Tuesday, April 11, 2017

#Computer Networks #Softwarica #Assingment #Nishant Shrestha

 Introduction:

Asbestos Removal Contractors (ARC) wants to build an information system and has acquired a building formerly occupied by telephone call-center containing old structured-cabling. The CEO of the company has wished to give some pointers on network to make the maximum out of technology. Different requirements are laid in the scenario which are to be met in the assignment.

Task 1: Networking Infrastructure and Protocols


a)    What is meant by structured cabling and what do you need to know to determine if the existing cabling is suitable?
è A structured cabling system is a set of cabling products that integrates the data, multimedia, security, VoIP and even wireless connections throughout a building and other management systems of the building, A planed structured cabling accelerates the continuous flow of information, permits the sharing of resources, promotes smooth operation, accommodates with the changing technology.
Thus, it is a specification for how a network media should be installed to maximize the performance and speed. It facilities trouble-shooting, amending, and growing a network cable-plant. Structured cabling depends on an extended-star-topology though a variety of logical-topologies can be used.
Structured Cabling is organized into 6 components, and they are:
·         Work-area
·         Horizontal-wiring
·         Telecommunications-closets
·         Equipment-rooms
·         Vertical-wiring
·         Entrance-facilities

The criteria which are to be identified while determining if the existing cabling structure is suitable are as follows:

  • ·         The cable and connections products: The UTP (Unshielded Twisted Pair) cat 5 and cat 6 are mostly used cables in a network also for the high data transfer rate Fiber Optics are also used in some context but due to the limited budget in our project, We prefer cat 6 of UTP cable because it supports frequencies up to 250 MHz It allows for 10/100/1000 Megabit Ethernet use with a cable length of up to 100 meters and 10 Gigabit Ethernet over shorter distances.  
  •          Suitable topology: Extended star topology is used. It is a topology where multiple star topologies are interconnected together. Here network cables are connects to one switch, and then several other switches connect to the first switch. Use of multiple switch helps to minimize data collision in a network.
  • ·         Compatibility and Life span of connectors and cables
  • ·         Types of hardware and software and software the cabling installation will support.
  • ·         Network / Server rack design and installation

                                                                                                               (Beniot,2002)






b)    Identify and briefly explain the purpose of FOUR (4) protocols that will be used. Your answer should also discuss the key reasons for layered protocols and outline how each fits into the OSI model
è The various protocols used in applications are:
1.    PPP (Point To Point Protocol): This is used to establish a direct connection between two workstation using a serial Interface. It can give association authentication, transmission encryption (utilizing ECP, RFC 1968), and compression. This protocol lies in Data Link Layer (2nd layer) of OSI model.

2.    HTTPS (Hyper Text Transfer Protocol Secured): It is a protocol which uses HTTP for creating an encrypted-link between a web server and a browser which safeguards that all data passed through web server and browser remains private and secure. HTTPS is used to protect transmitted data from eavesdropping. This protocols works on application layer (7th layer) of OSI model.

3.    FTP (File Transfer Protocol): A network protocol used for transferring data from one nodes to another host over a TCP-based network. This allow independence between client and server machine system file. Thus this enable efficient data transfer. And this is on application layer (7th layer) of OSI model.


4.    SMTP (Simple Mail Transfer Protocol): This protocol is used in a network in order to send electronic message from one workstation to another. This does not deals with receiving of the e-mails. For receiving the mails POP or IMAP protocols are used. This Protocol exists on application layer (7th layer) of OSI model.

Layer approach is used because it reduces the complexity of the problems between multiple networks. It allows the standardization of interfaces among devices.




c)    Explain how devices are connected to a network using Wi-Fi and state the components required. Your answer should also explain how Wi-Fi fits into the OSI model.   
è In a computer networking, every devices are connected to Wi-Fi by using a device, Access Point (AP).The AP is usually connected to a router as a separate device, but it can also work as the integral part of the router.  An AP is differentiated from a hotspot, which is a physical space where a wireless services is provided.
The common modes for Wi-Fi connectivity are:
·         Infrastructure mode: devices are connected to wireless-network without Access-Point.
·         Ad hoc Mode: devices can communicate to each-other without Access-Point within a range.
When a client is connected to Wi-Fi, router usually assigns IP to the client.

A wireless network is any type of computer network that uses wireless data connections for connecting networks nodes. Wireless telecommunications networks generally uses radio communication. The physical -layer of the OSI model network structure handles the implementation of the process.

The physical and data link layers of the OSI model controls the operation of WLAN. And the Data link layer and Physical layer both have their own function and those functions are:
Data-link-Layer: Creates, transmits, and receives packets. Control the Physical Layer.
Physical-Layer: Converts data into bits for transmitting and converts received bits into usable data for the layers above it.
Wi-Fi works on the basis of IEEE 802.11 Standard. The protocol architecture consists of Physical Layer with two sublayers PLCP and PMD and Data Link Layer consists of Mac and LLC sublayer. The Wi-Fi system consists of Wi-Fi client, access point and LAN.
All the primary functions of wired and wireless local area network (LAN) technologies occurs in data link layer with the interaction of its sub-layers.

LLC allows an 802.11 protocol stack to be grafted underneath any TCP/IP implementation with little or no change to the upper layers and MAC also provides the same functions as in other protocol stacks

                                    
                                               Fig: WLAN protocol stack
The components of required to connect a device to a wireless network are:
Wi-Fi network adapter: A hardware device consisting of radios and antennas Capable of transmitting and receiving wireless digital signals and Wi-Fi frames. Antennas may also be integrated to client’s device itself. Now days Modern PCs, laptops, smartphones, etc. all come with a wireless adapter.
Access-Point: A computer with a Wi-Fi network adapter is allowed by a separate device similar to Wi-Fi hub to connect to the internet. It acts as a base station that receives and transmits signals via radio waves. Thus it provides the link between the devices add the network. And this device is generally used in a corporate environment with many users.







d)    Briefly explain the key relevant standards together and discuss the advantages and disadvantages of Wireless.  Which standard(s) do you recommend?  Would you recommend the entire LAN be connected wirelessly?
è IEEE 802.11 (WLAN) is a standard of a wireless network and the standard is further categorized into different series for interoperability and proper allocation of the frequencies. The WLAN has been categorized into various groups and they are:
Standard
Data Rate
Moderation/Signaling technique
Frequency
802.11
2 Mbps
Frequency-Hopping-Spread Spectrum (FHSS) or Direct Sequence Spread Spectrum (DSSS)
2.4 GHz
802.11a
54 Mbps
Orthogonal-Frequency-Division Multiplexing (OFDM)
5 GHz
802.11b
11 Mbps
Unregulated-radio-signaling frequency
2.4 GHz
802.11g
54 Mbps
Orthogonal Frequency-Division Multiplexing (OFDM)
2.4 GHz
802.11n
130mbps or less without configuring any setting
(Multiple In – Multiple Out) MIMO
With multiple signals
2.4GHz and 5GHz bands
802.11ac
1300 Mbps on the 5 GHz band plus up to 450 Mbps on 2.4 GHz.
dual band wireless technology
MIMO
2.4 GHz and 5 GHz

The advantages of wireless network are:
1.    This has increased the mobility.
2.    It is scalable if the size needs to be increased or decreased in future.
3.    It can be used to make telephone calls using voice over Internet protocol.
4.    Wi-Fi is cost effective.
5.    The risk of trip hazard is avoided.

And the Disadvantages are:
1.    Data transfer rate is slower in wireless network
2.    Fluctuation of traffic can be occurred,
3.    Unsecured
4.    Range coverage problem

The 80211n would be preferable because it has the good bandwidth and it is backward compatible.
I wouldn’t recommend the use of wireless LAN because this operates with security issue and also fluctuation of traffic occurs due to the radio frequencies.
                                                                                                                                (Bradley,2015)













Task 2: Addressing


a)    Explain why devices on a network need addresses.
è A network-address is a unique identification for a workstation in a network. A workstation in a network requires the unique identity to be separated from other nodes in a network. When a packet is sent from a node to another across a network then the destination node is identified by its network-address. Thus, network-address is used for data transmission in a network.

b)    Explain the terms MAC address and IP address. Distinguish between these terms, and between IPv4 and IPv6.
è IP-address are the hierarchical network-address of 32-bit through which data- packets are sent over a network. IP are generally assigned to a nodes by a DHCP-server on a random basis and IP of a particular nodes doesn’t always remain same. It lies in Network-layer of OSI-model
Whereas MAC is a non- the hierarchical network address of 48-bit which allow multiple devices to be uniquely identified at the data-link-layer. And DHCP-servers uses the MAC address to identify devices and give devices their IP-addresses within a Local-Area-Network. It lies in Data-link-layer of the OSI model.

IP are classified into two forms they are IPv4 and IPv6 and the difference between them are:
Basis of difference
IPV4
IPV6
Length
IPv4 is a 32-bit network address using subnet mask.
IPv6 is 128-bits address using prefix length.
Packet-flow-identification
No packet flow identification.
Available within the header using the Flow Label field.
Configuration
IPV4 is configured either manually or dynamically.
Auto-configuration of addresses is available.
File Transfer Protocol (FTP)  
allows user to send and receive files across networks
Does not support IPv6.
                                                                                                               
c)    Explain what is meant by an IPv4 private address? Why it might be used and is it applicable in this case? 
è Some of the ranges of IPV4-address have been reserved for private use only. And those address between the reserved ranges are IPV4 private address. Also The private IP’s are non-routable address, i.e. they cannot pass information to the internet(because the source and destination would be ambiguous). The ranges of which the IP-address are reserved are given below:
10.0.0.0/8 IP addresses
10.0.0.0 -- 10.255.255.255
172.16.0.0/12 IP addresses
172.16.0.0 -- 172.31.255.255
192.168.0.0/16 IP addresses
192.168.0.0 – 192.168.255.255

Among the above ranges of IP a part of the "172" and the "192" address are labelled for private use and the other remaining address are usually used for public purpose.

Private IP’s are generally used in corporates network and mostly for security reasons. It helps in enhancing the network security. So it can be applicable in the case of the scenario.





d)    Explain how devices get their MAC or IP address.
è IP can be assigned to a device by configuring it to a static-address manually or through DHCP server dynamically. Then IP  is assigned automatically by DHCP when a new system is detected on the network.
Whereas MACs are assigned to hardware by manufacturer and are a permanent part of the device.
                                                                                                                                 (Andrew,2015)





e)    Briefly explain what is meant by subnet and how it could be used in this network. Do you recommend sub-netting in this case?
è Subnet is a logical-group of IP network located physically close to each other in LAN. Sub-net signifies a sub-network so this is a small part of a network. Thus this represents multiple nodes with a range of IP at one. Having a network divided in subnet allows sharing of network address. And also if sub netting is done then it also increases the performance and security of the network. If the network is not divided in subnet it could use multiple connections to the Internet, separate for each physically different sub-network. It would also require that Internet routing tables on gateways outside the network and have to manage routing that could and should be handled across the network.

In the scenario the security of the information in the network is the most, so I recommend the use of subnet in this network to maintain security.
                                                                                                                         (Phillip,2012)


f)     Explain how a packet gets from one network to another.
è When a packet is produced in transport-layer of OSI-model, it is sent to the IP-layer and here the packets are filled with the information related to source and destination IP addresses and other information like TTL (time-to-live), fragmentation information etc. Now packet enters the data-link-layer where the information related to MAC-addresses is added. And sent to the physical-layer. So a binary-stream is sent to NIC on the physical-media. Now the packet is sent to the router. Then it checks the destination IP-address and Network-address, if the address exists in the network then the packet is forwarded to that network else the packet is dismissed. Then the packet travels from one router to another till it reaches the destination. When it reaches the destination the IP is checked in Physical-layer & the MAC is verified by the Data-link-layer and also IP layer verifies the packet. And finally the receiver receives the information from the packet.
(HIMANSHU, 2012)

Task 3: Security


a)    Explain what is meant by the terms: Confidentiality, Integrity and Availability. Provide ONE (1) example from the scenario to illustrate each term.

è Confidentiality, integrity and availability, are a model designed to guide policies for information security within an organization or it known as the security triad (CIA) of data and information (computer system).
In simple confidentiality is a set of rules that limits access to information. Confidentiality protects from unauthorized disclosure. Confidentiality ensures that computing related assets of hardware, software and data are accessed by only authorized parties.
 Integrity is the assurance that the information is reliable, consistent and precise. Integrity means, those assets like hardware, software, and data are accessible or modified only by the authorized parties or only in authorized ways.
Availability is an assurance of trustworthy access to the information by authorized people. Availability means those assets like hardware, software and data are accessible to authorized parties at appropriate times.
As security is the most in our scenario all the information’s all the data and information should be encrypted and the digitals signatures should be used for solving the problem of data Integrity and to prevent the loss of data proper back-ups should be provided and also  software’s like firewalls should be included to guard the network from external threats.
(Chia, 2012)
b)    Identify and explain TWO (2) issues that are missing from the security requirements listed above.

è The two issues of security that are missing from the requirements are as follows:
Authenticity: The word authenticity is the condition of something being bona-fide, or honest to goodness and genuine. Authenticity is essential when the benefit of something is subject to where it originated from or how it was made. Authenticity is confirmation that a message, exchange, or other trade of data is from the source it cases to be from. Authenticity includes confirmation of personality.


Non-repudiation: Nonrepudiation is the confirmation that somebody can't deny something. Ordinarily, nonrepudiation indicates to the capacity to guarantee that a gathering to an agreement or a correspondence can't exclude the integrity from securing their mark on a record or the sending of a message that they started


c)    Identify SEVEN (7) measures that should be taken to keep the network secure. It should include hardware, software, policies and ways of checking them.
è The measures which should be taken to keep a network secure are:
1.    Enforcing-strong-password: Access to the system should be restricted to the unauthorized users. And the password should be unique and strong enough to prevent breakthrough.
2.    Put-up-a-strong-firewall: A firewall secures your system by controlling internet traffic coming into and streaming out of your business. So firewall should be turned on and updated regularly.
3.     Install-antivirus-protection: Anti-virus protection scans your computer and your incoming e-mail for viruses, and deletes them if any threats are detected.so Antivirus software should be installed in the system and be updated regularly.
4.     Update-your-programs-regularly: Regular update of the system is to be done to enjoy the full function of the system, If proper update is not done the may function slow than it should.
5.     Backup-regularly: In some cases confidential-data may be corrupted or infected by viruses, so regular back-up is most for data’s.
6.    Secure-your-wireless-network: Use wireless router with WPA encryption because it is stronger than WEP. Use the same encryption for other hardware.
7.    Do-not use-public-hot-spots: Public hot-spots are not secure so avoid accessing sensitive information across a public wireless network.




d)    What do you think is the biggest threat for this system? Justify your answer. 
è Man-in-the-middle attack is an attack where a third party pretends to be one of the parties in a two-way conversation. Here the third party can listen to the both sides conversation and can modify the information between the transmission.
This attack is considered as the biggest threat for this system because this devastates the security of our system as security is the most important aspect of our system, Man-In-The-Middle considered as the biggest threat.


















Task 4: Diagram and explanation

a)    A logical network diagram showing the main components of the network.
è Here in the layout of the network design extended-star topology has been used because signals passing on such network are not obstructed and data collision is avoided in this topology than in other topology.In this network a new workstation can be casily added without interupting the work of other nodes in a network. Network doesn’t fails if a node in it is not working. At the same time its easy to detect the failure and troubleshoot it.since it is centeralized.
The layout of the network to be established is below:
Fig: Simple-Network-Layout



b)    Use the office layout to show the physical cable layout.
è After using the office layout to show the physical cable layout and the location of components the below diagram has been produced:
Fig: Final-Network-Layout



c)    Allocate suitable IP addresses
The DHCP-Pool provides IP to the nodes on the basis of the table below:
















d)    Reasons for which the each hardware and software are used in the network.
The reasons for choosing the above hardware component in the network are:
1)    Desktop and Laptops have high resolution screen with high processing speed and are of 5th generations.
2)    Router have speed of 11Mbps which is sufficient for the office to have fast data transmission across the network.
3)    Routers provides access to the limited users so to solve this Access-Point (AP) has been used.
4)    Switch/Patch-panels are used to connect different devices on a network for internet sharing.
5)    The UTP (Unshielded Twisted Pair)  cat 6  cables  are used in network because it supports frequencies up to 250-MHz and allows for 10/100/1000 Mega-bit-Ethernet use with a cable length of up to 100 meters and 10 Gigabit Ethernet over shorter distances.  
6)    Smartphones and Tablets are used to provide the access to the remote users.
7)    A network printer is used for enabling all users to print out the documents from any part of the office-building.
8)    Rack-Mount-Servers have strong authentication and access protection and has better password management-features to impose robust passwords as server do not need to modify or change program encrypt data.
9)    Firewalls are used in network to prevent external threats to enter in network and also prevent internal threats of a sub-netted-network to go out to main Server.
10) Anti-malware are used to prevent the network from malware-infection.
11) Office-suit and Accountancy software are used for the efficient working of the staffs in the office.






e)    Local prices and specification of suitable hardware/ software.

S.N
Network-Component
Manufacturer
Price(Rs)
Specification
1
Desktop
Samsung
270000
 Ram:4GB
CPU: 5
2
Laptop
Dell
180000
Ram:4GB
CPU: 5
3
Servers
IBM
40000
Ram:512GB
CPU: 5
4
Router
Cisco
12000
300 Mbps speed
IEEE 802.11n
5
Switch
Cisco
9000
24 ports
6
Patch-panel
Siemon-Network
7000
Port-type:USB
24 ports
7
cable

15000
UTP cat-6
8
Printer
HP
13000
Print-technology: Laser
Processor-speed:540MHz
Wireless-Connectivity
9
smartphones
Microsoft-Nokia
160000
Ram:2GB
ROM:16GB
10
tablets
Microsoft
180000
System-memory:2GB RAM Storage:32GB, 64GB

11
Access point
Sonic-wall
14000
802.11n wireless technology
12
Office Suite
Microsoft
20000

13
accountancy software
Sage
25000

14
Anti-malware
Kaspersky
25000
Real time security
15
Firewall
Microsoft
23000
Real time security

                                                                                                                 (Bent, 2014), (Duffy, 2015)



Task 5: Remote access


a)    Explain how you could incorporate remote access into the system and identify the components you would need and actions you need to take to get it to work.
è Virtual-Private-Network (VPN) connection is used in a network in-order to integrate remote access in the system. The components which are needed to integrate to a VPN Connections are:
·         VPN server: Provider of VPN connections from VPN clients.
·         VPN client: User of VPN connections provided by the VPN server.
·         Datagrams: This contains data, destination and source information
·         Tunneling protocols: This protocols creates the VPN tunnels which permit a private connection over a public.
·         Firewalls: Only Authorized users and data are allowed by VPN to pass through the firewalls and this prevents external threats to pass across the network and also prevent internal threats of a sub-netted-network.

In VPN network, data and information travels through a tunnel, in a tunnel data are encrypted and for the transmission of those data PPTP (Point to point Protocol) is used in the network, to enable the encapsulation of a packet from one type of protocol within the datagram of a different protocol.













b)    How does this impact the network security? 
è VPN-connection operates at the TCP/IP interface level, this means all of the applications will be secured, along with the web browsers. The IP’s assigned in a VPN network is private IP address which is non routable. This provides a secure communication network.
The impacts of VPN in network security are:
·         Here the network traffic is encrypted and authenticated.
·         Hosts can be appointed to a private network range despite the fact that they may be in totally distinctive areas.
·         Access to the Internet will be improved because of routing-network-traffics by totally distinctive areas which  bypasses local firewalls and restrictions
·         Uses advance technologies and protocols which are used to protect the network from unauthorized access.
·         It is complex for designing and implementing security in a virtual-private-network can be complex.  So, only a professional can implement and configure it.
                                                                                              (Blake, Brooke and Leitner, 2014)












































Conclusion

All the tasks are covered and details are provided related to the requirements. All the hardware, software and overall requirements that are needed are provided. The information provided are up to date and are taken from reliable sources Thus can be executed to add to the network.






















 

References

Chia, T. (2012). Confidentiality, Integrity, Availability: The three components of the CIA Triad « Stack Exchange Security Blog. [Online] Security.blogoverflow.com. Available at: http://security.blogoverflow.com/2012/08/confidentiality-integrity-availability-the-three-components-of-the-cia-triad/  [Accessed 26 Sep. 2015].
 Elliott, B. (2002). Designing a structured cabling system to ISO 11801. Cambridge: Woodhead.
Arora, H. (2012). Journey of a Data Packet in the Internet. [Online] Thegeekstuff.com. Available at: http://www.thegeekstuff.com/2012/08/journey-of-a-packet/ [Accessed 21 Sep. 2015].
Lemke, A. (2015). How do devices get their MAC addresses or IP addresses? - Quora. [Online] Quora.com. Available at: https://www.quora.com/How-do-devices-get-their-MAC-addresses-or-IP-addresses  [Accessed 21 Sep. 2015].
Mitchell, B. (2015). 802.11, huh? What do these different wireless standards mean?. [Online] About.com Tech. Available at: http://compnetworking.about.com/cs/wireless80211/a/aa80211standard.htm  [Accessed 18 Sep. 2015].
Remaker, P. (2012). What is the point of subnet masks? - Quora. [Online] Quora.com. Available at: https://www.quora.com/What-is-the-point-of-subnet-masks  [Accessed 23 Sep. 2015].

Bent, K. (2014). The Top 10 Best-Selling Access Points By Brand. [online] CRN. Available at: http://www.crn.com/slide-shows/networking/300071855/the-top-10-best-selling-access-points-by-brand.htm/pgno/0/1 [Accessed 5 Oct. 2015].

Duffy, J. (2015). Cisco's top 10 rivals. [online] Network World. Available at: http://www.networkworld.com/article/2191771/data-center/cisco-s-top-10-rivals.html  [Accessed 4 Oct. 2015].
Blake, A., Brooke, B. and Leitner, M. (2014). What is VPN (virtual private network) and what are its advantages and disadvantages? - Quora. [online] Quora.com. Available at: https://www.quora.com/What-is-VPN-virtual-private-network-and-what-are-its-advantages-and-disadvantages  [Accessed 2 Oct. 2015].











at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

IP Addressing and Subnetting for New Users Document ID: 13788

Contents Introduction  Prerequisites       Requirements       Components Used       Additional Information       Conventions ...