FACULTY COMPUTER OF SCIENCE AND MATHEMATICS

ROUTING AND SWITCHING TECHNOLOGIES

CASE STUDY: ENTERPRISE NETWORK IMPLEMENTATION

GROUP

PREPARED FOR:

6 DECEMBER 2020

TABLE OF CONTENT

1
 CONTENTS PAGE

INTRODUCTION 3

THE TASK 4-10

CONCLUSION 11

REFERENCE 11

2
INTRODUCTION

College Yayasan Abadi is a small private campus that provide opportunity to the
people in Kembang Setaman district to pursue their study in tertiary level. Due to lack
of budget, the college’s campus architecture was poorly designed and implemented.
The network was segmented using typical segmentation (subnetting) and no security
feature(s) was implemented. Furthermore, current system does not support further
scalability in the future.
The campus consists of library building, 2 academic buildings, lab building and an
admin building

3
THE TASKS

1. Study and analyse the network architecture

College Yayasan Abadi has planned to use a network structure known as the Star
Topology. The type of the network consists of a middle node and connects directly to
other devices and the rest of the device interconnect. The entire network depends on
the core switch. Example like file servers, workstations and peripherals are all linked
to a core switch. All data is passed through the core switch. It sends data to every
node, but only one at the time passes it on to a node successfully. There are 2 kind
layered approach:-
 Core Layer
 Access Layer

Core Layer-Provides a high-speed packet fabric switching between various assembly

systems sets. It acts as a gateway where all the components come together. The
core layer is where high-speed links to other campus networks exist. Example
different floors, departments and binds them to WAN side network. There are some
characteristics to the core layer design that should be found:-

 High-performance
 High throughput
 High availability

Access Layer-provides network communication to end-users by linking devices such

as computer, internet protocol phones and closed-circuit television cameras to the
joint LAN via wired. These switches commonly occur on each department building
floor in the wiring closets.

There are several attributes that need to be considered before the campus
network architecture is implemented.

 Port density
 High availability
 Power over Ethernet (PoE)
 Segmentation

4
 ACCESS LAYER

CORE LAYER

WEAKNESS

I. Assume that the central switch or hub fails, the attached nodes will be
disconnected.
 The system's strong reliance on the operation of the core switch. The
lack of a link leads to only the isolation of a single node, the collapse
of the core switch makes the network inoperative and isolates all
nodes immediately.

II. The efficiency and scalability of the network depend on the potentiality of
the hub.

 The scale of the network is restricted by the amount of links made to

the core switch and its processing limits the performance of the whole
network.

III. The switch is a single point of failure

 The entire network would malfunction if the switch fall because the
switch is linked to each network. The coordination of the nodes would
be lost when the switch fails.

5
 IV. Star topology requires more cable length

If the network is enlarged, extra cables are required make installation

difficult.

V. More Expensive than other topologies

 Star Topology has many cables, making it the most expensive network
to build, so you need a trunk to maintain cables secure.

2. Propose an upgraded network design

i) Failure of the core switch will not affect the whole system

 Add on another layer which are known as total layer. This layer totals
associations and traffic streams from various access layer changes to
give high density connectivity to the LAN centre.
 Since all traffic passes across network connections, any malfunction
of the physical connection should be visible to make the high
availability of network services. The combination of systems with
multiple links and the linkage of networking technology will achieve
this.

ii) Utilize the capability of VLAN in securing the LAN and enhanced the security
measure using switch security.

 Implementing VLANs substantially decreases the safety risk by reducing

the number of hosts on the broadcast domain. This is achieved by setting
up a separate VLAN for host of private information only.
 VLANs should be set up so that they clearly separate logical components
of your network.
 VLANs are based on the level of security each VLAN requires.
 If any switch ports are not being used, these ports should be placed in a
VLAN designed to collect these unused ports.

 The use of port protection as a safety valve on your switch offers a

measure of security, since port security is based on permitted and the

6
 MAC addresses enabled. Since a MAC address is a hardware address, it
lends itself to being a type of physical separation for your network.

iii) Introduce a router so that users in different department can communicate with
each other.

 It takes one or more routers to build a small network. A router links several
switches and networks to create an even larger network. These networks
can be located in one place or in several places.
 A router link several devices to the Internet and link devices to one
another. Routers be used to create local networks of devices. A router
link several devices to the Internet and link devices to one another. To
create local device networks, routers should be used. These local
networks are useful for data sharing between devices or for staff to share
software tools.
 The routing protocol specifies how routers interconnect to relay data,
allowing them to pick routes between either of the two nodes in a network
computer. Routers carry out "traffic flow" functions on the Internet. When
they reach their destination computer, data packets are transmitted from
router to router through internet networks. The routing algorithms decide
the basic route preference. Only networks specifically communicating with
each router have prior information. The routing protocol sends data across
and across the network with immediate neighbours. This allows routers to
learn information about the topology of the network.
 The router is the first attack protection line in the network. The highest
degree of router security is allowed by items such as a firewall, the safest
way to protect the running and private data against attacks. Most routers
connect only via network cables to other network devices and do not have
drivers to operate on operating systems. Yet routers attached to a
FireWire or USB system also need drivers to operate properly.
The modem is attached to a cable by the wireless router. The router would
then create and connect to the campus Wi-Fi network via built-in antennas
by transmitting data from Department A to Department B via the Internet.
As a result, all campus computers have Internet access.
3. Discuss how your proposed design will improve the current system.

The discussion must cover issues about security, reliability, performance, scalability.

7
a) Security
 Implement a strong guideline on passwords. A weak password for
college networks is a death penalty, but complicated passwords spend
more time to access. We have always read of hackers using basic
tools to access a user account, and it's outrageous to build user
memory passwords. Network administrators can compel system
owners to create difficult passwords that aren't easy to select from the
dictionary. Passwords expire every 60 or 90 days so the complexity of
the password is re-charged and difficult to prevent hackers damaging
the network.
 An application with firewall can keep an eye on and block all illegal
processes while allowing secure access to network. Both applications
may be configured as hardware and firewalls reduce the possibility of
dangerous network files. A trusted personal firewall application can
build a police the network based on security policies from web traffic
monitoring to keep away or blocking Trojan horses, thwarting
hacking and fighting key loggers.

b) Reliability
 Ensure adequate capacity. A trustworthy network is sufficient capacity.
Our network will inevitably become affected when people begin to
communicate in real time. The college must provide more bandwidth
for this purpose. This must be provided by our internet service
provider. A range of access options, such as VDSL, Ethernet, or fibre
optic, can provide capacity, but the mobile network also has an
important role to play. For example, a 4G backup service can
guarantee our capability. It is up to us how all these technologies are
combined.

 Get on validated technology in the network. It is important to use network

architectures and protocols that are widely supported, which have proved
their value and reliability, while building the network. Our internet service
provider should be asked to supply so-called multicast protocols. One

8
 example of this is the Multi-Protocol Label Switching (MPLS), which
makes use of the so-called quality of service groups to give any
application the right priority. This eliminates delays and consequent lack of
consistency for critical applications.

c) Performance
 Limit Network User Number. Like many road drivers, a traffic jam can
be formed, as can so many network users. If someone on our network
completes high resource jobs, the network will be slowed down. It is
thus helpful to restrict our network's number of users. Don't encourage
guests, for example, to access our network but instead create a more
stable guest network that doesn't violate college infrastructure.
 Using the security tool. Detailed diagnostic information on the
condition can quickly be identified so that we can devote more time
solution and find it less time. Monitoring tools often help us to
proactively detect possible issues before problems are developed,
ensuring that our customers rarely experience slowdowns in the
network.

d) Scalability
 Build a VLAN. VLAN is a logical distinction from network equipment by
utilising the same physical networks. VLAN is an informative platform
with a variety of factors. Generally, a suitable VLAN function can lower
overhead networks along with the appropriate subnetting system,

9
 improve security and facilitate administration. A successful VLAN
execution will be the provision of device control over networks. This
will allow users to track network infrastructure better.
 The subnet of the network. A subnet is an alternative way to separate
a network. Usually, sub network suits physical network locations, but
with VLANs it is not necessary to install properly. The best network
subnetting can boost the overall network and operation. An embedded
subnet structure can be divided carefully into separate subnet
locations, departments and protected areas. With the easy task
agreement, the user will be better to grasp his sub networks and
tasks. It is good that HR and teams are focused on the scale of the
school and safety criteria in different networks. This helps you to more
easily control these vital data devices. Subnetting is not solely for
defence. Only when used with proper VLANs containing network
traffic to relevant locations can we reduce overall network costs. This
network would ensure significant scalability as it will ensure massive
scalability.

CONCLUSION

In conclusion, as the college Ikhtiar is a small private campus that provide opportunity to the
people in Kembang Setaman district to pursue their study in tertiary level they are encourage
to upgrade their network communication. As we recommend in the above, the college Ikhtiar
can make an upgrade about their network in security, reliability, performance and scability.
As we know that now a day a lot of crime have happen in our network environment and also
in order to secure the college important information from the hacker. So we urge the college
Ikhtiar to accept the suggestion that we such as implement a strong password for security,
provide sufficient capacity for reliability, limit the number of network users for the
performance and create VLAN (Virtual Local Area Network) for the scalability. We hope that
the college department can accept our proposal as the cost also is affordable and most
important is the network that college Ikhtiar use is more secure from the hacker.

Reference

 https://www.networkcomputing.com/networking/how-expand-network-capacity-quickly-
and-cost-effectively

10
 https://www.turn-keytechnologies.com/blog/article/what-needs-to-be-included-in-a-
network-design-proposal/

 https://antivirus.comodo.com/blog/computer-safety/6-tips-to-improve-network-security/

 https://business.orange.be/en/discover/tutorials/these-four-elements-make-your-network-
reliable

 https://thwack.solarwinds.com/t5/Geek-Speak-Blogs/Top-10-Reasons-for-Network-
Downtime/ba-p/439856

 https://www.teachict.com/gcse_new/networks/peer_peer/miniweb/pg3.htm

11