Assignment Hippo Logo
LiveChat

Loading..

Cottonwood Hill Library Case Study

Assignment 2 Cottonwood Hill Library Case Study

Section 1:  Research

It is undeniable that the kind of design of a network to be used will depend on many basic concepts and the general agreed principles. Researchers have come into agreement that there is no specific network design that fits all scenarios; it all depends on the client’s requirements and needs, sizes and the key principles must be adhered to (Kaur, Kaur & Gupta, 2016). System integrators can come up with a successful network design, avoid simple mistakes and satisfy clients if they follow the principles properly. Failure to observe the fundamental design principles may lead to poor network implementation. The OSI model uses standardized communication protocols to present useful communication systems in organizations and companies. The model’s communication systems are partitioned into seven layers whereby the transmitted data starts from layer N, transmitting device at the topmost layer directly to PDU (Protocol Data Unit) before it proceeds to SDU (Service Data Unit). The following key principles and general concepts should be the key guiding tool when integrators are designing a network for a specific client.

System designers should check on the application and client-server traffic flow. It is critical to have a clear understanding of application data flow from the server through several layers in OSI model to the clients in a bid to identify the resources required at each level, ways of minimizing hops and latency. Data can flow either in a single direction or in two directions; it is mandatory to gauge the performance when data flows in single direction and when moving in two directions.  The integrator will characterize network traffic by classifying the application under server/client traffic flow, terminal/host, server/server or peer to peer flow.  The characteristics and requirements of a specific application determines the resources requirement to successfully design and implement a network (Hashimi & Güneş, 2017).  In the OSI model, data link layer is essential in synchronizing the information that transmitted across the physical layer.  Data link layer performs a solid role in making sure data transferred is free from errors, it is framed in a sequential way, and above all, facilitate the formation of logical layer in between nodes.

Pointing out the points of failure in the design is another important concept designers should always keep in mind.  The network design should accommodate additional components that take over and keep the system up and working when the main devices fail (Hashimi & Güneş, 2017). Whether it is network-level or end-node redundancy, there is an alternate path, component or link that will be active once the main system fail or is experiencing difficulties in data transmission.  Researchers have found so problematic when a structure is only relying on a single link or device as this will result into loss of resources or failing of business activities. Many companies will look at the risks and costs associated with the use of a certain network design. A good network designer implements reliable backup paths, introduces load sharing that allows clients to run their business without system disturbances.

According to Kaur, Kaur and Gupta (2016), load sharing entails use of multiple channels in an attempt to reach a certain point. Initially, the designer and system integrator makes an assumption that either or both the hardware and software might fail at some point. A goo network design is designed with alternatives to accessing nodes and signals.  For instance, a link-level redundancy will have two or three links that are connected to a switch. This means if one link is not working, the two other links will be up and running. So, a designer will prioritize link 1 and 2 in sending packets during normal operations while the third link is always on standby. Across units and protocols such as application, session, presentation and transport protocols in OSI model should be provided with alternatives that will ensure no disturbances in case one fails.

To access the level of network performance and understand its effectiveness, a designer checks and monitors the bandwith levels across the OSI model layers.  The comparison between the available bandwith with the requirements of workflow across the network allows the designer to gauge its performance levels.  To measure how fast data units travel from server to clients or back, the expert uses bandwith and throughput.  In the process of reducing latency, a designer can decide to use wired connections as opposed to wireless connections which can more often get lost in the air.  Network connections that are overusing bandwith should be regulated so as to bring a balance bandwith across network layers.  Bandwith can be measured in bps, Gbps or Mbps (megabits). It can be either symmetrical or asymmetrical. In asymmetrical the download speed and upload capacity differ depending on the preference of the client. However, normally uploads capacity are always smaller as compared to downloading speed.  The session layer in OSI model is critical in ensuring conversations between user and machines, two different applications are monitored and managed properly. The bandwith level are set to be almost the same across the layers to ensure messages are not ended prematurely or data is not lost (Chaudhary, Kumar & Kaushik, 2018).  

One major aspect in the designing and implementation of networks is the minimization of latency at all levels.  Latency is much concerned with the speed at which the content within one link or pipe is transmitted from server to client and back.  Some of prominent cause of latency in a network include the kind of transmission mediums used such as WAN, the fiber optic cables used.  Propagation too determines latency since it measures time used by a data packet to travel from the source to destination device. Besides, routers can affect level of latency as they take some microseconds to analyze and interpret data, add additional information, give answers or provide solutions based on the information they receive. Storage delays can also affect latency level. With all this information, a designer has to find ways of reducing latency in a network. Latency can be easily reduced by using a prevalent HTTP/2 as it responsible for reducing round trips of data flowing between server and the client (Hashimi & Güneş, 2017).  Alternatively, the expert can decide to use a CDN that caches resources to the client. Fewer HTTP requests that are done externally increases the speed thus reducing latency.

Figure 1. VLANs Limiting

Limiting VLANs to only where they are applied is another critical concept a designer should look into.  Researchers have found it advantageous to prune out unneeded VLANs as it eases the switches and endpoints. It reduces unnecessary traffic including multicast, broadcast, many unnecessary unicast packets and unknown VLAN. As a result, the broadcasts are sent to links that only need such information. As a matter of course, VLANs 2 are pruning qualified, however VLAN 1 can't be pruned in light of the fact that it's a regulatory VLAN. Both VTP renditions 1 and 2 help pruning. Nevertheless, VLAN hopping is necessary using two known methods, that is, double tagging and switch spoofing.  In double tagging, each packet is allowed to have two VLAN tags to avoid VLAN hopping (Sari, et al., 2019).

Section 2: Design

In consideration of the design principles and general concepts, it is vital to have a simple network that allows students access learning materials online, print important materials, use the internet and give the administrators the opportunity to control the system.  Cottonwood Hill Library will benefit a lot from the network as it will easy and fasten activities within the library, allows students to access services through the computers and above, increase the efficiency of service students.  The requirements for this system include;

  • User interface including the CPT (Cisco Packet Tracer) which is simple and easier to implement.
  • It will have four switches, 1 router, two printers, and 10 computers in each lab, general computer Systems, and One or two computer system for server, Cross over cables, different VLANs and other interconnections.
  • Administrators and students can access internet, use printers and download the ebooks available in Cottonwood Hill Library.

An Internet Protocol address (IPA) is a consistent, numerical location that is allotted to each and every personal computer, printers, switches, switch or any gadget that is some portion of an IP based system. No system engineering exists without this necessary an IP address. Because of an IP address is coherent location, so it used to recognize the particular hubs in the system. So the IP address gives the area an address so they can collaborate with one another through email or so on. An IP address is a 32-piece number. It has two variants one being IPv4 and IPv6.

The architecture

The following figure summarizes the general architecture of the network.

Figure 2 a complete network for CottonWood Library

In the above figure, it shows a complete network of Cottonwood Hill Library which consists of four switches, end devices (PCs), one router and cables. The internet is connected through the router to switches and finally to library computers through the cables. All computers in the library are assigned unique IP addresses.  The design represents a network of two floors which consists of two labs in each floor. The computers in each floor are connected to two different switches located in each lab, later connected to the router.  IP addresses assigned different computers can be shown in following figure as an example.

List of PCs and their IP addresses

PC PT PC1 -0 192.168.1.8

PC PT PC2 IP address 192.168.1.10

PC PT PC3 IP address 192.168.1.15

PC PT PC4 IP address 192.168.1.11

PC PT PC5 IP address 192.168.2.15

PC PT PC6 IP address 192.168.2.10

PC PT PC7 IP address 192.168.2.9

PC PT PC8 IP address 192.168.2.6

PC PT PC9 IP address 192.168.1.7

PC PT PC17 IP address 192.168.2.17

PC PT PC18 IP address 192.168.2.27

PC-19 address 192.168.2.26

PC-19 IP address 192.168.1.52

PC-20 IP address 192.168.1.53

PC-18 IP address 192.168.2.26

PC-19 IP address 192.168.1.52

PC-20 IP address 192.168.1.53

PC PT PC10 IP address 192.168.1.14

PC PT PC11 IP address 10 192.1682.14

PC PT PC12 IP address 11 192.168.2.7

PC PT PC13 12 IP address 192.168.1.19

PC PT PC14 13 IP address 192.168.1.18

PC PT PC15 IP address 192.168.1.23

PC PT PC16 IP address 192.168.1.22

Router configuration

Ping command is used to test whether there is a communication between devices and if there is network connectivity. Physical, or MAC addresses, are normally appointed by the NIC producer and are hard-coded into the NIC. The system chairman as a rule allots IP addresses. Actually, it isn't uncommon for a system overseer to amass gadgets in the IP tending to conspire, as indicated by their topographical area, division, or floor inside a structure. Since they are executed in programming, IP delivers are genuinely simple to change. At long last, extensions and switches are basically used to associate portions of a system. Switches are utilized to associate separate systems and to get to the overall Internet. They do this by giving start to finish steering. Switches interface at least two systems, every one of which must have a one of a kind system number with the end goal for directing to be effective. The interesting system number is fused into the IP address that is allocated to every gadget joined to that system. Model: A system has a one of a kind system number. It has four gadgets appended to it. The IP locations of the gadgets are A2, A3, A4, and A5. Since the interface where the switch associates with a system is viewed as a component of that system. The command prompt showed there is a successful communication between the two devices as shown below.  

Section 3 Evaluation

Organizations and government bodies have ventured into the assessment and evaluation of the networks they are using in an attempt to ensure their data and systems are safe. Networks do differ depending on a number of aspects. It includes the purpose of such network, membership and size of the organization, lifespan, funding sources, the area to be covered and the preferences of clients. A system cannot be classified as a complete and effective network if it does not serve the clients as required.  The designed network for CottonWood library has taken into consideration of many aspects.

Access control and User Privileges

Access control is one of important methods that is used to limit access to the system or information. The process is concerned with providing an information to only authorized users such as students, administrators and staff members working in the library.  The authentication factors taken seriously by the network are password, PIN, username, card, key, Bi-metric measurement including ratina scan and fingerprint. The access models embraced by the network in the library include physical access control whereby the printers are located where they can only be accessed by few authorized individuals. In addition, there is logical access control by use of PIN, passwords requirement to limit individuals from accessing system files, computer networks and the data transmitted.

The network that I created has full control of who will access which information, resources or online books in the library. An electronic access control device such as electronic cards can be used to give an individual an access to a certain information in the system. Equally, users are required to log in using username and password to access certain information. The network designed for Cottonwood library allows only staff and lecturers to print materials in the library. All library staff and teaching staff are required to log in using the assigned credentials. Besides, students are too required to access the system by logging in using student ID and passwords. However, all users are allowed to access internet in the library. We have a centralized printer that can be accessed by staff members. Any student who would like to print should ask for assistance from one of the staff members.

IPSec VPN

Standards often used to verify, encrypt and authenticate data especial at IP level is called IPSec. As data is transmitted in a network, IPSec is responsible for its security. In essence, it is comprised of protocols that allow secure data transmission between two devices such as computer to computer communication.  The main goals set by IPSec is to protect all IP packets, secure the network from internal and external attacks by intruders. The designed system uses ESP protocols that protect and encrypt the information such that it cannot be read by outsiders. However, the selected computers in the lab especially those used by staff can access such information. It is prescribed that utilizing L2TP or IPSec with testaments for secure VPN validation. By utilizing Internet Protocol security (IPSec), a well-known protocol, for confirmation and encryption, information move through a L2TP empowered VPN is a protected as inside a solitary LAN at Cottonwood library system. The VPN customer and the VPN server must at all costs help both L2TP as well as IPSec. Customer support for L2TP worked in to the Windows XP remote access customer, what’s more, the VPN server support for L2TP is worked in to the Windows Server 2003 family.

Hardening devices

Secure configurations is one major method of securing networking devices. Organization, government agencies and vendors do a lot in guiding administrators concerning the best practices, how devices are hardened and issues to do with the security of a network infrastructure.  To ensure the network designed for Cottonwood library has secure devices, the following were considered:

  • Disabling all unencrypted protocols such as file transfer protocol and telnet which manage and control network infrastructure.
  • Unnecessary services within the library are disabled at some point for instance source routing, SNMP (Simple Network Management Protocol) which are not important in the library.
  • The network has catered for the security of the auxiliary, virtual terminal lines, and the consoles.
  • The network has implemented robust password policies, use of strong passwords. If students try severally with wrong password, then will be blocked until they get assisted by the administrators. Equally, students are required to change password after every 6-8 weeks.
  • All back up configurations as well as storage areas are kept offline for safety purposes.

Security features of hardware devices

The network will make use of firewalls. In a network, there is outgoing and incoming network traffic. Such traffic can come with viruses that will eventually affect the network negatively. The firewall has preset securities procedures that determine the kind of traffic to allow in and out. It acts as a barrier to internal networks. This means all untrusted networks are blocked from accessing the network. Besides, there is UTM (Unified threat management) that prevents intrusion and can do cloud management. For the security of the main router, there are provisions for frequent password change, turning off of uPnP, WiFi encryption too allows 16 characteristics.

Section 4 – Ethical Considerations

Information security, ethics and the effectiveness of a network are major aspects considered by companies, architectures and system designers. Information security is much concerned with electronic information of a company, the devices used to transmit such information and if proper tools, standards, policies, procedures and the general guidelines are implemented to make sure there is integrity and confidentiality of all communication assets within the company. In an attempt to guide network designers and help them do their work in a professional way, GDPR (General Data Protection Regulation) has given a solid guideline that will ensure all computer security designers can account for what they do.  GDPR is specifically identifies the legal obligation of processors and controllers in respect to the usage and processing of data in a company (Ambiyar et al., 2019).  These are some of the legal and ethical facing computer security designers and such issues are avoided in the network designed for Cottonwood Library.

Privacy

The system designed stores and uses personal data to limit access, give access to online books and also perform tasks such as printing. The question is much concerned with how personal data including emails, student ID and password, private accounts are used and who should access such information. Do individuals like students and employees understand how their personal data is accessed and used? The ICO (2017) has given clear guidelines regarding purpose limitation and the legal obligations associated with the usage of personal data. As a designer, it is necessary to identify the purpose of that personal data, record and document that purposes and communicate to all users under privacy information sections. As a system designer, the 1998 Act states that the prupose of the information is documented and communicated to the users in a transparent way. My network is clear regarding how personal data will be used, handled and transmitted. It also provides security to such information from access by outsiders or attackers.

Individual rights (Users’ rights)

One of the major consider of a system is the individual right of those who will using the network in Cottonwood Library.  The ICO (2017) provide a solid guidelines regarding rights of individuals including right to be informed, to erasure, to data portability, right of access, right to rectification, right to object, and automated decision making rights. The key transparent principle by GDPR requires that all users including students, staff members working in the library and teaching staff should be informed why collect their personal data, who will be accessing it and how it will be used in the library. With this in mind; names and contact details cannot be accessed by unauthorized individuals in the library. For instance, students cannot see the personal contacts of other students. Equally, the computers used by staff members can only access the names of students logged in so as to assist them where necessary. In essence, the system will record actions and all activities done by staff members so as they are accountable for their actions. For instance, if a staff gives a certain student an access to use the printer, the system will record this ensure that it is transparent and accountable.

Security of CottonWood Hill library data and information

One of the legal and social considerations security designers should prioritize is the security of data used. As per the ‘integrity and confidentiality’ principle described by GDPR; it is the responsibility of any designer to secure and protect individual data, the information in the library and the resources available online such as ebook and university materials. To ensure this is followed properly, the system will have antiviruses to cub virus attacks which are common currently (Ambiyar et al., 2019). Viruses through fake links, emails and attachments can perform tasks that can harm the computer, it is important for all designer to use strong antiviruses.  In conjunction to that, the system should be closely monitored to strength weak areas of the system. Designers should check on:

  • Unauthorized access: Only give access to authorized individuals. Once an employee is fired, the administrators remove or delete their account to avoid future access to the system
  • Hardware and software faults. A good system should always have an alternative or back up system in case the main system fails.
  • Passwords and usernames: Users should create strong passwords consisting of 16 characters and it should be updated regularly.
  • Backup copies: Regularly make copies of backup files to ensure all records and activities of the company are recorded and documented.

It is the requirement of GDPR that designers should adhere to “data protection by design and by default” (ICO, 2017). For instance, develop new system, products, services that ensure secure processing of personal data. Physical design should also come with security measures such as printers and expensive devices should be in a secure rooms within the organization. They are encourage to use privacy-first approach that guide sharing activities within the system.

Accountability

A good computer system designer should consider all aspects regarding the accountability and specific usage of data. In regards to accountability, GDPR points out the things to be applied when processing or transmitting personal data. In addition, the GDPR guide is essential especially for companies that transfer data and information across the world. It is necessary for all organizations to understand the legal requirements for data sharing in those countries and internal laws guiding them (Ambiyar et al., 2019). It includes;

  • Contract: A designer accomplishes the activities as stated in the contract terms. For security reasons, all activities that are not in the contract should be avoided.
  • Consent and legal obligation: does the designer follow what is in the law when designing and implementing IT system? Laws are set to guide designer to undertake their activities in a professional and within the requirement of the law.
  • Vital and public interests: A system that considers and defend the interests of the public more so those who are currently using the system is important. Self-interest at this stage are uncalled for and can lead to a disciplinary actions.
  • Legitimate interests: Transparent, legitimate are vital virtues that any IT system designer should be equipped with.

Environmental concerns

Assets are expected to with the goal for PCs to be delivered, circulated and utilized. Metals and plastics are utilized to fabricate parts, while vitality is exhausted in dispersing gear and in utilizing it.  Numerous PCs, for example, web servers, space name servers and server farms, should be left running consistently. This requires heaps of vitality to keep up. Moreover, organizations, associations, schools and homes all presently have more noteworthy access to innovation. Numerous PC segments are either difficult to reuse or contain dangerous materials, for example, lead. Additionally, clients dispose of ICT hardware rapidly: individuals have new cell phones each couple of years numerous associations supplant PCs following three or four years numerous individuals supplant more seasoned innovation before it bombs essentially in light of the fact that they see it to be antiquated or outdated.

References

Ambiyar, A., Yondri, S., Irfan, D., Putri, M. U., Zaus, M. A., & Islami, S. (2019). Evaluation of Packet Tracer Application Effectiveness in Computer Design Networking Subject. International Journal on Advanced Science Engineering Information Technology, 9(1), 54-59.

Chaudhary, P. K., Kumar, R., & Kaushik, S. (2018). Design and Simulate HSRP Protocol Based Network on Packet Tracer. International Journal of Engineering Science, 19600.

Hashimi, S. M., & Güneş, A. (2017). Performance Evaluation of a Network Using Simulation Tools or Packet Tracer. IOSR J. Comput. Eng, 19(1), 01-05.

ICO (2017). Essential guide to the General Data Protection Regulation (GDPR). The Pharmaceutical Journal. [online] Available at: https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/711097/guide-to-the-general-data-protection-regulation-gdpr-1-0.pdf [Accessed 27 Dec. 2019].

Kaur, K., Kaur, S., & Gupta, V. (2016, March). Software defined networking based routing firewall. In 2016 International Conference on Computational Techniques in Information and Communication Technologies (ICCTICT) (pp. 267-269). IEEE.

Matsuhira, N. (2016). U.S. Patent No. 9,444,642. Washington, DC: U.S. Patent and Trademark Office.

Sari, L. M. I., Hatta, P., Wihidayat, E. S., & Xiao, F. E. N. G. (2018). A comparison between the Use of Cisco packet tracer and graphical network simulator 3 as learning media on students’ achievement. Jurnal Pendidikan Teknologi dan Kejuruan, 24(1), 132-136.

Sari, L. M. I., Hatta, P., Wihidayat, E. S., & Xiao, F. E. N. G. (2018). A comparison between the Use of Cisco packet tracer and graphical network simulator 3 as learning media on students’ achievement. Jurnal Pendidikan Teknologi dan Kejuruan, 24(1), 132-136.

Tarkaa, N. S., Iannah, P. I., & Iber, I. T. (2017). Design and Simulation of Local Area Network Using Cisco Packet Tracer. The International Journal of Engineering and Science (IJES), 6(10), 63-77.

hihi


Want latest solution of this assignment

Want to order fresh copy of the Sample Template Answers? online or do you need the old solutions for Sample Template, contact our customer support or talk to us to get the answers of it.

Not the Exact Question you were looking for? Post your question for instant answers.
Make Money Online