Effective network planning and implementation require a methodology that puts into consideration the business needs and the network requirements. The methodology which will be used in designing a network for the ABC Company is described as a process that involves 9 fundamental steps which are based on the engineering life cycle which provides support for technology initiatives and uses modern computing approaches such as the use of wireless networks, windows migration and many more (Hummel 1). Evaluation of the business needs is the initial step of the design methodology; focusing on business needs, goals and objectives provide an avenue for the designing of a network that will make the business meet its requirements. The steps of the design methodology are outlined below.
For a network design methodology to be effective, it must put into consideration the business needs. Business needs are the key drivers towards the implementation of any project. Understanding the organizational and corporate culture and the business processes of the ABC Company will play a significant role in determining the effectiveness of the design methodology. The design should be tailored so as to facilitate the realization of the business needs of the company (Barnick 6). Some of the business needs of the ABC Company are outlined below.
- Enhancing employee productivity; the present IT infrastructure at the ABC Company does maximize the potential of its employees.
- Reduction in overhead costs; currently, the company incurs a lot of expenses due to a lack of proper communication and network infrastructure.
- To establish effective management strategies.
- To enhance customer satisfaction through increased employee productivity and increased efficiency in the execution of business processes.
- To enhance profitability through increased market share.
The network design requirements are based on the business needs. The network design should facilitate the realization of the business requirements. Specific design standards are implemented based on the design in accordance with the network and information needs of the ABC Company. The business needs and technical needs of the network play a significant role in determining the network infrastructure to be implemented (McCabe 67). The ABC network rationale is designed to achieve the following design requirements: management & security, scalability, performance, and availability.
The ABC network has to be designed such that its availability will never go below 98.9 percent for it to be considered efficient. What this percentage implies is that the network of the organization under the proposal will never have even a single moment of failure. For the ABC network to attain this high-efficiency level there will be redundancy for every device used on the network to reduce any network discontinuity at any given time. Network availability is significant in determining the reliability of the network. A reliable network is one that is free from failures and technical breakdowns. Reliability ensures that the network serves the sole purpose for which it was meant to do (Kenyon 90).
The network performance requirements have to ensure that the network provides the needed volume to access systems of provisioning, receive and sending electronic mails, and correctly synchronize the various files from different operating systems in different servers located in different locations used for backing up the data. The network will also be designed in a way that tasks on administering the network are performed effectively. All metrics capacities were measured in bps.
- Even though the specific numbers related to the amount of inflow traffic and outflow traffic leaving the provisioning system are not easy to predict, a hundred gigabytes per day database replication is assumed per day. Due to this, there is a reasonable approximation that the network’s web traffic will be four times that of the replication system. This is basically because the web is used for generating most of the reports and the web front-end is used for any modifications. This, therefore, means that the systems for provisioning have to be allocated four hundred gigabytes per day.
- The formula to be used is: ((<GB/ day> * 1024 *8) / 24 * 60 * 60) / (7 / 10). This makes it possible to calculate the Estimated-Capacity-Requirements (The figures are rounded up).
|Provisioning System Data Usage (GB per day)||Estimated Capacity Requirement (Mb/s)|
Table 1: Provisioning System approximated capacity requirements
- The capacity requirements of the ABC network are designed according to the requirements. The following table shows employees’ traffic generated on the company’s network. In the table the 10 MB/day applications managers are grouped together.
- Each office location will give traffic and there is also need to find the capacity requirement of each location’s LAN. The IEEE rule on Local Area Networks is that each should utilize network capacity of about 37 percent. Then the calculation of the five locations will give an approximated capacity shown below.
|Total Employees||Fileserver Traffic (GB per day)||Email Traffic (GB per day)||Total Traffic (GB per day)||Estimated Capacity Requirement (Mb/s)|
Table 2: Local Area Network capacity estimation
Network scalability is an initiative that is incorporated in the design to cater to the future growth of the company. The information needs of the company are subject to change due to an increase in its business operations. This may be due to the expansion of the business or an increase in its customer base. Scalability involves putting into consideration the future growths of the company in terms of expansion and new technological ideas. The network architecture must be able to cope with new changes in terms of network usage and scope. Implementing a network that is dynamic both in its logical design and the actual design poses a great challenge to many network designers and administrators. Well-planned network architecture allows the designer to build from initial phases and should be dynamic as the technology is moving toward performance-enhancing policies. The network architecture must be able to cope with new changes in terms of network usage and scope (Kenyon 105).
Network management and security
Network security, whether physical or logical, is an essential element of any computer network. Network security forms the benchmark of network reliability and stability. Network security is primarily implemented so as to curb security threats such as denial of service, unauthorized access, and confidentiality breaches. Network management refers to the ease of the process of network administration (McCabe 78). The network for the ABC Company should be such that it is easy to manage and maintain by the network administrators.
Standards compatibility entails designing a network that is based on current computing technologies. Apart from the network architecture, the hardware that will be used in the design should match the latest technologies available. This is a key requirement due to the present context of the information needs (Hummel 3).
Network assessment involves matching the design requirements with the business requirements. An analysis of the current network infrastructure for the ABC Company is conducted based on the parameters such as its performance, scalability, reliability, network security, and management. These parameters provide a framework for enhancing the functionality of the proposed network that is to be designed. The three fundamental activities which are carried out during the network assessment phase include assessment, analysis followed by recommendations (Hummel 5). An analysis of the present network infrastructure is based on the above parameters which determine the functionality of the network. The collected information forms a basis for improving the current network or a complete overhaul of the network.
According to the requirements analysis of the ABC Company as depicted in Table 1, the current network at ABC Company does meet all the capacity requirements in terms of service delivery and efficiency. This means that the current network has scalability limitations due to the fact that it cannot handle the increasing computing needs of the company (Zhang 123). This implies that there is a need to design a network that is able to meet all the capacity requirements of the organization. Reliability is also an issue in the present network architecture; the network lacks fault tolerance mechanisms and sometimes paralyzes the business operations of the ABC Company. All the above limitations hinder the realization of the main objective towards the implementation of the network.
Infrastructure selection involves choosing components according to the design. Infrastructure selection begins with the development of the logical design of the network, which plays a significant role selection of design components. During logical design, it is important to keep in mind the business needs, the network design requirements, and the information that has been gathered during the network assessment phase (Zhang 56).
ABC Network Security Implementation
The network design of any company cannot be effectively accomplished without proper security design especially if it’s public and has access points such as the company’s Intranet. It is therefore imperative for the ABC network design to adhere to the security measures set forth by the company. The first security measure in the design is to implement a firewall at all the routing points of the network. The entire traffic passing through the company’s network will be encrypted and will have to be linked by a VPN connection (McCabe 78). The components on the wide area network must be configured and enabled to use login through a syslog server; which serves a log for monitoring the activities on the network. Certifications on audit will have to be written by the ABC Company and there will be need of it to be reviewed on regular basis to make sure that at all times only genuine employees with authority are the only ones being allowed have access to their respective applications at any particular time. This is implemented through the use of two RSA authentication keys. At all times log in must be provided before any access to the network management is allowed. Equally, it is important that any production server has to be part of the general company’s management network. Only a few employees will have the authority to access the network and that the network will be used to manage all servers on it. The importance of this is that it will enable accessibility to the computer and equally be in a position to provide coarse-grain protection for any server access.
In order to increase the integrity and confidentiality of the provisioning system, the network must have a tiered architecture; data tier, application tier and the presentation tier. Each of these tiers has to be an entity on its own and therefore control measures must be applied to make sure that only genuine authorized and authenticated transactions are move from one tier to another. Security will be enhanced by the fact that any server that connects to the outside world must be located at the network’s presentation or demilitarized zone (DMZ). In the entire network the application layer is given the duty to hosts any business logic applications that will require getting data access. At the same time the data tier has to be allowed to use the source data in the network (McCabe 134). Routers firewall and parameter has to be employed in the security configuration of ABC company network. All the routers in the entire network will provide the much required security of the network by sieving traffic to different parts of the company’s protected network. The routers will use access lists configurations to carry out this duty. The de-militarized zone (DMZ) will use private addresses configured on the firewall requirements. The DMZ will also house the DNS, emails, HTTP and any other types of Internet company server (Zhang 156). Access-list is basically a list of instructions that group packets and are used in the configuration of the network to control, provide and deny access of the network traffic to some parts of the network or the entire network. In this network design, some computers will be denied from accessing the Internet and some resources if such a reason arises. Extended access list has to be employed by the ABC Company. Extended access list evaluates both the IP addresses of the source and the destination packets, the port number of the Transport layer as well as the header protocol found in the Network layer. By virtue that the company will have different departments at a single location, access lists must be used to configure the network flow. For this reason, extended access list has to be employed to avoid the interaction of host computers within a given department is a specific location. At the same time using extended access lists, hosts will be prevented from accessing the Management department within a department or location. Contrary to this, the Management department’s computers will have access to the entire all the computers within the organization and the entire resources. A good implementation of the network will require that the email server, web server as well as the network management department (kenyon 234).
For the purpose of linking clients and suppliers to the company’s network, the use of Extranet Virtual Private Network (EVPN) is to be configured. This will therefore connect the networks that are remote to the network of ABC Company in a much restricted form for the business-to-business (B2B) transactions.
Network Management Strategy
Management of the ABC network is to be categorized into five large groups; security management, fault management, configuration management, performance management, and accounting management. To collect data, the SNMP protocol has to be used in the entire ABC network. From time and again there will be network analysis to make sure that it functions optimally. Monitoring of events like application and user characteristics have to be recorded and analyzed to make sure that the company network meets its SLA’s at all times. Every location office and departmental procedures will be adhered to when change controls and fault management are in use. It is also important to note that all change controls in the system will have to be logged. In case any changes take to place an update on the configurations will have to be made. The current management strategy is not effective, and will not be able to handle the new applications, protocols, and hardware that will be implemented in the design (McCabe 67).
The network of the ABC Company can be of two forms; it can lease the management of the network to a third party, mostly the ISP, or it can manage the entire network by itself. In both cases, the Virtual Private Network is used. VPN is used to connect any two, three, or more private networks. This connection is mostly via the public network; the Internet.ABC can get a VPN under the management of its service provider. In such a situation, the service provider is responsible for taking care of the network linkage between two, three, or more LANs of the company without at anytime allowing outsiders from accessing the private network.
On the other hand, ABC Company can decide to implement the VPN on its own through a strategy known as “Do It Yourself-VPN”. The network will then be implemented to use an IPSec tunnel on each of the routing points. Any device of the ABC network will must have policies configured on it to make it possible for the movement of network traffic using the tunnel.
Today most devices from different vendors come with their own firewalls. Vendors who specialize in routers also offer services related to firewalls that can easily be used in VPN configurations. The ABC should strive to ensure that the VPN network is the best available for its networking needs. It will therefore be compulsory that at least three routers are used in the network for connection of the Internet to be easily implemented. To provide interoperability between the devices and LANs on the ABC network, the devices will have to come from a single vendor.
Encryption will have to be used at the routing points before any packet enters Such an implementation, although it will slow down the speed to a small extent, will provide the much-needed security and privacy preventing outsiders from tapping and accessing the company’s information under transit. The desktop connection in one location has to be configured in a way that it is able to pass and receive information, access servers and other resources in another office location of the company as if the two were directly connected (McCabe 76). However, it is vital to mention here that file sharing applications will obviously run at a slow speed on the WAN network than the LAN network due to the high latency.
Proof of Concept
The proof of concept phase is basically used to evaluate the effectiveness of the network design to be implemented. The current network infrastructure should also be tested so as to weigh its performance against the network being designed. This means that the ineffectiveness of the current system has to be justified before a new network is implemented. The significant processes that are carried out during the proof of concept include:
- Designing the prototype; will be used to evaluate the performance of the proposed network to be implemented.
- Provisioning of equipment
- Carrying out tests on the current network and the prototype of the network to be implemented
- Review of the test results to justify the implementation of the new network to the ABC Company.
Design a Proposal
When the proof of concept is finished, the next phase is to design a proposal for the network to be implemented. This will entail my presenting my proposal to the top-level management of the ABC Company, who have the responsibility of approving my design proposal.
The design has to be able to meet the Service Level Agreement requirements, any modifications in the design should be accounted for in the SLA.
Implementation of the design is the final step during network design and implementation. The ABC network will be implemented based on the specified design. The topology of the network devices will be based on tree topology. The tree topology being proposed is essentially a blend of various designs in Star topology connected together using the bus topology. Switches and similar networking devices used in LANs are then directly connected to the Tree bus where each of them acts as the root of the tree. One key merit of this topology is because of its dynamic manner in which it has a room of extending the company’s network for the future more than what other networking topologies offer on the same (Hummel 7).
Barnick, Mike. “Enterprise insights.” 2006. Six Steps to Efficient Network Design.
Hummel, Shaun. “Ezine Articles.” 2009. Network Design Process – Effective Network Planning and Design. Web.
kenyon, Tony. High-performance data network design: design techniques and tools. New York: Digital Press, 2002.
McCabe, James D. Network analysis, architecture, and design. San Francisco Calif: Morgan Kaufmann, 2007.
Zhang, Lisa. Network design. London: Springer, 2002