Network Group Design

Network Group Design

Published by Dan Cohen

Mar 19, 2012
Management of Networks & Telecommunication Systems (LIS4482)Sam Levine, Christopher Dick, Andrew Dentzau, Daniel Cohen, & Jason LeeDecember 9th, 2010
Executive Summary (Andrew)
The purpose of this proposal is to design a networking infrastructure for your medical facility.Given the nature of your business, this infrastructure is to be designed with an up time of 99.99%. The network will primarily be accessed through wireless devices, but will also servewired users, such as the billing, accounting, IT and public outreach departments. The twobuildings of your medical facility will be split up, one for administrative, medical, business andsupport staff hardware, the other for patient and administrative databases. These buildings willbe connected virtually. Each building will also be split up virtually into smaller, more manageablenetworks. The actual connections in the network will be designed with a high fault tolerance,which means that one failure will not bring the entire network down. We have also designed thenetwork with redundancy, so that when one path fails, there are many other paths for theinformation to take. This is how we will achieve 99.99% up time. In order to secure thesenetworks, we will be implementing firewalls on all of the networks. Additionally, all employeeswill have their e-mail automatically scanned for viruses and any suspicious e-mails should bereported to the System Administrator. Our backup procedures are designed to ensure that all of the valuable information that is housed and generated on a day to day basis is backed up incase of failure. A daily backup procedure will be used and this data will be stored in an off sitelocation so that even in the event of a natural disaster at your medical facility, this data will besafe. This will require all system administrators to conduct daily backups and all personnelshould keep efficient records to reduce the volume of data that is backed up. Additionally, thefacility will house an uninterruptible power supply that will power on the system in the event of apower failure. Given these specifications, this network will provide maximum up time and safetyof data, which is crucial to the operation of this facility.
Written Description (Sam)
The medical facility is comprised of two separate buildings. These buildings are not connectedby any physical means, and must be capable of accessing the resources available in eachbuilding's networks. Building 1 will house the administrative, medical, business, and supportstaff hardware. Building 2 will house the patient and administrative databases. Each buildingcan connect to one another through a dedicated Virtual Private Network (VPN) connection.Each building's network contains an internet-facing proxy server, protected by a firewall. Eachaggregate connection (of parent switches and hardware resources) connects to a grandparentswitch, which logically separates the network into individual virtual local area networks (VLAN).Within each building, the networks and their associated resources are structured so that theyprovide 99.99% uptime by using topologies that provide the most fault tolerance. Eachdepartment's resources are connected through a physical star topology, where their parentswitch is the central point of failure. If one network's switch fails, other networks are unaffected.Please refer to the appendices for a visual representation of the networks. Appendix A containsthe physical network layout, and Appendix B contains the logical network layout. On AppendixB, the network separated by the internet link on the left side is associated with Building 1, andthe right side is associated with Building 2.Building 1's proxy server connects to a switch, which connects email, web, file, and DNSservers to the local side of the proxy server. These servers are accessible, regardless of thephysical location of the user, through the building's VPN router. The proxy server is alsoconnected to a router, which separates the server resources from the local physical network.The router provides these server resources through a [grandparent] switch to 5 separate logicalnetworks (according to department). Each department can have multiple computers attached toits parent switch. This grandparent switch also acts as a parent switch to the receptionist's desk(with fax machine and printer) and the Information Technology (IT) workstations. The secondparent switch connects the billing and accounting departments. The third parent switch connectsthe director's office, the office manager's office, the Human Relations department, theCounseling office, and the Public Outreach department. The fourth parent switch connects twomeeting room computers, a shared printer, and two wireless access points (WAP). The fifthparent switch connects the Medical Records department, the Medical Supplies department, theChief Medical Officer's office, and the doctor's workstations.Building 2's proxy server connects to a switch, which connects email, web,and DNS servers tothe local side of the proxy server. These servers are accessible, regardless of the physicallocation of the user, through the building's VPN router. The proxy server is also connected to arouter, which separates the server resources from the local physical network. The router provides these server resources through a switch to one separate physical network. Thephysical network is separated into two logical networks, and also contains a connection to the

