course work network and it
TRANSCRIPT
-
8/8/2019 Course Work Network and It
1/16
University of Wales
M.SC
KCB ID NO: 13945
ASSIGNMENT TITLE: COMPUTER NETWORKS AND INTERNET
MODULE LEADER: MENGISTU AYANE
DATE OF SUBMISSION: 02/09/2010
-
8/8/2019 Course Work Network and It
2/16
CONTENTS
1. INTRODUCTION 01
2. SOLUTION:HARDWARE + SOFTWARE 03
LOGICAL AND LOGICAL TOPOLOGY OVERALL
3.
DETAILED SOLUTION TOPOLOGY,WHAT 05
CONNECTION FOR LOCAL PLUS REMOTE SITES
4. SUBNETS 06
5. SECURITY ISSUES 10
6. TYPES OF LINKS 10
7. IP ADDRESSES 11
8. VIRTUAL PRIVATE NETWORK(VPN) 12
9. CONCLUSION 13
10.REFERENCES 13
-
8/8/2019 Course Work Network and It
3/16
INTRODUCTION
Implement Network infrastructure for Maiden Choice Hospital(MCH) as per the
requirements.
This hospital has two branches so we communicate the other two sites fromhead office through wireless. We use the appropriate technology of wireless access point. The
physicians share the datas from the server which is placed in Euston Square. In the
networking system however allows medical, support and practice staff at the Headquarters
(Euston Square) to have access to and enter patients data into the central database located at
the headquarters. Whereas local medical staff can only enter data to and access data from
their local systems.
According to the paramedics on emergency call should be able to connect to any of
the Centres LANs via a mobile connection from which there must be wireless technology
installed to cate
In this course work, I can use clientserver model, clientserver model is a
distributed application structure that partitions tasks or workloads between service requesters
called clients and the providers of a resource or service called servers,but both client and
server may exists in the same system.Internet's main application protocols, such as HTTP,
SMTP, Telnet, and DNS.The client server model is sometimes reffered to as two-tier
Architecture.Specific types of clients and servers includeweb servers, ftp servers, application
servers, database servers, name servers, mail servers, file servers, print servers, and terminal
servers, web browsers, email clients, and online chat clients.In client server model has some
advantages and disadvantages.
Advantages
Clientserver architecture provides the following roles and responsibilities for
great ease of maintenance, ease of use and friendliness of the user interface.
The data storage is centralized, data updates are to be distributed and applied
to each peer in the network, which is both time-consuming and error-prone, as
there can be thousands or even millions of peers.
1
-
8/8/2019 Course Work Network and It
4/16
Disadvantages
In clientserver, should a critical server fail, clients requests cannot be fulfilled.
In P2P networks, resources are usually distributed among many nodes . Even if
one or more nodes depart and abandon a downloading file,
for example, the remaining nodes should still have the data needed to complete
the download
In General, networking between these three sites are described here A Server which is
located in Newham. It is connected with wireless router and the wireless router routes
different networks. Then the wireless router connected to wireless controller it connect with
other two sites. In each floor of the hospital has one wireless access points it receives signals
from the wireless router. Continue to that every access point connected with a switch. It will
connect the entire pc in that floor.Similarly we do the same construction for every floor.So
now get communicated within building. Now whoever present in the building they share the
resources which are available in server.
Now we construct structure of networking with the similar structure. Each other sites
have one wireless LAN controller, one wireless router, access points and client pcs as per
our requirements. The wireless LAN controller has support 10 miles of coverage area so our
total surrounding miles is 28 miles so we placed 3 Wireless LAN controllers in every
building. It covers the maximum range of area.
Now describe about VPN connection. In the headquarters we have place server from
the server we buy a internet connection from any ISPs (Internet Service Provider)
They giving one public ip are used for only accessing internet in your local area
connection we provide this internet connection for every patients so we not give any
restriction to users. The physicians who have privileged right them only access datas from
server using remote connection.
2
-
8/8/2019 Course Work Network and It
5/16
HARDWARE AND SOFTWARE REQUIREMENTS
HARDWARE REQUIREMENTS
The following hardware requirements are needed to build the networks are given below
Maiden Choice Hospital (MCH) (Euston square, London).
TOTAL USABLE IPs = 77
S. NO FLOOR USER CLIENTS NAME IP NUMBER
01 Ground floor-
Fourth Floor(five
Floors)
Terminals 50
Switches 05
Wireless (NAT configured intorouters)
05
Servers 01
Cisco Router 01CCTV camera 05
CCTV Interface Card 05
DSL Modem 01
IP Phone 05
TOTAL USABLE IPs = 78
Maiden Choice Hospital (MCH) (Newham , London).
S. NO USERS CLIENTS NAME IP NUMBER
01 Medical Staff 30
02 Support Staff 80
TOTAL USABLE IPs = 110
3
S. NO USERS CLIENTS NAME IP NUMBER
01 Medical Staff 25
02 Support Staff 50
-
8/8/2019 Course Work Network and It
6/16
S. NO FLOOR USER CLIENTS NAME IP NUMBER
01 Ground floor-
Fourth Floor(fiveFloors)
Terminals 90
Switches 06
Wireless (NAT configured into
routers)
05
Servers 05
Cisco Router 01
IP CCTV camera 05
CCTV Interface Card 05
DSL Modem 01
IP Phone 05
TOTAL USABLE IPs = 123
Maiden Choice Hospital (MCH) (Middlesex , London).
S. NO USERS CLIENTS NAME IP NUMBER
01 Medical Staff 15
02 Support Staff 20
TOTAL USABLE IPs = 35
S. NO FLOOR USER CLIENTS NAME IP NUMBER
01 Ground floor-
Fourth Floor(fiveFloors)
Terminals 60
Wireless (NAT configured into routers) 05
Servers (Include NAS server) 05
Cisco Router 01
IP CCTV camera 05
DSL Modem 01
IP Phone 05
TOTAL USABLE IPs = 76
4
-
8/8/2019 Course Work Network and It
7/16
SOFTWARE REQUIREMENTS
Operating System: Windows Server 2003 Enterprise Edition
Exchange Server 2003 Enterprise Edition
Windows Xp Enterprise Edition
Monitoring Tool : It includes with Server Functions
OtherSoftwares : CCTV Camera Capturing Software,
Microsoft Office 2007 Enterprise Edition
Cisco IOS (Version depend upon series)
Antivirus.
Firewall.
NETWORK DIAGRAM
In this Network we have three sites, they are
1. Euston Square
2. Middlesex
3. Newham
Here we see the logical diagram of entire network and how its work. How they are
communicated from different sites. From the below diagram we see clear structure of the
networking. The remote client who need datas but they are in area coverage at that time the
administrator give authorized user name and password for the client.So they are taking their
remotely and share the datas whatever they required through the public path.
We use a single server which it will have sufficient to run all those services. They are
DNS
, Mail, FTP, and Telnet.
In the DNS
server, the pcs belongs to the server by adding itinto client of server.So the authorized users who were created in the server their only allow
accessing the computer. Other than that person nobody get logon.So we use general terms in
this network. The sites access network through wireless access points in every floor.The
entire logical network diagram are given below.
5
-
8/8/2019 Course Work Network and It
8/16
Figure No.1 Logical Diagram of Entire Network
IP ADDRESSING SCHEME:
One of the major problems with supporting only a single subnet mask across a given
network number is that once the mask is selected, it locks the organization into a fixed
number of fixed-sized subnets. For example, a Class B subnet that is masked with
255.255.252.0 yields additional 64 subnets with 1024 hosts per subnet. If you need 1028
subnets with some as large as 1000 hosts and some as small as 64 hosts you are out of luck.
Similar to the IP space separation into A,B, and C classes VLSM permits organization to use
subnets with different number of hosts.So we use VLSM scheme for subnetting the given ip
address.
6
-
8/8/2019 Course Work Network and It
9/16
At first we see the ip address scheme implemented in Euston Square.
Network ID 192.168.2.0
Starting IP Address 192.168.2.1
Ending IP Address 192.168.2.63
Broadcast ID 192.168.2.64
Figure No.2 Logical Diagram of Euston Square(Headquarters) Site
Here total number of IPs used 50. It was including ip address of the printer and CCTV
cameras. We use ip address of the Wireless Router is used as a Gateway for whole network.
Rest of the IPs we can use for further extension in near future.
7
-
8/8/2019 Course Work Network and It
10/16
Next we see the ip address scheme for Newham Site.
Network ID 192.168.2.65
Starting IP Address 192.168.2.66
Ending IP Address 192.168.2.127
Broadcast ID 192.168.2.128
Figure No.3 Logical Network Diagram of Newham Site.
Here we used no. of IP address is 60. It includes CCTV cameras. We assign the IP addresses
range in DHCP settings in wireless router it distribute all those ips to the pcs or other
communication device.
Rest of the IPs we can use for further extension in near future.
8
-
8/8/2019 Course Work Network and It
11/16
Now we see the ip scheme for Middlesex site.
Network ID 192.168.2.129
Starting IP Address 192.168.2.130
Ending IP Address 192.168.2.191
Broadcast ID 192.168.2.192
Figure No.4 Logical Network Diagram for MiddlesexSite.
Here also we follow the same procedure as we follow in the above site.
Rest of the IPs we can use for further extension in near future.
9
-
8/8/2019 Course Work Network and It
12/16
SECURITY ISSUES
We uses the wireless Access Points and using wireless products so in wireless
access points there is some features only give for the security purpose. We additionally
installed hardware firewall equipment or software firewall (checkpoint).
In Wireless access points have a encryption algorithm that is WEP (Wired
Equivalent Privacy). This is 48bit algorithm but it is not effective in avoid the attacks from
the hacker.
Probably we using ADS (Active Directory Service) it has users details in the
private network. At that time we create some group policy for some kind of users
In practically we have some solutions for the problem, they are
1. Changing the default SSID (Service Set Identifier) into your own.
2. Utilize the VPN server.it is used to filter outs incoming connections.
3. Utilize the static ip. It is more difficult to implement in larger connection.
4. Place the access points before the firewall we should avoid unauthorized access.
5. Better we install the software firewall to prevent the attacks. It is also cheap in cost
We detect the attacks and monitor entire network.
6. 802.11i. The new security standard, 802.11i, which was sanctioned
in June 2004, fixes all WEP weaknesses.
7. The integration of applications like VoIP into the wireless domain [8] adds
complexity to the proposed security solutions. It remains to be seen whether the proposed
Solutions can cater to the different QoS requirements of such applications.
TYPES OF LINKS
The types of links that can be used between the three sites (Euston Square, Middlesex,
and Newham) the main IP protocols present for each link. For this use IP protocol we need to
buy static IP address from ISP. After that we can configure VPN (Virtual Private Network) in
each router of the network of three sites.
10
-
8/8/2019 Course Work Network and It
13/16
In our whole network must be present internet connection. so we can ping or browse
all over the world . wherever we stay and we can monitor from our internet capable mobile
phone as well. Our engineers will configure UDP and TCP protocol in our entire network.
For this issue we will use in our network TCP protocol.
We use the POP3 protocol for mail servers. This is configured by the administrator in
the server for that we use the exchange server. The pop3 means Post Office Protocol. It
describes how the post office get functioned same like that this protocol also functions. This
protocol receives mail from the server and it stores all mails in locally. We will see our
without online that is major advantage in pop3 protocol.
PRIVATE IP ADDRESSES:
In my networks ,I can use wireles routers,so we can implement by networks using
connectionless Ipv4 protocol is used on packet-switched Link Layer networks (e.g., Ethernet)
Here we using IPv4 because IPv6 is more costly compared to this . If we want IPv6 means
later we will extend it with using both of them. Most of the users use IPv4 and IPv6
simultaneously. In router we were using the routing algorithms and route the public and
private IP. Ipv4 uses 32 Bit addresses,However, some are reserved for special purposes such
as private networks or multicast addresses. It also reduces the number of addresses that can
be used to allocated for routing on the public Internet.
VIRTUAL PRIVATE NETWORK(VPN)
In this coursework, the three sites are communicated each other. The VPN connection
had brought from the Internet Service providers. Actually we place a DSL modem in the
network diagram. The server connected to internet through DSL modem of ISP. The server
get configured and the everyone who enter into the coverage area. The remote client or
physician or doctor of the hospital they want to share his datas with the server means its
difficult. So we bought a IP Address from the ISP provider. The private IP addresses
communicate through the public IP address. We use NAT (Network Address Translation) the
original IP address of the server or our network is not shown to the attacker. The duplicate IP
address only shown to every user. We implement NAT in either router or in server. Both of
them give effective solution. This one also under the security threads.
11
-
8/8/2019 Course Work Network and It
14/16
If MCH management has willing to invest more money networking means . They buy
VPN router then our engineers will setup VPN routers in the entire sites for securities reasons
through internet. Every individually site we will use VPN by purchasing static external IP
from ISP company. This IP is static and unique for using only for our sites to connect each
other.
Although its costly but for safely reason sometimes we are not think about cost.
Wewill deployed each sites of inter connectivity to our whole network .Such as router at
Newham configured by VPN and Middlesex centre. Follow this process we will connect
every site as per our diagram show which are above. we will use VPN router and connect
each other as a safely and surely.VPN router can also create FIREWALL which keep our
system safe free.
The function of VPN is that to allow two computers or networks to tranfer data or
talk to each other over a transport media,this is not a secure manner Each point to indicate at
the end of the transport media (internet) is called a point of presence (POP). In our networks,I
can use the transport media is the internet. In our networks, "Maiden choice Hospital, has
three branches. Main branch in Euston square, Newham and Middlesex.
The Management wants a networking setup so we can access any of the three network
locations at any time through the internet. The management wants us data secure and some
of it is confidential. Here ,the hospital are set up on networks 10.1.x.x, 10.2.x.x, 10.3.x.x, and
10.4.x.x. Each of the three networks, when they need to send a data packet to one of the
other networks, will route its data packet to its respective router, A, B, or C. For example if a
computer on the 10.1.x.x network in Newham needs to send a packet to a computer with
address 10.3.6.1 on the network in Euston square at 10.3.x.x, it will send its packet to its
router, A.Since the network number, 10.x.x.x, is reserved for private use, the packet can't be
sent going from computer A with 10.3.6.1 as its intended address.
This is because when the routers on the internet does not recognize this address as a
valid destination, so IP masquerading won't solve this problem since the computer on the
other end would have no way of knowing that a packet that it didn't send was a masqueraded
packet. Tunneling is one of the technique used to solve this problem.
12
-
8/8/2019 Course Work Network and It
15/16
(i)TUNNELING
Tunneling means that the complete IP packet to be sent from Euston square to Newham
must be encapsulated into another IP packet. This new packet will have a legal internet IP
address. Therefore, machine A will take the packet it needs to route (already it has destination
IP address) .The tunneling and the security mechanisms are listed below. The tunneling
protocols that can be used in VPN are listed below
L2F - Layer2 ,Forwarding at the link layer of the OSI model. It has no encryption.
PPTP - Point-to-Point Tunneling Protocol (RFC 2637) and L2TP - Layer2 Tunneling
Protocol. (RFC 2661)works at the link layer. No encryption or key management
included in specifications.
IPSec - Internet protocol security, developed by IETF, implemented at layer 3. it is a
collection of security measures that address data privacy, integrity, authentication, and
key management, in addition to tunneling. Does not cover key management.
CONCLUSION:
As per our course work,It is important to note that,We understand the various
types of classes and routers ,how to transfer data between the networks,what are the
techniques to needed to assign Ip addresses etc,I can use different techniques to find the
hackers and viruses and how to detect them.
REFERENCES:
In our course work,I can use the following links and reference books .
1. Computer networking:A top down Approach Featuring the internet,Kurose,james F
and Ross,Addision Wesley.[pp 420-600].
2. Computer networks,Tanenbaum,Andrew S,Prentice Hall[pp 813-889]
3. The Nielson Company (2009). Global Faces and Networked Places A Nielsen report
on Social Networkings New Global Footprint.Availableat:http://www.web-
strategist.com/blog/2009/01/11/a-collection-of-soical-network-statsfor-2009/
[Accessed 31 august 2009].
4. Kothari, C. R., (2008), Research Methodology: Methods & Techniques, 2nd
ed., New
Age, India-New Delhi, pp 83-114.
13
-
8/8/2019 Course Work Network and It
16/16
5. Introduction to Data communications,Forouzan,Behrouz,McGraw Hill
6. Data and computer communications,William stalings,Prentice Hall .
7. Internetworking with TCP/IP - Principles, Protocols and Architecture Douglas E.
Comer.. ISBN 86-7991-142-9
8.
Microsoft WindowsS
erver 2003 TCP/IP Protocols andS
ervices Joseph G.
Daviesand Thomas F. Lee.. ISBN 0-7356-1291-9
9. TCP/IP Protocol Suite (2nd ed.). Forouzan, Behrouz A. (2003). McGraw-Hill.
ISBN 0-07-246060-1.
10.TCP/IP Network Administration ,Craig Hunt. O'Reilly (1998) ISBN 1-56592-322-7
11.IP Fundamentals Maufer, Thomas A. (1999), Prentice Hall. ISBN 0-13-975483-0.
12.Ian McLean. Windows(R) 2000 TCP/IP Black Book. ISBN 1-57610-687-X
13.Network Programming ,Ajit Mungale Pro .NET 1.1. ISBN 1-59059-345-6
14.TCP/IP IllustratedThe Protocols ,W. Richard Stevens.. ISBN 0-201-63346-9
15.. TCP/IP Illustrated, The Implementation.W. Richard Stevens and Gary R. Wright
ISBN 0-201-63354-X
16.TCP for Transactions, HTTP, NNTP, and the UNIX Domain Protocols W. Richard
Stevens. TCP/IP Illustrated,ISBN 0-201-63495-3
17.Andrew S. Tanenbaum. Computer Networks. ISBN 0-13-066102-3
18."The Design Philosophy of the DARPA Internet Protocols", Computer
Communications Review David D. Clark, , pp 106300
14