In the course project, you will create a network design for a fictitious organiz
ID: 3537801 • Letter: I
Question
In the course project, you will create a network design for a fictitious organization. Each week, you will be completing a part of the assignment based on the content covered in the week. You will do this by adding new content to the assignment document every week to arrive at the final design.
This week's assignment will enable you to develop the skills for designing a network. The focus will be on the considerations and tasks required for designing a network.
Scenario
Dreamz Inc. develops software and learning solutions for clients worldwide. The main office of the organization is located on six floors of a building in Chicago where hundred users occupy each floor. While the first floor houses the corporate office, the other floors house the administrative, finance, human resources (HR), engineering, marketing, information technology (IT), and research departments. All users need e-mail, file and print, and Internet services.
To provide these services, the organization has ten servers that are used as LAN, proxy, and database servers. The users in the finance and HR departments require sufficient bandwidth and access applications from an Oracle server. This server is accessible only to users in the finance and HR departments; and these users can also access the server from the Internet. Dreamz Inc. is also connected to the Internet from the same network and has web and e-mail servers hosted for Internet access.
With expanding business, Dreamz Inc. has setup three branch offices in St. Louis, Detroit, and New Jersey. These three branch offices need to be connected to the main office and other branch offices. A fourth office at San Francisco comprises a network of five users and requires a single Internet connection.
Tasks
As the network manager for the organization, you need to design the networks for connecting various branches of the organization.
You also need to study the requirements of each branch of the organization. In addition, you need to ensure that the network uptime is 99% with a downtime of not more than five hours.
Having read and understood the scenario, complete the following task and post a 1- to 2-page report using Microsoft Word to document your work:
Support your work with examples.
Cite any sources in APA format.
Please cite sources if you just copy and paste
Explanation / Answer
The traditional solution has been to implement a dedicated Wide Area Network (WAN) link between the central and branch offices. This is usually a T-1 or even a T-3 line. However, dedicated leased lines are expensive. When you have only one branch office, a single line will suffice, but if you add a third, you may need to add two more dedicated lines to ensure connectivity. The number of lines that are needed for full connectivity increases dramatically as new offices are added, and so does the cost.
The Internet is the networkA more scalable solution is to connect branch offices using a site-to-site virtual private network (VPN). Let%u2019s look at how a VPN can offer you maximum scalability while ensuring that communications between offices stays secure.
To implement a site-to-site VPN connection between your branch offices, each location needs a connection to the Internet. The Internet connection can be via a T-carrier line or a less expensive business-level broadband connection such as DSL, cable or new fiber optic technologies such as Verizon%u2019s FIOS. All of these provide data transfer rates at speeds far greater than a T-1 line. For example, in the Dallas-Ft. Worth, TX market, a 1.5 Mbps T-1 costs $399 or more per month. A FIOS connection provides 30 Mbps, or twenty times the bandwidth, for $199 per month.
The VPN uses the fact that both your central office local area network and the branch office networks are connected to the larger network (the Internet) to provide connectivity between the LANs. Of course, the Internet is a public network, full of hackers and attackers, so the key concern with sending communications across the Internet that are confidential within the company is security.
VPN technologies solve this problem by creating a "tunnel" through the Internet from one office (site) to another. The traffic that goes through this tunnel is encrypted to protect any sensitive data.
Some advantages of site-to-site VPN include:
Unlike the remote access type of VPN that%u2019s used by telecommuters or traveling executives to connect to the office, a site-to-site VPN utilizes a gateway at both ends of the connection. Traffic is encrypted from gateway to gateway (over the Internet).
There are a number of different ways to create a site-to-site VPN. First you need to consider the protocols you%u2019ll use to create the tunnel and encrypt the traffic. Popular tunneling protocols include:
In addition to the protocol issue, another important consideration is how the VPN software will be implemented. You can purchase dedicated VPN gateway appliances. Most firewall appliances, such as the Cisco PIX, also include VPN functionality. Alternatively, software firewalls such as Microsoft%u2019s ISA Server or Check Point can also be configured as site-to-site VPN gateways. Finally, Microsoft%u2019s server operating systems also can be set up through Routing and Remote Access Services (RRAS) as VPN gateways.
In selecting an option, keep scalability in mind. If your branch office is likely to grow, that might very well mean an increase in the amount of traffic between the branch office and the central office, and that in turn means a heavier load on your VPN gateway. If you%u2019re locked into an appliance, upgrading may require that you purchase a whole new appliance. Using software-based VPN gateway solutions such as Windows Server or ISA Server or Check Point for Windows will allow you to upgrade the hardware more easily, by adding a processor or memory, to handle the extra load. There%u2019s a tradeoff, though -- appliance based gateways may provide for faster performance to begin with, and they may also run proprietary operating systems that are less vulnerable to attack than Windows servers.
Regardless of which way you go, a site-to-site VPN solution can offer you a highly scalable way of connecting branch offices.