INTRODUCTION:

Janata Bank Ltd. is a state-owned commercial bank of Bangladesh established in 1972. Its
headquarters is situated at Motijheel in Dhaka, the capital city of Bangladesh. It is the second-
largest commercial bank in Bangladesh.

Solution Overview:
A wireless network allows devices to stay connected to a network without the requirement of a
wired connection. Wireless networks utilize Access Points to amplify and spread wireless signals
that allow user devices that can hear the signal to connect to the network – regardless of where
they may be.
At present Janata Bank has concurrent 500-600 user in Wi-Fi. They are using Wi-Fi service
through Laptop, mobile, and various types of Wi-Fi devices.
PLANNED NETWORK ARCHITECTURE
Based on the requirements of Janata Bank we have planned to design the network to cater to the
following traffic services of the Bank

Based on the separation of services through VLAN’s, we will be able to maintain proper traffic
flow as well as cater to different QoS parameters for traffic within the network.

For Wi-Fi the consideration has been broken down into below type of access points:

 Indoor AP (high density)

Radius Panel:

User will request for access via mail to admin. Admin will create user name and password in
Radius server.
Radius server will store all user data in Radius database. only valid user can access to the Janata
Bank wifi. Unauthorized access will be dropped automatically.

User Login Panel:

After connecting the wifi network user will be asked for initial AP authentication password.
Then user will ask for Radius access username password. After successfully submit the username
and password user will get internet access.

user will get access to internet according to their radius profile. There are 3 ssid will be
implement -
Management, Employee and Guest user.

User access validity will remain 30 days or 60 days or can be customization later based on
necessity.
User need to login for the first time and later user will connected automatically.

Provided device details:

Mikrotik Router: Ethernet routers enable connections to be made between one or more
computers to other computers, networked devices, or even other data networks. In this way they
all provide a means of creating greater levels of connectivity within a wired data network.

Core Switch: core switch is required to always be fast, highly available and fault tolerant since it
connects all the aggregation switches. Therefore, a core switch should be a fully-managed
switch.

Radius Server: RADIUS is a networking protocol that provides centralized authentication,

authorization, and accounting (AAA) management for users who connect and use a network
service. 

Log server: Log Server is a powerful centralized enterprise-class log monitoring and
management application that allows organizations to quickly and easily view, sort, and configure
logs from any source on any given network.

Controller: Controller validates the AP and then CAPWAP join response to the AP. The AP
validates the WLC to complete the discovery & join process. The validation on both the AP &
WLC is a mutual authentication mechanism. An encryption key derivation process occurs
subsequently and that ensure future CAPWAP control messages are encrypted.

Distribution Switch:  In the distribution layer is called distribution switch which receives traffic
from the access layer and forwarding it to the core layer, determining the workgroup access as
well as providing policy-based connectivity.