LAN Solution for Neda-Holding

COVER PAGE

A project report submitted in the

partial fulfillment for the degree of
Bachelor in Computer Science

Samim Attaey

Sayed Mustafa Saddat

Waleed Ahmad Hameedy

Supervisor

Amjad Khan

FACULTY OF ENGINEERING AND TECHNOLOGY

DEPARTMENT OF COMPUTER SCIENCE
KARDAN UNIVERSITY KABUL AFGHANISTAN
February, 2021

1
 PROJECT APPROVAL

The undersign certified that they have read the following project report
title” LAN Solution for Neda-Holding” and are satisfied from the overall
performance and recommend the report to the Department of Computer
Science for acceptance

Mr. Amjad Khan

Signature: ___________________
Main Supervisor

Mr. Zabihullah Atal

Lecturer Signature: ___________________

Mr. Farrukh Sair

Signature: ___________________
Lecturer

Mr. Amjad Khan

Signature: ___________________
Academic Administrator

Department of Computer Science

Kardan University Afghanistan

2
 DECLARATION

We declare that this project entitled “LAN Solution For

Neda-Holding” is the result of our own work except as cited
in the references. The thesis has not been accepted for any
` degree and is not concurrently submitted in candidature of
any other degree.

Signature : ____________________________

Name : SAMIM ATTAEY

Registration No : 202-1704004

Date : 00-FEB-2021

Signature : ____________________________

Name : SAYED MUSTAFA SADDAT

Registration No : 202-1011019

Date : 00-FEB-2021

Signature : ____________________________

Name : WALEED AHMAD HAMEEDY

Registration No : 202-1309020

Date : 00-FEB-2021

3
 DEDICATION

To our beloved parents and families

Samim Attaey

Sayed Mustafa Saddat

Waleed Ahmad Hameedy

4
 ACKNOWLEDGEMENTS

We would like to express our sincere appreciation and heartfelt respect to our
Academic Administrator, Sir. Amjad Khan, who has the best attitude towards his
students and has been really helpful to all students especially our team. He
continually and convincingly conveyed a message in each class, that if you want to
be successful, change your attitude regarding your life; whether it is punctuality or it
is facing any problem. Without his guidance and persistent help this thesis would not
have been possible. This quote is dedicated to Sir. Amjad: “It is the supreme art of
the teacher to awaken joy in creative expression and knowledge”.
We would like to thank our teachers Mr. Zabihullah Atal, Mr. Muhammad Tahir, Mr.
Abdul Ghafar, and Mr. Farrukh Sair who have been always supportive and helped us
to reach this stage of university life. Your endless positivity made it a joy to come to
every class. It is because of you, that we can say we can conquer any difficulty that
comes our way. You have always inspired your students. And this quote is dedicated
to them: “A true teacher defends his students against his own personal influences”.

We would like to thank our beloved family members, our family were the
pillars of our life they have always supported and encouraged us to make decisions
which we would never regret, most of the time the decisions taken with their support
are successful and been prolific. In addition, we would like to thank all our friends
specially Mr. Abdul Saboor Yarzada and Mr. Sayed Jasoor Sadat who helped and
supported us a lot with this project.

Samim Attaey

Sayed Mustafa Saddat

Waleed Ahmad Hameedy

5
 Contents
COVER PAGE...............................................................................................................................

PROJECT APPROVAL................................................................................................................

DECLARATION.........................................................................................................................

DEDICATION.............................................................................................................................

ACKNOWLEDGEMENTS..........................................................................................................

List of TABLES...........................................................................................................................

List of figures................................................................................................................................

List of abbreviation......................................................................................................................

Chapter No. 01.............................................................................................................................

Introduction.................................................................................................................................

1. Overview...........................................................................................................................
a) The drawback of the current procedure......................................................................
b) Why the problem wasn't solved yet............................................................................
c) Proposed System.........................................................................................................
2. Project Scope.....................................................................................................................
a) Resources....................................................................................................................
b) Schedule......................................................................................................................
c) Number of Tasks.........................................................................................................
d) Budget.........................................................................................................................
3. Problem Statement............................................................................................................
4. Project Goal.......................................................................................................................
5. Project Objective...............................................................................................................
6. Expected Outcome............................................................................................................
a) Data availability..........................................................................................................
a) Reliability....................................................................................................................
b) Scalability...................................................................................................................
c) High performance.......................................................................................................
Chapter No. 02.............................................................................................................................

6
Literature Review........................................................................................................................

Chapter No. 03...........................................................................................................................

Methodology..............................................................................................................................

1. Requirement Collection..................................................................................................
a) Physical Site Surveys................................................................................................
b) Interview...................................................................................................................
i. Advantages...................................................................................................................
 Engagement..................................................................................................................
 Arrangements...............................................................................................................
 Best result.....................................................................................................................
ii. Disadvantages...........................................................................................................
 Time consuming...........................................................................................................
 Smaller number of audiences.......................................................................................
iii. Types of Interviews..................................................................................................
 Structured.....................................................................................................................
 Non-Structured.............................................................................................................
c) Questionnaire............................................................................................................
i. Advantages...................................................................................................................
 Self-made questionnaire...............................................................................................
 Desired answer.............................................................................................................
 Time saving..................................................................................................................
 Instant response............................................................................................................
 Cost...............................................................................................................................
ii. Disadvantages...........................................................................................................
 Number of participants.................................................................................................
 Time-consuming...........................................................................................................
 Deceitful.......................................................................................................................
 Low response rate.........................................................................................................
iii. Types of Questions in Questionnaires:.....................................................................
 Open question questionnaires.......................................................................................
 Multiple choice question questionnaire........................................................................
 Dichotomous question questionnaire...........................................................................
 Scaling question questionnaire.....................................................................................

7
 d) Observation:..............................................................................................................
e) Prototyping:..............................................................................................................
f) Data Collection Technique Used for this Project:........................................................
2. Analysis:..........................................................................................................................
a) Number of Buildings:...............................................................................................
b) Number of Floors on each Building:........................................................................
c) Number of Rooms on each Floor:.............................................................................
d) Number of Devices:..................................................................................................
e) Transmission Impairment:........................................................................................
f) Transmission Impairments in this Network:................................................................
3. Layout:............................................................................................................................
4. Configuration:.................................................................................................................
a) Point-to-Points:.........................................................................................................
b) Mikro-Tik Routers:...................................................................................................
c) Cisco Switches:.........................................................................................................
5. Testing:............................................................................................................................
a) Switch:......................................................................................................................
b) MKT-Routers:...........................................................................................................
Chapter No.4..............................................................................................................................

1. Parallel Network Deployment:........................................................................................

2. Standalone Network Deployment:..................................................................................
3. Pilot Network Deployment:............................................................................................
4. Deployment Technique Used for this Project:................................................................
Chapter No.5..............................................................................................................................

1. Conclusion:.....................................................................................................................
2. Future Work:...................................................................................................................
References:..............................................................................................................................

8
 LIST OF TABLES

Table 1 Budget.................................................................................................................................

Table 2 List of Equipments............................................................................................................

9
 LIST OF FIGURES

Figure 1 Bus-Topology..................................................................................................................

Figure 2 Ring-Topology................................................................................................................

Figure 3 Star-Topology..................................................................................................................

Figure 4 Tree-Topolgy...................................................................................................................

Figure 5 Mesh-Topolgy.................................................................................................................

Figure 6 Hybrid-Topolgy...............................................................................................................

Figure 7 NHL’s Topolgy...............................................................................................................

Figure 8 PTP-Configuration Phase................................................................................................

Figure 9 Switch-Testing Phase......................................................................................................

Figure 10 MKT-Routers Testing Phase.........................................................................................

10
 LIST OF ABBREVIATION

LAN; Local Area Network..............................................................................................................

MAN; Metropolitan Area Network.................................................................................................

NHL; Neda-Holding........................................................................................................................

PTP; Point-to-Point..........................................................................................................................

MAC; Media Access Control..........................................................................................................

IT; Information Technology............................................................................................................

WAN; Wide Area Network.............................................................................................................

VoIP; Voice over Internet Protocol.................................................................................................

WiFi; Wireless Fidelity....................................................................................................................

WAP; Wireless Application Protocol..............................................................................................

LOS; Line Of Sight..........................................................................................................................

RF; Radio Frequency.......................................................................................................................

WLAN; Wireless Local Area Network...........................................................................................

WS; Work Station............................................................................................................................

EBSS; Extended Basic Service .......................................................................................................

IEEE; Institute of Electrical and Electronics Engineers..................................................................

WPA; Wi-Fi Protected Access........................................................................................................

WEP; Wired Equivalent Privacy.....................................................................................................

11
OS; Operating System.....................................................................................................................

IP; Internet Protocol.........................................................................................................................

CLI; Command Line Interface.........................................................................................................

IDS; Intrusion Protection System....................................................................................................

UTP; Unshielded Twisted Pair........................................................................................................

POP; Point Of Presence ..................................................................................................................

FTP; File Transfer Protocol.............................................................................................................

SMTP; Simple Mail Transfer Protocol............................................................................................

SSH; Secure Shell ...........................................................................................................................

RFC; Remote Function Call ...........................................................................................................

DoS; Denial of Service....................................................................................................................

CPU; Central Processing Unit.........................................................................................................

RAM; Random Access Memory.....................................................................................................

QoS; Quality of Service...................................................................................................................

PTMP; Poin to Multipoint.............................................................................................................

PoE; Power over Ethernet..............................................................................................................

AP; Access Point...........................................................................................................................

GUI; Graphical User Interface.......................................................................................................

HQ; Head Quarter .........................................................................................................................

MKT-Routers; Mikrtotik-Routers.................................................................................................

12
SA; Stand Alone............................................................................................................................

DNS; Domain Name System.........................................................................................................

13
 Chapter No. 01

Introduction
In this chapter, we will briefly give information about Neda-Holding and describe the physical
information about the buildings, the existing network drawbacks related to this organization, why
they are not solved yet, the proposed system that overcomes all the issues regarding the current
network along with the budget that is needed, the software and hardware requirements that are
needed also the availability of those tools and equipments. The key features of this project and
objectives of this project is also discussed in this chapter along with this project’s goal.

1. Overview
To design and build a functional and reliable network, many factors must be considered, such as the
hardware technologies, the careful configuration of the devices, and placement of the hosts within
the network. My paper will examine some of the issues designing a reliable Local Area Network
(LAN) and Metropolitan Area Network (MAN), and some of the best suggestions provided by
network experts.
Neda-Holding is a private company. Which is doing B2B advertisements for the businesses; it was
founded in 2008, it has two branches, and one guest house in Kabul, NHL's main branch is located in
Shahr-e-Naw and the second branch locates in Kolola-Pushta, and its Guest-house is located in Qal-
e-Fatullah. Neda-Holding provides services in 34 provinces of Afghanistan.

a) The drawback of the current procedure

One of the main challenging concern in the current network system is old wired technology, and they
are using outdated devices which all departments affected by these problems, its lacking wireless
network and updated devices, The NHL's current network has many disadvantages like:
i. Data Sharing
In the current network of NHL, data sharing is only doable within the LAN of the main branch. NHL
has its own servers that they don't want to be internet-based because they have sensitive data; this
caused another problem every time their stuff is in need of information, they must go to the main
branch and get it from there, even at the guest-house they cannot access their databases they must go
physically to the main branch and get data from there.
ii. Reliability
Their current network is wired, and wired networks are more damageable comparing to wireless
networks. Exposed cables are susceptible to everyday abuse from things such as cleaning. Wires
that are exposed and not properly laid may also pose a tripping risk, not only damaging the cable
but also potentially sending someone to the emergency room. Damaged wires may have to be
completely replaced.
iii. Expansion
The scalability of wired technology can be both costly and time-consuming. It may even interrupt
workflow as crews rewire areas within the office. In comparison, wireless networks can be set up
relatively cheaply using multiple access points without the need for significant alterations to a
building.

1
iv. Mobility
With their wired network, their employees are limited to access wherever there is a cable and port
available. So, if their employees need to have a meeting in one office, there are limited cables and
ports, and therefore not all of them will be able to access files needed for the meeting. As a result,
they may take turns, slowing down the meeting, or they may print out documents, which costs them
money.
v. Maintenance
Maintaining a wired network can be a headache, especially since issues with a wired network don't
have simple software fixes. In order to repair issues with a wired network, their IT must first
determine which wires, routers, or devices are causing the problems before they can begin working
on them.
vi. Higher Cost
The cost of wired technology can be quite expensive when used in large buildings. This is
especially true when locating cables underground or running them through multiple stories of a
building. Depending on the job's size and scope, professional crews may be needed to install wired
networks for your business. In comparison, wireless technology would not require expensive
underground cables or any significant damage to building structures such as a hole in walls or
ceilings.

b) Why the problem wasn't solved yet

One of the main reasons these problems are not solved yet is that Neda-Holding lacked the budget,
but through these months, this company has earned significant profits from different contracts, and
now they want to upgrade.

c) Proposed System
The system we provided for Neda-Holding provides a solution for all of their problems. Using PTPs,
the buildings will be connected with each other for data sharing, connecting their local databases.
We will install wireless Access-Points, and we will replace all the cables because most of the cables
are damaged. This will give them reliability. The proposed systems have better maintenance,
scalability and provide mobility for the employees.
Advantages of the proposed system
i. Mobility
In the proposed system, the employees are no longer limited to the cables and ports, they can use
wired or wireless or maybe both at the same time.
ii. Easy Maintenance
Proposed system provides better tools for monitoring and maintenance of the network like
manageable switches.
iii. Flexibility
Compared to current network the proposed system is easy to adapt due to wireless network.
iv. Easy Management
Proposed system provides better management compared to current system using latest Mikrotik
routers the IT can manage bandwidth with ease or apply MAC-filtering protocols.

2
2. Project Scope
The scope of this project is to update the existing Wired Network and add Wireless network that
connects all major Admin, Finance offices in the Neda-Holding to corporate headquarter.

The new LAN will be accessed by Finance and Admin employees. It's beyond the scope to update
the network connectivity to WAN services.
The scope of the project might intentionally not cover some matters. (Connectivity Backup, WAN
Services, Firewall and Security, Security Cameras, VOIP Services, and Power Backup System)

a) Resources
The hardware resources that are used, can be easily found in the market, and softwares that are
needed for the improvement and maintenance of the network are available online without any extra
cost.
i. Software Requirements
Softwares that are needed: Winbox for configuration of the Mikrotik routers, PuTTy, or TeraTerm
for configuration of the Cisco manageable switches.
ii. Hardware Requirements
Hardwares that are needed: Mikrotik Routerboard, Cisco manageable switch, Patch Panel, Wall Jack,
Access Point, Wi-Fi Printer, Mimosa Point-to-Point, and Ethernet cable.

b) Schedule
Site Survey for 3 locations for both LAN and connectivity – 1 Week
Preparing Drawing/ Diagram for 3 Locations – 1 Week
Ducting, Cabling and Port Installation for 3 Locations – 2 Months
Setting-up and Configuration for both LAN and Connectivity in 3 Locations – 1 Month
Testing Phase for 3 Locations – 1 Week

3
 c) Number of Tasks
i. The First Team which is consist of Senior IT Technicians is responsible to conduct technical
survey to identify the necessary equipment to be used for the scope project.
ii. IT Technicians will measure each room, hall, corridor and basement for each location.
iii. IT technicians will identify and estimate what necessary materials and how many numbers
required. e.g. Duct, Cable, Wall Jack, Cisco Devices, WAPs and so on.
iv. The Second Team which is consist of RF Engineers is responsible to conduct the survey to
identify clearer LOS.
v. Identify clear Line of Sight (LOS) in between Main Branch and two sub Branches.
vi. Recommend the right required Supported Point-to-Point devices.
vii. Prepare Diagrams for each Location.
viii. Prepare detailed connectivity solution report for each Location.
ix. Installation team will start actual onsite physical installation. E.g. Ducting, cabling and Port
installation.
x. Technical department will prepare configuration for each location.
xi. IT Engineers will implement the configuration for each location.

xii. Technical department will start testing the implemented configuration.

xiii. Technical department will approve the configuration if the testing phases are passed and
succeeded.

d) Budget
Types of equipment Quantity Unit Price
D-Link Cat-6 UTP 24 Port Loaded Patch Panel 6 45$
Sancable - Ethernet Wall Plate, 2 Port Cat6 78 10$
Cisco Switch-2690-24-TCL 7 100$
MKT CCR-1009-7G-1C-S+PC 3 650$
Access Point-TL-WA901ND 11 50$
Mimosa PTP (C5X, N5-X20) + PoE 2 Pairs 145$
HP LaserJet-M428fdw 2 350$
InfiLink Cat-6 12 Box 100$
Total 6640$

3. Problem Statement
As we know, the current network of Neda-Holding (NHL) is full of flaws. Its lacking wireless
network system in the organization, maintenance, and troubleshooting of the wired network is
complicated. In the current modern technological era having a wireless network is a key factor.
The other problem with the Neda-Holding's current network is the employees always complain
regarding slow internet. There is no bandwidth management inside Neda-Holding's current network
system, and their Wi-Fi security is weak, once a person gets the password of the Wi-Fi, he/she can
start using the service.

4
Hopefully, this thesis project can provide Neda-Holding a better solution for these problems.

4. Project Goal
The goal of this project is that Neda-Holding should have a managed, proper, reliable, and secure
connection within their LAN, MAN, and WAN. This project aims to provide Neda-Holding the
scalable network for their future. If the number of employees increases, the network should be
scalable without affecting the network's performance.

5. Project Objective
This project's first objective is duration and time, which is specified to be completed within 3-5
months.
The total budget for this project is 6500$ six thousand and five hundred dollars with maintenance
cost for the future it will cost around 7500$ seven thousand and 500 hundred dollars, which will be
paid by the organization.
And according to the quality of this project, the main point will be the bandwidth management,
connectivity between branches, and mobility of the network.

6. Expected Outcome
After the complete implementation of this project, these outcomes are expected:

a) Data availability
As we mentioned, Neda-Holding has its own databases that cannot access it from other branches and
their guest-house. At the end of this project, all three buildings should be able to access their local
databases.

a) Reliability
After implementing this project, their network will be as reliable as possible because we didn't
depend only on the wireless network, we will have a wired network, as well.

b) Scalability
This project's one of the key points is its scalability. There are enough available ports in the switches
as well as in each room for future use.

c) High performance
This project's tool is selected carefully according to Neda-holding's need without sacrificing the
quality as cost-efficient as possible, without wasting any resources or spending the budget on
unnecessary tools.
The employees undoubtedly will notice the better performance of the service due to bandwidth
management and mac-filtering.

5
 Chapter No. 02

Literature Review
The aim of this literature review is to identify networking techniques, tools and approaches for this
type of assessment, to discuss what is known about their effectiveness and to uncover factors
influencing commitment. We will use this literature review to produce relevant ideas that could be
further sophisticated, also involved in serious reproduction on these ideas in order to evaluate their
flaws, enhance some of their researches, if needed or can be enhanced, and add new information and
explanations. In order to make sense of the literature review we tried to observe literatures that were
up-to-date, similar and appropriate to our project.
Sangram Gayal et al [1] stated that wireless LANs are gaining high popularity these days because of
their ease of installation and better mobility, and there are 3 types of WLANs. First type is
infrastructure mode that every wireless LAN workstation (WS) communicates to any device through
an access point (AP). Second type is Ad Hoc Network mode which ever workstation talks to other
workstations directly. The third type is Mixed Network mode which every workstation in other two
modes can work simultaneously, and it is called Extended Basic Service (EBSS). The security
measures that are part of the 802.11 IEEE protocol are: Authentication, Association, and Encryption.
802.11 Specify two kinds of authentication first one is Open system authentication and second one is
Shared key authentication, in open system the client needs only the SSID for the successful
association this is like with no security, and shared system the client should have the WEP shared
secret key and WEP is a protocol used for encryption. Although WEP is secure but not as secure as
the WPA2 it is the second version of the WPA and it stands for Wi-Fi Protected Access WPA2-AES
provides better encryption than WEP which we will be using in our project.

6
Abu Sayeed [2] explained that Mikrotik routerOS firewalls are placed between the company’s
network and public network, shielding your computer effectively from malicious hacker activities,
and controls the flow of traffic to the router and from the router. Stateful filtering that Mikrotik
routers are based on this technology is used to detect and block many Dos attacks, SYN floods.
Network communications are made of small chunk of data that are called packets, and several of
these packets are used to maintain, create, and finish the connections. Mikrotik routerOS firewall is
based on: IP addressing, Port protocol filtering, Network interface filtering, Source MAC address
filtering, and TCP protocol option. Using Mikrotik firewall we are going to implement MAC-
filtering technology in our project it will have a huge impact on performance and security of the
network. Even if someone have the SSID and password of the network they cannot access the
internet.
Sikandar Shaik [3] mentioned that switch provides centralized location to connect devices with in the
LAN. Switch’s basic functions are: If the destination address is present in MAC-table switch will do
unicast, if destination address is not present in MAC-table switch will do broadcast, Switch updates
the MAC-table based on the source address, Max-age time for MAC-entries is 300seconds of
inactivity. There two types of switches, Manageable and Unmanageable switches, Unmanageable
switches are plug and play it means connect and use, Configurations and verifications cannot be done
and there is no console port. Manageable switches are also plug and play, it has console port and
command line interface (CLI) access, we can verify and modify configurations and can implement
and test some advance switching technologies like: VLAN, Trunking, and STP. Using these features,
we can gain better performance in our network like: by using VLANs we can divide one LAN into
multiple virtual LANs and can group them for the ease of troubleshooting and security.

Arun K. Majumdar et al [4] said that Metropolitan Area Network is more capable than LANs
commonly not purchased by an odd institution, in behalf of their links also tools purchased by
individual network donor whom give services to other employees, MANs cover the whole area
surrounded like the whole city which supply the network connection between others also capable of
split source of the company with each other through MANs. Metropolitan Area Network is the main
cross to connect various LANs through several chained lines, Therefor MAN is the part of our
project which we know the organization is located in three different locations in Kabul city, MAN is
reliable for the organization to connect their tree buildings and their local databases for the sake of
data sharing using point-to-points which it will help the organization to connect and share their data.
Richard Buckminster Fuller [5] elaborated that Local Area Network is an immense-speed, normal-
range transmission system which cover only speed area of 1 up to 20 megabits, using Ethernet and
Parallel bus network this is both the business system network can stand for few seconds to collect
information without any struggle as the system required less milliseconds to configure properly.
Also, Parallel bus network same as other the usage of it for the Building of office. Before the launch
of LANs there were other choices to connect one PC to other through the output card and input card
that can only transmit one-bit material. Different types of topologies used for the making stable
connection between the suitable area which has pointed, our projects main goal is to make a reliable
LANs within the buildings and use some of important LANs features to bring such a good result for
the organization, now a days different technologies can support transmission speed at gigabit range
using LAN features and new technologies we will implement it in this organization for better
performance.
Zoltan Balogh et al [6] mentioned that in the start of current services such as internet banking,
cybercrime, which introduce. We joined the internet to grab betterment of their better features. Such

7
as software websites and all other important issues. As we know the internet world is gaining day by
day for the importance of every category business there for the profit of hackers is much to down the
market of has rival for there on benefit so the intrusion protection system (IDS) Whose making
administration strong enough to disclose from the network traffic also alert computer from waste or
misuse. We cut them into network-based and host-based IDs as the network-based placed at planned
area inside in the network and investigate network traffic. Host-based IDSs move on network
devices, route customer and procedure task. It is confirmed that massive-security danger in computer
network, it attacks on data interruption, swapping of data, access to network and many other. Our
Aim is to examine and make the close-packed of the information which is key to concern on the risk
and warn the computer network also from hijacking attack occur on the network. LAN security are
keeping sensitively, honestly, ease of access of information.
Faizan Qamar et al [7] explored that as with an extended improvement in client choice for the huge
throughput, Huge space and less latency, the continuing classification of Fifth-Generation (5G)
system is nonstop by showing the built-in restriction of the arrangement, Such prohibition making
inspirit researchers around the globe to take the next step for the 6 th Wireless Generation, To remind
the beyond call, The upcoming radio network building must be correctly build to ensure its
maximum radio spectrum space. It should continuously ensure different technologies and strategy
Even so the present accomplishment of these strategy in 5G cellular networks make some spectrum
management affair. We are going to work on the better network which provide a best result for the
users that we never get any complain from them and build an immense-huge spectrum management
which high the ratio of the company.
Wendell Odem [8] presented that the term Ethernet refers to an entire family of standards. Some
standards define the specifics of how to send data over a particular type pf cabling, and at a particular

speed. Other standards define protocols, or rules, that the Ethernet nodes must follow to be a part of
an Ethernet LAN. All these Ethernet standards come from the IEEE and include the number 802.3 as
the beginning part of the standard name. The materials used inside the cable for the physical
transmission data of bits: either copper wires or glass fibers. Devices using UTP cabling transmit
data over electrical circuits via the copper wires inside the cable. Fiber-Optic cabling, the more
expensive alternative, allows Ethernet nodes to send light over glass fiber in the center of the cable,
optical cabling typically allow longer cabling distances between nodes. Although using fiber-optic is
great choice for us to use it in our project and connect the 3 buildings of the organization but this
organization doesn’t have the budget to afford that, but using UTP cables for inside the building
specially 1000BASE-T that can support 1-Gigabit will have huge impact on the speed of the
connection within the buildings.
Brian Horn [9] discussed that implementing bandwidth control or bandwidth management is a
feature that software programs and hardware devices support that allows you to restrict how much of
the network’s bandwidth the program the program or hardware is allowed to use. Bandwidth control
implemented in ingress-point which controls download bandwidth utilization to customer, egress-
point which controls the upload bandwidth utilization from customer, ingress and egress points is
optimum but requires configuration of multiple devices. In Mikrotik router-boards bandwidth control
can be done using two options. First one is simple queue the simplest way to limit data rates for
specific IP address and/or subnets, each rule checks IP header of every packet to check for match.
Second option is Mangle+ Queue Trees it uses connection marks and packet marks eliminating need
to check every packet. Using these two options in our project will have a huge impact on the
performance of the organizations network.

8
Matthias Gerber [10] explained that in present technology of smartphones, WLAN and Internet of
things, LAN cabling stand as the mainstay of entire network in ICT. Such as the architecture of the
house, cabling should be designed with prospective. It should be planned to permit many generations
of active devices to be joined, the review of broadcast by Gartner and different market founders
shows the beneficent of cabling, the founders mark that most the network interruptions are related to
the physical Row. If we change the cabling materials into numbers, we only see 3.5% costs for the IT
set-up, but if sees it works and will find 50% authority in IT operations. Instead of wrong cabling or
not a good capable cabling will be the high damage for that IT department, The radius of the zones is
usually gleaned on the coverage of WLAN access point, It is usually between 8 and 12 m, therefor
our goal is to make a better cabling for entire buildings which give our company strength to have a
strong connection between all area of suggested buildings to ensure us that result is more than our
target we were looking.
Cisco Company [11] said that the Cisco networking software like CISCO IOS, CISCO NX-OS is the
most valuable and wisely dispose networking software. It organized the modernistic technology,
business important services also the hardware floor support. Now we can achieve the importance of
combined software and the cleverness to manage accordant to the choices with helpful code around
the network it will handover services quicker and make better transformation. Open standard and
programmable for a graceful data center frame work. Improve for the both physical also effective
data center distribution, much valuable continuous system accomplishment, so as we using CISCO
switches in our project that will be much important task and will manage the Cisco system according
to the present develop technology.
Gildas Avoine [12] explored that to offer a single secure service (web, mail, login), it is better to secure the
data at the transport layer than at the network layer. Two most commonly used protocols are: SSH (Secure
Shell, 1995, Port 22): allows the secure logins, file transfer, etc. SSL/TLS (Secure Socket Layer, 1995):
allows securing any TCP based service (https, pop3s, telnets, ftps, smtps and etc.). SSH (RFC 4251)
implements secure

communication channels over insecure networks in a client- server session. SSH is designed to replace telnet,
rlogin, rsh, ftp, ready to use without any complicated installation. The security level is not so high but much
higher than telnet-like tools: data is encrypted, passwords are no longer exchanged in the clear. OpenSSH is a
library that allows creating SSH servers and clients, examples of clients: Putty, SecureCRT. Although telnet is
easier to configure in our project but with the help of this research paper, we have understood the drawbacks
and advantages of SSH over the telnet and the protocol we should use in our project.

Mehmet Hilal Ozcanhan et al [13] elaborated that Denial of Service (DoS) attacks are service
mitigation attacks that aim to interrupt the communication between a machine and user. Starting
from late eighties, DoS tools in DoS attacks, especially at the early 2000s. By flooding the target, it
is aimed to consume computational resources such as CPU, RAM or bandwidth. The result is
unavailability at the services. Nowadays, DoS attacks are being used for distributed DoS (DDoS)
attacks. The aim is still the same disrupting the legitimate user. Enormous amount of packet floods
makes the services unavailable for legitimate users. According to the security reports, recent DDoS
attacks target DNS and web applications. Layer 3 and 4 attacks cover nearly 75% of the attacks.
More than half of them are SYN increase of the attacks to the web applications; it is stated as there is
significant increase at the attacks targeting port 80 and 443. Using these researches done we will use
some techniques for DoS prevention to improve LAN security of the organization.
Surachai Kaewwong [14] mentioned that a simple queue is plain way how to limit traffic for a
particular target. Also, you can use simple queues to build advanced QoS applications. They have
useful integrated features: peer to peer traffic queuing, applying queue rules on chosen time intervals,

9
prioritization, using multiple packet marks from/IP firewall mangle and traffic shaping (scheduling)
of bidirectional traffic (one limit for the total of upload + download). Simple queues have a strict
order- each packet must go through every queue until it reaches one queue until it reaches one queue
which conditions fir packet parameters or until the end of the queues list is reached. For example, in
the case of 1000 queues, a packet for the last queue will need to proceed through 999 queues before
it will reach the destination. Although this technique is good for limiting the bandwidth in a large
organization adding every address manually will consume more time but in some cases like SOHO
networks it is useful.
Javvin Technologies [15] elaborated that same as a language which help people to interact with each
other easily and relax, there are protocols that helps network devices to communicate with each other
and share data + resources among them, protocols are made of standard rules and regulations that
help computers and other network devices to exchange their information. There are many types of
network protocols like: Telnet, SMTP, FTP, DNS, IMAP, POP3, Https etc. Telnet is related to
TCP/IP protocol suite which by the help of this we can access other computers remotely, by having
internet connection with the help of FTP and HTTP protocols we can share files from remote
computers but can’t log in or access as a user in/to other computer, so with the help of telnet protocol
we can easily access or log into another computer remotely. The problem with Telnet is the user’s
credentials transmitted unsecure and it’s an ineffective protocol over the internet, due to these issues
we prefer to configure SSH in organizations network.
Keith Shaw [16] stated that in the Globe of wireless, the session of Wi-Fi is equivalent with wireless
access in common, In contempt of it is a particular logo purchased by the Wi-Fi alliance, a category
sign to clarifying that Wi-Fi assets meet the IEEE’s set of 802,11b and 802,11ac, Include a family of
stipulation that begin in the 1990s and continues to extend today the 802,11 standards categories
adjustment that boost wireless throughput also the usage of new frequencies as they become
available. As well as shows new technologies that less the power of wasting. As clarified in June-
2003, 802.11g was the most successful to 802.11b skillful to realize up to 54Mbps rates in the
2,4Ghz band, equal to

802.11a speed but with less frequency range, by the help of this standard and this research we can
know the pros and cons of this standard and we can use it for the network of our organization.
IOSR Journal of computer Engineering (IOSR-JCE) [17] presented that in the present time the
communications and link has strengthen the evolution and visibility of certain IEEE 802.11 series of
types, Like IEEE 802,11a, b, g, n, and ac. Any of the standards similar with competency and
varieties that touch with the type of applications the standards are suggested for IEEE 802.11b
standards was come to market on Sep-1999. As these types bring up 11Mbps transmission with a
pull out to 55,2 and 1 Mbps in the 2.4GHz operating frequency the IEEE 802.11b standards was
permitted on 1999 from the original IEEE 802.11 which give permission to wireless performance
similar to Ethernet, the indoor also outdoor for this type is 35m to 14m. The standards 802.11g was
established in 2003 as an IEEE type for Wi-Fi wireless networking as it works around maximum
network bandwidth of 54Mbps similar to 11Mbps for 802.11b. Control the 2.4GHz frequency and
bandwidth of 20MHz these types uses the of Dm or DSSS modulation schemes and 802.11n types
was established in 2009 it promote various wireless antennas to transfer and receive data. The IEEE
802.11n standards engage OFDM sound techniques. Using this standard in our network would very
useful so we can decide in which part of the buildings which standard we can use and get the
maximum benefit from it.

10
Esteban Borges [18] explored that SSH is one of the best-known communications protocols on
internet world, its mostly used by developers and webmasters, it permits you to process remote
access to your new Dedicated Box in few seconds using a break communication channel. In security
sequence, Intouch day by day to send and receive code securely. If we look SSH is more capable
than FTP protocol (It transfer the information in clear text format) It can be attacked and cracked the
way it will not practices very well. In SSH password-based login are good enough to have hard set of
characters some as numbers, symbols, uppercase and lowercase to be safe from different attackers.
We can prevent attackers to our SSH in many ways here are some ways mentioned in this review.
The first one is to set a costume SSH port it means by default the listening port is 22 and widely
known by attackers so we can change the default port. The other way is to filter the SSH port on your
firewall it means using server-side software it’s also one of the basic things every server should
configure after installation of OS. By the help of this research, we can provide better security in our
organization network so attackers can access their devices or crack their SSH connections that we are
using in our project.
Sovia Lobo [19] discussed that lots of routers designed by the Latvian Company MikroTik to be deal
by a malware attacker the winbox This system give permission to access an unsecured router.The
winbox vulnerability was release in April in the present year also MikroTik has presented a software
update in same time, as founders sees that more than 370,000 MikroTik devices which clarified on
internet were still in unsafe. The report of Netlab 360’s Genshen Ye. Showing that 7500 active
software being caught by attackers, which showing that it easily forwarding and capturing the active
network to a number of remote servers, as well 239,000 of the devices has been go round into
SOCKS 4 proxies accessible from an individual. Earlier to the MikroTik attack, Wikileaks realized a
vulnerability from the CIA’s vault7 toolkit on the report of Wikileaks, the CIA vault hacking device
chimay Red engage 2 utilize, Including Winbox any directly file read and Webfig remote code
implementation vulnerability. Attackers were targeting winboxes in two ways, first attackers were
targeting routers witch CoinHive malware and the second way of attacking that turns affected routers
into a malicious proxy network. By the help of this research we came to know how the winboxes that
are used for accessing our mikrotik routers are being attacked so we can prevent it from unwanted
parties.

Micheal Mullins [20] explained that a remote attacker can send packets to TCP 23 (Telnet Port) or
reverse Telnet ports TCP 2001 to 2999 to 3099, 6001, and 7001 to 7099. These packets would cause
a denial of service (DoS) condition and cause network devices to refuse any further connection
attempts to the Telnet, SSH, reverse Telnet, RSH, SCP and HTTP remote management service. This
would effectively reject a corporation the power to manage its network devices until someone reload
the devices or physically connecting the console to clear the buffer and reset the configurations. So,
the router or switch is up but the organization doesn’t have the ability to manage the devices. Telnet
isn’t secure it passes all data in clear text, but if you must use telnet according to organizations
request here are some ways to secure it. Define which IP addresses can hook up with the virtual
terminal. Next apply the access list to your vty connections after that apply the access list to block
inbound traffic on all external-facing interfaces. By the help of this research, we can use now telnet
in our network without any concern about the attackers although we will use SSH but by the request
of the organization we will use telnet in some of their devices.
David Hammerstrom et al [21] presented that SMTP is the protocol stand for the transmission of
electronic mail is simple mail transfer protocol the running SMTP are in touch by authentication to

11
clear and confirm the presenting of a sender. As the protocol SMTP is not create to verify something
or encryption, there for the protocol works on transport layer security, secure/ multipurpose internet
mail extensions and Domain-based message. So, we can say Electronic mail is maybe the most
widely used system for communications business information on the internet as the research force
was placed on area that warn to emails core applications, Functions as well as mailbox storage mail
services (SMTP), mail transport encryption as this all are will analyze utilize that exist within the
email infrastructure. By the help of this research, we came to this that SMTP is widely used in the
world and something popular also have more attackers, using different techniques we will secure the
network if one PC gets attacked it won’t affect other PCs in the network.
Nate Lord et al [22] mentioned that File Transfer protocol (FTP) is a standard network protocol used
for transferring Data from computers to internet FTP is design on Client-server architecture as we
look to the protocol usually used also design in 1971 by Abhay Bhushan and FTP security is a classic
matter that can limit its usage on time when addressed not shown. If we consider FTP was not secure
due to clearly showing the usernames and password also not using encryption sending Data via FTP
is unsafe to sniffing, Taking off and brute force attack. Never data loss prevention solutions are
commonly used to control or secure data sent via FTP sessions. Also, network DPL solutions are
able to analyze and manage FTP traffic. DLP can enable secure FTP usage. Using this research paper
that has already done we know that what is FTP why we use FTP and pros and cons of the FTP so
we can secure the FTP in our organization network.

Chapter No. 03

Methodology
In the methodology chapter, we have explained different data collection procedures, the procedure
we have used for data collection, for analysis of data and based on these data and analysis prepare
the layout of the network. Later in the chapter we will explain what requirement collection is, how
many techniques are there for data collection, and defined the major techniques of the requirement
collection, i.e., Observation, Interview and Questionnaire as well as the pros and cons of these
techniques. In addition to these tasks, our team has defined what analysis of the collected data is.
Based on the analysis we could identify the network. After analysis of data our team has defined all
network topologies along with pros and cons and which topology we are going to use for our
network.

1. Requirement Collection

12
Requirement collection is a way to gather or collect the requirements of a specific system or
application from the users or important participants. Through requirement collection network
engineer can gain a huge amount of information of different forms via interviews, questionnaires and
site survey. It provides ease to the network engineer regarding the data, opinion and feedback. This
technique also helps the developer to gain information about the functions that the system must
perform. There are many techniques of requirement collection, following are the few of the major
techniques defined.

a) Physical Site Surveys

The physical site survey is an examination of the physical environment in which the WLAN or
wireless links will operate. This is inclusive of the physical premises owned by the
organization operating the WLAN and possibly physical locations leased for antenna
placement or cable runs.
It may also include an analysis of the physical space between two wireless bridges in a
point−to−point (PtP) or point−to−multipoint (PtMP) link implementation. The primary objective
of a physical site survey is to ensure that the location can accommodate a WLAN. Questions
answered by a physical site survey include:
 Can we place wireless equipment where it is needed in order to provide RF coverage
 in the intended service area?
 What is the best location for placement of antennas, APs, bridges, and other WLAN
 devices?
 For external links that are PtP or PtMP, does the proper RF LOS exist?
 Is power located at the placement locations for WLAN devices, or is Power over
 Ethernet (PoE) required?
 Can Ethernet cables be run to the desired AP locations?
 Can we protect outdoor antennas and devices from the weather through strategic
 placement on or under existing structures, or will you need to plan for device
 enclosures that are weather resistant?

i. Advantages:
This type of survey provides more accurate performance information for each AP and allows
for the physical inspection of the chosen locations to assure the AP can be mounted there.
Site survey also can measure sources of interference or other Wi-Fi networks that may be
operating nearby before the network is installed.
ii. Disadvantages:
The downside of survey is it is more labor intensive and requires physical access to the
building. What’s more, some of today’s thin APs won’t work without being connected to
their controller, which can make surveying more cumbersome as there is more equipment to
lug around.

13
b) Interview
The interview method is the most regularly used for collecting requirements, to get the most
information and consideration of an interview; the interview must be organized before setting the
interview. In addition, to have the best result of the interview, analyst must list out the stakeholders
whom has to be interviewed. In this method there are two types of questions which can be asked for
the interview, structured and non-structured. Open-ended questions usually help in acquiring
valuable data, based on numerous individuals and in different way they interact with the system. It
requires the interviewee to explain or describe their thoughts, and cannot be directly answered with a
“yes” or “no”. Asking the interviewee what they like about the present system or how they use it. An
example for the open-ended question would be “What are the subjects that you would like to learn in
our website?”. Close-ended questions are useful when the interviewer is observing for a particular
answer. It can contain specific answers for the interviewee to select from, in formats including true
or false or multiple choice. Although close-ended questions do not provide as much detail as open-
ended. An example of a close-ended question would be “How many students can participate in a quiz
session?” Once the questions have been organized, it should be provided to the interviewee prior to
the interviewee so that the interviewee needs to prepare. During the interview, the interviewer must
acquire permission from the interviewee that recorders may be used, to ensure that if details are
missed while taking notes can easily be retrieved. At the end of the interview, the results should be
provided to the interviewee, for validation of their answers.
i. Advantages
The pros regarding the interview may be many as some of them are stated below;
 Engagement: With the help of interview, we can achieve a deeper level of engagement when
we you’re having conversation to someone one on one.
 Arrangements: With interview it’s easier to arrange a session with one person than to co-
ordinate a group of people.
 Best result: With interview we gain greater results from stakeholders. Helping them to feel
more valued, and have greater ownership of the project. As a result, they could offer more
support in the later stages of our project.

ii. Disadvantages
With all its pros, the interview has its own cons too as they are listed below;

 Time consuming: Interviews are likely to be more time consuming than arranging one
session with a group of people it may happen on a fixed time or it may be postponed to a
certain amount of time.
 Smaller number of audiences: We may miss out on people effective ideas off one another in
a group session. The greater number of people the more the ideas we will get.
iii. Types of Interviews

There are two types of interviews used while collecting requirements in requirement
collection methods:

14
  Structured: In this type of interview the requirement collector looks for answers to pre-
defined set of questions. Which mean that the interview is in an organized and goal-directed
sense. And it will help requirement collector to collect specific answer to specific questions
of a directed goal.
 Non-Structured: In this type of interview there is no pre-defined schedule and the
requirement collector discusses in an open-ended way, what stakeholders want from the
system. This way the requirement collector can explore in a suitable way, and can establish a
statement and gain a comprehensive view.

c) Questionnaire
The questionnaire procedure takes less time to collect enough information for the analyst to analyze,
particularly when stakeholders are in different geographical regions; as well as when the number of
communicators is in hundreds. The questionnaires must be specific and organized, not too long or
out of system’s objective; to ensure that the users or communicators can sum-up the questionnaire.
When the user prepares the questionnaire, the general guideline should be taken care of and to
conclude the questions would be to ask “how, where, when, who, what, and why.” For how: “How
will you use this feature?” “How might we get the materials (videos, books...) we need?” “How will
we know this is complete?” For where: “Where does the process start?” “Where would the user
access this feature?” “Where would the results be visible?” For when: “When will this feature be
used?” “When will the feature fail?” “When will we be ready to start?” For who: “Who will use this
feature?” “Who will deliver the inputs for the feature?” “Who will deliver the outputs of the
feature?” For what: “What do I know about this feature?” “What does this feature need to do?”
“What is the end result?” “What must happen next?”. The above mentioned is the standard way of
constructing the questionnaire and they should be taken care of while preparing it.
i. Advantages

The pros regarding the questionnaire may be many as some of them are stated below;
 Self-made questionnaire: We can modify our questions to different stakeholders to
address different business objectives. To get the exact information that we need of the
interview.
 Desired answer: It’s quick and you can send it to a large number of users very quickly.
Questionnaires allow respondents to take time to consider their responses carefully without
interferences from others. They permit anonymity
 Time saving: We can save time from attending meetings and recording the information the
participants will do it for us.

 Instant response: The responses from different users are gathered on time in a consistent
way. Information can be collected in short period of time from a large number of people,
often geographically isolated.
 Cost: With standard questionnaire provides quantifiable answers to a researcher and it’s an
inexpensive way to reach a large number of people in less amount of time.
ii. Disadvantages

With all its pros, the questionnaire has its own cons too as they are listed below;
 Number of participants: Sometimes people don’t care about something that is not related to
their business. People may put the questionnaire to the bottom of their to-do list.

15
  Time-consuming: To able to design and write a good survey it will consume tremendous
amount of time.
 Deceitful: There is no way to check how truthful a respondent is being. It is quite difficult to
create unambiguous questions. There is no possibility to explain questions, so they may be
misinterpreted and as consequence incorrectly completed. You shall test your questionnaire
on a small group of respondents first to ensure it works as you designed it, before sending it
around.
 Low response rate: To increase response rate, an incentive is offered “You have a chance to
get certified when you done the course in one month” kind of statements. Questionnaires are
not suitable to investigate long or complex issues.

iii. Types of Questions in Questionnaires:

There are many types of questions in a questionnaire such as;
 Open question questionnaires: This type of questions varies from other types of
questions used in questionnaires in a way that open questions may produce unpredicted
results, which can make the research more original and valuable. However, it is challenging
to analyze the results of the conclusions when the data is obtained through the questionnaire
with open questions.
 Multiple choice question questionnaire: A set of answers are offered to the respondents
they have to choose from. The cons of questionnaire with multiple choice questions is that, if
there are many answers to choose one of them, it makes the questionnaire, unclear and
uninteresting and depresses the respondent to answer the questionnaire.
 Dichotomous question questionnaire: The dichotomous type of questions gives two
choices to the respondents (yes or no) to select from. This type of questionnaire is the
simplest form of questionnaire for the respondent in terms of answering the question.
 Scaling question questionnaire: This type of question is presented in way that there will
be an option for respondents to rank the available answers to the questions on the scale of
given range of values i.e. from 1 to 10 or 10% to 100%.

d) Observation:
There are different approaches to gain the user’s feedback, each approach has its own pros and cons.
There are times when direct observation can be better option to gather requirement. In observation

we can have a better understanding of the current environment. While observing the user, analyst can
get enough knowledge about how the user interacts with the system. Observation can be helpful in a

way that sometimes stakeholders can not define what actually is required, so analyst can observe it
while using observation technique
In this technique of elicitation there are two approaches the analyst can take while observing, passive
and active. In the passive observation approach the analyst just analyze or observe the system and
doesn’t attracts with the user, just pin points the observed points. While in active the observer or
analyst asks the user question when user is interacting with the system. Observation must be non-
bias. For example, they can check if a user uses certain features, the frequency of events, triggers that
cause different uses. Taking detailed notes is helpful in recording unexpected events. There may be
events unknown to the analyst ahead of time, they can be captured by taking notes of the event and
why it occurred. Video recorders may be used, but must always be approved with the user and their
company.

16
 i. Advantages
 The data gathered during observation sessions are quite reliable; it is often used to confirm
the data extracted using other techniques.
 Observation can be used to extract information on the physical environment where the task is
performed. For example, the analyst can get information on level of noise, physical layout,
traffic and so on.
 It is relatively inexpensive.
 It allows the analyst to perform work measurements.

ii. Disadvantages
 It is difficult to grasp the exceptions in one session, multiple sessions may to require.
 Sometimes users can be biased, which can affect the final result.
 Stakeholders can be interrupted during observation, which can lead to different responds.

e) Prototyping:
Prototyping Model is a software development model in which prototype is built, tested, and
reworked until an acceptable prototype is achieved. It also creates base to produce the final system or
software. It works best in scenarios where the project's requirements are not known in detail. It is an
iterative, trial and error method which takes place between developer and client.
i. Advantages:
 There is good communication between the developer and the customer.
 Developers can work better in determining customer needs.
 Customers play an active role in system development.
 Save more time in system development.
 Application becomes easier because the user knows what is expected.

ii. Disadvantages:
 The customer does not see that the software does not reflect the overall quality of the
software and has not considered maintenance for a long time.
 Developers usually want to quickly complete projects so that they use simple algorithms and
programming languages.

 Customer relationships with computers may not describe good design techniques.

f) Data Collection Technique Used for this Project:

Though all the methods mentioned above used for data collection and all of them has its own
advantages and disadvantages but the technique selected for this project is physical site survey. Our
team went physically in each building of the organization and confirmed the line of sight of each
building and number of rooms and users in each building, our team also pin pointed the best location
for the devices to be installed to get the best out of the devices and no harm from outside objects,
also our team after survey clarified how much equipments and tools we are going to need in our
network.

17
2. Analysis:
In the previous section we described in details the different requirement collection tools and the one
we used for this project. This section is dedicated towards the analysis of those data collected in the
previous section. The organizations total bandwidth is 20mb, each branch office consists of 8mb
bandwidth, and the guest-house is consists of 4mb bandwidth. Later in this chapter we will explain
the transmission impairments and types of transmission impairments, what causes them, and which
of the impairments we faced and what was our solution to overcome it.

a) Number of Buildings:
The organization has 3 buildings, their main branch is located in shahr-e-naw, the second branch is
located in kolola-poshta, and their guest-house is located in qal-e-fatullah, which we are going to
connect them through point to points.

b) Number of Floors on each Building:

The main branch of the organization that is located in shahr-e-naw has 5 floors including with
basement, the second branch that is located in kolola-poshta has 4 floors the basement is also
included, and the guest-house that is located in qal-e-fatullah has 2 floors.

c) Number of Rooms on each Floor:

As our team conducted site survey in the main branch the basement has only one room it’s the
organizations meeting room, from first floor till third floor each floor has 4 rooms and the fourth
floor has 3 rooms. The second branch in the basement it has 2 rooms and the rest of the floors each
floor has 3 rooms. The organizations guest-house has 2 floors each floor has 5 rooms.

d) Number of Devices:
Based on the site survey our has team has done, we came to conclusion that one access point in each
floor will have coverage on all the rooms of that floor, and the range of RF we are going to use for
our access points are 2.4 and 5 GHZ. The switches we are going to use are cisco layer 2 switches
along with mikrotik routers. The RF range we are going to use for our point-to-points are 5Ghz that
can support organizations bandwidth which is 20mb. Below is the full list of required mediums and
devices along with its quantity which we are going to use for our network.

No Types of equipments Quantity

1 D-Link Cat-6 UTP 24 Port Loaded Patch Panel 6
2 Sancable - Ethernet Wall Plate, 2 Port Cat6 78
3 Cisco Switch-2690-24-TCL 7
4 MKT CCR-1009-7G-1C-S+PC 3
5 Access Point-TL-WA901ND 11
6 Mimosa PTP (C5X, N5-X20) + PoE 2 Pairs
7 HP LaserJet-M428fdw 2

18
 8 InfiLink Cat-6 12 Box

e) Transmission Impairment:
Signals travel through transmission media, which are not perfect. The imperfection causes signal
impairment. This means that the signal at the beginning of the medium is not the same as the signal
at the end of the medium. What is sent is not what is received. Three causes of impairment are
attenuation, distortion, and noise.
i. Attenuation:
Means loss of energy that causes weaker signal. When a signal travels through a medium it loses
energy overcoming the resistance of the medium. Amplifiers are used to compensate for this loss of
energy by amplifying the signal.
ii. Distortion:
Means that the signal changes its form or shape. Distortion occurs in composite signals each
frequency component has its own propagation speed traveling through a medium. The different
components therefore arrive with different delays at the receiver. That means that the signals have
different phases at the receiver than they did at the source.
iii. Noise:
There are different types of noise
 Thermal - random noise of electrons in the wire creates an extra signal
 Induced - from motors and appliances, devices act is transmitter antenna and medium as
receiving antenna.
 Crosstalk - same as above but between two wires.
 Impulse - Spikes that result from power lines, lighting, etc.

f) Transmission Impairments in this Network:

As we discussed what is transmission impairment, types of impairments and what causes them. We
explained that in analysis section about the physical information of the buildings each building of the
organization is not far more than 3 kms which we are going connect them to each other using point-
to-points. The cables we are going to use inside network of each building can support 150 meters
without delay or interference from other parties, because of this solution we will not face any
attenuation and distortion in our network but the only problem we faced was the noise in our point-
to-points (PTPs). We contacted the internet service provider ISP of the organization they already
licensed the 5ghz range of frequency, we are going to use 5ghz RF for our point to points because its
licensed

and clean without any noise, and in this range of frequency it can fully support organizations
bandwidth.

3. Layout:
In the requirement collection section, we described in detail the different requirement collection tools
and the one we will used for this project. This section is dedicated towards the design of those data

19
collected in the requirement collection section. In the design phase we defined the topology, types of
topologies along with pros and cons as well as the topology we are going to use in our network.

a) Network Topology:

Network topologies describe the ways in which the elements of a network are mapped. They describe
the physical and logical arrangement of the network nodes. The physical topology of a network
refers to the configuration of cables, computers, and other peripherals. Different types of topologies
are:
i. Bus Topology:
All the nodes (file server, workstations, and peripherals) on a bus topology are connected by one
single cable. A bus topology consists of a main run of cable with a terminator at each end. All nodes
(file server, workstations, and peripherals) are connected to the linear cable.
Advantages of Bus Topology
• It is Cheap, easy to handle and implement.
• Require less cable
• It is best suited for small networks.
Disadvantages of Bus Topology
• The cable length is limited. This limits the number of stations that can be connected.
• This network topology can perform well only for a limited number of nodes.

ii. Ring Topology:

In a ring network, every device has exactly two neighbors for communication purposes. All
messages travel through a ring in the same direction. A failure in any cable or device breaks the loop
and can take down the entire network. To implement a ring network, we use the Token Ring
technology.

A token, or small data packet, is continuously passed around the network. When a device needs to
transmit, it reserves the token for the next trip around, then attaches its data packet to it.
Advantage of Ring Topology
• Very orderly network where every device has access to the token and the opportunity to transmit.
• Easier to Manage than a Bus Network
• Good Communication over long distances
• Handles high volume of traffic
Disadvantages of Ring Topology

20
• The failure of a single node of the network can cause the entire network to fail.
• The movement or changes made to network nodes affects the performance of the entire network.

iii. Star Topology:

In a star network, each node (file server, workstations, and peripherals) is connected to a central
device called a hub. The hub takes a signal that comes from any node and passes it along to all the
other nodes in the network. Data on a star network passes through the hub, switch, or concentrator
before continuing to its destination. The hub, switch, or concentrator manages and controls all
functions of the network. The star topology reduces the chance of network failure by connecting all
of the systems to a central node.
Advantages of Star Topology
• Easy to manage
• Easy to locate problems (cable/workstations)
• Easier to expand than a bus or ring topology.
• Easy to install and wire.
• Easy to detect faults and to remove parts.
Disadvantages of Star Topology
• Requires more cable length than a linear topology.
• If the hub or concentrator fails, nodes attached are disabled.
• More expensive because of the cost of the concentrators.

21
 iv. Tree Topology:

A tree topology (hierarchical topology) can be viewed as a collection of star networks arranged in a
hierarchy. This tree has individual peripheral nodes which are required to transmit to and receive
from one other only and are not required to act as repeaters or regenerators. The tree topology
arranges links and nodes into distinct hierarchies in order to allow greater control and easier
troubleshooting. This is particularly helpful for colleges, universities and schools so that each of the
connect to the big network in some way.
Advantages of a Tree Topology
• Point-to-point wiring for individual segments.
• Supported by several hardware and software vendors.
• All the computers have access to the larger and their immediate networks.
Disadvantages of a Tree Topology
• Overall length of each segment is limited by the type of cabling used.
• If the backbone line breaks, the entire segment goes down.
• More difficult to configure and wire than other topologies.

22
 v. Mesh Topology:

In this topology, each node is connected to every other node in the network. Implementing the mesh
topology is expensive and difficult. In this type of network, each node may send message to
destination through multiple paths. While the data is travelling on the Mesh Network it is
automatically configured to reach the destination by taking the shortest route which means the least
number of hops.
Advantage of Mesh Topology
• No traffic problem as there are dedicated links.
• It has multiple links, so if one route is blocked then other routes can be used for data
communication.
• Points to point links make fault identification easy.
Disadvantage of Mesh Topology
• There is mesh of wiring which can be difficult to manage.
• Installation is complex as each node is connected to every node.
• Cabling cost is high.

23
 vi. Hybrid Topology:

A combination of any two or more network topologies. A hybrid topology always accrues when two
different basic network topologies are connected. It is a mixture of above-mentioned topologies.
Usually, a central computer is attached with sub-controllers which in turn participate in a variety of
topologies
Advantages of a Hybrid Topology
• It is extremely flexible.
• It is very reliable.
Disadvantages of a Hybrid Topology
• Expensive

b) Topology Used for this Project:

As our team conducted the study the best choice regarding the topology in our network is star
topology, we used star topology for many reasons. As compared to Bus topology it gives far much
better performance, signals don’t necessarily get transmitted to all the workstations. A sent signal
reaches the intended destination after passing through no more than 3-4 devices and 2-3 links.
Performance of the network is dependent on the capacity of central node. Easy to connect new nodes
or devices. In star topology new nodes can be added easily without affecting rest of the network.
Similarly components can also be removed easily. Centralized management. It helps in monitoring
the network. At the same time it’s easy to detect the failure and troubleshoot it.

24
25
26
27
4. Configuration:

In previous sections our team selected the technique and topology we used for our project, and the
amount of devices that are needed for this network. In this section we will configure each device step
by step. First we start by configuring our point-to-points then our mikrotik-routers and at last our
switches. Some of our devices are CLI mode and some are GUI mode, for our CLI mode every
command is written and for GUI mode ever configuration is taken screenshot step by step.

a) Point-to-Points:
In this section every configuration of the point-to-points are screenshotted, first 3 screenshots are
master-site it means the HQ site then second 3 screenshots are branch offices at the end signal of the
point-to-points are captured after .

28
i. HQ to Branch Office:

29
30
31
ii. HQ to Guest-House:

32
33
34
b) Mikro-Tik Routers:
In the previous section we discussed regarding the configuration our point-to-points, in this section
we will configure our routers in way that we can easily manage the bandwidth block the brute force
attack and mac-filtering, it means even if someone knows the password to AP and joins to our
network they cannot use the bandwidth. In the bandwidth management section first we will create 2
groups, first is assigned to management and second group assigned to staff. In the first group
maximum bandwidth is 3mb and 4 user each user can use maximum of 1mb, the second group
consist of 11 users with total of 5mb bandwidth each user can use maximum of 512kb not more than
that.

i. Mikro-tik Configuration:

# RouterOS 6.44.5

/interface bridge
add name=LAN-Bridge
add name=bridge.42
/interface vlan
add disabled=yes interface=ether1 name=ether1.42 vlan-id=42
add interface=ether2 name=ether2.42 vlan-id=42
add interface=ether3 name=ether3.42 vlan-id=42
add interface=ether4 name=ether4.42 vlan-id=42
add interface=ether5 name=ether5.42 vlan-id=42
/ip pool
add name=DHCP-LAN ranges=192.168.1.2-192.168.1.254
/ip dhcp-server
add add-arp=yes address-pool=DHCP-LAN disabled=no interface=LAN-Bridge \
lease-time=1d name=server1
/queue simple
add comment="3M-Management Bandwidth" max-limit=3M/3M name=\
Mangement-Bandwidth packet-marks=\
pkt-down-management-bandwidth,pkt-up-management-bandwidth target=\
192.168.1.0/24
add comment="5M-Staff Bandwidth" max-limit=5M/5M name=Staff-Bandwidth \

35
packet-marks=pkt-down-staff-bandwidth,pkt-up-staff-bandwidth target=\
192.168.1.0/24
/queue type
add kind=pcq name=shape-to-1M pcq-classifier=dst-address \
pcq-dst-address6-mask=64 pcq-rate=1024k pcq-src-address6-mask=64
add kind=pcq name=shapt-to-512k pcq-classifier=dst-address \
pcq-dst-address6-mask=64 pcq-rate=512k pcq-src-address6-mask=64
/queue simple
add name=limit-to-1M parent=Mangement-Bandwidth queue=shape-to-1M/shape-to-1M \
target=192.168.1.0/24
add name=limit-to-512k parent=Staff-Bandwidth queue=\
shapt-to-512k/shapt-to-512k target=192.168.1.0/24
/interface bridge port
add bridge=bridge.42 interface=ether5.42
add bridge=LAN-Bridge interface=ether2
add bridge=LAN-Bridge interface=ether3
add bridge=LAN-Bridge interface=ether4
add bridge=LAN-Bridge interface=ether5
add bridge=bridge.42 interface=ether4.42
/ip address
add address=117.55.200.20/30 comment=WAN interface=ether1 network=\
117.55.200.22 disabled=yes
add address=192.168.100.1/24 comment=MGMT interface=bridge.42 network=\
192.168.100.0
add address=192.168.1.1/24 comment=LAN interface=LAN-Bridge network=\
192.168.1.0
/ip route add dst-address=0.0.0.0/0 gateway=117.55.200.21
/ip dhcp-client
add disabled=no interface=ether1
/ip dhcp-server network
add address=192.168.1.0/24 dns-server=192.168.1.1 gateway=192.168.1.1

36
/ip dns
set allow-remote-requests=yes
/ip firewall mangle
add action=mark-packet chain=prerouting comment="Management UP" in-interface=\
LAN-Bridge new-packet-mark=pkt-up-management-bandwidth passthrough=no \
src-address-list=Management-bandwdith
add action=mark-packet chain=postrouting comment="Management Down" \
dst-address-list=Management-bandwdith new-packet-mark=\
pkt-down-management-bandwidth out-interface=LAN-Bridge passthrough=no
add action=mark-packet chain=prerouting comment="Management UP" in-interface=\
LAN-Bridge new-packet-mark=pkt-up-staff-bandwidth passthrough=no \
src-address-list=Staff-bandwdith
add action=mark-packet chain=postrouting comment="Management Down" \
dst-address-list=Staff-bandwdith new-packet-mark=pkt-down-staff-bandwidth \
out-interface=LAN-Bridge passthrough=no
/ip firewall nat
add action=src-nat chain=srcnat out-interface=ether1 src-address-list=\
Management-bandwdith to-addresses=192.168.3.25
add action=src-nat chain=srcnat out-interface=ether1 src-address-list=\
Staff-bandwdith to-addresses=192.168.3.25
add action=masquerade chain=srcnat disabled=yes out-interface=ether1
/ip firewall filter
add action=drop chain=input comment="Drop SSH Brute Forcers" dst-port=22 \
log-prefix=yes protocol=tcp src-address-list=ssh_blacklist
add action=add-src-to-address-list address-list=ssh_blacklist \
address-list-timeout=1w chain=input comment=\
"Blocked IP address that attempted multiple SSH connections" \
connection-state=new dst-port=22 log-prefix=yes protocol=tcp \
src-address-list=ssh_attempt_3
add action=add-src-to-address-list address-list=ssh_attempt_3 \
address-list-timeout=1m chain=input comment=\

37
"IP address that attempted to create 3 SSH connections" connection-state=\
new dst-port=22 log-prefix=yes protocol=tcp src-address-list=ssh_attempt_2
add action=add-src-to-address-list address-list=ssh_attempt_2 \
address-list-timeout=1m chain=input comment=\
"IP address that attempted to create 2 SSH connections" connection-state=\
new dst-port=22 log-prefix=yes protocol=tcp src-address-list=ssh_attempt_1
add action=add-src-to-address-list address-list=ssh_attempt_1 \
address-list-timeout=1m chain=input comment=\
"IP address that attempted to create an SSH connection" connection-state=\
new dst-port=22 log-prefix=yes protocol=tcp
add action=drop chain=input comment="Drop Telnet Brute Forcers" dst-port=23 \
log-prefix=yes protocol=tcp src-address-list=telnet_blacklist
add action=add-src-to-address-list address-list=telnet_blacklist \
address-list-timeout=1w chain=input comment=\
"Blocked IP address that attempted multiple Telnet connections" \
connection-state=new dst-port=23 log-prefix=yes protocol=tcp \
src-address-list=telnet_attempt_3
add action=add-src-to-address-list address-list=telnet_attempt_3 \
address-list-timeout=1m chain=input comment=\
"IP address that attempted to create 3 Telnet connections" \
connection-state=new dst-port=23 log-prefix=yes protocol=tcp \
src-address-list=telnet_attempt_2
add action=add-src-to-address-list address-list=telnet_attempt_2 \
address-list-timeout=1m chain=input comment=\
"IP address that attempted 2 Telnet connections" connection-state=new \
dst-port=23 log-prefix=yes protocol=tcp src-address-list=telent_attempt_1
add action=add-src-to-address-list address-list=telent_attempt_1 \
address-list-timeout=1m chain=input comment=\
"IP address that attempted to create a telnet connection" connection-state=\
new dst-port=23 log-prefix=yes protocol=tcp
add action=drop chain=input comment="Drop Winbox Brute Forcers" dst-port=8291 \

38
log-prefix=yes protocol=tcp src-address-list=winbox_blacklist
add action=add-src-to-address-list address-list=winbox_blacklist \
address-list-timeout=1w chain=input comment=\
"Blocked IP address that attempted multiple Winbox connections" \
connection-state=new dst-port=8291 log-prefix=yes protocol=tcp \
src-address-list=winbox_attempt_3
add action=add-src-to-address-list address-list=winbox_attempt_3 \
address-list-timeout=1m chain=input comment=\
"IP address that attempted to create 3 Winbox connections" \
connection-state=new dst-port=8291 log-prefix=yes protocol=tcp \
src-address-list=winbox_attempt_2
add action=add-src-to-address-list address-list=winbox_attempt_2 \
address-list-timeout=1m chain=input comment=\
"IP address that attempted to create 2 Winbox connections" \
connection-state=new dst-port=8291 log-prefix=yes protocol=tcp \
src-address-list=winbox_attempt_1
add action=add-src-to-address-list address-list=winbox_attempt_1 \
address-list-timeout=1m chain=input comment=\
"IP address that attempted to create a Winbox connection" connection-state=\
new dst-port=8291 log-prefix=yes protocol=tcp
/ip service
set ftp disabled=yes
/system clock
set time-zone-name=Asia/Kabul
/system identity
set name=NH-HQ
/user set 0 password="123@123"

c) Cisco Switches:
As for our switches we configured port-security with maximum of two user per interface and
violation is selected to shut down. In every one our switches we configured interface fastethernet 1 is
trunk port and the rest of the interfaces are access mode, also we configured SSH and created 2 user

39
for every switch one user is admin with full access and the other user is only for monitoring
purposes. By default

each switch interface goes to up state around 30 seconds or more, using port fast we can make them
to go in upstate sooner but this causes loop sometimes, in order to prevent loops we configured
BPDU guard so our switch go in upstate sooner without causing loop.
enable
Switch#configure t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname HQ_Switch_1
Switch_1(config)#enable secret 123@123
Switch(config-vlan)#vlan 42
Switch(config-vlan)#name Management
Switch_1(config)#vlan 40
Switch_1(config-vlan)#name Access
Switch_1(config-vlan)#interface range fastEthernet 0/2-24
Switch_1(config-if-range)#switchport mode access
Switch_1(config-if-range)#switchport access vlan 40
Switch_1(config-if-range)#ex
Switch_1(config)#interface fastEthernet 0/1
Switch_1(config-if)#switchport mode trunk
Switch(config-if)#switchport access vlan 42
Switch(config-if)#switchport access vlan 40
Switch_1(config-if)#ex
Switch_1(config)#interface range fastEthernet 0/2-24
Switch(config-if)#switchport mode access
Switch_1(config-if-range)#switchport port-security
Switch_1(config-if-range)#switchport port-security maximum 2
Switch_1(config-if-range)#switchport port-security mac-address sticky
Switch_1(config-if-range)#switchport port-security violation shutdown
Switch_1(config-if-range)#ex
Switch_1(config)#interface vlan 42
Switch_1(config-if)#ip address 192.168.100.4 255.255.255.0
Switch_1(config-if)#no shutdown
Switch_1(config)#interface range fastEthernet 0/2-24
Switch_1(config-if-range)#spanning-tree portfast
Switch_1(config-if-range)#spanning-tree bpduguard enable
Switch(config)#username Monitor privilege 10 password 123@123
Switch(config)#username Admin privilege 15 password 321@321
Switch_1(config)#ip domain-name Nedahl.com
Switch_1(config)#crypto key generate rsa
How many bits in the modulus [512]: 1024
Switch_1(config)#ip ssh version 2

Switch_1(config)#line vty 0 4
Switch_1(config-line)#transport input ssh
Switch_1(config-line)#password 321@321
Switch_1(config-line)#login local
Switch_1(config-line)#exit
Switch_1(config)#

40
5. Testing:
In the previous section we configured our devices one by one each, in this phase we are going to
taste those configurations. For switch devices we used packet tracer simulator and for MKT-routers
we were unable to find a simulator to test it due to this reason with used the actual device for testing,
no simulator is used for the testing of MKT-routers. For switch there is not much to test we
configured portfast and it was working but unfortunately it’s not showable in screenshots but we
were able to show the port-security in screenshots. As for our MKT routers we created 2 groups for
bandwidth allocation, first group is for management department and second group is for staffs that
needs internet, first groups total bandwidth is 3mb each user can get maximum of 1mb, and for the
second group maximum bandwidth is 5mb and each user can get maximum of 512kb bandwidth, we
also specified mac-filtering rule for our MKT if someone connects he/she cannot have internet
access.

a) Switch:
As we configured port-security in our switches and we set the maximum of user per interface to 2,
and we set the violation to shut down, it means 2 mac-address can use one port if the third mac-
address is detected by the switch interface the interface will shut down itself automatically.

41
42
b) MKT-Routers:
For our MKT-routers we defined 2 groups for bandwidth allocation, and configured mac-filtering.
As we know brute force attack is challenging in every network, we decided to configure if someone
tries login to our MKT-routers and input the password 3 times wrong he/she will get blocked for 7
days.

43
44
45
46
47
48
49
 Chapter No.4
Network Deployment
Establishment of a group of spots (computers, telephones or other devices) that are connected by
communications facilities for exchanging information. The mode of connection can be permanent via
cable/Radio, or temporary, through telephones, or other means of communications. For many reasons
the establishment of technology is crucial to socio-economic development as well as increasing
democratization of nation. The technology is pervasive in nature, but the cost benefit together with
the national urgency for its introduction through various applications mostly depends on the grass
roots awareness and utilization of computers (Interconnected computers) for the common people.

1. Parallel Network Deployment:

Parallel Networking- also known as “air-gripped networking”- essentially creates an independent
network which runs alongside, or in parallel, to the primary network locations.
i. Advantage of Parallel Network:
Parallel processing divides a large task into many smaller-tasks, and executes the smaller tasks
concurrently on several modes. As a result the larger task completes more quickly.
ii. Disadvantages of Parallel Network:
Effective implementation of parallel processing involves two challenges:
 Structuring tasks for that certain tasks can execute at the same time (In parallel).
 Preserving the sequencing of tasks which must executed seriously.

2. Standalone Network Deployment:

The standalone (SA) mode of 5G NR Rules to using 5G cells for both signaling and information
transfer. It includes the new 5G packet core architecture instead of relying on the 4G involved
packet core, to allow the deployment of 5G without the LTE network.
i. Advantage of Standalone Network:
One advantage of a standalone computer is damage control. For Example. If something goes wrong.
Only the standalone will be affected. Simplicity is another advantage; because it takes a lot less
expertise to manage one computer than it does to setup or trouble shoot several.
ii. Disadvantages of Standalone Network:
Standalone computers have drawbacks. First of all, users are restricted to a single computer. On a
network, users can access their files from any connected computers. Second, the same software
cannot be installed simultaneously.

3. Pilot Network Deployment:

50
A pilot deployment will consist of rolling out the new software to a select group of users in your
organization choosing which users to include in the pilot deployment is an art from of its own. On
the

other hand, the software that you are installing has not been previously run in your production
environment.
i. Advantages of Pilot Network
Establishes the validity of research based upon the expert knowledge of other researchers in the
discipline, therefor preventing falsified work from being accepted within an area of study. Provides
valuable feedback so that researchers can revise and improve their papers before publications.

ii. Disadvantages of Pilot Network

It can cause lengthy delay in the dissemination of research findings. It is a time consuming process
which places considerable demands on the academic community. There has been extensive debate as
to affective the peer review process really is in detecting errors in academic papers.

4. Deployment Technique Used for this Project:

The deployment technique that we used for this project is parallel network deployment method as it
was easier for our team to divide every task into smaller tasks and complete it individually. This
helped our team to focus on the task carefully and before moving to the next task ensuring that the
previous task was performing without issues. In the meantime the network of the organization was
not disconnected.

51
 Chapter No.5
Conclusion and Future Work
In the previous chapters which started from introduction where we have defined our project
completely. In that chapter, we have pinpoint the advantage and disadvantage of the project,
problems regarding the project and expected outcomes. Moreover, in the second chapter, we have
collected the literature review from various websites, which were extremely helpful for us to enhance
the development of this project. In the third chapter, of this project we have defined the requirement
collection techniques along with pros and cons, also we mentioned what is topology, types of
topology and which topology we used for our project. In the fourth chapter we discussed about the
network deployment techniques and which technique we used for our project. In this chapter which
is related to the conclusion and future work we have elaborated our future work regarding this
project and the experience that we have got in the development of the project. Throughout the
development of this project we have faced a number of problems, to find the answer or the solution
for those problems we have visited a number of websites, we have checked other similar projects,
while doing so we have noticed the features of those projects, the downside and the benefits, we have
noticed the things that can be added to our project to make it more and more useful for the users. The
things that we are unable to implement them within this period of time, we will work on those
features in the future, which will be discussed in the future work of this chapter.

1. Conclusion:
The main approach of this project is to provide mobility to the network using wireless networks, and
improve the network performance using better devices with the budget provided by the organization.
Managing bandwidth was the main concern of the organization, each user was complaining about
slow internet services.
Using MikroTik features we were able to manage organization’s bandwidth according to the users
demand, and we configured mac-filtering even if unwanted user connects to the network to use
internet, they cannot access the internet that’s because MAC filtering will not allow the particular
user if he/ she is blocked.
Security is the main concern to everyone in the community, especially in network systems, therefore
the main concern was the security of the devices, which we were able to provide that to our devices,
and we blocked brute force attacks on our MikroTiks, and configured port-security for our switches,
which should provide enough security for our network.
By implementing the above features we well took care of the system to be operational and has a very
stable performance, so everybody inside the organization should have a stable connection and as well
should heave a secure environment while communicating and exchanging data in between each
other.

2. Future Work:

52
As our team members installed and configured the best choice network for the organization, but in
technology world, there is always room for more, for our future plan and works, the first step will be
bandwidth upgradation according to the demand of the organization if the number of employees
increase. We will enable content filtering in the network and using MikroTik-routers and OpenDNS
we can block VPN, it means, if we block a website or an application, the users cannot access it using
VPN. Security is one of the main concerns in all over Afghanistan, therefore the organization will
surly need CCTV system to be installed, we will install and deploy the CCTVs in our future plan and
we will configure it with public IPs which they could easily be accessible everywhere across the
country and worldwide.
We are also planning to make a bandwidth pool, it is somehow a time scheduling plan, when it’s day
time and there is nobody in the Guest-House, we will automatically swap the bandwidth to branch
offices, and when it is off-peak hours (Night Time) the bandwidth will automatically be swapped
back to the Guest-House.

53
References:
[1] Sangram Gayal,” Wireless-LAN-Security”, 16 02 2016. [Online]. Available:
https://networking.report/whitePapers/wireless-lan-security

[2] Abu Sayeed.” Mac-Address Filtering in Mikrotik Wi-Fi AP”. 19 11 2019. [Online].
Available:
https://systemzone.net/mac-address-filtering-in-mikrotik-wifi-ap

[3] Sikandar Shaik, “Switching”. 10 03 2020. [Online]. Available:

https://www.udemy.com/course/new-ccna-200-301-part-26-switching

[4] Arun K. Majumdar,” Metropolitan Area Network” 20 06 2019. [Online]. Available:

https://www.sciencedirect.com/topics/computer-science/metropolitan-area-networks

[5] Richard Buckminster Fuller, “Local Area Network”13 05 2016. [Online]. Available:
http://www.univasf.edu.br/~joseamerico.moura/pag_autom_arquivos/
LOCAL_AREA_NETWORK

[6] Jan Francisti, “LAN security and design”, 10 11 2018. [Online]. Available:
https://www.researchgate.net/publication/329183543_LAN_security_analysis_and_design

[7] Faizan Qamar, “Spectrum Management”10 3 2020. [Online]. Available:

https://www.researchgate.net/publication/
344053122_Issues_Challenges_and_Research_Trends_in_Spectrum_Management_A_Compr
ehensive_Overview_and_New_Vision_for_Designing_6G_Networks

[8] Wendell Odem, “Fundamentals of Ethernet LANs”, 01 10 2019. [Online]. Available:

https://www.amazon.com/CCNA-200-301-Official-Cert-Guide/dp/0135792738

54
[9] Briana Horn, “Bandwidth Control”, 13 4 2019. [Online]. Available:
https://mum.mikrotik.com/presentations/US19/presentation_6896_1554712741.pdf

[10] Matthias Gerber, “Cabling for the Future”, 04 06 2018. [Online]. Available:
https://www.ecdonline.com.au/content/datanetworkingcommunications/article/cabling-for-
the-future-1178234563

[11] Cisco Company,” Cisco OS”, 20 03 2016. [Online]. Available:

https://www.cisco.com/c/en/us/products/ios-nx-os-software/index.html

[12] Giladis Avoine, “SSH”, 07 05 2015. [Online]. Available:

http://www.avoine.net/cyberedu/2015_07_ssh.pdf

[13] Mehmet Hilal Ozcanhan, “DDoS Attacks”, 12 05 2015. [Online]. Available:

https://www.researchgate.net/publication/281281287_DDoS_Prevention_Techniques

[14] Surachai Kaewwong, “Simple Queue”, 21 03 2015. [Online]. Available:

https://www.researchgate.net/publication/
311847312_MikroTik_Bandwidth_Management_to_Gain_the_Users_Prosperity_Prevalent#:
~:text=Bandwidth%20Management%20is%20the%20method,in%20all%20the%20hotspot
%20user.

[15] Javvin Technologies, “Network Protocols” 22 07 2016. [Online]. Available:

http://index-of.co.uk/Tutorials/network%20protocols%20handbook.pdf

[16] Keith Shaw, “802.11g Standard” 23 03 2020. [Online]. Available:

https://www.networkworld.com/article/3238664/80211x-wi-fi-standards-and-speeds-
explained.html

[17] IOSR Journal of computer Engineering, “802.11gbn Standard” 26 10 2015 [Online].

Available:
http://www.iosrjournals.org/iosr-jce/papers/Vol17-issue5/Version-3/D017532629.pdf

[18] Esteban Borges, “SSH Attack Prevention” 18 02 2017 [Online]. Available:

https://securitytrails.com/blog/mitigating-ssh-based-attacks-top-15-best-security-practices

[19] Sovia Lobo, “Winbox Attack” 21 05 2018 [Online]. Available:

https://hub.packtpub.com/winbox-vulnerability-in-microtik-routers-forwarding-traffic-to-
attackers-say-researchers-at-netlabs-360/amp/

[20] Micheal Mullins, “Telnet Attack Prevention” 27 01 2005 [Online]. Available:

https://www.techrepublic.com/article/protect-your-network-from-this-telnet-vulnerability

55
[21] David Hammerstrom, “SMTP Attack Prevention” 27 12 2017 [Online]. Available:
https://www.f5.com/labs/articles/threat-intelligence/academic-research-a-survey-of-email-
attacks

[22] Nate Lord, “FTP Attack Prevention” 16 09 2018 [Online]. Available:

https://digitalguardian.com/blog/what-ftp-security-securing-ftp-usage

56