Computer network (co3093) assignment 2 lan, man, wan, vlan

Local Area Networks LAN are networks used to connect a number of devices thatare located within a relatively small area, typically within a single building, using a privatelyowned networ

UNIVERSITY OF TECHNOLOGY

FACULTY OF COMPUTER SCIENCE AND ENGINEERING

COMPUTER NETWORK (CO3093)

Assignment 2

Lecturer: Dr Nguyen Le Duy Lai

Nguyen Manh ThinStudent: Vo Ngoc Sang - 1952430 (Class CC02)

Huynh Minh Tri - 1953041 (Class CC02)

Le Minh Dang - 1952041 (Class CC02)Nguyen Khuong - 1952310 (Class CC02)

HO CHI MINH CITY, 8TH FEBRUARY 2022

2.1 Computer network for building 5

2.1.1 General description 5

2.1.2 Network topology diagram 6

2.1.3 IP addressing table 9

2.1.4 Schematic logical setup of the system 9

2.1.4.a Da Nang & Nha Trang logical setup 10

2.1.4.b Headquarter logical setup 10

2.1.4.c Leased line logical setup 10

2.1.4.d BBBank network system logical setup 12

2.1.5 Physical setup 12

2.2 List of devices required 14

2.2.1 Sever 14

2.2.2 Workstations 15

2.2.3 Core-switch 15

2.2.4 Switch 15

2.2.5 Firewall 16

2.2.6 Router 16

2.2.7 Access-point 17

2.2.8 Modem 17

3 Calculate thoughputs, bandwidth for computer networks 19

3.1 Headquater 19

3.1.1 Wired network 19

3.1.2 Wireless network 19

3.2 Branches 20

3.2.1 Wired network 20

3.2.2 Wireless network 20

3.3 Total calculation 20

4 Re-evaluation 22 4.1 Security and safety when problems come up and maintenance 22

4.1.1 Determine protected resources 22

4.1.2 Threats can harm the system 22

4.1.3 Safe when a problem happens 22

4.2 Some constraints of our project 23

4.3 Our development orientation in the future 23

5 Conclusion 24 5.1 Achievement 24

5.2 Experience 24

5.3 Limitations 24

1 Introduction

Information technology is rapidly evolving and has been used in a wide range of applications

in modern society Additionally, computer networks benefit the company, science, nationaldefense, and security Applications that support management and coordination network sys-tems such as LAN, WAN, and the Internet fundamentally alter how communication andstrategies are managed in practically every social organization

Companies and organizations require a strong computer application and expansion ity has benefited greatly from the introduction of the computer network, which has shortenedthe space and time gap For the reasons stated above, our group researched and implementedthe topic "Building a Network System for the Bank."

Human-2 Requirement Analysis

An ideal bank networking system will be network-based and simple to use, with a user-friendlyuser interface for staff task management, and any banking system will be able to control theirnetworking system in some way

LAN, MAN, WAN, VLAN, and other office networks are maintained at the head office, branchoffice, and other offices Manageable switches keep VLSM, VPN, and some branches oper-ating Local Area Networks (LAN) are networks used to connect a number of devices thatare located within a relatively small area, typically within a single building, using a privatelyowned network This is as opposed to Wide Area Networks (WAN) which are used to con-nect devices across a large distance, such as across a city, using a dedicated connection that

is provided by a network provider A metropolitan area network (MAN) is a computer work that is larger than a single building local area network (LAN) but is located in a singlegeographic area that is smaller than a wide area network (WAN)

net-Banks utilize computer systems to monitor business transactions, store data, and transferinformation and files between departments via fax machines, printers, and email The struc-ture of a computer network is separated into two types: public network and private network,based on the specific goals of use for each department in a company

• The public network enables branches and departments to query and send data throughthe internet, while customers may learn more about bank services

• A private network is utilized to manage each employee’s data under their own license.The following are some notable parameters:

• A seven-story building with one IT room and Cabling Central Local (for gatheringwires and patch panels) on the first floor

• Small-scale BBB: 100 workstations, five servers, and ten network devices

• Using a combination of licensed and open-source software, office application, server, multimedia, and database

client-• Requirement for high security, robustness when problems occur, and ease of upgradingthe system

• The network is organized according to the VLAN structure

• The network connects to the outside by 2 leased lines and 1 ADSL with a load-balancingmechanism

2.1 Computer network for building

2.1.1 General description

Network security structure of the bank will be built following these parts:

Internet connection structure and remote access

In this area, all devices are connected with the Internet through the Gateway Cisco Routerwhich allows extending and upgrading the Internet connectivity speed When trying to ac-cess the network, the users will be authenticated and then they will be allowed to access theInternet or local network depending on their level of access permission

DMZ network system

Including Web server and Mail server for customers, internal access On web server, thereare transaction system on banking website, Internet Banking, home banking, advertisement,products research, internal training system Email server of internal accounts or clients, webserver is installed with content filters, web address In addition, this area contains virus server

to check virus hidden in exchanged information thought the Internet

• Web server: Including trading system on the website, Internet Banking, Home ing, Bank services,

Bank-• Mail server: Storing all information of customers and employees account Moreover,the malware virus protectors are also embedded into this area to protect the serverfrom data delivery

Local network area

Including clients located on floors in the building in order to help employees do their jobs,send emails, web browsing,

Server and application system area

Application server contains database for application This area is extremely important, hence

it needs to be in high security

Network administrator area

Including servers which manage security server, authentication server, Intrusion detectionsystem (IDS)

Extra-net

Extra-net is used for outsider to connect to inside Banking network system and vice versa

Database server hosting

Application server manages primary database so that it should be protected in highest level

to sequential ports or even ports on the same switch

2.1.2 Network topology diagram

Network system for BB Bank

We decided to design our network structure on the commonly used star topology tions on the same floor are connected via a floor switch, and floor switches are connectedtogether via a multi layer switch located on floor 1, alongside the servers.Figure7 showsthe network system for BB Bank in Headquarter and 2 branches In Headquarter, the firstfloor is equipped with one IT room and Cabling Central Local (for the gathering of wires andpatch panels)

Worksta-About two branches in Nha Trang and Da Nang, each department has 2 floors:

• Floor 1: Similar to the first floor of the headquarter but in smaller scale

• Floor 2: Similar to the second floor of the headquarter but in smaller scale

The 1st floor

In the reception and transaction departments, each employee will be given a computer with

an application that will allow them to connect to a server and run queries Because of thenature of the task, security is a key priority, yet an acceptable level of PC configuration isrequired

About the computer for client use, it is only permitted to connect to the Internet and is notpermitted to connect to any other computer in the system Furthermore, the bank allows Wi-

Fi connectivity to clients’/users’ mobile devices, but they cannot access any computer in thenetwork

Figure 1: Network system for BB Bank

Concerning the IT department, this team is responsible for administering the entire server,thus it must also be safeguarded with the greatest level of security Furthermore, the configu-ration and transmission speed must be high

Finally, the server will have private security, a powerful configuration, and a high sion speed

transmis-Figure2a indicates the work space for the employees, customer and server in floor 1.The 2nd, 3rd, 4th, 5th, 6th floor

Each floor will be assigned for 3 VLANs: Finance, IT, Manager The work of separating intomultiple VLANs is optimization and security Each workstation will have its own IP and thecorresponding VLAN will be assigned to each workstation

Figure2b indicates the work space for the employees in floor 2-7.

Figure 2: Detail network design for floors in Bank building (a) shows the first floor, ing 3 main VLANs: Transaction & Customer, IT, Server (b) indicates the 2nd, 3rd, 4th, 5th,6th, 7th floor, including 3 main VLANs: Finance, IT, Manager

includ-WAN diagram

Figure 3: WAN diagram

2.1.3 IP addressing table

Device Interface IP Address Subnet Mask

Router_HQ

GigabitEthernet0/0/0 192.168.0.1 255.255.255.0GigabitEthernet0/0/1 192.168.1.1 255.255.255.0Serial0/1/0 12.0.0.1 255.0.0.0Serial0/1/1 11.0.0.2 255.0.0.0Switch_layer3_HQ

Vlan 2 192.168.2.1 255.255.255.0Vlan 3 192.168.3.1 255.255.255.0Vlan 4 192.168.4.1 255.255.255.0Wifi_HQ_f1 Internet 192.168.0.2 N/A

Wifi_HQ_f3 Internet 192.168.0.5 N/A

Wifi_HQ_f5 Internet 192.168.0.4 N/A

Wifi_HQ_f7 Internet 192.168.0.3 N/A

Router_NT

GigabitEthernet0/0/0 192.168.10.1 255.255.255.0GigabitEthernet0/0/1 192.168.11.1 255.255.255.0Serial0/1/0 12.0.0.2 255.0.0.0Serial0/1/0 10.0.0.2 255.0.0.0Vlan 2 192.168.12.1 255.255.255.0Vlan 3 192.168.13.1 255.255.255.0Vlan 4 192.168.14.1 255.255.255.0Wifi_NT Internet 192.168.10.2 N/A

Router_DN

GigabitEthernet0/0/0 192.168.20.1 255.255.255.0GigabitEthernet0/0/1 192.168.21.1 255.255.255.0Serial0/1/0 11.0.0.1 255.0.0.0Serial0/1/1 10.0.0.1 255.0.0.0Vlan 2 192.168.22.1 255.255.255.0Vlan 3 192.168.23.1 255.255.255.0Vlan 4 192.168.24.1 255.255.255.0Wifi_DN Internet 192.168.20.2 N/A

Table 1: IP addresses of network devices in BBBank network system

2.1.4 Schematic logical setup of the system

We decided to select Cisco Packet Tracer to be the simulation environment of our Bank configuration Due to fast debugging and simplicity, we implement the abstract repre-sentation, therefore the number of hosts can increase easily by similar configuration

BB-2.1.4.a Da Nang & Nha Trang logical setup

As we discussed in section 2.1.2, the first and second floor of Da Nang and Nha Trang branchesare similar to those of the Headquarter but in smaller scale The layouts are based on Figure

2 As a result, the design of 2 branches includes 3 main VLANs: IT, Manager and Finance.Also, file server, backup server and wireless access point are added in each branch For sim-plicity, we merge 2 floors together because they are almost identical See Figure 4

(a) Da Nang configuration

(b) Nha Trang configuration

Figure 4: Logical network design for floors in 2 branches: Da Nang and Nha Trang (a)shows the the configuration of Da Nang network (b) indicates Nha Trang network configura-tion Both branches includes 3 main VLANs: IT, Manager and Finance, as well as 1 wirelessaccess point and 2 servers: File and Backup server

2.1.4.b Headquarter logical setup

Following by the our theoretical design in Figure 2, the design of Headquarter will contains 2main parts: floor 1 and floor 2-7 In the first floor, we setup 6 servers: Web, DHCP, Backup,Database, File and Mail Server which is protected in a DMZ area The remaining devices issimilar to all other floors in Headquarter building, which contains a switch connected to alldevices in that floor, a wireless access point and around 15 computers divided in 3 VLANs:

IT, Manager and Finance Since equipping a wireless access point in each floors is redundantand costly, we reduce the number of them by providing 4 wireless access points located infloor 1,3,5,7 Figure 5 is the design of the Headquarter network

2.1.4.c Leased line logical setup

The 3 main routers in BBBank system is connected by leased line Leased line connection pends on fiber optic cable in order to provide high-quality bandwidth and speed Therefore,

de-(a) Floor 1

(b) Floor 2-7

Figure 5: Logical network design for floors in Headquarter (a) shows the the configuration

of the first floor, which consists of 6 servers: Web, DHCP, Backup, Database, File and MailServer (b) indicates network configuration of floors 2-7 Each floors in Headquarter includes 3main VLANs: IT, Manager and Finance Finally, there are 4 wireless access points located infloor 1,3,5,7

the message of a host in a region is able to transmit with fast speed and reliable security toanother host in another region The routers utilize RIP method to route data from source todestination Figure 6 illustrates the logical setup of leased line connection

Figure 6: Leased line logical configuration used to connect 3 main routers in BBBank tem

sys-2.1.4.d BBBank network system logical setup

Finally, let us combine all of these above configurations in one place In Figure 7, there are 3main regions: Danang branches (top left), Nha Trang branch (top right), and the headquarter(bottom) Each one is labeled with a different color, which shows a better overview of thewhole setup Using the ping command to identify the issue is a very crucial step that can betested in file simulation.pkt

Figure 7: The whole logical configuration used in our BBBank system simulation

2.1.5 Physical setup

The first floor

The first floor is used for transaction with clients which consists of reception and department

of finance Besides, building classify a number of computers in order to serve the clients whohave a desire for searching bank information

Moreover, there are 2 rooms located on the first floor which are IT room for IT departmentand centralized server room.

Figure 8: Floor 1

Floors 2-6

These floors are used as the work space for employees, divided into different line departmentsthat specialized in different functions, such as: Public fund, Finance, Business, Accounting,Human resource managing and E-commerce with computers built specifically for the need ofeach departments

There are also a room for IT department on each floor for quick response if any help is needed

Figure 9: Floor 2-6

Floor 7

The highest floor is the working area for the directors All computers in this floor will behighly built-in secure due to protecting important data Furthermore, there are 2 meetingconference rooms at this floor Each room is equipped 6 computers with medium configu-ration for reporting and presentation purposes Bank documents will also be stored on thisfloor in a specific room, equipped with 1 PC use for managing and searching documents

Figure 10: Floor 7

2.2 List of devices required

2.2.1 Sever

These following essential servers must be present in a banking system:

• Web server: Using for customers, they can log in and use all the provided services ofthe bank

• Mail server: Using for sending and receiving mail

• File server: Using for sharing resources

• Database server: Using for data storage

• Backup server: Using for storing backup data

• DHCP server: Using for dynamically providing IP addresses for devices In this signment we use 6 servers which are web server, mail server, file server, backup server,database server and DHCP server