Local Area Network (LAN) Design, Implementation, and Management
VerifiedAdded on 2024/05/29
|17
|3880
|373
AI Summary
This document explores the fundamentals of Local Area Networks (LANs), encompassing design, implementation, and management aspects. It delves into various LAN technologies, critically evaluates their impact on network performance, and analyzes traffic-intensive services. The document further examines LAN security concerns and provides recommendations for sustaining network security, reliability, and performance. It outlines a practical LAN infrastructure design, critically evaluates the suitability of LAN components, and details the steps involved in building and configuring a LAN, including services like DHCP, VLANs, and server configuration. The document also covers network security implementation techniques, including port security, firewalls, and authentication, and provides guidance on critically reviewing and testing a LAN. Finally, it addresses LAN management aspects, including monitoring, troubleshooting, and resolving issues to enhance security, reliability, and performance.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
LOCAL AREA NETWORK
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Contents
LO1: Impact of LAN Technologies.................................................................................................3
1.1 Critically evaluate different LAN technologies.....................................................................3
1.2 Critically analyse traffic intensive services and their performance.......................................4
1.3 Discuss LAN concerns and make recommendations to sustain network security, reliability
and performance...........................................................................................................................4
LO2: Be able to design LAN infrastructures...................................................................................6
2.1 Design LAN infrastructure to meet a given requirement.......................................................6
2.2 critically evaluate the suitability of LAN components..........................................................7
LO3: Be able to implement LAN infrastructures............................................................................8
3.1 Build and configure a LAN (including services) to meet a given requirement.....................8
3.2 implement network security on a LAN................................................................................11
3.3 Critically review and test a LAN.........................................................................................12
LO4: Be able to manage LAN infrastructures...............................................................................14
4.1 Monitoring and Troubleshooting LAN................................................................................14
4.2 resolve LAN issues to improve security, reliability and performance.................................14
References......................................................................................................................................16
Appendix........................................................................................................................................17
LO1: Impact of LAN Technologies.................................................................................................3
1.1 Critically evaluate different LAN technologies.....................................................................3
1.2 Critically analyse traffic intensive services and their performance.......................................4
1.3 Discuss LAN concerns and make recommendations to sustain network security, reliability
and performance...........................................................................................................................4
LO2: Be able to design LAN infrastructures...................................................................................6
2.1 Design LAN infrastructure to meet a given requirement.......................................................6
2.2 critically evaluate the suitability of LAN components..........................................................7
LO3: Be able to implement LAN infrastructures............................................................................8
3.1 Build and configure a LAN (including services) to meet a given requirement.....................8
3.2 implement network security on a LAN................................................................................11
3.3 Critically review and test a LAN.........................................................................................12
LO4: Be able to manage LAN infrastructures...............................................................................14
4.1 Monitoring and Troubleshooting LAN................................................................................14
4.2 resolve LAN issues to improve security, reliability and performance.................................14
References......................................................................................................................................16
Appendix........................................................................................................................................17
LO1: Impact of LAN Technologies
1.1 Critically evaluate different LAN technologies
Local Area Network is a computer network in which we connect different network devices to
facilitate data communication between the users present in our company or organization. By
establishing a LAN connection, we can achieve security and reliability within our computer
network. In order to make our LAN connections easy and cost-effective, it is necessary that we
wisely choose a right and simple LAN technology.
We have different LAN technologies like:
Ethernet LAN is one of the most used technologies. Many organizations use this technology to
connect their different network terminals such as computers, printers either in the same building
or at different places. Maintaining an Ethernet LAN connection is considered as Simple. For
network access, Ethernet LAN technology uses the feature of Carrier Sense
Multi-Access/Collision Detection (CSMA/CD By default, an Ethernet uses 10BASE-T features
which means that it is capable of providing the transmission speed of 10 Mbps
(Differencebetween.info, 2018).
Fast-Ethernet: To meet the need of fast-growing network technologies, the use of Fast-Ethernet
LAN has been started. It is capable of providing a speed of 100 Mbps. One of the other
differences between the Ethernet and Fast Ethernet LAN is that the latter uses CSMA/CA
(Carrier sense multi-access/collision avoidance) technique for sharing of the data between
different hosts connected into the same network.
Giga-Ethernet is used when the transmission speed goes up to 1000 Mbps. For achieving that
speed Cat5, Cat5e and Cat6 cables are used in the LAN architecture.
VLAN (Virtual LAN) Many times we need to restrict the communication between the hosts of a
network. Like in a company, Accounts department cannot communicate with the Management
department. In such a scene we have to put those users into different broadcast domains. For
this, we use the concept of VLAN. By default, all hosts are placed into VLAN 1 so they can
communicate to each other. But once we assign hosts into different VLAN's then host in one
VLAN cannot communicate with another VLAN's host (Lifewire. 2018).
1.1 Critically evaluate different LAN technologies
Local Area Network is a computer network in which we connect different network devices to
facilitate data communication between the users present in our company or organization. By
establishing a LAN connection, we can achieve security and reliability within our computer
network. In order to make our LAN connections easy and cost-effective, it is necessary that we
wisely choose a right and simple LAN technology.
We have different LAN technologies like:
Ethernet LAN is one of the most used technologies. Many organizations use this technology to
connect their different network terminals such as computers, printers either in the same building
or at different places. Maintaining an Ethernet LAN connection is considered as Simple. For
network access, Ethernet LAN technology uses the feature of Carrier Sense
Multi-Access/Collision Detection (CSMA/CD By default, an Ethernet uses 10BASE-T features
which means that it is capable of providing the transmission speed of 10 Mbps
(Differencebetween.info, 2018).
Fast-Ethernet: To meet the need of fast-growing network technologies, the use of Fast-Ethernet
LAN has been started. It is capable of providing a speed of 100 Mbps. One of the other
differences between the Ethernet and Fast Ethernet LAN is that the latter uses CSMA/CA
(Carrier sense multi-access/collision avoidance) technique for sharing of the data between
different hosts connected into the same network.
Giga-Ethernet is used when the transmission speed goes up to 1000 Mbps. For achieving that
speed Cat5, Cat5e and Cat6 cables are used in the LAN architecture.
VLAN (Virtual LAN) Many times we need to restrict the communication between the hosts of a
network. Like in a company, Accounts department cannot communicate with the Management
department. In such a scene we have to put those users into different broadcast domains. For
this, we use the concept of VLAN. By default, all hosts are placed into VLAN 1 so they can
communicate to each other. But once we assign hosts into different VLAN's then host in one
VLAN cannot communicate with another VLAN's host (Lifewire. 2018).
1.2 Critically analyse traffic intensive services and their performance.
QoS: The concept of QoS was developed for prioritization of Network traffic or congestion.
Implementing QoS in our network results in a performance improvement for critical network
traffic. It is a feature by which we can set or assign the bandwidth to a specific service. It helps in
controlling the congestion on a network with a limited quantity of Bandwidth.
There is a number of services on which we can implement QoS such as VoIP (Voice over IP),
Video conferencing, TCP/UDP services etc.
Bandwidth management is basically a feature by which we assign or save the bandwidth
according to our requirement. QoS helps us to achieve this. In this way, we ensure that the
bandwidth is not misused and could get us the maximum throughput from our network
Some of the mechanisms for implementation of QoS in our network are :
Policing (Rate Limiting): Setting a highest or upper limit of bandwidth for a service.
WFQ (Weighted Fair Queue): Processing each service according to the weights assigned to
them.
CBWFQ (Class-Based weighted fair queue) (Network Computing, 2016).
1.3 Discuss LAN concerns and make recommendations to sustain network security,
reliability and performance
Cisco developed a model which is widely used, known as Hierarchical network or Three-tier
model. This model helps in creating a credible, scalable and money-saving internetwork
arrangement. A hierarchical model divides an internetwork connection into three layers: Core,
Distribution and Access layers. Through this division of the network components, the task of
managing the large network becomes easier. Also, it becomes easier to add or remove any new
service or component into the preexisting network.
QoS: The concept of QoS was developed for prioritization of Network traffic or congestion.
Implementing QoS in our network results in a performance improvement for critical network
traffic. It is a feature by which we can set or assign the bandwidth to a specific service. It helps in
controlling the congestion on a network with a limited quantity of Bandwidth.
There is a number of services on which we can implement QoS such as VoIP (Voice over IP),
Video conferencing, TCP/UDP services etc.
Bandwidth management is basically a feature by which we assign or save the bandwidth
according to our requirement. QoS helps us to achieve this. In this way, we ensure that the
bandwidth is not misused and could get us the maximum throughput from our network
Some of the mechanisms for implementation of QoS in our network are :
Policing (Rate Limiting): Setting a highest or upper limit of bandwidth for a service.
WFQ (Weighted Fair Queue): Processing each service according to the weights assigned to
them.
CBWFQ (Class-Based weighted fair queue) (Network Computing, 2016).
1.3 Discuss LAN concerns and make recommendations to sustain network security,
reliability and performance
Cisco developed a model which is widely used, known as Hierarchical network or Three-tier
model. This model helps in creating a credible, scalable and money-saving internetwork
arrangement. A hierarchical model divides an internetwork connection into three layers: Core,
Distribution and Access layers. Through this division of the network components, the task of
managing the large network becomes easier. Also, it becomes easier to add or remove any new
service or component into the preexisting network.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Figure 1: Hieratical Diagram
Access layer The End users of a network are held into the Access layer. Some of the features
which we can implement at this layer are VLAN, Port security, QoS, ARP (Address resolution
protocol) inspection.
Distribution layer acts as an intermediate layer between access and core layer of a network.
This is the layer where we apply policies and control the network traffic which is destined for
other networks (Mcmcse.com. 2018).
The core layer has the interconnectivity of high-speed network components. These devices are
capable of fast packet switching and forwarding large amounts of data.
Access layer The End users of a network are held into the Access layer. Some of the features
which we can implement at this layer are VLAN, Port security, QoS, ARP (Address resolution
protocol) inspection.
Distribution layer acts as an intermediate layer between access and core layer of a network.
This is the layer where we apply policies and control the network traffic which is destined for
other networks (Mcmcse.com. 2018).
The core layer has the interconnectivity of high-speed network components. These devices are
capable of fast packet switching and forwarding large amounts of data.
LO2: Be able to design LAN infrastructures
2.1 Design LAN infrastructure to meet a given requirement
Devices used:
Devices /Technology used:
Figure 2: Design Topology
2.1 Design LAN infrastructure to meet a given requirement
Devices used:
Devices /Technology used:
Figure 2: Design Topology
Routers: Routers are layer 3 devices which helps us to break the broadcast domain. That
means there will be a different network on each interface of a router. The router supports
dynamic as well as static routing protocols for path determination.
Switches: Switch is a layer 2 device which helps us to connect multiple users to the same
broadcast domain. Every pc connected into this topology is connected to other users through
a switch. Some other features of the switch include VLAN, Port security, ARP inspection etc.
Servers: Servers are responsible for processing a request sent by the client or users in a
network. For eg: if we are accessing the internet, DNS(Domain name server) helps us in
resolving IP address to their respective Domain name. some other servers placed in this
network are Web, Email and File transfer servers.
Multi-layer switch: A Multilayer switch is a layer 3 device which has features of a router as
well as of a switch. However, it does not have full capabilities of either router or switch
(Network Computing. 2016).
2.2 critically evaluate the suitability of LAN components
Security: For the security of this Network, The switches of every department has been
configured with Port-security. With this feature, no unauthenticated users can access the network
by connecting any rogue device to the LAN Ports. If an unauthenticated user tries to do so then it
is blocked and its MAC address is copied into the switch attacker database. Some other features
also working here are ARP Inspection, VLANs.
Scalability: The Network design is done in such a way that we can add or remove the network
components when needed. It follows all the rules and guidelines given into the OSI Model.
Availability: Is concerned with how this network with deal with a failure. The network should
be designed in such a way that whenever any network failure occurs then it could emerge out as
soon as possible. Also, there should be a way of backing up the important resources and
configurations.
means there will be a different network on each interface of a router. The router supports
dynamic as well as static routing protocols for path determination.
Switches: Switch is a layer 2 device which helps us to connect multiple users to the same
broadcast domain. Every pc connected into this topology is connected to other users through
a switch. Some other features of the switch include VLAN, Port security, ARP inspection etc.
Servers: Servers are responsible for processing a request sent by the client or users in a
network. For eg: if we are accessing the internet, DNS(Domain name server) helps us in
resolving IP address to their respective Domain name. some other servers placed in this
network are Web, Email and File transfer servers.
Multi-layer switch: A Multilayer switch is a layer 3 device which has features of a router as
well as of a switch. However, it does not have full capabilities of either router or switch
(Network Computing. 2016).
2.2 critically evaluate the suitability of LAN components
Security: For the security of this Network, The switches of every department has been
configured with Port-security. With this feature, no unauthenticated users can access the network
by connecting any rogue device to the LAN Ports. If an unauthenticated user tries to do so then it
is blocked and its MAC address is copied into the switch attacker database. Some other features
also working here are ARP Inspection, VLANs.
Scalability: The Network design is done in such a way that we can add or remove the network
components when needed. It follows all the rules and guidelines given into the OSI Model.
Availability: Is concerned with how this network with deal with a failure. The network should
be designed in such a way that whenever any network failure occurs then it could emerge out as
soon as possible. Also, there should be a way of backing up the important resources and
configurations.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
LO3: Be able to implement LAN infrastructures
3.1 Build and configure a LAN (including services) to meet a given requirement.
Before configuring the LAN, we will decide which type of network topology we are going to
use. Some of the existing topologies are Mesh, Bus, Star, Tree etc. We are going to use Mesh
Topology into our network. In Mesh topology, the nodes are connected directly, non-hierarchical
or hierarchical to other nodes.
Building a LAN
Routers: Routers are layer 3 devices which helps us to break the broadcast domain. That
means there will be a different network on each interface of a router. The router supports
dynamic as well as static routing protocols for path determination.
Switches: Switch is a layer 2 device which helps us to connect multiple users to the same
broadcast domain. Every pc connected into this topology is connected to other users through
a switch. Some other features of the switch include VLAN, Port security, ARP inspection etc.
Servers: Servers are responsible for processing a request sent by the client or users in a
network. For eg: if we are accessing the internet, DNS(Domain name server) helps us in
resolving IP address to their respective Domain name. some other servers placed in this
network are Web, Email and File transfer servers.
Multi-layer switch: A Multilayer switch is a layer 3 device which has features of a router as
well as of a switch. However, it does not have full capabilities of either router or switch.
WAN (Wide Area Network): When LAN is implemented on a big scale it is known as WAN.
Configuring the LAN
1. Connecting PC, Routers and Switches
For connecting PC to Router or switch we will use Straight cables.
For, Router to switch we will use Straight cable and for a switch to switch Cross cables will
be used. These cables are CAT 5 UTP cables with a Fast Ethernet RJ-45 connector.
2. Trunk and Access Ports
When we connect the Switch to Switch, The connecting ports should be in Trunk mode in
order to implement Trunking encapsulation and data transmission between different switches
3.1 Build and configure a LAN (including services) to meet a given requirement.
Before configuring the LAN, we will decide which type of network topology we are going to
use. Some of the existing topologies are Mesh, Bus, Star, Tree etc. We are going to use Mesh
Topology into our network. In Mesh topology, the nodes are connected directly, non-hierarchical
or hierarchical to other nodes.
Building a LAN
Routers: Routers are layer 3 devices which helps us to break the broadcast domain. That
means there will be a different network on each interface of a router. The router supports
dynamic as well as static routing protocols for path determination.
Switches: Switch is a layer 2 device which helps us to connect multiple users to the same
broadcast domain. Every pc connected into this topology is connected to other users through
a switch. Some other features of the switch include VLAN, Port security, ARP inspection etc.
Servers: Servers are responsible for processing a request sent by the client or users in a
network. For eg: if we are accessing the internet, DNS(Domain name server) helps us in
resolving IP address to their respective Domain name. some other servers placed in this
network are Web, Email and File transfer servers.
Multi-layer switch: A Multilayer switch is a layer 3 device which has features of a router as
well as of a switch. However, it does not have full capabilities of either router or switch.
WAN (Wide Area Network): When LAN is implemented on a big scale it is known as WAN.
Configuring the LAN
1. Connecting PC, Routers and Switches
For connecting PC to Router or switch we will use Straight cables.
For, Router to switch we will use Straight cable and for a switch to switch Cross cables will
be used. These cables are CAT 5 UTP cables with a Fast Ethernet RJ-45 connector.
2. Trunk and Access Ports
When we connect the Switch to Switch, The connecting ports should be in Trunk mode in
order to implement Trunking encapsulation and data transmission between different switches
and VLAN. This is also crucial for enabling the common VTP domain between all the
connected switches.
3. Configuring IP address
On a router, by entering into the global execution mode we will assign IP’s to every
connected interface in our network as :
R1(config)# int fa0/0
R1(config-if)# ip address 10.11.12.194 255.255.255.224
R1(config-if)# no shut
The IP address mentioned in the command is a combination of IP address and the Subnet
mask in order to know to which individual subnet it belongs. “no shut” is short for NO-
SHUTDOWN, which brings the device's interface into “up-state”.
On PC’s
For assigning the IP addresses at PCs we have used DHCP(Dynamic Host configuration
protocol). This is a concept by which we can assign IP addresses to the hosts dynamically.
For configuring DHCP, first, we have to enter into the global execution mode then follow
these steps
a. Set Domain name
b. Create an IP address pool, The IP addresses assigned to the hosts will belong to this pool.
c. Set lease time i.e., for how much time the respective IP should be assigned to that host.
d. Then On PC, set the IP allocation method to DHCP from static.
e. Try to check the connectivity to other hosts of network using PING command
For eg: ping 10.11.12.133
Pinging 10.11.12.133 with 32 bytes of data:
Reply from 10.11.12.133: bytes=32 time=2ms TTL=128
Reply from 10.11.12.133: bytes=32 time=1ms TTL=128
Reply from 10.11.12.133: bytes=32 time=6ms TTL=128
Reply from 10.11.12.133: bytes=32 time=23ms TTL=128
Ping statistics for 10.11.12.133:
connected switches.
3. Configuring IP address
On a router, by entering into the global execution mode we will assign IP’s to every
connected interface in our network as :
R1(config)# int fa0/0
R1(config-if)# ip address 10.11.12.194 255.255.255.224
R1(config-if)# no shut
The IP address mentioned in the command is a combination of IP address and the Subnet
mask in order to know to which individual subnet it belongs. “no shut” is short for NO-
SHUTDOWN, which brings the device's interface into “up-state”.
On PC’s
For assigning the IP addresses at PCs we have used DHCP(Dynamic Host configuration
protocol). This is a concept by which we can assign IP addresses to the hosts dynamically.
For configuring DHCP, first, we have to enter into the global execution mode then follow
these steps
a. Set Domain name
b. Create an IP address pool, The IP addresses assigned to the hosts will belong to this pool.
c. Set lease time i.e., for how much time the respective IP should be assigned to that host.
d. Then On PC, set the IP allocation method to DHCP from static.
e. Try to check the connectivity to other hosts of network using PING command
For eg: ping 10.11.12.133
Pinging 10.11.12.133 with 32 bytes of data:
Reply from 10.11.12.133: bytes=32 time=2ms TTL=128
Reply from 10.11.12.133: bytes=32 time=1ms TTL=128
Reply from 10.11.12.133: bytes=32 time=6ms TTL=128
Reply from 10.11.12.133: bytes=32 time=23ms TTL=128
Ping statistics for 10.11.12.133:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 23ms, Average = 8ms
4. Configuring VLANs
The different departments present into the company should not be able to communicate with
each other. By default, every port of a switch is present in VLAN1. Hence every connected
device could communicate to each other. To achieve this, we will configure VLANs on
switches.
Switch(config)# interface FastEthernet0/3
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 20
Switch(config-if)# switchport port-security
Switch(config-if)# switchport port-security maximum 1
Switch(config-if)# switchport port-security violation restrict
Switch(config-if)# switchport port-security mac-address sticky
If we want to assign multiple ports or interfaces (or say a range of interfaces) into a same
VLAN then we can also use this method.
Switch(config)# interface range FastEthernet0/3-8
Switch(config-if range)# switchport mode access
Switch(config-if range)# switchport access vlan 20
Switch(config-if range)# switchport port-security
Switch(config-if range)# switchport port-security maximum 1
Switch(config-if range)# switchport port-security mac-address sticky
Switch(config-if range)# switchport port-security violation restrict
5. Servers (Web,DNS,FTP):
DNS (Domain name server):- DNS server is responsible for resolving IP to Hostname. A
DNS server holds the database of Hostnames and IP addresses associated with them.
Whenever a request is passed to DNS Server it resolves the hostname into its IP address or
vice-versa and processes the request.
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 23ms, Average = 8ms
4. Configuring VLANs
The different departments present into the company should not be able to communicate with
each other. By default, every port of a switch is present in VLAN1. Hence every connected
device could communicate to each other. To achieve this, we will configure VLANs on
switches.
Switch(config)# interface FastEthernet0/3
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 20
Switch(config-if)# switchport port-security
Switch(config-if)# switchport port-security maximum 1
Switch(config-if)# switchport port-security violation restrict
Switch(config-if)# switchport port-security mac-address sticky
If we want to assign multiple ports or interfaces (or say a range of interfaces) into a same
VLAN then we can also use this method.
Switch(config)# interface range FastEthernet0/3-8
Switch(config-if range)# switchport mode access
Switch(config-if range)# switchport access vlan 20
Switch(config-if range)# switchport port-security
Switch(config-if range)# switchport port-security maximum 1
Switch(config-if range)# switchport port-security mac-address sticky
Switch(config-if range)# switchport port-security violation restrict
5. Servers (Web,DNS,FTP):
DNS (Domain name server):- DNS server is responsible for resolving IP to Hostname. A
DNS server holds the database of Hostnames and IP addresses associated with them.
Whenever a request is passed to DNS Server it resolves the hostname into its IP address or
vice-versa and processes the request.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
WEB Server: A web server is generally responsible for processing the requests related to
HTTP (Hypertext transfer protocol). Whenever it is required to host the web services like
website hosting we use the Web servers.
FTP Server (File transfer protocol): Also known as FTP Site, The FTP server uses TCP/IP
network for processing the requests from its clients. It uses TCP Port no 20 and 21 (One for
uploading and one for downloading).
Email Server or SMTP (Simple mail transfer Protocol): SMTP protocol uses TCP port no
23 for transferring Mails from client to server. SMTP is only used for sending the email
from a host to another host. To retrieve these emails or messages on client side, other
protocols like POP, IMAP are used.
Hence using all these technologies we will configure the LAN
3.2 implement network security on a LAN
Port-security: Port-Security is a feature of Switch which is used to block unauthorized users to
access our network. Whenever an attacker tries to enter into our network then switch blocks the
attacker’s device with the help of port-security and copies attackers details such as MAC and IP
address. Sample commands for configuring the port-security are
Switch(config)# interface FastEthernet0/3
Switch(config-if)# switchport mode access
Switch(config-if)# switchport port-security
Switch(config-if)# switchport port-security maximum 1
Switch(config-if)# switchport port-security mac-address sticky
Switch(config-if)# switchport port-security violation restrict
Or
Switch(config)# interface range FastEthernet0/3-12
Switch(config-if range)# switchport mode access
Switch(config-if range)# switchport port-security
HTTP (Hypertext transfer protocol). Whenever it is required to host the web services like
website hosting we use the Web servers.
FTP Server (File transfer protocol): Also known as FTP Site, The FTP server uses TCP/IP
network for processing the requests from its clients. It uses TCP Port no 20 and 21 (One for
uploading and one for downloading).
Email Server or SMTP (Simple mail transfer Protocol): SMTP protocol uses TCP port no
23 for transferring Mails from client to server. SMTP is only used for sending the email
from a host to another host. To retrieve these emails or messages on client side, other
protocols like POP, IMAP are used.
Hence using all these technologies we will configure the LAN
3.2 implement network security on a LAN
Port-security: Port-Security is a feature of Switch which is used to block unauthorized users to
access our network. Whenever an attacker tries to enter into our network then switch blocks the
attacker’s device with the help of port-security and copies attackers details such as MAC and IP
address. Sample commands for configuring the port-security are
Switch(config)# interface FastEthernet0/3
Switch(config-if)# switchport mode access
Switch(config-if)# switchport port-security
Switch(config-if)# switchport port-security maximum 1
Switch(config-if)# switchport port-security mac-address sticky
Switch(config-if)# switchport port-security violation restrict
Or
Switch(config)# interface range FastEthernet0/3-12
Switch(config-if range)# switchport mode access
Switch(config-if range)# switchport port-security
Switch(config-if range)# switchport port-security maximum 1
Switch(config-if range)# switchport port-security mac-address sticky
Switch(config-if range)# switchport port-security violation restrict
Firewall: Firewall is a security device in computer networks which ensure the security of our
internal network from attacks which could arise from ISP(Internet service provider) side or other
attacks. It basically filters the incoming and outgoing traffic using different policies and features.
VLAN (Virtual local area network): Feature used to break the broadcast domain at layer 2(OSI
layers). The host connected or assigned in different VLANs cannot communicate to each other.
Authentication of users: For any configuration on the devices of the network, a person needs to
access the console of the device. So we also protect our console from unauthorized access. For
this, we create a username and password which should be used while logging into a system or
device's configuration mode. These are the following commands for setting password and
username on a switch
Switch(config)# username admin password company1
Encryption: The data which is shared over a network between one host to another should be
transmitted into an encrypted form.
Access lists are very useful when we want to filter the traffic coming or going out of a network.
These are also used when there is a need for classifying the traffic according to the requirement.
Access-list works at the OSI layer 3 (Network layer) and layer 4 (Transport layer).
If we want to deny or permit any specific traffic into our network then access-lists are used.
Depending on the traffic, access-lists are applied in multiple ways like at interface, with
NAT(Network address translation) or PAT(Port address translation) and many more.
3.3 Critically review and test a LAN
As discussed above, for testing of our LAN we will generate a PING request which is basically
an ICMP request packet from one host to another host.
Eg: (a) A host from Finance department PING to the other host of the same department.
Switch(config-if range)# switchport port-security mac-address sticky
Switch(config-if range)# switchport port-security violation restrict
Firewall: Firewall is a security device in computer networks which ensure the security of our
internal network from attacks which could arise from ISP(Internet service provider) side or other
attacks. It basically filters the incoming and outgoing traffic using different policies and features.
VLAN (Virtual local area network): Feature used to break the broadcast domain at layer 2(OSI
layers). The host connected or assigned in different VLANs cannot communicate to each other.
Authentication of users: For any configuration on the devices of the network, a person needs to
access the console of the device. So we also protect our console from unauthorized access. For
this, we create a username and password which should be used while logging into a system or
device's configuration mode. These are the following commands for setting password and
username on a switch
Switch(config)# username admin password company1
Encryption: The data which is shared over a network between one host to another should be
transmitted into an encrypted form.
Access lists are very useful when we want to filter the traffic coming or going out of a network.
These are also used when there is a need for classifying the traffic according to the requirement.
Access-list works at the OSI layer 3 (Network layer) and layer 4 (Transport layer).
If we want to deny or permit any specific traffic into our network then access-lists are used.
Depending on the traffic, access-lists are applied in multiple ways like at interface, with
NAT(Network address translation) or PAT(Port address translation) and many more.
3.3 Critically review and test a LAN
As discussed above, for testing of our LAN we will generate a PING request which is basically
an ICMP request packet from one host to another host.
Eg: (a) A host from Finance department PING to the other host of the same department.
PC>ping 10.11.12.133
Pinging 10.11.12.133 with 32 bytes of data:
Reply from 10.11.12.133: bytes=32 time=2ms TTL=128
Reply from 10.11.12.133: bytes=32 time=1ms TTL=128
Reply from 10.11.12.133: bytes=32 time=6ms TTL=128
Reply from 10.11.12.133: bytes=32 time=23ms TTL=128
Ping statistics for 10.11.12.133:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 23ms, Average = 8ms
(b) A host from Finance department PING to the other host of a different department.
PC>ping 10.11.12.214
Pinging 10.11.12.214 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 10.11.12.214:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
Pinging 10.11.12.133 with 32 bytes of data:
Reply from 10.11.12.133: bytes=32 time=2ms TTL=128
Reply from 10.11.12.133: bytes=32 time=1ms TTL=128
Reply from 10.11.12.133: bytes=32 time=6ms TTL=128
Reply from 10.11.12.133: bytes=32 time=23ms TTL=128
Ping statistics for 10.11.12.133:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 23ms, Average = 8ms
(b) A host from Finance department PING to the other host of a different department.
PC>ping 10.11.12.214
Pinging 10.11.12.214 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 10.11.12.214:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
LO4: Be able to manage LAN infrastructures
4.1 Monitoring and Troubleshooting LAN
Whenever any issue arises into the network it is necessary to solve them in order to maintain the
sustainability of the network. Some of the related issues are Routing, Ports state changing from
up to down or down to up, unauthorized access to the network, Same IP address for different
hosts, cabling issues, LAN card damage etc. Proper monitoring of the network is necessary to
understand the causes of problems. Understanding the entire network hardware and software is
important.
Some of the Issues arise into the network:
Wrong assignment of IP address and subnet masks
Wrong cabling between devices or loose connections on devices can lead to network
issues.
Incorrect VLAN assignment which can cause misconceptions across the entire network.
Connectivity loss to any specific host.PING command is used to check to check the
connectivity with the host.
TRACEROUTE <IP address> command could be used to trace the route by which your
packet is transferring from a specific source to destination. Sometimes we need to check
the route of the packet in cases like when there is more than one way to reach a specific
destination.
4.2 resolve LAN issues to improve security, reliability and performance
For Security of network:
Proper antivirus software must be installed on end computers.
There should not be any loopholes which cause unauthenticated access to the network.
Routers, Switches and other devices should be password protected.
Enable logging messages which will also help in monitoring the users logging into the
devices.
If there is a large network running on, then use of security appliances like Firewall should
be done. A firewall filters the incoming and outgoing traffic of a network.
4.1 Monitoring and Troubleshooting LAN
Whenever any issue arises into the network it is necessary to solve them in order to maintain the
sustainability of the network. Some of the related issues are Routing, Ports state changing from
up to down or down to up, unauthorized access to the network, Same IP address for different
hosts, cabling issues, LAN card damage etc. Proper monitoring of the network is necessary to
understand the causes of problems. Understanding the entire network hardware and software is
important.
Some of the Issues arise into the network:
Wrong assignment of IP address and subnet masks
Wrong cabling between devices or loose connections on devices can lead to network
issues.
Incorrect VLAN assignment which can cause misconceptions across the entire network.
Connectivity loss to any specific host.PING command is used to check to check the
connectivity with the host.
TRACEROUTE <IP address> command could be used to trace the route by which your
packet is transferring from a specific source to destination. Sometimes we need to check
the route of the packet in cases like when there is more than one way to reach a specific
destination.
4.2 resolve LAN issues to improve security, reliability and performance
For Security of network:
Proper antivirus software must be installed on end computers.
There should not be any loopholes which cause unauthenticated access to the network.
Routers, Switches and other devices should be password protected.
Enable logging messages which will also help in monitoring the users logging into the
devices.
If there is a large network running on, then use of security appliances like Firewall should
be done. A firewall filters the incoming and outgoing traffic of a network.
The network must be protected from various attacks like DOS (Denial of Service)and
DDOS (Distributed-Denial of Service) Attacks, IP Spoofing attacks etc.
Time to time Background check of the people who have access to the network and
network devices should be done.
For Resolving performance and reliability of network:
A network’s performance is disturbed when the bloat wares, attacks, and unnecessary
services run or reside into our network.
For this, we must ensure that proper and update devices must be configured into our
network.
For IP saving, VLSM (Variable length subnet mask) and subnetting would be used.
More RAM should be installed if a system starts to perform slowly.
Systems should be free from all unnecessary applications and software.
DDOS (Distributed-Denial of Service) Attacks, IP Spoofing attacks etc.
Time to time Background check of the people who have access to the network and
network devices should be done.
For Resolving performance and reliability of network:
A network’s performance is disturbed when the bloat wares, attacks, and unnecessary
services run or reside into our network.
For this, we must ensure that proper and update devices must be configured into our
network.
For IP saving, VLSM (Variable length subnet mask) and subnetting would be used.
More RAM should be installed if a system starts to perform slowly.
Systems should be free from all unnecessary applications and software.
References
Differencebetween.info. (2018). Difference between LAN and Ethernet | LAN vs Ethernet.
[online] Available at: http://www.differencebetween.info/difference-between-lan-and-
ethernet [Accessed 23 May 2018].
Lifewire. (2018). What a VLAN Can Do for You and Your Business Computer Network.
[online] Available at: https://www.lifewire.com/virtual-local-area-network-817357
[Accessed 23 May 2018].
Network Computing. (2016). The Basics Of QoS. [online] Available at:
https://www.networkcomputing.com/networking/basics-qos/402199215 [Accessed 23 May
2018].
Mcmcse.com. (2018). Cisco Tutorial: The Cisco Three-Layered Hierarchical Model. [online]
Available at: http://www.mcmcse.com/cisco/guides/hierarchical_model.shtml [Accessed 23
May 2018].
Network Computing. (2016). 10 Hot Technology Trends For 2016. [online] Available at:
https://www.networkcomputing.com/storage/10-hot-technology-trends-2016/520323524
[Accessed 23 May 2018].
Differencebetween.info. (2018). Difference between LAN and Ethernet | LAN vs Ethernet.
[online] Available at: http://www.differencebetween.info/difference-between-lan-and-
ethernet [Accessed 23 May 2018].
Lifewire. (2018). What a VLAN Can Do for You and Your Business Computer Network.
[online] Available at: https://www.lifewire.com/virtual-local-area-network-817357
[Accessed 23 May 2018].
Network Computing. (2016). The Basics Of QoS. [online] Available at:
https://www.networkcomputing.com/networking/basics-qos/402199215 [Accessed 23 May
2018].
Mcmcse.com. (2018). Cisco Tutorial: The Cisco Three-Layered Hierarchical Model. [online]
Available at: http://www.mcmcse.com/cisco/guides/hierarchical_model.shtml [Accessed 23
May 2018].
Network Computing. (2016). 10 Hot Technology Trends For 2016. [online] Available at:
https://www.networkcomputing.com/storage/10-hot-technology-trends-2016/520323524
[Accessed 23 May 2018].
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Appendix
1 out of 17
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.