Professional Documents
Culture Documents
Quintana V. Richardson
IT 640
Heading 21 2
Table of Contents
Abstract ............................................................................................................................... 4
Email ............................................................................................................................... 5
Payroll ............................................................................................................................. 5
Accounting ...................................................................................................................... 5
Billing ............................................................................................................................. 6
Operations ....................................................................................................................... 6
Firewalls .......................................................................................................................... 6
Routers ............................................................................................................................ 7
Switches .......................................................................................................................... 7
Service............................................................................................................................. 8
Application ...................................................................................................................... 8
Network Architecture.................................................................................................... 12
Visual Representations.................................................................................................. 13
Challenges ..................................................................................................................... 17
Summary ........................................................................................................................... 19
References ......................................................................................................................... 20
References ......................................................................................................................... 21
Heading 21 4
Abstract
SNHUEnergy Inc. is a medium size oil and gas company that is currently experiencing rapid
growth. They are seeking the advice of a network consultant on designing a network
infrastructure that will handle growth over the next ten years as they move their operations to
other geographical areas in the region. In addition, they'd also like to branch out into
transportation and oil refinement. While this is a huge move for SNHUEnergy, they are looking
forward to future developments and they'd like to have this project finalized within the next year
and a half. They currently have a total of 120 employees between the Dallas and Memphis office.
When the project is complete, they will hire approximately 60 new employees each year during
the next two years of expansion. The network consultant must analyze the current network
architecture to evaluate its structural design and traffic patterns to improve on their current
The body of your paper uses a half-inch first line indent and is double-spaced. APA style
provides for up to five heading levels, shown in the paragraphs that follow. Note that the word
Introduction should not be used as an initial heading, as it’s assumed that your paper begins with
an introduction.
Network Applications
The network applications for the current network at the Dallas Headquarters are Email,
Payroll, and Human Resources. There is a Server Farm that consists of 4 servers to handle daily
tasking and operations. The major components of the network are two switches, a router, and a
firewall at the Dallas office and a switch and a router at the Memphis location.
Each employee is assigned a corporate email address that allows them to send and receive
electronic mail at their workstation utilizing Microsoft Outlook, which is one of the most popular
email applications widely used today. Email runs on SMTP or the Simple Mail Transfer Protocol
and operates at the application layer of the OSI model as a user end application.
Payroll
For APA formatting requirements, it’s easy to just type your own footnote references and
notes. To format a footnote reference, select the number and then, on the Home tab, in the Styles
Accounting
Include a period at the end of a run-in heading. Note that you can include consecutive
Billing
When using headings, don’t skip levels. If you need a heading 3, 4, or 5 with no text
following it before the next heading, just add a period at the end of the heading and then start a
new paragraph for the subheading and its text. (Last Name, Year)
Operations
Like all sections of your paper, references start on their own page, as you see on the page
that follows. Just type in-text citations as you do any text of your paper, as shown at the end of
The physical devices play a major role in the implementation of network infrastructure.
Without these devices, the network might cease to exist. The firewall, router, and switches are all
necessary physical components of the SNHUEnergy network. Each regional location needs to
incorporate these devices to appropriate a reliable network at the local level. The routers allow
Firewalls
The Dallas Office is the only location where there is a firewall in the current design. The
firewall purpose of the firewall is to protect the network from harmful traffic such as trojans,
viruses and malware. The network administrator will set rules for the flow of incoming and
outgoing traffic on the network. Once that data approaches the doors of the firewall the process it
goes through is as simple as knocking to find out whether you will be allowed access or not. If
that traffic does not fit within the rules of access the firewall will deny entry. The purpose of the
Heading 21 7
firewall is to prevent unwanted network traffic from communicating with devices on the
Routers
The router manages traffic by forwarding packets of data from one network to another. It
determines where incoming and outgoing data should go and allows the devices to communicate
with each other by assigning an IP address to the network devices. The router provides a direct
connection to the internet by way of the internet service provider (ISP). The current network
design of SNHUEnergy shows a router installed at the Dallas Office as well as the Memphis
location.
Switches
hardware/equipment that allows device interaction. It provides physical ports for UTP cables that
are connected to network devices. When a switch receives data from a PC on the network it
analyzes that data to of the TCP/IP data packets to determine its destination and once that
information is confirmed, the switch will redirect the packets of data to its intended destination.
The Dallas office has incorporated two switches to its network to provide connectivity for the
Although a wireless access point is technically referred to as a wireless device, it can also
provide a hard-wired connection if necessary. The wireless access point at the Dallas Office
receives a hard-wired connection by use of UTP cables to Switch-1 of the network. According to
the diagram for the Memphis Office, there are currently no Wireless Access points installed on
comprised of the Dallas Office, the Memphis Office and other information sent and received
through the ISP to clients, customers and sites over the World Wide Web. The key applications
are human resources, email, VoIP, payroll, accounting, billing, and operations. The Dallas Office
handles all applications except for billing and operations which is handled by the Memphis
office. Utilizing data captured by the Traffic Flow Wireshark we can determine the source and
Service
The VoIP service sends and receives data over the Real Time Transport Protocol, which
manages the was multimedia is sent over an IP network. This information is located by analyzing
the Traffic Flow Wireshark Capture and identifying frame numbers, source address
67.16.104.172, and destination address 10.0.6.73. You will also notice that the highlighted
transmissions are all VoIP data transmissions with the same source and destination address. You
will also notice that each transmission contains 216 bytes on wire and 216 captured.
Application
The application structured query language allows you to consolidate data on a database
and retrieve it from an internal or external network. MYSQL is the protocol it uses to send and
receive data over the network. All MYSQL transmissions are 79 bytes on wire with source
destination 10.0.8.42 and destination address 10.0.8.73 as indicated by Traffic Flow Wireshark.
Heading 21 9
You will also notice the TCP protocol utilized to send information between applications and it
Towards the bottom left of the log you will see where the request listed in frame 2283
was clicked on within the application and more detail information was displayed about that
request. It displays the Linus Cooked Capture protocol was used which suggests that this
application is operating in a Linux environment, the internet protocol is IPv4 with the source and
destination address listed as 67.16.104.172 and 10.0.6.73, User Datagram Protocol utilizing port
numbers 52220 as the source port and 65534 as the destination port, and Real Time Transport
Protocol. One other protocol listed is the SSH (Secure Shell) protocol which typically operates in
There are several areas of concern with the design of the network for both the Dallas and
Memphis offices. The current structure does not provide adequate equipment for growth, security
or redundancy for the LAN at either location. Currently, there is only one server for each
application. There are many reasons a server may crash to include hardware and software failure,
power outages, and usage overloads. An organization never knows when or how fast their
business will grow. The only thing they can do to prepare is to make every effort to support such
growth when they are structuring a WAN. Scaling a WAN involves more than the typical
addition of equipment to that network. Traffic between sites flow through overlay tunnels and
the equipment used to establish this connectivity has limitations on the number of tunnels they
can support at once. When you are operating at full capacity, that equipment starts to eat up
Heading 21 10
memory and CPU resources. If this occurs, resources will be overloaded, and domain collisions
might occur when switching packets on the network. The network will experience a decline in
the CPU’s ability to process requests. SNHUEnergy will undoubtedly suffer financial losses if
their business cannot meet the future demands of their clientele and/or keep up with the growth
of their competitors.
Dallas Office
The potential performance issues that may occur within the current Dallas Office network
infrastructure are Security, Reliability and Scalability. If a server crashes, the information on that
server will be inaccessible since there isn’t another device on the network with that same
information available. There are currently two switches located on the headquarter network.
While there are enough ports available for the current infrastructure, the switches will not meet
the demands for future connectivity. When the network is expanded, there may will not be an
adequate number of ports on the switches to accommodate the additional number of users and
Memphis Office
The Memphis location has several issues of its own to include a lack of redundancy in
power and equipment, security, reliability, and scalability. There is only one switch at this office
and while it’s not a current issue now it will become an issue of scalability when the company
hires new employees over the next 2 years. One of the largest problems I foresee is the huge
dependency on the Dallas office for internet connectivity and access to critical applications.
Heading 21 11
Security Issues
The current network of the Dallas Office includes one firewall connected between the
router and the ISP. If this firewall should fail, critical applications will be exposed to viruses and
other threats to the reliability of the data on the network. There is no firewall at the Memphis
location as well which leaves the network susceptible to threats, malware, hackers, and other
vulnerabilities of not having a protected network. If any of these threats occur, the network might
be subject to crashing or even an overloaded that may potentially limit access to servers. In the
interim, password access might become restricted and the integrity of data may be compromised.
Such issues may cause the company to lose thousands of dollars or more depending on the threat
level.
Heading 21 12
SNHUEnergy’s primary focus is change their current network infrastructure from its
normal operating stance to an infrastructure that will accommodate growth over the next two
years. The plan is to design a wide area network with VPN, cloud technology, additional routers,
switches and firewalls. Implementing such technology affords the ability to increase bandwidth,
decrease traffic, create centralized servers, and protect the data traversing the network. Currently
neither the Dallas office nor the Memphis office are equipped to handle these needs.
SNHUEnergy’s primary focus is change their current network infrastructure from its
requirements by 120 additional employees to aid in their strategy to grow their business by 50%
each year over the next two years across their 2 current locations, Dallas and Memphis, and open
Network Architecture
The plan is to design a wide area network with more advanced services and connectivity
by adding VPN, cloud technology, routers, switches and firewalls to the current network
infrastructure. Implementing such technology will enhance the capacity to increase bandwidth,
decrease traffic, create centralized servers, and protect data packets traversing the network.
Heading 21 13
Visual Representations
SNHUEnergy, Inc.
Logical Network Design Router B
Core Level
Primary Firewall Standby Firewall
Distribution A
Distribution B
Demarcation Point
Access Switch Access Switch Access Switch Access Switch Access Switch
1 2 3 4 5
Payroll Email
End-User End-User End-User
Server Farm
Server Farm
networks existing WAN hardware inline between the LAN router and the LAN switch. Once
SNHUEnergy is acclimated to the SD WAN, the existing WAN hardware can be removed from
over time, to migrate regional locations to SD WAN. Implementing a SD WAN will allow
SNHU to deploy a single network that affords SNHUEnergy the option to switch transports
based on the sensitivity of the application’s data. With that, SNHUEnergy can transmit fewer
sensitive data over a public connection and use Multi-Protocol Label Switching for more secure,
time sensitive connections. The MPLS routing technique directs data from one place to another
by providing short form network address instead of the typical long addressing system to avoid
the complexities of routing table lookups and speed transmission of data. The MPLS routing
technique would be used to ensure fast and effective low latency video conferencing. In addition
to speed, MPLS technology will allow SNHUEnergy to transmit data over the internet
anonymously and more secure as it pre-determines more efficient transmission routes prior to
sending data packets over the network. Other benefits of an SD WAN are network reliability,
flexibility and scalability, enhanced security, and fast office moves or additions as SD WAN
nodes can configures themselves within minutes. SNHUEnergy will appreciate the benefits of an
SD WAN in the long term as they expand their business and compete with other businesses for
One of the most vital processes in network management is measuring and controlling
the amount of bandwidth utilized by the devices and applications on a network. When
measuring bandwidth, you can detect whether your consumption levels are too high or too low
and determine the direct cause of that analysis. When a network begins to perform badly, that
may be an indication that the bandwidth consumption is on the high end of the spectrum. This
analysis offers the proper data for network management to make the necessary adjustments to
Analyzing bandwidth isn’t just measuring the usage of bits and bytes, the network
manager also observes the flow of that data in reference to the ratio of data packets sent and
received over the network and where there is a balance in the information transported over the
network. Today it isn’t necessary for a company to hire an individual to manage bandwidth
because this task can now be done with software applications that are faster, more accurate,
and more detailed than a singular individual doing the same work.
flow and analyzes the bandwidth usage of devices, an IP address, or a specific protocol on the
network. By analyzing this flow, a picture can be drawn for inference to visually see what the
network traffic is doing, where it's coming from and where the data packets are being sent to.
This data flow analysis is translated into a format where everyone technical and non-technical
SolarWinds NetFlow Traffic Analyzer can be used for a large global organization to
follow traffic between devices on the LAN in one facility and across the WAN to remote
locations in the company. It can be used to troubleshoot congestion and see in detail which
devices are talking the most on the network. It can also see the communication between
departments and how much information is being transported during communications and
Heading 21 16
whether uploads or downloads cause congestion or if that traffic aligns with the amount of
Security Devices
There are several types of security devices that SNHUEnergy could implement into their
existing system to mitigate potential and future security incidents from occurring. Limiting
access to sensitive information is the cheapest way to protect a network from unwanted harm.
Another option is physical security to protect several areas of the network from unauthorized
entry and to serve as access control to prevent unwanted entry into sensitive areas. Physical
security patrol protects a facility from theft, vandalism, and disasters such as fires. In addition,
SNHUEnergy may find it beneficial to install a surveillance system, access control systems, and
sensors for lighting control, and smoke detection. As far as the actual network is concerned, it is
very necessary to install a physical hardware firewall to provide access to a VPN connection at
each location. The hardware firewall can do everything software firewalls can do with increased
response times and the ability to handle more traffic and support multiple servers. In addition, a
hardware firewall will be less susceptible to attacks due to it running off its own operating
system and will not interfere with the network if it requires maintenance or reconfiguration.
floors that house several divisions of the organization. The divisions are Human Resources, IT,
Accounting, Billing, Operations and Payroll. The network servers accommodate Payroll,
Accounting, Email, and Human Resources in Dallas and Billing and Operations in Memphis.
The phone system is a VOIP phone management system with added video conferencing, both
which are hardwired to switches on the network with UTP cables. The firewall protection server
Heading 21 17
installed on the network is in the MDF of the Dallas office. In addition to email, end-users also
have access to an internet connection provided by the ISP or internet service provider.
There are several areas of concern with the design of the network for both the Dallas and
Memphis offices. The current structure does not provide adequate equipment for growth, security
or redundancy for the LAN at either location. The Dallas office should break the network down
into smaller groups and restructure from around that concept. Instead of having a server farm
with four servers, divide the group of servers into two server farms hardwired to an Access Level
Switch. Repeat those steps with the end-users to split the workstations into three points of
connectivity. Access level switch 2 will provide connections for devices on the 1st floor. Access
level switch 3 will connect workstations, VOIP phones, and video conferencing, and wireless
access points for the 2nd floor. Access switch 4 is the final point of access level connectivity to
provide connectivity for the 3rd floor of the building. Upstream, add two distribution switches for
redundancy and then connect each access level switch to each one of the distribution level
switches. Connect both distribution switches to each other. Then, connect a primary firewall to
Distribution Level Switch A and a standby firewall to Distribution Level Switch B. Connect both
firewalls together as well, again this step is to continue to add redundancy at every level of the
network. Last, provide a connection for a router at the end of the line to each firewall.
Challenges
The biggest challenge the company may face in attempt to implement new software and
devices with the current network infrastructure in planning and finances. The network consultant
will plan these changes in phases so that the entire network is not interrupted at once. In fact, the
changes shall be scheduled at night during down times. Cubicles phone systems and workstations
will be installed one department at a time and tested to ensure proper connectivity. When
Heading 21 18
purchasing equipment, the consultant may advise the company to either lease the equipment or
purchase pre-owned equipment from reputable sources. They can also deploy the use of
subscription-based services such as SaaS through a provider such as Microsoft for cloud-based
applications. There are many advantages of these services such as immediate cost savings
because you for services overtime instead of paying upfront, reliability because you will not have
Overall Risk
If SNHUEnergy does not consistently manage the security of their network, they may
face challenges with assurance in the future. Computer viruses have been known to impact
networks in ways that cause years of damage to the company and their customers. Viruses do not
discriminate when it comes to attacks, they pose damage to large and small companies and
typically smaller companies take a bigger hit because they don’t regularly monitor their network.
Hackers are not always from outside of the network. In many cases, networks have been hacked
by their own employees or the access to the network was provided by insiders. Oftentimes,
employees open emails and click links that invite malware unto the servers and they never
realize it until the damage is done. The best way to protect the company is to create awareness
Summary
When Network applications and components are not connected, they are nothing more
than spare parts for great ideas. SNHUEnergy, Inc. has trusted a network consultant with their
network to analyze and brainstorm a new concept to serve as a major overhaul. The components
of a network cannot provide functionality alone, therefore they must be interconnected to create
a functional system with a considerable level of performance. Often times, a network cannot
render the desired performance without the right combination of hardware, software, and
structural design. Installing additional switches, routers, and firewalls increase bandwidth,
increases reliability, improves latency, and decreases network traffic. When there are excessive
workstations and devices connected to a switch you run the risk of increasing network collisions.
In addition, adding redundant equipment to the network decreases the risk of data loss due to
equipment failure. More so, failure to install firewalls can leave a network vulnerable to
network. Lack of preparation can lead to premature network failure and loss of assets.
Heading 21 20
References
http://shop.oreilly.com/product/9780596101510.do.
Gookin, D. (n.d.). What You Need to Know about Network Hardware. Retrieved from
https://www.dummies.com/computers/pcs/what-you-need-to-know-about-network-
hardware/.
How to Setup a Network for Small Businesses. (2019, November 6). Retrieved from
https://www.cisco.com/c/en/us/solutions/small-business/resource-
center/networking/primer-building-small-office-network.html.
http://thenetworkengineer.com/hardware/routers-switches-firewalls-etc/.
Horton, L., & ServiceMesh. (n.d.). Understanding network traffic flow analysis. Retrieved from
https://searchnetworking.techtarget.com/tip/Understanding-network-traffic-flow-analysis.
Shekhar, A. (2017, December 14). Different Networking Devices and Hardware Types - Hub,
https://fossbytes.com/networking-devices-and-hardware-types/.
References
“The Ultimate SD-WAN Guide for IT Professionals - SD-WAN Experts.” SD Wan Experts,
www.sd-wan-experts.com/the-ultimate-sd-wan-guide/.
https://www.cisco.com/c/en/us/solutions/enterprise-networks/sd-wan/what-is-sd-
wan.html.