Network Design

Network Design

Network design and planning are impoWe’ll aspects of maintaining cyber security in any organization. Network design and planning offers tech support for cyber security officers, making their work easier. Therefore, analyzing the parts Techs’omprise an effective network security plan is significant. Accordingly, network design is a systematic process of choosing the most suitable topological design, conducting network realization, and implementing the network system. Also, network design usually determines network connection speed, ease of transfer, and other aspects. When creating a network design, the architect must consider the organization’s requirements and objectives to align the network design to achieve its aims. Common network designs include a local area network, usually a cabled system, a wireless area network, or a wireless local area network. Moreover, combining both the local area network and the wireless area network is recommended.

Network design also falls into two categories: logical design and physical design. On the one hand, physical network design includes how the physical devices are organized in the office and can be designed to create space, increase efficiency, or reduce costs depending on the organization’s requirements. On the other hand, logical network topology determines how the network nodes connect; examples include P2P and star network topology. The network design plan should also include the internet protocol version to be used. The main difference between ipv4 and ipv6 is that ipv6 is a 128-bit hexadecimal addressing system that allows a larger number of IP addresses than IPv4, which is only 32 bits (Radosavovic et al., 2020). Therefore, Internet protocol version 6, which will allow for network expansion to include new devices, is recommended.

Firewall Selection and Placement

A network firewall is a point of contact between the internet and an internal network where traffic is filtered to prevent malicious users from accessing private and sensitive information. The location of the firewall is a key determinant in regulating internet speed and network safety. There are two types of firewalls: hardware firewalls and software firewalls. Examples of software firewalls include packet filtering firewalls that compare packet data from the source to the destination. For instance, if an attack is recognized, the connection is disabled; therefore, this firewall is best placed on the server that distributes the internet to the other computers on the network. Routers are a simple example of a hardware firewall system since they filter data being transmitted through the network and can interrupt an attack from occurring depending on the router’s settings. Stateless firewalls are additional examples of software firewalls that act by remembering addresses previously used to manage data packets. Consequently, they are recognized as stronger software firewalls (Chen, Cho & Xu, 2018).

A demilitarized zone is important in any network since it is the point where the organization can post its services on an exposed part of the network. A demilitarized zone or DMZ is a point on the network where the network is exposed and is open to cybersecurity attacks but is also the point where the organization can interact with other internet users. It is recommended for any organization to have a demilitarized zone. Another method of securing a network is creating an authentication system on the firewall where users must log in to access network resources (Chen, Cho & Xu, 2018).

Remote Access and Virtual Private Networks (VPN)

A virtual private network is an internet connection that hides the user’s identity and encrypts the data packets when a user is connected to a public network. A virtual private network allows a user to use an organization’s network resources outside the organization’s physical premises without putting the company at risk. On the other hand, remote access is the ability to control a computer or other electronic device without being in the same physical vicinity. Accordingly, this can be achieved using remote access software such as TeamViewer. This functionality allows a user to start processing data or any other task outside the office; as the process continues, the user can perform other tasks outside the physical office (Ezra et al.,  2022) (Sam, Reid & Amin, 2020).

Internet protocol security (IPsec) is a cybersecurity protocol used in conjunction with a virtual private network to secure a connection on a public network. It uses an internet protocol address to secure the connection between two computers or devices. During the connection phase of the protocol, the users on both computers have to log in and authenticate their details. The protocol also supports host-to-host connection, network-to-network, and network-to-host connections. A host-to-host connection occurs when a host is connected to another host.

In contrast, a network-to-network connection occurs when two network gateways are connected using the internet protocol security (IPsec). Finally, a network-to-host connection occurs when a network gateway is connected to a host. The network security protocol was introduced in the early 1970s and used the IPv4 protocol to secure a connection, but it can currently support IPv6, which has become more popular (Sam, Reid & Amin, 2020).

References

Chen, H., Cho, J. H., & Xu, S. (2018, April). We are quantifying the security effectiveness of firewalls and DMZs in Proceedings of the 5th Annual Symposium and Bootcamp on Hot Topics in the Science of Security (pp. 1-11).

Ezra, P. J., Misra, S., Agrawal, A., Oluranti, J., Maskeliunas, R., & Damasevicius, R. (2022). Secured communication using a virtual private network (VPN). Cyber Security and Digital Forensics, 309-319.

Radosavovic, I., Kosaraju, R. P., Girshick, R., He, K., & Dollár, P. (2020). We are designing network design spaces. In Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (pp. 10428-10436).

Sam, A. H., Reid, M. D., & Amin, A. (2020). High‐stakes remote‐access open‐book examinations. Medical education.

ORDER A PLAGIARISM-FREE PAPER HERE

We’ll write everything from scratch

---

Overall Project Scenario

Corporation Techs provides remote and on-site support to small and mid-size businesses. Clients use Corporation Techs’ services to solve malware removal problems, manage data recovery and network issues, and install hardware and software.

Due to recent developments, most technical representatives will begin working from home within the next six months. Because Corporation Techs provides 24/7 support, its systems and communications pathways must always be fully operational. In addition, the company has been experiencing unprecedented growth and is preparing to double its client-facing staff.

You are a junior network architect who is responsible for helping to plan and design network enhancements to create a more secure internal network, and to ensure secure remote access.

Deliverables

The project is divided into several parts. Details for each deliverable can be found in this document. Refer to the course Syllabus for submission dates.

Project Part 1: Network Design