Development of a Network System for BiggsTech Electricals Inc.
Network Architecture Assessment
This paper reviews the network architecture of BiggsTech Electricals Inc. and enables us to design a better and more reliable network for the company. Currently, the business has been experiencing some networking problems, which have made it unable to complete most of its computer-based communications and transactions. With the high rate of adoption of technology coupled with an increase in e-commerce, the failure of the company’s network system has made it incur massive losses. Accordingly, there is a need to carry out a network architecture assessment to identify weaknesses in the existing network, which will inform us on how to develop a more efficient one.
General Business Environment
BiggsTech Electricals Inc. specialises in the sale of consumer electronic products. Its main products include smartphones, smartwatches, tablets, iPhones, IPads, cameras, MP3 players, headphones, laptops, televisions, video games, home theatres, and speakers. Due to the rapid adoption of technology and e-commerce, coupled with the ease of access to the internet, the business has recently added an online shopping platform. Importantly, the online shopping platform had enabled it to capture the techno-savvy buyers who mostly prefer to make online purchases.
BiggsTech Electronics Inc. has five major departments, finance, human resource, sales and marketing, logistics, and procurement, which enable it to function properly. The finance department deals with all activities that relate to incomes and expenditures of the business. Incomes are normally received from the sale of electronic goods, while expenses include salaries, leases payment, purchase of inventories, and recurrent expenditures. The human resource department allocates duties, determines employees’ leave days and offs, and also established their promotions or demotions. Additionally, these department recruits new employees or cancels the contracts for the underperforming ones.
The sales and marketing department is in charge of promoting the company’s items to potential buyers. Therefore, it is actively engaged in both online and physical advertisement. Additionally, it evaluates the customers’ purchasing behavior and the market trends to know how the company can competitively position itself. The logistics department main duty is to deliver online purchases to customers. Finally, the procurement department analyzes the company’s inventory levels and consumer purchases to establish the items that should be ordered and also the business’ optimal stock and re-order levels.
BiggsTech Electricals Inc. shares all information from each department using an open systems interconnection (OSI) and transmission control protocol/Internet protocol (TCP/IP) in a dual-stacked environment. This network was established to enable all departments to share interdependent information and facilitate online shopping. Unfortunately, this system has proven to be memory-intensive and has caused an inability for application internetworking to occur.
Network Goals and Objectives Statement
- Connectivity and communication: The establishment of a stable network will connect the users of computers in all BiggsTech Electricals’ departments.
- Data sharing: The interconnection of all departments will facilitate secure sharing of information.
- Hardware sharing: The networking system will facilitate sharing of hardware such as scanners and printers by placing these systems on the network ((FitzGerald, Denniss, & Durcikova, 2014).
- Data security and management: The installation of a network will enable administrators to better manage the business’ critical data by safely storing information in servers and controlling its access (McMillan, 2015).
Assessment of the Network Architecture
Currently, BiggsTech Electrical Inc. uses an open systems interconnection (OSI) and transmission control protocol/ Internet protocol (TCP/IP) in a dual-stacked environment. In this system, routers are connected to the network backbone which is enabled for IPv4 and IPv6. One rooter is used to connect to the host computers using a network that also supports IPv4 and IPv6. Another router is connected to the NFS (network file system) server using a network that also supports IPv4 and IPv6. There is also a router that connects to the LDAP (Lightweight Directory Access Protocol) server, Mail server, and DNS (Domain name system) server using a network that also supports IPv4 and IPv6. All the small routers are then connected to a primary router (Router 2), which also has a firewall. Router 2 is connected to primary router 1(boundary) which has a firewall and connects to the internet service provider. Between router 1 and router 2 there is a DMZ (demilitarized zone/ perimeter network), which connects to the web server and FTP (file transfer protocol) server.
The company’s network is memory-intensive, which makes it inappropriate. As a result, it has caused an inability for application internetworking to occur. Due to this challenge, the organization should use a less memory-intensive network.
Business Goals and Objectives as Supported by the Network
The current network is designed to support all the operations of BiggsTech Electricals Inc. Firstly, the network facilitates online shopping, which is a major segment of the company. In this case, the network provides a gateway for the online shopping platform, which enables buyers to know the items that the company is selling and their respective prices. Additionally, the network enables the inventory to be automatically updated on every purchase, which is essential in avoiding cases of customers’ buying non-existent items.
The sharing of information facilitated by the network is also important in enabling reconciliations of accounts across all departments. In the financial department, the network will help the company to track all its sales, incomes, losses, and liabilities. The network also helps the procurement department to have a track of the company’s inventories (Kurose & Ross, 2016). In this case, the department can know how many items are remaining when a purchase is made, which helps it to know when to place an order for new inventories.
The network also supports the business goal of being efficient, by enabling the sharing of hardware. Firstly, various hardware such as computers and scanners can be connected to the main network, which can eliminate the need for the company purchasing these items for each employee.
Lastly, the network ensures that the company’s data is safely stored and managed in the company’s server. Therefore, the network avoids the cases of the company’s sensitive information being haphazardly stored in small computers. Additionally, the data manager can control the information accessed by each individual.
Networking Problems in the Business
The main problem of the current network is the failure of the application internetworking, which has led to the collapse of the entire network. The current network is memory-intensive, which has made the local area network of each department being unable to connect with the wide area network. As a result, BiggsTech Electrical Inc. does not have communication and connection across departments. Additionally, its departments are unable to share information or share hardware. The business is also unable to manage its data safely.
The failure of the network has also resulted in each department not being connected to the wide area network, and the company’s server. Accordingly, the departments are not interconnected; therefore, they cannot communicate on a shared network (Kurose & Ross, 2016). Also, the failure of the network has made it impossible for all departments to share common hardware, such as printers easily.
Another concern with the failure of the company’s network is the lack of data security and management. Due to the failure in the connection of the company’s network, the data manager is unable to safely store all the data in the server and control the information that various individuals can access (McMillan, 2015). Furthermore, employees are in some cases forced to carry sensitive data using flash disks so that it can be used in other departments.
The network architecture assessment has enabled the fulfilment of our mission of developing a stable network for the company. In particular, this assessment has disclosed that the current network is memory-intensive, which has resulted in the inability for application internetworking. Additionally, this assessment has informed us of the business structure and operations of BiggsTech Electricals Inc., which will be essential in enabling us to design an efficient network for the company. Accordingly, the new network will not be memory-intensive and will focus on data management and security, information sharing, and connectivity and communication, which are essential in BiggsTech Electricals Inc. operations.
Network Referencing Model (OSI versus TCP/IP)
Network Reference Model (OSI vs TCP/IP) Comparison
The current network architecture at BiggsTech Electricals Inc. is running on a dual-stack model that has implemented both OSI and TCP/IP protocol. This architecture has resulted in challenges and compromise to the security and infrastructure of the retail store. A dual stack model duplicates the implementation of the application to network layer across the communicating devices, which makes it memory-intensive (Lin & Lei, 2008).
OSI Model Concept
The retail store implements the OSI model in its communication and resource sharing processes. Whenever users in various departments are communicating within the store, the information has to pass through all the seven steps from sender to destination, which are application layer, presentation layer, session layer, transport layer, network layer, data link layer, and physical layer. Each layer communicates with the peer layer in the two communicating devices. Noteworthy, the devices sending data must initiate the communication from the top layer, but the receiving device receives the information from the bottom. The communication takes the reverse action mechanism of natural communication.
OSI Reference Model and Data Flow Diagram
Roles of the OSI Layers in Communication
The application layer is the interface layer between the user and the computer device. It provides the interface between the applications running on the computer devices and the underlying layers. The protocols at this layer include Telnet, FTP, email client (SMTP) and HyperText Transfer Protocol (HTTP). Protocols are simply the rules that govern communication in a network.
The presentation layer delivers the information passing through from the application layer in a manner that can be transmitted across the network. For example, when a user is sending an email, the presentation layer transforms the text into email format for transmission.
This layer initiates and terminates communication between the sender and the recipient.
The transport layer helps in maintaining the flow of data and provides error checking mechanisms and recovery of data between devices. Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) protocols operate in this layer.
Usually, routers determine the paths to use for the destination of the data being sent. The network layer provides the logical addresses that are used by routers. Logical addresses are equivalent to the IP addresses used on the network, which include the source and destination address.
Data Link Layer
This layer is useful in formatting the message into data frames by adding headers containing the hardware destination and source address. This mechanism makes the header to find the next destination device on the network for the message. This layer comprises of Logical Link Layer (LLC) for managing frames of upper and lower layer, error control, flow control, and the Media Access Control (MAC) for carrying the physical address of every device on the network.
This layer defines the physical layout of the network such as the connections and timing.
Network Reference TCP/IP
TCP/IP communication suite helps in interconnecting network devices on the internet. The protocol also applies to private networks such as intranet and extranet (Mazzon, 2000). Unlike OSI reference model, this protocol suite has five layers, which are the application, transport, network, data link, and physical layers.
TCP/IP Reference Model and Data Flow Diagram
The application layer is where users get the interface to interact with applications on the computers and communicate with other devices on the network.
In this layer, programs transfer information between various applications on the network and between the clients and servers. The layer uses Transmission Control Protocol (TCP) for a reliable connection between server and client applications. The protocol can check and handle errors, lost packets and correct them without relying on the application programs. The protocol also handles flow control for slow transmissions.
For unreliable transmissions, the layer applies the User Datagram Protocol (UDP) with no sessions and flow control. This protocol is used in Voice over internet protocol and video streaming, and there is no error detection.
This layer is responsible for routing packets across the network for communication. The protocol used is the Internet Protocol (IP) with the complexity of the message left for the TCP.
Data Link Layer
Data link layer transfers information/data between the network’s hosts. It mostly applies to the Local Area Network (LAN).
The physical layer is used for handling the physical characteristics of the network’s transmission medium, such as radio transmission, optical fibre, and copper medium. The software application has no reliance on this layer.
The figure below shows how data travels through this layers between communicating devices.
Data Flow Diagram for Both OSI and TCP/IP
Revised OSI Model with Hardware and its Data Flow
OSI Reference Model Connectivity
For the retail store to be able to stabilize and secure its communications and resource sharing across the network, both local and external, there is need to implement best mechanisms for connectivity via the OSI model. The revised proposed network solution will have every required device at any given layer for enhanced communication.
For secure communication and transfer of information, there will be a security and encryption mechanisms for the information. This mechanism will be achieved through development of firewalls to safeguard communication and prevent intrusion of data and information.
Revised Proposed Data Flow Diagram
In any organization that relies on the network for communication and data sharing, there has to be a well-implemented network architecture that facilitates the flow of information. For the revised analysis and connectivity of the network devices, the retail store requires every employee and user to have access to connectivity and security of information (Kołodziejczyk & Ogiela, 2012). The OSI reference model is a primary requirement in making sure that communication flows from the top to bottom layer is well secured, and encryption is guaranteed for data integrity. Having the routers connected at the application layer linking to the switches fulfils the requirement for connectivity, which is the number one objective.
The implementation of the network protocols such as TCP/IP is a good practice for secure communication and flow of information across the network. The implementation will ensure that all the rules that govern data communication have been considered in the long run. It is upon Biggs Tech Electricals Inc. network administrator in ensuring that there is the implementation of a firewall at the application and physical layer for security reason to prevent intrusion (Kołodziejczyk & Ogiela, 2012). Having the log of all the traffic flowing through the network will be an essential implementation for intrusion detection and prevention. The design and flow of data will rely on peer-to-peer communication between the sending and receiving the host on the network. Translation and presentation of information will be handled by the specific network layer in the business entity.
The connectivity of all the devices provided by the management will rely on the OSI model for communication. Every protocol will route information and convert the data in the way that realises the needs and requirement of users across the network (Kołodziejczyk & Ogiela, 2012). Improving network infrastructure is a process that requires enough analysis and penetration testing for the organization to realize stability in communication and data sharing. Biggs Tech Electricals Inc. retail store requires protection of their confidential information. The security of data has been considered in the revised plan by implementing peer-to-peer communication across the OSI model layers on the network. The realization of the mission is upon the architectural design and implementation of the Secure Socket Layer (SSL) certificates on the organization’s domain. The primary goal of the new design is to make sure that there will be secure, efficient and reliable communication.
Local Area Network (LAN) Design
In the development of the improved network structure of BiggsTech Electricals Inc. network for secure and reliable communication, there is a need for planning and strategic architectural structuring. Matt as the Information Support person shared information that would help me to understand the current state of the network and how to improve on the new solution. Among the information shared are the network devices available, which include hubs, workstations, mainframe servers, and router. These network devices have been configured for communication and resource sharing among the employees. The design, however, has not met the expected requirements for a stable and secure network.
The router is connected to the Wide Area Network for internet connectivity. This device supplies users with internet connectivity for communication with external stakeholders in the business. The hubs link three workgroups in the business, which represents the departments, and the workgroups support five nodes which are the workstations for every device. The AS/400 mainframe serves as the controller of every device on the network, which relies on the two servers for file storage and database management. The requirement of having a hosting capability for their web application is possible, but there will be many requirements to meet security and reliability measures. Below is the current network design of Biggs Tech Electricals Inc.
Proposed Network Solution
In the planning of how to improve the network setup of BiggsTech Electrical Inc., various factors will be considered depending on the goals and objectives of the organization. The objectives had been earlier formulated based on the challenges faced by the organization regarding information sharing and communication. Some of the factors affecting the constraints above are resiliency, speed, and security (Al-Bahadili, 2012). For the business to overcome the current challenges in its network, it has to improve the entire infrastructure regarding networking devices and connectivity. Software applications operating in the business entity must also be evaluated and scrutinized to make sure that they meet the minimum requirements to run on the infrastructure of the company.
For the network to be resilience, the router should be intelligent to maintain traffic during errors or failures. The first recommendation for Biggs Tech Electricals Inc. is for it to replace the existing router with a new and modern one that has the latest firmware installed and well configured. The speed of transmission of traffic in the network depends on the type of media used and the amount of bandwidth for internet needed by various applications. It is important that the bandwidth of the network be improved to meet the growing traffic capacity in the business. This will be a core component in the traffic maintenance of the business due to the ever-increasing number of customers.
Security is another factor that is critical for companies. The security measure entails a safeguard on application programs, hardware, information, and users’ access. Due to the current increasing number of internet users, the cyber intrusion has been on the rise. Accordingly, BiggsTech Electricals Inc. needs a strong firewall for protection of its assets and information regarding access and authorization. The firewall must be implemented at the edges of the network to secure both incoming and outgoing traffic. The firewall will control the flow of traffic to help in avoiding the distributed denial of service for the web-based applications. The servers existing on the network are susceptible based on their roles of file storage and database hosting. These servers will be locked in a secure and well-conditioned cabinet to avoid unauthorized access or damage that could lead to information loss. For safe communication and history of existing communication, the company will also need to have a mail server with enough storage capacity for email archiving. The mail server goes hand in hand with the active directory management and user accounts management.
The system administrator or the support specialist will handle the management of this information for the organization. The retail store will to some extent need to have wireless access points in the local network for handheld devices. The access points will be tapping connectivity from the routers for access on the wide area network. Strategic locations must be cited for equal distribution of the resources. The design and implementation architecture will serve as a roadmap to the initial implementation of this network. Below is the proposed network design architecture and recommended implementation for the organization.
Proposed Network Design
Specific Recommended Changes and Rationale
Among the fundamental changes proposed for the improvement of this network are:
- Replacement of the old router with that has access to the wide area network.
- Introduction of the mail server for user email accounts management and mail archiving.
- Securing of the file and database server into cabinets.
- Introduction of next-generation firewalls into the network to secure the incoming and outgoing traffic.
- Increasing the bandwidth for traffic capacity and transmission speed.
- Improving on hardware and resource sharing. Such as enhanced sharing of printers, scanners, and other peripheral devices connected to the network.
Reason for the Proposed Changes
The replacement of the old router aims at enabling the company to have a router with the latest technology and firmware for compatibility and improvement of the network performance (Chao & Guo, 2002). The router acts as the media to access WAN in the retail store. Therefore, the installation of a faster and more advanced router will improve the network’s speed and traffic capacity.
Due to the need for a reliable communication and information sharing, the organization will have to introduce mail server for storage of emails. Having a separate dedicated server for mails hosting is a good security practice for improving performance by enabling instant messaging capability within the organization. Security of the other two servers is an intended modification to enhance the safety of the information held within these servers. A firewall is essential for intrusion prevention and information encryption. The firewall will be implemented at the edge of the network for traffic monitoring and intrusion detection. Importantly, the firewall will only allow authorized devices and traffic to the business network. With every measure and consideration put in place, the new network will be a significant boost to the information and communication structure of Biggs Tech Electricals Inc.
Analysis of the Project in Relation to Mission and Objectives
The primary objectives of the proposal for improvement of the current network setup are:
- Establishment of the stable and reliable network for connectivity and communication.
- Data sharing and transfer.
- Device sharing
- The enhancement of data security for the business enterprise.
Based on the proposed solutions and the new network architecture, the implementation can facilitate secure communication through the establishment of a robust next-generation firewall in the business network. Connectivity and communication between the devices will be enabled by the hubs and routers, which will provide access to the WAN. There will also be a file server that will host all the files and critical data of the enterprise. The file server will be responsible for servicing requests from client computers (workstations) from every workgroup. The setup of a mainframe computer will enhance the control and management of these workstations. Further, the structure of the local area network will facilitate sharing of resources such as printing and scanning on the network. The resource sharing concept will minimize the cost of purchasing numerous devices.
The introduction of a next-generation firewall will enhance the security of both applications and user information on the network. Having the firewall at the edge of the network will be a security measure to the mainframe that will be controlling all the workgroups in the enterprise. Further, the establishment of a firewall is the effort of the organization to conform to the enterprise network security measures. The firewall also helps in the security of the wireless network, which is not secured can lead to cyber-attacks. Finally, since BiggsTech Electricals Inc. also has an e-commerce platform, it inevitably has a lot of sensitive clients’ information, which needs protection from unauthorized abstractions and access. Therefore, the establishment of a secure and efficient network has the potential of enhancing the company’s operations.
Telecommunication Network Design
Improving Telecommunication for BiggsTech Electricals Inc.
In the ancient days, people used telephone networks specifically for communication via voice from point to point. The communication was facilitated by encoding electrical signals using a transmission media which was mainly through copper wires. The services were solely provided by public switched telephone network (PSTN). Later on, there was demand to communicate via facsimile and data services, which were overlaid on the PSTN network (Bayer, 2000). The ability to communicate documents and data from point to point was still under consideration in telecommunications. Recently the need for data transport has increased among telecommunication networks making companies to shift their concerns and requirements. Currently, communication include the use of microwave, terrestrial wireless, satellite, hybrid fiber/coaxial cable, and broadband fiber systems.
BiggsTech Electricals Inc. like any other company that relies on telephone and fax communication needs an expansion that will include data transport, video conferencing, e-mail, instant messaging, web browsing and other distributed collaboration methods. The enterprise needs a solution that will include both products and services. These requirements will call for having a telecommunication equipment and applications as products and services for the enterprise improved network. While making this decision, customer-owned and customer-installed Wi-Fi local area network will have to be deployed to support voice over internet Protocol (VoIP) communication (Bayer, 2000). The company might need to purchase VoIP software package and install them on personal computers. The connection to the internet will be managed and provided by an internet service provider (ISP). The communication will have to be on digital communication framework to support, voice, video, images and data communication. In this context, circuit switching will be handy for the purpose of improvement.
Goals and Objectives
The main objectives for this improvement project are:
- To develop a modern, enhanced and robust telecommunication framework for the enterprise.
- To allow voice, data, image, and video communication using a telephone network that supports fax services.
- To develop an enterprise strong communication channel free from failures and interruptions.
The major goals are:
- Having a working and efficient VoIP communication.
- Integration of internet usage over the enterprise network.
- Having a well-planned instant messaging and communication platform.
- Facilitating hardware and software resource sharing for telecommunication framework.
Proposed Network Architecture with a Telecommunication Design
Advantages of Sharing Hardware and Software Resources used for Telecommunication
Based on the main objectives and goals of the project, there will be various benefits that will be realized in the enterprise due to the establishment of an integrated communication channel. Among the basic challenges that most organizations phase when implementing a telecommunication system are the infrastructure costs. The establishment of an integrated telecommunication system will enable the organization to share its hardware, which will effectively minimize the need of each office, department, or individual having ‘sharable’ equipment (Modern Telecommunication, 2012). Furthermore, having one host for the telecommunications management services in the enterprise will reduce the cost of installing applications on every client computer. BiggsTech Electrical In. will also use the internet to allow collaboration and sharing via client-server architecture. This tactic is easy to implement and is used by many organizations. Generally, the IT department will ensure there is strict user management in the company’s system and a stable and internet connection.
Additionally, the cost of operating costs of BiggsTech Electrical Inc. will be significantly reduced since not every user will need a computer for communication or a telephone station. Through the use of instant messaging and VoIP, employees will make use of any device that has access to the internet for the communication from point to point. Also, having teleconferencing services will reduce the charges that were initially allocated for telephony and fax services. Impliedly, these methods will result in a reduction in the hardware in the company, and subsequently a reduction in operating costs. For example, a reduction in the number of electronics in the company will lead to a reduction in electricity use.
The ability for users to collaborate will minimize the need for movements in the organizations and minimize the number of meetings. Every user will participate and receive a broadcast of every single gathering via the new improved telecommunication service. The software setup of the instant messaging will help in reducing the number of workstations and telephone devices required for communication. If the installation costs lies below the hardware and software application installation the organization is likely to experience a great return in the investment in the long run. Accordingly, the establishment of an integrated telecommunication network will help BiggsTech Electricals Inc. to be more efficient in its operations.
At the start of the project, improved speed of communication and data transfer was among the major mission of this project. Through sharing of telecommunication hardware and software, the company will not only enhance its communication system, but it will also reduce its operating costs. Therefore, the new telecommunication network design is cost effective since less finances will be required for establishing the necessary infrastructure. In particular, unlike in the traditional telephone networks that required physical PBAX for linking the telephones, the use of a software gateway within the infrastructure is a significant saving on the cost of hardware (Lunn, 2012). Other hardware components will be able to be connected via this gateway on the network. The use of user accounts hosted through the use of the active directory is a better way of replacing the numerous wiring required to connect the work stations together for communication.
Wi-Fi connection is also an advantage in the minimization of hardware components required in contemporary telecommunication channels. The wired devices, which were earlier used by the company, will be replaced by a wireless device that will connect every user that is not wired on the network, thus enabling communication. It is essential that the applications running be secured from hacking and intrusion. The mitigation strategies towards these attacks had been earlier discussed and introduced via implementation of a strong firewall on the LAN and at the edges.
Analysis of the Project in Objective and Mission Fulfillment
In the network design and improvement project for the enterprise, there has been stepwise improvement on the infrastructure of the enterprise organization. The bit of improvising telecommunication will come as part of this implementation step in order to plan everything within the new architecture. The use of internet connection and resource sharing is one of the fulfillment of the major objectives of this project. It is possible that having every user connected and collaborate is among the major success of the project.
The use of modern telecommunication in form of improving communication is a fulfillment of the objective of having reliable communication within the retail stores. The entire infrastructure and design was focusing mainly on the transmission and security of the network. This implementation would then stop at data transfer and resource sharing. However, having an integration of telecommunication in terms of voice, data, images and videos enables BiggsTech Electrical Inc. to fulfill its major requirements and missions of the project. The transmission of voice, data, videos, and images enables the organization to have a reliable communication channel.
The security of the enterprise network is one of the major objective that had to be achieved in every bit of implementation. Apart from the use of security protocols that will be introduced in the VPN implementation in the next part. Security of data has been achieved through the use of secure wireless communication channels on this network for telephony and fax services. Additionally, the use of emails is an improvement of the old manual paper letters that guarantees security through authentication and encryption of the messages (Chen & Gong, 2012).
Besides ensuring security in the communication channel, the speed of communication will be improved via the use of network VoIP for telephony unlike the use of the guided media like the copper wires, which were prone to interference. The reduced magnitude of the signals as they traverse the network media (attenuation) have been countered by the use of wireless communication to avoid electromagnetic waves. The mission of the project of having a noise free communication is therefore achieved through this implementation. Accordingly, employees, suppliers, and customers will be able to communicate and reach their targets through the improved telecommunication infrastructure at BiggsTech Electricals Inc. Noteworthy, every detail of the project should be documented for future reference since technology is fluid, and is thus ever changing.
In conclusion, the implementations of the new telecommunication network design has to be rapid and procedurals to keep every idea into detail. If speed and security is achieved through the implementation of the VoIP and VPN, then the organization has a guarantee of secure connectivity. Additionally, these system will enable BiggsTech Electrical Inc. to reduce its operating costs and be more efficient on its work.
Remote Network Implementation Plan
Goals and Objectives
The need to have an improved network structure for the retail store calls for the implementation of security measures for remote network access. The remote network implementation will have a great role since the assumptions are that the retail store will operate various branches in a centralized administration and control from the mainframe. Among the key objectives for the implementation of the remote network are:
- To ensure all the retail store’s departments have access to the network using Cisco Virtual private network configurations.
- To provide a cloud based solutions such as SaaS, NaaS and PaaS to help in the prevention of risks and loses of the remote access controls.
- To implement the IPSec for the current network.
- To identify and plan the associated risks and threats prior to configuration and installation of the remote access to all the retail stores of BiggsTech Electricals Retail Store.
Figure 4 (a)
Remote Network Design
In the VPN implementation, public telecommunications networks are utilized to conduct private data communications. The internet is used as the public infrastructure. Other special protocols are used to support private communications through the internet. Importantly, the VPN uses the client server approach to authenticate users, encrypt data and other services with VPN server through tunneling.
VPN clients and servers makes use of three scenarios, which are:
- Remote access to the intranet support.
- Support of multiple connectivity of intranets in an organization.
- Joining of two or more organizations to form an extranet.
VPN is cost effective in the sense that it lowers the support cost for technology when compared to the other traditional means that uses leased lines and remote access servers. To begin with, the simple graphical client programs helps in the interaction of VPN users (Heyman, 2007). It is also possible to connect VPN servers with other VPN servers to form server-to-server connection to extent the intranet or extranet to cover multiple networks. BiggsTech Electricals Inc. retail business will also require establishment of the Internet Protocol Security (IPsec), which is a framework that is based on open standards that ensures private and secure communications over the IP networks (“Industrial Network Security”, 2015). The main concepts applied in IPsec are cryptographic security services, network level peer authentication, data origin authentication, data integrity, encryption, and replay protection.
The main goal of the security implementations in place is to facilitate the safety of the communication channels and information sharing in the retail outlet. It is a primary requirement that every organization making use of the internet for communication to have these security measures in place. The main importance of having the implementations in place will help the organization improve on the level of privacy of information and increase the level of protection of users and programs being used. Normally, penetration testing and risk assessment is the surest way to understand which security implementation will be productive to the organization.
Following the increased demand and use of computer networks for information sharing, communication, and resource sharing, there has been increased rates of cyber intrusion and crimes across the world. The only mitigation strategy to these threats to information security is by having the best network security mechanisms such as VPN and IPsec in place. The most common major threats include; sniffing, eavesdropping, distributed denial of service and intrusions (“Rogue Access Points — threat to enterprise security”, 2003). The best mitigation strategies to these threats is through the implementation of strong security measures, which I have discussed in the subsequent section.
Threat Mitigation Strategies
Enterprise network security requires a well-planned security architecture that aims at protecting data at user and application level. The most common security architecture addresses the enterprise as a unit considering the data, processes, applications, roles, and users. The ability to secure components of the network demands that a network based security architecture be well planned to protect and secure all network components. In this study, the components comprise of both hardware and software for BiggsTech Electricals Inc. The software components include the web applications that will be running on the VPN and other cloud platforms. Other hardware components will include servers and the workstations which solely rely on the mainframe. Finally, the security of data and information of these devices and applications will depend on the complexity of the security architecture.
Mitigating risks will involve various approaches such as implementation of the Intrusion detections systems and the use of secure protocols such as Internet Security Protocol (IPsec). The best mitigation strategy is to have secure protocols lying between users, data, applications, and the network. For the data to be transmitted across the network there will be need to have security protocol involved such as https. The applications interacting over the network will also be secured via these protocols before interacting on the network. Network security plan will be useful in determining the extent to which the implemented security will be useful in the enterprise. BiggsTech Electricals Inc. is at the risk of attack and loss of information if they are not well organized in the development of a network security architecture that will help in the protection of user, data and applications from intrusion. The hardware components will also have to be protected from damage through the use of a secure access and bugler proofing system.
The latest network security architecture considers end-to- end security, which defines the security of the network from the point of entry into the network to the data that is hosted or is residing within the enterprise. Intrusion prevention and detection at the edge of the network is key in determining the security of the network. Additionally, traffic flowing in and out of the network will have to be filtered in order to secure the data interchange. Exchange of information between various retail stores of the enterprise will require a secure connections and encryption of data in order to experience the expected goals and objectives.
Project Analysis Justification of Objectives and Goals
The primary goal of having a Virtual Private Network (VPN) in place at BiggsTech Electrical Inc. was to ensure secure communication among different retail branches. The installation of a VPN and secure internet protocols will ensure security of data, applications, and users. Further, the introduction of the VPN, cloud computing, and IPsec into the network architecture ensures that the enterprise data and information is safely transmitted within the communication systems. As such, the key to organization success is defined by the security of its applications and users’ information.
The main idea and goal of the improvement of the enterprise network has been realized from the initial stages of having the network set up with all the hardware requirements and key information architecture in place. There is need to have all the applications running in this enterprise network secured and protected from any intrusion. This has been achieved through the improvement in the security architecture of the enterprise. BiggsTech Electricals Inc. will experience tremendous changes in its network infrastructure and structure as a whole. Importantly, the development of the enterprise security measures will enable the company to have a secure and effective system. In particular, having all the necessary network structures will enable the retail store to experience secure communication, facilitate smooth information sharing, promote resource sharing, and foster reliable communication over its network. The guarantee of security has been well defined by the new network architecture that will be put in place in order to achieve the business’ objectives. Therefore, the entire project will be inclined towards improving the development and design of the network structure. To ensure there is smooth implementation of the development program needed to establish a network structure, the new structure will be based on the OSI model from the onset of the development of the enterprise security.
In conclusion, the need of having an end-to-point communication that is reliable and secure has been achieved through the development of VPN and IPsec into the network. VPN provides the capability of having client to server communication from end-to-end. It is possible that the retail stores will be able to achieve communication via the network media that has been implemented in the long run. The best solution has been put in place as far as the formulated objectives of the project are concerned. It is possible that almost every challenge to communication and information sharing have been achieved. The need to have all the network hardware in place and running to fit into the new architectural model is evident through the designs that have been shared in the previous three parts of the project. Therefore, the proper development of the new network system for BiggsTech Electricals Inc. will guarantee the company of secure communication and data transmission.
Al-Bahadili, H. (2012). Simulation in computer network design and modeling. Hershey, PA: Information Science Reference.
Bayer, M. (2000). Computer telephony demystified. New York, NY: McGraw-Hill.
Chao, H., & Guo, X. (2002). Quality of service control in high-speed networks. New York, NY: Wiley.
Chen, L., & Gong, G. (2012). Communication System Security. Abingdon: CRC Press [Imprint].
Cole, E., Krutz, R., Conley, J., & Cole. (2009). Network Security. Hoboken, NJ: Wiley [Imprint].
FitzGerald, J., Denniss, A., & Durcikova, A. (2014). Business data communications and networking (12th Ed.). Hoboken, NJ: Wiley.
Heyman, K. (2007). A New Virtual Private Network for Today’s Mobile World. Computer, 40(12), 17-19. http://dx.doi.org/10.1109/mc.2007.410.
Industrial Network Security. (2015). Network Security, 2015(3), 4. http://dx.doi.org/10.1016/s1353-4858(15)30014-3.
Kołodziejczyk, M., & Ogiela, M. (2012). Applying of security mechanisms to middle and high layers of OSI/ISO network model. Theoretical and Applied Informatics, 24(1). http://dx.doi.org/10.2478/v10179-012-0005-4
Kurose, J., & Ross, K. (2016). Computer networking: A top-down approach (7th Ed.). Upper Saddle River, NJ: Pearson.
Lin, X., & Lei, Z. (2008). Implementation of embedded IPv4/IPv6 dual-protocols stack. Journal of Computer Applications, 28(2), 406-408. http://dx.doi.org/10.3724/sp.j.1087.2008.00406
Lunn, P. (2012). Telecommunications consumers: A behavioral economic analysis. The Journal of Consumer Behavior, 47(1), 167-189.
Mazzon, E. (2000). Review: A guide to the TCP/IP protocol suite. The Computer Bulletin, 42(6), 31-31. http://dx.doi.org/10.1093/combul/42.6.31
McMillan, T. (2015). Cisco networking essentials (2nd Ed.). San Francisco, CA: Sybex.
Rogue Access Points — threat to enterprise security. (2003). Network Security, 2003(4), 4-5. http://dx.doi.org/10.1016/s1353-4858(03)00407-0.
Senthilnathan, S. (2012). Network analysis part 2 – Network analysis and time. SSRN Electronic Journal. http://dx.doi.org/10.2139/ssrn.2151014