Network Design and Implementation Report

1.0       Executive Summary

In this assignment evaluates the impact of a major upgrade to the corporate communications infrastructure, to meet the needs of all internal and external communities related to your organization, including staff and all external stakeholders such as customers, suppliers, banks etc.

2.0       Introduction

In today’s digital world, having a digital Information System (IS) is important in order to compete globally. Taking advantage of the digital world does give an extra push toward a flexible and feasible business. Information Systems knowledge is very essential for companies to survive and prosper. Many objectives such as reaching far away location, offer new products and services, reshape jobs and work flows as well as profoundly change the traditional ways of business.

3.0              Overall context of the business needs for communications

A Company needs a network that provides fast and efficient way to manipulate its information. It must have a sophisticated database, which helps the company to store its related information. Compared to its traditional manual filing system, IS can give companies advantages such as speed, accuracy, and accessibility. The company can use a relational database system such as Oracle 9i to maintain its complex data. It requires a distributed database where its computers are connected through a telecommunications system and computer network. A sophisticated design of the network connected to headquarters will allow access from anywhere in the world which helps to manipulate and send information through the network.

3.1              The technical and financial requirements for the project

The key technical and financial requirements are most related with different software tools used by the company. Tools that can be used to enhance the security of computers connected to a network is called a firewall. When selecting firewalls, one must take into account such as easy installation and configuration, report of the attack by identifying time, location and type of attack, good maintenance and monitoring requirements, etc. The firewalls that should be used in companies are Packet Filtering, Stateful Packet Inspection, Application-Level Proxy and Network Address Translation (NAT).

            A software package installed on a server operating system that acts like a full fledged firewall is called a software-based firewall. As a firewall, it helps to protect applications such as web application and email servers by using complex filters. For example, Check Point Integrity SecureClient [7] with a price of $1,569.59 is suitable for the any company because it provides advanced remote access connectivity, endpoint protection, and network access policy enforcement and Check Point FireWall-1 GX [8] which cost $73,520.63 is also appropriate for a company.

            A hardware firewall is a hardware device which includes network routers with additional firewall capabilities that are designed to manage large amounts of network traffic. Hardware firewalls are used in combination with software firewalls where hardware firewall filters out the traffic and the software firewall examines the network traffic. For example, Nokia IP1220 Security Platform [6] which delivers long-term high performance perimeter security is perfectly feasible for the company with a price rate of about $16,901.55 and Check Point UTM-1 MODEL 450 [9] which cost $5,613.26 and also can be very useful for any company.

3.1.1    The key technical issues

            The main issues that needs to be focused when implementing a system, is to maintain and manage the security of the company. A software will be installed which will replace the exiting system with an electronic system maintained by network administrator and the companies employees. All existing payroll documents will be converted to electronic forms where employees can access using Intranet. High-speed Internet services will be provided for the company where it will be monitored using local ISP. One of the most important objectives of the system is to maintain a perfect security through out the system. Client case management software that will be installed must be strongly secured for the company. The security aspect of the centralized system is weak compare to the client-server three-tire system because the security protocols proposed is used for application security services. The two software architectures, SSL and VPN, both have its advantages and disadvantages to fulfill the company’s requirements. However, the main concern is the security of the company where a system is feasible enough to protect and control the information of the company. SSL protocol deals with encryption and authentication which helps to secure information transaction between client and the server. It does not provide network security services because SSL is used for application security services. It is built into most internet browsers, Web servers and e-mail applications in order to provide data encryption, authentication and message integrity. Since no client software is required, anyone with proper authorization can access information from anywhere using simply the browser. The main challenge of SSL is to provide security by initializing a private key in return helps to protect against attackers such as hackers and crackers, spoof a legitimate Web site, eavesdrop on secure data and steal passwords and other valuable information. The IPsec protocol protects IP traffic at the network layer by encryption, authentication, confidentiality, data integrity, anti-replay protection, etc. It creates a passageway for one VPN server to securely communicate with another VPN server as well as secures all traffic between the devices and applications such as e-mail, database, etc. Unlike SSL, the client must have special IPsec client software installed. However, users can access information remotely and have the same privilege as directly connected to the enterprise LAN.

            VPN provides fast, easy remote accessibility and very secure connections similar to local LAN connection while SSL provides casual or on-demand access to applications. VPN can offer secure network access using standardized client software that is managed, configured, and maintained by the companies IT department where SSL’s advantage is to allow access from any browser or application with embedded SSL capabilities. VPN has stronger security compared to SSL because it can manipulate access to the user and maintain a proper security measure when confidentiality is the issue. SSL is easier to install compared to VPN but VPN is more secure and flexible.

            Wired LANs use Ethernet cables and network adapters where it uses central devices like hubs, switches, or routers to accommodate more computers. It is difficult and very expensive to installing Ethernet cables because cables must run under the floor or through walls. However, it is extremely reliable and only common failure is when there are loose cables. Wired LANs gives fast and superior performance by providing close to 100 mbps bandwidth, which is sufficient for file sharing, gaming, and high-speed Internet access. As for security, wired LAN hubs and switches do not support firewalls but external firewall software products can be installed. Where as, wireless LANs uses three main Wi-Fi communication standards such as 802.11b, 802.11a and 802.11q. 802.11b was the first slandered used in wireless LANs and 802.11a is a slandered used in business networks because it is faster. The 802.11q slandered combines 802.11b and 802.11a making it an expensive home networking. Wireless adapters and access can be three or four times expensive compared to Ethernet cable adapters and the performance of the wireless depends on the slandered used as well as distance covered. Wireless LANs are less secure than wired LANs because the signals travel through air with many types of interceptions. A wireless network seems to be a good option for any company due to the difficulty of cabling the company branch buildings. Wireless is easier to install, more reliable and mobility is excellent where as wired is more difficult to install with limited mobility.

The systems that can be proposed for companies client case management software are a centralized system, where information is managed using one or more major central hubs and a three-tier client-server system, communication is established using middleware tier instead of directly accessing the original source of the information. “The three-tier architecture is used to increased performance, flexibility, maintainability, reusability, and scalability, while hiding the complexity of distributed processing from the user” [12]. This system can be used to backup critical information which is vital for both the system and the end-user. It uses three tires such as User Interface which connects with the middle tire (Process Management) to access the data containing in the third tire (Database management). The communication between the tires helps to easily monitor the entire system to seek out the main security issues related with the system. In a centralized system, all the functions are concentrated in the system hub where maintaining and updating information can be executed from all points in the system. The weakness of the system is when the system’s hubs break down in case of a disaster affecting the system and its peripheral components. It is ideal to use centralized system if the user wants to maximum amount of control.

Many of the ethical issues involve privacy. For example, privacy concerning e-mail uses by the employees, head office, and the administrator. Network administrators and the head office must be able to monitor the Web site visited by the employees and stuff of the company. For instance, placing key loggers on machines and on the network to monitor the user activities. Other ethical issues that can be important such as sharing files by sending attachments over the network and the network administrator has the rights to invade the privacy of the inmates if any suspicion rises. However, incase of system and software crushes it is important that the system is kept updated and checked frequently to ensure that no harm can occur. However, the most important ethical issues are Privacy, Accuracy, Property and Accessibility and more information can be for in reference [13], [14] and [15].

3.2       Evaluation of risk mitigation

The technologies are available now for advancement of communication system are very powerful as well as vulnerable to all sorts of new problems that can be faced by any company. However, it is necessary that risk management is critical to success because companies are implementing distributed computing architectures using high-speed substation local area networks and process bus technology. Several issues within the company can lead to cost growth or other problems on development projects such as companies working a project with budget or schedule which is inefficient or making company decision before understanding the relationships between cost, performance, schedule, and risk. In order to mitigate maximum risk, issues such as Risk management and Risk assessment must be taken into consideration.

3.2.1    Risk management

Risk management is a process of managing risk, risk assessment, building strategies to manage it, and mitigation of risk with the help of managerial resources. “Proper risk management is proactive rather than reactive and risk management is the act or practice of dealing with risk.” [10] The risk that is faced by a company must be planned, analyzed and developing and monitoring risk. The main objective of risk management is to reduce risks that are uncertain such as natural disaster. Other threats that exist are caused by technology, humans, organizations and politics. Risk assessment is the most important aspect of risk management and it can be identified, analyzed, and quantified using different tools. High risks are such as cost of the project, schedule to maintain deadline or technical issues related with the project. “Risks are typically a measured of the likelihood of an issue occurring and the consequences of the issue, and often expressed as low, medium, and high.” [10]. Risk can be modeled using two variables, probability of failure and the consequence of the failure. Failures can be measured in terms of technical performance, cost, or schedule and a simple model needs to be created in order to pin point the main areas of risk.

The main risks involved in a computerized system can be described in terms of hardware and software. Most high risk are focused in today’s information world is from software changes, implementation and its inefficiency of its implementation. Software products can sometimes be very vague. As Mike Wooldridge say “It’s hard to claim a Bridge is 90% complete if there is not 90% of the bridge there” [11], but it is easy to claim that a software project is 90% complete even though there is no outcome of the product. As shown in this paper the software crisis is a very broad topic that spans over many areas in the IT industry. The problems are many, there seems to be no concessive pattern, process or testing that will help solve quality issues and time to market. Although a lot of software works and have become a large part of our lives, it can be asked if we are really living in a software crisis. Can the software crisis and the software era co-exist? It is the crisis or perhaps the awareness of the crisis in the use of “Best Practice” that drives the IT industry towards success. Without the problems there would be no research or new technologies, the need is the mother of all inventions. But there is always a problem that the tools and techniques of “Best Practice” invented today will need time to mature, to be introduced into industry, perhaps then it will be too late. To answer above question why software teams produce less than 10 lines of code in the average software lifetime is because maybe the programmers are less motivated when using tools that influence less creativity. The reason to why sixty errors found in every thousand lines of code is that the testing tools used to test the programs are inadequate or not efficient enough. Every third large project is scrapped before ever being complete due to lack of “Best Practice”, as well as the many problems with the software engineers and developers who are not properly trained or experienced enough to see their own limitations.

4.0       The positive and negative aspects business proposals

The main advantages of the Client/Server architecture are that it is centralized where it can access its information from the server. Therefore, if there are any security issues it can be dealt with using the server. It is also flexible and scalable enough for new technologies to integrate with the system. The architecture also helps the system to be interoperable making all components work together in a synchronized fashion. The main security issue such as data access must be implemented in such a way that the privilege given to the employees and the head office is controlled and manipulated. Hence, it is possible to implement a sophisticated system using the proposed topology and architecture. Controlling the web-browsing habit such as browsing illegal or unwanted web sites need also to be controlled, hence providing user access to email, web sites using password and encryptions is essential and is possible using the proposed system. Keeping off the malicious users from accessing valuable information and other external information that can be used against the company needs to be taken under consideration. Sending emails and other attachments must be allowed according to hierarchy of access permissions. As for disadvantage of Client/Server architecture is that if the dependability where the whole system is dependent on the server.

            The star topology is the most widely used topology but centralized hub could create problems. If the hub is disabled then the clients that are connected will not be able to access any information. This topology can also be costly because of the number of cables used to connect the clients with the hub. Other disadvantages are that it is sometimes difficult to implement compared to other topology. However, one of the advantages of using Star topology is that it can be expandable with out disrupting the whole network. If cables fails or disconnected only single client is affected. Other advantage is that using this topology it is possible to easily troubleshoot and isolate errors or faults in the system.

5.0       Network design, capacity and growth

For most company, STAR topology is more suitable because all stations are connected by cable (or wireless) to a central point where the central node will act as a switch. WANs can be used to connect different STAR topology hence providing services for both the employees as well as the head office. In this LAN architecture the nodes are connected to a common central hub or switch with the help of dedicated link. It is becoming very common network layout used today which connects point-to-point to a single central location. Network layouts such as BUS, RING, TREE and MESH can also be used but can become venerable compared to STAR topology. However, STAR needs more cables compared to BUS but is very reliable for example, if one cable is cut only single pc is affected. Other advantages with STAR topology are that it is easy to install both cable and wireless and the network is easily changeable without affecting the entire system. The most important benefit of using Star is that it is easy to detect errors and faults. The disadvantages of STAR topology are that it requires more cable length than a linear topology. The hub that is connected needs to be protected in such a way that the nodes do not fail if the hub fails and it can be little expensive compared to linear bus topologies. The Star topology is reliable in assuring speed, data reliability, cheap and strong security. As for the network architecture, the best feasible architecture for a company is Client/Server where one computer can act as a Server providing different services to the different client accessing the network from different places. The server can be accessed using both wired LAN and wireless network.

The main architecture for a Company is Client-Server architecture. It consists of a group of user-oriented PC called Clients which are connected to a Server. The client computers will be connected to a main server using both cable and wireless. The employers and the managers will both act as a client and will be able to access the server according to their privilege. A server machine which is fast, more memory and disk space will maintain the all the information related to the company. In this architecture using a relational database management system (DBMS), queries can answer any information form anywhere by directly communicating with the Server at the same time reducing network traffic.

5.1       Network security

The security implications of sharing Internet connections between the employees and stuff and the managers must be strong in order to assure safety for both the inmates and the employees. The main security issue such as data access must be implemented in such a way that the privilege given to the employee and the inmate is controlled and manipulated. Controlling the web-browsing habit such as browsing illegal or unwanted web sites need also to be controlled, hence providing user access to email, web sites using password and encryptions is essential. Keeping off the malicious users from accessing valuable company information and other external information that can be used against the company stuff and the company authorities needs to be taken under consideration. Sending emails and other attachments must be allowed according to hierarchy of access permissions.

5.1.1    Backup and recovery

This system can be used to backup critical information which is vital for both the system and the end-user. It uses three tires such as User Interface which connects with the middle tire (Process Management) to access the data containing in the third tire (Database management). The communication between the tires helps to easily monitor the entire system to seek out the main security issues related with the system. In a centralized system, all the functions are concentrated in the system hub where maintaining and updating information can be executed from all points in the system. The weakness of the system is when the system’s hubs break down in case of a disaster affecting the system and its peripheral components.

6.0       Conclusion

            When a company moves form paper-based system to electronic system to maintain its complex data they must should use relational database system giving them the power to expand their system in the future. The most suitable network topology proposed for a company is STAR topology which is reliable, easy to install and expandable. If a company requires access point form any where by the company’s manager and the employers, Client/Server architecture is the best solution because it is centralized, flexible, and scalable and can be easily integrated. Using Three Tire Client/Server Architecture it is possible to maintain a strict security for information that is venerable to attack. In the future, a company can expand its network system using the proposed topology and architecture providing a smooth service to both the managers and the employers.

References

[1]        R. Siamwalla, R. Sharma, and S. Keshav; Discovering Internet Topology; Cornell Network Research Group Department of Computer Science Cornell University, Ithaca, NY 14853. http://www.cs.cornell.edu/skeshav/papers/discovery.pdf; Accessed on 28th July

[2]        Darleen Sadoski, GTE Santiago Comella-Dorda, SEI; Three Tier Software Architectures; http://www.sei.cmu.edu/str/descriptions/threetier.html; Accessed on 28th July

[3]        Wikipedia; Star network; http://en.wikipedia.org/wiki/Star_network; Accessed on 17th June. And Star Topology; http://www.brainbell.com/tutorials/Networking/Star_Topology.html; Accessed on 29th July

[4]        Carnegie Mellon University; Client/Server Software Architectures–An Overview; http://www.sei.cmu.edu/str/descriptions/clientserver_body.html; Accessed on 29th July

[5]        Will Fastie; Understanding Client/Server Computing; PC Magazine; “Enterprize Computing;” February 9,1999; page 229-230; http://www.officewizard.com/books/clientserver/ClientServerComputing.htm; Accessed on 29th July

[6]        Yahoo shopping; Nokia IP1220; http://shopping.yahoo.com/p:Nokia%20IP1220:1994234649 ; Accessed on 29th July

[7]        Software for less; INTEGRITY SECCLT ENDPT STE FOR 25U; http://www.softwareforless.com/findspecs.asp?partid=70850C; Accessed on 29th July.

[8]        Software for less; CHECK POINT UTM-1 MODEL 450; http://www.softwareforless.com/findspecs.asp?partid=51811E; Accessed on 29th July

[9]        Software for less; Check Point FireWall-1 GX; http://www.softwareforless.com/findspecs.asp?partid=51737E ; Accessed on 29th July

[10]      Wikipedia; Risk management; http://en.wikipedia.org/wiki/Risk_management; Accessed on 30th July

[11]      LECTURE 5: SOFTWARE PROJECT, http://www.csc.liv.ac.uk/mjw/teaching/softeng/lect05.pdf; Accessed on 30th July

[12]      Darleen Sadoski, GTE Santiago Comella-Dorda, SEI; Three Tier Software Architectures; http://www.sei.cmu.edu/str/descriptions/threetier.html; Accessed on 30th July

[13]      Management Information Systems Quarterly; Volume 10, Number 1, March, 1986; http://www.misq.org/archivist/vol/no10/issue1/vol10no1mason.html; Accessed on 30th July

[14]      Ernest Ackermann.; Legal Issues, Ethical Issues, Privacy, and Security; http://webliminal.com/Lrn-web09.html; Accessed on 30th July

[15]      Victoria A. White; Ethical Implications of
Privacy in Electronic Mail; http://www.inetcon.com/priv.html; Accessed on 30th July