Network Design Proposal

Prepared for:
University of Maryland University College

Prepared by:
Underwood
I. Physical Network Design

A. Network Topology
A significant amount of evidence has been published suggesting that contemporary society is
undergoing a technological revolution. This technological revolution is a direct result of rapid
innovation throughout the world, in conjunction with improved refinement methods for rare
Earth metals [2]. The development of new platforms has provided researchers with the ability to
greatly increase the computing power of an operating system, thereby improving the way in
which a user interacts with software. In doing so, users have been forced to modify how they
interact with the novel technology to ensure that they are using the devices to the fullest of their
potential. The purpose of this paper is to perform a critical analysis of an organization who
desires to implement three additional computer labs in their institution. The organization in
question, an unnamed University, requires specific facets associated with the process to be
accomplished; however, the overall process associated with the project has been left to the
author’s discretion. This paper will review the most appropriate means to develop a wireless
network for the three new computer classrooms at the University. The only guidelines outlined
within the case study is that a minimum of 40 MB per second Internet connection, in addition to
a backup line with a minimum speed of 20 MB per second be implemented. A predefined
network address, 199.1.2.0/xx, be utilized when developing the novel wireless network. The
overarching theme of the project is to ensure that the wireless network allows for flawless
communication to maximize the productivity of all students utilizing the network.

Proposed Topology

The proposed apology for this project will be a tree topology. This type of topology allows for
multiple platforms to be connected to a central repeater [1]. This central repeater will then share
the information from each platform with a centralized server connected to the network. This not
only increases the functionality of each platform by maximizing transfer speed, but it provides
the simultaneous update of each platform with minimal delays. For example, multiple users will
be accessing the server simultaneously and this necessitates a method of splitting the entry and
exit of information from the centralized location. The central repeater provides one with the
ability to split the inflow and outflow of information to maximize network speed [1]. Central
repeaters can be implemented on either wireless or wired networks and thus, the use of the
repeater will be sufficient for this project. The minimal information provided in the case study
does suggest that students, in conjunction with faculty and administrators, will be utilizing the
services provided by the new classrooms. As such, the central repeater will be configured in a
way that allows for the communication with different servers depending upon a user’s
credentials. An administrator will require access to a different server than a student to ensure the
timely completion of all their job functions. A mock network topology that should be sufficient
for the organization's operations is provided below (figure 1). The apology is based upon
recommendations outlined by O'Neil and Perez [4].
 Figure 1: Tree Topology of Network

B. Network Media
Note: WIRELESS NETWORK

Business Needs

The business needs of the network involve the limitation of a network with a minimum of 40 MB
per second Internet connection, in addition to a backup line with a minimum speed of 20 MB per
second. This will fulfill the needs of the students, faculty, and administration accessing all the
data localize on the centralized server. Each entity will be provided with privileges, based upon
their functions within the University, to access servers that are relevant to their position.

Proposed Network Media (include network wiring diagrams) & Justification

As stated above, a tree topology is the most appropriate for this type of project. Based upon the
network topology listed in figure 1, it is necessary to include a device that allows for
communication between the wireless routers and repeaters that will be implemented within the
network. One such device, an RJ45 connector, provides a user with the ability to connect
multiple platforms via the previously discussed central repeater [3]. The inclusion of an Open
System Interconnection (OSI) device is necessary for defining the access points located on each
floor. An Ubiquiti UniFI UAP-3 802.11n MIMO is sufficient for this network based on its ability
to communicate through multiple levels of an institution. The strength of the signal associated
with this device will allow the first floor and second-floor classrooms to communicate with
minimal decreases in speed. The access points that are deployed with the RJ45 connector and the
Ubiquiti will be routed to the network LAN provider that was previously utilized by the
organization [3]. Again, the entire purpose of this operation is to increase the functionality of the
University by providing students, administrators, and faculty with faster connection speeds. The
network diagram associated with the placement of the RJ45 connectors and the Ubiquiti are
noted in figure 2.

Figure 2: Network Distribution Devices

C. Network Devices
Business Needs

The business needs of the network involve the limitation of a network with a minimum of 40 MB
per second Internet connection, in addition to a backup line with a minimum speed of 20 MB per
second. This will fulfill the needs of the students, faculty, and administration accessing all the
data localize on the centralized server. Each entity will be provided with privileges, based upon
their functions within the University, to access servers that are relevant to their position. This
necessitates the implementation of network devices that provides users with the ability to
seamlessly communicate with one another, in conjunction with the centralized servers.

Proposed Network Devices

The most appropriate network devices for this type of project are the previously discussed
Ubiquiti. This is an access point that will satisfy the business needs of the organization, i.e.
network speeds, and the device can communicate with platforms up to 400 feet away through
construction materials. It is also recommended that the Antaira Technologies APN-210N be
implemented by the organization, as this wireless LAN repeater is a three in one device that
provides LAN connections, a bridge, and a repeater with speeds up to 300 MB per second [4].
The ingrained security features associated with this device will be an additional layer of
protection for the organization.

Justification

The justification for this device is that it is the market norm for university settings based upon its
speed, ease of use and ability to upgrade when better network devices are released. The start of
the cost associated with these devices are minimal and thus, the institution should have no issues
purchasing these devices. Moreover, the cost associated with installing these devices will be
minimal due to a few wires that must be routed to connect all devices.

D. Network Security Devices

Business Needs

The business needs of the network involve the limitation of a network with a minimum of 40 MB
per second Internet connection, in addition to a backup line with a minimum speed of 20 MB per
second. This will fulfill the needs of the students, faculty, and administration accessing all the
data localize on the centralized server. Each entity will be provided with privileges, based upon
their functions within the University, to access servers that are relevant to their position. In
addition to the ubiquitous business needs, the organization must implement a security device that
provides a high level of security to mitigate the probability of a brute force attack.

Proposed Network Security Devices

It is recommended that the organization purchase a Cisco ASA 5510 Firewall to maintain the security of
their network. Per information published by O'Neil and Perez, this type of device should be
sufficient for maintaining the security of the network [4]. The security device will provide the IT
department with the ability to modify the architecture, while maintaining a smooth interface, to
provide a high-level security that is intuitive to the user. Again, the device can be remotely
accessed and modified depending upon the specific needs of the IT department. This will reduce
the number of resources the IT department will need to allocate to the maintenance of the device,
thereby maintaining a low operating cost [4].

Justification

The justification for this device is that it is the market norm for university settings based upon its
speed, ease of use and ability to upgrade when better network devices are released. The start of
the cost associated with these devices are minimal and thus, the institution should have no issues
purchasing these devices. Moreover, the cost associated with installing these devices will be
minimal due to a few wires that must be routed to connect all devices.

E. Computer Systems
Business Needs
The business needs of the network involve the limitation of a network with a minimum of 40 MB
per second Internet connection, in addition to a backup line with a minimum speed of 20 MB per
second. This will fulfill the needs of the students, faculty, and administration accessing all the
data localize on the centralized server. The operating systems utilized by the department will be
the newest OS by Microsoft, Windows 10. The OS is regularly updated by Microsoft and
therefore, each platform will be operating at a level that is dictated by proficient security and a
high-quality user experience.

Proposed Computer Systems

Windows 10 is one of the best OS currently on the market. Moreover, the OS has many features
that can be modified by the IT department to fulfill the specific needs of the organization. Not
only does the OS provide the organization with a high level of security, but its operation is
simplified allowing any entity to easily operate the platform [5]. This type of diversifiable OS is
essential within an environment where there is a different learning curve associated with the use
of technology. All students may not be proficient in the operation of an OS and thus, the
deployment of a simplified software will ensure that all individuals can fully utilize all the
platforms features.

Justification

The Windows 10 OS is the market leader and therefore, the choice of its use is the most appropriate.
II. Network Addresses Design (in its entirety)

A. Subnetting
The two tables below outline the specifics associated with the subnetting for the University.

Class Octet Decimal Range

A 1 - 126

B 128 - 191

C 192 - 223

Each class has a predefined default subnet mask that tells us the octets, which are already part of
the network portion, as well as how many bits we have available to work with.

Class Subnet Mask Format

A 255.0.0.0 Network.Host.Host.Host

B 255.255.0.0 Network.Network.Host.Host

C 255.255.255.0 Network.Network.Network.Host

CIDR (Classless Inter-Domain Routing)

CIDR is a slash notation of the subnet mask. CIDR tells us the number of on bits in a network
address.

● Class A has default subnet mask 255.0.0.0. that means the first octet of the subnet mask
has all on bits. In slash notation it would be written as /8, means address has 8 bits on.

● Class B has default subnet mask 255.255.0.0. that means first two octets of the subnet
mask have all on bits. In slash notation it would be written as /16, means address has 16
bits on.

● Class C has default subnet mask 255.255.255.0. that means first three octets of the subnet
mask have all on bits. In slash notation it would be written as /24, means address has 24
bits on.

Scenario

The building will house six computer labs that will be used for instruction. In the building
diagrams above, the labs are labeled Classroom #1, Classroom #2, and Classroom #4 on the first
floor and Classroom #1, Classroom #2, and Classroom #5 on the second floor; each computer lab
will have a closet. Each lab will have 25 computers: 23 student computers, one instructor
computer, and one server in the closet for instructional use.

To allow students access to library resources, the library will also have 20 computers for the
general public to use and five computers for library staff.

Finally, there are 7 offices in the building. Each of these offices will have one computer for staff
use, with the exception of the admissions office, which will have five computers. There will be
two server rooms, one on the first floor and one on the second floor.

Figure 2 (repeat for viewing ease): Network Distribution Devices

Methodology

Given the aforementioned scenario, we are going to use the 199.1.2.0 network and create a total
of 8 subnets, with 25 hosts on each subnet. The chart below describes structures the scenario to
include each subnet and required hosts.

Subnet Description Required Hosts

Classroom 1 Computer Lab 25 Computers

Classroom 2 Computer Lab 25 Computers

Classroom 3 Computer Lab 25 Computers

Classroom 4 Computer Lab 25 Computers

Classroom 5 Computer Lab 25 Computers

Classroom 6 Computer Lab 25 Computers

Library Computer Lab 25 Computers

Office / Admissions Network 14 Computers

III. Network Services Design

A. Network Services
Business Needs

The business needs of the network involve the limitation of a network with a minimum of 40 MB
per second Internet connection, in addition to a backup line with a minimum speed of 20 MB per
second. This will fulfill the needs of the students, faculty, and administration accessing all the
data localize on the centralized server. Each entity will be provided with privileges, based upon
their functions within the University, to access servers that are relevant to their position. The
implementation of different processes will allow users to fulfill all their relevant job functions,
such as printing, accessing pertinent information on active directory servers and diverting task to
other individuals utilizing DHCP.

Proposed Network Services

In addition to the Ubiquiti access point, it is necessary to implement a device that can balance the
load associated with all of the connected platforms. This requires an SSL load balancer, in
addition to devices that maintain the integrity of the network. Such devices that maintain the
integrity of the network include WAN optimizers, VPN clients, IDS/IPS, and firewall software
[5]. Although the Cisco device previously mentioned does provide a minimal amount of security
for the network, additional protocols will need to be developed to ensure that all operations are
being sufficiently handled. The implementation of these devices should be enough to maintain
the integrity of the network without compromising the speed of wireless communication. It
would also be appropriate to implement a DHCP, DNS, File, and Active Directory Server [5].
This provides an organization with the ability to diver different processes to appropriate
locations, such as printing, faxing, and other communication needs. It is likely that these
different types of communication devices will be implemented within each computer classroom
to increase the productivity of all those utilizing the platforms. Again, these can be easily
connected to the wireless device listed above and the IT department should not encounter any
significant issues.

Justification

O'Neil and Perez reported that the use of the above devices should be enough to maintain the
integrity of the network without diminishing communication speeds [5].

B. Network Security Measures

Business Needs

The business needs of the network involve the limitation of a network with a minimum of 40 MB
per second Internet connection, in addition to a backup line with a minimum speed of 20 MB per
second. This will fulfill the needs of the students, faculty, and administration accessing all the
data localize on the centralized server. Each entity will be provided with privileges, based upon
their functions within the University, to access servers that are relevant to their position. As
stated above in section II, a Cisco device will be the main tool for maintaining the security of the
network.

Proposed Network Security Measures

The simplest way to promote the integrity of the network is to require all individuals to agree to
the university’s terms and conditions when accessing the network. Furthermore, specific limits
will be placed on the types of websites that can be visited by all users. This will reduce the
probability of downloading a nefarious virus that could make the server susceptible to malicious
attacks [5]. It will also be necessary to block different ports to limit the type of traffic that can
enter and exit the organization servers. Ports that are typically blocked to maintain the integrity
of networks are 80 and 443 based on the ease by which a nefarious entity can circumvent
security processes through these ports [4]. By limiting the amount of traffic through the server, in
addition to implementing the previously described Cisco devices, should sufficiently maintain
the integrity of the wireless network.

Justification

The rapidly evolving technological environment necessitates implementation of security

measures that reduces the probability of a brute force attack. Although the recommendations
provided herein will reduce the probability of malicious attack, it is still recommended that the
organization regularly perform security vulnerability assessments to identify any weak points.
The Cisco device and the firewalls discussed in the above section will maintain the integrity of
the network; however, the purchase of a vulnerability software such as Tenable in the future is
highly recommended.
 Bibliography

[1] A. Pathan, Security of self-organizing networks: MANET, WSN, WMN, VANET. Boca
Raton, LA: Auerbach Publications, 2010.
[2] K. Aström and B. Wittenmark, Computer controlled systems: Theory and design.
Englewood, NJ: Prentice-Hall, 2013.
[3] J. Loo, J. Mauri, and J. Ortiz, Mobile ad hoc networks: Current status and future trends.
New York, NY: CRC Press, 2012.
[4] H. O'Neil and R. Perez, Web-based learning: Theory, research, and practice, Princeton,
NJ: Lawrence Erlbaum Associates, 2013.
[5] D. Patterson, J. Hennessy, and P. Alexander, Computer organization and design: The
hardware/ software interface, 4th ed. Amsterdam, Netherlands: Morgan Kaufmann,
2015.