Campus Area Network Design of B4G
VerifiedAdded on 2023/06/04
|17
|3931
|241
AI Summary
This report focuses on the network design of Beyond 4G Pty. Ltd (B4G) that develops devices and applications used in wireless communications. The report analyses the current network, identifies its shortcomings and proposes a new infrastructure that will provide B4G with nonstop communication, application intelligence, integrated security and operational manageability.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running Head: CAMPUS AREA NETWORK DESIGN
Campus Area Network Design of B4G
Name of the student:
Name of the university:
Author note:
Campus Area Network Design of B4G
Name of the student:
Name of the university:
Author note:
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1CAMPUS AREA NETWORK DESIGN
Table of Contents
Introduction......................................................................................................................................2
Task 1...............................................................................................................................................2
Analysis of Network....................................................................................................................2
Shortcomings of the current network..........................................................................................3
Campus network architecture that will focus on redundancy, security, convergence and high
availability...................................................................................................................................4
Network considerations for redundancy, security and scalability...........................................4
Task 2...............................................................................................................................................5
End-to-end VLAN vs Local VLAN............................................................................................6
Pros and cons of End-to-end VLANs......................................................................................6
Pros and cons of Local VLANs...............................................................................................6
Layer 2 redundancy and high availability technologies..............................................................7
Redundant default gateway technology.......................................................................................8
Task 3...............................................................................................................................................9
Threat mitigation against network failure....................................................................................9
Threat mitigation against security...............................................................................................9
Threat mitigation against malwares...........................................................................................10
Conclusion.....................................................................................................................................11
Reference.......................................................................................................................................13
Appendix........................................................................................................................................16
Table of Contents
Introduction......................................................................................................................................2
Task 1...............................................................................................................................................2
Analysis of Network....................................................................................................................2
Shortcomings of the current network..........................................................................................3
Campus network architecture that will focus on redundancy, security, convergence and high
availability...................................................................................................................................4
Network considerations for redundancy, security and scalability...........................................4
Task 2...............................................................................................................................................5
End-to-end VLAN vs Local VLAN............................................................................................6
Pros and cons of End-to-end VLANs......................................................................................6
Pros and cons of Local VLANs...............................................................................................6
Layer 2 redundancy and high availability technologies..............................................................7
Redundant default gateway technology.......................................................................................8
Task 3...............................................................................................................................................9
Threat mitigation against network failure....................................................................................9
Threat mitigation against security...............................................................................................9
Threat mitigation against malwares...........................................................................................10
Conclusion.....................................................................................................................................11
Reference.......................................................................................................................................13
Appendix........................................................................................................................................16
2CAMPUS AREA NETWORK DESIGN
Introduction:
The report will focus on network design of Beyond 4G Pty. Ltd (B4G) that develops
devices and applications used in wireless communications. The company has developed a
number of software technologies that resulted in the increase of the company’s market value.
The company has two divisions, one in Silicon valley, California and the other in New Delhi,
India. However, it is planning to expand business in Sydney, Australia and Beijing, China. The
operations that will be carried out in these countries are sales and marketing. Therefore, new IT
infrastructure is required to be implemented that to carry out further business. The features that
should be included in the infrastructure are high availability, scalability and security.
Additionally, the network should also have application intelligence, nonstop communication
between the two office of B4G, operational manageability, unified network services and
integrated security.
B4G campus area network is divided into two major divisions, one is Head Office and
other is R&D office. Network of the two offices are connected underground with the help of
high-speed fibre. The following paragraphs will analyse the network in details that will follow
identification of shortcomings of the network. A proper campus area network will be able to
manage faults, configuration, accounting, performance and security.
Task 1:
Analysis of Network:
The network topology that is used in Head office of B4G is extended star topology. The
data centre in Head office of B4G consists of three layers namely core layer,
distribution/aggregation layer and access layer. Internet service provider (ISP) and Wide Area
Introduction:
The report will focus on network design of Beyond 4G Pty. Ltd (B4G) that develops
devices and applications used in wireless communications. The company has developed a
number of software technologies that resulted in the increase of the company’s market value.
The company has two divisions, one in Silicon valley, California and the other in New Delhi,
India. However, it is planning to expand business in Sydney, Australia and Beijing, China. The
operations that will be carried out in these countries are sales and marketing. Therefore, new IT
infrastructure is required to be implemented that to carry out further business. The features that
should be included in the infrastructure are high availability, scalability and security.
Additionally, the network should also have application intelligence, nonstop communication
between the two office of B4G, operational manageability, unified network services and
integrated security.
B4G campus area network is divided into two major divisions, one is Head Office and
other is R&D office. Network of the two offices are connected underground with the help of
high-speed fibre. The following paragraphs will analyse the network in details that will follow
identification of shortcomings of the network. A proper campus area network will be able to
manage faults, configuration, accounting, performance and security.
Task 1:
Analysis of Network:
The network topology that is used in Head office of B4G is extended star topology. The
data centre in Head office of B4G consists of three layers namely core layer,
distribution/aggregation layer and access layer. Internet service provider (ISP) and Wide Area
3CAMPUS AREA NETWORK DESIGN
Network provides internet services (Ahmed and Boutaba 2014). The core network of Head office
is connected to internet network through edge router and HQ_R router and a firewall. Firewall is
used to protect head office core network from malwares. The demilitarized zone switch is used to
connect web servers to unauthorized access such as internet. The components present in
distribution layer of the network are a central distribution switch DSW-IT-Infra that is connected
to another distribution switch DSW-R&D of R&D building through underground high-speed
fibre. The core layer consists of data centre switch DCentre-SW. Four web servers are connected
to data centre switch that stores various information and data of B4G. The Head office of B4G
consists of five floors therefore, access points in each floor are connected to distribution switch
DSW-IT-Infra through several switches. Distribution switches are used to bridge between core
layer and access layer. Various departments in Head office like management, sales, accounts, IT
and contractors can access the network by connecting to access points.
The distribution switches are regarded as layer 3 switch while switches in each floor of
head office is regarded as layer 2 switch. The distribution switches also supports complex policy
implementation like Quality of service (QoS) and packet filtering.
Shortcomings of the current network:
A good campus area network will have strong security, able to manage faults and
configuration and improve performance of the network. However, current head office network
do not have strong security checks.
Malwares can attack network due to use of less firewall.
Moreover, overlapping and interference of data packets might take place while routing
data packets.
Network provides internet services (Ahmed and Boutaba 2014). The core network of Head office
is connected to internet network through edge router and HQ_R router and a firewall. Firewall is
used to protect head office core network from malwares. The demilitarized zone switch is used to
connect web servers to unauthorized access such as internet. The components present in
distribution layer of the network are a central distribution switch DSW-IT-Infra that is connected
to another distribution switch DSW-R&D of R&D building through underground high-speed
fibre. The core layer consists of data centre switch DCentre-SW. Four web servers are connected
to data centre switch that stores various information and data of B4G. The Head office of B4G
consists of five floors therefore, access points in each floor are connected to distribution switch
DSW-IT-Infra through several switches. Distribution switches are used to bridge between core
layer and access layer. Various departments in Head office like management, sales, accounts, IT
and contractors can access the network by connecting to access points.
The distribution switches are regarded as layer 3 switch while switches in each floor of
head office is regarded as layer 2 switch. The distribution switches also supports complex policy
implementation like Quality of service (QoS) and packet filtering.
Shortcomings of the current network:
A good campus area network will have strong security, able to manage faults and
configuration and improve performance of the network. However, current head office network
do not have strong security checks.
Malwares can attack network due to use of less firewall.
Moreover, overlapping and interference of data packets might take place while routing
data packets.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4CAMPUS AREA NETWORK DESIGN
Overlapping and interference degrades performance of network. Communication of data
between various departments and data centre is interrupted.
Nonstop communication is not achieved through current network. As a result of these
shortcomings a new infrastructure should be created that will provide B4G with nonstop
communication, application intelligence, integrated security and operational
manageability.
Network failure might occur due to use of one distribution switch DSW-IT-Infra. If
technical fault occurs in the switch then whole network will come to a breakdown.
Campus network architecture that will focus on redundancy, security, convergence
and high availability:
Network considerations for redundancy, security and scalability:
The new design should be such that high redundant devices are used optimally. The
investment on redundancy should be considered to create a high available network. The network
should be made in a hierarchical network order (Ghosh 2014). The core layer of the network
should consist of two redundant core nodes. The core nodes should have sufficient bandwidth
and should be able to give high capacity of service so that if one node fails the other will be able
to take load of whole network (MacCartney, Sun and Nie 2014). The distribution layer should
also consist of two-distribution switch that will support each distribution building block.
System-level redundancy can be achieved by using redundant supervisor engines and
redundant power supplies. This will also provide users with high availability. Redundancy in
default gateway can be achieved by using dual connections in distribution layer switches that
will use GLBP or VRRP.
Overlapping and interference degrades performance of network. Communication of data
between various departments and data centre is interrupted.
Nonstop communication is not achieved through current network. As a result of these
shortcomings a new infrastructure should be created that will provide B4G with nonstop
communication, application intelligence, integrated security and operational
manageability.
Network failure might occur due to use of one distribution switch DSW-IT-Infra. If
technical fault occurs in the switch then whole network will come to a breakdown.
Campus network architecture that will focus on redundancy, security, convergence
and high availability:
Network considerations for redundancy, security and scalability:
The new design should be such that high redundant devices are used optimally. The
investment on redundancy should be considered to create a high available network. The network
should be made in a hierarchical network order (Ghosh 2014). The core layer of the network
should consist of two redundant core nodes. The core nodes should have sufficient bandwidth
and should be able to give high capacity of service so that if one node fails the other will be able
to take load of whole network (MacCartney, Sun and Nie 2014). The distribution layer should
also consist of two-distribution switch that will support each distribution building block.
System-level redundancy can be achieved by using redundant supervisor engines and
redundant power supplies. This will also provide users with high availability. Redundancy in
default gateway can be achieved by using dual connections in distribution layer switches that
will use GLBP or VRRP.
5CAMPUS AREA NETWORK DESIGN
Figure 1: Network design to improve redundancy
(Source: Baldin et al. 2016)
To increase scalability of the network core designs of layer 3 devices should be kept
superior to layer 2. To achieve redundancy, use of two or three redundant links might decrease
availability by reducing determinism and serviceability. Therefore, redundancy should be kept
simple to achieve high availability. Sometimes, when an extra switch that acts as instance of
existing switch is added in the network to achieve redundancy, it behaves as Spanning tree
protocol (STP) root. Therefore, to overcome this problem Root guard and BDPU guard tools are
used.
Task 2:
Figure 1: Network design to improve redundancy
(Source: Baldin et al. 2016)
To increase scalability of the network core designs of layer 3 devices should be kept
superior to layer 2. To achieve redundancy, use of two or three redundant links might decrease
availability by reducing determinism and serviceability. Therefore, redundancy should be kept
simple to achieve high availability. Sometimes, when an extra switch that acts as instance of
existing switch is added in the network to achieve redundancy, it behaves as Spanning tree
protocol (STP) root. Therefore, to overcome this problem Root guard and BDPU guard tools are
used.
Task 2:
6CAMPUS AREA NETWORK DESIGN
End-to-end VLAN vs Local VLAN:
Pros and cons of End-to-end VLANs:
The main advantages of using end-to-end VLANs is that it provides flexibility and
mobility to end devices. Physical location does not determine user’s connection to a particular
VLAN. However, disadvantage of this VLAN is that it is difficult to implement and
troubleshoot.
Pros and cons of Local VLANs:
The main advantage of local VLAN is that it is easy to implement and maintain. It can
adapt to changes such as growing campus area network and so on. However, moderate security is
provided to the network as 80% of traffic is routed outside to destined resources across the core
layer.
In the given network design of B4G the users are grouped into VLAN according to their
departments that is function that they perform and not location. Therefore, it uses end-to-end
VLANs. Users of B4G will be connected to same VLAN irrespective of location. End-to-end
VLANs are generally used to provide high security to the network (Feamster, Rexford and
Zegura 2014). However, the head office network design undergoes certain shortcomings for
using end-to-end VLANs. They are difficult to maintain and implement. B4G is planning to
expand its network. As a result, it will become more difficult to maintain the campus area
network.
Considering the disadvantages of end-to-end VLANs, the new network infrastructure
should implement local VLANs. Unlike end-to-end VLANs, they are based on location by
demarcating three layers of the network that is core, distribution and access layers. The traffic
End-to-end VLAN vs Local VLAN:
Pros and cons of End-to-end VLANs:
The main advantages of using end-to-end VLANs is that it provides flexibility and
mobility to end devices. Physical location does not determine user’s connection to a particular
VLAN. However, disadvantage of this VLAN is that it is difficult to implement and
troubleshoot.
Pros and cons of Local VLANs:
The main advantage of local VLAN is that it is easy to implement and maintain. It can
adapt to changes such as growing campus area network and so on. However, moderate security is
provided to the network as 80% of traffic is routed outside to destined resources across the core
layer.
In the given network design of B4G the users are grouped into VLAN according to their
departments that is function that they perform and not location. Therefore, it uses end-to-end
VLANs. Users of B4G will be connected to same VLAN irrespective of location. End-to-end
VLANs are generally used to provide high security to the network (Feamster, Rexford and
Zegura 2014). However, the head office network design undergoes certain shortcomings for
using end-to-end VLANs. They are difficult to maintain and implement. B4G is planning to
expand its network. As a result, it will become more difficult to maintain the campus area
network.
Considering the disadvantages of end-to-end VLANs, the new network infrastructure
should implement local VLANs. Unlike end-to-end VLANs, they are based on location by
demarcating three layers of the network that is core, distribution and access layers. The traffic
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
7CAMPUS AREA NETWORK DESIGN
flow in local VLANs is governed by two main rules, one is 80/20 and other is 20/80. In 80/20
rule, network will assume that traffic local to VLANs will be 80 % while traffic leaving VLAN
through layer 3 devices would be 20%. The opposite is assumed in 20/80 rule. 20% traffic stays
in VLAN and 80% traffic leaves it. 80/20 rule is followed by end-to-end VLANs and 20/80 rule
is followed by local VLANs (Ghosh 2014). One disadvantage that local VLANs in B4G will face
is that layer 3 devices like distribution switch DSW-IT-Infra will be overburdened that might
lead to failure of the switch.
Layer 2 redundancy and high availability technologies:
RSTP or rapid spanning tree protocol should be used to provide redundancy and high
availability to layer 2 devices. It reduces the Mean time between failures (MTBF) as failure in
one forward path will not affect the others. Therefore, it provide feature of fault tolerance.
Backward compatibility to components will be maintained along with improving spanning tree
operations. Additionally, it will provide rapid convergence to spanning tree and it can be
reconfigured within two seconds. Among all switches, RSTP chooses a switch with highest
switch priority that is elected as the root switch (MacCartney, Sun and Nie 2014). Then other
switches are identified as either designated port, backup port, alternate port or disabled port.
B4G should use port aggregation as a control mechanism for grouping multiple redundant
links into a single entity. Ethernet channels to prevent single point failure aggregate bandwidth
of redundant links (Feamster, Rexford and Zegura 2014). The parallel links between switches
also facilitates port aggregation. While connecting a CatOS device to a Cisco IOS software
device, settings of Port Aggregation protocol (PAgP) should be considered (Sgambelluri et al.
2013). The Port aggregation protocol should be set off in CatOS device while connecting to
Cisco IOS software device.
flow in local VLANs is governed by two main rules, one is 80/20 and other is 20/80. In 80/20
rule, network will assume that traffic local to VLANs will be 80 % while traffic leaving VLAN
through layer 3 devices would be 20%. The opposite is assumed in 20/80 rule. 20% traffic stays
in VLAN and 80% traffic leaves it. 80/20 rule is followed by end-to-end VLANs and 20/80 rule
is followed by local VLANs (Ghosh 2014). One disadvantage that local VLANs in B4G will face
is that layer 3 devices like distribution switch DSW-IT-Infra will be overburdened that might
lead to failure of the switch.
Layer 2 redundancy and high availability technologies:
RSTP or rapid spanning tree protocol should be used to provide redundancy and high
availability to layer 2 devices. It reduces the Mean time between failures (MTBF) as failure in
one forward path will not affect the others. Therefore, it provide feature of fault tolerance.
Backward compatibility to components will be maintained along with improving spanning tree
operations. Additionally, it will provide rapid convergence to spanning tree and it can be
reconfigured within two seconds. Among all switches, RSTP chooses a switch with highest
switch priority that is elected as the root switch (MacCartney, Sun and Nie 2014). Then other
switches are identified as either designated port, backup port, alternate port or disabled port.
B4G should use port aggregation as a control mechanism for grouping multiple redundant
links into a single entity. Ethernet channels to prevent single point failure aggregate bandwidth
of redundant links (Feamster, Rexford and Zegura 2014). The parallel links between switches
also facilitates port aggregation. While connecting a CatOS device to a Cisco IOS software
device, settings of Port Aggregation protocol (PAgP) should be considered (Sgambelluri et al.
2013). The Port aggregation protocol should be set off in CatOS device while connecting to
Cisco IOS software device.
8CAMPUS AREA NETWORK DESIGN
Figure 2: Port Aggregation protocol operation
(Source: Feamster, Rexford and Zegura 2013)
Redundant default gateway technology:
First hop redundancy is the other name of default gateway redundancy that allows high
network availability and prevents failure of default gateway.
Figure 3: First hop redundancy
(Source: Jain and Paul 2013)
Figure 2: Port Aggregation protocol operation
(Source: Feamster, Rexford and Zegura 2013)
Redundant default gateway technology:
First hop redundancy is the other name of default gateway redundancy that allows high
network availability and prevents failure of default gateway.
Figure 3: First hop redundancy
(Source: Jain and Paul 2013)
9CAMPUS AREA NETWORK DESIGN
The Hot Standby Router protocol together with Virtual Router Redundancy protocol prevents
failure of default gateway (Feamster, Rexford and Zegura 2014). They provide default gateway
with backing method. Scalability and load balancing at core in B4G can be achieved by using
instances of default gateway. The load will be shared between two gateways that would improve
performance of the network. Convergence in the hierarchical model of the network can be
achieved by default gateway redundancy. Therefore, the HSRP/GLBP timers should be tuned to
900ms convergence.
Task 3:
Threat mitigation against network failure:
Providing an alternate networking path will help to deal with network failure. Using
technology of redundancy will help to reduce failure. Alternate paths can be provided by using
instances of devices in layer 3 and layer 2 of the network (Wang et al. 2015). In case of B4G,
only one distribution switch is used to route data packets to users. If the distribution switch fails
due to some reason then the whole network will breakdown (Feamster, Rexford and Zegura
2014). Therefore, instance of the distribution switch should be installed in the new infrastructure
that provide network with feature of application intelligence (MacCartney, Sun and Nie 2014).
Nonstop communication between user and other devices in the network can also be achieved by
using redundant links and port aggregation. B4G head office network consists of only one
gateway that bridges between internet service provider and other devices like router and switches
in the network. Situation might happen when the default gateway fails. Therefore, to prevent
outcomes of this situation, first hop redundancy is used.
Threat mitigation against security:
The Hot Standby Router protocol together with Virtual Router Redundancy protocol prevents
failure of default gateway (Feamster, Rexford and Zegura 2014). They provide default gateway
with backing method. Scalability and load balancing at core in B4G can be achieved by using
instances of default gateway. The load will be shared between two gateways that would improve
performance of the network. Convergence in the hierarchical model of the network can be
achieved by default gateway redundancy. Therefore, the HSRP/GLBP timers should be tuned to
900ms convergence.
Task 3:
Threat mitigation against network failure:
Providing an alternate networking path will help to deal with network failure. Using
technology of redundancy will help to reduce failure. Alternate paths can be provided by using
instances of devices in layer 3 and layer 2 of the network (Wang et al. 2015). In case of B4G,
only one distribution switch is used to route data packets to users. If the distribution switch fails
due to some reason then the whole network will breakdown (Feamster, Rexford and Zegura
2014). Therefore, instance of the distribution switch should be installed in the new infrastructure
that provide network with feature of application intelligence (MacCartney, Sun and Nie 2014).
Nonstop communication between user and other devices in the network can also be achieved by
using redundant links and port aggregation. B4G head office network consists of only one
gateway that bridges between internet service provider and other devices like router and switches
in the network. Situation might happen when the default gateway fails. Therefore, to prevent
outcomes of this situation, first hop redundancy is used.
Threat mitigation against security:
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10CAMPUS AREA NETWORK DESIGN
Another unavoidable threat to campus area network of B4G is security. Unauthorized
users can access data in the data centres if strong security is not implemented in the network.
Therefore, to handle this situation a mixture of both end-to-end and local VLANs should be
installed. End-to-end VLAN would help to deal with the security issues of network along with
providing flexibility and mobility to its users (Lounis et al. 2016). Additionally, end-to-end
VLANs uses 80/20 rule that says 80% of traffic flow will remain within the VLAN and 20%
leaves to remote resources in the network (Wang et al. 2015). This will prevent traffic from
being lost thus maintaining security.
Threat mitigation against malwares:
Several hackers try to take control over the network by introducing malwares in the
network. The most common threats that B4G can face from unauthorized access is hacking of the
web servers and data centres. There are various methods of performing malicious activities.
Distributed denial of service, man in the middle attack, spoofing, viruses and Trojans are main
forms of attacks (Ruffini et al. 2013). In most of the cases hackers targets an individual computer
where he introduces worms. The worms halts the operation performed by the computer and
transfers it into a bot (Giroire et al. 2015). Then the worm spreads to the other devices connected
to the network like servers, routers and so on. Finally, it leads to breakdown of the whole
network.
To overcome these problems B4G should implement the following to protect the network
from malicious activities:
The network should use port security, Dynamic ARP Inspection, IP source guard, DHCP
snooping and IEEE 802.1x tools.
Another unavoidable threat to campus area network of B4G is security. Unauthorized
users can access data in the data centres if strong security is not implemented in the network.
Therefore, to handle this situation a mixture of both end-to-end and local VLANs should be
installed. End-to-end VLAN would help to deal with the security issues of network along with
providing flexibility and mobility to its users (Lounis et al. 2016). Additionally, end-to-end
VLANs uses 80/20 rule that says 80% of traffic flow will remain within the VLAN and 20%
leaves to remote resources in the network (Wang et al. 2015). This will prevent traffic from
being lost thus maintaining security.
Threat mitigation against malwares:
Several hackers try to take control over the network by introducing malwares in the
network. The most common threats that B4G can face from unauthorized access is hacking of the
web servers and data centres. There are various methods of performing malicious activities.
Distributed denial of service, man in the middle attack, spoofing, viruses and Trojans are main
forms of attacks (Ruffini et al. 2013). In most of the cases hackers targets an individual computer
where he introduces worms. The worms halts the operation performed by the computer and
transfers it into a bot (Giroire et al. 2015). Then the worm spreads to the other devices connected
to the network like servers, routers and so on. Finally, it leads to breakdown of the whole
network.
To overcome these problems B4G should implement the following to protect the network
from malicious activities:
The network should use port security, Dynamic ARP Inspection, IP source guard, DHCP
snooping and IEEE 802.1x tools.
11CAMPUS AREA NETWORK DESIGN
Quality of service policies can be used to protect the network from internet worms and
Distributed denial of service attacks.
If an unauthorized switch is connected to the network, the BDPU guard tool wants
operator intervention and root guard tool protects STP convergence in the switch.
Firewalls should be used at every access points and devices (Kanaumi et al. 2013). The
default gateway of B4G already has firewall installed in it that will prevent internet
worms from entering the network.
Strong antiviruses should be installed in servers and individual computer systems so that
they are able to fight against various viruses and Trojans.
Conclusion:
From the above discussions, it can be concluded that the new network infrastructure of
B4G require strong security, high availability, high quality of performance and redundancy. The
report identified some threats that current B4G head office network is facing and provided some
recommendations that can be used to design the new infrastructure. The discussions concluded
that redundancy could be achieved in the network by the use of instances of various devices in
the network. They will help in providing an alternative path in case of any device failure. This
application intelligence will help in nonstop communication between users and other network
devices. Nonstop communication between user and other devices in the network can also be
achieved by using redundant links and port aggregation. Scalability and load balancing at core in
B4G can be achieved by using instances of default gateway. The load will be shared between
two gateways that would improve performance of the network. B4G head office network consists
of only one gateway that bridges between internet service provider and other devices like router
and switches in the network. The instance of distribution switch that will be used in the network
Quality of service policies can be used to protect the network from internet worms and
Distributed denial of service attacks.
If an unauthorized switch is connected to the network, the BDPU guard tool wants
operator intervention and root guard tool protects STP convergence in the switch.
Firewalls should be used at every access points and devices (Kanaumi et al. 2013). The
default gateway of B4G already has firewall installed in it that will prevent internet
worms from entering the network.
Strong antiviruses should be installed in servers and individual computer systems so that
they are able to fight against various viruses and Trojans.
Conclusion:
From the above discussions, it can be concluded that the new network infrastructure of
B4G require strong security, high availability, high quality of performance and redundancy. The
report identified some threats that current B4G head office network is facing and provided some
recommendations that can be used to design the new infrastructure. The discussions concluded
that redundancy could be achieved in the network by the use of instances of various devices in
the network. They will help in providing an alternative path in case of any device failure. This
application intelligence will help in nonstop communication between users and other network
devices. Nonstop communication between user and other devices in the network can also be
achieved by using redundant links and port aggregation. Scalability and load balancing at core in
B4G can be achieved by using instances of default gateway. The load will be shared between
two gateways that would improve performance of the network. B4G head office network consists
of only one gateway that bridges between internet service provider and other devices like router
and switches in the network. The instance of distribution switch that will be used in the network
12CAMPUS AREA NETWORK DESIGN
should have sufficient bandwidth so that it can provide backup methods when the other
distribution switch fails. The various threats that are faced by campus area network are malware
attacks, man in the middle attack, distributed denial of service attacks, viruses and Trojans.
However, several recommendations has been suggested in the report that will help to deal with
the attacks. One such example is using strong firewalls and antiviruses that will help to fight with
the intruding viruses. Several tools such as DHCP snooping, BDPU guard tool and root guard
tool, dynamic ARP Inspection tool and so on are used to combat the attacks. The new
infrastructure should have additionally unified network services, improved performance and so
on.
should have sufficient bandwidth so that it can provide backup methods when the other
distribution switch fails. The various threats that are faced by campus area network are malware
attacks, man in the middle attack, distributed denial of service attacks, viruses and Trojans.
However, several recommendations has been suggested in the report that will help to deal with
the attacks. One such example is using strong firewalls and antiviruses that will help to fight with
the intruding viruses. Several tools such as DHCP snooping, BDPU guard tool and root guard
tool, dynamic ARP Inspection tool and so on are used to combat the attacks. The new
infrastructure should have additionally unified network services, improved performance and so
on.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
13CAMPUS AREA NETWORK DESIGN
Reference:
Ahmad, I., Namal, S., Ylianttila, M. and Gurtov, A., 2015. Security in software defined
networks: A survey. IEEE Communications Surveys & Tutorials, 17(4), pp.2317-2346.
Ahmed, R. and Boutaba, R., 2014. Design considerations for managing wide area software
defined networks. IEEE Communications Magazine, 52(7), pp.116-123.
Baldin, I., Chase, J., Xin, Y., Mandal, A., Ruth, P., Castillo, C., Orlikowski, V., Heermann, C.
and Mills, J., 2016. Exogeni: A multi-domain infrastructure-as-a-service testbed. In The GENI
Book (pp. 279-315). Springer, Cham.
Feamster, N., Rexford, J. and Zegura, E., 2013. The road to SDN. Queue, 11(12), p.20.
Feamster, N., Rexford, J. and Zegura, E., 2014. The road to SDN: an intellectual history of
programmable networks. ACM SIGCOMM Computer Communication Review, 44(2), pp.87-98.
Ghosh, A., Thomas, T.A., Cudak, M.C., Ratasuk, R., Moorut, P., Vook, F.W., Rappaport, T.S.,
MacCartney, G.R., Sun, S. and Nie, S., 2014. Millimeter-wave enhanced local area systems: A
high-data-rate approach for future wireless networks. IEEE Journal on Selected Areas in
Communications, 32(6), pp.1152-1163.
Giroire, F., Moulierac, J., Phan, T.K. and Roudaut, F., 2015. Minimization of network power
consumption with redundancy elimination. Computer communications, 59, pp.98-105.
Jain, R. and Paul, S., 2013. Network virtualization and software defined networking for cloud
computing: a survey. IEEE Communications Magazine, 51(11), pp.24-31.
Reference:
Ahmad, I., Namal, S., Ylianttila, M. and Gurtov, A., 2015. Security in software defined
networks: A survey. IEEE Communications Surveys & Tutorials, 17(4), pp.2317-2346.
Ahmed, R. and Boutaba, R., 2014. Design considerations for managing wide area software
defined networks. IEEE Communications Magazine, 52(7), pp.116-123.
Baldin, I., Chase, J., Xin, Y., Mandal, A., Ruth, P., Castillo, C., Orlikowski, V., Heermann, C.
and Mills, J., 2016. Exogeni: A multi-domain infrastructure-as-a-service testbed. In The GENI
Book (pp. 279-315). Springer, Cham.
Feamster, N., Rexford, J. and Zegura, E., 2013. The road to SDN. Queue, 11(12), p.20.
Feamster, N., Rexford, J. and Zegura, E., 2014. The road to SDN: an intellectual history of
programmable networks. ACM SIGCOMM Computer Communication Review, 44(2), pp.87-98.
Ghosh, A., Thomas, T.A., Cudak, M.C., Ratasuk, R., Moorut, P., Vook, F.W., Rappaport, T.S.,
MacCartney, G.R., Sun, S. and Nie, S., 2014. Millimeter-wave enhanced local area systems: A
high-data-rate approach for future wireless networks. IEEE Journal on Selected Areas in
Communications, 32(6), pp.1152-1163.
Giroire, F., Moulierac, J., Phan, T.K. and Roudaut, F., 2015. Minimization of network power
consumption with redundancy elimination. Computer communications, 59, pp.98-105.
Jain, R. and Paul, S., 2013. Network virtualization and software defined networking for cloud
computing: a survey. IEEE Communications Magazine, 51(11), pp.24-31.
14CAMPUS AREA NETWORK DESIGN
Kanaumi, Y., Saito, S.I., Kawai, E., Ishii, S., Kobayashi, K. and Shimojo, S., 2013. RISE: A
wide-area hybrid OpenFlow network testbed. IEICE transactions on communications, 96(1),
pp.108-118.
Kreutz, D., Ramos, F.M., Verissimo, P.E., Rothenberg, C.E., Azodolmolky, S. and Uhlig, S.,
2015. Software-defined networking: A comprehensive survey. Proceedings of the IEEE, 103(1),
pp.14-76.
Lounis, A., Hadjidj, A., Bouabdallah, A. and Challal, Y., 2016. Healing on the cloud: Secure
cloud architecture for medical wireless sensor networks. Future Generation Computer Systems,
55, pp.266-277.
Mahalingam, M., Dutt, D., Duda, K., Agarwal, P., Kreeger, L., Sridhar, T., Bursell, M. and
Wright, C., 2014. Virtual extensible local area network (VXLAN): A framework for overlaying
virtualized layer 2 networks over layer 3 networks (No. RFC 7348).
Misra, S., Tourani, R. and Majd, N.E., 2013, August. Secure content delivery in information-
centric networks: Design, implementation, and analyses. In Proceedings of the 3rd ACM
SIGCOMM workshop on Information-centric networking (pp. 73-78). ACM.
Molina, E., Jacob, E., Toledo, N. and Astarloa, A., 2016. Performance enhancement of high-
availability seamless redundancy (HSR) networks using OpenFlow. IEEE Communications
Letters, 20(2), pp.364-367.
Ruffini, M., Doran, N., Achouche, M., Parsons, N., Pfeiffer, T., Yin, X., Rohde, H., Schiano, M.,
Ossieur, P., O'Sullivan, B. and Wessäly, R., 2013, June. DISCUS: End-to-end network design for
ubiquitous high speed broadband services. In Transparent Optical Networks (ICTON), 2013
15th International Conference on (pp. 1-5). IEEE.
Kanaumi, Y., Saito, S.I., Kawai, E., Ishii, S., Kobayashi, K. and Shimojo, S., 2013. RISE: A
wide-area hybrid OpenFlow network testbed. IEICE transactions on communications, 96(1),
pp.108-118.
Kreutz, D., Ramos, F.M., Verissimo, P.E., Rothenberg, C.E., Azodolmolky, S. and Uhlig, S.,
2015. Software-defined networking: A comprehensive survey. Proceedings of the IEEE, 103(1),
pp.14-76.
Lounis, A., Hadjidj, A., Bouabdallah, A. and Challal, Y., 2016. Healing on the cloud: Secure
cloud architecture for medical wireless sensor networks. Future Generation Computer Systems,
55, pp.266-277.
Mahalingam, M., Dutt, D., Duda, K., Agarwal, P., Kreeger, L., Sridhar, T., Bursell, M. and
Wright, C., 2014. Virtual extensible local area network (VXLAN): A framework for overlaying
virtualized layer 2 networks over layer 3 networks (No. RFC 7348).
Misra, S., Tourani, R. and Majd, N.E., 2013, August. Secure content delivery in information-
centric networks: Design, implementation, and analyses. In Proceedings of the 3rd ACM
SIGCOMM workshop on Information-centric networking (pp. 73-78). ACM.
Molina, E., Jacob, E., Toledo, N. and Astarloa, A., 2016. Performance enhancement of high-
availability seamless redundancy (HSR) networks using OpenFlow. IEEE Communications
Letters, 20(2), pp.364-367.
Ruffini, M., Doran, N., Achouche, M., Parsons, N., Pfeiffer, T., Yin, X., Rohde, H., Schiano, M.,
Ossieur, P., O'Sullivan, B. and Wessäly, R., 2013, June. DISCUS: End-to-end network design for
ubiquitous high speed broadband services. In Transparent Optical Networks (ICTON), 2013
15th International Conference on (pp. 1-5). IEEE.
15CAMPUS AREA NETWORK DESIGN
Sgambelluri, A., Giorgetti, A., Cugini, F., Paolucci, F. and Castoldi, P., 2013. OpenFlow-based
segment protection in Ethernet networks. Journal of Optical Communications and Networking,
5(9), pp.1066-1075.
Ullah, S. and Hong, C.S., 2013. Probabilistic In-Networking Chunk Marking and Caching for
Information-Centric Networks. KIISE.
Wang, S., Zhang, X., Yang, K., Wang, L. and Wang, W., 2015, November. Distributed edge
caching scheme considering the tradeoff between the diversity and redundancy of cached
content. In Communications in China (ICCC), 2015 IEEE/CIC International Conference on (pp.
1-5). IEEE.
Wang, W. and Lu, Z., 2013. Cyber security in the smart grid: Survey and challenges. Computer
Networks, 57(5), pp.1344-1371.
Zhang, L., Afanasyev, A., Burke, J., Jacobson, V., Crowley, P., Papadopoulos, C., Wang, L. and
Zhang, B., 2014. Named data networking. ACM SIGCOMM Computer Communication Review,
44(3), pp.66-73.
Sgambelluri, A., Giorgetti, A., Cugini, F., Paolucci, F. and Castoldi, P., 2013. OpenFlow-based
segment protection in Ethernet networks. Journal of Optical Communications and Networking,
5(9), pp.1066-1075.
Ullah, S. and Hong, C.S., 2013. Probabilistic In-Networking Chunk Marking and Caching for
Information-Centric Networks. KIISE.
Wang, S., Zhang, X., Yang, K., Wang, L. and Wang, W., 2015, November. Distributed edge
caching scheme considering the tradeoff between the diversity and redundancy of cached
content. In Communications in China (ICCC), 2015 IEEE/CIC International Conference on (pp.
1-5). IEEE.
Wang, W. and Lu, Z., 2013. Cyber security in the smart grid: Survey and challenges. Computer
Networks, 57(5), pp.1344-1371.
Zhang, L., Afanasyev, A., Burke, J., Jacobson, V., Crowley, P., Papadopoulos, C., Wang, L. and
Zhang, B., 2014. Named data networking. ACM SIGCOMM Computer Communication Review,
44(3), pp.66-73.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
16CAMPUS AREA NETWORK DESIGN
Appendix:
Specifications for obtaining redundancy and rapid convergence through RSTP:
Specifications for configuring default gateway to achieve convergence:
Appendix:
Specifications for obtaining redundancy and rapid convergence through RSTP:
Specifications for configuring default gateway to achieve convergence:
1 out of 17
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.