Professional Documents
Culture Documents
2.1 Introduction
In this chapter we will assessment of ministry of foreign affairs LAN, its deigning
concepts and the different departments of the ministry to become conscious the well
management, like security higher performance, availability and scalability for future
trends.
resources and accessibility. The main aim is to resistant maximizing user requirements,
high routine utilities, and reliable LAN connectivity, instead of online work.
2.2.1 Existing products
Some internet services are available inside the ministry of foreign affairs that
allow them to connect through the internet and router for outside gateway, it allows the
ministry to instigate a connection to the hosts by the use of internet to access their data
A local area network (LAN) is a group of computers and associated devices that share a
computers and peripheral connected to a server within a distinct geographical area such as
connection to share resources such as printers anyhow a local area network is a computer
network within a small geographical area such as a home, school, computer library, office
personal computers which are each capable of accessing and sharing data and devices,
such as printers, scanners and data storage devices, anywhere on the LAN anyway here
various devices in the network are connected to a single cable or line. In general,
costs
Ring topology refers to a specific king of network setup in which devices are
connected in a ring and pass information to or from each other according to their
adjacent proximity in the ring structure. This type of topology is highly efficient
and handles heavier loads better than bus topology. A ring also called topology
Very orderly network where every device has access to the token and the
opportunity to transmit.
computers.
faults.
Performs better than a bus topology under heavy network load.
Moving, adding and changing the devices can affect the network
network
Star topology is one of the most common network setups also star
topology is a topology for a Local Area Network (LAN) in which all the
hub or switch anyhow star takes more cable than other topologies like bus, but the
benefits is that if a cable fails, only one node will be brought down.
computer’s Network Interface Card and the other end (RJ 45 connector)
Fault Diagnosis
more connected with your network, you can check its cable and connectors
Network Reliability
Better performance
Device Isolation
computers.
Connection reliability
The ministry is providing wired (cables) and wireless (router) can capable
carrying of the signals and waves from the source to the destination, which
successfully.
Availability:
The system must be available at any time internally and externally with the
printers should become ready at any time needed by the users. The internet
High implementation
The system has to maintain an appropriate manner the devices which can
it must be there such like PCs had good processors, Cisco switches and
routers.
Security:
prevention from outsider and insider attacks to mitigate the damage of the
implement following:
NAT/DMZ
Eavesdropping attacks
Central Management:
Is the managing the holy system physically and logically from a central
admin which auditing, allowing, preventing the activities through the entire
network. The admin must perform functioning for configuring devices like
routers, switch.
2.5 System Adjustment
Server provides us with powerful tools to react the needs faster than ever before
with greater control and confidence specially Windows server 8 designed to increase the
reliability and flexibility of the infrastructure, helping the ministry and the system to save
time and reduce costs. Windows Server 2008 R2 enables us to take the datacenter and
the network. It provides us with both the features and the strength of a
established solution giving the employees flexible access to their data and
Microsoft has been investing in the Virtual Desktop Infrastructure, also known
contains several updates over the previous version to the tools you are most
familiar with.
rising reliability and the scalability
enhanced administration
Windows Server 2008 helps to decrease the amount of effort you expend
managing your physical and virtual data centers by providing enhanced
tasks.
2.5.2 Routers
Router is a device that forwards data packets along a network, routers use headers
and forwarding tables to determine the best path for forwarding the packets, and they use
protocols such as ICMP to communicate with each other and configure the best route
between any two hosts so The Cisco 1841 Integrated Services Router is part of the Cisco
1800 Integrated Services Router Series which complements the Integrated Services
Router Portfolio
Support for majority of existing WICs, VWICs, and VICs (data mode only)
Security
o On-board encryption
o Intrusion Prevention as well as state full Cisco IOS Firewall support and
standalone switch that provides wire-speed Fast Ethernet and Gigabit Ethernet
connectivity. This switch offers two distinct sets of software features and a range of
configurations to allow small, midsize, and enterprise branch offices and industrial
environments to select the right combination for the network edge. Standard Image
Software offers Cisco IOS Software functions for basic data, voice, and video services.
For networks with requirements for additional security, advanced quality of service
(Quos), and high availability, Enhanced Image Software delivers intelligent services such
as rate limiting and security filtering for deployment at the network edge.
2.5.4 Security
Network security starts with authenticating the user, commonly with a username
and a password. Since this requires just one detail authenticating the user name —i.e. the
password, which is something the user 'knows'— this is sometimes termed one-factor
authentication. With two vector authenticating, something the user 'has' is also used (e.g.
a security token or 'dongle', an ATM card, or a mobile phone); and with three-factor
authentication, something the user 'is' is also used (e.g. a fingerprint or retinal scan).
Once authenticated, a firewall enforces access policies such as what services are
access, this component may fail to check potentially harmful content such as computer
worms or Trojans being transmitted over the network. Anti-virus software or an intrusion
prevention system (IPS) help detect and inhibit the action of such malware.
Security management for networks is different for all kinds of situations. A home
or small office may only require basic security while large businesses may require high-
maintenance and advanced software and hardware to prevent malicious attacks from
A quick look at the top five security problems shows there is are tools to solve
each one. But the one problem/one tool approach does not solve the full range of security
problems and can be difficult to manage. This approach also begs the question "Is there a
Porous-Perimeters
The conventional approach to enterprise security has been to apply security at the
but include a mix of unmanaged mobile devices, such as laptops and PDAs.
Sometimes these devices belong to employees, but often businesses must allow guests
such as contractors, partners and others with unmanaged mobile devices to directly
sophistication of attacks on the network. The hacker profile has begun to shift from
adolescents crashing systems for fun to professional criminals bent on taking over
systems for profit. New strains of malware appear to have the goal of remotely
Unadoptable Networks
Many enterprises built LANs with the assumption that internal users are
trustworthy. Little thought was given to understanding exactly what devices are
connected to the network, where these devices are located, and what users are doing
with them. As a result, enterprises are finding themselves ill-equipped to deal with
laws, and even anti-terrorism acts, has raised the importance of auditing network
activity.
Enterprises need visualization and audit tools that associate different network
identifiers and locations. Such tools could, for example, find the user, access port, and
MAC address when given an IP address. The tools should also be able to display the
location from which the user has accessed the network in a form that can IT can
quickly understand.
Uncooperative Employees
Even with security awareness programs and employee censure for lax security
practices, users still view security as something that gets in the way of doing their job.
Users will often abort full disk scans, or even disable anti-virus or anti-spyware
and policy compliance verification, and that have the ability to isolate an endpoint that
Risky Applications
users to be in touch 24x7. However, many of these tools bring with them increased
security risks, primarily because their reach extends within and beyond the traditional