7393 - BD00345 - SE06202 - Assigment 2 - Ngô Nguyễn Nhật Linh

BTEC FPT INTERNATIONAL COLLEGE
INFORMATION TECHNOLOGY
ASSIGNMENT 2
UNIT: NETWORKING
STUDENT : NGO NGUYEN NHAT LINH

CLASS : SE06202
STUDENT ID : BD00345
SUPERVISOR : NGUYEN BAO QUOC
Da Nang, August, 2023

ASSIGNMENT 2 FRONT SHEET
Qualification BTEC Level 5 HND Diploma in Computing
Unit number and title Unit: Networking
Date received (1st sub-

Submission date 12/8/2023 12/8/2023
mission)
Date received (2nd

Re-submission date
submission)
Ngo Nguyen Nhat

Student name Student ID BD00345
Linh
Class Assessor name Nguyen Bao Quoc
Student declaration
I certify that the assignment submission is entirely my own work and I fully understand the
consequences of plagiarism. I understand that making a false declaration is a form of malpractice.
Student’s signature:
NHATLINH
Grading grid
P5 P6 P7 P8 M3 M4 D2 D3
Summative Feedbacks: Resubmission Feedbacks:
Grade: Assessor Signature: Date:

Internal Verifier’s Comments:
Signature & Date:
i
TABLE OF CONTENT
INSTRUCTOR/SUPERVISOR/ASSESSOR……………………………………………………………….……………………….i
REVIEWERS……………………………………………………………………………………………………………………..…….…..ii
TABLE OF CONTENT ................................................................................................................... ii
LIST OF TABLES AND FIGURES.................................................................................................... iv
LIST OF ACRONYM ...................................................................................................................viii
INTRODUCTION ......................................................................................................................... 1
CHAPTER 3: DESIGN EFFICIENT NETWORKED SYSTEMS. (L03) ...................................................... 2
1. Provide a logical/physical design of the networked system with clear explanation and
addresing table (P5) .........................................................................................................................2
1.1. Explain the difference between logical and physical design ....................................2
1.2. Discuss and explain the USER Requirement for the design ......................................6
1.3. Provide a logical design of the network base on user requirement .........................7
1.4. Provide a physical design of the network based on user requirement ..................11
1.5. Provide addressing table for the network you design. ...........................................13
2. Evaluate the design to meet the requirements. (P6) ..........................................................15
2.1. Provide test plan (Screen shot of evidence of test such as ping test – connectivity
test etc.) .....................................................................................................................................15
2.2. Evaluate the design of the network ........................................................................24
3. Install and configure network services and applications on your choice. (M3) ...................25
3.1. DHCP Server ............................................................................................................25
3.2. DNS Server ...............................................................................................................31
3.3. Web Server ..............................................................................................................34
3.4. Mail Server ..............................................................................................................38
ii
3.5 Configuation Router – Wifi.......................................................................................44
CHAPTER 4 : IMPLEMENT AND DIAGNOSE NETWORKED SYSTEMS. (L04) ................................... 50
2. Implement a networked system based on a prepared design. (P7).....................................50
2.1. Show evidence of a working network you’ve design ..............................................50
2.2. Show the implemented system...............................................................................59
3. Document and analyze test results against expected results. (P8) ......................................61
3.1. Provide a step by step configuration of network devices in the network (Choose a
device in the network and provide all the steps for configuration) ..........................................61
3.2. Test results against test plans .................................................................................65
4. Recommend potential enhancements for the networked systems. (M4) ...........................87
4.1 Network Security. .....................................................................................................87
4.2 Backup and Restore..................................................................................................88
4.3 Monitoring and Management. .................................................................................90
4.4 Firewall. ....................................................................................................................91
4.5 Managing network resources...................................................................................92
4.6 Policy and access control. ........................................................................................93
4.7 Secure IP address and network. ...............................................................................94
4.8 Fault Recovery. .........................................................................................................95
CONCLUSION ........................................................................................................................... 97
REFERENCES ............................................................................................................................ 99
iii
LIST OF TABLES AND FIGURES
Figure 1 Logical Design ....................................................................................................................2
Figure 2 Physical Design ..................................................................................................................3
Figure 3 Ground Floor......................................................................................................................7
Figure 4 Network Manager’s room .................................................................................................8
Figure 5 Teacher’s room ..................................................................................................................9
Figure 6 Student's lab ......................................................................................................................9
Figure 7 Student lab's room ..........................................................................................................10
Figure 8 Switch and Router ...........................................................................................................10
Figure 9 Ground Floor....................................................................................................................11
Figure 10 First Floor .......................................................................................................................11
Figure 11 Seconds Floor ................................................................................................................12
Figure 12 Switch and Router .........................................................................................................12
Figure 13 Test in Manager’s room.................................................................................................16
Figure 14 Test in Staff's room .......................................................................................................16
Figure 15 Test in Teacher's rooom ...............................................................................................17
Figure 16 Test in Network Manager’s room ..................................................................................17
Figure 17 Test in Student Lab - 1ST ...............................................................................................18
Figure 18 Test in Student Lab - 2ST ...............................................................................................18
Figure 19 Test in Manager’s room to Staff’s room........................................................................19
Figure 20 Teacher’s room to Network Manager’s room ...............................................................19
Figure 21 Ping from ground floor to fisrt floor ..............................................................................20
Figure 22 Ping from first floor to second floor ..............................................................................20
Figure 23 Ping from ground floor to second floor .........................................................................21
Figure 24 Ping from Manager 5 to Printer–Manager ....................................................................21

iv
Figure 25 Ping from Saff 6 to Printer – Staff..................................................................................22
Figure 26 Ping from Teacher 8 to Printer–Teacher ......................................................................22
Figure 27 DHCP server ..................................................................................................................26
Figure 28 Step to set DHCP server. ................................................................................................26
Figure 32 Step to set DHCP server. ......................................................................................... …….29
Figure 38 Step to set DNS server. ..................................................................................................32
Figure 42 Step to set Web server ..................................................................................................34
Figure 49 Step to set Mail server...................................................................................................39

v
Figure 50 Step to set Mail server. ..................................................................................................39
Figure 56 Start topology ................................................................................................................50
Figure 57 Device 1: N_Manager 2. ................................................................................................52
Figure 58 Device 2: Manager 3 ......................................................................................................52
Figure 59 Device 3: Staff 7 .............................................................................................................53
Figure 60 Device 4: Teacher 9 .......................................................................................................53
Figure 61 Ping N_Manager 2 to Teacher 9 ...................................................................................54
Figure 62 Ping Manager 3 to Staff 7 .............................................................................................54
Figure 63 Ping Manager 3 to Printer-Manager .............................................................................55
Figure 64 Ping Staff 7 to Printer-Manager.....................................................................................55
Figure 65 Ping Teacher 9 to Printer-Teacher.................................................................................56
Figure 66 Device 1: Student 11 ......................................................................................................56
Figure 68 Ping Student 11 to Student 20.......................................................................................57
Figure 70 Device 2: Student 37 .....................................................................................................58
Figure 71 Ping Student 34 to Student 37.......................................................................................59
Figure 72 Logical Design ................................................................................................................59
Figure 73 Physical Design ..............................................................................................................60
Figure 74 Configuation Switch_Main ............................................................................................61

vi
Figure 77 Configuation Router_Main ............................................................................................63
Table 1 Compare Logical Design and Physical Design .....................................................................5
Table 2 Addressing table ...............................................................................................................13
Table 3 Test results summary table...............................................................................................23
Table 4 Test results summary table...............................................................................................86
vii
LIST OF ACRONYM
DHCP Dynamic Host Configuration Protocol
DNS Domain Name System
NAT Network Address Translation
IP Internet Protocol
viii
INTRODUCTION
In information technology industry, computer networks, also known as computer networks,
play an important role in the research and implementation of methods, technologies, designs and
protocols to connect devices information and systems together. Thanks to computer networks, we
have the ability to easily and effective to share resources, transmit information, and interact over
networks.
To better understand the basics of network design, we need to know about logical design and
physical design. Logical design helps us understand how network components interact with each
other to ensure smooth and efficient network operation. Whereas, physical design deals with in-
stalling, connecting, and maintaining network hardware and software.
This article focuses on learning about these two types of design and also comparing the differ-
ences between them. We will then proceed to provide the logical design and the physical design
for the specific project. Finally, the article will analyze and evaluate user requirements, thereby
making appropriate comments and conclusions. Let's find out in this essay.
Here are the items that I will discuss in this report:
❖ CHAPTER 3: DESIGN EFFICIENT NETWORKED SYSTEMS. (L03)

o Provide a logical/physical design of the networked system with clear explanation and ad-
dresing table (P5)
o Evaluate the design to meet the requirements. (P6)
o Install and configure network services and applications on your choice. (M3)
❖ CHAPTER 4 : IMPLEMENT AND DIAGNOSE NETWORKED SYSTEMS. (L04)
o Implement a networked system based on a prepared design. (P7)
o Document and analyze test results against expected results. (P8)
o Recommend potential enhancements for the networked systems. (M4)
Performed Student: Ngo Nguyen Nhat Linh 1

CHAPTER 3: DESIGN EFFICIENT NETWORKED SYSTEMS. (L03)
1. Provide a logical/physical design of the networked system with clear explanation and addres-
ing table (P5)
1.1. Explain the difference between logical and physical design
1.1.1 Logical Design
- Logical design in networking refers to focusing on how different network components in-
teract and communicate without considering specific physical devices. It involves determining the
network's overall structure, IP addressing scheme, routing protocols, network services, quality of
service (QoS) policies, security measures, and network address translation (NAT) policies. Logical
design forms the foundation for the physical implementation of the network and aids in easier de-
ployment and management of network elements.
Figure 1 Logical Design

❖ The features of logical design in networking are:
- Abstraction: Focuses on high-level representation.
- Topology Definition: Determines network structure.
- IP Addressing Plan: Designs IP address scheme.
- Routing Configuration: Selects routing protocols.
- VLANs: Creates logical network segments.
- Network Services: Identifies essential services.
- QoS: Prioritizes traffic for better performance.
- Security: Implements access controls and encryption.
- NAT: Manages private-to-public IP translation.
1.1.2 Physical Design
- Physical design in networking is the process of implementing the abstract logical design
into actual hardware and physical components. It involves selecting networking devices, planning
cable layouts, device placements, and power requirements, organizing equipment in racks, consid-
ering physical security, conducting testing. The physical design involves a diagram of the actual way
the network will be seen.
Figure 2 Physical Design

❖ Because physical network diagrams depict the entire topology of the physical network,
they can include a number of different components:
- Connections: connections are important to a physical network diagram. Connectors (aka
connections) depict the physical cabling that connects physical devices in a network. Depending
upon the level of detail required, you may use different colors, thickness, and types of lines to rep-
resent differences in connections: such as fiber, copper, and so on
- Labels: Labels tell the viewer what they are looking at, especially when a physical diagram
uses generic icons. Everything that is active and managed in the network should be labeled with the
hostname and IP.
- Address, including: switches, routers, firewalls, and so on. When a device is active and being
managed elsewhere, it should still be labeled in some way (perhaps with a different font to differ-
entiate it from the other network devices).
- Diagram Legend: a diagram’s legends tells the viewer what the different objects and connec-
tions mean. The different graphics, icons, colors, and gives it real-world meaning.
- Switch Stacks: switch stacks, that function similar to a chassis switch, are generally depicted
as a single object/device.
❖ The features of physical design in networking are:
- Hardware selection
- Cable layout and infrastructure
- Device placement
- Cooling and power requirements
- Rack and cabinet organization
- Physical security
- Testing and certification
- Documentation
1.1.3 Compare Logical Design and Physical Design
The difference between logical design and physical design of a network is in the way they
are presented. The logical design is more conceptual and abstract than the physical design. In the
logical design, you look at the logical relationships among the objects. In the physical design, you
look at the most effective way of storing and retrieving the objects.

Criteria Logical Design Physical Design
Focus Abstract representation of the net- Concrete implementation using hard-

work's functionality and structure ware
Representation Conceptual and presents high-level Detailed and specific

concepts
Components Addresses network structure, IP ad- Involves hardware selection, cable ar-
dressing, routing, VLANs, etc. rangement, device placement, etc.
Abstraction Hides specific hardware details Includes specific hardware and physical
infrastructure details
Flexibility Easily modified or updated as net- Changes may require physical adjust-
work requirements change ments and hardware upgrades
Ease of Testing Easy to simulate and test in a virtual Testing requires real hardware and phys-
environment ical connectivity
Deployment Quicker design and modification Longer due to physical setup and config-
Time urations
Risk Factor Lower risk during testing and de- Higher risk due to physical setup and po-
ployment tential hardware issues
Security Focuses on logical access controls Includes physical security measures to

and encryption protect network equipment
Maintenance Easier to manage and maintain Requires regular hardware maintenance

and monitoring
Table 1 Compare Logical Design and Physical Design

1.2. Discuss and explain the USER Requirement for the design
1.2.1 USER Requirement
❖ Requirements for general:

- User requirements is the set of requirements gathered or derived from user input and is
what is needed by users to successfully accomplish their tasks on the system.
- In general, the system should adapt to users and their environments, provide quick and re-
liable information access and transfer, and offer quality service to the user. This indicates the fol-
lowing general requirements:
• Timeliness
• Interactivity
• Reliability
• Presentation quality
• Adaptability
• Security
• Functionality
• Supportability
• Future growth
❖ Requirements of assignment scenario:
- People: 200 students, 15 teachers, 12 marketing and administration staff, 5 higher manag-
ers including the academic heads and the programmer managers, and 3 computer network admin-
istrators.
- Resources: 50 student lab computers, 35 staff computers, and 3 printers
- Building: 3 floors, all computers and printers are on the ground floor apart from the IT labs
– one lab located on the first floor and another located on the second floor.
1.2.2 Explain The User Requirement
- Due to the guidance of engineer and user requitement, I divide into 3 floors which ground
floor will have 1 wifi department, 3 printer and 35 computers included 4 rooms are Manager's
room, Network Manager's room, Staff's room, Teacher's room, first - floor will have 25 student lab
computers and 1 wifi department, second- floor will have 1 wifi department and 25 student lab
computers.

❖ As follows
Shared Devices:
- 1 Router - Main, 1 Switch – Main.
Ground Floor:
- 1 DNS – server and 1 Mail – server, 1 Web – Server.

- 1 wifi department.
- Network Manager’s room: 3 computers.
- Manager’s room: 5 computers and 1 printer.
- Staff’s room: 12 computers and 1 printer.
- Teacher’s room: 15 computers and 1 printer.
First Floor
- 1 wifi department
- Lab room 1: 25 computers
Seconds Floor:
- 1 wifi department
- Lab room 2: 25 computers
1.3. Provide a logical design of the network base on user requirement

1.3.1 Ground Floor.
Figure 3 Ground Floor

Figure 4 Network Manager’s room
Figure 5 Manager’s room
Figure 6 Staff’s room

Figure 7 Teacher’s room
- On the ground floor, I used 2 Switch to connect 12 staff lab computers, 1 wifi department, 3
network admin lab computers, 5 manager lab computers, 15 teacher lab computers and 3 printers.
VLAN 0 of ground floor includes 35 computers and 3 printers using the IP address: 192.168.1.0/26
and Subnet mask is 255.255.255.192.
1.3.2 First Floor.
Figure 8 Student's lab

- On the first floor, I used 2 Switch to connect 25 student lab computers, 1 wifi department
1.3.3 Seconds Floor.
Figure 5 Student lab's room
- On the second floor, I used 2 Switch to connect 25 student lab computers, 1 wifi department
1.3.4 Switch and Router
Figure 6 Switch and Router

1.4. Provide a physical design of the network based on user requirement
1.4.1 Ground Floor.
Figure 7 Physical_Ground Floor
1.4.2 First Floor.
Figure 8 Physical_First Floor

1.4.3 Seconds Floor.
Figure 9 Physical_Seconds Floor
1.4.4 Router
Figure 10 Switch and Router

1.5. Provide addressing table for the network you design.
Table 2 Addressing table
Devices Interfaces IPV4 Address Subnet Mask Default Gateway

N_Manager 1 FAST 0/17 192.168.1.2 255.255.255.0 192.168.1.1
N_Manager 2 FAST 0/16 192.168.1.17 255.255.255.0 192.168.1.1
N_Manager 3 FAST 0/15 192.168.1.16 255.255.255.0 192.168.1.1
……. ……. …… ….. …..
Manager 1 FAST 0/13 192.168.1.18 255.255.255.0 192.168.1.1
Manager 2 FAST 0/12 192.168.1.19 255.255.255.0 192.168.1.1
Manager 3 FAST 0/11 192.168.1.20 255.255.255.0 192.168.1.1
Manager 4 FAST 0/10 192.168.1.21 255.255.255.0 192.168.1.1
Manager 5 FAST 0/9 192.168.1.22 255.255.255.0 192.168.1.1
……. ……. …… ….. …..
Staff 1 FAST 0/24 192.168.1.23 255.255.255.0 192.168.1.1
Staff 2 FAST 0/19 192.168.1.24 255.255.255.0 192.168.1.1
Staff 3 FAST 0/20 192.168.1.25 255.255.255.0 192.168.1.1
Staff 4 FAST 0/21 192.168.1.26 255.255.255.0 192.168.1.1
Staff 5 FAST 0/22 192.168.1.27 255.255.255.0 192.168.1.1
Staff 6 FAST 0/23 192.168.1.28 255.255.255.0 192.168.1.1
Staff 7 FAST 0/8 192.168.1.29 255.255.255.0 192.168.1.1
Staff 8 FAST 0/7 192.168.1.30 255.255.255.0 192.168.1.1
Staff 9 FAST 0/6 192.168.1.31 255.255.255.0 192.168.1.1
Staff 10 FAST 0/5 192.168.1.32 255.255.255.0 192.168.1.1
Staff 11 FAST 0/4 192.168.33 255.255.255.0 192.168.1.1
Staff 12 FAST 0/3 192.168.34 255.255.255.0 192.168.1.1
……. ……. …… ….. …..
Teacher 1 FAST 0/7 192.168.1.35 255.255.255.0 192.168.1.1
Teacher 2 FAST 0/6 192.168.1.36 255.255.255.0 192.168.1.1
Teacher 3 FAST 0/5 192.168.1.37 255.255.255.0 192.168.1.1
Teacher 4 FAST 0/4 192.168.1.38 255.255.255.0 192.168.1.1
Teacher 5 FAST 0/3 192.168.1.39 255.255.255.0 192.168.1.1
Teacher 6 FAST 0/13 192.168.1.40 255.255.255.0 192.168.1.1
Teacher 7 FAST 0/12 192.168.1.41 255.255.255.0 192.168.1.1
Teacher 8 FAST 0/11 192.168.1.42 255.255.255.0 192.168.1.1
Teacher 9 FAST 0/10 192.168.1.43 255.255.255.0 192.168.1.1
Teacher 10 FAST 0/9 192.168.1.44 255.255.255.0 192.168.1.1
Teacher 11 FAST 0/18 192.168.1.45 255.255.255.0 192.168.1.1
Teacher 12 FAST 0/17 192.168.1.46 255.255.255.0 192.168.1.1
Teacher 13 FAST 0/16 192.168.1.47 255.255.255.0 192.168.1.1
Teacher 14 FAST 0/15 192.168.1.48 255.255.255.0 192.168.1.1
Teacher 15 FAST 0/14 192.168.1.49 255.255.255.0 192.168.1.1
……. ……. …… ….. …..
Student 1 FAST 0/7 192.168.2.2 255.255.255.0 192.168.2.1
Student 2 FAST 0/6 192.168.2.3 255.255.255.0 192.168.2.1
Student 3 FAST 0/5 192.168.2.4 255.255.255.0 192.168.2.1

Student 4 FAST 0/4 192.168.2.5 255.255.255.0 192.168.2.1
Student 5 FAST 0/3 192.168.2.6 255.255.255.0 192.168.2.1
Student 6 FAST 0/2 192.168.2.7 255.255.255.0 192.168.2.1
Student 7 FAST 0/3 192.168.2.8 255.255.255.0 192.168.2.1
Student 8 FAST 0/4 192.168.2.9 255.255.255.0 192.168.2.1
Student 9 FAST 0/5 192.168.2.10 255.255.255.0 192.168.2.1
Student 10 FAST 0/6 192.168.2.11 255.255.255.0 192.168.2.1
Student 11 FAST 0/7 192.168.2.12 255.255.255.0 192.168.2.1
Student 12 FAST 0/8 192.168.2.13 255.255.255.0 192.168.2.1
Student 13 FAST 0/9 192.168.2.14 255.255.255.0 192.168.2.1
Student 14 FAST 0/10 192.168.2.15 255.255.255.0 192.168.2.1
Student 15 FAST 0/11 192.168.2.16 255.255.255.0 192.168.2.1
Student 16 FAST 0/12 192.168.2.17 255.255.255.0 192.168.2.1
Student 17 FAST 0/13 192.168.2.18 255.255.255.0 192.168.2.1
Student 18 FAST 0/14 192.168.2.19 255.255.255.0 192.168.2.1
Student 19 FAST 0/15 192.168.2.20 255.255.255.0 192.168.2.1
Student 20 FAST 0/8 192.168.2.21 255.255.255.0 192.168.2.1
Student 21 FAST 0/9 192.168.2.22 255.255.255.0 192.168.2.1
Student 22 FAST 0/10 192.168.2.23 255.255.255.0 192.168.2.1
Student 23 FAST 0/11 192.168.2.24 255.255.255.0 192.168.2.1
Student 24 FAST 0/12 192.168.2.25 255.255.255.0 192.168.2.1
Student 25 FAST 0/13 192.168.2.26 255.255.255.0 192.168.2.1
……. ……. …… ……. …..
Student 26 FAST 0/3 192.168.3.2 255.255.255.0 192.168.3.1
Student 27 FAST 0/4 192.168.3.3 255.255.255.0 192.168.3.1
Student 28 FAST 0/5 192.168.3.4 255.255.255.0 192.168.3.1
Student 29 FAST 0/6 192.168.3.5 255.255.255.0 192.168.3.1
Student 30 FAST 0/7 192.168.3.6 255.255.255.0 192.168.3.1
Student 31 FAST 0/8 192.168.3.7 255.255.255.0 192.168.3.1
Student 32 FAST 0/9 192.168.3.8 255.255.255.0 192.168.3.1
Student 33 FAST 0/10 192.168.3.9 255.255.255.0 192.168.3.1
Student 34 FAST 0/11 192.168.3.10 255.255.255.0 192.168.3.1
Student 35 FAST 0/12 192.168.3.11 255.255.255.0 192.168.3.1
Student 36 FAST 0/13 192.168.3.12 255.255.255.0 192.168.3.1
Student 37 FAST 0/14 192.168.3.13 255.255.255.0 192.168.3.1
Student 38 FAST 0/2 192.168.3.14 255.255.255.0 192.168.3.1
Student 39 FAST 0/3 192.168.3.15 255.255.255.0 192.168.3.1
Student 40 FAST 0/4 192.168.3.16 255.255.255.0 192.168.3.1
Student 41 FAST 0/5 192.168.3.17 255.255.255.0 192.168.3.1
Student 42 FAST 0/6 192.168.3.18 255.255.255.0 192.168.3.1
Student 43 FAST 0/7 192.168.3.19 255.255.255.0 192.168.3.1
Student 44 FAST 0/8 192.168.3.20 255.255.255.0 192.168.3.1
Student 45 FAST 0/9 192.168.3.21 255.255.255.0 192.168.3.1
Student 46 FAST 0/10 192.168.3.22 255.255.255.0 192.168.3.1
Student 47 FAST 0/11 192.168.3.23 255.255.255.0 192.168.3.1
Student 48 FAST 0/12 192.168.3.24 255.255.255.0 192.168.3.1

Student 49 FAST 0/13 192.168.3.25 255.255.255.0 192.168.3.1
Student 50 FAST 0/14 192.168.3.26 255.255.255.0 192.168.3.1
……. ……. …… …… …..
Printer - Manager FAST 0/14 192.168.1.7 255.255.255.0 192.168.1.1
Printer - Staff FAST 0/1 192.168.1.8 255.255.255.0 192.168.1.1
Printer - Teacher FAST 0/8 192.168.1.9 255.255.255.0 192.168.1.1
……. ……. …… ….. …..
Switch - 1St VLAN10 N/A 255.255.255.0 192.168.1.1
Switch - 1St - 2 VLAN10 N/A 255.255.255.0 192.168.1.1
Switch - 2St VLAN20 N/A 255.255.255.0 192.168.2.1
Switch - 2St - 2 VLAN20 N/A 255.255.255.0 192.168.2.1
Switch - 3St VLAN30 N/A 255.255.255.0 192.168.3.1
Switch - 3St - 2 VLAN30 N/A 255.255.255.0 192.168.3.1
……. ……. …… ….. …..
Wireless Router - 1St FAST 0/20 192.168.1.3 255.255.255.0 192.168.1.1
……. ……. …… ….. …..
Router - Main FAST 0/0.10 192.168.1.1 255.255.255.0 N/A
FAST 0/0.20 192.168.2.1 255.255.255.0 N/A
FAST 0/0.30 192.168.3.1 255.255.255.0 N/A
……. ……. …… ….. …..
Switch - Main FAST 0/2 N/A 255.255.255.0 192.168.1.1
FAST 0/3 N/A 255.255.255.0 192.168.2.1
FAST 0/4 N/A 255.255.255.0 192.168.3.1
……. ……. …… ….. …..
Mail - Server FAST 0/19 192.168.1.17 255.255.255.0 192.168.1.1
DNS - Server FAST 0/18 192.168.1.16 255.255.255.0 192.168.1.1
Web – Server FAST 0/21 192.168.1.16 255.255.255.0 192.168.1.1
2. Evaluate the design to meet the requirements. (P6)

2.1. Provide test plan (Screen shot of evidence of test such as ping test – connectivity test
etc.)
2.1.1 Test plan.
❖ Ping two computers on the same room and check the signal of the computer on the same
network.

➢ In Manager’s room: ping from Manager 4 (192.168.1.21) to Manager 5 (192.168.1.22).
Figure 11 Test in Manager’s room
➢ In Staff’s room: ping from Staff 1 (192.168.1.23) to Staff 8 (192.168.1.30).
Figure 12 Test in Staff's room

➢ In Teacher’s room: ping from Teacher 1 (192.168.1.35) to Teacher 6 (192.168.1.40).
Figure 13 Test in Teacher's room
➢ In Network Manager’s room: ping from N_Manager 2 (192.168.1.17) to N_Manager 3

(192.168.1.16).
Figure 14 Test in Network Manager’s room

➢ In Student Lab - 1ST: ping from Student 1 (192.168.2.2) to Student 3 (192.168.2.4).
Figure 15 Test in Student Lab - 1ST
➢ In Student Lab - 2ST: ping from Student 26 (192.168.3.2) to Student 28 (192.168.3.4).
Figure 16 Test in Student Lab - 2ST

❖ Ping two computers other than room and check the signal of the computer when it is differ-
ent from the network.
➢ Ping from Manager’s room to Staff’s room: Manager 2 (192.168.1.19) to Staff 10
(192.168.1.31).
Figure 17 Test in Manager’s room to Staff’s room
➢ Ping from Teacher’s room to Network Manager’s room: Teacher 6 (192.168.1.40) to N_Man-
ager 2 (192.168.1.17).
Figure 18 Teacher’s room to Network Manager’s room

❖ Ping two computers on different floor and check the signal of the computer between the
floor.
➢ Ping from ground floor to fisrt floor: Teacher 7 (192.168.1.41) to Student 8 (192.168.2.9).
Figure 19 Ping from ground floor to fisrt floor
➢ Ping from first floor to second floor: Student 25 (192.168.2.26) to Student 50 (192.168.3.26).
Figure 20 Ping from first floor to second floor

➢ Ping from ground floor to second floor: Staff 12 (192.168.1.29) to Student 40 (192.168.3.16).
Figure 21 Ping from ground floor to second floor
❖ Ping between the PC and the printer and check if the signal is connected to the printer or not.
➢ In Manager’s room: ping from Manager 5 (192.168.1.22) to Printer–Manager (192.168.1.7)
Figure 22 Ping from Manager 5 to Printer–Manager

➢ In Staff’s room: ping from Saff 6 (192.168.1.28) to Printer – Staff (192.168.1.8)
Figure 23 Ping from Saff 6 to Printer – Staff
➢ In Teacher’s room: ping from Teacher 8 (192.168.1.42) to Printer–Teacher (192.168.1.9)
Figure 24 Ping from Teacher 8 to Printer–Teacher

2.1.2 Test results summary table.
Ping test Content Devices Time test Result

oder
1 Ping Manager 4 to Manager 5 01/8/2023 Successfull
2 Ping Staff 1 to Staff 8 01/8/2023 Successfull
3 Ping Teacher 1 to Teacher 6 01/8/2023 Successfull
4 Ping N_Manager 2 to N_Manager 3 01/8/2023 Successfull
5 Ping Student 1 to Student 3 01/8/2023 Successfull
7 Ping Manager 2 to Staff 10 01/8/2023 Successfull
8 Ping Teacher 6 to N_Manager 2 01/8/2023 Successfull
9 Ping Teacher 7 to Student 8 01/8/2023 Successfull
11 Ping Staff 12 to Student 40 01/8/2023 Successfull
12 Ping Manager 5 to Printer – Manager 01/8/2023 Successfull
13 Ping Saff 6 to Printer – Staff 01/8/2023 Successfull
14 Ping Teacher 8 to Printer–Teacher 01/8/2023 Successfull
Table 3 Test results summary table.

2.2. Evaluate the design of the network
➢ In this design, I have 1 main router and 1 main switch to connect to the switches of the floors
in the system, making the scalability when needed to change is great, the router is used to meet the
requirements. of users and ensure data is transmitted at the fastest possible speed, minimizing net-
work latency. In addition, instead of using 1 router and 2 switches for each floor, I only use 1 router
and 1 switch for the whole system and only 2 switches per floor, saving costs for customers. In
addition, because it is a school, the demand for network use is very high, so I have arranged a wifi
transmitter on each floor to meet the needs of all students and teachers of the school. Furthermore,
my design will include a DNS server and a Mail server, and a Web server for tighter mail and network
information management. In the end, I used ip addresses like 192.168.1.0, 192.168.2.0, 192.168.3.0
divided from 192.168.0.0/16 IP address range to connect for tiers respectively which reduces the
cost for schools and increase the scalability of the network.
2.2.1 Advantages of the network
- Efficient management: Each floor is divided into three sub-networks, helping to manage and
monitor the network more efficiently. The separate layers can be managed independently but still
connect to each other through routers and switches.
- Cost savings: Using the same router and switch for each floor as well as using the same ip
address initially allocated and divided helps to reduce investment costs in network equipment.
- Easy to expand: When the network needs to be expanded, just add switches and devices to
the new floor without changing the overall network structure.
- Bandwidth division: Splitting the network into three subnets at each tier reduces competi-
tion and ensures higher network performance.
- Security: Dividing the network into three small networks helps isolate important data and
information of departments, reducing the risk of outside attacks.
2.2.2. Show limitation of your design based on the user requirement and the strength
- Point of Failure: If a common router or switch goes down, the entire network in the building
will be affected and cannot access the internet or network services.
- Bandwidth constraints: Dividing a network into three subnets can cause bandwidth con-
straints for each tier, especially when tiers have large demands on the internet or network resources
at the same time.

- Unconsidered design: Sometimes, unconsidered or suboptimal network division can cause
waste of resources and lead to poor network performance.
- Security: Although network segmentation can improve security, the quality is not guaran-
teed, hackers can break in and steal data because they are not equipped with a firewall.
- Complex management: With many devices and departments, managing and maintaining the
network becomes more complex and requires high technical knowledge.
2.2.3. What advice and solution would you provide to the network for efficiency and usage.
- Upgrade network equipment: Invest in leading routers and switches that provide better se-
curity and maintenance to reduce risk of failure and improve network performance.
- Upgrade bandwidth: Consider expanding network bandwidth to meet increasing usage de-
mand, maybe consider 10Gbps or 40Gbps.
- Optimize network design: Review the current network structure and optimize network divi-
sion to ensure maximum performance and save resources.
- Enhanced security: Apply optimal security solutions such as powerful firewalls, data encryp-
tion, and advanced authentication to ensure the safety of network data and information.
- Improve professional knowledge: Ensure employees have enough knowledge and skills to
effectively manage and operate the network, thereby minimizing risks in network management.
- Build flexibility: Design your network so it's scalable and easy to change as needed. Adopt
flexible solutions to adapt to the changing and future expansion of the organization.
- Backup and restore data: Perform periodic backups to ensure that important data is not lost
in the event of a problem.
- Periodic maintenance: Perform periodic testing and evaluation of network performance and
effectiveness of deployed solutions, so that the network can be optimized and adjusted in the best
direction.
3. Install and configure network services and applications on your choice. (M3)
3.1. DHCP Server
3.1.1 DHCP Server definedation.
Define: is a server with the function of providing ip address and network configuration for
each device in the computer network, saving time and effort to set up the network.

Figure 25 DHCP server
- Function: Automatic allocation and management of IP addresses along with network configura-
tion allocation.
3.1.2 Step to set DHCP server.
Step 1: access the DHCP_server to set DHCP.
Figure 26 Step to set DHCP server.

Step 2: Select Desktop >> proceed to set a static IP address for the DHCP server for the ports of
the floors.

Step 3: After successfully setting the IP address for each port of the floors, we go to Services
>> select DHCP >> turn on >> proceed to set "pool name", "Default Gateway" and "DNS server" for
DHCP server >> click Save button to save and proceed to use DHCP service.

Step 5: select each device of each different floor.

Step 6: choose Desktop >> IP Configuration >> press DHCP. And do the same for all devices
in each floor except printers, wifi transmitters, servers.

Step 7: to check that the service was installed successfully or not. we continue to access the
Router >> select CLI >> enter the commands "show ip dhcp pool" / "show ip dhcp binding"
to check dhcp connection and DHCP pool information.

Figure 34 Step to set DHCP
3.2. DNS Server

3.2.1 DNS Server definedation.
- Define: DNS Server, also known as Domain Name System, is an or-

dered naming system for computers and services participating in the In-
ternet. Strictly speaking, it is a domain name resolution system with the
correct IP address.
- Function: The DNS Server is responsible for assigning domain names
and mapping names to IP addresses by specifying authoritative servers
for each domain.
3.2.2 Step to set DNS server.

Step 1: access the DNS server.
Figure 35 Step to set DNS server.
Step 2: select Desktop >> set static ip address for DNS server.

Step 3: select Services >> select DNS >> turn on >> enter information like "Name" and "Ad-
dress".
Step 4: Click the "Add" button to enter the information into the server.

3.3. Web Server
3.3.1 Web Server definedation.
- Define: is a computer connected to a computer network that stores

and delivers content for a web page in the form of text, images, video,
and application data for requests from the device over the HTTP (Hy-
pertext Transfer Protocol).
- Function: stores and serves requests from websites that allow us-
ers to interact with content on the internet.
3.3.2 Step to set Web server.
Step 1: access the Web server.
Figure 39 Step to set Web server

Step 2: select Desktop >> set static ip address for Web server.
Step 3: select Services >> select HTTP >> turn on >> select "edit" in the "index.html" section.

Step 4: edit the content in the index.html section.

Step 5: To check whether the installation is successful or not, we access any computer on
the network.
Step 6: select "Web Browser", then enter the address to visit and press "Go" and the content
of the web will appear.

3.4. Mail Server

3.4.1 Mail Server definedation.
- Define: Mail Server or Email Server is a server system that is individually configured for each busi-
ness to perform tasks such as sending and receiving email messages at high speed.

- Function: It is used to process and store email, allowing users to send and receive email messages
through protocols such as SMTP (Simple Mail Transfer Protocol) and POP3 (Post Office Protocol 3) or
IMAP (Internet Message Access Protocol).
3.4.2 Step to set Mail server.
Step 1: Access the Mail server.
Figure 46 Step to set Mail server.

Step 2: select Desktop >> set static ip address for Mail server.

Step 3: select Services >> select Email >> turn on >> enter information in the "Domain Name"
/ "User" and "Password" fields, then click the "+" button to put the data into the Mail server .

Step 4: To check whether the installation is successful or not, we access any computer on
the network.

Step 5: select "Email", then create an account for the device, follow the same steps as above
to get an account for another device.


Step 6: After creating an account successfully, click Compose >> enter your Email address in
the "To" section and your content in the "Subject" section and then click "Send". When sending
successfully, there will be a message "Mail Send Success"

3.5 Configuation Router – Wifi.
Router – Wifi Ground floor.
- To proceed with the Router-Wifi installation, I will first go to wifi >> GUI >> select Setup and
set the static ip address for it to be "192.168.1.3 / 255.255.255.0". Next I will proceed to set the
output ip address for Router-Wifi as "192.168.10.1," this IP address will be allocated automatically
when a certain wireless device connects and uses wifi.
- After I have successfully set the IP, I will press "Save Settings".
After I have successfully set the IP, I will press "Save Settings".

- Second, I will click on Wireless >> select Basic Wireless Settings and name the network
"First-floor". Next, I will select the Wireless Security section to proceed with setting a password for
Wifi.
- After I have successfully set the Name and Password, I will press "Save Settings".

Router – Wifi First floor.
- Following the same steps as above, I will configure Router-Wifi Second floor with IP address
"192.168.2.27/ 255.255.255.0" and output IP address for wifi is "192.168.20.1".

- Name the Router-Wifi as "Second floor" and the Password as "12345678".

Router – Wifi Second floor.
- Following the same steps as above, I will configure Router-Wifi Second floor with IP address
"192.168.2.27/ 255.255.255.0" and output IP address for wifi is "192.168.20.1".

- Name the Router-Wifi as "Second floor" and the Password as "12345678".

CHAPTER 4 : IMPLEMENT AND DIAGNOSE NETWORKED SYSTEMS. (L04)
2. Implement a networked system based on a prepared design. (P7)
2.1. Show evidence of a working network you’ve design
- In my network design diagram between routers and switches, I used tree topology to create
the network which means that from a main router it will initially be brought down to a main switch
and then branched out. child switches at each layer. This helps each device work independently,
making it easy to troubleshoot if something goes wrong, and when something goes wrong, it doesn't
affect the entire network. This makes detection and repair easier. In addition, implementing a tree
topology allows efficient division of network resources and information traffic among subnet
branches, integrates other topologies in the network, and provides me with the ability to network
expansion in the future.
Figure 53 Tree topology
- Based on the advantage of tree topology, it can integrate other networks in the main network,
so I used star topology to connect between rooms and floors with the specific router here. are indi-
vidual switches for each floor. This helps to speed up access, improve data transmission perfor-
mance between devices, and when something goes wrong, it doesn't affect the entire network and
other devices can still operate normally.

Figure 54 Star Topology
- Because the large number of devices in the network diagram, setting a static IP becomes dif-
ficult and time consuming. So I implemented a DHCP (Dynamic Host Configuration Protocol) service
to automatically allocate IP addresses to devices. This makes IP setting easier and saves time.
- Here are some IP addresses that have been automatically allocated using the DHCP service
and the results when pinging between devices in each floor:
❖ Ground floor.
• Device 1: N_Manager 2.
Figure 55 Device 1: N_Manager 2.
• Device 2: Manager 3.
Figure 56 Device 2: Manager 3

• Device 3: Staff 7.
Figure 57 Device 3: Staff 7
• Device 4: Teacher 9.
Figure 58 Device 4: Teacher 9

• Ping N_Manager 2 to Teacher 9
Figure 59 Ping N_Manager 2 to Teacher 9
• Ping Manager 3 to Staff 7.
Figure 60 Ping Manager 3 to Staff 7

• Ping Manager 3 to Printer-Manager.
Figure 61 Ping Manager 3 to Printer-Manager
• Ping Staff 7 to Printer-Manager.
Figure 62 Ping Staff 7 to Printer-Manager

• Ping Teacher 9 to Printer-Teacher.
Figure 63 Ping Teacher 9 to Printer-Teacher
❖ Second floor.
• Device 1: Student 11.
Figure 64 Device 1: Student 11

• Ping Student 11 to Student 20.
Figure 66 Ping Student 11 to Student 20

❖ Third floor.


• Ping Student 34 to Student 37.
Figure 69 Ping Student 34 to Student 37
2.2. Show the implemented system

2.2.1 Logical Design
Figure 70 Logical Design

2.2.2 Physical Design
Figure 71 Physical Design
In the above overview network diagram, I have succeeded in combining the two topologies,
which are Tree topology and Star topology, to help optimize data transmission performance, and to
be flexible in terms of network scalability. later, while minimizing management and maintenance
issues and enhancing load distribution between floors and devices.
Also in the above diagram I have created a network diagram including: 7 Switches, 1 Router,
85 Computers, 3 Printers and 3 Servers. Specifically, I have designed the above diagram to include
3 separate floors to suit the needs of the customer. First, the ground floor includes 4 different small
rooms: Teacher's room, Staff room, Management room, Network management room using up 2
switches, 1 Wireless router, 3 Printers, 3 Servers, 35 Computers. The 1st floor includes 1 Student

Lab of 1ts using all 25 Computers, 1 Wireless router and 2 Switches. The 2nd floor includes 1 Student
Lab room of 2ts using all 25 Computers, 1 Wireless router and 2 Switches. There is also 1 main router
and 1 main switch.
In addition, the network system has been successfully designed and is working very well to
fully meet the needs of customers. The main router always ensures that data is transmitted quickly
and accurately to the switches and finally to devices such as computers for use in needs such as
surfing the web, doing calculations, printers. used in document printing and servers are always op-
erating at full capacity to provide services such as email, web services, data processing and storage.
3. Document and analyze test results against expected results. (P8)

3.1. Provide a step by step configuration of network devices in the network (Choose a device
in the network and provide all the steps for configuration)
3.1.1 Configuation Switch_Main.
- First, I will access the main switch to divide the entire network into three different networks
that are VLAN 10, VLAN 20 and VLAN 30 with the corresponding names for each network as "First -
floor" / "Second" - floor" / "Third - floor".
Figure 72 Configuation Switch_Main

- Second, I will assign ports Fa0/2 with VLAN 10, port Fa0/3 with VLAN 20, port Fa0/4 with VLAN
30.

- Third, I will turn on trunking mode for VLAN 10, VLAN 20, VLAN 30 ports to reduce the number
of physical ports and make communication between different VLANs easier and more efficient.

3.1.2 Configuation Router_Main.
- To configure the main Router for the entire network, I will first access the Router's CLI and set
the IP addresses for the VLANs that have been divided on the Switch. The specific IP addresses I use
for the floors are " 192.168.1.0 / 255.255.255.0 - VLAN 10", "192.168.2.0 / 255.255.255.0 - VLAN
20", "192.168.3.0 / 255.255.255.0 - VLAN 30" ".
Figure 75 Configuation Router_Main
- Second, I will use the DHCP service to automatically allocate IPs for devices in the system be-
cause the number of network devices is too much if setting a static IP address for each device will
waste time and effort. power, except for devices that are required to have fixed IP addresses such
as: Server, printer, wifi department.

- Third I would access the Fa0/0 port to turn it on.

3.2. Test results against test plans
3.2.1 Test case 1: check DHCP service for each floor.
➢ Ground floor.

I was checked the DHCP for the ground floor which I have been configured before. Click on
the Devices => Desktop => IP configuration => then click on DHCP. As the result, we have already
successful configured.
➢ First floor.
I was checked the DHCP for the first floor which I have been configured before. Click on the
Devices => Desktop => IP configuration => then click on DHCP. As the result, we have already suc-
cessful configured.

➢ Second floor.
I was checked the DHCP for the second floor which I have been configured before. Click on the
Devices => Desktop => IP configuration => then click on DHCP. As the result, we have already suc-
cessful configured.
3.2.2 Test case 2: check ping between devices in network.
➢ Ping from Manager 4 to Manager 5.

➢ Ping from Staff 1 to Staff 8.
➢ Ping from Teacher 1 to Teacher 6.

➢ Ping from N_Manager 2 to N_Manager 3.
➢ Ping from Student 1 to Student 3.

➢ Ping from Manager 2 to Staff 10

➢ Ping from Teacher 6 to N_Manager 2.
➢ Ping from Teacher 7 to Student 8.

➢ Ping from Staff 12 to Student 40.

➢ Ping from Manager 5 to Printer–Manager.
➢ Ping from Saff 6 to Printer – Staff.

➢ Ping from Teacher 8 to Printer – Teacher.
Now, I will check the connection between each device by pinging. The result was not beyond
my expectations because after implementing the DHCP service, I checked by sending mail to all de-
vices, so the loss rate is 0%. So my second case was tested successfully.
3.2.3 Test case 3: check send mail from computer from this room to another room.

Now, I try to check the email service. Firstly, I compose mail from the sinhvien@fpt.vn (Student
10) PC and send it to giaovien@fpt.vn (Teacher 15) on the ground floor. Then, I click “receive” on
pc Teacher 15 and it 100% meet my expectation that it canbe received mail from the sinhvien@fpt.vn
PC.
3.2.4 Test case 4: check HTTP service (Website).
The last step is to check the HTTP service (web service) by using computer Student 35 on the sec-
ond floor. This step is very easy to do, we just need to click on the PC => Desktop => type Web
browser => search for the website (webbtec.vn). As the result, it successfully response the require-
ment.

3.2.5 Test Router – Wifi.
To check if I have successfully installed the router, I will follow these steps:
- First, I will add to the system 3 laptops for each floor and named respectively "Lap-
top_test-1st", "Laptop_test-2st", "Laptop_test-3st".
❖ In Ground-floor
- Step 1: I access the Laptop of the 1st floor >> go to the physical section >> turn off
the Laptop >> remove the default port of the Laptop

- Step 2: Add the "WPC300N" port to the Laptop and turn on the Laptop.
- Step 3: Click Config >> Wireless0 >> enter information such as SSID (network name),
PSK Pass Phrase (network password).

- Step 4: Go to Deskop and turn on the machine's DHCP service to automatically be
granted IP of Router-Wifi.
- Step 5: To check if the connection is successful or not, when you exit the network
diagram, you will see a transmission line showing the connection between the Laptop and
the Router-Wifi.
To be more sure, I will visit the Web page that I created from the beginning to check that the
machine is connected successfully or not.

❖ In First-floor.
- On this floor I will follow the same steps as the ground floor.
Step 1: I access the 2nd floor Laptop >> go to the physical section >> turn off the laptop >>
remove the default port of the laptop and add the "WPC300N" port to the laptop and turn on the
laptop.

Step 2: Click Config >> Wireless0 >> enter information such as SSID (network name), PSK Pass
Phrase (network password).

Step 3: Go to Deskop and turn on the machine's DHCP service to automatically be granted IP
of Router-Wifi.
Step 4: To check whether the connection is successful or not, when you exit the network
diagram, you will see a line showing the connection between the Laptop and the Router-Wifi.
To be more sure, I will visit the Web page that I created from the beginning to check if the
device has successfully connected or not.

❖ In Second-floor.
On this floor I will follow the same steps as the above floor.
Step 1: I access the 3rd floor Laptop >> go to the physical section >> turn off the laptop >>
remove the default port of the laptop and add the "WPC300N" port to the laptop and turn on the
laptop.

Step 2: Click Config >> Wireless0 >> enter information such as SSID (network name), PSK Pass
Phrase (network password).

Step 3: Go to Deskop and turn on the machine's DHCP service to automatically be granted IP
of Router-Wifi.
Step 4: To check whether the connection is successful or not, when you exit the network
diagram, you will see a line showing the connection between the Laptop and the Router-Wifi.
- To be more sure, I will visit the Web page that I created from the beginning to check if the
device has successfully connected or not.

- And finally after doing all the above steps my Router-Wifi installation was successful.

3.2.6 Summary Table Of Test Results.
Table 4 Test results summary table.
Ping test Content Devices Time test Result Grade
oder
1 Ping Manager 4 to Manager 5 05/8/2023 Successfull Passed
2 Ping Staff 1 to Staff 8 05/8/2023 Successfull Passed
3 Ping Teacher 1 to Teacher 6 05/8/2023 Successfull Passed
4 Ping N_Manager 2 to N_Manager 3 05/8/2023 Successfull Passed
5 Ping Student 1 to Student 3 05/8/2023 Successfull Passed
7 Ping Manager 2 to Staff 10 05/8/2023 Successfull Passed
8 Ping Teacher 6 to N_Manager 2 05/8/2023 Successfull Passed
9 Ping Teacher 7 to Student 8 05/8/2023 Successfull Passed
11 Ping Staff 12 to Student 40 05/8/2023 Successfull Passed
12 Ping Manager 5 to Printer – Manager 05/8/2023 Successfull Passed
13 Ping Saff 6 to Printer – Staff 05/8/2023 Successfull Passed
14 Ping Teacher 8 to Printer–Teacher 05/8/2023 Successfull Passed
15 Send mail Student 10 to Steacher 15 05/8/2023 Successfull Passed
16 Surf the Student 35 05/8/2023 Successfull Passed

web

3.2.7 List send mail.
4. Recommend potential enhancements for the networked systems. (M4)

In my above network system, there are many limited bugs that need to be modified to increase
security against hacker attacks to steal data, privacy as well as ensure operation. long-term stability
of the system, the least amount of waste, and especially the increase in the long-term development
of the system later when there is a structural change such as adding or reducing the number of
rooms. and here are some specific limitations in the article that I discovered and measures to over-
come those limitations:
4.1 Network Security.
The above network system has not mentioned more advanced security measures in the net-
work system. In addition to dividing the network into different VLANs, it only helps to ensure secu-
rity within the system, but cannot prevent hackers from finding out the system's vulnerabilities,
thereby infiltrating and stealing important data. That's why I would suggest using Access Control
Lists (ACLs) to control access between VLANs which can create security holes.
ACLs (Access Control Lists) are an important means of determining access rights between
different network zones. For example, you can configure the ACL to prevent access from the teach-
er's network to the administrator's network. This helps prevent potential risks from unauthorized
access to improve data security.

In addition, port filtering can be used to control the type of services and applications that
are alloWeb to operate in each VLAN for enhanced control, improvement, and performance in the
network.
Furthermore, it is necessary to define and implement specific security policies, including

authentication and authorization policies, and to check bandwidth traffic to ensure that only users
have access to and perform specific actions. necessary action.
4.2 Backup and Restore.
- The above network system does not refer to the implementation of important data backup
plans and troubleshooting plans. This can put your important data at risk and your ability to recover
from a crash will be affected when faced with unexpected circumstances such as virus attack, hacker
attack.
- First, define and implement a regular backup plan by creating a schedule that checks and
backs up daily, monthly, quarterly, and yearly for important data on the server, including your data.
data on DNS, Mail, and Web servers.

- There are many steps to recovery but in this section I will outline some of the most common
steps currently available:
➢ Step 1: Identify important network data that you need to back up such as device configura-
tion, user data, applications and important documents.
➢ Step 2: Determine the frequency of backups based on data needs, importance, and changes.
Some data may need daily backups, others may be backed up weekly or even monthly or yearly.
➢ Step 3: Choose the most suitable backup method for your data that can fully meet your
needs and best budget. There are different backup methods, including cloud backup, on-device
backup, network backup, and more.
➢ Step 4: Set up an automatic backup schedule to ensure that backups are performed regularly
at the specified frequency without problems that make the frequency of interruptions a condition
for hackers. This ensures that the data is always up to date and secure.
➢ Step 5: Regularly test backups by performing a test restore from backups to ensure that data
can be restored correctly and quickly when needed.
➢ Step 6: Secure storage: Ensure that backups are stored securely, away from the original lo-
cation of the data in case of physical damage or disaster.
➢ Step 7: Develop a plan to recover data when something goes wrong. This includes identifying
who is responsible for recovery, how to restore and the expected recovery time, categorizing recov-
ery scenarios, and prioritizing data.
- Periodically test backup and restore plans to ensure their effectiveness and availability.

4.3 Monitoring and Management.
- In the above network system, the implementation of network monitoring and management
tools has not been mentioned to monitor the system's activities including performance, data traffic,
bandwidth and unexpected problems. can happen. The lack of monitoring tools can lead to the in-
ability to quickly detect and resolve network problems when there is a problem, leading to delays
in network operations and affecting work progress of the user.
- First you need to understand the network monitoring tool that helps monitor the activity of
network devices, connection status, resource usage and has the ability to detect problems early.
Currently, there are many monitoring tools that support monitoring network activities such as:
Wireshark, Nagios, Zabbix, PRTG Network Monitor, SolarWinds Network Performance Monitor,
Cacti, Splunk, Prometheus, Cisco Prime Infrastructure, ManageEngine OpManager .
- Second, you need to determine your needs and financial capabilities to find the most suitable
system. Network management tools help you easily perform management tasks such as updating
software, monitoring system changes, warning when there is a problem and statistics on system
performance, monitoring and analyze network packets, statistics and reports on the status of net-
work devices, generate graphs of network resources such as bandwidth, CPU, memory, monitor the
cloud computing environment and system dispersed. Remote management and automation are also
important aspects of effective network management.

- By implementing network management and monitoring tools that will make it easier to trou-
bleshoot network problems, improve performance, and increase system availability.
4.4 Firewall.
- In the above network, it is not mentioned that the implementation of a firewall (Firewall) to
protect the system from attacks from hackers. This can cause security holes and the possibility of
malicious applications attacking the system, reducing system performance even if it only delays the
entire network.
- Firewalls are an additional layer of protection to control and inspect network traffic based on
the content and applications that traffic is using. This helps prevent attacks from malicious applica-
tions or invalid authentication.
- Currently, there are many types of firewalls created to suit the needs of different individuals
such as: Host-based Firewall, Application Layer Firewall, Stateful Firewall, Packet Filtering Firewall.
- Malicious applications, malicious code often take advantage of vulnerabilities in the application
to attack the system. Application firewalls help prevent or mitigate this risk by inspecting and block-
ing unusual network traffic patterns.
- Deploying a firewall improves network security by preventing and detecting attacks from mali-
cious applications, minimizing the risk of security holes, and ensuring data integrity.

4.5 Managing network resources.
- The above network system has not mentioned the management and monitoring of the use
of bandwidth and network resources. This can lead to uncontrolled resource usage, waste resources
for unnecessary purposes, increase costs incurred, and can reduce performance and connection
problems.
- First we need to understand network resource management is the process of monitoring, con-
trolling and optimizing the use of network resources such as bandwidth, data transfer speed and
server resources.
- By implementing network monitoring tools like I mentioned in the third part such as: Wireshark,
Nagios, Zabbix, PRTG Network Monitor, SolarWinds Network Performance Monitor, Cacti, Splunk,
Prometheus, Cisco Prime Infrastructure, ManageEngine OpManager, you can monitor the usage of
network resources, including bandwidth, data transfer rate and server resources. This helps you
predict and detect overloads before it affects performance.
- Applying network resource management can help control and prioritize resource usage, thereby
ensuring that the network is efficient, high-performance, and responsive to user needs.
- In addition to monitoring network resources, it is necessary to periodically check performance

and optimize the network to ensure that resources are used effectively, including: changing the

appropriate configuration, optimizing equipment in the network and manage network traffic and
bandwidth for peak performance.
4.6 Policy and access control.
- In the above network, there is no mention of policy enforcement and access control to man-
age user access to network resources. This can lead to uncontrolled access and can pose security
and intrusion risks.
- Use authentication and authorization mechanisms to ensure that users only have access to
the resources they need to work. A typical way is to implement LDAP (Lightweight Directory Access
Protocol) to manage user and group lists. LDAP (Lightweight Directory Access Protocol) is a standard
protocol used to access and manage information in directory services.
- Some important aspects of LDAP are:
• Authentication: LDAP allows user authentication based on username and password. When a
user tries to access the system, their credentials are sent to the LDAP server for authenticity check-
ing. If the credentials are correct, they are granted the right to access and use the service according
to the permissions granted by the system.
• Authorization: After authentication, LDAP provides a mechanism to manage user access
rights. By setting permission rules in the LDAP system, you can determine which users or groups of

users have access to specific resources. For example, a teacher can access the class's grade list, but
not the network administrator's data.
• Manage user and group lists: LDAP allows you to organize and manage user information,
including personal information, usernames, passwords, and access rights. You can organize users
into groups and manage access rights by groups.
- By applying policies and access control will prevent unauthorized access, protect user infor-
mation and reduce the risk of being hacked into the system. This also helps ensure the security of
critical data and network resources
4.7 Secure IP address and network.
- In the above network, there is no mention of implementing IP address and network security.
This can lead to the risk of exposing important information and network attacks from outside.
- Where VPN is a type of network that simulates a private network on a public internet connec-
tion. It establishes a secure connection by hiding your IP address and encrypting your internet traffic
thereby increasing the security of your ip address against hacker attacks. A VPN connection can also
grant you access to geo-restricted content.
- NAT (Network Address Translation) is a technique that allows one or more intra-domain IP
addresses to be converted to one or more out-of-domain IP addresses.

- Here is how NAT works to hide the real IP address of the server and device: First, when packets
leave the internal network and pass through the NAT, the internal IP address will be replaced with
the public IP address. This makes the IPs of devices on the internal network difficult to detect from
the outside, reducing the possibility of direct IP address attacks. Next, NAT will disperse the attack
from the outside by making the internal IP addresses become the same when sharing the same
public IP address. This makes it more difficult to identify the target of the attack.
- Finally, make sure to maintain regular updates for network devices and routers to ensure
that new security holes are patched as soon as they are discovered.
4.8 Fault Recovery.
- In the above network, it is not mentioned that the implementation of the plan to over-
come the consequences of the incident. This may result in the inability to quickly and efficiently
restore the network after a failure.
First, a disaster recovery plan is critical to ensuring network availability and reliability.
Common types of incidents that can occur should be identified (e.g. outages, hardware failures,
network attacks) and a plan developed to restore the network after each type of failure.
- Second, define methods and procedures for recovering data and network services after an
incident. This may include backing up your data regularly and planning to restore from those back-
ups.

- Finally, regularly test and test the recovery plan to ensure that it works as expected and
can be done in case of need.

CONCLUSION
I am extremely grateful for the opportunity to express my heartfelt appreciation to Teacher
Nguyen Bao Quoc, whose unwavering dedication and exceptional teaching style have profoundly
impacted my understanding and passion for networking. Under the guid-ance of such an inspiring
mentor, I have not only acquired a comprehensive knowledge base but have also been captivated
by the intricate and fascinating world of networking.
Throughout the course, Teacher Nguyen Bao Quoc's meticulous attention to detail and abil-
ity to present complex concepts in an engaging manner has truly made a signifi-cant difference in
my learning journey. Every lesson was an immersive experience, where I eagerly absorbed each
piece of information, expanding my intellectual horizons and opening up new possibilities for per-
sonal and professional growth.
In conclusion, I would like to express my sincere gratitude to Mr. Nguyen Bao Quoc for his
dedication, creative communication, and profound influence on our learning jour-ney. His detailed
and interesting way of teaching ignited our passion and opened up a new world of potential. We
are grateful for his guidance and are committed to continuing to discover, apply, and refine the
knowledge we have learned to become trusted networking experts in the future.

CRITICAL EVALUATION
The first part of Chapter 3 is to understand the difference between logical and physical de-
sign. Logical design focuses on addressing and network structure, choosing network protocols, and
defining IP addressing plans. Meanwhile, physical design deals with the selection of network equip-
ment and physical structure, including cabling and cooling requirements. Next, understanding user
requirements is important to ensure the network meets their needs. Collecting information about
the organization's goals, user expectations, and the nature of the applications that will run on the
network ensures that the network is tuned to provide optimal performance, security, and accessi-
bility. We then provide the logical design of the network, including the network topology, network
protocols, IP address plans, and services such as DHCP, DNS, and web servers. This design is intended
to create an efficient and easy-to-manage network.
Second, in Chapter 4, the network will be deployed and comprehensively tested to evaluate
whether the design meets the stated requirements. The assessment includes connectivity tests such
as ping tests, performance analysis, and security assessments to identify potential limitations and
improvements. Finally, we suggest potential improvements to the network, including hardware up-
grades, security measures, and network protocol optimization. The result is a robust and reliable
network that efficiently serves the organization and its users.

REFERENCES
1. https://docs.oracle.com/cd/A81042_01/DOC/server.816/a76994/logical.htm#
2. https://docs.oracle.com/cd/A81042_01/DOC/server.816/a76994/logical.htm#
3. https://graphicalnetworks.com/blog-physical-network-diagrams-explained/#
4. https://docs.oracle.com/database/121/TDPDW/tdpdw_logdes.htm#TDPDW343
5. https://eu-images.contentstack.com/v3/as-
sets/blt66983808af36a8ef/blt0d5ea400a80f510a/646288579c575d0d1eb56fb4/ddos-Golden_Si-
korka-AdobeStock.jpg
6. https://2.bp.blogspot.com/-K1Cz0BbBGQg/WL2_FmQl_6I/AAAAAAAAAP8/17hAh-
fsT8yg3QVY7DfKgVz0bTqrHUX_AgCLcB/s1600/Backup-and-Restore.png
7. https://pbs.twimg.com/media/Cx8Sk_MUsAA1GPj.jpg
8. https://eclipsys.ca/wp-content/uploads/2021/10/Oracle-Audit-Vault-20.4-Part-2-Installation.jpeg
9. https://i.pinimg.com/originals/f8/5f/82/f85f82a4111ecc92d1b73dc5a5b22426.jpg
10. https://enrouteeditor.com/wp-content/uploads/2021/06/CISM-easier-than-Cissp.jpg
11. https://codegeekz.com/wp-content/uploads/secure-IP-Address-735x413.jpeg
12. https://www.network-packet.com/photo/pl26448217-
acl_access_control_list_functionality_in_npb_dynamic_packet_filter.jpg

7393 - BD00345 - SE06202 - Assigment 2 - Ngô Nguyễn Nhật Linh

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

7393 - BD00345 - SE06202 - Assigment 2 - Ngô Nguyễn Nhật Linh

Uploaded by

Copyright:

Available Formats

BTEC FPT INTERNATIONAL COLLEGE

STUDENT : NGO NGUYEN NHAT LINH

Da Nang, August, 2023

Qualification BTEC Level 5 HND Diploma in Computing

Unit number and title Unit: Networking

Date received (1st sub-

Date received (2nd

Ngo Nguyen Nhat

Class Assessor name Nguyen Bao Quoc

Grade: Assessor Signature: Date:

Signature & Date:

TABLE OF CONTENT ................................................................................................................... ii

LIST OF TABLES AND FIGURES.................................................................................................... iv

LIST OF ACRONYM ...................................................................................................................viii

CHAPTER 3: DESIGN EFFICIENT NETWORKED SYSTEMS. (L03) ...................................................... 2

2. Evaluate the design to meet the requirements. (P6) ..........................................................15

2.2. Evaluate the design of the network ........................................................................24

3.1. DHCP Server ............................................................................................................25

3.2. DNS Server ...............................................................................................................31

3.3. Web Server ..............................................................................................................34

3.4. Mail Server ..............................................................................................................38

CHAPTER 4 : IMPLEMENT AND DIAGNOSE NETWORKED SYSTEMS. (L04) ................................... 50

2. Implement a networked system based on a prepared design. (P7).....................................50

2.1. Show evidence of a working network you’ve design ..............................................50

2.2. Show the implemented system...............................................................................59

3.2. Test results against test plans .................................................................................65

4. Recommend potential enhancements for the networked systems. (M4) ...........................87

4.1 Network Security. .....................................................................................................87

4.2 Backup and Restore..................................................................................................88

4.3 Monitoring and Management. .................................................................................90

4.4 Firewall. ....................................................................................................................91

4.5 Managing network resources...................................................................................92

4.6 Policy and access control. ........................................................................................93

4.7 Secure IP address and network. ...............................................................................94

4.8 Fault Recovery. .........................................................................................................95

Figure 1 Logical Design ....................................................................................................................2

Figure 2 Physical Design ..................................................................................................................3

Figure 3 Ground Floor......................................................................................................................7

Figure 4 Network Manager’s room .................................................................................................8

Figure 5 Teacher’s room ..................................................................................................................9

Figure 6 Student's lab ......................................................................................................................9

Figure 7 Student lab's room ..........................................................................................................10

Figure 8 Switch and Router ...........................................................................................................10

Figure 9 Ground Floor....................................................................................................................11

Figure 10 First Floor .......................................................................................................................11

Figure 11 Seconds Floor ................................................................................................................12

Figure 12 Switch and Router .........................................................................................................12

Figure 13 Test in Manager’s room.................................................................................................16

Figure 14 Test in Staff's room .......................................................................................................16

Figure 15 Test in Teacher's rooom ...............................................................................................17

Figure 16 Test in Network Manager’s room ..................................................................................17

Figure 17 Test in Student Lab - 1ST ...............................................................................................18

Figure 18 Test in Student Lab - 2ST ...............................................................................................18

Figure 19 Test in Manager’s room to Staff’s room........................................................................19

Figure 20 Teacher’s room to Network Manager’s room ...............................................................19

Figure 21 Ping from ground floor to fisrt floor ..............................................................................20

Figure 22 Ping from first floor to second floor ..............................................................................20

Figure 23 Ping from ground floor to second floor .........................................................................21

Figure 24 Ping from Manager 5 to Printer–Manager ....................................................................21

Figure 26 Ping from Teacher 8 to Printer–Teacher ......................................................................22

Figure 27 DHCP server ..................................................................................................................26

Figure 28 Step to set DHCP server. ................................................................................................26