................................................................................................................... 36
6. Repeaters ........................................................................................................................ 37
Advantages of Repeaters ..................................................................................................... 37
Disadvantages of Repeaters ................................................................................................ 37
7. Network Interface card (NIC) ........................................................................................... 37
8. RJ-45 Connector .............................................................................................................. 38
Network Security......................................................................................................................... 39
i. Physical Security .............................................................................................................. 39
ii. Network security ............................................................................................................. 39
a. Firewalls ...................................................................................................................... 40
a) Packet filtering ............................................................................................................. 40
b) Application Layer Firewall ............................................................................................ 41
c) Proxies ......................................................................................................................... 42
d) Network Address Translation Firewall (NAT firewall) ................................................... 43
b. Intrusion Detection Systems (IDS) ................................................................................ 44
1. Network intrusion detection system (NIDS) ........................................................... 44
2. Host Based IDS ......................................................................................................... 44
Amit Maharjan
ID: 1801T3080019 Page 3
Communication Links .................................................................................................................. 45
a. FDDI (Fiber Distributed Data Interface): .......................................................................... 45
b. Ethernet: ......................................................................................................................... 46
c. Token Ring: ...................................................................................................................... 46
d. Data Transfer Modes: ...................................................................................................... 46
e. IP address: ....................................................................................................................... 46
Budget Estimation: ...................................................................................................................... 47
Conclusion:.................................................................................................................................. 49
References and Bibliography: ...................................................................................................... 50
1. References on Images:..................................................................................................... 50
2. References for study on firewalls:.................................................................................... 51
3. References for budget preparation:................................................................................. 51
4. References for IDS: .......................................................................................................... 52
5. References for Network Topology: .................................................................................. 52
6. References for Communication Links:.............................................................................. 52
Turnitin Originality Report........................................................................................................... 53
Supportive Documents ................................................................................................................ 54
Letter of Acceptance from Machhapuchchhre Bank Limited ................................................... 54
Proof of Budget estimation accuracy: ...................................................................................... 55
Cisco Small Business 101 Ethernet Broadband Router Price .................................................... 55
Belkin 250 ft. Cat. 5 UTP Patch Cable (A7J304-250-YLW) Price: ............................................... 56
Cisco 2800 Series IOS Enterprise Services Feature Pack:.......................................................... 57
Currency Conversion Source:................................................................................................... 58
Inspiron 531s (Includes 17" Widescreen Flat Panel Monitor) Price: ............................... 59
Fortinet FortiGate-50B Complete Content Protection Bundle Price: ....................................... 60
IBM System x3450 (794854X) Server ....................................................................................... 61
Microsoft Word 2007 Open License With Software Assurance................................................ 62
Amit Maharjan
ID: 1801T3080019 Page 4
Introduction:
This is project on the Machhapuchchhre Bank of Nepal. It is one of the biggest banks in
Nepal with more that 30 branches. Due to the limitations of the course only the unique networks
comprising in the bank are included in this project.
Machhapuchchhre Bank Limited is one of the biggest commercial banks in Nepal. It was
registered in 1998 and became the first commercial bank to start banking business from rather
under developed western region of Nepal with head office in Pokhara.
After 11 years from the date of its establishment, it now has 30 branches in different parts
of the country with plans to establish 10 more branches very soon. It has 10 ATMs inside
Kathmandu valley only. It provides facility of mobile banking, internet banking and any branch
banking to its users.
Machhapuchchhre Bank Limited is dedicated to providing latest technology facilities to its

customers. It is the first bank to introduce centralized banking software named GLOBUS
BANKING SYSTEM developed by Temenos NV, Switzerland. A full-fledged banking branch is in
operation in Jomsom located high up in the mountains too.
The has been highly successful since its establishment and intends to use the latest
technology for better, comfortable and reliable service to its customers and management of the
networking, file management, communication between different branches of the bank. Hence,
according to its aim to serve the people of both urban and rural areas, it has plans to extend its
services in different rural as well as urban areas of the country. To meet this aim it is willing to
invest money and train its manpower for the introduction of new technology.
The aim of my project will be to pin point the most efficient, reliable and economical
technology for the achievement of the banks goals of serving rural as well as urban areas of the
country.
Amit Maharjan
ID: 1801T3080019 Page 5
Acknowledgements
This project on Machhapuchchhre Bank is done following the guidelines of Network
Essentials (C1035) course guideline. This project is done for educational purpose only.
This project was a success with the help of many people. I would like to thank them for
helping me in the successful completion of this project. This project was not possible with the help
form my lecturer Mr. Ramji. I would like to specially thank him for helping me in this project. I
would like to thank employees in the IT department of Machhapuchchhre Bank for their
assistance and providing me valuable information about the computer network system of the
bank. I would like to thank Mr. Chaudary, IT Chief Machhapuchchhre Bank for helpful
suggestions. And of course I would like to thank all my friends for their support and help in
successful completion of this project.
Amit Maharjan
ID: 1801T3080019 Page 6
Current System:
The bank uses centralized database system i.e. all its data are stored and processed by
main server in the corporate office. It uses the suitable technologies available in Nepal for making
its network reliable, efficient and economic. The bank uses optical fiber from Subushu (an ISP in
Nepal), VSAT (Very Small Aperture), and leased line from NTC (Nepal Communication
Corporation), cable network of Worldlink (an ISP in Nepal) according to the suitable situation. The
main connection in most branches is fiber optic cable. Cable and leased line are used in the
places where fiber optic is not available and VSAT is used where ISPs don’t provide any media of
physical wire communication like in remote areas of Jomsom. The bank currently uses only one
server, AIX server form IBM. It uses a firewall from Fortigate which also functions as an antivirus.
It uses the routers of CISCO and switches of various companies. The PCs in the bank are
branded PCs but from various providers. The bank uses star topology because it supports big
networks, is easy to troubleshoot and easily extendable. The bank has an 8 hour backup system
for all its system and 24 hour backup system for the server and related devices in corporate
office. The bank has an online backup system in an unknown remote location that is constantly
updated with changes in the main server. The backups all the data everyday on tapes, hard
drives after all the works of the day have been completed.
Amit Maharjan
ID: 1801T3080019 Page 7
Problem Background:
The bank currently uses only one server and firewall for protection. Sub netting is not
implemented hence, a hacker can get access to the entire network if gets into one of the
branches computer. Due to these reasons there are several security holes in the network. The
bank is not protected against the theft of files from PCs directly. Although, all the corporate data is
stored in sever this is also a problem. Although the star topology used by the bank is reliable,
there is no acknowledgement of packets which makes the network less reliable. There is no
remote access system, bastion host, intrusion detection system and no proxy server.
Authentication of the user is done only by user name and password.
Amit Maharjan
ID: 1801T3080019 Page 8
Objectives:
The aim of my project will be to pin point the most efficient, reliable and economical
technology for the achievement of the banks goals of serving rural as well as urban areas of the
country while fixing the security holes that exist in the system as well as to minimize them in the
future. The main objective will be to make the network more secure by implementing sub netting,
putting bastion host, proxy servers if needed. Cost is a major concern of every project; I will also
be using the most cost effective technology around for the implementation in network.
Amit Maharjan
ID: 1801T3080019 Page 9
Network Architecture
WAN Diagram
Fig. 1 WAN Diagram
Diagram explanation for WAN diagram:

This diagram shows the location of network branches and the medium of connection
between the branches and Server in corporate office.
The subushu company in Nepal provides optical fiber cable connection in pokhara,
Kathmandu (Bagbazar), lalitpur which can be used for intranet connection. Since, optical fiber is
the most preferred media of connection for long distances this is very good option for network
connection.
For remote location branch Jomshom, wireless satellite communication can be used
which will be expensive. VPN can also be implemented through the internet connection. Satellite
communication is beyond the scope of this course so it is not discussed in detail.
For disaster backup optical fiber connection provided by Subishu can be implemented.
I have assumed optical fiber connection from Subishu to be available in every required
location for the formation of this network.
Amit Maharjan
ID: 1801T3080019 Page 10
Diagram for Corporate office:
Fig. 2 Network Architecture for corporate office
Diagram explanation for Network architecture of corporate office:

Topology : The topology implemented in this system is star topology for LAN.
Router : the router used in this figure is represents Cisco 2800 Series IOS Enterprise Services
Feature Pack for connection between branch offices, computer in corporate office and server.
Switch: the switches used are DSS-16+ 16-Port 10/100 Desktop Switch from D-link.
Computers: the computer used might be old computer or new Inspiron 531s (Includes 17"
Widescreen Flat Panel Monitor) from Dell.
Communication media: the communication media used for LAN is cat 5 UTP cable.
Server: the server is IBM System x3450 (794854X) Server
Firewall: firewall represents FORTIGATE-50B for network security.
Bastion host: it is not necessary thus can be omitted. If it is applied in network this it would be
same as server i.e. IBM System x3450 (794854X) Server.
Media converter: represents appropriate media converter according to the media used.
Sub netting has been implemented in each switch in order to increase security.
Amit Maharjan
ID: 1801T3080019 Page 11
Diagram for branch offices:
Fig. 3 Network Architecture for bank branches
Diagram explanation for Network architecture of branch office:

Router : the router used in this figure is represents Cisco Small Business 101 Ethernet Broadband
Router for connection between branch offices nodes and server in corporate office.
Switch: the switches used are DSS-16+ 16-Port 10/100 Desktop Switch from D-link.
Computers: the computer used might be old computer or new Inspiron 531s (Includes 17"
Widescreen Flat Panel Monitor) from Dell.
Amit Maharjan
ID: 1801T3080019 Page 12
Diagram for Disaster Backup:
Fig. 4 Network Architecture for disaster backup
Diagram explanation for Network architecture of branch office:

Router : the router used in this figure is represents Cisco Small Business 101 Ethernet Broadband
Router for connection between branch offices nodes and server in corporate office.
Backup Server: the backup server is IBM System x3450 (794854X) Server.
Amit Maharjan
ID: 1801T3080019 Page 13
Network Topology
Network topology describes physical arrangement of communication media and nodes in
a network. There are different types of network topology they are as follows:
1. Star topology
Figure 1 Star Topology
In this topology all the nodes are connected to a central node (central switch, hub
or host computer or concentrator) which provides connection to other nodes in the
network. It may either have a passive central node that does not prevent echo-related
problem or an active node which overcomes this drawback.
Advantages of Star Topology:

a. This topology is the most flexible in terms of expansion ease of installation.
b. It is much easier to troubleshoot.
c. Simultaneous data transmission between different nodes can take place.
Disadvantages of Topology:
a. More expensive than bus topology.
b. Network failure will occur with problems in central device.
c. Network might be slowed down if the central device has capability to handle the
amount network traffic in the network.
Amit Maharjan
ID: 1801T3080019 Page 14
2. Bus topology
Figure 2 Bus Topology
This topology uses a backbone cable to which all the nodes are connected. It is good for
small network.
The advantages of this topology are:

 Failure of connected device does not affect the network.
 It is cheaper than other topologies.
The disadvantages of this topology are:

 Entire network fails if the main cable fails.
 It is necessary to terminate the open ends of cables.
Reasons for not choosing this topology:

 Not suitable for large network.
 High bandwidth consumption
 Simultaneous data transfer between many nodes is not possible.
Amit Maharjan
ID: 1801T3080019 Page 15
3. Ring Topology:
Figure 3 Ring Topology
In this topology, there is a single circle of cable in which every node is connected with its adjacent
nodes (two nearest nodes) for data transmission. Ring topology may use any of FDDI, SONET or
Token Ring Technology. This topology is preferred in a large network and network comprising of
mainframe computer rather than micro computers.
The advantages of this network topology are:

 Network is very ordered in this topology.
 Allows creation of very large networks using token ring.
 Reliable due acknowledge of the data transfer.
The disadvantages of this network topology are:

 Similar to bus topology if the main cable forming the circle fails the entire network
fails.
 Moving, adding and changing nodes is difficult is this topology.
Amit Maharjan
ID: 1801T3080019 Page 16
 Network adapter cards and MAU's are much more expensive than Ethernet cards
and hubs
 Much slower than an Ethernet network under normal load

 It is very difficult to extend a network using this topology which causes difficulties
when increasing branches or devices.
4. Mesh Topology:
Figure 4 Mesh Topology
All the computers in this topology are connected to multiple nodes. Simultaneous data
transfer between different nodes is possible in this topology.
The advantages of this network are:

 Simultaneous data transfer between multiple nodes.
 Availability of more than one path to a destination node.
 Good network security is provided as the data transfer takes place directly between
sender and receiver.
Amit Maharjan
ID: 1801T3080019 Page 17
The disadvantages of this network are:
 It is very expensive due to massive wiring costs.
 It is impossible to create a full mesh in a network consisting of many devices.
 Network expansion is very difficult as well as expensive.

 It is very expensive.
 Extending network is very difficult.
Amit Maharjan
ID: 1801T3080019 Page 18
Communication Media:
The medium used for transmitting signals or data between computers is called
communication media or networking media. Broad range of communication media have been
developed to suite the diverse demands of computer networking. However, the goals of all these
media remains efficient, effective, and economic and error free transmission of data. These media
are categorized and priced according to the bandwidth they can provide, the maximum length
they can carry data without any loss in data, the technology they use, and type of interference that
disturbs data transmission in them. Following are the different types of communication media
according to the primary material they use for communication/material used for their construction:
 Copper – twisted pair cable and coaxial cable use copper

 Glass – optical fiber uses glass
 Waves – all wireless media use waves
All types of cable including twisted-pair cable, coaxial cable and fiber optic cable all can be found
in two grades:
 Plenum
Plenum-grade cable also called plenum cable refers to the cable with a
protective layer or outer jacket made of fire retardant material such as: Teflon.
 PVC
PVC-grade cables are the cables which have outer jacket made of non-
plenum – grade material such as: PVC (Polyvinyl Chloride). Materials made of PVC
are cheaper than plenum-grade materials however they produce poisonous gas when
set on fire.
The different types of communication media according to the technology they use are as follows:
1. Guided Media
a. Twisted Pair Cable
b. Coaxial cable
c. Fiber Optic cable
2. Unguided Media
a. Radio Technologies
b. Infrared technologies
c. Microwave technologies
d. Satellite microwave systems
Amit Maharjan
ID: 1801T3080019 Page 19
Guided media
The means of communication that use cable for transmitting data between nodes
(refers to all the devices that can exist in a computer network such as: router, computer,
printer, etc.) is called guided media.
1. Twisted Pair Cable
Figure 5 Twisted Pair Cable Figure 6 Twisted Pair Cable with RJ-45 connector
It is mostly used for telephone communications and modern Ethernet networks. It

consists of pairs of cables that transmit data. The pairs of cables are twisted so as to
prevent the cross talk (noise generated by other pairs of cables). Each pair of copper wire
is twisted together and is encased in a unique color-coded plastic jacket for insulation. An
outer jacket is put encasing all the twisted pair into one single bundle that consists of all
the pairs for effective transmission of data. Generally, an RJ-45 connector (discussed in
communication links) is connected at the ends of the cable to provide an interface for
communication to nodes. There are two types of twisted pair cable:
1. Unshielded twisted-pair cable (UTP)

2. Shielded twisted-pair cable (STP)
Amit Maharjan
ID: 1801T3080019 Page 20
i. Unshielded twisted-pair cable (UTP)
Figure 7 Unshielded Twisted Pair Cable
It is the most widely used cable in network cabling (Ethernet networks) due to low cost
and relatively easy installation. The number of pairs of cables varies between two and four. This
type of cable has no insulation against signal degrading EMI (electro-magnetic interference) and
RFI (radio frequency interference) except the overall shield jacket for protection form external
interference and so solely depends on the noise cancellation effect produced by twists in the
cable to limit signal degradation produced by adjacent pairs. UTPs used in computer network with
four pairs use RJ-45 connector for connection interface and those used in home telephone
system with two pairs use RJ-11 connectors for connection interface.
Advantages of UTP:
i. It is cheaper than other communication media.
ii. It is easy to install and repair.
iii. It provides good data transmission in short distance networks.
Amit Maharjan
ID: 1801T3080019 Page 21
Disadvantages of UTP:
i. It is more susceptible to crosstalk, EMI and RFI.
ii. It is not suitable for outdoor use and long distance networks.
Following are different types of UTP:
Standard data Price

Category Usual application
rate
analog voice (POTS)

Integrated Services Digital
Up to Network Basic Rate Interface
CAT 1
1 Mbps (1MHz) in ISDN
Doorbell wiring
Dead - no longer supported
Mainly used in the IBM

Cabling System for Token
CAT 2 4 Mbps
Ring networks
Dead - no longer supported
Cat3 Cable 8 Pair 500 Ft

Used predominantly for POTS Gray
CAT 3 16 Mbps Voice (Atras Netcom
VW8PC3G)-$0.1510(In
Stock)
No longer approved
CAT 4 20 Mbps Was used in 16 Mbps Token
Ring
100 Mbps TPDDI Cat5e CMX Cable 600

155 Mbps ATM Ft/Box Gray
CAT 5 100 Mbps No longer approved; 2137114E-$0.0980(In
replaced by 5E Stock)
Seen in legacy environments
100 Mbps TPDDI

1000 Mbps
155 Mbps ATM
CAT 5E (10000 Mbps
Gigabit Ethernet
prototype)
Offers better near-end
Amit Maharjan
ID: 1801T3080019 Page 22
crosstalk than CAT 5
Super-fast broadband
applications
Vendor recommended,
CAT 6 250 MHz
minimum required and most
popular cabling for new
installs
Required for 10 Gigabit

CAT 6E 500 MHz
Ethernet (10GBASE-T)
Full-motion video
Teleradiology
CAT 7 Required for 10 Gigabit
(ISO 1 GHz per pair with Ethernet (10GBASE-T)
Class F) Siemon connector Government and
manufacturing environments
Shielded system
Reference for this table:

http://searchdatacenter.techtarget.com/generic/0,295582,sid80_gci1108474,00.html?offer=briefca
se
Price from:
http://www.yourbroadbandstore.com/products/twisted-pair-cable.php (7/11/2009)
Amit Maharjan
ID: 1801T3080019 Page 23
ii. Shielded twisted pair cable (STP)
Figure 8 Shielded Twisted Pair Cable
It is similar to unshielded twisted pair cable except it has better insulation against
signal interference. Each pair of wire is wrapped in metallic foil to further reduce noise.
The four cables as a whole bundle are then wrapped in an overall metallic foil or braid.
With extra insulation STP reduce crosstalk (electrical noise produced by adjacent pairs)
and EMI as well as RFI. However, it is more than UTP cable and difficult to install as it
requires the metallic shielding to be grounded at both ends. Improper grounding can
result in more EMI and RFI due to the shield acting like an antenna catching unwanted
signals. It is generally used in areas more susceptible to EMI, RFI and relatively longer
distance network than possible to create by UTP.
Advantages of STP
i. It is less susceptible to EMI, RFI and crosstalk than UTP.
ii. It provides good data transmission in short distance networks.
iii. It is easy to install than other media.
Amit Maharjan
ID: 1801T3080019 Page 24
Disadvantages of STP
i. It is more expensive than UTP.
ii. It is relatively hard to install and repair than UTP.
2. Coaxial cable
Figure 9 Coaxial Cable
Coaxial cable consists of a single copper wire at the center surrounded by flexible
insulating material which is surrounded by braided wire and finally an outer cover/jacket
surrounds the braided wire. This heavy insulation allows the coaxial cable to transmit data
for longer distances (200m-500m) without signal boosters (repeaters). However, this
extra insulation makes coaxial cable heavy and thick which makes it hard to install. Either
end of the coaxial cable need to be connected with BNC (Bayonet Neill-Concelman)
connectors. Coaxial cable is cheaper than fiber optic cable and supports longer distance
network than twisted pair cable but it needs to be grounded for better data transmission
and is more expensive than twisted pair cable. There are two types of coaxial cable:
Amit Maharjan
ID: 1801T3080019 Page 25
a. Thin coaxial cable/10Base2 (Thinnet)
Advantages of 10Base2:
i. It is thinner than 10Base5 hence easier to install.
ii. It is resistant to EMI and RFI.
iii. It is cheaper than 10Base5
Disadvantages of 10Base2:
i. It can transmit data to up to 200m only.
b. Thick coaxial cable/10Base5 (Thicknet)
Advantages of 10Base:
i. It is resistant to EMI and RFI.
ii. It can transmit data for longer distance (500m).
Disadvantages of 10Base:
i. It does not bend easily
ii. It is hard to install.
Amit Maharjan
ID: 1801T3080019 Page 26
c. Fiber Optic cable
Figure 10 Fiber Optic Cable
Fiber optics is long strands made from pure glass or sometime plastic having
diameter similar to human hair. Optical cables are the optical fibers arranged in bundles
which are used to transmit signals in the form of light over long distances. Optical fibers
are made of following parts:
i. Core – this is the center of optical fiber through which light travels. Its main function is
transmission of light signals.
ii. Cladding – this is outer optical material which surrounds the core and its main
function is to reflect the light back into the core.
iii. Buffer coating – this is made of plastic and functions to protect the fiber from moisture
and damage.
Many (100s) of these optical fibers are bundled into optical cables along with Kevlar
reinforcing material. These are protected by jacket, the outer covering of the cable. There
are two types of optical fibers:
Amit Maharjan
ID: 1801T3080019 Page 27
i. Single-mode fibers : used for long distance network, have small cores, uses
laser light, transmits only one light wave at a time
ii. Multi-mode fibers : used for shorter distance network, have larger cores, uses
LED
Advantages:
i) Signal Disturbance - No disturbance from EMI (Electro Magnetic Interference) and
RFI.
ii) Data Transmission - Extremely fast data transmission.
iii) Security - Adds to the security of the network because it is difficult to trap signals
flowing through them.
iv) Network Stability - Very stable network.
v) Bandwidth – they provide the highest range of bandwidth available in the world.
vi) Repeater - Possible to connect networks over long distances with fewer repeaters
(much less than other cables).
vii) Cost - Cheaper than other cables when used in networks running several miles of
cable.
Disadvantages:
i) Implementation - Difficult to implement in a network.
ii) Cost - Very high installation, maintenance cost and labor cost.
iii) Requires expensive extra media converter device at both ends of the network.
iv) Not suitable to be used in small network or in LAN.
Amit Maharjan
ID: 1801T3080019 Page 28
Unguided Media:
The wireless technologies are categorized as unguided media. They are generally used
where it is difficult to install cables. Following are different types of unguided media:
1. Radio Technologies:
Figure 11 Radio Technologies
In this technology, the radio signal (waves with very short wavelength) are used in transmit
signals in single or multiple directions. They are good for short range line of sight transmissions
so are frequently used for networks in portable computers. This technology saves money where it
is difficult and expensive to install cables. This also provides much better mobility in networked
devices. However, the disturbance in these networks is high. They are used in radio stations,
emergency alarming systems, etc.
Amit Maharjan
ID: 1801T3080019 Page 29
2. Infrared technologies:
Figure 12 A Infrared Communication Devices
They use infrared light for data transmission. LED is used as source to transmit signal
and photo diode to receive signals. Signals in this technology are in high frequency range
which enables them to give good output. They are used in remote controller of TV, VCD,
DVD, etc. However, they have following drawbacks:
i. Signals cannot penetrate through solid opaque objects such as: walls or objects.
ii. Signals are diluted by light source.
3. Microwave Technologies
There are two types of microwave technologies:
i. Terrestrial microwave systems:

This technology requires line of sight transmission. It can transmit signals in only
one direction at a time which make it necessary to either use two antennae or transceiver
for two way communication. It is generally used where installing cables is difficult and
expensive such as hilly areas. Frequency range: 4-6 GHz or 21-23 GHz.
ii. Satellite Microwave systems:

It is similar to other line of sight transmission technologies except that it uses
satellite acting as an antennae or repeater. This allows the communication using this
technology for communication in any location on earth as long as the signals are not
blocked. This technology is very expensive. Frequency range 11-14 GHz. This
technology is used GPS, satellite phones, DTH (Direct to Home) televisions systems,
international private networks, etc.
Amit Maharjan
ID: 1801T3080019 Page 30
Networking and Internetworking Devices

Networking and internetworking devices are used in a network for connecting different
networks, expanding networks and for providing security to the networks. Following are different
types of networking and internetworking device:
1. Routers
Figure 13 Application of Router Cisco Router
Router is a host or node with multiple interfaces to the network. It works at the network
layer (layer 3) of the OSI model. It acts like traffic in a busy road showing the path to destination
to each packet that arrives at it. Router can distinguish packet by source and destination address
and by protocol type. The ability to distinguish packets by protocol can be used to add security to
the network by configuring the router such that it drops the packets using particular type of
protocol (termed packet filtering). For e.g. not allow packets using FTP (File Transfer Protocol).
Routers can dynamically gather information about other devices and routers in the network and
determine the shortest path for a packet using special algorithms. Routers can be separate
hardware or a computer with special network software installed in it .For every packet that arrives
at a router it takes following procedures for that packet:
i. Send the packet to destination if it is directly accessible

ii. Send it to another router if the path for the packet seems to be best through that router
iii. Drops the packet if the destination address is invalid or the protocol used in the packet is
unauthorized.
Advantages of Routers:
i. It can connect different networks using different physical media and architecture.
ii. It can determine the best path for every packet.
iii. It can reduce network traffic and bandwidth consumption by dropping invalid packets.
Amit Maharjan
ID: 1801T3080019 Page 31
iv. It can add to network security by packet filtering.
Disadvantages of router:
i. It is expensive than bridge or repeater.
ii. It doesn’t work with protocols that are not routable.
iii. As they perform complex calculations on packets, they are slower than bridge.
2. Switch and Hubs

Switch provides a connection point for nodes in a network to transmit data between them. In
this way, they minimize the cost of networking (saves expensive circuits). They forward the data
to the specific destination only by looking at packet headers, adding to the security of the network
and network efficiency. Some of them even have the capability of implementing VLAN (Virtual
Local Area Network) i.e. the nodes are in the same network but are divided into sub-networks of
logical workgroups. This allows efficient operation of network and ease of reconfiguring users
from old workgroup to new ones. Without them all the devices would need a direct dedicated link
with each other which is impractical. There are two types of switch:
Figure 14 Application of Switch Figure 15 Cisco Switch
i. Unmanaged switch: no configuration options, least expensive, used in home, small

business
ii. Managed switch: multiple interfaces to modify the operations of switch, user interface for
management of switch, enable features like Spanning Tree Protocol, set port speed, create
or modify VLANs. They are of two types:
a. Smart switch – limited set of management features
b. Enterprise Managed switches – full set of management features, have more
features that can be customized or optimized.
Hub is similar to switch except that it broadcasts the data to all the nodes in the network
which creates a security hole in network and leads to inefficient network. The data sent to one
Amit Maharjan
ID: 1801T3080019 Page 32
receiver can be received by another node also. The nodes must wait the for data transmission
to complete before they send their data. Both switch and hub work at the data link layer (layer
2) of the OSI model. There are three main types of hubs:
Figure 16 Application of Hub Figure 17 Cisco Hub
a. Active Hub: it has active participation in data communication, features:

buffering, prioritizing data flow, synchronizing data communication, etc.
b. Passive Hub: does not have additional functionality
c. Intelligent Hub: it has all the features of active and passive hub and additional
features to help efficient and effective management of network resources
3. Bridge
Figure 18 Application of Bridge Figure 19 Cisco Bridge
A Bridge is a device that connects multiple network segments i.e. different LANs. Bridge
can is bridge is capable to join different networks. It works at physical and data link layer
(layer 2) of OSI model. It works on the basis of hardware address (MAC address). It helps to
connect different LANs without having to set up IP address for nodes.
Amit Maharjan
ID: 1801T3080019 Page 33
Advantages of Bridge
i. They are cheaper than routers
ii. They are transparent to protocols above the MAC layer
iii. It helps effective usage of bandwidth i.e. minimize bandwidth usage
iv. They don’t need to be configured manually
Disadvantages of Bridge
i. Bridging of different MAC protocols can cause errors.
ii. Not suitable for extremely large networks
iii. They are more expensive and slower than repeaters as they read MAC addresses.
iv. Buffering can cause store and forward delays.
Amit Maharjan
ID: 1801T3080019 Page 34
4. Modem
Figure 20 Working of Modem
Figure 21 A Cable Modem
Amit Maharjan
ID: 1801T3080019 Page 35
Figure 22 a 56kbps Dial Up Modem Figure 23 Optical Modem
Modem (Modulator Demodulator) is a device that enables a computer to transmit data

over telephone or cable lines. The modem changes analog signal to digital when receiving
data and digital signal to analog when transmitting data. There are various types of modems:
i. External Modems – connected using different interfaces to computer

ii. Internal Modems – inserted in PCI slot
iii. Cable Modems – uses coaxial cable
iv. DSL Modems – connection from telephone switching office to the user
v. ADSL Modems – supports higher downstream transmission rate over normal telephone
line
Some modern modems allow computer to perform extra functions such as: auto-
answering incoming calls, do voice mail, send and receive fax, etc.
5. Gateway
Gateway is a device used to connect two networks using different data formats or
network architecture for e.g. AppleTalk and TCP/IP. They are capable of translating TCI/IP to
AppleTalk. Most of the Gateway operates all seven layers of OSI model. A gateway should
understand the protocols used by each network linked with router. They can be implemented
in hardware, software or both. They are sometimes a feature in routers.
Amit Maharjan
ID: 1801T3080019 Page 36
6. Repeaters
Figure 24 a Repeater
In a large network a single cable is not capable of transmitting data due to loss in signal over
long distance by attenuation, etc so device must be used to amplify the signals. The devices
used for this purpose are called repeaters. They require short period of time to regenerate
which can cause propagation delay. Repeats cannot do any other function beside signal
regeneration. They are used exclusively in networks covering long distances. They are
available for all types of guided communication media. They work at physical layer of OSI
model.
Advantages of Repeaters
i. It allows creating networks separate by longer distance networks as well as expansion
of networks.
ii. It allows connection of different media
Disadvantages of Repeaters
i. Too many repeaters can cause problems networks.
ii. It doesn’t help to ease congestion problem.
7. Network Interface card (NIC)

It is a device that can be connected into a motherboard and provides ports for network
media connections. It is a part of the computer that is connected to the Local Area Network
(LAN). The network resources are automatically separated when they are installed which is
not the case with older NICs. Some points to be considered while choosing NIC:
 The types of network – Separate NICs are needed for different network systems like
Ethernet LANs, Fiber Distributed Data Interface (FDDI), Token Ring, etc. Hence,
appropriate NIC should be chosen.
Amit Maharjan
ID: 1801T3080019 Page 37
 The type of media – port or connector available in NIC is media specific for e.g.
twisted-pair cable, coaxial cable, optical fiber cable, and wireless.
 The type of system bus – PCI (Protocol Control Information) slots perform faster than
ISA (Industry-Standard Architecture).
8. RJ-45 Connector
Figure 25 RJ-45 Connector
It is used very often in LANs to terminate UTP cables and provide an interface for
connection to different networking and internetworking devices.
Amit Maharjan
ID: 1801T3080019 Page 38
Network Security
Network security involves all the efforts made by a network owner (company) to protect its
computer system, ongoing usability of assets and the integrity and continuity of operations.
When it comes to providing security to a network there are many things to consider. The level
security of network can be categorized as follows:
i. Physical Security
For a network to be secure first of all the network and internetworking devices should be
in secure location and communication media should be secure. It does not make any
difference no matter how much hard it is to hack a network if a person can cut the man
backbone cable of you network or destroy the communication device or simply connect into
one of your internetworking devices. So, the all the communication devices and computer
including servers, routers, etc should be in secure location. The people who have access to
these locations should be few and appropriate authorization systems must be implemented to
access such a location. There must have proper defense against fire, harsh environment
conditions, natural disasters, etc.
ii. Network security

Network security involves various procedures at different levels of network for e.g. access
control, firewalls, network auditing, remote access, directory services, internet services and
the file system directory structures. All the outside attacks are to be blocked using various
devices and techniques. Following are the devices and software that are used for network
security:
Amit Maharjan
ID: 1801T3080019 Page 39
a. Firewalls
Figure 26 A firewall device form Cisco
Firewalls are the most widely used network protection systems. Firewalls come in both
hardware and software or as combination of both. They need timely updates in the rule set
and software based on new threats and working environments. They are configured by
related person and work on the basis of these predefined rules to allow packets to enter the
network or to destroy them. A good analogy would be a school gate keeper who lets in any
one with student or staff id but stops everybody else from entering school premises when
instructed to do so. A network is configured in such a way that all the packets that come into
and go out of the network passes through the firewall. Firewalls cannot distinguish if the
packets are from intruders or from an authorized person, they simply check all the packets
that pass through them with the predefined rules and act accordingly. They are a very
important par of network security system comprising of IDS, Anti-virus, Security policy, user
authentication system, etc. There are various types of firewalls each with different advantages
and disadvantages. However, none of the firewalls can protect the network from threats and
attacks that are already inside the network. Different types of firewalls are as follows:
a) Packet filtering
It works at network layer (layer 3) of the OSI model. These maintain two separate lists:
permit list and deny list. All the packets are tested with both the lists and appropriate
action is taken. It uses either source and destination address or outgoing port to make the
decision. They are mostly used by SOHO (Small Office Home Office). These firewalls are
found as default firewalls in operating systems as well as some routers. It is appropriate
to be used in networks that demand high speed and less concern about user
authentication for network resource use.
Amit Maharjan
ID: 1801T3080019 Page 40
Advantages of Packet Filtering Firewalls:

I. They are the fastest of all firewalls merely because they fewer test on packets.
II. The client computer do not require to be specifically configured in order to use
III. Network Address translation can be implemented for hiding IP addresses form
external users.
Disadvantages of Packet Filtering Firewall:

I. Less secure than application layer firewalls because they cannot make decisions
based on protocol subsets.
II. They are unable to examine upper layer data so application specific attacks can
slip through them
III. IP spoofed packets cannot be detected by most firewalls in this category.
There are two types of packet filtering firewalls:
i. Stateless firewalls:
Make decisions based entirely on packet headers and are not concerned with state of
connection between nodes.
Advantages
 Works with less memory
 Faster performance
Disadvantages
 They cannot make any decisions based on connection session.
ii. Stateful firewalls

With the function of stateless firewall, it can make decisions based on state of connection
between nodes. It helps network efficiency by dropping packets that overload the server.
Advantages
 They provide more security than stateless firewall
 It has logging and tracking facilities
Disadvantages
 Complexity and difficulty arise in packet filtering.
b) Application Layer Firewall

They can understand application specific attacks. They can control the way
network access outside world by setting up proxy services. They can be configured to
Amit Maharjan
ID: 1801T3080019 Page 41
make decisions based on specific content. They can be a bottle neck in a high speed
network due to their requirements of massive processing power.
Advantages of Application layer firewalls

 Features - It has event and logging mechanism.
 Configuration - Can be configured to make decisions based on specific
features of an application.
 It can understand the packet data.
Disadvantages of application layer firewalls

 Processing power - They require high processing power
 They are slower than packet filtering firewalls.
 Configuration - They require clients to be configured specifically
 Costs - Expensive operation costs
c) Proxies
Proxy firewall acts as a middle person between the two nodes i.e. server and client and
always makes the request itself on behalf of the other rather than allowing direct
communication. This gives the advantages of checking the packets even before it reaches
destination. They are made specifically to work with certain protocols so they are capable of
analyzing packets deeply. If a protocol used in network is not supported by proxy then generic
proxy, the proxy that has added functionality to can make decisions based on packet header
(similar to packet filtering firewall) must be used.
Advantages of proxy
 By performing protocol-aware security analysis they provide much better network
security.
 Network discovery - Network discovery for the outside world is made very difficult
as they only receive packets from proxy on behalf of server.
 Provides ease to identify method of attack.
Disadvantages of proxy
 Protocol incompatibility - Not all protocols are compatible with proxies.
 Slower performance - The middle man work of proxy slows down the network
performance as it would provide better speed if the communication between the
nodes was direct.
 VPN (Virtual Private Network) can face problems with proxies.
 Configuration - They are difficult to configure.
Amit Maharjan
ID: 1801T3080019 Page 42
d) Network Address Translation Firewall (NAT firewall)
They provide network security by hiding the internal network address from
outside world as they change the address of packets that flow through them. It allows
connection of more devices to the network through single public IP. It provides least
security as it is not capable of checking packets at all. They are built into many routers
nowadays.
Advantages of NAT firewall

I. Lower cost - Allows many devices to share a common public IP address which
are expensive.
II. They hide actual network IP address of nodes.
III. Network Expansion - Provides for easier network expansion.
Disadvantages of NAT firewall

I. It may misaddress packets.
II. Compatibility - It is not compatible with all applications.
III. Slower performance – the procedures of network address translation slows down
network performance.
Amit Maharjan
ID: 1801T3080019 Page 43
b. Intrusion Detection Systems (IDS)
It is hardware or software of combination of both which is designed specially to
detect UN wanted attempts of accessing, manipulating, and/or disabling of computer
systems through a network. It can works on the basis of predefined rules to detect a
suspicious pattern in network activity. They require occasional updates. IDS can be a
passive system which detects the intrusion, logs information and alarms about the
intrusion or it can be reactive system (also known as Intrusion Prevention System) which
detects intrusion, logs information and reprograms firewalls to block the suspicious
network traffic or block the user. The main purpose of IDS is misuse detection and
anomaly detection and to alarm about the intrusion. They can detect threat or attacks
operating inside the network. There are many types of IDS. They are as follows:
1. Network intrusion detection system (NIDS)

It identifies the intrusion by examining network traffic and monitoring multiple hosts.
This gives advantage of being capable to see the network activity in entire network such
as a suspicious port scan. It can detect a threat inside a network.
Advantages of NIDS
 They can be completely hidden from network devices.
 It has the capability of monitoring traffic in large number of threat targets.
Disadvantages of NIDS
 Cannot examine encrypted traffic.
 Capable of detection only if threat matches pre-configured rules.
 Can miss network traffic if the network is very busy.
 Not capable of determining the success state of attack.
2. Host Based IDS

It is software running on a specific computer usually a server that identifies
intrusions by analyzing system calls, application logs, file-system modifications using
cryptographic hashing technique, etc.
Advantages of Host Based IDS

I. It will not miss any network traffic unless it does not generate logs.
II. Capable of checking the state of success of attack.
III. Capable of identifying unauthorized access attempts from the computers considered
legitimate to access network.
Disadvantages of Host Based IDS

I. Not possible to hide in a network so it might be disabled by attacker.
II. Cannot detect intrusions that do not match pre-configured rules.
III. May void support and maintenance agreements on operating system of host.
Amit Maharjan
ID: 1801T3080019 Page 44
Besides Firewalls and Intrusion Detection System, there are types of software and
hardware available in the market that protect computers i.e. PCs, MACs, etc from threats like
viruses (small programs designed to take control of target computer, disable certain functions
in the target system, corrupt data in the target, etc. can be eliminated by using Anti-virus
software such as Kaspersky, etc.), malwares, spywares, SPAM, etc. All these threats only
work on a specific system specially PCs and not servers because they are targeted at very
large group of people.
Also, the security measure of authentication of employee or user before accessing the
network must be implemented. For authentication, strong username and password,
biometrics systems (for e.g. Finger print scan, iris scan, palm scan, etc) or smart cards can be
implemented. While using the authentication system, it should be based on the following
principles:
 Something you have

 Something you know
 Something you are
 Or combination of two from above
Communication Links
For connection of computers in a network communication links are must. For connection
of computers to WAN, optical fiber networks appropriate communication links are required and
common protocols used in networks must be used such as: TCP/IP (for internet connection),
FDDI (for networks using fiber optic cable), Token Ring (for networks in Star Topology), Ethernet
(for common LAN using UTP), etc. Also IP address should be given to every device/node in the
network for identification in the network.
a. FDDI (Fiber Distributed Data Interface):

It is a data transfer system using fiber optic which is capable of data transmission
at the rate of 100Mbps. This network can have five hundred nodes and can have a radius
of 100km. it can transmit 450,500 packets per second. It also supports real time
application.
Amit Maharjan
ID: 1801T3080019 Page 45
b. Ethernet:
It is the most widely used protocol of all. It uses CSMA/CD (Carrier Sense
Multiple Access/Collision Detection) as access method. In this system, a sender listens to
the media before sending any data. If the path is clear the data is transmitted otherwise
the computer waits random period of time and attempts to retransmit. Collision of data is
normal with this access method. Ethernet protocol allows functioning of linear bus, star
topologies over guided media and wireless access points from speed of 10 Mbps up to
1000Mbps.
c. Token Ring:
It is an access method that involves token-passing. In token ring, a logical ring is
created such that data travels (single token carrying data) around the network from node
to node. In this access method, a computer has to wait for token for transmitting data. If
the token it received is free it puts data in it and sends it to another computer. The token
passes through each node until it finds the destination node which receives data. If it
wants to transmit data then it sends data otherwise it releases the token to the ring i.e.
transfer it to another node. It is capable of data transmission at 4 Mbps or 16 Mbps.
d. Data Transfer Modes:

Data Transmission can take place in three modes simplex(one way transmission
for e.g. radio), half-duplex (two way transmission but only on can send data at a time for
e.g. walkie talkie) or full-duplex (two way transmission both can transfer data
simultaneously e.g. telephone, internet).
e. IP address:
Internet Protocol (IP) address is a numerical identification and logical address
given to all the nodes/devices connecting in a computer network using Internet Protocol
for data transmission for e.g. computer connected to internet. The role of IP address is
well defined as follows: “A name indicates what we seek. An address indicates where it
is. A route indicates how to get there.”
Amit Maharjan
ID: 1801T3080019 Page 46
Budget Estimation:
Approximate Budge for four 4 branches and corporate office:
Item Rate Quantity Amount Product Picture

Belkin 250 ft. Cat. 5 $46 70 $3,220
UTP Patch Cable /S$4,714.08
(A7J304-250-YLW)
Cisco 2800 Series $935 1 $935

IOS Enterprise /S$1,368.84
Services Feature
Pack
Cisco Small $279 4 $1116

Business 101 /S$
Ethernet Broadband 1635.498
Router
IBM System x3450 $7,02 2 $14400

(794854X) Server 4- /S$ 21103.2
$7,36
0
Fortinet FortiGate- $695. 5 $3475
50B Complete 00 /S$
Content Protection 5092.6125
Bundle
Inspiron 531s $429 25 $10,725
(Includes 17" /S$15,701.4
Widescreen Flat
Panel Monitor)
$308. 1 $309
Amit Maharjan
ID: 1801T3080019 Page 47
Microsoft Word 63 /S$452.376
2007 Open License
With Software
Assurance
DSS-16+ 16-Port $70 8 $560

10/100 Desktop /S$ 820.568
Switch
Total $33871/S$49637.9505
Amit Maharjan
ID: 1801T3080019 Page 48
Conclusion:
This is the proposed network system upgrade for Machhapuchchhre Bank. The
implementation of Star Topology in LAN will make the computer maintenance and addition and
removal very easy. The implementation of sub netting will further enhance the security of the
bank’s network. The use of optical fiber cable based network with other backup communication
will make the network very reliable. The use of firewall will enhance security system of the bank.
The implementation of Host bases IDS on server as far as possible will provide much security to
the database of the bank. With the use of above discussed networking and internetworking
devices, communication media, protocols in the manner given in the network diagrams as
discussed in diagram explanation will make the network implementation successful and add to
security and reliability of network as well as it will allow for very large networks using fiber optics
(or satellite communication if possible).
Amit Maharjan
ID: 1801T3080019 Page 49
References and Bibliography:

Following website were used in preparation of this proposal:
1. References on Images:
1. Fig 1(Star Topology):
http://ca.htc.mnscu.edu/ne/custom_curriculum/ch3/3_2_4/index.html
2. Fig 2(Bus Topology):
3. Fig 3(Ring Topology): http://ca.htc.mnscu.edu/ne/custom_curriculum/ch3/3_2_5/index.html
4. Fig 4(Mesh Topology): http://ca.htc.mnscu.edu/ne/custom_curriculum/ch3/3_2_6/index.html
5. Fig 5,6,7,8: (all Twisted Pair Cable images):
6. Fig 9(Coaxial Cable):
7. Figure 10 Fiber Optic Cable:
8. Figure 11 Radio Technologies:
http://www.iritel.bg.ac.yu/iritel/english/services/engineering/pictures/Radio-inz.jpg
9. Figure 12 A Infrared Communication Device:
http://www.inqvision.net/eng_portfolio_content6.htm
10. Figure 13 Application of Router & other router images:
11. Figure 14 Cisco Switch & Figure 15 Application of Switch:
12. Figure 16 Application of Hub & Figure 17 Cisco Hub:
13. Figure 18 Application of Bridge & other bridge image:
14. Figure 20 Working of Modem:
15. Figure 21 Optical Modem:
http://img.hisupplier.com/var/userImages/btide/20071024/161228.jpg
16. Figure 22 A Cable Modem:
http://www.cablemodems.com/images/products/21012009115129SURFboard%C2%AE%20C
able%20Modem%20SB4100motorola_sb4100.gif
17. Figure 23 A 56kbps Dial Up Modem:
http://www.ezlister.net/Images/EZ5/56K%20Modem%20Upgrade.jpg
18. Figure 24 A Repeater:
http://www.femareps.com/network/trcf01.jpg.jpg
19. Figure 25 RJ-45 Connector:
Amit Maharjan
ID: 1801T3080019 Page 50
http://www.bb-elec.com/images/EthernetRJ45A.gif
20. Figure 26 A firewall device form Cisco:
http://newsroom.cisco.com/new_images/4250-enhanced.jpg
2. References for study on firewalls:

http://ictlab.tyict.vtc.edu.hk/~tsangkt/en/Security%20Tutorial/Proxy%20Firewalls.pdf
http://www.fiaif.net/doc/node7.html
http://www.scribd.com/doc/13237646/FireWall-Slides?autodown=txt
http://www.networksecurityjournal.com/features/types-of-firewalls-052507/
http://jpkc.ecnu.edu.cn/0804/slides/firewall.ppt
Guidelines on Firewalls and Firewall Policy, Writers: John Wack, Ken Cutler, Jamie Pole;
NIST Special Publication 800-41.
Download URL: http://csrc.nist.gov/publications/nistpubs/800-41/sp800-41.pdf
http://www.nwi.net/~pchelp/security/firewalls.htm
http://www.f5.com/glossary/application-layer-firewall.html
http://www.geocities.com/rallyz/SecurityPaper.htm
http://www.cisco.com/en/US/products/sw/secursw/ps743/products_user_guide_chapter09186
a008007f305.html#xtocid10
http://searchnetworking.techtarget.com/generic/0,295582,sid7_gci1282044,00.html
http://mirror.rhsmith.umd.edu/pub/centos/3/docs/html/rhel-sg-en-3/ch-fw.html
http://en.wikipedia.org/wiki/Firewall_(networking)
http://www.aboutonlinetips.com/what-is-a-computer-firewall/
http://www.ctp.bilkent.edu.tr/~ctp204/HilalUgurcan.ppt
http://articles.techrepublic.com.com/5100-10878_11-1051837.html
http://en.wikipedia.org/wiki/Network_address_translation
http://jpkc.ecnu.edu.cn/0804/slides/firewall.ppt
http://nislab.bu.edu/sc546/sc441Spring2003/NAT/Pros%20vs%20Cons.htm
http://www.tcpipguide.com/free/t_IPNATOverviewMotivationAdvantagesandDisadvantages-
4.htm
http://rsaip.info.ucl.ac.be/Documentations/NAT-ISSUES_files/nat1.htm
3. References for budget preparation:

1. UTP Cat 5 Price: http://www4.shopping.com/xPO-Belkin-250-ft-UTP-Patch-Cable-
A7J304-250-YLW
2. Cisco Router Image (Cisco 2800 Series IOS Enterprise Services Feature Pack):
http://www.cisco.com/en/US/products/ps5854/index.html
3. Cisco Router Price (Cisco 2800 Series IOS Enterprise Services Feature Pack) :
http://www.bizrate.com/internet_networksoftware/products__keyword--
cisco+2800+series+router.html
Amit Maharjan
ID: 1801T3080019 Page 51
4. IBM Server Price: http://www4.shopping.com/-ibm+system+x3450++price
5. Cisco Router Image (Cisco Small Business 101 Ethernet Broadband Router):
http://www.amazon.com/Cisco-Secure-Broadband-Router-CISCOSB101-
K9/dp/B0009X0CI8
6. Cisco Router Price (Cisco Small Business 101 Ethernet Broadband Router):
http://www.alliancedatacom.com/Cisco-SB-100-Series.asp
7. Dell Computers Price and Image:
http://www.dell.com/us/en/home/desktops/inspndt_531s/pd.aspx?refid=inspndt_531s&s=
dhs&cs=19&ref=dthp
8. Office 2007 Price:
http://www.nextag.com/Microsoft-Word-2007-Open-3589417/prices-
html?nxtg=882a0a280503-26F9846608281405
9. Switch from D-link: http://www.dlink.com/products/?pid=71
10. Fotrigate 50B Price and Image: http://www.avfirewalls.com/FortiGate-50B.asp
4. References for IDS:

 http://en.wikipedia.org/wiki/Intrusion_detection_systemhttp://en.wikipedia.org/wiki/Intrusion_d
etection_system
 Course Guide C1054 (Network Security)
5. References for Network Topology:

 http://compnetworking.about.com/od/networkdesign/a/topologies.htm
 http://fcit.coedu.usf.edu/network/chap5/chap5.htm#LinearBusnetwork
 http://sunset.backbone.olemiss.edu/~misbook/conetom.htm#star
 http://www.its.bldrdoc.gov/fs-1037/dir-024/_3535.htm#bus%20top
 http://www.allaboutcircuits.com/vol_4/chpt_14/6.html
 http://www.webopedia.com/TERM/t/topology.html
 http://www.netcolony.com/clifford/network_topologies.htm
 http://en.wikibooks.org/wiki/Communication_Networks/Network_Topologies
 http://en.wikipedia.org/wiki/Bus_network
 http://en.wikipedia.org/wiki/Ring_network
 http://en.wikipedia.org/wiki/Star_network
 http://en.wikipedia.org/wiki/Switched_mesh
 http://en.wikipedia.org/wiki/Shared_mesh
 http://en.wikipedia.org/wiki/Mesh_topology
6. References for Communication Links:

 http://fcit.coedu.usf.edu/network/chap2/chap2.htm
Amit Maharjan
ID: 1801T3080019 Page 52
 http://en.wikipedia.org/wiki/IP_address
Also the class notes given by teacher and course guides of C1035 (Network Essentials) and
C1054 (Network Security) for this term have been used.
Turnitin Originality Report
Amit Maharjan
ID: 1801T3080019 Page 53
Supportive Documents
Letter of Acceptance from Machhapuchchhre Bank Limited
Amit Maharjan
ID: 1801T3080019 Page 54
Proof of Budget estimation accuracy:
Cisco Small Business 101 Ethernet Broadband Router Price
Amit Maharjan
ID: 1801T3080019 Page 55
Belkin 250 ft. Cat. 5 UTP Patch Cable (A7J304-250-YLW) Price:
Amit Maharjan
ID: 1801T3080019 Page 56
Cisco 2800 Series IOS Enterprise Services Feature Pack:
Amit Maharjan
ID: 1801T3080019 Page 57
Currency Conversion Source:
Amit Maharjan
ID: 1801T3080019 Page 58
Inspiron 531s (Includes 17" Widescreen Flat Panel Monitor) Price:
Amit Maharjan
ID: 1801T3080019 Page 59
Fortinet FortiGate-50B Complete Content Protection Bundle Price:
Amit Maharjan
ID: 1801T3080019 Page 60
IBM System x3450 (794854X) Server
Amit Maharjan
ID: 1801T3080019 Page 61
Microsoft Word 2007 Open License With Software Assurance
Amit Maharjan
ID: 1801T3080019 Page 62

Project C1035 by Amit Maharjan (1801T3080019)

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Project C1035 by Amit Maharjan (1801T3080019)

Uploaded by

Copyright:

Available Formats

Project on

Machhapuchchhre Bank Limited is dedicated to providing latest technology facilities to its

Fig. 1 WAN Diagram

Diagram explanation for WAN diagram:

Fig. 2 Network Architecture for corporate office

Diagram explanation for Network architecture of corporate office:

Server: the server is IBM System x3450 (794854X) Server

Firewall: firewall represents FORTIGATE-50B for network security.

Diagram for branch offices:

Fig. 3 Network Architecture for bank branches

Diagram explanation for Network architecture of branch office:

Firewall: firewall represents FORTIGATE-50B for network security.

Fig. 4 Network Architecture for disaster backup

Diagram explanation for Network architecture of branch office:

Firewall: firewall represents FORTIGATE-50B for network security.

Figure 1 Star Topology

Advantages of Star Topology:

Figure 2 Bus Topology

The advantages of this topology are:

The disadvantages of this topology are:

Reasons for not choosing this topology:

Figure 3 Ring Topology

The advantages of this network topology are:

The disadvantages of this network topology are:

Reasons for not choosing this topology:

Figure 4 Mesh Topology

The advantages of this network are:

Reasons for not choosing this topology:

 Copper – twisted pair cable and coaxial cable use copper

1. Twisted Pair Cable

It is mostly used for telephone communications and modern Ethernet networks. It

1. Unshielded twisted-pair cable (UTP)

Figure 7 Unshielded Twisted Pair Cable

Following are different types of UTP:

Standard data Price

analog voice (POTS)

Mainly used in the IBM

Cat3 Cable 8 Pair 500 Ft

100 Mbps TPDDI Cat5e CMX Cable 600

100 Mbps TPDDI

crosstalk than CAT 5

Required for 10 Gigabit

Reference for this table:

Figure 8 Shielded Twisted Pair Cable

Figure 9 Coaxial Cable

b. Thick coaxial cable/10Base5 (Thicknet)

Figure 10 Fiber Optic Cable

Figure 11 Radio Technologies

Figure 12 A Infrared Communication Devices

i. Terrestrial microwave systems:

ii. Satellite Microwave systems:

Networking and Internetworking Devices

Figure 13 Application of Router Cisco Router

i. Send the packet to destination if it is directly accessible

2. Switch and Hubs

Figure 14 Application of Switch Figure 15 Cisco Switch

i. Unmanaged switch: no configuration options, least expensive, used in home, small

Figure 16 Application of Hub Figure 17 Cisco Hub

a. Active Hub: it has active participation in data communication, features:

Figure 18 Application of Bridge Figure 19 Cisco Bridge

Figure 20 Working of Modem

Figure 21 A Cable Modem

Figure 22 a 56kbps Dial Up Modem Figure 23 Optical Modem

Modem (Modulator Demodulator) is a device that enables a computer to transmit data