Running head: ABC AUDITING FIRM 1

Network Case Scenario

Shane Thompson

Andrew Smith

Vernon Brighton

Mark Green

Excelsior Community College

Amis 1A (Evening)

July 23, 2010

Running head: ABC AUDITING FIRM 2

Table of Contents

Introduction…..………………………………………………………………………………3

Network Architecture………………………………………………………….……………..4

Topology used for network………………………………………………………………….5-6

Storage Systems……………………………………………………………………………..6-7

How information will be secured and recovered on the network…….……………………....7

Technology for transmitting information……………………………………………………8-9

Data Security……………………………………………………………………………......9-10

Protocols……………………………………………………………………………..……..10-11

Applications and System Software used on the Network…………………………;………..11

Conclusion……………………………………………………………………………………12

Appendix……………………………………………………………………………………13-14

Reference……………………………………………………………………………………..15
Running head: ABC AUDITING FIRM 3

Introduction

Network which is the interconnection of computing devices consists of computer hardware and

software. This paper explains the types of networks to be implemented to complement an

existing network to provide e-training and e-tutoring to students. Representing the Auditing firm

ABC we wish to use the most effective and efficient networking system to complement the

network of the Head Office which is located in Canada. We aim to justify the use of equipments,

hardware and software chosen for the locations in Jamaica and Tanzania. This network will

allow students to pay for training online and have private conferences with course coordinators.
Running head: ABC AUDITING FIRM 4

Network Architecture

The Network specialists have proposed to use Local area Network (LAN), Wireless Area

Network (WAN) and a server based network architecture for the networks to be developed. Both

Local area Network and Wireless area Network will be implemented to transfer data across the

network. The Local Area Network will be used mostly for administrative and class purposes

while the Wireless Area Network will be used frequently by students to access the internet. The

Server based or Client server is a network architecture in which a computer or process on the

network is either a client or server. Servers are computers dedicated to managing disk drives,

printers or network traffic. Clients are PCs or workstations on which users run applications. The

clients will rely on servers for resources, such as files devices and processing power. Due to the

environment consisting of more than 10 users a client/server is ideal for this type of network.

The servers will be acting as dedicated servers. The server based networks is advantageous to use

in sharing, security, backup, redundancy and number of users on the network. It is designed to

provide access to many files and printers while the performance and security of the network is

maintained. Sharing is centrally administered and controlled. Being centrally administered one

administrator can set policies and apply them to the uses of the network. Server backup can be

set automatically even if servers are located on different parts of the network. Through

redundancy system the data on server can be duplicated and kept online.
Running head: ABC AUDITING FIRM 5

Topology used for Network

The topologies to be used on the network to be developed by the ABC Auditing Firm’s

Data Communications and Networks specialists are Bus and Star Topology accompanied by

communication equipments such as router, switch, file, domain and storage server, unshielded

twisted pair copper cabling, work stations and network interface cards.

Bus topology refers to a single cable that connects all work stations, servers, printers and other

devices on the network. In this type of topology, long backbone cable is used to link all the

devices in the network. Drop lines and taps are used to connect node to this backbone. This type

of topology is easy to install requires less cabling than other topologies. This is very cheap and

cost effective.

In a star topology, each network device has a home run of cabling back to a network hub, giving

each device a separate connection to the network. If there is a problem with a cable, it will

generally not affect the rest of the network. The advantages of using star are it is easy to install,

no disruptions to the network when connecting or removing devices. The most common cable

media in use for star topologies is unshielded twisted pair copper cabling. This we have chosen

for both topologies. Internal Transmission type will be linked using combination copper wired;

cat5 or cat6 cables and unshielded twisted pair copper cabling to be connected routers to

switches – servers to workstations (clients).

Routers translate information from one network to another; it is similar to a super intelligent

bridge. Routers select the best path to route a message, based on the destination address and

origin. The router can direct traffic to prevent head-on collisions, and is smart enough to know

when to direct traffic along back roads and shortcuts.

Running head: ABC AUDITING FIRM 6

Switch is a device that provides a central connection point for cables from workstations, servers,

and peripherals. In a star topology, twisted-pair wire is run from each workstation to a central

switch/hub. Most switches are active, that is they electrically amplify the signal as it moves from

one device to another. Switches no longer broadcast network packets as hubs did in the past, they

memorize addressing of computers and send the information to the correct location directly.

The NIC is used to connect the workstations to the network. Network interface cards are a major

factor in determining the speed and performance of a network. The network will be linked

external using the Public Network .We chose Flow which is Fiber to Fiber. This might not be the

cheapest but fewer signals are lost using this network and the speed of this type is the best. LIME

will be used as a backup in case the main Public network goes down.

The diagrams of the topologies show how these devices are connected on the network. Careful

planning and thought has led to these devices and topologies being chosen. Set up cost, time and

the amount of cabling have influenced our decision.

Storage Systems

The network will use both online and offline storage. File and Storage servers will be

used at each location to store files. Files are loaded into your computer’s memory so that you can

edit or use it logically. This is ideal for file and data storage as it can store information

automatically. The use of data center will be used also for storage. Its separate location makes it

ideal for storing files of the company for archiving. If the locations in Jamaica and Tanzania

have server problems and failure then the files can be retrieved from the data center. These are

all physical types of storage. Logically they will be stored using a Relation database management

system, which is SQL for areas where student information will be stored, that is the E-learning
Running head: ABC AUDITING FIRM 7

Tutorial. For staff Combination of Microsoft Access, Excess and SQL data and information.

Online backing up will also be implemented in case the server goes down.

How will information will be secured and recovered on the network.

Data will be secured on the network effectively to maintain security. We have

implemented the

Palo Alto Firewall device and Kaspersky antivirus which will allow us to mitigate outside

threats through IPS and content filtering. Our Virtual Private Network data transfer will be

difficult to compromise because it will be heavily encrypted. Data will be backed up often to

ensure that data loss does not happen. The use of file-level and share –level security to keep

unauthorized person from accessing data files and folders that are shared on the network. In

addition, Password- protect documents such as Microsoft office applications and Adobe acrobat

will allow us to set passwords on documents. The use of disk encryption will enable us to

encrypt and decrypt data on disk drives also the use of a public key infrastructure to manage

public or private key pairs and digital certificates as to share data through our public network

safely. Data in transit can also be protected with Internet Protocol security (IPsec) to encrypt data

for confidentiality. Wireless network will use encryption such as Wi-Fi protected access. We

have user rights management to retain control of data through the use of Windows Rights

management Services (RMS). This will control what the recipient is able to do with documents.

Finally, all computers will be protected by passwords and users are managed by the server.

Data will be easily recovered on the network because we have used Quantum Backup Exec to

backup and restore data on our storage and client servers. This software manages up to 100GB

per job can be backed up to a hard drive. This software also supports various languages easy to

use and very effective.

Running head: ABC AUDITING FIRM 8

Technology for Transmitting Information

There will be a combination of LAN and WAN technologies used for data transmission.

Internally we will use CSMA/CD and externally we will use Virtual Private Network (VPN)

which is secured connection using a Public network as the medium. CSMA/CD which stands for

Carrier-Sense Multiple Access with Collision Detection when used each computer on the

network, including clients and servers, checks the cable for network traffic. Only when a

computer "senses" that the cable is free and that there is no traffic on the cable can it send data.

Once the computer has transmitted data on the cable, no other computer can transmit data until

the original data has reached its destination and the cable is free again. This might seem like a

cumbersome way to put data on the cable, but current implementations of CSMA/CD are so fast

that users are not even aware they are using a contention access method. With the distance of

network traffic being less than 2500 meters this type of access is ideal for the locations. The level

of network activity and the type of network being Ethernet also has led to the use of CSMA/CD.

The VPN is a solution to establishing long-distance and/or secured network connections. For our

organization which is looking to provide a secured network infrastructure for its client base, a

VPN offers two main advantages over alternative technologies: cost savings, and network

scalability. To the clients (students) accessing these networks, VPNs also bring some benefits of

ease of use. VPN technology also works well with Wi-Fi local area networking. We will also

organizations use VPNs to secure wireless connections to local access points when working

inside the office. These solutions provide strong protection without affecting performance

excessively. With FLOW as our Public network first choice because its more sophisticated and

offers more messages at cheaper rate we will also have LIME as our second choice network as

back incase FLOW goes down.

Running head: ABC AUDITING FIRM 9

Data Security

The data in our network will be secured through software safe guards such as firewall and

virus protections. The use of Palo Alto firewall device will allow us to mitigate outside threat

through IPsec and content filtering. These include (Kaspersky) antivirus to enhance security. In

addition to firewall there is logical security through the use of VLAN to separate the server

network from client network to ensure breach on any particular network does not affect each

other such as virus attack. There will also be a user id and passwords for each account on our

network and a password authentication system to control access of any particular user wishing to

use our network. Through the use of NOS, Networking Operating System features; that is the

Username and Password Access to the Network, along a two way authentication system. Using

active directory to groups and setting Security Polices example rights such as being able to write

to file and privilege to access certain folder. This ensures that users gaining access are doing so

for a legitimate reason. By configuring the switches to operate VLAN, this would segment the

network into separate networks and applying Access control list at the ports of the switches that

will filter the traffic the goes out and comes in the network. The VLAN will be equipped with

IPsec (Internet Protocol Security) IPsec is said to be especially useful for implementing virtual

private networks and for remote user access through dial-up connection to private networks. A

big advantage of IPsec is that security arrangements can be handled without requiring changes to

individual user computers. For the physical security there will be locks on every computer to

protect it from unauthorized use and locks on the doors that house our equipment. The usage of

port security will avoid people from plugging things on the computer. Also preventing any

unauthorized individuals from gaining unauthorized entry to your network. There will be a use of

locked cabinets to prevent severs from being accessed. Another type of security to be
Running head: ABC AUDITING FIRM 10

implemented is the use of DMZ or demilitarized zone, its purpose is to add an additional layer of

security to an organization’s LAN. An external attacker only has access to equipment in the

DMZ, rather than the other part of the network. If you look at the Tanzania topology you will see

the DMZ servers, all web info go on these servers and we have layer 3 switch to send channel

information. We keep the DMZ by themselves for security threats while other servers for

students and administration are on a switch.

Protocols

The protocols we will be using are one TCP/IP suite, HTTP, .FTP, Ethernet and fast

Ethernet. Ethernet is a system where each computer listens to the cable before sending anything

through the network if it is clear then the computer will transmit but if some other node is

already Transmitting on the cable the computer will wait and then try again when the line is

clear. Fast Ethernet this allows for an increased speed of transmission which supports up to 100

Mbps through the use of more expensive connectors such as hubs and NICs it basically works

the same as Ethernet but with increased speed. This uses a method called CSMA/CD (Carrier

Sense Multiple Access with Collision Detection). TCP/IP suite of protocols has been chosen by

the company as strategic business transport protocol for windows 2003.This suite is designed to

make it easy to integrate the Microsoft software into the Our network and provide the ability to

operate over our network in a secure manner. HTTP protocols defines how messages are

formatted and transmitted and what action the network web servers should take in response to

various command.FTP File Transfer Protocol provides Bi-directional file transfer between

computers running Windows Server 2003 and any host running FTP.
Running head: ABC AUDITING FIRM 11

Application and System Software used on the network

The system software used are as follows:

i. The Client Server Networking Operating System is Windows Server 2003.

ii. For the Client Operating System is Windows 7 Ultimate Edition OEM.

The application software being used areas follows:

i. Ms SQL Relational Database Management System

ii. Microsoft Office 2007 Suite

iii. Kaspersky Antivirus Network Edition

iv. Microsoft SharePoint.

v. Student E-learning
Running head: ABC AUDITING FIRM 12

Conclusion

The Data Communications and Networks Team of ABC have taken into consideration the type

of operations and communications to be done on this network, such as e-learning and private

conferencing along with other factors such as, the size and distances between the LANs to put

together a very effective and efficient networking system. The uses of various necessary

protocols, networking devices, security systems and security measures which are state of the art,

have proven their necessity. This necessity allows the users of this network to have ease of use

internally on the LANs and externally on the WANs of the network. A lot of careful

considerations were taken in the areas of cost and set up time. We also made an extra effort to

select the best security, methods of backing up and data retrieval. We have also given

justifications for all decisions made in the selection of devices, protocols backing up and

transmission. We believe that these decisions are in the best interest of the company and the

users of the network.

Running head: ABC AUDITING FIRM 13

Appendix
Running head: ABC AUDITING FIRM 14
Running head: ABC AUDITING FIRM 15
Running head: ABC AUDITING FIRM 16

References

The computer Technology documentation project. Network Operating System, N.D. retrieved

from, http://www.comptechdoc.org/independent/networking/guide/netnos.html

Hallberg, B, (2010) Networking, A Beginner's Guide, Fifth Edition

Larry L. Peterson, Bruce S. Davie: Computer Networks* A Systems Approach

Lowe, D, (2010) Networking for Dummies, 9th Edition

Maggiora, D. & Doherty, J, Cisco Networking Simplified

Virtual Lan retrieved from, http://en.wikipedia.org/wiki/Virtual_LAN July 25, 2010

William R. Cheswick, et al.: Firewalls and Internet Security Repelling the Wily Hacker