This assignment enables you to demonstrate your knowledge and understanding of
computer networks. You are required to produce a substantial document that totals 3000
words. Subsequently, you are advised to start work on the assignment at an early stage
during the unit. The assignment is divided into tasks, which relate to the sequence of the
module, so you do not need to wait until all the teaching is finished to start them.
Some aspects of this assignment will require you to research real components that are
currently available in the marketplace. Furthermore, you will also be asked to make
judgements about what is best for a particular scenario. Please note that there is not
always one right answer. However, you will need to justify your reasons for any choices
you make to get high marks.
You are NOT required to design a complete network. You are required to detail the
specifics covered by the task list shown below.
Wheeler Energy is an organisation that specialises in Sustainable Energy Systems.
Wheeler Energy provide energy solutions across the globe to industries such as Military,
Oil and Gas, Transportation, Correctional, and Physical Data.
Wheeler Energy has a small head office that is in Milton Keynes, England. Founded in
2001, the company has 15 employees that are based in Milton Keynes, and a team of 18
sales and support personnel who work across the world. All installations are managed by
contractors who sit outside of the organisation.
As the company has grown, no strategic plan for IT has been put in place, and employees
generally had their own PCs or laptops that were connected to an office router via Wi-Fi or
some direct UTP cable. Information stored electronically consists of normal business
documentation, together with sales materials (including some product and training videos).
Information has historically been shared using personal Google Docs accounts, and
private information kept on individuals’ PCs. Users have various versions of anti-virus
software installed and administer their own PCs. Users manage their own security
including passwords. Contact with sales staff across the globe, including the Middle East,
Asia and Africa is achieved mostly via email and less often through mobile phone. To
complicate communication matters, one of the Company Directors lives in Spain for most
of the year, and there is no member of staff with IT support responsibility.
After a security audit, the company has realised it needs to take a more systematic and
professional approach to its IT and security infrastructure. The CEO has asked you to
advise her on some specific points of the network. She is keen to make the most of
technology and the following outline requirements have been identified:
Overall System Requirements
- To provide a network solution (hardware and software) to meet the needs of the
company, which would improve the communication, productivity and the security of the
business and information stored within.
- Increase efficiency through reduction of paper-based procedures and allow staff
working on site to access information at the head office from a tablet PC (Microsoft
Surface has been selected).
- Accommodate company expansion.
- Internet access with a faster bandwidth.
Data and information
Company information to be stored centrally in the head office in an electronic format. This
replaces the reliance on Google for all shared storage, and local PCs for individuals’
- New computers to meet performance, security and storage requirements (including
- New PC workstations / laptops (total 33: 15 x desktop; 18 x Laptop) running Microsoft
- New network printer
- Network components as required
- 33 x Microsoft smartphones
- Latest Microsoft Office Suite required
- Up-to-date Sage® accountancy software
- E-mail server or software with a calendar feature, which can be shared between
- Web & email Internet access
- Suitable security software
- Information security must meet the ISO27001 standard, and the CEO has discovered
ISO27001, the Government’s ‘Cyber Essentials’ programme and ’10 steps to Cyber
Security’ guidance from National Cyber Security Centre
- GDPR requirements must also be met.
- Restrictions are required to be implemented to control access to the confidential client
- The system is required to be secure from internal and external threats
- An automated daily backup policy and procedure, for all of the information stored within
- Further discussion will be required to establish downtime that is acceptable
The company has a website, but this is hosted by their ISP and is not part of this
requirement. The CEO currently favours hosting email in the office but is open to
persuasive alternatives. The office space consists of a large open plan area with separate
- meeting room and manager’s office. The current internet connection consists of a single
- ADSL router with WLAN. Some PCs are connected directly to the router with UTP cables.
Wheeler Energy is a global organization. It offers energy solutions across the globe to the several industrial areas. Wheeler Energy was established in 2001 AD. It has small head office located at Milton Keynes, England. This company has 15 employees, 18 sales and support personal. There has employee covered all over the world. Wheeler Energy recently got problem on networking and data security. It also lacks proper staff connection.
Wheeler Energy want us to advice for proper network solution for this company which provides proper network system.
The building has unmanaged loose wires and cable and not controlled Wi-Fi. As per chief requirement here are the queries.
a) Explain how the network components should be connected. Identify a suitable network topology, data rate and the type of cable (if selected). Your answer must clearly state how your recommendation relates to the business requirements of the Wheeler Energy scenario specifically.
The segments of the system network ought to be associated by overseeing interconnection with equipment and through programming for example switch, switch, remote, firewall, escape, VPN, fix board with gigabyte quicker Ethernet ports overseeing IP addresses, subletting the diverse segments or resources.
The star topologies are most suggested for association by a large portion of the system backing and administrations giving organizations. appropriate system topology star topology would be reasonable system since it is effectively viable and have great information stream control plan. This topology gives the office of simple for interfacing the new hubs, appropriate brought together control and the executive’s framework, disappointment location and investigate is simple, security and information trustworthiness is exceedingly kept up.
Category 6 uses cable type UTP or STP and has maximum data transfer rate of 1000mbps and maximum frequency of 240MHz. Category 7 uses SSTP cable type and can transfer data of 10000mbps and maximum frequency of 600MHz.
Since it is a worldwide association the information stream rate will be clearly high so for the link association feline 7 for the server and feline 6 for the end client gadgets for quicker execution in authoritative workplace. feline 7 for the server in light of the fact that immense measure of information is embedded and taken from it so link with quicker information exchange rate will lessen traffic.
b) Computer networks use a ‘layered architecture’. Briefly explain what is meant by the term ‘layered architecture and provide TWO (2) advantages and TWO (2) disadvantages of having layered architecture in a network system.
layer engineering is a most straightforward type of system correspondence design. it demonstrates the engineering of a systems network administration activity process by partitioning the system work into more parts which makes it simply get it. it is separated into introduction layer, application layer, space layer and application framework layer. By doing as such it makes a system network framework simple to look after, secure, and adaptability to associate with another system network
- Advantages of layered architecture:
- Helps in Making a systems administration framework simple keep up.
- Layer engineering is straightforward and execute.
- Helps in charge and exemplify the multifaceted nature of vast application.
- Helps any groups to chip away at different pieces of the application one next to the other having to less rely upon other group.
- Disadvantages of layered architecture:
- The adaptability of system is discovered hard to work in it.
- Layer engineering expands the unpredictability to the basic applications.
c) A hub, a switch, a wireless access point and a router are networking components. Identify the OSI layer at which each component operates. For each component, support your answer with ONE (1) reason.
Networking Components are Wireless Access Point, switch, router and a hub. Component operator identifies the OSI layers at which each component operates. Reason are following:
The physical layer of OSI model in a networking device is called hub. Hub creates traffic in all ports. It is mainly useful in private networks. To all connected device it broadcasts the data packets. Hub doesn’t have mac address. It has no networks identity. Hub can only be used to share data on properly connected devices.
The data link layer of OSI model in a networking device is called switch. Switch doesn’t broadcast while sending package but it is possible to broadcast. Switch has network identity also called mac address. It has Mac address directly connected to the ports i.e. host 5 is linked to port f0/5 and host 9 is connected to 0/6.
- Wireless access point:
Its short form is WAP. WAP is a systems administration gadget of information connect layer. Wireless access point is a gadget that associates a remote nearby system to the wired system. Wireless access point is viewed as Layer 2 bridge that brings 802.3 Ethernet traffic to 802.11 traffic.
Router is a systems administration gadget of System layer of the OSI model. Router associates separate systems through the (IP). This gadget looks at a parcel header’s destination IP address analyzes it against routing table to decide bundle next best route.
d) Given the applications that will be used, and making any suitable assumptions, identify and briefly explain the purpose of SEVEN (7) OSI protocol layer. For each protocol, identify the layer at which they operate.
As given the application we use, the 7 layers of OSI protocol layer are:
- Network layer:
IPv4, ipv6, IPS, ICMP, apple talk are a few conventions of network layer. Information are transported as bundles through Logical network routes in an arranged configuration constrained by this layer. This layer gives routing directing ways to arrange correspondence.
- Session layer:
This layer is in charge of systematically shutting of sessions and furthermore for session registration and recuperation. SAP, L2TP, PPTS, NetBIOS are a few conventions of this layer. this layer builds up, oversees, and ends the connectivity between the end user application forms.
- Application layer:
DHCP, SMNP, SMTP, Telnet, FTP, HTTP are a few conventions of application layer. In this layer correspondence accomplices are distinguished. Likewise give office of use to trade of information/records, network Software and Email.
- Physical layer:
This layer connector between a device and transmission medium like optical link and copper link connector cables. Which incorporates voltage, pins, link determination. For example, USB, ATM, RJ-45. Ethernet, Faster Ethernet, gigabit Ethernet are some protocol of this layer.
- Data interface layer:
This layer center around nearby conveyance of casings among nodes on the comparative dimension of system. It guarantees that all parcels of information are conveyed free of mistakes. Ethernet remote Ethernet, (PPP) point to point over sequential connection, (STP) Spreading over tree convention are a few conventions of information interface layer.
- Transport layer:
This layer serves to during the time spent transport work and appropriate information conveyance to the goal. TCP, UDP, DCCP, RDP, ATP are a few conventions of Transport layer.
- Presentation layer:
In this layer the capacity of inscription and decryption are characterized. In this information design is changed over into an organization comprehensible by application layer. MMI, XDR, TLS, SSL are a few conventions of introduction layer.
e) There are numerous standards of Wi-Fi. Provide a table of the frequency used, maximum data rate and maximum indoor range of the 802.11g, 802.11n and 802.11ac standards.
The numerous standards of WIFI are 802.11g, 802.11n and 802.11ac.
It has 2.4GHz. A CPU’s clock rate of speed is a proportion of what number of clocks cycles a CPU can give performance every second. E.g.: a CPU with a clock speed rate of 2.4 GHz can perform 2,400,000,000 clocks cycles per second. It was approved in June 2003, 802.11g was the successor to 802.11b. It can achieve up to 54mbps. Its max indoor range is 5181cm. It is introduced OFDM to generate WIFI signal. It also matches the speed of 802.11a but in lower range.
It has 2.4GHz and 5GHz. Double band data could be delivered in two different frequencies. It is first standard to specify MIMO. It has data rate of 300mbps and can reach up to 450mbps. It has 7010cm max indoor range.
It has 5GHz. It uses MIMO and helps in reduce errors and boost speed. Its maximum range indoor is 7010cm and it can transfer data of 433mbps and can reach up to 3.46GBps.
f) Which Wi-Fi standard(s) do you recommend? Would you recommend the entire LAN be connected wirelessly? Justify your answer.
I would like to suggest 802.11ac Wi-Fi standards. This Wi-Fi standard high information exchange rate and Use MIMO and aides in diminish errors and lift speed organization additionally have more seasoned gadgets. Since the association gives benefits comprehensively to the especially significant ventures and association they must be set up for their costumers when they requirement for that they would require quicker, reliable, secure systems administration framework in their organization.
No, I don’t recommend the whole LAN to be associated remotely. The organization do require secure, speed, reliable and simple and quick viable system framework of network. Many issues can emerge with wireless system there will be high issue of flag associating and disengaging while information is voyaging. There are many network gadgets that could perform better in a system while associated utilizing wire rather than remote. it is smarter to utilize both wire and wireless system association framework as indicated by the need of device thinking about the execution.
a) Explain the terms MAC address and IP address and outline ONE (1) difference between them. Outline how MAC address and IP address also differ from IPv4 and IPv6. You should relate your answer to the OSI model.
Media Access Control Address is the full form of MAC address. MAC address is permanent having physical address and mac address of 48bits. It is unique machine address given to the system so has no classification helping to identify the device which are participating in a network.
Internet Protocol Address is the full form of IP Address. IP can change in networks & are classified into different classes like A, B, C, D and E. It is logical Address and IP address are 32 bits helping to identify connection to device in network.
IPV4 address size is 32 bits & is a version 4 of IP having Prefix Notation 192.168.0.0/16 as well as header of 20 bytes and supports the 4.3×10^9 (4.3billion) address. IPV4 is divided in A-E classes & lacks security.
IPV6 address size is 128 bits & is a new version of IP having Prefix Notation 4FFE:E200:0234::/44. It supports the 3.4×1038 address. IPV6 is classless having a strong security than IPV4 and double the header of the IPV4, it has 40bytes.
Personal Computers get its MAC address from producer’s from where their equipment body parts are made. All the MAC addresses are one of a kind. Furthermore, the IP addresses are relegated by the web access suppliers or system overseer to the systems administration gadgets. IP addresses are for transitory location area for organized gadgets it very well may be changed effectively.
While associating with the system numerous gadgets can have comparative IP addresses so the gadgets interesting location MAC address allots its goal through web conventions foreordains in a system model.
ARP is layer 2 standing for Address Resolution Protocol & is an element of the IP layer of the TCP/IP convention stack having great importance to decipher a host’s programming address (IP address) to an equipment address (MAC address). … Inside the IP layer there is additionally another convention, called RARP (Reverse ARP) that makes an interpretation of a MAC Address into an IP address.
The portal asks the ARP program to locate a physical host or MAC address that coordinates the IP address when an approaching bundle bound for a host machine on a specific neighborhood lands at an entryway. The ARP program checks the ARP store & during the event that it finds the location, it responds with the goal that the bundle can be changed over to the correct parcel length and configuration and sent back to the machine. During the off chance that no section is found after search for the IP address, ARP communicates a solicitation bundle in a unique organization to every one of the machines on the LAN to check whether one machine identifies that it has that IP address related with it or not. A machine that perceives the IP address as its very own profits an answer so showing. ARP refreshes the ARP store for future reference and sends the bundle to the MAC address that answered.
d) Define the terms Default Gateway and Subnet Mask and briefly explain why both are required in this project. You should provide THREE (3) points relating to a subnet mask for full marks.
The way through which sub netted IP are allowed to travel carrying the data send by the user is known as default gateway. For the purpose of elating the IPS travel through network devices, default gateway is needed in the project. Subnet mask: While defining the range of IP addresses used in a network, subnet mask is used. In local area network it is mostly used. For letting default gateway know that it is from its related network and let it pass through protocols, it is widely used in this project. Sub-netting: This is the method of logically dividing the IP network into smaller network into equal halves each time.
- It is a connection between network address and IP addresses.
- It mostly used in local networks.
- Used in identifying network IP ranges
e) Briefly explain what is meant by the term sub-netting and how it could be used in this network. Do you recommend sub-netting in this case? Give a reason for your answer clearly showing how it applies to the Wheeler Energy scenario.
This is the method of logically dividing the IP network into smaller network into equal halves each time. It makes easier to grant authorization related to network much easier for different section organization having different IP. For network division and authorization restriction as well as granting processes, sub-netting is mainly used. In an organization there are different faculties in which different tasks are handled. For the purpose of maintaining data integrity and data security sub-netting plays vital role of providing secure data exchange over different network through the authorization maintainability function/setting policies implemented. Hence, I would recommend sub-netting.
f) Explain what is meant by an IP Routing Table and provide ONE (1) example of how a router uses its routing table on the Internet. You do NOT have to explain every field in the routing table. In your example, explain how a packet gets from source to destination.
IP routing table is shown in table design. IP routing table is a set of instruction which is used to determine the data packets are flowing on IP. Router and switches are also IP enabled devices which uses routing table.
IP directing table holds the information required to advance the bundle along the better way to its goal. Every one of the bundles have data about its source and goal. After the bundle is sent device administration gadgets examines the parcel and match its to the steering table passages giving the better match to goal. After that the table gives the gadget information to coordinating the bundles towards the following jumps on it’s course through the system.
a) Using the ’10 steps to Cyber Security’ referenced above, provide TWO (2) examples with justifications of how the company has weaknesses in access control measures.
- Managing User Privileges:
According to their authority It can provides limited access to the client connected to their network. This will very verify the information that could be abused by undesirable personals.
- Malware Presentation:
security from the undesirable malwares which can assist third close to home with accessing the date of the association. This likewise keep from numerous different infections accessible in web that could degenerate framework network information.
b) Provide a list of FIVE (5) measures that you recommend should be taken to keep the network secure. This should include hardware, software, policies and ways of checking them.
Systems are found to be used properly as per agreement with organization policies and this is confirmed by regular monitoring.
Employees are the one with whom contract should be made. That means any transfer of data should be restricted without the approval of an organization.
2. Hardware security:
- Removing media control:
Scanning out the media devices and limiting the connection that is mainly storage devices before connecting with the system.
It helps to block unnecessary traffic as per security rule defined and hence having a firewall in a network system is considered to be a wise decision.
3. Software security:
- Antivirus installation:
Antivirus is the most essential program in a network. It helps to prevent data corruption.
- Password protection:
To keep the network secure and protected, a strong password is highly recommended.
To prevent any harm to the first hand data storing server system, the backup system should be maintained.
- User privileges:
In order to maintain privacy and security, controlling or limiting the data flow and exchange process within the organization should be done.
Many threats are there for example; data backup, hacking, poor system management, no access control, staff biasness to data security. And the most threatening issue I have found is the risk of hacking or data theft. No any protection protocol is there for data security. Staffs are found to be using private devices in any network. In such a case many other competing companies would have easy access of the valuable information of their system data which third parties could get in their hand easily. So, things could get better if we install different security devices, protocols and implement good security measure and policies.
b) Allocate suitable IP addresses and add them in the diagram. You should ensure you include the subnet mask and identify the IP addresses that are provided by the ISP.
|Wireless EUD||22.214.171.124 to 62||/26|
|Lan Wire Network connection||126.96.36.199 to 188.8.131.52||/26|
|Backup server||184.108.40.206 to 220.127.116.11||/26|
In figure 3 network diagram shows the connectivity on the network system. This table shows Device IP and subnet of /26. Subnetting can help to expand network later if necessary.
c) Explain why you have chosen the hardware components and why you have connected them the way you have in your design for Task 4a.
Switch interfaces distinctive systems administration part in wired system framework network.
- Fire wall:
Firewall gives security to the system framework network.
Wellspring of reinforcement for the information of the association.
WAP provides wireless network services to many other devices and mobile wireless devices.
Router provides facility to link between two different framework networks.
VPN gives extra secure information trade administrations for the assurance of the records of association.
We require 2 switches. It is used to connect EUD in a network. It may cost around NRS 1500 and total sum will be NRS 3000.
We require 3 firewalls. It is used to protect network from threat. It may cost around NRS 4000 and total sum will be NRS 12000.
We need 1 router. It is used for connecting two different networks. It may cost around NRS 4000.
- Backup Server:
We need 1 backup server. It is used to backup all important data. It may cost around NRS 400000.
- Cloud Services:
We need unlimited cloud services which is almost impossible. We can take 5000TB for data handling. It is used to backup all data through internet. It may cost around NRS 140000.
We need 1 WAP. It provides wireless connectivity to wireless EUD networking devices. It may cost around NRS 4000.
We need 1 strong VPN. It provides extra security to the data over the internet. It may cost around NRS 4000.
a) Explain how you could incorporate remote access into the system. You should identify the components you would need and state the actions you would complete to get it to work. Do you think Google Docs is a good solution?
Remote access VPN connection is the most common way for providing remote access. With the intention to enable user and office branch with secure access to organizational data VPN technology was developed. An encrypted and safe connection is formed by VPN over a less secure network such as internet. To legitimate VPN traffic to pass unchecked VPN allows routers and firewalls authorization. VPN additionally help by giving burrowing office so information security is keeping up.
VPN provides following advantages:
Data privacy can be maintained through tunneling.
The alteration or modification of transferred data is prevented.
Controlling of access granted to get into the network and helps to keep unauthorized personal out of the network.
- Authentication Header:
Provides authentication and integrity prevent data tempering.
making a network remotely available methods giving the network access outside the border of the Wheelers Energy. So as to pick up a remote access, the cell phone needs to associate with some other system to gain admittance to organization arrange which probably won’t be extremely protected. Additionally, information burglary action chances will be expanded to have a sheltered remote access arrange framework legitimate system approaches, client approval and access control ought to be executed.
Hereby given above task we can easily convince the organizational network system. We have hence provided network solution, increase efficiency and internet access with a faster bandwidth to Wheeler Energy Organization.
Aem-test.com. (2019). AEM Test and Measurement. [online] Available at: http://aem-test.com [Accessed 30 Apr. 2019].
address, M. (2019). MAC address. [online] 1&1 Digital guide. Available at: https://www.ionos.com/digitalguide/server/know-how/mac-address/ [Accessed 30 Apr. 2019].