Introduction to Networking Touchstone 4

.docx

School

Western Governors University *

*We aren’t endorsed by this school

Course

12211

Subject

Information Systems

Date

Dec 6, 2023

Type

docx

Pages

6

Uploaded by raeganmink

Report
Raegan Mink 1234 Encinitas Blvd Encinitas ,CA 92024 (760) – 760-7600 07/27/2023 Chris Nelson President Greenfield Properties 123 Sophia Way Minneapolis, MN 55000 Dear Mr. Nelson: I appreciate the opportunity to assist your new growing company in developing a more appropriate network. I am a network expert with experience in developing and setting up different networks for companies of a small to medium size. After looking over the information you have provided about Greenfield Properties I have laid out some recommendations of what I think is the bets way to approach network infrastructure, network segmentation, printing, WiFi networking, and security measures. I would appreciate if we could set up a follow up meeting with your IT department members and some other executives to discuss this plan. If you have any questions or concerns please email me to let me know. I look forward to getting this project started with you. Sincerely, Raegan Mink 1
Introduction This proposal recommends a network infrastructure design to be implemented for Greenfield Properties, the merger organization of Blueglass Rentals and the Redstone Property Management. This outline was created to help these companies to transition from 2 separate peer to peer LAN organizations to a client server architecture. Network Infrastructure The new company will have 46 employees. There will be 95 devices and a potential for many more as the company continues to grow as does the digital age. As both these companies have outgrown peer to peer architecture which is recommended for 12 users or less, client server architecture should be used. A LAN or Local Access Network should be used. Local Access networks are best for a single building company of this size. Category 6 or category 6a cables would be the best option for the in house hosts. It is important to use something better than Category 5e and Category 6 cables are recommended in addition to fiber optic cables for new building networks. They can be used as riser cables to go between floors. The following server functions should be included in the company’s network: File, Mail, Web, Database, Active Directory, Print Server. The file server will be used for sending and storing files. The mail server will be used for emails. The web server for the companies website and transactions. The database server for storing company data. The active directory for AAA (authentication, authorization, accounting). The print server for printing capabilities. Cloud based servers would be better for this company as it is a smaller sized company. Cloud based servers allow for less upfront costs. Also with a smaller and less experienced IT team of only 2 people it makes more sense to wait to do on premises servers. They could set up some servers on the premises such as printers which are more necessary in person. Servers should run a Windows server. Windows is much easier to learn and more well known than Linux which makes more sense with a smaller IT team with limited knowledge. Linux has better security measures but because this is a property management company and they are not working with super classified data Windows should be fine. Virtual machines could be implemented in order to run the servers on one piece of hardware. Virtualization has some licensing costs but decreased costs when it comes to hardware because without it you would need a separate server for each of the servers. Virtualization also has easier administration which takes some load off of the smaller IT team. The enterprise version of Windows should be used as it can handle more than two virtual servers. Network Segmentation and Printing 2
Subnetting divides domains so that traffic is efficiently routed. We can so this by using one LAN in the same broadcast domain but segmenting pieces of the network to make it more efficient. This divides different devices to still be used by everyone in the local network but improves performance of these devices significantly. We can also change the security and permissions based on the different segments. The subnets that could be created are Printers, PCs, Infrastructure, WiFi (guests), WiFi(employees). In this subnet design we can change the security of the different WiFis so that guests do not have access to the same things as employees. Also ensures that guests using the WiFi will not slow down business to overloading of requests. VLANs should be implemented. This enables the company to increase performance and security and also lightens the load on IT to have several individual subnets. The IT department can set up VLANs based upon roles, giving certain people access to devices that others do not. For example technical employees may have access to all but receptionists may not Printing One of the advantages of using a print server is centralized print management, this puts the responsibility on IT and not the users which makes it more controlled. Print servers are also easy to set up using step by step installment procedures which would be easy for the smaller IT team. The print server also is much better for growth and if the company plans to continue growing this will make configuration easier. The disadvantages of the print server rely mainly in the extra workload on IT. Because they now need to control permissions as well as build a more complex system with different configurations they will need more work. In my other recommendations I have tried to keep IT from having more responsibility so this one shouldn’t be that much extra. IP Printing is much more efficient than a print server because the users send the request directly to printers. This involves a lighter resource load which wont clog up the resources with print requests. It also is easier to troubleshoot as the issue only effects single users or printers at a time. The disadvantages of IP printing involve the time consuming nature of setting up devices. With every new employee there is a lot of set up needed. There also is a lot of control for workers to set their own rules which can be dangerous as a company grows. With several remote workers having IP printing is limited for them. The print server, though increasing the workload for IT over time makes the printing more controlled and regulated. This helps employees to save time setting up and configuring printers and allows the load across these devices to be more distributed. It also allows IT to set the rules on how things are printed. The set up of this is fairly easy for IT and because we are limiting their load elsewhere with cloud servers we can assign them to printing. 3
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Wi-Fi Networking We can estimate that we need to prepare for about 104 devices because there are currently 69. It is industry standard to prep for 2/3 ratio to help with expansion and other needs. At least 12 WAPs will be needed based upon the company layout diagram. These WAP areas are most optimal when they overlap by 10%. They should also be strategically placed so that the points on the edges, near walls have coverage as well. The same SSID is recommended for the WAPs. An SSID is a passkey that allows it to connect to a different network. Different SSIDs do provide more security but having a single SSID allows users to roam around the office and avoid having to switch their WAP. Having separate SSIDs would make certain people attached to their area. A wireless LAN controller is recommended because the AP and controller can have a split MAC where they split the duties between both machines. This thinner system makes IT’s job easier as they don’t have to manage both pieces separately. WPA 3 should be used as the security encryption standard. This is the most recommended 4 1 11 11 6 1 11 6 11 6 1 6
standard as WPA is outdated and it improved upon security of WPA 2 as it has individualized encryption for each device as opposed to sharing the key across a network. WPA 3 has 192 bit cryptographic strength. Security Measures Physical Security The IT equipment will be kept in the IT department. The company should use key fobs for the employees and only give access to this room to those in the IT department. They can also standardize this key fob technology to secure other areas of the building to keep only authorized employees in. Any on premises equipment should be locked in cabinets to avoid tampering. Infrastructure Access Control access should be implemented to protect who can connect to the network. These lists will define which IP addresses and MAC addresses will have access and permissions to different network activity. By doing this we prevent anyone from being able to use the network. Authentication It is recommended that the company use a Kerberos authentication server. This system establishes different user identities and encrypts all transactions and communications. It is free and open source which will make it easy to install for the IT team. Also this system will be secure anywhere even when employees are remote or at properties and works on several devices. Lockout Policy It is recommended that the company uses a lockout method to help aid in network security so that hackers cannot get in by repeatedly attempting different passwords. Accounts should deploy a wait time of 30 minutes after 3 failed login attempts and to lock out needing an admin to reset the credentials after 6 failed attempts. Password Complexity Requirements 5
All users should choose a complex password that has the following requirements: - 8 characters minimum - 20 characters max - At least 1 symbol (@, !, #, $, *,) - 1 uppercase letter - 1 lowercase letter Firewall Firewalls are pieces of hardware and software which help to monitor and prevent traffic from threats. I recommend deploying an access control list on the router to prevent unrecognized IP addresses to access the network. Also because I am recommending primarily cloud servers, cloud firewalls will be available. It is also important that the users have firewall software on their individual devices. Sophos firewall is a highly rated software. Anti-Malware Anti-Malware should be deployed both in the cloud servers and on the users physical devices. Anti-Malware is important to protect from software that is malicious to the network, computers, and users. The cloud based anti-malware should update continually without need. The company should recommend that the users update their personal anti-malware every 30 days. 6
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help