Network Security Enhancement Strategies

Verified

Added on  2020/02/14

|25
|5245
|53
AI Summary
This assignment focuses on improving network security by outlining a comprehensive set of actions. It begins with the need to understand the existing network infrastructure through mapping and auditing. Key steps include keeping the network up-to-date, ensuring physical security, implementing MAC address filtering, segregating traffic using VLANs, and utilizing VPNs for encryption. The assignment emphasizes best practices for securing networks, covering various aspects from hardware to software configurations.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
Wide Area Networking Technology 1
Wide Area Networking Technology
Student’s Name:
Instructor’s Name:
Date:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Wide Area Networking Technology 2
Contents
Task 1..........................................................................................................................................................2
Wide Area Network.................................................................................................................................2
The point to point connection.................................................................................................................3
SWITCHING..............................................................................................................................................4
Circuit Switching......................................................................................................................................4
Packet switching......................................................................................................................................5
WAN virtual circuits.................................................................................................................................6
WAN dialups, devices and switches.........................................................................................................6
WAN protocols........................................................................................................................................6
Frame Relay Technology..........................................................................................................................6
Private Line Technology...........................................................................................................................7
NAT and PAT............................................................................................................................................7
ATM.........................................................................................................................................................7
WAN is open to many security threats and performance degradation; discuss WAN concerns in terms of
network reliability, security and performance. Include a critical evaluation of different trust systems.....7
1.1 QoS....................................................................................................................................................7
1.2 WAN Problems..................................................................................................................................9
Trust Systems in WAN.......................................................................................................................10
2.1 Design with the aid of diagram the WAN network infrastructure to meet the requirement of the
above scenario..........................................................................................................................................10
Connectivity Options – devices..............................................................................................................11
Topology................................................................................................................................................12
QoS profiles.......................................................................................................................................13
Servers...............................................................................................................................................13
DHCP Service Configuration...............................................................................................................14
Inline Power.......................................................................................................................................14
2.2 Evaluation with respect to reliability, availability, cost and scalability [5].......................................14
3.1 The company director asked you to build and configure the WAN infrastructure to meet your
designed WAN infrastructure....................................................................................................................15
Device configuration..............................................................................................................................15
Security..................................................................................................................................................16
Technology............................................................................................................................................17
3.2 Finalize the process of implementation and show the suitability of your network design..................19
Document Page
Wide Area Networking Technology 3
Testing [7]..................................................................................................................................................19
4.1 There are many tools available in the market to monitor the performance and network security.
Explain the use and importance of network monitoring tools. Include some examples of troubleshooting
by using one of the tools you selected......................................................................................................20
4.2 Wide area network known to be open for many external threats, produce a report to improve on
security, reliability and performance.........................................................................................................21
References.................................................................................................................................................23
Task 1
We will cover the protocols and technologies that are involved in the implementation long
distance networks (WAN - Wide Area Network). This will touch on the basis for long-haul
networks, types of services provided, and encapsulation Optional Links. We also discuss the
point to point links, the switch packets and virtual circuits.
Wide Area Network
A WAN is a data communications network that operates beyond the field of LANs action. Wide
area network is spanned over large geographic area and may comprise of several LAN’s.
Document Page
Wide Area Networking Technology 4
A WAN uses data links, such as Digital Networks Integrated Services (ISDN), ATM, DSL, X.25
and Frame Relay to access bandwidth across a large area geographical. A WAN connects the
different units of a company, or connects different units to units belonging to other companies,
external services (Databases, etc.), remote users. WAN connect LANs together, or remote
connecting sites. It can be installed in several countries or worldwide. Ultimately, the WANs
operate beyond the geographical area of LAN. By this feature, the WAN transport a range of
information, such as data, voice, images, etc. Different WAN technologies are point to point
links, switching (packet switching and circuit switching), WAN virtual circuit, WAN dialup
services and devices. Some of them are discussed below:
The point to point connection
The point to point connection is fixed and permanent in nature to connect two computers spaced
from each other in a network. It is also known as lease line. Pont to point connection is dedicated
connection between to devices so that better speed and reliability in data transmission can be
achieved. Figure 1 illustrates this type of connection.
Figure: Diagram of a point to point connection
Data can be transmitted through the connection in following two ways:
(1) Datagram transmission: data is transmitted in packet of variable lengths so that
bandwidth can be used more appropriately.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Wide Area Networking Technology 5
(2) Data stream transmission: data is transmitted as in form of continues byte streams
which are buffered at receiver end to compose as a message.
The advantage of using point to point connection link is that clients in organization gets the
dedicated connection which is fast but it is possible than whole bandwidth may not be used by
client. As a result, it is more expensive per client in comparison of switching technologies.
SWITCHING
Switching involves moving data to through a series of intermediate steps, or segments, rather
than by direct displacement a starting point to a finishing point. The switching instead of
depending on a permanent connection between the source and the destination, it relies on a series
of temporary connections that relay messages from station to station. It serves to same purpose as
the direct connection, but with more efficient use of resources transmission. WANs (and local
networks like Ethernet and Token Ring (token ring) depend first on the packet, but they also
make use of the switching circuit, message switching, and more recently, high speed packet
Switching technology, known as the cell relay naming (Cell relay).
Circuit Switching
Circuit switching corresponds to the creation of a physical connection between the sender and
recipient which is preserved and maintained through the carrier network to provide the
communication for the session. For it to happen, prior installation of connection and allocation of
bandwidth is necessary. Its main drawback is that of any unused bandwidth. Since the connection
is limited to two communicating parties, unused bandwidth can be "borrowed" by any other
transmission. Circuit switching is more like the telephone calls. ISDN is the example of circuit
Document Page
Wide Area Networking Technology 6
switching. It is also involved in some networks.
Figure 1: Diagram illustrating the circuit switching
Packet switching
Packet switching is the another variant of switching technology in which all the network devices
are arranged to provide the point to point link between the source and destination so that packet
can be routed in the path. Asynchronous Transfer mode (ATM) and frame relay are the two well
known example of packet switching.
Figure 2: Packet switching network
Document Page
Wide Area Networking Technology 7
WAN virtual circuits
Virtual circuits are logical combinations of connections to deliver the packet at the receiver side.
There are two types of virtual circuits: switched virtual circuits (SVCs) and permanent virtual
circuits (PVCs). Difference between both types is that SVCs are more flexible to determine the
routes but complex in nature in comparison of PVCs.
WAN dialups, devices and switches
Dial up services provide the cost effective connection between two nodes in network. Example
of dial up service is dial-on-demand which is used to initiate the connection and to close it on
demand. For it, routers are configured to optimize the path in traffic on channel. Switches,
modems and ISDN terminal adapters are example of WAN devices whereas frame relay and
X.25 are WAN switches.
WAN protocols
Frame Relay Technology
The frame relay (FR) is a switching protocol packet located at the link layer (level 2) of the Open
Systems Interconnection mode (OSI) model, used for intersite exchanges (WAN) it was invented
by Eric Scace, an engineer at Sprint International. PVC (Permanent Virtual Circuit) identify at
the DTE and DCE interfaces through DLCI (Data Link Connection Identifiers) in order to
distinguish the flow from different PVC. DLCIs are generally identification numbers only local
value (an interface) which equates to a sub-interface in some contexts: for example on a router,
each PVC on an interface may well have its own associated IP address.
Private Line Technology
A dedicated line (LS) or leased line is in computer science or telecommunications, a connection
between two points, permanently connected together. It contrasts sharing resources like a VPN

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
Wide Area Networking Technology 8
network type (X25, Frame Relay, ATM, MPLS ...).The dedicated line is often dedicated between
the client and the network access point the operator, after the data is transported either on a TDM
network, ATM or MPLS where Bandwidth is dedicated.
NAT and PAT
NAT and PAT are two protocols that allow machines on a network internal / local access to the
Internet with their IP addresses "non-public", so they include a translate these addresses into
public IP addresses which are limited, hence the need for this translation.
ATM
ATM is Asynchronous Transfer Mode. The data is transferred from a point to other point in
small cells. The use of ATM is done to make a network faster. The standard size of ATM is 53
bytes.. Thus the packets on the layer 3 are subdivided into cells of 53 bytes. ATM is faster than
frame relay as well as Point to Point. Use of ATM allows transfer of video, voice and other data
over the same line.
WAN is open to many security threats and performance
degradation; discuss WAN concerns in terms of network
reliability, security and performance. Include a critical
evaluation of different trust systems
1.1 QoS [6]
Over the past few years, data networks have become increasingly viable for different types of
telephony devices. The benefits of converged networks have become very apparent in recent
times. This makes it very convincing for companies to adapt VOIP over WAN. WAN is known
for its plentiful raw bandwidth. However, for VOIP it is necessary to make sure that packet
throughput is remarkably high. Throughput is important for the VoIP to function well. Without
Document Page
Wide Area Networking Technology 9
the right QoS settings, bandwidth hogging would happen in the WAN. Bandwidth hogging can
cause an increase in the amount of jitter and latency of voice, especially when certain video and
data applications run in the background.
In the WAN connection, packets that take more than 200 milliseconds to travel between
locations can reduce voice quality. This is when the transaction becomes absolutely
unacceptable. If employees in the company are using their mobile devices for VoIP, they will see
a considerable amount of interjection. This will make it difficult for users to differentiate pauses
and high latency.
Companies that connect different branches with VoIP should have extreme network policy based
QoS. Several components are required to satisfy these requirements. Several components are
needed to manage bandwidth characteristics. In simpler terms, policy based QoS is a
combination of treatment and classification. These policies make sure network administrators
can control the bandwidth of several applications. Conversely, jitter and latency can be
controlled over applications that require them. This classification can be done using implicit
information – voice VLAN, TCP/UDP ports or explicit information – 802.1p code points
DiffServ. The treatment revolves around bandwidth and priotitzation management, which is also
taken care in extreme network switches through max and min bandwidth control – in conjunction
with 8 queues on every switch port. For a company that has branches in four different locations
and the main HQ, i series chipset switches are sufficient. These queues can be carefully rate
shaped, thus controlling latency of the network. This would be a simple policy based QoS for
this company. Appropriate QoS tools should be used to make sure real time voice traffic is
managed accurately.
1.2 WAN Problems [5][4]
Document Page
Wide Area Networking Technology 10
WAN has several problems that should be dealt with carefully. The company has to have a well-
stocked toolkit to handle these problems. The network design should take care of insufficient
bandwidth. Network techniques should be used to optimize bandwidth using data reduction and
compression. If redundancies are removed from the network and caching is introduced, issues of
insufficient bandwidth can be overcome. There are special WAN optimization controllers to
support reduction and compression. Standard web security gateways have this technique too.
In organizational level, applications that perform poorly should be removed. This can be
achieved by deploying a ADC near the application servers. Other effective options include the
use of WOCs with optimization features and web application firewalls. Network reliability is a
major concern in WAN systems. In order to improve network reliability, organizations can
reduce link downtime. The company has to reduce the number of links for a particular operation.
For example, the number of links for faxing can be reduced. Then, link balancing and dynamic
routing has to be encouraged. It would be wise to use combination VPN or router devices or edge
based firewalls to ensure network reliability.
Likewise, application reliability has to be taken care. Local load balancing done in Layer 3 and
Layer 2 ADC devices can forward load based on a standard set of algorithms. Global load
balancing (like how the current company has systems in different locations), should be designed
to take care of load from different data centers. This might be less effective but it is required.
Trust Systems in WAN
Network security is a critical component of WAN. This is where trust systems come into the
picture. A well known trust system would be edge switching. This offers cooperative firewalls
for company networks. These firewalls are capable of managing all types of communication. It
dissolves boundaries in closed and open networks. All communication is managed by a policy.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Wide Area Networking Technology 11
These firewalls are designed to collect and give evidence for different types of network attacks.
Thus, the WAN connections become trust worthy. Trust systems in WAN encourage the use of
new firewalls and Edge switching over Network Address Translations.
2.1 Design with the aid of diagram the WAN network
infrastructure to meet the requirement of the above
scenario
Just like how IP telephony can be
implemented in a LAN
environment, it can be established
in a WAN environment too [1][2].
The conversations would be broken
into small streams of IP packets.
These packets are distributed over
the Ethernet. The traffic gets
converted to IP traffic in many
devices. It goes through toll bypass
applications and gateways that
convert voice between the IP network and PBX. Toll bypasses are very useful in WAN for VoIP
networks. It saves cost and can be used to make long distance calls. According to a study, 90%
of IP telephony deployments are made using toll-bypass applications. IP telephony traffic for the
organization can be tackled in the following steps:
1) Voice traffic comes from a PBX.
2) Output from the PBX is directed to a VoIP gateway. Here data is converted to IP packets.
Document Page
Wide Area Networking Technology 12
3) IP packets are prepared and sent over an IP-based WAN network.
4) At the other end, IP Packets are converted to data that can be fed into the PBX.
Here, the IP-based WAN network is a private entity with frame relay service or ATM service or
leased lines. For this company, a public internet service provider or IP carrier will be required at
each branch.
Connectivity Options – devices [1][2][3]
The company has to make choices on how the phones would be configured and connected to the
network. The IP phones must have a dedicated switch port. There should be a drop to the PC and
a drop to the phone. The network switch and cable can be shared across several systems in the
same network (branch). This enabled rapid deployment and quick maintenance. Changes, adds
and moves can be done easily. The IP phone has a three port switch in it. This will have a 10/100
port connection that links the network switch and phone. Most IP phone support this layout. The
company has an option to use analog phones too. These connect to the IP network through a
voice hub. The voice hub is responsible for digitizing the packets of analog signals.
Topology [3]
The company’s IP
Telephony implementation
requires the creation of at least a single VLAN for the service. This VLAN has to be
implemented on each switch, which has a IP phone connected to it. The end-to-end QoS of voice
Document Page
Wide Area Networking Technology 13
requirements are different from the data. This means, every switch should be configured with the
specific and pre-planned QoS profiles. Tasks to be performed during the WAN implementation:
1) A logical topology for the IP telephony has to be created
2) QoS profiles should be designed
3) Call server clusters and dial plans must be made
4) A DHCP service with address assignment should be designed
5) Power handling of phones must be done
6) Security plans should be implemented for the network to overcome unauthorized access
7) The phones should be installed and set up
8) The dial plan has to be tested.
The logical topology of this network involves Layer 3 and Layer 2 topologies including Subnets
and VLANs. The routing rules (layer 3) and spanning tree (layer 2) has to be created. Voice
VLANS can be configured as simple overlays in the network. These can be routed, hybrid or
VLAN-separated. Telephony VLAN supports traffic and telephonic application components.
Ideally, the company has to have a very own subnet for the IP telephony VLAN, that is fully
routable across all
Layer 3 links.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
Wide Area Networking Technology 14
QoS profiles [6]
VoIP WLANs have edge switches connecting the telephony devices. This includes core and
aggregation switches between all the phones in the network. All devices that forward voice
traffic should have QoS profiles configured in them. At the aggregation and core layer,
adjustments should be made to ensure bandwidth.
Servers
Call setup and control are very important for IP telephony functionalities. This can be achieved
using a centralized call server that would be maintained in London. There can be optional backup
servers too. These servers can be distributed throughout the network, based on implementation.
Call servers can be used to handle dial plans and features of phones that are responsible for call-
hand off and call-setup. Setting up the server involves configuration of rules between the servers
(branch to branch, branch to HQ and HQ to branch), ensuring configuration of device pools and
redundancy. A table with IP phone Media access addresses should be created. As a new branch
or phone gets added, this table has to be updated.
DHCP Service Configuration
IP addresses of phones can be asserted using static or DHCP configuration. DHCP would be
advised here because so many phones should be configured. When DHCP servers are used,
details about what call servers exist should be gathered.
Document Page
Wide Area Networking Technology 15
Inline Power
To ensure inline power for this company, the following solutions can be chosen:
1) Mid span powered hubs
2) Ethernet switches with integrated inline power
2.2 Evaluation with respect to reliability, availability, cost and
scalability [5]
With such a network design, it would be easy to maintain database information. Database
information can be obtained, managed and moved rapidly. For example, details of unplugging
and plugging phone can be used to generate Link Up and Link Down alerts. This proves the
system to be reliable. Scalability can be achieved using the foremost configuration in the
following ways:
1) Relocation of station, introduction of new branch and physical equipment changes can be
monitored easily.
2) All software related changes, such as router or switch QoS or authentication
configuration can be handled from the HQ server.
Most changes in this system can be automated from a single server. This proves to be a cost
effective solution. Also, scaling the system becomes easy since the network is converged and
designed using sophisticated infrastructure. The policy based QoS and end-to-end configuration
ensures rapid MAC support and deployment too.
3.1 The company director asked you to build and configure
the WAN infrastructure to meet your designed WAN
infrastructure
Device configuration [1][2][3]
Document Page
Wide Area Networking Technology 16
To begin with, routers should be configured at the London HQ. a new configuration file has to be
created and saved. First of all, subnet zero has to be enabled and default route for the subnets
should be enabled. BGP protocol has to be created for each router. Peers should be added to the
BGP protocol. QoS policies must be keyed into the BGP. In the basic WAN design for this
network, BGP routing protocol is used with autonomous system to represent each branch. The
company can use its VPN as a primary data network pathway. And a private network can be set
for backup. If something goes wrong, routes can be re-routed dynamically. The routers should be
capable of learning and storing link status. Router configuration would be as follows:
1) The company’s routers should be the only active BGP routers in the entire WLAN
network.
2) There should be a remote site called AS
3) The BGP neighbor router should be explicitly defined
4) Neighbor interfaces should be encrypted. Firewalls should ensure accurate delivery of
packets
5) Route attributes of the network should be advertised
IP address allocation
City Network Assigned IP CIDR #1
London /24 ISP 192.168.1 -192.168.1.124
Sydney /24 ISP 192.168.2 -192.168.2.97
New York /24 ISP 192.168.3 -192.168.3.87
Tokyo /24 ISP 192.168.4 -192.168.4.93

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Wide Area Networking Technology 17
Security
With IP telephony, networks are exposed to various public and semi public areas. For example,
the IP phone could be present the lobby of this company. This increases the need for security
capabilities. With this WAN design, access control lists can be used to filter away inbound traffic
– SMTP, FTP, HTTP and Telnet. These are not relevant to IP phone. The network can be
maintained securely from Layer 2 address spoofing too. The phones are usually protected against
Denial of Service attacks too. Since the MAC address of the phones are learnt dynamically
during installation, the ports can be locked down to this MAC even address. With respect to data
clients, phone discovery can be paired with user level access security principles. Port based
network access control plays a critical role in the security of enterprise environments. Combining
802.1x and network login on the same port can ensure user security without any network client
device changes. The new network design allows this too.
City Private WAN
Firewall
Private WAN
local IP Gateway
Internal Gateway
London 100 192.168.50.1 10.12.50.1
Sydney 200 192.168.50.1 10.22.50.1
New York 300 192.168.50.1 10.32.50.1
Tokyo 400 192.168.50.1 10.42.50.1
Technology
DHCP has to be enabled in the routers. Here is a simple way of enabling interfaces and DHCP
for the routers.
Network Service IP address
Document Page
Wide Area Networking Technology 18
Domain name Company.local
Active Directory, DNS Server, DHCP Server 10.4.48.10
Secure access control system 10.4.49.15
Network time protocol server 10.4.48.17
The Internet WAN physical WAN Interface can be configured as follows:
Interface GigabitEthernet0/0
Vrf forwarding IWAN-TRANSPORT-3
Ip address dhcp
No cdp enable
No shutdown
Layer 2 trunk from router to access layer switch
1. Enable the physical interface to router
2. Configure trunk to access layer switch
Interface gigabitEthernet1/0/48
Description link to access layer switch
Switchport trunk allowed vlan 64,69,99
Switchport mode trunk
Ip arp inspection trust
Spanning-tree portfast trunk
Document Page
Wide Area Networking Technology 19
Logging event link-status
Logging event trunk-status
Ip dhcp snooping trust
No shutdown
Load-interval 30
This configuration gives an overview of how IP telephony ensures trust in the WAN network,
tracks all activities and routes IP packets through the network.
Services
Every system has its very own DNS server. This server takes care of domain name resolution.
For this company, all IP packets would be sent to the corresponding IP address based on DNS
resolution. A private network is established for VoIP services. This means, there are defined
gateways to transfer traffic. Within the headquarters, IP packets would not reach the router
gateway. The default gateway would move traffic within the branch. When data has to reach
devices in foreign networks, the default gateway comes into the picture. Data sent over the web
has to be monitored. Likewise, the company can use email Ids to log VoIP users. Applications
can affect the rate at which IP telephony works. Conversely, the applications should be fine
tuned used an application server that hosts these programs in the end point.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
Wide Area Networking Technology 20
3.2 Finalize the process of implementation and show the
suitability of your network design
Testing [7]
Before deploying the actual system, extensive testing should be done. This includes off-net calls,
dial plans, on-net calls, fail over conditions and E911 emergency calls. The testing process
begins with a standalone network. Here the company can learn about how to configure products
and connect to various VoIP equipment. The test must make sure data and voice disruption
doesn’t happen. It is critical to verify if the network can deliver voice quality across all data
traffic conditions. The test project should include new workgroups that have telephones with
unique capabilities. There should be a mix of users too because different data applications handle
voice differently. Here is a simple test plan to show how a legacy PBX can be connected to the
IP network. For the test, the IP telephony gateway can be standalone. Or, it can be integrated to
the call server. Next, the IP Telephony solution has to be deployed across various enterprise
phases. The key to successful IP telephony deployment would be QoS and proper bandwidth
provisioning. Throughout the test, it has to be made sure QoS is maintained from all end-to-end
points.
A Sample test configuration would be as follows:
Document Page
Wide Area Networking Technology 21
This test layout would handle all the web servers, data servers, emails and DNS servers. It will
also make sure the IP telephony calls happen properly between branches.
4.1 There are many tools available in the market to
monitor the performance and network security. Explain
the use and importance of network monitoring tools.
Include some examples of troubleshooting by using one of
the tools you selected
Network Monitoring [8]
Document Page
Wide Area Networking Technology 22
WAN has few critical elements that should be monitored. Basic elements that should be
monitored would be as follows:
1) Email servers distribute emails to all LAN users. If the server fails, the employees would
be removed from all forms of connection to the external world. This is when end-
productivity takes a hit. Managers should monitor their email servers to make sure it is
functioning properly.
2) WAN links are used to optimize networks. However, over subscribed WAN links can
choke and bring down the entire network. The link has to be carefully balanced with
committed information rate, response time, throughput and unnecessary data has to be
discarded to ensure proper link utilization. Based on how bandwidth is split, necessary
arrangements have to be made. Likewise, routers should be checked for performance and
availability. If routers cease to function and terminate the entire LAN, managers must
take a good look at the thresholds and attend to all problems quickly.
3) With respect to business applications, servers and services should be monitored for disk
space, CPU and memory. Traffic utilization trends on servers should be managed too.
Three well known tools for managing WAN would be:
1) Nagios – this is an open source tool for monitoring networks. It is designed to run in
Linux platform. It checks external plugins, services and hosts. Reports, historical logs and
status details can be accessed over the net.
2) NRTG – this is an open source tool for traffic monitoring. Live representation of traffic
can be obtained.
3) Kismet – this is an open source tool for intrusion prevention and wireless discovery.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Wide Area Networking Technology 23
4.2 Wide area network known to be open for many
external threats, produce a report to improve on security,
reliability and performance
Improving Network [9]
To ensure security, performance and reliability of networks, the following should be carried out:
1) Periodic mapping and auditing should be done to understand the current infrastructure of
the network. Details of firewall configuration, Ethernet ports, switches, cables and
wireless access points must be verified.
2) The network has to be kept up to date. Once mapping and auditing is done, it is necessary
to check if the network infrastructure components are up-to-date along with all firewall
software updates.
3) The network has to be physically secure.
4) If possible, the network should have MAC address filtering. This will help in identifying
all possible flow of traffic into the system.
5) Traffic has to be segregated using VLANs.
6) If possible the entire network has to be encrypted. Selected servers and PCs should be
encrypted using VPNs.
Document Page
Wide Area Networking Technology 24
References
1. Cisco, 2015. Intelligent WAN and WAN Design Summary. [pdf]. Available at
http://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/Oct2016/CVD-IWANDesign-
2016OCT.pdf
2. Cisco, 2014. WAN Design Summary. [pdf]. Available at
http://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/Aug2014/WANDesignSummary-
AUG14.pdf
3. Brocade, 2015. Designing an Agile, Automated, and Affordable Campus Network. [pdf].
Available at https://www.brocade.com/content/dam/common/documents/content-types/product-
design-guide/brocade-designing-agile-campus-network-dg.pdf
4. Al-Wakeel, S.S., 2009. A Planning Methodology and Cost Models for Designing A Wide
Area Network. [pdf]. Available at
http://www.iaeng.org/publication/WCECS2009/WCECS2009_pp399-404.pdf
5. Accessing the WAN, CCNA Exploration Companion Guide. [pdf]. Available at
https://catalogue.pearsoned.co.uk/assets/hip/gb/hip_gb_pearsonhighered/samplechapter/
1587132052.pdf
6. Cisco IOS Quality of Service Solutions Configuration Guide (nd). Quality of Service
Overview. [pdf]. Available at
http://www.cisco.com/c/en/us/td/docs/ios/12_2/qos/configuration/guide/fqos_c/qcfintro.pdf
7. Ixia, 2015. Testing Enterprise WAN Applications. [pdf]. Available at
https://support.ixiacom.com/sites/default/files/resources/whitepaper/enterprise-wan-
applications_0.pdf
Document Page
Wide Area Networking Technology 25
8. ManageEngine, 2017. Free Network Monitoring Tools for Small Networks. Available at
https://www.manageengine.com/network-monitoring/network-monitoring-tool.html
9. Geier, E. 2014. 8 ways to improve wired network security. Available at
http://www.networkworld.com/article/2175048/wireless/8-ways-to-improve-wired-network-
security.html
1 out of 25
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]