
2/16

CONTENTS

1. INTRODUCTION 01

2. SOLUTION:HARDWARE + SOFTWARE 03

LOGICAL AND LOGICAL TOPOLOGY OVERALL

3.

DETAILED SOLUTION TOPOLOGY,WHAT 05

CONNECTION FOR LOCAL PLUS REMOTE SITES

4. SUBNETS 06

5. SECURITY ISSUES 10

6. TYPES OF LINKS 10

7. IP ADDRESSES 11

8. VIRTUAL PRIVATE NETWORK(VPN) 12

9. CONCLUSION 13

10.REFERENCES 13


3/16

INTRODUCTION

Implement Network infrastructure for Maiden Choice Hospital(MCH) as per the

requirements.

This hospital has two branches so we communicate the other two sites fromhead office through wireless. We use the appropriate technology of wireless access point. The

physicians share the datas from the server which is placed in Euston Square. In the

networking system however allows medical, support and practice staff at the Headquarters

(Euston Square) to have access to and enter patients data into the central database located at

the headquarters. Whereas local medical staff can only enter data to and access data from

their local systems.

According to the paramedics on emergency call should be able to connect to any of

the Centres LANs via a mobile connection from which there must be wireless technology

installed to cate

In this course work, I can use clientserver model, clientserver model is a

distributed application structure that partitions tasks or workloads between service requesters

called clients and the providers of a resource or service called servers,but both client and

server may exists in the same system.Internet's main application protocols, such as HTTP,

SMTP, Telnet, and DNS.The client server model is sometimes reffered to as two-tier

Architecture.Specific types of clients and servers includeweb servers, ftp servers, application

servers, database servers, name servers, mail servers, file servers, print servers, and terminal

servers, web browsers, email clients, and online chat clients.In client server model has some

advantages and disadvantages.

Advantages

Clientserver architecture provides the following roles and responsibilities for

great ease of maintenance, ease of use and friendliness of the user interface.

The data storage is centralized, data updates are to be distributed and applied

to each peer in the network, which is both time-consuming and error-prone, as

there can be thousands or even millions of peers.

1


4/16

Disadvantages

In clientserver, should a critical server fail, clients requests cannot be fulfilled.

In P2P networks, resources are usually distributed among many nodes . Even if

one or more nodes depart and abandon a downloading file,

for example, the remaining nodes should still have the data needed to complete

the download

In General, networking between these three sites are described here A Server which is

located in Newham. It is connected with wireless router and the wireless router routes

different networks. Then the wireless router connected to wireless controller it connect with

other two sites. In each floor of the hospital has one wireless access points it receives signals

from the wireless router. Continue to that every access point connected with a switch. It will

connect the entire pc in that floor.Similarly we do the same construction for every floor.So

now get communicated within building. Now whoever present in the building they share the

resources which are available in server.

Now we construct structure of networking with the similar structure. Each other sites

have one wireless LAN controller, one wireless router, access points and client pcs as per

our requirements. The wireless LAN controller has support 10 miles of coverage area so our

total surrounding miles is 28 miles so we placed 3 Wireless LAN controllers in every

building. It covers the maximum range of area.

Now describe about VPN connection. In the headquarters we have place server from

the server we buy a internet connection from any ISPs (Internet Service Provider)

They giving one public ip are used for only accessing internet in your local area

connection we provide this internet connection for every patients so we not give any

restriction to users. The physicians who have privileged right them only access datas from

server using remote connection.

2


5/16

HARDWARE AND SOFTWARE REQUIREMENTS

HARDWARE REQUIREMENTS

The following hardware requirements are needed to build the networks are given below

Maiden Choice Hospital (MCH) (Euston square, London).

TOTAL USABLE IPs = 77

S. NO FLOOR USER CLIENTS NAME IP NUMBER

01 Ground floor-

Fourth Floor(five

Floors)

Terminals 50

Switches 05

Wireless (NAT configured intorouters)

05

Servers 01

Cisco Router 01CCTV camera 05

CCTV Interface Card 05

DSL Modem 01

IP Phone 05


Maiden Choice Hospital (MCH) (Newham , London).

S. NO USERS CLIENTS NAME IP NUMBER

01 Medical Staff 30

02 Support Staff 80


3


01 Medical Staff 25

02 Support Staff 50


6/16


01 Ground floor-

Fourth Floor(fiveFloors)

Terminals 90

Switches 06

Wireless (NAT configured into

routers)

05

Servers 05

Cisco Router 01

IP CCTV camera 05

CCTV Interface Card 05

DSL Modem 01

IP Phone 05


Maiden Choice Hospital (MCH) (Middlesex , London).


01 Medical Staff 15

02 Support Staff 20



01 Ground floor-

Fourth Floor(fiveFloors)

Terminals 60

Wireless (NAT configured into routers) 05

Servers (Include NAS server) 05

Cisco Router 01

IP CCTV camera 05

DSL Modem 01

IP Phone 05


4


7/16

SOFTWARE REQUIREMENTS

Operating System: Windows Server 2003 Enterprise Edition

Exchange Server 2003 Enterprise Edition

Windows Xp Enterprise Edition

Monitoring Tool : It includes with Server Functions

OtherSoftwares : CCTV Camera Capturing Software,

Microsoft Office 2007 Enterprise Edition

Cisco IOS (Version depend upon series)

Antivirus.

Firewall.

NETWORK DIAGRAM

In this Network we have three sites, they are

1. Euston Square

2. Middlesex

3. Newham

Here we see the logical diagram of entire network and how its work. How they are

communicated from different sites. From the below diagram we see clear structure of the

networking. The remote client who need datas but they are in area coverage at that time the

administrator give authorized user name and password for the client.So they are taking their

remotely and share the datas whatever they required through the public path.

We use a single server which it will have sufficient to run all those services. They are

DNS

, Mail, FTP, and Telnet.

In the DNS

server, the pcs belongs to the server by adding itinto client of server.So the authorized users who were created in the server their only allow

accessing the computer. Other than that person nobody get logon.So we use general terms in

this network. The sites access network through wireless access points in every floor.The

entire logical network diagram are given below.

5


8/16

Figure No.1 Logical Diagram of Entire Network

IP ADDRESSING SCHEME:

One of the major problems with supporting only a single subnet mask across a given

network number is that once the mask is selected, it locks the organization into a fixed

number of fixed-sized subnets. For example, a Class B subnet that is masked with

255.255.252.0 yields additional 64 subnets with 1024 hosts per subnet. If you need 1028

subnets with some as large as 1000 hosts and some as small as 64 hosts you are out of luck.

Similar to the IP space separation into A,B, and C classes VLSM permits organization to use

subnets with different number of hosts.So we use VLSM scheme for subnetting the given ip

address.

6


9/16

At first we see the ip address scheme implemented in Euston Square.

Network ID 192.168.2.0

Starting IP Address 192.168.2.1

Ending IP Address 192.168.2.63

Broadcast ID 192.168.2.64

Figure No.2 Logical Diagram of Euston Square(Headquarters) Site

Here total number of IPs used 50. It was including ip address of the printer and CCTV

cameras. We use ip address of the Wireless Router is used as a Gateway for whole network.

Rest of the IPs we can use for further extension in near future.

7


10/16

Next we see the ip address scheme for Newham Site.

Network ID 192.168.2.65




Figure No.3 Logical Network Diagram of Newham Site.

Here we used no. of IP address is 60. It includes CCTV cameras. We assign the IP addresses

range in DHCP settings in wireless router it distribute all those ips to the pcs or other

communication device.


8


11/16

Now we see the ip scheme for Middlesex site.

Network ID 192.168.2.129




Figure No.4 Logical Network Diagram for MiddlesexSite.

Here also we follow the same procedure as we follow in the above site.


9


12/16

SECURITY ISSUES

We uses the wireless Access Points and using wireless products so in wireless

access points there is some features only give for the security purpose. We additionally

installed hardware firewall equipment or software firewall (checkpoint).

In Wireless access points have a encryption algorithm that is WEP (Wired

Equivalent Privacy). This is 48bit algorithm but it is not effective in avoid the attacks from

the hacker.

Probably we using ADS (Active Directory Service) it has users details in the

private network. At that time we create some group policy for some kind of users

In practically we have some solutions for the problem, they are

1. Changing the default SSID (Service Set Identifier) into your own.

2. Utilize the VPN server.it is used to filter outs incoming connections.

3. Utilize the static ip. It is more difficult to implement in larger connection.

4. Place the access points before the firewall we should avoid unauthorized access.

5. Better we install the software firewall to prevent the attacks. It is also cheap in cost

We detect the attacks and monitor entire network.

6. 802.11i. The new security standard, 802.11i, which was sanctioned

in June 2004, fixes all WEP weaknesses.

7. The integration of applications like VoIP into the wireless domain [8] adds

complexity to the proposed security solutions. It remains to be seen whether the proposed

Solutions can cater to the different QoS requirements of such applications.

TYPES OF LINKS

The types of links that can be used between the three sites (Euston Square, Middlesex,

and Newham) the main IP protocols present for each link. For this use IP protocol we need to

buy static IP address from ISP. After that we can configure VPN (Virtual Private Network) in

each router of the network of three sites.

10


13/16

In our whole network must be present internet connection. so we can ping or browse

all over the world . wherever we stay and we can monitor from our internet capable mobile

phone as well. Our engineers will configure UDP and TCP protocol in our entire network.

For this issue we will use in our network TCP protocol.

We use the POP3 protocol for mail servers. This is configured by the administrator in

the server for that we use the exchange server. The pop3 means Post Office Protocol. It

describes how the post office get functioned same like that this protocol also functions. This

protocol receives mail from the server and it stores all mails in locally. We will see our

without online that is major advantage in pop3 protocol.

PRIVATE IP ADDRESSES:

In my networks ,I can use wireles routers,so we can implement by networks using

connectionless Ipv4 protocol is used on packet-switched Link Layer networks (e.g., Ethernet)

Here we using IPv4 because IPv6 is more costly compared to this . If we want IPv6 means

later we will extend it with using both of them. Most of the users use IPv4 and IPv6

simultaneously. In router we were using the routing algorithms and route the public and

private IP. Ipv4 uses 32 Bit addresses,However, some are reserved for special purposes such

as private networks or multicast addresses. It also reduces the number of addresses that can

be used to allocated for routing on the public Internet.

VIRTUAL PRIVATE NETWORK(VPN)

In this coursework, the three sites are communicated each other. The VPN connection

had brought from the Internet Service providers. Actually we place a DSL modem in the

network diagram. The server connected to internet through DSL modem of ISP. The server

get configured and the everyone who enter into the coverage area. The remote client or

physician or doctor of the hospital they want to share his datas with the server means its

difficult. So we bought a IP Address from the ISP provider. The private IP addresses

communicate through the public IP address. We use NAT (Network Address Translation) the

original IP address of the server or our network is not shown to the attacker. The duplicate IP

address only shown to every user. We implement NAT in either router or in server. Both of

them give effective solution. This one also under the security threads.

11


14/16

If MCH management has willing to invest more money networking means . They buy

VPN router then our engineers will setup VPN routers in the entire sites for securities reasons

through internet. Every individually site we will use VPN by purchasing static external IP

from ISP company. This IP is static and unique for using only for our sites to connect each

other.

Although its costly but for safely reason sometimes we are not think about cost.

Wewill deployed each sites of inter connectivity to our whole network .Such as router at

Newham configured by VPN and Middlesex centre. Follow this process we will connect

every site as per our diagram show which are above. we will use VPN router and connect

each other as a safely and surely.VPN router can also create FIREWALL which keep our

system safe free.

The function of VPN is that to allow two computers or networks to tranfer data or

talk to each other over a transport media,this is not a secure manner Each point to indicate at

the end of the transport media (internet) is called a point of presence (POP). In our networks,I

can use the transport media is the internet. In our networks, "Maiden choice Hospital, has

three branches. Main branch in Euston square, Newham and Middlesex.

The Management wants a networking setup so we can access any of the three network

locations at any time through the internet. The management wants us data secure and some

of it is confidential. Here ,the hospital are set up on networks 10.1.x.x, 10.2.x.x, 10.3.x.x, and

10.4.x.x. Each of the three networks, when they need to send a data packet to one of the

other networks, will route its data packet to its respective router, A, B, or C. For example if a

computer on the 10.1.x.x network in Newham needs to send a packet to a computer with

address 10.3.6.1 on the network in Euston square at 10.3.x.x, it will send its packet to its

router, A.Since the network number, 10.x.x.x, is reserved for private use, the packet can't be

sent going from computer A with 10.3.6.1 as its intended address.

This is because when the routers on the internet does not recognize this address as a

valid destination, so IP masquerading won't solve this problem since the computer on the

other end would have no way of knowing that a packet that it didn't send was a masqueraded

packet. Tunneling is one of the technique used to solve this problem.

12


15/16

(i)TUNNELING

Tunneling means that the complete IP packet to be sent from Euston square to Newham

must be encapsulated into another IP packet. This new packet will have a legal internet IP

address. Therefore, machine A will take the packet it needs to route (already it has destination

IP address) .The tunneling and the security mechanisms are listed below. The tunneling

protocols that can be used in VPN are listed below

L2F - Layer2 ,Forwarding at the link layer of the OSI model. It has no encryption.

PPTP - Point-to-Point Tunneling Protocol (RFC 2637) and L2TP - Layer2 Tunneling

Protocol. (RFC 2661)works at the link layer. No encryption or key management

included in specifications.

IPSec - Internet protocol security, developed by IETF, implemented at layer 3. it is a

collection of security measures that address data privacy, integrity, authentication, and

key management, in addition to tunneling. Does not cover key management.

CONCLUSION:

As per our course work,It is important to note that,We understand the various

types of classes and routers ,how to transfer data between the networks,what are the

techniques to needed to assign Ip addresses etc,I can use different techniques to find the

hackers and viruses and how to detect them.

REFERENCES:

In our course work,I can use the following links and reference books .

1. Computer networking:A top down Approach Featuring the internet,Kurose,james F

and Ross,Addision Wesley.[pp 420-600].

2. Computer networks,Tanenbaum,Andrew S,Prentice Hall[pp 813-889]

3. The Nielson Company (2009). Global Faces and Networked Places A Nielsen report

on Social Networkings New Global Footprint.Availableat:http://www.web-

strategist.com/blog/2009/01/11/a-collection-of-soical-network-statsfor-2009/

[Accessed 31 august 2009].

4. Kothari, C. R., (2008), Research Methodology: Methods & Techniques, 2nd

ed., New

Age, India-New Delhi, pp 83-114.

13


16/16

5. Introduction to Data communications,Forouzan,Behrouz,McGraw Hill

6. Data and computer communications,William stalings,Prentice Hall .

7. Internetworking with TCP/IP - Principles, Protocols and Architecture Douglas E.

Comer.. ISBN 86-7991-142-9

8.

Microsoft WindowsS

erver 2003 TCP/IP Protocols andS

ervices Joseph G.

Daviesand Thomas F. Lee.. ISBN 0-7356-1291-9

9. TCP/IP Protocol Suite (2nd ed.). Forouzan, Behrouz A. (2003). McGraw-Hill.

ISBN 0-07-246060-1.

10.TCP/IP Network Administration ,Craig Hunt. O'Reilly (1998) ISBN 1-56592-322-7

11.IP Fundamentals Maufer, Thomas A. (1999), Prentice Hall. ISBN 0-13-975483-0.

12.Ian McLean. Windows(R) 2000 TCP/IP Black Book. ISBN 1-57610-687-X

13.Network Programming ,Ajit Mungale Pro .NET 1.1. ISBN 1-59059-345-6

14.TCP/IP IllustratedThe Protocols ,W. Richard Stevens.. ISBN 0-201-63346-9

15.. TCP/IP Illustrated, The Implementation.W. Richard Stevens and Gary R. Wright

ISBN 0-201-63354-X

16.TCP for Transactions, HTTP, NNTP, and the UNIX Domain Protocols W. Richard

Stevens. TCP/IP Illustrated,ISBN 0-201-63495-3

17.Andrew S. Tanenbaum. Computer Networks. ISBN 0-13-066102-3

18."The Design Philosophy of the DARPA Internet Protocols", Computer

Communications Review David D. Clark, , pp 106300

14

course work network and it

Documents