You are on page 1of 9

ISLAMIC REPUBLIC OF AFGHANISTAN

MINISTRY OF HIGHER EDUCATION


MAIWAND INSTITUTE OF HIGHER EDUCATION KABUL,
AFGHANISTAN

Project Proposal for


Plan and Design network infrastructure of BAKHTA BANK

Submitted By Mohammad Qasim


Father Name Mohammad Nasim
Reg No 2014-0199
Submitted To Shams ur Rehman
Department Computer science
Session 2013-2017

( _______________________ )

(Shams ur rehman)

Table of Contents
Introduction...........................................................................................................................................2
1.1 Project information:...............................................................................................................2
1.2 Project Background:...............................................................................................................2
1.3 Project Summary...................................................................................................................3
1.4 Project Objectives:.................................................................................................................3
1.5 Project Methodology.............................................................................................................4
1.6 Network Design Diagram.......................................................................................................4
1.7 Project Network Lab Simulation Diagram..............................................................................5
1.8 IP Schema..............................................................................................................................6
1.8.1 Selection and Using of the Routing Protocol for the project..........................................6
References.............................................................................................................................................7
Introduction
1.1 Project information:
The Bakhter Bank is one of the private Banks with nearly 700 employees in different
provinces of the country and main office in Kabul City.
We are planning to equip its administrative staff with technology and transform its manual
Administrative processes into computerized paperless system in the long run. To expand
accessibility and connectivity of technology related systems to all administrative
Departments.
The goal of this project is to plan and design a new network infrastructure for Bakhter Bank
that enable clients from Head quarter and Branches to have access to CBS (Core Banking
Solution) Software.

Keeping current Bakhter Bank Network infrastructure in view, there is no connectivity


between Bakhter Head Office and Branches for accessing core banking system which is not
having a standard network design and network devices so all transactions and business
process are going on phone.

Our new network topology design will have the following parts for Bakhter Bank:

 Complete Data Center network design


 IP Addressing System and Routing
 Core Segment Design (LAN,WAN,DMZ)
 Network devices Configuration
 Implementing of High Availability and redundancy in Core Layer
 Link Connectivity of Branches to Bakhter Bank Head Office

1.2 Project Background:


As per our survey the Bakhter Bank which we had visited has a manual procedure for
business transactions and the main problems as we observed are as below:

 The entire branches financial database is individual and not synced with HO
Database.

 Business processing is followed by phone and internet which is unsecure.

 Delays on processing customer transactions.

1
 Branches computers are in workgroup not in a centralized domain which violet
network/system security policy.

 Trouble shutting and Network monitoring is impossible because there is no


connectivity between Bakhter Bank Head Office and branches.

 No security on the network

 Standard network devices are not used in the network

As the Bakhter Bank branches are not connected to Bakhter HQ, so all the process will take
long time to get prepared.

Also there is no proper method for troubleshooting, checking and auditing the branches.

All the problems were mentioned above could be covered by the New Bakhter Bank
Network Infrastructure which we have planned to design.

1.3 Project Summary


Our aim in this project is to connect Bakhter Bank branches to Bakhter Head Quarter which
is located in Kabul and allow all Bakhter branches to access Central Financial Database and
other services from centralized network

Positively this project will minimize network/system troubleshooting and enhance


network/system security and performance.

1.4 Project Objectives:


The objective of this project is as following:

1. Centralized Network Backbone

2. Design IP Address Scheme

3. Connect all Bakhter Bank branches to head office

4. Provide internet from head office to branches

5. Configuration of network devices

6. Enable routing between network devices

2
7. Creating secure tunnel between branches and HQ

8. Restricting of un authorized users from accessing internet via Access Control List

3
1.5 Project Methodology
In order to take care of availability, confidentiality and reliability of Bakhter network and
system, we have planned to build a secure network scheme by using latest CISCO and
Microsoft products.

 Project software and tools used

1. MS Office Visio 2010

2. GNS 3 Simulator

3. Packet Tracer Simulator 6.1.0

4. MS office Excel 2007

5. Putty

6. E-draw Max

 Devices Used:

1. Cisco Switch CAT 6509 Series

2. Cisco Router 3900 Series

3. Cisco Router 2900 Series

4. Cisco ASA 5520

5. Cisco Switch c3750

6. Cisco Switch c2960

 System Requirement:

 Windows XP

 Windows 7

1.6 Network Design Diagram

4
Upon understanding the requirements from Bank, it was clear that we would require stringent
security with 100% fallback at all critical levels. The Objective of Network connectivity was
to enable Centralized communication to Oracle Flexcube Server which was the Core banking
application. All branches should be able to connect to Data Center, by any means of WAN
connectivity such as Internet IPSec, Radio Links or private Leased Circuits.1

1.7 Project Network Lab Simulation Diagram


As per the requirement the project Lab has simulated in GNS3 since GNS3 can support live
cisco IOS Images for Cisco routers and Cisco firewalls.

1 I. Foster, C. Kesselman, and S. Tuecke, "The Nexus Approach to Integrating Multithreading and Communication," Journal of Parallel and
Distributed Computing, 37:70-82, August 1996. Page#20

5
1.8 IP Schema
I have planned this IP
address Schema with respect
to RFC 1918 address space
with adequate ip ranges
for all locations and the IP
address witch I have
designed for Bakhter Bank is
to reduce overlapping and
waste of IP addresses.

IP Segment Network Subnet plan Number of


No Status
Host
1 LAN 10.1.0.0/8 10.1.0.0/23 16777214 Allocated
172.16.254.0/2
2 WAN 172.16.254.0/30 65534 Allocated
4
3 DMZ 172.16.0.0/16 172.16.0.0/24 65534 Allocated
4 Core layer 172.18.0.0/23 172.18.62.0/23 32768 Allocated
5 Network Device P2P –IPs 172.17.0.0/16 172.17.0.0/29 65534 Allocated
6 Branch LAN segment 10.10.0.0/16 10.10.0.0/24 65534 Allocated

1.8.1 Selection and Using of the Routing Protocol for the project

I decided to use dynamic routing protocol in my project because of redundancy and load
balancing between unequal cost interfaces.

I select CISCO EIGRP routing protocol, EIGRP is CISCO proprietary and it is the only
protocol that support unequal cost load balancing between interfaces.

Here is a brief introduction to Cisco EIGRP Routing protocol;

6
References
Websites

 http://www.cisco.com/c/en/us/support/docs/ip/enhanced-interior-gateway-routing-protocol-eigrp/16406-
eigrp-toc.html

 http://www.cisco.com/en/US/docs/ios/12_2t/12_2t15/feature/guide/ft_glbp.html

 http://www.cisco.com/c/en/us/td/docs/security/pix/pix72/quick/guide/dmz_p.html

 http://docwiki.cisco.com/wiki/Internetworking_Technology_Handbook

 http://www.cisco.com/c/en/us/products/switches/catalyst-6500-series-switches/index.html

 http://www.cisco.com/c/en/us/products/collateral/routers/3900-series-integrated-services-routers-
isr/data_sheet_c78_553924.html

 http://www.cisco.com/c/en/us/products/switches/catalyst-3750-x-series-switches/index.html

 http://www.cisco.com/c/en/us/products/collateral/security/asa-5500-series-next-generation-
firewalls/product_data_sheet0900aecd802930c5.html

 http://www.cisco.com/c/en/us/td/docs/security/asa/asa82/configuration/guide/config/nat_dynamic.html

 Foster, C. Kesselman, and S. Tuecke, "The Nexus Approach to Integrating Multithreading and
Communication," Journal of Parallel and Distributed Computing, 37:70-82, August 1996