KFF Network Design Final

Running Head: KFF NETWORK DESIGN

1

KFF Network Design Emanuel Hernandez  NTC/362  NTC/362 September 23, 2012 Eddie Horton

KFF NETWORK DESIGN

2

KFF Network Design Kudler Fine Foods (KFF) uses a linear bus topology consisting of a main run of cable made of a terminator at each end. The file server, workstations and peripherals are all connected to the linear cable. Under the architecture of network used, it is easy to connect peripheral or a computer  to the linear bus and it saves costs involved in purchasing cables (Cisco Inc., 2000). However, there are high data transfer rates due to use of Ethernet but if the linear cable breaks, it halts the entire network. KFF’s network allows sharing of resources such as printer, modems and CD-ROM, which makes it cheaper to set up the network and save on costs. Also, networked computers are able to share centralized key computer programs such as inventory spreadsheets allowing users to have the same program as opposed to copies of the program hence they can work on the program simultaneously. Additionally, the network supports automated unattended backup of contents and valuables that make it easy to backup essential files without wasting time. Use of Ethernet in KFF ensures that computers listen to the cable before transmitting data through the network (Cisco Inc., 2000). Ethernet uses carrier sense multiple access method which allows computers to send information based on network traffic; if the network is clear, Ethernet allows data transmission, if not, the sending computer is put on a waiting mode and prompted to resend the data after sometime. In this kind of network, Ethernet only transmits data at a speed of 10 megabits per second; this speed is very slow. Evaluate the current network topology

KFF uses an out dated network topology which suffers the disadvantage of complete  breakdown  breakdown in case case the backbone backbone linear linear cable breaks. breaks. The Bus topology topology is limited limited to accommodating only a few computer and peripheral components and if a component fails, then the

KFF NETWORK DESIGN

3

entire string fails. In this type of network, it is hard to determine the source cause of a problem in case it occurs thus time consuming in terms of problem identification and resolution. However, the  bus network network topology topology enjoys enjoys fast real time time data communica communication tion and simple remote monitoring monitoring and management of components. The design is cheap and easy to configure. In terms of reliability, the bus topology is not reliable at all. This arises from data transmission style where data is propagated in form of electrical pulses. Basically, when a node transmits a series of electrical pulses, the pulses travel in all directions along the carrier cable and they continue traveling until they find a component to absorb them or they weaken in such a manner that they are undetectable. If a signal encounters the end of a cable, it bounces back until it is absorbed. Therefore, from transmission, data signals are relayed across transportation medium and are expected to travel to both ends of the bus hence making it essential to check the signals to  prevent continuous continuous bouncing bouncing back that that would would prevent other computers computers from from sending sending data. data. We can avert this situation using logical bus topology where data sent is addressed to a specific machine. This method breaks down data into manageable chunks and transmits the data to specified computers. However, only one machine (node) at a time can successfully send data.

With

this type of topology, we expect KFF network users to share the available amount of transmission time to avoid slowing down network performance (Reinhold, 1990). Additionally, all nodes ought to be passive; they should be listening to sent commands to allow efficiency in case on one computer breakdown. In the passive mode, if a node fails it is likely that all other node will continue functioning as opposed to the active mode where if one fails, then all the rest also fail. Describe the standards applicable applicable to this project

The standards of network applicable to this project will be based on network specifications laid out by ISO D1S7498 that consists of seven layers as discussed below:

KFF NETWORK DESIGN

4

Physical layer: this is the lowest level of network components that specifies mechanical

and electrical details of communication. As discussed above, KFF uses bus topology which uses Ethernet that supports use of coaxial cable, twisted pair cable or fiber cable. KFF uses fiber cable which is the fasted transmitting cable among the three. This supports electrical signals which are digital. Data link layer: This layer determines the formats of messages being transmitted and how

data is addressed to detect and correct errors. In order to eliminate bouncing back of messages in the network, data addressing is used. This ensures that data sent is specified to a given machine using data headers that specify a machine address. The flow and control of network resources is controlled over the server machine. Address Resolution Protocol (ARP) is used. Network layer: the network layer defines routing and logical addressing where procedures

for encapsulation for message into packets is established. Internet Protocol (IP) addressing is enforced at this stage (Reinhold, 1990). Transport layer: this layer handles delivery of information from one computer to another 

thus under the transport layer there is flow control which manages the way data is transmitted from one component to another. This allows sending devices to send manageable data at the receiving end. Other applications on this layer include error detection and recovery as well as establishing virtual circuits. The standard protocol in KFF is TCP Session layer: This layer is responsible for managing communications in terms of sessions,

and organizing requests and transmission services. The standard protocol to be used in KFF is SQL Presentation layer: this layer ensures compatibility of data transmitted among

communicating devices in KFF’s network. It ensures data encoded can be readily decoded at the receiving machine. The standard used is ASCII.

KFF NETWORK DESIGN

5

Application layer: KFF ought to use file transfer protocol (FTP) in identifying

communication patterns and determining resource availability. Importance of communication protocols.

Communication protocols define a set of rules or standards that must be achieved when transferring data from one device to another. Mainly, protocols are use to allow exchange and transmitting of data in interconnected networks (Kang and John, 2009). Therefore, communication  protocols  protocols lay out guidelines guidelines onto how how computers computers and communi communication cation devices devices will will share share and exchange information through a standardized way. In information systems, the following summarizes the importance of communication protocols: •

Ensures formatting of information into binary codes

•

They help to ensure that information is broken up into manageable units before transmission.

•

Oversees synchronization of data during transmission period thus averting any possible communication conflicts.

•

Over networks, there is need for uniformity of data between the senders and recipient hence protocols intervene in coding and decoding data in a standardized manner.

•

They help in enforcing information security during transmittal period.

•

Used in applying error detection and correction mechanisms. There are many protocols in information systems which are hierarchical in nature and are

divided into layers which define a specific function. Such protocols include TCP/IP protocol suite and OSI reference model which ensure data acquisition interoperability (Aksoy and Laura, nd). Protocols used on the design

KFF NETWORK DESIGN

•

TCP/IP protocol

•

Distributed network protocol

6

Rationale for adopting the above protocols

TCP/IP protocol is supported by many software applications and has universally accepted terms: it is popular. In TCP, data is divided into manageable bits and the protocol ensures that secure and appropriate routines are in place to oversee data correctly arrives to its destination. Then IP enforces logical addressing and routing of data which brings in the reliability factor (Kang and John, 2009). TCP/IP supports ASCII standards that help in formatting information transmitted into a range of supported formats such as JPEG, text and MP3 standards among others. Distributed network protocol on the other hand supports communication in process automation systems and supports peer-to-peer and master-to-slave communications. Above all, this  protocol is reliable reliable in terms terms of security; security; it contains contains secure secure authenticati authentication on features features and does does not require heavy infrastructure. Cost wise, both protocols are fairly affordable to implement due to fair infrastructural costs (Aksoy and Laura, nd). Other features that make these protocols appropriate include both are open  protocols,  protocols, they support support interoper interoperabilit ability y between between different different platforms platforms and they can be optimized. optimized. Overall network architecture.

According to our design, the adopted network architecture defines secure, interpretable infrastructure that provides reliable and open-standard based communication for distribution of  information. The architecture also defines technologies required to support communications  between  between various client client machines machines and servers servers on the network network (Chris, (Chris, 2003). 2003). There There are established established network standards that coordinate secure implementation of network architecture as well as supporting traditional data such as voice and video. The architecture is based on open standards

KFF NETWORK DESIGN

7

that are industry wide approved and specify how information processing resources convey data and interconnected. The used network architecture components include wire-based using fiber optic and wireless technologies using satellite technology. The network protocols employed include TCP/IP, distributed network protocol and open short path first protocol. Usefulness of a traffic analysis.

Information generated from traffic analysis can help one to figure out the needs and requirements to upgrade their network to handle more data. Also, it helps to monitor activities on the network thus one can detect instances of attacks, probably trace the attacks or even put in place appropriate measures to counter the attacks. Similarly, traffic analysis helps in figuring out the capacity limits a given network can handle and hence determining the required resources to be put in place in relation to effectiveness and costs. Therefore, traffic analysis is useful for ensuring the following: •

 Network  Network security security

•

Billing verification

•

Engineering the network 

•

determining chargeback 

Latency, response time, and jitter Latency: This refers to delays incurred in processing of network data. In networks, latency

is measured using network tolls such as ping tests that determine the time it takes a network packet to travel from source to destination node and back. A low latency defines a system that experiences short delay times while high latency defines systems that experience long delays. Systems suffering from high latency are said to be unreliable and slow thus are inefficient.

KFF NETWORK DESIGN

8

Response time: Refers to time taken to establish communication on a networked computer 

system. This is the time between and end of an inquiry and the beginning of a response. Low response times indicate efficient network performance while long response time indicate unreliable network performances. Jitter: this refers to variation in packet transit delay arising from queuing and serialization

effects along the path of transmission. Mostly, these delays are propagated by traffic congestion due to the size of bandwidth used and speed of transmission paths in place. In congested links, higher levels of jitters are likely to occur. Therefore, higher levels of jitters cause data transmission to be slow hence lowering the network performance. Effect of data rates on each part of the network. Network cabling: Speed of information transmission on cables greatly impacts on the

overall network performance. It signals the amount of time data is expected to travel from sender  node to receiver node. High data speeds are preferable since they help avert congestion on the network as well as make performance efficient. Therefore, in our design, we shall use high speed network cables such as the fiber optic for optimal network performance. Wireless network communication: In wireless environment, data speeds are higher than

in wired networks. This implies that traffic within wireless resource is quite manageable and the overall network performance reliable. Network adapter cards : Data speed in network adapters affect the time in which the

adapters prepare data from computer for the network cable. This also influences time incurred in sending data to another computer and the flow of data between the computer and cabling system. High data speeds therefore contribute to faster network adapter card functionality in terms of  sending and receiving information.

KFF NETWORK DESIGN

9

Strategies to ensure the availability of network access in switched and routed networks.

•

Identifying all the network requirements

•

Designing a hierarchical network 

•

Using routers and multilayer switches that combine routing and switching in the same device

•

Employing the use of high-speed links

•

Use open short path first protocol which scales well in networked resources

•

Employing load balancing technique.

Hardware and software required to secure linear bus architecture against electronic threats

Kudler Fine Foods (KFF) uses Ethernet cabling prone to electronic attacks and needs to be secured from such threats. In the linear bus model, there is need to use hardware that will help  boost security security such such as firewall firewall and routers. routers. Firewall Firewallss are like filters filters which will will help help KFF monitor  monitor  data traffic in its network (Reinhold, 1990). This in turn helps detect unusual traffic and filter them off. From the role of firewall, all unnecessary ports will be blocked and only traffic from known  ports will will be transm transmitted. itted. Therefore Therefore,, firewall firewall will monitor monitor incoming incoming requests requests to prevent prevent known attacks from reaching KFF’s server. The firewall will be patched regularly to detect newest types of attacks. Also to be used is a router with a strong administrator password. The router will be  placed on the the outer-most outer-most gate gate linking linking to the internet. internet. The router router therefore therefore will will be blocking blocking unauthorized and undesired traffic between the networks. To complete security enhancement from a hardware point of view, KFF will use switches in their network to ease network administration.

KFF NETWORK DESIGN

10

The above hardware components will be used in the linear bus topology in the order of  router, firewall and switch from data incoming from the internet as shown below:

Router-Firewall-Switch

Software resources to be used will involve software capable of detecting and eliminating threats as well as those capable of filtering filtering undesired network traffic. For instance, expected threats within KFF network include spoofing, sniffing, information gathering and denial of service attacks among others (Reinhold, 1990). To secure the network from such threats security software on the router can be configured to inspect and encrypt network contents as well as block and control traffic on KFF’s network. Network access control and intrusion detection and prevention management system software will help KFF monitor and block attack from within and outside their main network. Through monitoring using intrusion detection software, network administrator  at KFF will be able to filter the detected threat, address it and block it. Similarly, the software will help in averting traffic crises such as decongesting data on Ethernet and sequencing encrypted

KFF NETWORK DESIGN

11

information for delivery. Backup software will also be used to store important data at automated times. Local Area Networks, Wide Area Networks, Wireless Technologies

Local Area Network (LAN) is a data communication medium that is characterized by hosting all sites on the same link. LAN is confined to one location, usually a small area, therefore considered small and discrete. LANs interconnect devices operating within network interface layer  where they exchange IP data grams from the internet layer. In a LAN network resources are connected such as work stations and printers (Goleniewski, 2007). LANs services include protocol identification, delimitation, bit level integrity checking and addressing. LAN uses Ethernet and token ring which use cabling technology. Wide Area Networks (WAN) are networks that span a large geographical region with longdistance links interconnected together at various points by nodes which perform routing and switching functions (Goleniewski, 2007). The nodes are responsible for moving frames from one link to another and directing them through interlinked local networks. They are extended LANs that depend on heavy cabling such as use of fiber optic. WANs support both synchronous and asynchronous operations and are divided into point-to-point links and non-broadcast multiple access. Wireless networks on the other hand refer to networks that are not connected with cables. Wireless networks span both local area and wide area networks. In local area, wireless technology uses radio waves to connect devices such as computers to the internet. Unlike wired networks, wireless technology can be accessed from hotspots hence are convenient in terms of mobility and easy to setup, expandable and friendly in terms of cost since they eliminate cabling costs (Goleniewski, 2007).

KFF NETWORK DESIGN

12

Concepts and building blocks of today’s data communication networks

Data communications in the present world has been integrated from traditional mechanism of information exchange which was slow and time consuming, to fast, reliable and secure exchange of data using sophisticated mediums. Such include TCP/IP and OSI model frameworks used in all kinds of networks. Both hardware and software have been built to enhance security in authenticity of data and communication channels. Some of the important components of data communication include cables and optic means used to relay data, routers and firewalls used to monitor data traffic on the network and switches used to administrate the network. Network  cabling involves use of data cables and connectors that carry electronic signals from one network  to another and to network interface cards (Bryan, 2004). Cables include unshielded twisted pair  cable, shielded twisted pair cable that are susceptible to radio and electrical interference, coaxial cable that consists of a single copper conductor at its center and is not susceptible to interference. Fiber optic cable consists of a center glass that transmits light signals and is very fast in terms of  data transmission. Different protocols in data communication used different cables that transmit data in different speeds. They are as analyzed in the table below: Protocol Ethernet

Cable Coaxial, twisted pair,

Fast Ethernet Local talk Token ring ATM

fiber  Fiber, twisted pair Twisted pair Twisted pair Twisted pair, fiber

Speed 10MBPS

Topology Star, linear bus and

100MBPS 23MBPS 16MBPS 155-2488

tree topologies Star   Linear bus Star wired Linear bus, tree and star topologies

Other components of data communication include server and host computers, client computers and circuits. Routers, firewalls and switches are used to enhance security in networks

KFF NETWORK DESIGN

13

against attacks from within and outside a given network. These security components vary in configuration according to sensitivity and sizes of network.

The KFF integrated network has been developed to meet efficient and reliable communication requirements including security enhancement and information delivery. The designed KFF network has adopted network architecture that defines secure, interpretable infrastructure that provides reliable and open-standard based communication for distribution of  information. The architecture also defines technologies required to support communications  between  between various client client machines machines and servers servers on the network network (Chris, (Chris, 2003). 2003). There There are established established network standards that coordinate secure implementation of network architecture as well as supporting traditional data such as voice and video. The architecture is based on open standards that are industry wide approved and specify how information processing resources convey data and interconnected. The used network architecture components include wire-based using fiber optic and wireless technologies using satellite technology. The network protocols employed include TCP/IP, distributed network protocol and open short path first protocol. Security implementation has been done using a switch and a firewall for all information from and into the KFF’s server. Internal security measures include use of routers to monitor and control traffic flow. The overall network design is as shown below:

KFF NETWORK DESIGN

14

Time plan for the design of KFF’s Network 

Activity / Time  Network   Network  identification and problem evaluation Evaluating best communication  protocols  protocols and communication devices required

Week one

Week two

Week three

Week four

Week five

KFF NETWORK DESIGN

15

Identifying all network  requirements and analyzing security requirements Designing an appropriate network  Evaluating the integrated network 

Design approach and rationale

The integrated network design has been adopted from analysis meant to determine KFF’s data and communication requirement. The new design addresses fast, reliable, efficient and secure  protocols  protocols that ensure ensure delivery delivery of communi communication cation from from one work station station to another and and to the server. The integrated design has put into consideration flexibility factor where users can access communication via the KFF’s network through wireless hotspots. The design has eliminated use of  cables to save on costs and space (Panko, 2011). Based on communication speeds, wireless LANs will offer the desired fast data transfer rates of up to 1522 MBPS which is sufficient for KFF and does not require future expansion. Analysis of the integrated network  Security : the integrated KFF’s network has tight traffic monitoring and control

mechanisms that incorporate filtering, blocking and analysis of data passing through the company’s communication channels. A switch has been used to filter content from the internet while a firewall has been adopted to block malicious and unknown content from reaching KFF’s server. Routers are used to control and monitor traffic within the wireless LAN.

KFF NETWORK DESIGN

16

Backup: There are three backup facilities that oversee information is backed up on a daily

 basis. This ensures ensures all all information information is secure from from failures failures resulting resulting from system system crush, power  power  surge, fire and theft. The backups are located in different locations in order to avert a situation where the three are susceptible to similar fate. Communication speeds : Wireless communication is used for fast delivery of data packets

from one client computer to another and to the server machine (Goleniewski, 2007). The wireless speed is 1522MBPS which eliminates possibilities of traffic accumulation. The new design uses open communication protocols for reliability and effectiveness. Cost: KFF’s integrated network design meets friendly cost requirements as use of wireless

technologies is affordable. Data requirements

A wireless LAN supporting data speeds of up to 1522MBPS and operates on a TCP/IP  protocol is extremely extremely fast fast enough enough to support support any operation operation undertak undertaken en by KFF. KFF. Since informat information ion is broken down into packets, time required to breakdown and reconstruct the packets are insignificant considering the transmission speeds. There is efficiency is transmission given that communication channels do not breakdown. Another advantage of the integrated design is the ability to tune and adjust bandwidth required at a particular time. The network administrator  monitors bandwidth and regulates its usage according to requirements of a given time. Physical and electronic threats

The integrated network has addressed physical and electronic threats in a broad scope. However, some threats are hard to totally control such as natural calamities, fire disaster, and system failure, evolution of new undetectable threats such as viruses, wear and tear and obsoleteness of technology. Some are controllable and require thorough monitoring and analysis

KFF NETWORK DESIGN

17

such as failure, obsoleteness, viruses and wear. Such will need regular system updating, use of  virus and spyware control software and regular servicing (Reinhold, 1990). On the other hand, fire outbreak is a disaster and can be controlled via precautions, monitoring and guarding the KFF’s  perimeter  perimeter using surveillance surveillance systems systems and and physical physical guards. guards. In case of of a fire outbreak, outbreak, KFF is equipped with fire fighting equipments and its servers are stationed in fireproof premises. Security measures and policies are in place to ensure that users and employees adhere to  protective  protective policies policies that protect protect their their lives lives and the company’s company’s properties. properties. The policies are elaborate elaborate and quite straight to the point (Chris, 2003). Any breeches lead to penalties and prosecution where appropriate. In order to safeguard all resources, adherence to the policies is encouraged and people expected to act responsibly. There are detection systems in place to sense and automatically control the main system such that it shuts down, alerts employees via an alarm system and takes appropriate measures. For  instance, fire detection system will detect temperature changes, turn on cooling systems, if it doesn’t work it alerts people of possible threat and avails fire fighting equipments. All other  detection systems work in a similar manner; they are tuned to trying to solve the situation other  than just alerting workers. Surveillance within KFF’s perimeter helps to monitor all activities thus can help identify unusual activities hence also help in detecting threats. Punishment for any propagated misconduct towards the KFF’s network is documented within the network policy and is not compromised whatsoever. Conclusion

KFF NETWORK DESIGN

18

The overall integrated network addresses all KFF’s network requirements and recommends shift to the new design. Challenges purported in the integrated design are controllable and manageable.

KFF NETWORK DESIGN

19

References Aksoy P. and Laura D. (nd) Information Technology in Theory: Communication protocols Bryan E. (2004) A Professional Guide to Data Communication in a TCP/IP World. ISBN 158053-909-2 Chris C., (2003) Arizona Enterprise Architecture: Guiding Arizona to Ever Improving Citizen Service. Government Information technology Agency Cisco Inc. (2000) Internetwork design Guide: internetworking Design Basics. Retrieved from http://www.cisco.com/univercd/cc/td/doc/cisintwk/idg4/nd2002.htm Goleniewski, L. (2007). Telecommunications essentials: essentials: Wireless communication basics (2nd ed.) Boston, MA: Pearson Kang D and John R., (2009) Compartmentalization of Protocols in SCADA communication.  International  International journal journal of Advanced Science and and Technology, Technology, Vol. 8. 8. Panko, R. R., & Panko, J. L. (2011). Busines (2011). Businesss data networks networks and telecommunic telecommunication ation (8th ed.) Upper Saddle River, NJ: Prentice Hall Reinhold N., (1990) Network Topology Optimization: The Art and Science of Network Design ISBN -10:0442238193

Sekar K., and Dey S. (2008) Dynamically Configurable Bus Topologies for High-Performance on-chip communication. Volume 16 issue 10.