FACULTY COMPUTER OF SCIENCE AND MATHEMATICS

ROUTING AND SWITCHING TECHNOLOGIES

CASE STUDY: ENTERPRISE NETWORK IMPLEMENTATION

NAME :

MUHAMMAD QARDHAWI BIN ISMAIL (2022910417)

ALIFF IMAN BIN SHAIFUL AZMAN (2022972819)

GROUP:

CS2554A

PREPARED FOR:

ZARINA ZAINOL ZAINUDDIN ZAINATUN

6 DECEMBER 2020
TABLE OF CONTENT

CONTENTS PAGE

INTRODUCTION 3

THE TASK 4-10

CONCLUSION 11

REFERENCE 11
INTRODUCTION

College Maju is a small private campus that provide opportunity to the people in
Kembang Setaman district to pursue their study in tertiary level. Due to lack of
budget, the college’s campus architecture was poorly designed and implemented.
The network was segmented using typical segmentation (subnetting) and no security
feature(s) was implemented. Furthermore, current system does not support further
scalability in the future.
The campus consists of library building, 2 academic buildings, lab building and an
admin building
THE TASKS

1. Study and analyse the network architecture

The Star Topology network structure will be used by College Maju. The type of
network has a middle node that links directly to other devices, with the remaining
devices interconnecting through the middle node. The core switch supports the
entire network. A core switch connects devices like file servers, workstations, and
peripherals together. The core switch receives and processes all data. Even
though it delivers data to all nodes, only one at a time is successful in receiving it.
Two different tiered approaches exist which is :-

● Access Layer
● Core Layer

Core Layer offers a high-speed packet switching fabric between different

assembly systems sets. It serves as a gateaway for all the elements. There are
fast connections to other campus networks at the core layer. As an example,
WAN side networks are bound to several floors and departments. The core layer
design should that should be found:-

● High availability
● High-performance
● High throughput

By connecting devices like computers, internet protocol phones, and

closed-circuit video cameras to the shared LAN through Ethernet, the access
layer offers network communication to end users. These switches are typically
found in the wire closets on each floor of a department building.

There are several attributes that need to be considered before the

campus network architecture is implemented.

● Port density
● High availability
● Power over Ethernet (PoE)
● Segmentation
WEAKNESS

I. Assume that the central switch or hub fails, the attached nodes will
be disconnected.

● The access layer provides network connectivity to end users by

connecting devices like PCs, internet protocol phones, and
closed-circuit video cameras to the common LAN using Ethernet. In a
department building, these switches are normally located in the wire
closets on each floor.

II. The efficiency and scalability of the network depend on the potentiality of
the hub.

● The size of the network is limited by the number of connections to the

core switches, which in turn limits overall performance network.

III. The switch is a single point of failure

● Switches are connected to all networks, so if a switch goes down, the

entire network fails. The adjustment of the node is lost if the switch fails.
 IV. Star topology requires more cable length

● If the network is expand, extra cables are required make installation

difficult.

V. More Expensive than other topologies

● A star topology has many cables and is the most expensive network to
build. That's why you need trunks to keep cables safe.

2. Propose an upgraded network design

A) Failure of the core switch will not affect the whole system

● Add another layer called sum layer. This layer aggregates links and
traffic flows from different access layer changes into provides
high-density connectivity to the LAN hub.
● Since all traffic goes through network connections, any problems of the
physical connection must be visible to ensure high availability of network
services. Combining multi-link systems and interconnected network
technology will achieve this goal.

B) Enhance the security measure for the LAN, instead of using simple
segmentation like subnetting

● Most WPA2 and WPA 3 offer an encryption option. You can turn on this
feature in your router’s WiFi settings, which you can access with your IP
address and router login credentials. When you enable encryption for
your WiFi network, it encrypts any data sent between your wireless
channel and your device.
● A good firewall helps to prevent unwanted traffic from entering or leaving
your wireless network without your knowledge. Router firewalls are often
not turned on by default, which means you need to activate yours. To do
so, log into your router settings using your IP address to enable the
option.
● Switch to a WPA3 router with will come with more robust security
protocols to address many of the vulnerabilities found in WPA2 routers.
C) Introduce a router so that users of different departments can communicate with each other.

● One or more routers are needed to build a small network. One router connects multiple
switches and networks to create an even bigger network. These networks can be
positioned in one place or in a few places.

● A router connects multiple devices to the Internet and connects the devices to a single
router another one. The router can be used to create a device's local network. A router
connects multiple devices to the internet and connects the devices to each other. To
create a local device network, a router must be used. These LANs are useful for sharing
data between devices or for employees to share software tools.

● Routing protocols specify how routers connect to each other to forward data, allowing
them to choose routes between either node of the network computer. Routers perform
"traffic flow" functions on the Internet. When they reach the destination computer, data
packets are transmitted from one router to another over the Internet. Routing algorithms
decide the base route option. Only networks that communicate specifically with each
router have advanced information. Routing protocols send data across the network with
immediate neighbors. This allows routers to learn information about the network
topology.

● Routers are the first line of defense against network attacks. The highest router's level of
security is enabled by things like firewalls, the convinced way to protect running data and
private data from attack. Most routers only connect via network cable to other network
devices and do not have drivers to work on the operating system. However, routers
connected to FireWire or USB systems also need drivers to function properly. The
modem is connected to the cable using a wireless router. The router then creates and
connects to the school's Wi-Fi network through the built-in antenna that transmits data
from Division A to Division B over the Internet. As a result, all computers on campus can
access the Internet.
D) Introduce a way to ease IP configurations on all end devices.

● The source and destination devices for data transmitted over the Internet are called
terminals. Each endpoint in the network has an address that can be used to distinguish
it from other endpoints. When a terminal initiates a communication session for the first
time, it uses the address of the destination terminal to determine where to send the
message.

● Start by selecting a device in the Cisco Packet Tracer desktop. Create network
topology. Use the auto-connect cable to connect your gadget to other devices. Next,
configure your server and PC with the IPv4 address and subnet mask according to the
IP address table above. Click on the first PC to assign an IP address. You can find the
IPv4 configuration by going to Desktop & IP Configuration. Specify the subnet mask
and IPv4 address. Repeat the process in the same way so that the second PC and
server are fully configured. Verify the connection by pinging the IP address of each
server on the first PC. Use the ping command to verify the connection. We will check to
see if you have received a response. Here, the destination node responds on both PCs.
The connection is now verified. Test the server with another PC web browser. As you
can see the server is working fine and I am seeing the results. To end using
FastEthernet port 0/1, use the switch off command.
e.
 3. Discuss how your proposed design will improve the current system.

The discussion must cover issues about security, reliability, performance, scalability

A) Security

● Implement a strict password policy. Weak university network passwords are a death
sentence, but complex passwords take longer to access. We often hear articles about
hackers using rudimentary tools to access a user's account and create a password for
the user's store is rude. Network administrators can force system owners to create
difficult passwords that cannot be easily chosen from a dictionary. Passwords expire
every 60 or 90 days of him, so it's hard to recalculate password complexity and prevent
hackers from damaging your network.

● Applications with a firewall can monitor and block all unauthorized processes while
allowing secure access to the network. Both applications can be configured as
hardware and firewalls reduce the possibility of dangerous network files. Reliable
personal firewall applications can build your network around web traffic monitoring
security policies, eliminate or block Trojans, thwart hacks, and combat keyloggers..

b) Reliability

● Make sure you have enough space. A reliable network has sufficient capacity. As
people start communicating in real time, networks will inevitably be affected.
Universities should provide more bandwidth for this. This must be provided by our
internet service provider. Various access options such as VDSL, Ethernet, and fiber can
provide capacity, but mobile networks also play an important role. For example, 4G
backup service guarantees performance. How we combine all these technologies is up
to us.

● Take advantage of proven technology on the internet. When building networks, it is

 important to use widely supported network architectures and protocols that have proven
their value and reliability. Our internet service provider must be asked to provide a
so-called multicast protocol one

C) Performance

● Limit the number of network users. Like many road drivers, like so many network users,
traffic jams can occur. When someone on the network completes a resource-intensive
job, the network slows down. Therefore, it is useful to limit the number of users on your
network. For example, don't encourage guests to access your network. Instead, create
a more stable guest network that doesn't violate the university's infrastructure.

● Using security tools. Detailed diagnostic information about you can quickly identify
conditions so you can spend more time solving problems and less time solving them.
Monitoring tools help you proactively identify potential issues before they occur, helping
customers experience very little network slowdown.

D) Scalability

● Create VLANs. A VLAN is a logical separation of network devices by sharing the same
physical network. VLANs are a profitable platform with many factors. In general, good
VLAN capabilities combined with a good subnetting system can reduce network
overhead, improve security, and simplify management. A successful VLAN
implementation is the provision of device control over the network. This allows users to
better track their network infrastructure.

● Network subnet. Subnets are another way of isolating networks. Subnetworks usually
match physical network locations, but VLANs do not need to be installed properly.
Optimal network subnetting can improve overall network and operations. The embedded
subnet structure can be carefully divided into separate subnet locations, departments,
and protected areas. A simple task declaration gives users better control over their
subnets and tasks. It's good that HR and the team are focused on security standards
 across the size of the school and various networks. This makes it easier to control these
critical data devices. Subnetting isn't just for defense. Overall network costs can be
reduced only when used in conjunction with appropriate VLANs containing network
traffic to relevant sites. This network guarantees massive scalability because it
guarantees massive scalability.

CONCLUSION

To conclude, as Ikhtiar College is a small private school that offers Kembang Setaman district
residents the opportunity to pursue their education at the university level, they are encouraged
to upgrade their network of contacts. As we suggest above, Ikhtiar College can upgrade its
network in terms of security, reliability, performance and flexibility.
As we all know, there are a lot of crimes on our network today and also for the purpose of
securing important school information from hackers. Therefore, we urge Ikhtiar university to
accept the proposal to implement strong passwords for security, provide enough capacity to
ensure reliability, limit the number of network users to do it, and create VLANs ( Virtual Local
Area Network) for scalability. We hope the university faculty can accept our proposal because
the cost is also affordable and the most important thing is that the network that Ikhtiar university
uses will be more secure from hackers.

Reference

● TTI | What Needs to be Included in a Network Design Proposal? (n.d.). TTI. Retrieved December
7, 2022, from
https://www.turn-keytechnologies.com/blog/article/what-needs-to-be-included-in-a-
● ‌Judge, K. (2015, December 23). 6 Tips to Improve Network Security. Comodo Antivirus Blogs |
Anti-Virus Software Updates; Comodo.
https://antivirus.comodo.com/blog/computer-safety/6-tips-to-improve-network-security/
● teachict.com - This website is for sale! - Computertraining Resources and Information. (n.d.).

Www.teachict.com. Retrieved December 7, 2022, from

 https://www.teachict.com/gcse_new/networks/peer_peer/miniweb/pg3.html

● Agarwal, T. (2022, September 19). Star Topology : Working, Differences, Advantages & Its

Applications. ElProCus - Electronic Projects for Engineering Students.

https://www.elprocus.com/star-topology/

● IP Addressing: IPv4 Addressing Configuration Guide, Cisco IOS XE Release 3S - Configuring IPv4

Addresses [Support]. (n.d.). Cisco.

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_ipv4/configuration/xe-3s/ipv4-xe-3s

-book/configuring_ipv4_addresses.html