Project Analysis Plan for SNHUEnergy, Inc.: Network Architecture Assessment

Following the first evaluation, this report analyzes SNHUEnergy, Inc.’s current network design about its planned growth. The mid-sized oil and gas company SNHUEnergy is aiming to scale rapidly with the opening of regional offices and launching services ranging from exploration to transportation and refinement of oil products. The current network infrastructure that connects the Dallas headquarters and Memphis office will need to adapt to this expansion in terms of performance, security, and reliability (Borgianni et al., 2024). The report will examine the types of physical network devices, high-frequency traffic, network architecture, and performance and security threats and recommend a scalable network architecture to support future expansion: Project Analysis Plan for SNHUEnergy, Inc.: Network Architecture Assessment.

Physical Network Devices

The network infrastructure for SNHUEnergy uses basic physical network devices, such as routers, switches, and firewalls. Routers transmit data between offices and route data packets through the network. Every office currently has one router, and the Dallas office is the central location to connect to Memphis and process critical business apps like payroll and HR (Al-Khateeb et al., 2010). The routers leverage protocols such as BGP (Border Gateway Protocol) for stable inter-office connections.

Switches link devices on each local network to communicate and share resources. Each switch operates on Layer 2 of the OSI model, using MAC addresses for data forwarding. Dallas has two redundancy switches, and Memphis has one dangerous switch because it is one point of failure. Firewalls are in place to block unauthorized access, but only the Dallas office is firewalled, which leaves Memphis open to cyber attacks. The reliance on low infrastructure in Memphis makes device redundancy and increased security imperative as the organization evolves (Mukherjee et al., 2014).

Critical Traffic Patterns

The data flows in SNHUEnergy’s network are based on many different data flows essential for business. These patterns encompass:

Voice over Internet Protocol (VoIP): VoIP is needed for communication throughout the organization, especially between Dallas and Memphis. VoIP packets show steady transmission rates with minimal delay, essential for clear and efficient voice communication across offices. Any packet drop or latency would impact communication and reduce efficiency (Liu & Song, 2020).

SQL Traffic: SQL traffic is used by databases to run essential operations like payroll, HR, and billing. SQL communications are mainly from Dallas, where payroll and HR apps are located, to Memphis, where billing and operations are located. This traffic is high-frequency, requiring high throughput and bandwidth stability. A high-speed data transfer rate is needed to make it smooth (Peng et al., 2011).

Network Management Traffic: This includes tracking and controlling network devices, configurations, and performance across the infrastructure to provide stability and availability. Network management traffic is sent using TCP/IP protocols and is needed to troubleshoot and resolve network problems (Mukherjee et al., 2014).

Billing and Operational Data: Memphis handles billing and operations, so data has to travel smoothly from Memphis to Dallas. The company depends on these connections, and service failure would interrupt financial and business operations.

Such traffic types emphasize the need for reliable and secure inter-office links to support the company’s main business.

Patterns Across the Infrastructure

Traffic Patterns in Dallas Office: The Dallas office, illustrated on the network diagram, is the hub of SNHUEnergy. Key parts: corporate PCs, servers, firewall, and two switches (DALLAS_SW_01 & DALLAS_SW_02). The office also hosts key tools like payroll, HR, accounting, and VoIP and video conferencing. The connection is dual-switched to connect within Dallas and to maintain redundancy.

The packet log shows a lot of SQL and VoIP traffic arriving at or passing through the Dallas office, as expected since it handles company communication and financial information. SQL packets are flowed mostly towards the Memphis office for billing purposes – an unbreakable connection between Dallas servers and Memphis ends. VoIP traffic is more neutral, it represents actual communications demands between both offices and has low latency and constant speed.

Traffic Patterns in the Memphis office: The network in the Memphis office is less complicated with only one switch (MEMPHIS_SW-01) and router with no firewall, as outlined in its network diagram. It handles billing and general operations, and interfaces with Dallas for data flows that those requirements demand. Memphis contains less sensitive apps, but has a lot of real-time data movement with Dallas, mostly for payroll and HR data that’s on Dallas servers.

Checking the packet capture logs supports this dependence. SQL packets from Dallas to Memphis describe a 1-way data transfer between the office(s) for billing and the VoIP packets describe a back-and-forth transmission over the interoffice communications. This configuration, however, does create a single-point of failure at the Memphis switch since a malfunction can deny critical apps.

Organizational Network Overview: The organizational network diagram provides a top-down view of both offices with Dallas serving as the central hub. The structure is a star topology with Dallas sitting in the middle for data flow to and from Memphis. In this setting, Dallas not only hosts internal messaging and apps, but also transmits data to Memphis, so it is crucial to have Dallas’ fault-tolerant infrastructure.

The packet capture illustrates this topology’s importance, capturing patterns of traffic that reveal Dallas’s important contribution to managing data across the enterprise. The SQL, VoIP, and network administration traffic from Dallas to Memphis reveal how this setup has operational and management applications. But with no Memphis redundancy, the architecture is at risk of interrupting key functions when the single Memphis switch or router goes down.

Performance Issues

Several performance problems can occur on the current network if no upgrades are done to accommodate growth:

• Bandwidth Constraints: Expected employee and traffic demand growth could pressure current bandwidth limits and lead to network bottlenecks, latency, and packet loss. This could directly impact VoIP quality, videoconferencing, and SQL data access on the entire infrastructure and make operations difficult (Liu & Song, 2020).
• Single Points of Failure: With the Memphis office’s sole router and switch, a hardware malfunction would halt network access, crippling billing and business operations. This is one point of failure that is extremely dangerous, especially when the company grows (Peng et al., 2011).
• Data Congestion: The growth in real-time apps like video conferencing and VoIP may create data overload, which affects call quality, video lag, and the performance of other business applications. The absence of QoS management can compound such issues as it fails to prioritize high-priority traffic flows (VoIP) over lower-priority data streams (Borgianni et al., 2024).
• Inadequate Redundancy: The current network components have little redundancy and are not robust enough to provide continuous services. Adding more routers and switches to the network, especially in Memphis, would be the key to counteracting this risk.

The current network architecture is still lacking in security and has some single points of failure and centralized traffic flow. Currently, the Memphis office uses only one switch and router to manage the entire office operation, so any hardware failure threatens to disrupt billing and other operations. Also, the Dallas office is used as the central point for all the traffic between different offices, which leads to the creation of a bottleneck. There is also over-concentration on Dallas for most of the critical functions, which makes the organization more vulnerable should the hub experience any problem, hence negatively impacting its business continuity.

Another issue that has been observed concerns scalability since the network is not prepared to accommodate the expected 50% employee growth every year, including the new offices. Congestion will be worsened due to the increased traffic that has been triggered by high bandwidth applications, including VoIP, SQL databases, and video conferencing, among others. The current topology still rests on a single routing path through Dallas, which becomes inadequate in the freeness of traffic flow, loss of packets, and overall poor performance as the network continues to evolve.

Security Issues

Security is an issue as SNHUEnergy is expected to expand. The current network architecture is not segmented; redundancy is extremely limited, exposing the network to numerous security threats. Unfortunately, the Memphis office currently has no firewall, creating vulnerability to outside challenges and raising the risk of billing data leakage.

Thirdly, the whole network also depends on a single firewall hosted in Dallas, and this is a bad security practice since it amounts to having one point of failure. In the event this firewall is compromised or proves to be lacking, there is no backup defense to prevent the spread of a threat throughout the system.

Internal security is also a problem, as there is no effective protection against internal threats or inadvertent leakage. With inaccurate network separation, even when a device has been infected via a hazardous USB, it can grant wrongful access to key networks. The architecture also has no protection against insider threats; for instance, there are no rigorous authentication procedures or ways of controlling the access to the information to enhance the security. Other security issues include:

• Absence of Firewall Protection in Memphis: The billing department in the Memphis office, which handles confidential data, has no firewall, so it is exposed to the outside world. There needs to be a firewall to make sure no one has access to data, which gets more flowing with the growth of the business (Mukherjee et al., 2014).
• Data Breach Risks: Personal data such as payroll or billing information can be hacked without adequate security. Infringement of this data can harm the company’s reputation and result in financial loss.
• Insufficient Access Controls: As the size grows, the access controls must be tighter to ward off unauthorized access in inter-office networks. Strong authentication like MFA will protect important data and applications (Furdek et al., 2016).
• Poor Network Segmentation: The current network segmentation is insufficient and may expose all the sections of the network if any one segment is hacked. Segmenting the network by function or department enables SNHUEnergy to limit the extent of the damage during a breach and, therefore, improves resilience (Liu & Song, 2020).

Managing these will also provide SNHUEnergy with an internal and external threat-proof security system that is especially important as the company grows.

Visual Representation

This diagram shows the end-to-end connections and depicts the interaction of traffic from specified devices within two offices, with the WAN as the main connection bridge. This layout provides examples of traffic flows and demonstrates the major pathways of the network.

References

Al-Khateeb, W., Al-Irhayim, S., & Al-Khateeb, K. (2010). Reliability enhancement of complex networks through redundancy scaling. In International Conference on Computer and Communication Engineering (ICCCE’10) (pp. 1–6). IEEE. https://doi.org/10.1109/ICCCE.2010.5556788

Borgianni, L., Adami, D., Giordano, S., & Pagano, M. (2024). Enhancing reliability in rural networks using a software-defined wide area network. Computers, 13(5), 113. https://doi.org/10.3390/computers13050113

Furdek, M., Wosinska, L., Goścień, R., Manousakis, K., Aibin, M., Walkowiak, K., & Marzo, J. L. (2016, September). An overview of security challenges in communication networks. In 2016 8th International Workshop on Resilient Networks Design and Modeling (RNDM) (pp. 43-50). IEEE. https://doi.org/10.1109/RNDM.2016.7608266

Liu, W., & Song, Z. (2020). Review of studies on the resilience of urban critical infrastructure networks. Reliability Engineering & System Safety, 193, 106617. https://doi.org/10.1016/j.ress.2019.106617

Mukherjee, A., Fakoorian, S. A. A., Huang, J., & Swindlehurst, A. L. (2014). Principles of physical layer security in multiuser wireless networks: A survey. IEEE Communications Surveys & Tutorials, 16(3), 1550–1573. https://doi.org/10.1109/SURV.2014.012314.00178

Peng, P., Snyder, L. V., Lim, A., & Liu, Z. (2011). Reliable logistics networks design with facility disruptions. Transportation Research Part B: Methodological, 45(8), 1190-1211. https://doi.org/10.1016/j.trb.2011.05.022

ORDER A PLAGIARISM-FREE PAPER HERE

We’ll write everything from scratch

---

IT 640 Milestone Two Guidelines and Rubric

Overview

Network architecture refers to the layout of the network, consisting of the hardware, software, connectivity, communication protocols, and mode of transmission (such as wired or wireless).For the second milestone, you will provide a high-level overview of the SNHUEnergy, Inc. network architecture. You will evaluate traffic patterns to determine critical aspects of SNHUEnergy’s business and provide basic insight into what should be done to the network from a capability aspect as well as a security viewpoint. Finally, you will develop a visual representation of an end-to-end path flow of the existing network by creating a network diagram showing the output of the traffic flows.

Prompt

In this section, you will analyze the information provided on SNHUEnergy, Inc. in the Final Project Scenario document to provide a high-level assumption for the design of the network.

Refer to the following files when completing this milestone:

• Organizational Network Diagram – Current
• Dallas Office Network Diagram – Current
• Memphis Office Network Diagram – Current
  

Specifically, the following critical elements must be addressed:

A. Physical Network Devices: Explain the types of physical network devices used in connecting all devices across the organization.
B. Critical Traffic Patterns: Identify the critical traffic patterns currently used by the organization, supported by examples.
Use the Traffic Flow Wireshark Capture document to guide your response.

• Service (voice over internet protocol [VoIP])
• Application (structured query language [SQL])
• Network management
• Other opportunities not specified above
  

  Project Analysis Plan for SNHUEnergy, Inc.: Network Architecture Assessment

C. Patterns Across the Infrastructure: Describe the traffic patterns that the organization’s critical applications take across the infrastructure from office to office.
Remember, the organization’s critical applications were specified in the scenario.

D. Performance Issues: Describe the potential performance issues that may occur within the current network if no changes are made to support the organization’s expansion. Provide examples to support your response.

E. Security Issues: Describe the potential security issues that may occur within the current network if no changes are made to support the organization’s expansion. Provide examples to
support your response.
F.
Visual Representation: Develop a visual representation of an end-to-end path flow of the existing network by creating a network diagram showing the output of the traffic flows.

What to Submit

Review each critical element, and use each critical element as a bold subheading to organize your review of the current network architecture. Include an introduction for this assignment that aligns with your analysis from the first milestone. Make sure your submission aligns with the current APA standards. Upload your network diagram as a separate file to complete this milestone.