You are on page 1of 62

Project on Machhapuchchhre Bank

By Amit Maharjan

Submitted to Lecturer Ramjit Prasad Koirala

Project on Machhapuchchhre Bank By Amit Maharjan Submitted to Lecturer Ramjit Prasad Koirala 09

09

Project on Machhapuchchhre Bank

2009

Table of Contents

Introduction:

5

 

Acknowledgements

6

Current System:

7

 

Problem Background:

8

Objectives:

9

Network

10

WAN

10

Diagram explanation for WAN diagram:

10

 

Diagram for Corporate

11

Diagram explanation for Network architecture of corporate office:

11

Diagram for branch offices:

12

Diagram explanation for Network architecture of branch office:

12

Diagram for Disaster Backup:

13

13

 

Network Topology

...................................................................................................................

14

Star topology

  • 1. ...............................................................................................................

14

Bus topology

  • 2. ................................................................................................................

15

Ring Topology:

  • 3. .............................................................................................................

16

Mesh Topology:

  • 4. ...........................................................................................................

17

 

Communication Media:

19

Guided media

..........................................................................................................................

20

  • 1. Twisted Pair Cable

20

i.

Unshielded

twisted-pair cable (UTP)

21

ii.

Shielded twisted pair cable (STP)

24

  • 2. Coaxial cable

25

  • a. Thin coaxial cable/10Base2 (Thinnet)

26

  • b. Thick coaxial cable/10Base5

26

 
  • c. Fiber

Optic cable

27

Unguided

29

  • 1. Radio Technologies:

29

  • 2. Infrared technologies:

.....................................................................................................

30

  • 3. Microwave Technologies

30

Project on Machhapuchchhre Bank 2009 Table of Contents Introduction: 5 Acknowledgements 6 Current System: 7 Problem

Amit Maharjan ID: 1801T3080019

Page 2

 

Project on Machhapuchchhre Bank

2009

 
  • i. Terrestrial microwave systems:

 

30

ii. Satellite Microwave

30

Networking and Internetworking Devices

31

 
  • 1. Routers

31

Advantages of

31

 

Disadvantages of router:

 

32

Switch and Hubs

  • 2. ..............................................................................................................

32

 

i.

Unmanaged switch

32

ii.

Managed switch

32

Active Hub:

  • a. ..................................................................................................................

33

  • b. ................................................................................................................

Passive Hub:

33

Intelligent Hub:

  • c. ............................................................................................................

33

Bridge

  • 3. ..............................................................................................................................

33

 

Advantages of Bridge

 

34

Disadvantages of Bridge

34

Modem

  • 4. ............................................................................................................................

35

Gateway

  • 5. ..........................................................................................................................

36

  • 6. Repeaters ........................................................................................................................

37

Advantages of Repeaters

37

 

................................................................................................

37

  • 7. Network Interface card (NIC)

 

37

  • 8. ..............................................................................................................

RJ-45 Connector

38

Network

 

39

i.

Physical Security

39

ii. Network security

 

39

 

Firewalls

  • a. ......................................................................................................................

40

  • a) .............................................................................................................

Packet filtering

40

  • b) Application Layer Firewall

 

41

  • c) .........................................................................................................................

Proxies

42

  • d) Network Address Translation Firewall (NAT firewall)

 

43

b.

Intrusion Detection Systems (IDS)

44

  • 1. Network intrusion detection system (NIDS)

 

44

  • 2. Host Based IDS

44

Project on Machhapuchchhre Bank 2009 i. Terrestrial microwave systems: 30 ii. Satellite Microwave 30 Networking and

Amit Maharjan ID: 1801T3080019

Page 3

Project on Machhapuchchhre Bank

2009

Communication Links

..................................................................................................................

45

  • a. FDDI (Fiber Distributed Data Interface):

..........................................................................

45

  • b. .........................................................................................................................

Ethernet:

46

Token Ring:

  • c. ......................................................................................................................

46

  • d. Data Transfer Modes:

......................................................................................................

46

IP address:

  • e. .......................................................................................................................

46

Budget Estimation:

......................................................................................................................

47

Conclusion:..................................................................................................................................

49

References and Bibliography:

......................................................................................................

50

References on

  • 1. Images:.....................................................................................................

50

  • 2. firewalls:....................................................................................

References for study on

51

  • 3. References for budget

preparation:.................................................................................

51

References for IDS:

  • 4. ..........................................................................................................

52

  • 5. for Network Topology:

References

..................................................................................

52

  • 6. References for Communication

Links:..............................................................................

52

Turnitin Originality

Report...........................................................................................................

53

Supportive Documents

................................................................................................................ Letter of Acceptance from Machhapuchchhre Bank Limited

...................................................

54

54

Proof of Budget estimation accuracy:

...................................................................................... Cisco Small Business 101 Ethernet Broadband Router Price

.................................................... Belkin 250 ft. Cat. 5 UTP Patch Cable (A7J304-250-YLW) Price:

...............................................

55

55

56

Cisco 2800 Series IOS Enterprise Services Feature

Pack:..........................................................

57

Currency Conversion

Source:...................................................................................................

58

Inspiron 531s (Includes 17" Widescreen Flat Panel Monitor) Price:

...............................

59

Fortinet FortiGate-50B Complete Content Protection Bundle Price:

.......................................

60

IBM System x3450 (794854X) Server

.......................................................................................

61

Microsoft Word 2007 Open License With Software

Assurance................................................

62

Project on Machhapuchchhre Bank 2009 Communication Links .................................................................................................................. 45 a. FDDI (Fiber Distributed Data Interface): ..........................................................................

Amit Maharjan ID: 1801T3080019

Page 4

Project on Machhapuchchhre Bank

2009

Introduction:

This is project on the Machhapuchchhre Bank of Nepal. It is one of the biggest banks in Nepal with more that 30 branches. Due to the limitations of the course only the unique networks comprising in the bank are included in this project.

Machhapuchchhre Bank Limited is one of the biggest commercial banks in Nepal. It was registered in 1998 and became the first commercial bank to start banking business from rather under developed western region of Nepal with head office in Pokhara.

After 11 years from the date of its establishment, it now has 30 branches in different parts of the country with plans to establish 10 more branches very soon. It has 10 ATMs inside Kathmandu valley only. It provides facility of mobile banking, internet banking and any branch banking to its users.

Machhapuchchhre Bank Limited is dedicated to providing latest technology facilities to its customers. It is the first bank to introduce centralized banking software named GLOBUS BANKING SYSTEM developed by Temenos NV, Switzerland. A full-fledged banking branch is in operation in Jomsom located high up in the mountains too.

The has been highly successful since its establishment and intends to use the latest technology for better, comfortable and reliable service to its customers and management of the networking, file management, communication between different branches of the bank. Hence, according to its aim to serve the people of both urban and rural areas, it has plans to extend its services in different rural as well as urban areas of the country. To meet this aim it is willing to invest money and train its manpower for the introduction of new technology.

The aim of my project will be to pin point the most efficient, reliable and economical technology for the achievement of the banks goals of serving rural as well as urban areas of the country.

Project on Machhapuchchhre Bank 2009 Introduction: This is project on the Machhapuchchhre Bank of Nepal. It

Amit Maharjan ID: 1801T3080019

Page 5

Project on Machhapuchchhre Bank

2009

Acknowledgements

This project on Machhapuchchhre Bank is done following the guidelines of Network Essentials (C1035) course guideline. This project is done for educational purpose only.

This project was a success with the help of many people. I would like to thank them for helping me in the successful completion of this project. This project was not possible with the help form my lecturer Mr. Ramji. I would like to specially thank him for helping me in this project. I would like to thank employees in the IT department of Machhapuchchhre Bank for their assistance and providing me valuable information about the computer network system of the bank. I would like to thank Mr. Chaudary, IT Chief Machhapuchchhre Bank for helpful suggestions. And of course I would like to thank all my friends for their support and help in successful completion of this project.

Project on Machhapuchchhre Bank 2009 Acknowledgements This project on Machhapuchchhre Bank is done following the guidelines

Amit Maharjan ID: 1801T3080019

Page 6

Project on Machhapuchchhre Bank

2009

Current System:

The bank uses centralized database system i.e. all its data are stored and processed by main server in the corporate office. It uses the suitable technologies available in Nepal for making its network reliable, efficient and economic. The bank uses optical fiber from Subushu (an ISP in Nepal), VSAT (Very Small Aperture), and leased line from NTC (Nepal Communication Corporation), cable network of Worldlink (an ISP in Nepal) according to the suitable situation. The main connection in most branches is fiber optic cable. Cable and leased line are used in the

places where fiber optic is not available and VSAT is used where ISPs don’t provide any media of

physical wire communication like in remote areas of Jomsom. The bank currently uses only one server, AIX server form IBM. It uses a firewall from Fortigate which also functions as an antivirus. It uses the routers of CISCO and switches of various companies. The PCs in the bank are branded PCs but from various providers. The bank uses star topology because it supports big networks, is easy to troubleshoot and easily extendable. The bank has an 8 hour backup system for all its system and 24 hour backup system for the server and related devices in corporate office. The bank has an online backup system in an unknown remote location that is constantly updated with changes in the main server. The backups all the data everyday on tapes, hard drives after all the works of the day have been completed.

Project on Machhapuchchhre Bank 2009 Current System: The bank uses centralized database system i.e. all its

Amit Maharjan ID: 1801T3080019

Page 7

Project on Machhapuchchhre Bank

2009

Problem Background:

The bank currently uses only one server and firewall for protection. Sub netting is not implemented hence, a hacker can get access to the entire network if gets into one of the branches computer. Due to these reasons there are several security holes in the network. The bank is not protected against the theft of files from PCs directly. Although, all the corporate data is stored in sever this is also a problem. Although the star topology used by the bank is reliable, there is no acknowledgement of packets which makes the network less reliable. There is no remote access system, bastion host, intrusion detection system and no proxy server. Authentication of the user is done only by user name and password.

Project on Machhapuchchhre Bank 2009 Problem Background: The bank currently uses only one server and firewall

Amit Maharjan ID: 1801T3080019

Page 8

Project on Machhapuchchhre Bank

2009

Objectives:

The aim of my project will be to pin point the most efficient, reliable and economical technology for the achievement of the banks goals of serving rural as well as urban areas of the country while fixing the security holes that exist in the system as well as to minimize them in the future. The main objective will be to make the network more secure by implementing sub netting, putting bastion host, proxy servers if needed. Cost is a major concern of every project; I will also be using the most cost effective technology around for the implementation in network.

Project on Machhapuchchhre Bank 2009 Objectives: The aim of my project will be to pin point

Amit Maharjan ID: 1801T3080019

Page 9

Project on Machhapuchchhre Bank

2009

Network Architecture

WAN Diagram

Project on Machhapuchchhre Bank 2009 Network Architecture WAN Diagram Fig. 1 WAN Diagram Diagram explanation for

Fig. 1 WAN Diagram

Diagram explanation for WAN diagram:

This diagram shows the location of network branches and the medium of connection between the branches and Server in corporate office.

The subushu company in Nepal provides optical fiber cable connection in pokhara, Kathmandu (Bagbazar), lalitpur which can be used for intranet connection. Since, optical fiber is the most preferred media of connection for long distances this is very good option for network connection.

For remote location branch Jomshom, wireless satellite communication can be used which will be expensive. VPN can also be implemented through the internet connection. Satellite communication is beyond the scope of this course so it is not discussed in detail.

For disaster backup optical fiber connection provided by Subishu can be implemented.

I have assumed optical fiber connection from Subishu to be available in every required location for the formation of this network.

Project on Machhapuchchhre Bank 2009 Network Architecture WAN Diagram Fig. 1 WAN Diagram Diagram explanation for

Amit Maharjan ID: 1801T3080019

Page 10

Project on Machhapuchchhre Bank

2009

Diagram for Corporate office:

Project on Machhapuchchhre Bank 2009 Diagram for Corporate office: Fig. 2 Network Architecture for corporate office

Fig. 2 Network Architecture for corporate office

Diagram explanation for Network architecture of corporate office:

Topology : The topology implemented in this system is star topology for LAN.

Router : the router used in this figure is represents Cisco 2800 Series IOS Enterprise Services Feature Pack for connection between branch offices, computer in corporate office and server.

Switch: the switches used are DSS-16+ 16-Port 10/100 Desktop Switch from D-link.

Computers: the computer used might be old computer or new Inspiron 531s (Includes 17" Widescreen Flat Panel Monitor) from Dell.

Communication media: the communication media used for LAN is cat 5 UTP cable. Server: the server is IBM System x3450 (794854X) Server Firewall: firewall represents FORTIGATE-50B for network security.

Bastion host: it is not necessary thus can be omitted. If it is applied in network this it would be same as server i.e. IBM System x3450 (794854X) Server.

Media converter: represents appropriate media converter according to the media used. Sub netting has been implemented in each switch in order to increase security.

Project on Machhapuchchhre Bank 2009 Diagram for Corporate office: Fig. 2 Network Architecture for corporate office

Amit Maharjan ID: 1801T3080019

Page 11

Project on Machhapuchchhre Bank

2009

Diagram for branch offices:

Project on Machhapuchchhre Bank 2009 Diagram for branch offices: Fig. 3 Network Architecture for bank branches

Fig. 3 Network Architecture for bank branches

Diagram explanation for Network architecture of branch office:

Topology : The topology implemented in this system is star topology for LAN.

Router : the router used in this figure is represents Cisco Small Business 101 Ethernet Broadband Router for connection between branch offices nodes and server in corporate office.

Switch: the switches used are DSS-16+ 16-Port 10/100 Desktop Switch from D-link.

Computers: the computer used might be old computer or new Inspiron 531s (Includes 17" Widescreen Flat Panel Monitor) from Dell.

Communication media: the communication media used for LAN is cat 5 UTP cable. Firewall: firewall represents FORTIGATE-50B for network security. Media converter: represents appropriate media converter according to the media used.

Project on Machhapuchchhre Bank 2009 Diagram for branch offices: Fig. 3 Network Architecture for bank branches

Amit Maharjan ID: 1801T3080019

Page 12

Project on Machhapuchchhre Bank

2009

Diagram for Disaster Backup:

Project on Machhapuchchhre Bank 2009 Diagram for Disaster Backup: Fig. 4 Network Architecture for disaster backup

Fig. 4 Network Architecture for disaster backup

Diagram explanation for Network architecture of branch office:

Topology : The topology implemented in this system is star topology for LAN.

Router : the router used in this figure is represents Cisco Small Business 101 Ethernet Broadband Router for connection between branch offices nodes and server in corporate office.

Communication media: the communication media used for LAN is cat 5 UTP cable. Firewall: firewall represents FORTIGATE-50B for network security. Backup Server: the backup server is IBM System x3450 (794854X) Server. Media converter: represents appropriate media converter according to the media used.

Project on Machhapuchchhre Bank 2009 Diagram for Disaster Backup: Fig. 4 Network Architecture for disaster backup

Amit Maharjan ID: 1801T3080019

Page 13

Project on Machhapuchchhre Bank

2009

Network Topology

Network topology describes physical arrangement of communication media and nodes in a network. There are different types of network topology they are as follows:

  • 1. Star topology

Project on Machhapuchchhre Bank 2009 Network Topology Network topology describes physical arrangement of communication media and

Figure 1 Star Topology

In this topology all the nodes are connected to a central node (central switch, hub or host computer or concentrator) which provides connection to other nodes in the network. It may either have a passive central node that does not prevent echo-related problem or an active node which overcomes this drawback.

Advantages of Star Topology:

  • a. This topology is the most flexible in terms of expansion ease of installation.

  • b. It is much easier to troubleshoot.

  • c. Simultaneous data transmission between different nodes can take place.

Disadvantages of Topology:

  • a. More expensive than bus topology.

  • b. Network failure will occur with problems in central device.

  • c. Network might be slowed down if the central device has capability to handle the amount network traffic in the network.

Project on Machhapuchchhre Bank 2009 Network Topology Network topology describes physical arrangement of communication media and

Amit Maharjan ID: 1801T3080019

Page 14

Project on Machhapuchchhre Bank

2009

  • 2. Bus topology

Project on Machhapuchchhre Bank 2009 2. Bus topology Figure 2 Bus Topology This topology uses a

Figure 2 Bus Topology

This topology uses a backbone cable to which all the nodes are connected. It is good for small network.

The advantages of this topology are:

Failure of connected device does not affect the network.

It is cheaper than other topologies.

The disadvantages of this topology are:

Entire network fails if the main cable fails.

It is necessary to terminate the open ends of cables.

Reasons for not choosing this topology:

Not suitable for large network.

High bandwidth consumption

Simultaneous data transfer between many nodes is not possible.

Project on Machhapuchchhre Bank 2009 2. Bus topology Figure 2 Bus Topology This topology uses a

Amit Maharjan ID: 1801T3080019

Page 15

Project on Machhapuchchhre Bank

2009

  • 3. Ring Topology:

Project on Machhapuchchhre Bank 2009 3. Ring Topology: Figure 3 Ring Topology In this topology, there

Figure 3 Ring Topology

In this topology, there is a single circle of cable in which every node is connected with its adjacent nodes (two nearest nodes) for data transmission. Ring topology may use any of FDDI, SONET or Token Ring Technology. This topology is preferred in a large network and network comprising of mainframe computer rather than micro computers.

The advantages of this network topology are:

Network is very ordered in this topology.

Allows creation of very large networks using token ring.

Reliable due acknowledge of the data transfer.

The disadvantages of this network topology are:

  Similar to bus topology if the main cable forming the circle fails the entire
Similar to bus topology if the main cable forming the circle fails the entire network
fails.
Moving, adding and changing nodes is difficult is this topology.

Amit Maharjan ID: 1801T3080019

Page 16

 

Project on Machhapuchchhre Bank

2009

Network adapter cards and MAU's are much more expensive than Ethernet cards

and hubs Much slower than an Ethernet network under normal load

Reasons for not choosing this topology:

It is very difficult to extend a network using this topology which causes difficulties when increasing branches or devices.

  • 4. Mesh Topology:

Project on Machhapuchchhre Bank 2009  Network adapter cards and MAU's are much more expensive than

Figure 4 Mesh Topology

All the computers in this topology are connected to multiple nodes. Simultaneous data transfer between different nodes is possible in this topology.

The advantages of this network are:

Simultaneous data transfer between multiple nodes.

Availability of more than one path to a destination node.

Good network security is provided as the data transfer takes place directly between sender and receiver.

Project on Machhapuchchhre Bank 2009  Network adapter cards and MAU's are much more expensive than

Amit Maharjan ID: 1801T3080019

Page 17

Project on Machhapuchchhre Bank

2009

The disadvantages of this network are:

It is very expensive due to massive wiring costs.

It is impossible to create a full mesh in a network consisting of many devices. Network expansion is very difficult as well as expensive.

Reasons for not choosing this topology:

It is very expensive.

Extending network is very difficult.

Project on Machhapuchchhre Bank 2009 The disadvantages of this network are:  It is very expensive

Amit Maharjan ID: 1801T3080019

Page 18

Project on Machhapuchchhre Bank

2009

Communication Media:

The medium used for transmitting signals or data between computers is called communication media or networking media. Broad range of communication media have been developed to suite the diverse demands of computer networking. However, the goals of all these media remains efficient, effective, and economic and error free transmission of data. These media are categorized and priced according to the bandwidth they can provide, the maximum length they can carry data without any loss in data, the technology they use, and type of interference that disturbs data transmission in them. Following are the different types of communication media according to the primary material they use for communication/material used for their construction:

Copper

twisted pair cable and coaxial cable use copper

Glass

optical fiber uses glass

Waves

all wireless media use waves

All types of cable including twisted-pair cable, coaxial cable and fiber optic cable all can be found in two grades:

Plenum

Plenum-grade cable also called plenum cable refers to the cable with a protective layer or outer jacket made of fire retardant material such as: Teflon.

PVC

PVC-grade cables are the cables which have outer jacket made of non- plenum grade material such as: PVC (Polyvinyl Chloride). Materials made of PVC are cheaper than plenum-grade materials however they produce poisonous gas when set on fire.

The different types of communication media according to the technology they use are as follows:

  • 1. Guided Media

    • a. Twisted Pair Cable

    • b. Coaxial cable

    • c. Fiber Optic cable

  • 2. Unguided Media

    • a. Radio Technologies

    • b. Infrared technologies

    • c. Microwave technologies

    • d. Satellite microwave systems

  • Project on Machhapuchchhre Bank 2009 Communication Media: The medium used for transmitting signals or data between

    Amit Maharjan ID: 1801T3080019

    Page 19

    Project on Machhapuchchhre Bank

    2009

    Guided media

    The means of communication that use cable for transmitting data between nodes (refers to all the devices that can exist in a computer network such as: router, computer, printer, etc.) is called guided media.

    • 1. Twisted Pair Cable

    Project on Machhapuchchhre Bank 2009 Guided media The means of communication that use cable for transmitting

    Figure 5 Twisted Pair

    Cable

    Figure 6 Twisted Pair Cable with RJ-45 connector

    It is mostly used for telephone communications and modern Ethernet networks. It consists of pairs of cables that transmit data. The pairs of cables are twisted so as to prevent the cross talk (noise generated by other pairs of cables). Each pair of copper wire is twisted together and is encased in a unique color-coded plastic jacket for insulation. An outer jacket is put encasing all the twisted pair into one single bundle that consists of all the pairs for effective transmission of data. Generally, an RJ-45 connector (discussed in communication links) is connected at the ends of the cable to provide an interface for communication to nodes. There are two types of twisted pair cable:

    • 1. Unshielded twisted-pair cable (UTP)

    • 2. Shielded twisted-pair cable (STP)

    Project on Machhapuchchhre Bank 2009 Guided media The means of communication that use cable for transmitting

    Amit Maharjan ID: 1801T3080019

    Page 20

    Project on Machhapuchchhre Bank

    2009

    • i. Unshielded twisted-pair cable (UTP)

    Project on Machhapuchchhre Bank 2009 i. Unshielded twisted-pair cable (UTP) Figure 7 Unshielded Twisted Pair Cable

    Figure 7 Unshielded Twisted Pair Cable

    It is the most widely used cable in network cabling (Ethernet networks) due to low cost and relatively easy installation. The number of pairs of cables varies between two and four. This type of cable has no insulation against signal degrading EMI (electro-magnetic interference) and RFI (radio frequency interference) except the overall shield jacket for protection form external interference and so solely depends on the noise cancellation effect produced by twists in the cable to limit signal degradation produced by adjacent pairs. UTPs used in computer network with four pairs use RJ-45 connector for connection interface and those used in home telephone system with two pairs use RJ-11 connectors for connection interface.

    Advantages of UTP:

    • i. It is cheaper than other communication media.

    ii. It is easy to install and repair. iii. It provides good data transmission in short distance networks.

    Project on Machhapuchchhre Bank 2009 i. Unshielded twisted-pair cable (UTP) Figure 7 Unshielded Twisted Pair Cable

    Amit Maharjan ID: 1801T3080019

    Page 21

    Project on Machhapuchchhre Bank

    2009

    Disadvantages of UTP:

    • i. It is more susceptible to crosstalk, EMI and RFI. It is not suitable for outdoor use and long distance networks.

    ii.

    Following are different types of UTP:

     

    Standard data

     

    Price

    Category

    rate

    Usual application

     

    CAT 1

    Up to

    analog voice (POTS) Integrated Services Digital Network Basic Rate Interface

     
     

    1

    Mbps (1MHz)

    in ISDN Doorbell wiring

    Dead - no longer supported

     

    CAT 2

    4

    Mbps

    Mainly used in the IBM Cabling System for Token

     
     

    Ring networks

    Dead - no longer supported

       

    Used predominantly for POTS

    Cat3 Cable 8 Pair 500 Ft Gray

     

    CAT 3

    16

    Mbps

    Voice

    (Atras Netcom

       

    VW8PC3G)-$0.1510(In

    Stock)

     

    CAT 4

    20

    Mbps

    No longer approved

     
       

    Was used in 16 Mbps Token Ring

       
    • 100 Mbps TPDDI

    Cat5e CMX Cable 600

    • 155 Ft/Box Gray

    Mbps ATM

     

    CAT 5

    100 Mbps

    No longer approved;

    2137114E-$0.0980(In

    Stock)

     

    replaced by 5E

     

    Seen in legacy environments

     
       
    • 100 Mbps TPDDI

     

    CAT 5E

     

    1000 Mbps

    (10000 Mbps

    prototype)

    • 155 Mbps ATM

    Gigabit Ethernet Offers better near-end

    Project on Machhapuchchhre Bank 2009 Disadvantages of UTP: i. It is more susceptible to crosstalk, EMI

    Amit Maharjan ID: 1801T3080019

    Page 22

     

    Project on Machhapuchchhre Bank

    2009

     
         

    crosstalk than CAT 5

       

    CAT 6

    • 250 MHz

    Super-fast broadband applications Vendor recommended, minimum required and most popular cabling for new installs

     

    CAT 6E

    • 500 MHz

    Required for 10 Gigabit Ethernet (10GBASE-T)

     

    CAT 7

     

    Full-motion video Teleradiology Required for 10 Gigabit

     

    (ISO

    1 GHz per pair with

    Ethernet (10GBASE-T)

    Class F)

    Siemon connector

    Government and manufacturing environments Shielded system

    Reference for this table:

    se Price from:

    Project on Machhapuchchhre Bank 2009 crosstalk than CAT 5 CAT 6 250 MHz Super-fast broadband applicationshttp://searchdatacenter.techtarget.com/generic/0,295582,sid80_gci1108474,00.html?offer=briefca se Price from: http://www.yourbroadbandstore.com/products/twisted-pair-cable.php (7/11/2009) Amit Maharjan ID: 1801T3080019 Page 23 " id="pdf-obj-22-76" src="pdf-obj-22-76.jpg">

    Amit Maharjan ID: 1801T3080019

    Page 23

    Project on Machhapuchchhre Bank

    2009

    ii.

    Shielded twisted pair cable (STP)

    Project on Machhapuchchhre Bank 2009 ii. Shielded twisted pair cable (STP) Figure 8 Shielded Twisted Pair

    Figure 8 Shielded Twisted Pair Cable

    It is similar to unshielded twisted pair cable except it has better insulation against signal interference. Each pair of wire is wrapped in metallic foil to further reduce noise. The four cables as a whole bundle are then wrapped in an overall metallic foil or braid. With extra insulation STP reduce crosstalk (electrical noise produced by adjacent pairs) and EMI as well as RFI. However, it is more than UTP cable and difficult to install as it requires the metallic shielding to be grounded at both ends. Improper grounding can result in more EMI and RFI due to the shield acting like an antenna catching unwanted signals. It is generally used in areas more susceptible to EMI, RFI and relatively longer distance network than possible to create by UTP.

    Advantages of STP

    • i. It is less susceptible to EMI, RFI and crosstalk than UTP. ii. It provides good data transmission in short distance networks.

    iii. It is easy to install than other media.

    Project on Machhapuchchhre Bank 2009 ii. Shielded twisted pair cable (STP) Figure 8 Shielded Twisted Pair

    Amit Maharjan ID: 1801T3080019

    Page 24

    Project on Machhapuchchhre Bank

    2009

    Disadvantages of STP

    • i. It is more expensive than UTP. It is relatively hard to install and repair than UTP.

    ii.

    • 2. Coaxial cable

    Project on Machhapuchchhre Bank 2009 Disadvantages of STP i. It is more expensive than UTP. It

    Figure 9 Coaxial Cable

    Coaxial cable consists of a single copper wire at the center surrounded by flexible insulating material which is surrounded by braided wire and finally an outer cover/jacket surrounds the braided wire. This heavy insulation allows the coaxial cable to transmit data for longer distances (200m-500m) without signal boosters (repeaters). However, this extra insulation makes coaxial cable heavy and thick which makes it hard to install. Either end of the coaxial cable need to be connected with BNC (Bayonet Neill-Concelman) connectors. Coaxial cable is cheaper than fiber optic cable and supports longer distance network than twisted pair cable but it needs to be grounded for better data transmission and is more expensive than twisted pair cable. There are two types of coaxial cable:

    Project on Machhapuchchhre Bank 2009 Disadvantages of STP i. It is more expensive than UTP. It

    Amit Maharjan ID: 1801T3080019

    Page 25

    Project on Machhapuchchhre Bank

    2009

    • a. Thin coaxial cable/10Base2 (Thinnet) Advantages of 10Base2:

     

    i.

    It is thinner than 10Base5 hence easier to install.

    ii.

    It is resistant to EMI and RFI.

    iii.

    It is cheaper than 10Base5

    Disadvantages of 10Base2:

    i.

    It can transmit data to up to 200m only.

    • b. Thick coaxial cable/10Base5 (Thicknet)

    Advantages of 10Base:

     

    i.

    It is resistant to EMI and RFI.

    ii.

    It can transmit data for longer distance (500m).

    Disadvantages of 10Base:

     

    i.

    It does not bend easily

    ii.

    It is hard to install.

    Project on Machhapuchchhre Bank 2009 a. Thin coaxial cable/10Base2 (Thinnet) Advantages of 10Base2: i. It is

    Amit Maharjan ID: 1801T3080019

    Page 26

    Project on Machhapuchchhre Bank

    2009

    • c. Fiber Optic cable

    Project on Machhapuchchhre Bank 2009 c. Fiber Optic cable Figure 10 Fiber Optic Cable Fiber optics

    Figure 10 Fiber Optic Cable

    Fiber optics is long strands made from pure glass or sometime plastic having diameter similar to human hair. Optical cables are the optical fibers arranged in bundles which are used to transmit signals in the form of light over long distances. Optical fibers are made of following parts:

    i.

    Core this is the center of optical fiber through which light travels. Its main function is

    ii.

    transmission of light signals. Cladding this is outer optical material which surrounds the core and its main

    iii.

    function is to reflect the light back into the core. Buffer coating this is made of plastic and functions to protect the fiber from moisture and damage.

    Many (100s) of these optical fibers are bundled into optical cables along with Kevlar reinforcing material. These are protected by jacket, the outer covering of the cable. There are two types of optical fibers:

    Project on Machhapuchchhre Bank 2009 c. Fiber Optic cable Figure 10 Fiber Optic Cable Fiber optics

    Amit Maharjan ID: 1801T3080019

    Page 27

    Project on Machhapuchchhre Bank

    2009

    • i. Single-mode fibers : used for long distance network, have small cores, uses laser light, transmits only one light wave at a time Multi-mode fibers : used for shorter distance network, have larger cores, uses LED

    ii.

    Advantages:

    i)

    Signal Disturbance - No disturbance from EMI (Electro Magnetic Interference) and RFI.

    ii) Data Transmission - Extremely fast data transmission.

    iii)

    Security - Adds to the security of the network because it is difficult to trap signals flowing through them.

    iv)

    Network Stability - Very stable network.

    v)

    Bandwidth they provide the highest range of bandwidth available in the world.

    vi) Repeater - Possible to connect networks over long distances with fewer repeaters (much less than other cables). vii) Cost - Cheaper than other cables when used in networks running several miles of cable.

    Disadvantages:

    i)

    Implementation - Difficult to implement in a network.

    ii)

    Cost - Very high installation, maintenance cost and labor cost.

    iii)

    Requires expensive extra media converter device at both ends of the network.

    iv)

    Not suitable to be used in small network or in LAN.

    Project on Machhapuchchhre Bank 2009 i. Single-mode fibers : used for long distance network, have small

    Amit Maharjan ID: 1801T3080019

    Page 28

    Project on Machhapuchchhre Bank

    2009

    Unguided Media:

    The wireless technologies are categorized as unguided media. They are generally used where it is difficult to install cables. Following are different types of unguided media:

    • 1. Radio Technologies:

    Project on Machhapuchchhre Bank 2009 Unguided Media: The wireless technologies are categorized as unguided media. They

    Figure 11 Radio Technologies

    In this technology, the radio signal (waves with very short wavelength) are used in transmit signals in single or multiple directions. They are good for short range line of sight transmissions so are frequently used for networks in portable computers. This technology saves money where it is difficult and expensive to install cables. This also provides much better mobility in networked devices. However, the disturbance in these networks is high. They are used in radio stations, emergency alarming systems, etc.

    Project on Machhapuchchhre Bank 2009 Unguided Media: The wireless technologies are categorized as unguided media. They

    Amit Maharjan ID: 1801T3080019

    Page 29

    Project on Machhapuchchhre Bank

    2009

    • 2. Infrared technologies:

    Project on Machhapuchchhre Bank 2009 2. Infrared technologies: Figure 12 A Infrared Communication Devices They use

    Figure 12 A Infrared Communication Devices

    They use infrared light for data transmission. LED is used as source to transmit signal and photo diode to receive signals. Signals in this technology are in high frequency range which enables them to give good output. They are used in remote controller of TV, VCD, DVD, etc. However, they have following drawbacks:

    • i. Signals cannot penetrate through solid opaque objects such as: walls or objects. Signals are diluted by light source.

    ii.

    • 3. Microwave Technologies

    There are two types of microwave technologies:

    • i. Terrestrial microwave systems:

    This technology requires line of sight transmission. It can transmit signals in only one direction at a time which make it necessary to either use two antennae or transceiver for two way communication. It is generally used where installing cables is difficult and expensive such as hilly areas. Frequency range: 4-6 GHz or 21-23 GHz.

    ii.

    Satellite Microwave systems:

    It is similar to other line of sight transmission technologies except that it uses satellite acting as an antennae or repeater. This allows the communication using this technology for communication in any location on earth as long as the signals are not blocked. This technology is very expensive. Frequency range 11-14 GHz. This technology is used GPS, satellite phones, DTH (Direct to Home) televisions systems, international private networks, etc.

    Project on Machhapuchchhre Bank 2009 2. Infrared technologies: Figure 12 A Infrared Communication Devices They use

    Amit Maharjan ID: 1801T3080019

    Page 30

    Project on Machhapuchchhre Bank

    2009

    Networking and Internetworking Devices

    Networking and internetworking devices are used in a network for connecting different networks, expanding networks and for providing security to the networks. Following are different types of networking and internetworking device:

    1. Routers

    Project on Machhapuchchhre Bank 2009 Networking and Internetworking Devices Networking and internetworking devices are used in
    Project on Machhapuchchhre Bank 2009 Networking and Internetworking Devices Networking and internetworking devices are used in

    Figure 13 Application of Router

    Cisco Router

    Router is a host or node with multiple interfaces to the network. It works at the network layer (layer 3) of the OSI model. It acts like traffic in a busy road showing the path to destination to each packet that arrives at it. Router can distinguish packet by source and destination address and by protocol type. The ability to distinguish packets by protocol can be used to add security to the network by configuring the router such that it drops the packets using particular type of protocol (termed packet filtering). For e.g. not allow packets using FTP (File Transfer Protocol). Routers can dynamically gather information about other devices and routers in the network and determine the shortest path for a packet using special algorithms. Routers can be separate hardware or a computer with special network software installed in it .For every packet that arrives at a router it takes following procedures for that packet:

    i.

    Send the packet to destination if it is directly accessible

    ii.

    Send it to another router if the path for the packet seems to be best through that router

    iii.

    Drops the packet if the destination address is invalid or the protocol used in the packet is unauthorized.

    Advantages of Routers:

    i. ii. iii. It can connect different networks using different physical media and architecture. It can
    i.
    ii.
    iii.
    It can connect different networks using different physical media and architecture.
    It can determine the best path for every packet.
    It can reduce network traffic and bandwidth consumption by dropping invalid packets.

    Amit Maharjan ID: 1801T3080019

    Page 31

    Project on Machhapuchchhre Bank

    2009

    iv.

    It can add to network security by packet filtering.

    Disadvantages of router:

    i.

    It is expensive than bridge or repeater.

    ii.

    It doesn’t work with protocols that are not routable.

    iii.

    As they perform complex calculations on packets, they are slower than bridge.

    • 2. Switch and Hubs

    Switch provides a connection point for nodes in a network to transmit data between them. In this way, they minimize the cost of networking (saves expensive circuits). They forward the data to the specific destination only by looking at packet headers, adding to the security of the network and network efficiency. Some of them even have the capability of implementing VLAN (Virtual Local Area Network) i.e. the nodes are in the same network but are divided into sub-networks of logical workgroups. This allows efficient operation of network and ease of reconfiguring users from old workgroup to new ones. Without them all the devices would need a direct dedicated link with each other which is impractical. There are two types of switch:

    Project on Machhapuchchhre Bank 2009 iv. It can add to network security by packet filtering. Disadvantages

    Figure 14 Application of Switch

    Figure 15 Cisco Switch

    • i. Unmanaged switch: no configuration options, least expensive, used in home, small business

    ii.

    Managed switch: multiple interfaces to modify the operations of switch, user interface for management of switch, enable features like Spanning Tree Protocol, set port speed, create or modify VLANs. They are of two types:

    • a. Smart switch limited set of management features

    • b. Enterprise Managed switches full set of management features, have more features that can be customized or optimized.

    Hub is similar to switch except that it broadcasts the data to all the nodes in the network which creates a security hole in network and leads to inefficient network. The data sent to one

    Project on Machhapuchchhre Bank 2009 iv. It can add to network security by packet filtering. Disadvantages

    Amit Maharjan ID: 1801T3080019

    Page 32

    Project on Machhapuchchhre Bank

    2009

    receiver can be received by another node also. The nodes must wait the for data transmission to complete before they send their data. Both switch and hub work at the data link layer (layer 2) of the OSI model. There are three main types of hubs:

    Project on Machhapuchchhre Bank 2009 receiver can be received by another node also. The nodes must

    Figure 16 Application of Hub

    Figure 17 Cisco Hub

    • a. Active Hub: it has active participation in data communication, features: buffering, prioritizing data flow, synchronizing data communication, etc.

    • b. Passive Hub: does not have additional functionality

    • c. Intelligent Hub: it has all the features of active and passive hub and additional features to help efficient and effective management of network resources

    3. Bridge

    Project on Machhapuchchhre Bank 2009 receiver can be received by another node also. The nodes must

    Figure 18 Application of Bridge

    Figure 19 Cisco Bridge

    A Bridge is a device that connects multiple network segments i.e. different LANs. Bridge can is bridge is capable to join different networks. It works at physical and data link layer (layer 2) of OSI model. It works on the basis of hardware address (MAC address). It helps to connect different LANs without having to set up IP address for nodes.

    Project on Machhapuchchhre Bank 2009 receiver can be received by another node also. The nodes must

    Amit Maharjan ID: 1801T3080019

    Page 33

    Project on Machhapuchchhre Bank

    2009

    Advantages of Bridge

    i.

    They are cheaper than routers

    ii.

    They are transparent to protocols above the MAC layer

    iii.

    It helps effective usage of bandwidth i.e. minimize bandwidth usage

    iv.

    They don’t need to be configured manually

    Disadvantages of Bridge

    i.

    Bridging of different MAC protocols can cause errors.

    ii.

    Not suitable for extremely large networks

    iii.

    They are more expensive and slower than repeaters as they read MAC addresses.

    iv.

    Buffering can cause store and forward delays.

    Project on Machhapuchchhre Bank 2009 Advantages of Bridge i. They are cheaper than routers ii. They

    Amit Maharjan ID: 1801T3080019

    Page 34

    Project on Machhapuchchhre Bank

    2009

    4. Modem
    4.
    Modem

    Figure 20 Working of Modem

    Project on Machhapuchchhre Bank 2009 4. Modem Figure 20 Working of Modem Figure 21 A Cable

    Figure 21 A Cable Modem

    Project on Machhapuchchhre Bank 2009 4. Modem Figure 20 Working of Modem Figure 21 A Cable

    Amit Maharjan ID: 1801T3080019

    Page 35

    Project on Machhapuchchhre Bank

    2009

    Project on Machhapuchchhre Bank 2009 Figure 22 a 56kbps Dial Up Modem Figure 23 Optical Modem
    Project on Machhapuchchhre Bank 2009 Figure 22 a 56kbps Dial Up Modem Figure 23 Optical Modem

    Figure 22 a 56kbps Dial Up Modem

    Figure 23 Optical Modem

    Modem (Modulator Demodulator) is a device that enables a computer to transmit data over telephone or cable lines. The modem changes analog signal to digital when receiving data and digital signal to analog when transmitting data. There are various types of modems:

    i.

    External Modems connected using different interfaces to computer

    ii.

    Internal Modems inserted in PCI slot

    iii.

    Cable Modems uses coaxial cable

    iv.

    DSL Modems connection from telephone switching office to the user

    v.

    ADSL Modems supports higher downstream transmission rate over normal telephone line

    Some modern modems allow computer to perform extra functions such as: auto- answering incoming calls, do voice mail, send and receive fax, etc.

    5.

    Gateway

    Gateway is a device used to connect two networks using different data formats or network architecture for e.g. AppleTalk and TCP/IP. They are capable of translating TCI/IP to AppleTalk. Most of the Gateway operates all seven layers of OSI model. A gateway should understand the protocols used by each network linked with router. They can be implemented in hardware, software or both. They are sometimes a feature in routers.

    Project on Machhapuchchhre Bank 2009 Figure 22 a 56kbps Dial Up Modem Figure 23 Optical Modem

    Amit Maharjan ID: 1801T3080019

    Page 36

    Project on Machhapuchchhre Bank

    2009

    • 6. Repeaters

    Project on Machhapuchchhre Bank 2009 6. Repeaters Figure 24 a Repeater In a large network a

    Figure 24 a Repeater

    In a large network a single cable is not capable of transmitting data due to loss in signal over long distance by attenuation, etc so device must be used to amplify the signals. The devices used for this purpose are called repeaters. They require short period of time to regenerate which can cause propagation delay. Repeats cannot do any other function beside signal regeneration. They are used exclusively in networks covering long distances. They are available for all types of guided communication media. They work at physical layer of OSI model.

    Advantages of Repeaters

    i.

    It allows creating networks separate by longer distance networks as well as expansion

    ii.

    of networks. It allows connection of different media

    Disadvantages of Repeaters

    i.

    Too many repeaters can cause problems networks.

    ii.

    It doesn’t help to ease congestion problem.

    • 7. Network Interface card (NIC)

    It is a device that can be connected into a motherboard and provides ports for network media connections. It is a part of the computer that is connected to the Local Area Network (LAN). The network resources are automatically separated when they are installed which is not the case with older NICs. Some points to be considered while choosing NIC:

    The types of network Separate NICs are needed for different network systems like Ethernet LANs, Fiber Distributed Data Interface (FDDI), Token Ring, etc. Hence, appropriate NIC should be chosen.

    Project on Machhapuchchhre Bank 2009 6. Repeaters Figure 24 a Repeater In a large network a

    Amit Maharjan ID: 1801T3080019

    Page 37

     

    Project on Machhapuchchhre Bank

    2009

    The type of media port or connector available in NIC is media specific for e.g.

    twisted-pair cable, coaxial cable, optical fiber cable, and wireless. The type of system bus PCI (Protocol Control Information) slots perform faster than ISA (Industry-Standard Architecture).

    • 8. RJ-45 Connector

    Project on Machhapuchchhre Bank 2009  The type of media – port or connector available in

    Figure 25 RJ-45 Connector

    It is used very often in LANs to terminate UTP cables and provide an interface for connection to different networking and internetworking devices.

    Project on Machhapuchchhre Bank 2009  The type of media – port or connector available in

    Amit Maharjan ID: 1801T3080019

    Page 38

    Project on Machhapuchchhre Bank

    2009

    Network Security

    Network security involves all the efforts made by a network owner (company) to protect its computer system, ongoing usability of assets and the integrity and continuity of operations. When it comes to providing security to a network there are many things to consider. The level security of network can be categorized as follows:

    • i. Physical Security

    For a network to be secure first of all the network and internetworking devices should be in secure location and communication media should be secure. It does not make any difference no matter how much hard it is to hack a network if a person can cut the man backbone cable of you network or destroy the communication device or simply connect into one of your internetworking devices. So, the all the communication devices and computer including servers, routers, etc should be in secure location. The people who have access to these locations should be few and appropriate authorization systems must be implemented to access such a location. There must have proper defense against fire, harsh environment conditions, natural disasters, etc.

    ii.

    Network security

    Network security involves various procedures at different levels of network for e.g. access control, firewalls, network auditing, remote access, directory services, internet services and the file system directory structures. All the outside attacks are to be blocked using various devices and techniques. Following are the devices and software that are used for network security:

    Project on Machhapuchchhre Bank 2009 Network Security Network security involves all the efforts made by a

    Amit Maharjan ID: 1801T3080019

    Page 39

    Project on Machhapuchchhre Bank

    2009

    a. Firewalls
    a.
    Firewalls

    Figure 26 A firewall device form Cisco

    Firewalls are the most widely used network protection systems. Firewalls come in both hardware and software or as combination of both. They need timely updates in the rule set and software based on new threats and working environments. They are configured by related person and work on the basis of these predefined rules to allow packets to enter the network or to destroy them. A good analogy would be a school gate keeper who lets in any one with student or staff id but stops everybody else from entering school premises when instructed to do so. A network is configured in such a way that all the packets that come into and go out of the network passes through the firewall. Firewalls cannot distinguish if the packets are from intruders or from an authorized person, they simply check all the packets that pass through them with the predefined rules and act accordingly. They are a very important par of network security system comprising of IDS, Anti-virus, Security policy, user authentication system, etc. There are various types of firewalls each with different advantages and disadvantages. However, none of the firewalls can protect the network from threats and attacks that are already inside the network. Different types of firewalls are as follows:

    • a) Packet filtering It works at network layer (layer 3) of the OSI model. These maintain two separate lists: permit list and deny list. All the packets are tested with both the lists and appropriate action is taken. It uses either source and destination address or outgoing port to make the decision. They are mostly used by SOHO (Small Office Home Office). These firewalls are found as default firewalls in operating systems as well as some routers. It is appropriate to be used in networks that demand high speed and less concern about user authentication for network resource use.

    Project on Machhapuchchhre Bank 2009 a. Firewalls Figure 26 A firewall device form Cisco Firewalls are

    Amit Maharjan ID: 1801T3080019

    Page 40

    Project on Machhapuchchhre Bank

    2009

    Advantages of Packet Filtering Firewalls:

    I.

    They are the fastest of all firewalls merely because they fewer test on packets.

    Disadvantages of Packet Filtering Firewall:

    II.

    The client computer do not require to be specifically configured in order to use

    III.

    Network Address translation can be implemented for hiding IP addresses form

    external users.

    I.

    Less secure than application layer firewalls because they cannot make decisions

    II.

    based on protocol subsets. They are unable to examine upper layer data so application specific attacks can

    III.

    slip through them IP spoofed packets cannot be detected by most firewalls in this category.

    There are two types of packet filtering firewalls:

    • i. Stateless firewalls:

    Make decisions based entirely on packet headers and are not concerned with state of connection between nodes.

    Advantages

    Works with less memory

    Faster performance

    Disadvantages

    They cannot make any decisions based on connection session.

    ii.

    Stateful firewalls

    With the function of stateless firewall, it can make decisions based on state of connection between nodes. It helps network efficiency by dropping packets that overload the server.

    Advantages

    They provide more security than stateless firewall

    It has logging and tracking facilities

    Disadvantages

    Complexity and difficulty arise in packet filtering.

    • b) Application Layer Firewall They can understand application specific attacks. They can control the way network access outside world by setting up proxy services. They can be configured to

    Project on Machhapuchchhre Bank 2009 Advantages of Packet Filtering Firewalls: I. They are the fastest of

    Amit Maharjan ID: 1801T3080019

    Page 41

    Project on Machhapuchchhre Bank

    2009

    make decisions based on specific content. They can be a bottle neck in a high speed network due to their requirements of massive processing power.

    Advantages of Application layer firewalls

    Features - It has event and logging mechanism.

    Configuration - Can be configured to make decisions based on specific

    features of an application. It can understand the packet data.

    Disadvantages of application layer firewalls

     

    Processing power - They require high processing power

    They are slower than packet filtering firewalls.

    Configuration - They require clients to be configured specifically

    Costs - Expensive operation costs

    c)

    Proxies

    Proxy firewall acts as a middle person between the two nodes i.e. server and client and always makes the request itself on behalf of the other rather than allowing direct communication. This gives the advantages of checking the packets even before it reaches destination. They are made specifically to work with certain protocols so they are capable of analyzing packets deeply. If a protocol used in network is not supported by proxy then generic proxy, the proxy that has added functionality to can make decisions based on packet header (similar to packet filtering firewall) must be used.

    Advantages of proxy

    By performing protocol-aware security analysis they provide much better network

    security. Network discovery - Network discovery for the outside world is made very difficult

    as they only receive packets from proxy on behalf of server. Provides ease to identify method of attack.

    Disadvantages of proxy

    Protocol incompatibility - Not all protocols are compatible with proxies.

    Slower performance - The middle man work of proxy slows down the network

    performance as it would provide better speed if the communication between the nodes was direct. VPN (Virtual Private Network) can face problems with proxies.

    Configuration - They are difficult to configure.

    Project on Machhapuchchhre Bank 2009 make decisions based on specific content. They can be a bottle

    Amit Maharjan ID: 1801T3080019

    Page 42

    Project on Machhapuchchhre Bank

    2009

    • d) Network Address Translation Firewall (NAT firewall) They provide network security by hiding the internal network address from outside world as they change the address of packets that flow through them. It allows connection of more devices to the network through single public IP. It provides least security as it is not capable of checking packets at all. They are built into many routers nowadays.

    Advantages of NAT firewall

    I.

    Lower cost - Allows many devices to share a common public IP address which

    II.

    are expensive. They hide actual network IP address of nodes.

    III.

    Network Expansion - Provides for easier network expansion.

    Disadvantages of NAT firewall

    I.

    It may misaddress packets.

    II.

    Compatibility - It is not compatible with all applications.

    III.

    Slower performance the procedures of network address translation slows down network performance.

    Project on Machhapuchchhre Bank 2009 d) Network Address Translation Firewall (NAT firewall) They provide network security

    Amit Maharjan ID: 1801T3080019

    Page 43

    Project on Machhapuchchhre Bank

    2009

    • b. Intrusion Detection Systems (IDS) It is hardware or software of combination of both which is designed specially to detect UN wanted attempts of accessing, manipulating, and/or disabling of computer systems through a network. It can works on the basis of predefined rules to detect a suspicious pattern in network activity. They require occasional updates. IDS can be a passive system which detects the intrusion, logs information and alarms about the intrusion or it can be reactive system (also known as Intrusion Prevention System) which detects intrusion, logs information and reprograms firewalls to block the suspicious network traffic or block the user. The main purpose of IDS is misuse detection and anomaly detection and to alarm about the intrusion. They can detect threat or attacks operating inside the network. There are many types of IDS. They are as follows:

      • 1. Network intrusion detection system (NIDS)

    It identifies the intrusion by examining network traffic and monitoring multiple hosts. This gives advantage of being capable to see the network activity in entire network such

    as a suspicious port scan. It can detect a threat inside a network.

    Advantages of NIDS

    They can be completely hidden from network devices.

    It has the capability of monitoring traffic in large number of threat targets.

    Disadvantages of NIDS

    Cannot examine encrypted traffic.

    Capable of detection only if threat matches pre-configured rules.

    Can miss network traffic if the network is very busy.

    Not capable of determining the success state of attack.

    • 2. Host Based IDS

    It is software running on a specific computer usually a server that identifies intrusions by analyzing system calls, application logs, file-system modifications using cryptographic hashing technique, etc.

    Advantages of Host Based IDS

    I.

    It will not miss any network traffic unless it does not generate logs.

    Disadvantages of Host Based IDS

    II.

    Capable of checking the state of success of attack.

    III.

    Capable of identifying unauthorized access attempts from the computers considered

    legitimate to access network.

    I.

    Not possible to hide in a network so it might be disabled by attacker.

    II.

    Cannot detect intrusions that do not match pre-configured rules.

    III.

    May void support and maintenance agreements on operating system of host.

    Project on Machhapuchchhre Bank 2009 b. Intrusion Detection Systems (IDS) It is hardware or software of

    Amit Maharjan ID: 1801T3080019

    Page 44

    Project on Machhapuchchhre Bank

    2009

    Besides Firewalls and Intrusion Detection System, there are types of software and hardware available in the market that protect computers i.e. PCs, MACs, etc from threats like viruses (small programs designed to take control of target computer, disable certain functions in the target system, corrupt data in the target, etc. can be eliminated by using Anti-virus software such as Kaspersky, etc.), malwares, spywares, SPAM, etc. All these threats only work on a specific system specially PCs and not servers because they are targeted at very large group of people.

    Also, the security measure of authentication of employee or user before accessing the network must be implemented. For authentication, strong username and password, biometrics systems (for e.g. Finger print scan, iris scan, palm scan, etc) or smart cards can be implemented. While using the authentication system, it should be based on the following principles:

    Something you have

    Something you know

    Something you are

    Or combination of two from above

    Communication Links

    For connection of computers in a network communication links are must. For connection of computers to WAN, optical fiber networks appropriate communication links are required and common protocols used in networks must be used such as: TCP/IP (for internet connection), FDDI (for networks using fiber optic cable), Token Ring (for networks in Star Topology), Ethernet (for common LAN using UTP), etc. Also IP address should be given to every device/node in the network for identification in the network.

    • a. FDDI (Fiber Distributed Data Interface): It is a data transfer system using fiber optic which is capable of data transmission at the rate of 100Mbps. This network can have five hundred nodes and can have a radius of 100km. it can transmit 450,500 packets per second. It also supports real time application.

    Project on Machhapuchchhre Bank 2009 Besides Firewalls and Intrusion Detection System, there are types of software

    Amit Maharjan ID: 1801T3080019

    Page 45

    Project on Machhapuchchhre Bank

    2009

    • b. Ethernet: It is the most widely used protocol of all. It uses CSMA/CD (Carrier Sense Multiple Access/Collision Detection) as access method. In this system, a sender listens to the media before sending any data. If the path is clear the data is transmitted otherwise the computer waits random period of time and attempts to retransmit. Collision of data is normal with this access method. Ethernet protocol allows functioning of linear bus, star topologies over guided media and wireless access points from speed of 10 Mbps up to 1000Mbps.

    • c. Token Ring: It is an access method that involves token-passing. In token ring, a logical ring is created such that data travels (single token carrying data) around the network from node to node. In this access method, a computer has to wait for token for transmitting data. If the token it received is free it puts data in it and sends it to another computer. The token passes through each node until it finds the destination node which receives data. If it wants to transmit data then it sends data otherwise it releases the token to the ring i.e. transfer it to another node. It is capable of data transmission at 4 Mbps or 16 Mbps.

    • d. Data Transfer Modes: Data Transmission can take place in three modes simplex(one way transmission for e.g. radio), half-duplex (two way transmission but only on can send data at a time for e.g. walkie talkie) or full-duplex (two way transmission both can transfer data simultaneously e.g. telephone, internet).

    • e. IP address: Internet Protocol (IP) address is a numerical identification and logical address given to all the nodes/devices connecting in a computer network using Internet Protocol for data transmission for e.g. computer connected to internet. The role of IP address is well defined as follows: “A name indicates what we seek. An address indicates where it is. A route indicates how to get there.”

    Project on Machhapuchchhre Bank 2009 b. Ethernet: It is the most widely used protocol of all.

    Amit Maharjan ID: 1801T3080019

    Page 46

    Project on Machhapuchchhre Bank

    2009

    Budget Estimation:

    Approximate Budge for four 4 branches and corporate office:

    Item

    Rate

    Quantity

    Amount

    Product Picture

    Belkin 250 ft. Cat. 5

    $46

    70

    $3,220

    Belkin 250 ft. Cat. 5 $46 70 $3,220

    UTP Patch Cable

    /S$4,714.08

    (A7J304-250-YLW)

    Cisco 2800 Series

    $935

    1

    $935

    Cisco 2800 Series $935 1 $935

    IOS Enterprise Services Feature Pack

    /S$1,368.84

    Cisco Small

    $279

    4

    $1116

    Cisco Small $279 4 $1116

    Business 101

    /S$

    Ethernet Broadband Router

    1635.498

    IBM System x3450

    $7,02

    2

    $14400

    IBM System x3450 $7,02 2 $14400

    (794854X) Server

    4

    -

    /S$ 21103.2

    $7,36

     

    0

    Fortinet FortiGate-

    $695.

    5

    $3475

    Fortinet FortiGate- $695. 5 $3475

    50B Complete

    00

    /S$

    Content Protection Bundle

    5092.6125

    Inspiron 531s

    $429

    25

    $10,725

    Inspiron 531s $429 25 $10,725

    (Includes 17"

    /S$15,701.4

    Widescreen Flat

    Panel Monitor)

     

    $308.

    1

    $309

    Project on Machhapuchchhre Bank 2009 Budget Estimation: Approximate Budge for four 4 branches and corporate office:

    Amit Maharjan ID: 1801T3080019

    Page 47

     

    Project on Machhapuchchhre Bank

    2009

     

    Microsoft Word 2007 Open License With Software Assurance

    63

    /S$452.376

    DSS-16+ 16-Port

    $70

    8

    $560

    DSS-16+ 16-Port $70 8 $560

    10/100 Desktop

    /S$ 820.568

    Switch

    Total

    $33871/S$49637.9505

    Project on Machhapuchchhre Bank 2009 Microsoft Word 2007 Open License With Software Assurance 63 /S$452.376 DSS-16+

    Amit Maharjan ID: 1801T3080019

    Page 48

    Project on Machhapuchchhre Bank

    2009

    Conclusion:

    This is the proposed network system upgrade for Machhapuchchhre Bank. The implementation of Star Topology in LAN will make the computer maintenance and addition and removal very easy. The implementation of sub netting will further enhance the security of the bank’s network. The use of optical fiber cable based network with other backup communication will make the network very reliable. The use of firewall will enhance security system of the bank. The implementation of Host bases IDS on server as far as possible will provide much security to the database of the bank. With the use of above discussed networking and internetworking devices, communication media, protocols in the manner given in the network diagrams as discussed in diagram explanation will make the network implementation successful and add to security and reliability of network as well as it will allow for very large networks using fiber optics (or satellite communication if possible).

    Project on Machhapuchchhre Bank 2009 Conclusion: This is the proposed network system upgrade for Machhapuchchhre Bank.

    Amit Maharjan ID: 1801T3080019

    Page 49

    Project on Machhapuchchhre Bank

    2009

    References and Bibliography:

    Following website were used in preparation of this proposal:

    • 1. References on Images:

    • 1. Fig 1(Star Topology):

    http://ca.htc.mnscu.edu/ne/custom_curriculum/ch3/3_2_4/index.html

    • 2. Fig 2(Bus Topology):

    http://ca.htc.mnscu.edu/ne/custom_curriculum/ch3/3_2_3/index.html

    • 3. Fig 3(Ring Topology): http://ca.htc.mnscu.edu/ne/custom_curriculum/ch3/3_2_5/index.html

    • 4. Fig 4(Mesh Topology): http://ca.htc.mnscu.edu/ne/custom_curriculum/ch3/3_2_6/index.html

    • 5. Fig 5,6,7,8: (all Twisted Pair Cable images): http://ca.htc.mnscu.edu/ne/custom_curriculum/ch3/3_3_3/index.html

    • 6. Fig 9(Coaxial Cable):

    http://ca.htc.mnscu.edu/ne/custom_curriculum/ch3/3_3_2/index.html

    • 7. Figure 10 Fiber Optic Cable: http://ca.htc.mnscu.edu/ne/custom_curriculum/ch3/3_3_4/index.html

    • 8. Figure 11 Radio Technologies: http://www.iritel.bg.ac.yu/iritel/english/services/engineering/pictures/Radio-inz.jpg

    • 9. Figure 12 A Infrared Communication Device: http://www.inqvision.net/eng_portfolio_content6.htm

      • 10. Figure 13 Application of Router & other router images: http://ca.htc.mnscu.edu/ne/custom_curriculum/ch3/3_4_3/index.html

      • 11. Figure 14 Cisco Switch & Figure 15 Application of Switch: http://ca.htc.mnscu.edu/ne/custom_curriculum/ch3/3_4_2/index.html

      • 12. Figure 16 Application of Hub & Figure 17 Cisco Hub: http://ca.htc.mnscu.edu/ne/custom_curriculum/ch3/3_4_1/index.html

      • 13. Figure 18 Application of Bridge & other bridge image: http://ca.htc.mnscu.edu/ne/custom_curriculum/ch3/3_4_2/index.html

      • 14. Figure 20 Working of Modem: http://ca.htc.mnscu.edu/ne/custom_curriculum/ch3/3_5_2/index.html

      • 15. Figure 21 Optical Modem: http://img.hisupplier.com/var/userImages/btide/20071024/161228.jpg

      • 16. Figure 22 A Cable Modem: http://www.cablemodems.com/images/products/21012009115129SURFboard%C2%AE%20C able%20Modem%20SB4100motorola_sb4100.gif

      • 17. Figure 23 A 56kbps Dial Up Modem: http://www.ezlister.net/Images/EZ5/56K%20Modem%20Upgrade.jpg

      • 18. Figure 24 A Repeater:

    http://www.femareps.com/network/trcf01.jpg.jpg

    • 19. Figure 25 RJ-45 Connector:

    Project on Machhapuchchhre Bank 2009 References and Bibliography: Following website were used in preparation of this

    Amit Maharjan ID: 1801T3080019

    Page 50

    Project on Machhapuchchhre Bank

    2009

    http://www.bb-elec.com/images/EthernetRJ45A.gif

    20. Figure 26 A firewall device form Cisco:

    http://newsroom.cisco.com/new_images/4250-enhanced.jpg

    • 2. References for study on firewalls:

    http://ictlab.tyict.vtc.edu.hk/~tsangkt/en/Security%20Tutorial/Proxy%20Firewalls.pdf

    • http://www.fiaif.net/doc/node7.html http://www.scribd.com/doc/13237646/FireWall-Slides?autodown=txt http://www.networksecurityjournal.com/features/types-of-firewalls-052507/ http://jpkc.ecnu.edu.cn/0804/slides/firewall.ppt

    • Guidelines on Firewalls and Firewall Policy, Writers: John Wack, Ken Cutler, Jamie Pole; NIST Special Publication 800-41.

    • Download URL: http://csrc.nist.gov/publications/nistpubs/800-41/sp800-41.pdf http://www.nwi.net/~pchelp/security/firewalls.htm http://www.f5.com/glossary/application-layer-firewall.html http://www.geocities.com/rallyz/SecurityPaper.htm http://www.cisco.com/en/US/products/sw/secursw/ps743/products_user_guide_chapter09186 a008007f305.html#xtocid10 http://searchnetworking.techtarget.com/generic/0,295582,sid7_gci1282044,00.html http://mirror.rhsmith.umd.edu/pub/centos/3/docs/html/rhel-sg-en-3/ch-fw.html http://en.wikipedia.org/wiki/Firewall_(networking) http://www.aboutonlinetips.com/what-is-a-computer-firewall/ http://www.ctp.bilkent.edu.tr/~ctp204/HilalUgurcan.ppt http://articles.techrepublic.com.com/5100-10878_11-1051837.html http://en.wikipedia.org/wiki/Network_address_translation http://jpkc.ecnu.edu.cn/0804/slides/firewall.ppt http://nislab.bu.edu/sc546/sc441Spring2003/NAT/Pros%20vs%20Cons.htm
      http://www.tcpipguide.com/free/t_IPNATOverviewMotivationAdvantagesandDisadvantages- 4.htm http://rsaip.info.ucl.ac.be/Documentations/NAT-ISSUES_files/nat1.htm

      • 3. References for budget preparation:

      • 1. UTP Cat 5 Price: http://www4.shopping.com/xPO-Belkin-250-ft-UTP-Patch-Cable- A7J304-250-YLW

      • 2. Cisco Router Image (Cisco 2800 Series IOS Enterprise Services Feature Pack): http://www.cisco.com/en/US/products/ps5854/index.html

      • 3. Cisco Router Price (Cisco 2800 Series IOS Enterprise Services Feature Pack) : http://www.bizrate.com/internet_networksoftware/products keyword-- __ cisco+2800+series+router.html

    Project on Machhapuchchhre Bank 2009 http://www.bb-elec.com/images/EthernetRJ45A.gif 20. Figure 26 A firewall device form Cisco: http://newsroom.cisco.com/new_images/4250-enhanced.jpg 2.

    Amit Maharjan ID: 1801T3080019

    Page 51

    Project on Machhapuchchhre Bank

    2009

    • 4. IBM Server Price: http://www4.shopping.com/-ibm+system+x3450++price

    • 5. Cisco Router Image (Cisco Small Business 101 Ethernet Broadband Router):
      http://www.amazon.com/Cisco-Secure-Broadband-Router-CISCOSB101- K9/dp/B0009X0CI8

    • 6. Cisco Router Price (Cisco Small Business 101 Ethernet Broadband Router): http://www.alliancedatacom.com/Cisco-SB-100-Series.asp

    • 7. Dell Computers Price and Image: http://www.dell.com/us/en/home/desktops/inspndt_531s/pd.aspx?refid=inspndt_531s&s= dhs&cs=19&ref=dthp

    • 8. Office 2007 Price:
      http://www.nextag.com/Microsoft-Word-2007-Open-3589417/prices- html?nxtg=882a0a280503-26F9846608281405

    • 9. Switch from D-link: http://www.dlink.com/products/?pid=71

    10. Fotrigate 50B Price and Image: http://www.avfirewalls.com/FortiGate-50B.asp

    • 4. References for IDS:

    http://en.wikipedia.org/wiki/Intrusion_detection_systemhttp://en.wikipedia.org/wiki/Intrusion_d

    etection_system Course Guide C1054 (Network Security)

    • 5. References for Network Topology:

    http://compnetworking.about.com/od/networkdesign/a/topologies.htm

    http://fcit.coedu.usf.edu/network/chap5/chap5.htm#LinearBusnetwork

    http://sunset.backbone.olemiss.edu/~misbook/conetom.htm#star

    http://www.its.bldrdoc.gov/fs-1037/dir-024/_3535.htm#bus%20top

    http://www.allaboutcircuits.com/vol_4/chpt_14/6.html

    http://www.webopedia.com/TERM/t/topology.html

    http://www.netcolony.com/clifford/network_topologies.htm

    http://en.wikibooks.org/wiki/Communication_Networks/Network_Topologies

    http://en.wikipedia.org/wiki/Bus_network

    http://en.wikipedia.org/wiki/Ring_network

    http://en.wikipedia.org/wiki/Star_network

    http://en.wikipedia.org/wiki/Switched_mesh

    http://en.wikipedia.org/wiki/Shared_mesh

    • 6. References for Communication Links:

    Project on Machhapuchchhre Bank 2009 4. IBM Server Price: http://www4.shopping.com/-ibm+system+x3450++price 5. Cisco Router Image (Cisco Smallhttp://en.wikipedia.org/wiki/Mesh_topology 6. References for Communication Links:  http://fcit.coedu.usf.edu/network/chap2/chap2.htm Amit Maharjan ID: 1801T3080019 Page 52 " id="pdf-obj-51-134" src="pdf-obj-51-134.jpg">

    Amit Maharjan ID: 1801T3080019

    Page 52

    Project on Machhapuchchhre Bank

    2009

    Also the class notes given by teacher and course guides of C1035 (Network Essentials) and C1054 (Network Security) for this term have been used.

    Turnitin Originality Report

    Project on Machhapuchchhre Bank 2009  <a href=http://en.wikipedia.org/wiki/IP_address Also the class notes given by teacher and course guides of C1035 (Network Essentials) and C1054 (Network Security) for this term have been used. Turnitin Originality Report Amit Maharjan ID: 1801T3080019 Page 53 " id="pdf-obj-52-15" src="pdf-obj-52-15.jpg">
    Project on Machhapuchchhre Bank 2009  <a href=http://en.wikipedia.org/wiki/IP_address Also the class notes given by teacher and course guides of C1035 (Network Essentials) and C1054 (Network Security) for this term have been used. Turnitin Originality Report Amit Maharjan ID: 1801T3080019 Page 53 " id="pdf-obj-52-17" src="pdf-obj-52-17.jpg">

    Amit Maharjan ID: 1801T3080019

    Page 53

    Project on Machhapuchchhre Bank

    2009

    Supportive Documents

    Letter of Acceptance from Machhapuchchhre Bank Limited

    Project on Machhapuchchhre Bank 2009 Supportive Documents Letter of Acceptance from Machhapuchchhre Bank Limited Amit Maharjan
    Project on Machhapuchchhre Bank 2009 Supportive Documents Letter of Acceptance from Machhapuchchhre Bank Limited Amit Maharjan

    Amit Maharjan ID: 1801T3080019

    Page 54

    Project on Machhapuchchhre Bank

    2009

    Proof of Budget estimation accuracy:

    Cisco Small Business 101 Ethernet Broadband Router Price

    Project on Machhapuchchhre Bank 2009 Proof of Budget estimation accuracy: Cisco Small Business 101 Ethernet Broadband

    Amit Maharjan ID: 1801T3080019

    Page 55

    Project on Machhapuchchhre Bank

    2009

    Belkin 250 ft. Cat. 5 UTP Patch Cable (A7J304-250-YLW) Price:

    Project on Machhapuchchhre Bank 2009 Belkin 250 ft. Cat. 5 UTP Patch Cable (A7J304-250-YLW) Price: Amit
    Project on Machhapuchchhre Bank 2009 Belkin 250 ft. Cat. 5 UTP Patch Cable (A7J304-250-YLW) Price: Amit

    Amit Maharjan ID: 1801T3080019

    Page 56

    Project on Machhapuchchhre Bank

    2009

    Cisco 2800 Series IOS Enterprise Services Feature Pack:

    Project on Machhapuchchhre Bank 2009 Cisco 2800 Series IOS Enterprise Services Feature Pack: Amit Maharjan ID:
    Project on Machhapuchchhre Bank 2009 Cisco 2800 Series IOS Enterprise Services Feature Pack: Amit Maharjan ID:

    Amit Maharjan ID: 1801T3080019

    Page 57

    Project on Machhapuchchhre Bank

    2009

    Currency Conversion Source:

    Project on Machhapuchchhre Bank 2009 Currency Conversion Source: Amit Maharjan ID: 1801T3080019 Page 58
    Project on Machhapuchchhre Bank 2009 Currency Conversion Source: Amit Maharjan ID: 1801T3080019 Page 58

    Amit Maharjan ID: 1801T3080019

    Page 58

    Project on Machhapuchchhre Bank

    2009

    Inspiron 531s (Includes 17" Widescreen Flat Panel Monitor) Price:

    Project on Machhapuchchhre Bank 2009 Inspiron 531s (Includes 17" Widescreen Flat Panel Monitor) Price: Amit Maharjan
    Project on Machhapuchchhre Bank 2009 Inspiron 531s (Includes 17" Widescreen Flat Panel Monitor) Price: Amit Maharjan

    Amit Maharjan ID: 1801T3080019

    Page 59

    Project on Machhapuchchhre Bank

    2009

    Fortinet FortiGate-50B Complete Content Protection Bundle Price:

    Project on Machhapuchchhre Bank 2009 Fortinet FortiGate-50B Complete Content Protection Bundle Price: Amit Maharjan ID: 1801T3080019
    Project on Machhapuchchhre Bank 2009 Fortinet FortiGate-50B Complete Content Protection Bundle Price: Amit Maharjan ID: 1801T3080019

    Amit Maharjan ID: 1801T3080019

    Page 60

    Project on Machhapuchchhre Bank

    2009

    IBM System x3450 (794854X) Server

    Project on Machhapuchchhre Bank 2009 IBM System x3450 (794854X) Server Amit Maharjan ID: 1801T3080019 Page 61
    Project on Machhapuchchhre Bank 2009 IBM System x3450 (794854X) Server Amit Maharjan ID: 1801T3080019 Page 61

    Amit Maharjan ID: 1801T3080019

    Page 61

    Project on Machhapuchchhre Bank

    2009

    Microsoft Word 2007 Open License With Software Assurance

    Project on Machhapuchchhre Bank 2009 Microsoft Word 2007 Open License With Software Assurance Amit Maharjan ID:
    Project on Machhapuchchhre Bank 2009 Microsoft Word 2007 Open License With Software Assurance Amit Maharjan ID:

    Amit Maharjan ID: 1801T3080019

    Page 62