Computer Network Assignment

Student Name :
NCC Education ID Number :
Unit : Computer Network
Qualification : Level 4 Diploma in Computing
Center : Twinkle University (Yangon, Myanmar)
Total Words Count :
Table of Contents
Task 1 – Plaining a Network 2
Physical Topology 2
Illustration & justification of recommended logical topology 2
UDP traffic of VoIP/Video conferencing and about monitoring software of
network traffic 3
Task 2 – Wireless Network 3
Mesh Network 3
Justification of WiFi6 (802.11ax) 4
Discussion of Site survey for installing of wireless access 4
Identify two Benefits of installing PoE enabled access points 5
Task 3 – Design the Network 5
Network Physical Cabling 6
Identify security consideration and assumption 6
Task 4 – Secure the Network 7
Network Threats 7
Four Advantages of implementing a VPN 7
Task 5 – Network Operating System 8
operating system for file sharing, DNS and DHCP services 8
The purpose of Cisco IOS 8
Task 6 – Network Recommendation 9
Summarizing network scalability for growth of Gotham City College 9
Identifying three key aspect of network design for common threat 9
Three recommendations for a minimum of 3 years to make ensure the
network 9
Discussing IoT Devices on the network and three risk of its 10
References 11

Page 1 of 12
Task 1 – Plaining a Network
Physical Topology
Physical topology refers the structure or layout that is interconnected to network physical media
devices (links and node) on the network. Mainly physical topologies are the following:

⮚ Bus Topology: All network devices are connected by using single transmission medium

such as series. It is also known as linear bus. There are multiple points that is connected
through the single backbone cable. Both edges of Its backbone cable are terminated for
signal bounce. If the common backbone cable fail, the whole network system will break
down.

⮚ Ring Topology: All network devices are connected through single common cable such a

circle/ring. It is also known as ring network. There is not beginning and end and does not
need terminator. If a device or common backbone cable is broken in the ring topology,
the entire network system will break down because each device connected inside the
ring topology has receiver and transmitter that can sent data packet to the next until to
reach the destination.

⮚ Star Topology: All network devices are connected to central network device. Each

network device is connected with an individual cable. If the cable or the connect device
is broken, its device only will disconnect from central network device. And then, the
entire network system will not break down. But, if the central network device is broken,
the entire network system will break down because of central network device work as a
server.

⮚ Tree Topology: All network devices are connected as the branches of a tree. It is also

known as star bus topology because it is combined star and bus topologies. In this
topology, there may be multiple central nodes connected to bus and all central nodes
are also interconnected by linear bus. If the trunk/bus cable is broken the network
devices that will be other side, cannot connect with each other

⮚ Hybrid Topology: It is a topology that combines two or more physical topologies. Two or

more topologies are combined depend on network performance, number of computer

and location as per business requirement.
Illustration & justification of recommended logical topology
Star topology that is one of logical topologies is recommended to use in a general classroom
environment by using network switch devices. it is the most reliable network topology than other
because its setup, configuration and troubleshooting are very easy. In this topology, all network

Page 2 of 12
points are individual connected to central network devices with separate cable. As per the
below network diagram, Switch and Wireless Access point work as central network devices
(server). So, the central network devices are only needed to care not to break down the entire
network system. If the star topology is used with network switch devices, the data can be
transmitted at the same time because the collision domain exit each point connected to central
network device. And then many networks segment can be divided by using VLAN function of
Layer 3 Switch. So, star topology is recommended to meet the needs of company.

UDP traffic of VoIP/Video conferencing and about monitoring

software of network traffic
There is main two types of protocol TCP and UDP in connection protocols. TCP is also known
as connection-oriented protocol and UDP is also knows as connectionless protocol. UDP
protocol is mainly used at the VoIP and Video conferencing system because it prioritizes speed
and efficiency and allow to send rapidly the data without verifying as speed is more important
that accuracy. The use of the UDP is important in the VoIP and Video conferencing systems
because it provides a high speed of sending data packets, but without a guarantee of their
delivery. That’s why it is very popular in live streaming and real-time communications. (Krukova,
2022). its UDP traffic will be monitored how it is going on the network by using NetFlow Traffic
Analyzer of Solar Wind.

Task 2 – Wireless Network

Mesh Network
Mesh network is a type of Wireless Local Area Network that is connected many wireless nodes
wirelessly with one another. Its system is mostly used at the location that is difficult to run a
cable. And then, it also easy to setup /manage wireless nodes and to extend additional

Page 3 of 12
coverage if needed. There are mainly three components: the Root AP, the Mesh AP, and the
leaf node (wireless clients).

Root AP: In all mesh network, there are at lest one root access point /Gateway AP that
connected to a wired network because it is needed to connect the internet or outside of the
mesh network. Root AP provide a wireless signal to another mesh access points.

Mesh AP: It is called the wireless access points that communicating with one other over radio
backhaul. It transfers the data to between Access points reach the destination. Mesh AP is also
known as backbone of Mesh network. The connection is more reliable because there are many
connectivity resources that running within mesh network. Even one point fails, the data will be
transmitted from other device in the mesh network. Mesh APs also provide wireless signal to
endpoint devices.

Leaf Node: It means endpoint/physical devices that is connecting the Mesh APs via wireless
signal.

Justification of WiFi6 (802.11ax)

WI-FI technology become popular around the world for small, middle and enterprise business
etc. There are many types of Wi-Fi standards/generations based on IEEE 802.11. one of them,
WIFI 6 is new generation that upgraded after WIFI 5. Although, the upgrade may not see
dramatically for the used wireless devices or users, technically there consist of main
incremental improvements: Faster Speed, Wider Coverage and Stability/Capacity. it provides
the maximum 9.6 Gbps of throughput/faster speed and has efficient capacity to handle more
devices connected simultaneously to the Wi-Fi device. And then, it can expand 80 GHz to 160
GHz for a wider channel to make faster connection. So, as per the scenario, the Wi-Fi 6 AP that
provide more throughput, wider coverage, and stability, will be used due to the need of the
video conferencing and live streaming classroom.

Discussion of Site survey for installing of wireless access

The site survey is mandatory requirement that needed to be done physically in advance at the
location that will be installed wireless access points. There may be many important
measurement tasks and many measurement tools (simulation/Wi-Fi panner software/ Wi-Fi
spectrum analyzers) to check the signal strength and quality for the locations that wireless
access points will be installed. Both Wi-Fi spectrum analyzer and Wi-Fi planner tools are used
to have actual measurement in the enterprise organizations. If only the Wi-Fi planner software
is used, the signal strength and quality of location also can be predict/viewed. It shows the
result with heating map. By checking and measuring of the size of location or building, the
structure of rooms inside the building, building drawing and office layout can predict and

Page 4 of 12
mathematically measure interference and performance of signal strength. After getting the
result of site survey, can decide where wireless access point should be installed. So, the
important site survey must be conduced before installing any wireless access points.

Identify two Benefits of installing PoE enabled access points

PoE means Power over Ethernet. It provides electrical power over ethernet cable to access
points. Previously, the access points are needed to provide independent power. But, nowadays,
most of the access points have PoE function that can carry electrical power over Ethernet by
using the same cable that transmit data. By installing PoE enabled access points, there are
following two main benefits:

Cost saving: If the PoE enabled access points are connected to PoE network switch or a PoE
injector, cost will be saved more because a connected single ethernet cable can transmit both
data and power at the same time.

Flexibility/control: It is easy to install and more flexibility for placement as it can be moved and
installed easier for the location because it doesn’t need to think for power supply.

Task 3 – Design the Network

In the above network design, Class A IP addressing with CIDR methods will be used to assign
IP address to the network nodes installed at the classrooms of Floor 2. Each network segment
has 30 usable IP address (example: Network A- 10.147.148.0/27, Network B-

Page 5 of 12
10.147.148.32/27) and the network segments of each classroom are isolated by using VLAN ID.
The primary switch of server room of floor 2 will be connected to primary core switch 1 of the
main server room with two ethernet cables by using ether channel protocol to have the benefits
of link aggregation and redundancy. Ip allocation of each network segment will be assigned
automatically by primary core switch 1. All the switch ports connected to PCs installed at the
classroom will be assigned specific VLAN ID. Each other of the classrooms can not access but
every device of the classrooms can access the servers of main server room and printers
installed at each floor.

Network Physical Cabling

As regards physical cabling, there will be many different types of cables (twisted pair, coaxial
cable, and fiber optic) that use to interconnect the nodes installing on the network. But,
nowadays, all the industries use twisted pair cable or fiber optic depend on their requirement.
One of them, twisted pair cable is most commonly used within the local area network because it
is cheap, reliable, and easy to install. There are two types of twisted pair cables (Unshielded
twisted pair (UTP) that has not internal shielding and shield twisted pair (STP) that has internal
shielding). UTP cable is mostly used in the ethernet network for variety of physical cabling.
There are different types of Cable categories (CAT1, CAT2, CAT3, CAT4, CAT5, CAT5e,
CAT6, CAT7). The benefits and cost of them will be different depend on cable categories.
Physical cabling is one of important things in network infrastructure of building or campus etc.
because it is not easy to install/upgrade often. And then, nowadays, most of the device and
applications required more faster speed than before. Thus, the Cat6 cable will be used because
it supports greater data transfer rate of up to 10 Gbps for lengths of up to 55 meters. It is also
reliable and fully support for PoE devices and easy to install as it is used RJ45 network
connector.

Identify security consideration and assumption

The firewall which will work as internal internet gateway and VPN server, will monitor, filter, and
protect the network threats as well as will handle the network traffic of VPN users connecting
from external network. Cisco ISE server will work as radius server to be able sperate the
network segments and manage the endpoint, user access to resources for wireless users.
Assumption: If two firewall servers could be installed at the place of internal’ internet gateway
server, the network design will be getting better and safe with redundancy and then like to have
additional storage device (NAS) that can be backup the data weekly or daily for data
redundancy.

Page 6 of 12
Task 4 – Secure the Network

Network Threats
Network threats mean an attempt to access the unauthorized resources of the network of
organization to steal the important data and information. The following are three main network
threats.

Distributed Denial-Of-Services (DDOS): it makes the network resources and services to be slow
or to be crush/down. It can cause also by continuous sending many large ICMP packets to
target systems. IT Administrator need to monitor and filter the malicious traffic to prevent DDoS
Attacking.

Phishing: It is tricking people to steal their sensitive information via online by sending email or
message and will contain some information and a website or URL link to be interested. The link
will go the fake website created like the real and then will ask to enter the information such as
personal information and bank credit card information. To prevent this phishing attack, the users
will be needed to educate and share the knowledge of cyber security awareness and there
should be email filtering system to monitor/filter incoming and outgoing of email traffic.

Man-in-the-Middle: It is also a type of attacking to steal the sensitive information of users.

Attackers work as fake server between two devices connecting and steal the information. Users
should avoid using public Wi-Fi and unsecure network to prevent this attack. Even if user is
using public Wi-Fi, should not access the resource that is related sensitive information.

Four Advantages of implementing a VPN

There will be many disadvantages and advantages of using a VPN. The following are four main
advantages of using a VPN for external users:

Safely Remote Access to organization`s resources Anytime: the resources of organization can
be accessed from anytime and anywhere if user have internet connection.

Data integrity: when users access the organization network resources from outside, the traffic
/date will be safe and reliable as the data travel through the encrypted VPN tunnel between two
sides.

Better work Life Balance: As users can work at any time and from anywhere if internet is
available, user can manage more flexible working hours.

Hide Private Information: As using encrypted Virtual Private Network, attacker cannot find and
steal the information easily.

Page 7 of 12
Task 5 – Network Operating System
operating system for file sharing, DNS and DHCP services
There are many different types of network operating systems. Basically, it can sort two types,
proprietary (closed source) and opened-source network operating systems (NOS). The
proprietary NOS means, it is owned by a particular company. Its development and design can
be modified by only a proprietary company. The opened-source mean, it is against with
proprietary NOS and can be modified by anyone.

One of the proprietary NOS, Microsoft Widow Server Operating System will be used to be able
to setup the File Sharing, DNS and DHCP services. Every operating system has pros and cons.
The following is main three positive of Window Server OS.

User Friendly: The interface and function of OS is more familiar for user and easy to use

Easy to Manage: there already consists of many server roles and features in the OS like ADDS,
ACDS, ADFS, DHCP, DNS, Web and print server roles etc. It can be installed and managed
easily.

Software Compatibility: Most of the software are compatible in this OS than other since most of
the enterprise business are using this window server operating system.

The purpose of Cisco IOS

IOS is a type of internetworking operating system that is developed by Cisco company. It is
used to be able to control and manage the component of devices and enable data
communications between networking nodes for internetworking features, routing, switching and
telecommunications functions. Its system is typically installed on the devices (router, Switches)
produced by cisco company.

Task 6 – Network Recommendation

Summarizing network scalability for growth of Gotham City
College
In the above network design stated in task 3, there are one Fortinet Firewall, two core switches,
one dedicated rack mount server and one radius server (Cisco ISE) at the main ICT Server
Room located at floor 1 of the company. Fortinet firewall server will work as an internet gateway
server of the company and protect to internal network for internet security and also can provide
VPN service for external or work from home and control ingress and egress of each network
segment traffic. Both core switches are connected by stacking cables to have redundancy.

Page 8 of 12
Primary core switch 1 will provide VLAN and DHCP services. Hyper- V as hypervisor is installed
at the dedicated server to be install the necessary network operating systems. There will be
number of virtual guest operating systems (AD, File and Print servers) inside the Hyper-V. Two
ethernet cables are combined with NIC teaming to have more bandwidth and redundancy at the
server. There are two wireless SSID names at each floor that is coming from one or more
wireless access points. One of them is for cooperated devices and another one is for BYOD.

Identifying three key aspect of network design for common

threat
Firewall: a firewall can protect a network by filtering network traffic coming from unauthorized
network resources. One of the firewall features, content filtering system will be also configured
to control the network traffics going to visit the unsecure networks.

Antivirus Software: the antivirus software will be installed at all computer systems of the
organization to be able protect various of malware and ransomware.

DHCP Snooping: DHCP snooping is a type of security technologies base on working layer 2
switch. It can prevent the unauthorized DHCP server that are trying to become DHCP server
from the network. Therefore, this service will be configured at all ports of the switch exclude the
port connect authorized DHCP server from network.

Three recommendations for a minimum of 3 years to make

ensure the network
Nowadays, technology is rapidly advancing and changing every day, and anyone can not
foresee the changes in future. Therefore, to have robust network for future, IT team member
and stake holder of the organization meet to discuss /predict the future technology demands
and changes that may be for the organization before building network infrastructure. As per the
above network design stated in task 3, the following are three recommendations to make
ensure the network for a minimum of 3 years.

Data Storage Space: there will be data storage space at the file server that can store the data
for individual user and common shared space of each classroom. storage space has limitation.
So should not allow to store unrelated data with organization and large files such video file for
long term solution of storage capacity.

Firmware upgrade: the updated and latest firmware announced by official provider related
network devices installed the network, should be upgraded regularly to support additional
features and security functions consist in the updated firmware.

Page 9 of 12
Network Infrastructure Maintenance: Maintenance should be done logically and physical to
review the stability and performance of the network.

Discussing IoT Devices on the network and three risk of its

IoT stand for Internet of Things. It is or virtual platform or physical objects that installed
embedded system with sensors, software, and other technologies to exchange data collecting
for the communication purpose with other device and systems over the internet. Now, we can
connect everyday objects—kitchen appliances, cars, thermostats, baby monitors—to the
internet via embedded devices, seamless communication is possible between people,
processes, and things. (Oracle , n.d.). If the IoT devices will be installed, those devices should
be isolated with VLAN ID on the network for purpose of security. The followings are three risks
of IoT devices:

Weak Encryption: most of IoT devices are weak in encryption of data for data transmission
between each other. it is the main security issues because an attacker can capture and steal
the sensitive information easily.

Man-in-the-middle: the attacker can act as a fake IoT device between two devices connected
normal to steal the information.

Weak passcode: most of the IoT device come with default password. the default and simple
password left/created by user or vendor. So, the attacker can access it easily by botnets attack.

--------------------------------------------------- End of the assignment---------------------------------------------

References
Cisco Press. (2003, 3 14). Network Media Types. Récupéré sur Cisco:
https://www.ciscopress.com/articles/article.asp?p=31276
DIGITALAIR THE WI-FI EXPERTS. (s.d.). DIGITALAIR THE WI-FI EXPERTS. Récupéré sur
POE: https://www.digitalairwireless.com/articles/blog/what-is-poe-what-does-it-have-to-
do-with-switches
Farahani, S. (2008). Sciencedirect. Récupéré sur Shahin Farahani:
https://www.sciencedirect.com/topics/computer-science/wireless-site-survey
Firewall CX. (s.d.). Récupéré sur Firewall CX: https://www.firewall.cx/networking-topics/cabling-
utp-fibre/112-network-cabling-utp.html
Krukova, A. (2022, 1 13). TreConf. Récupéré sur https://trueconf.com/blog/reviews-
comparisons/tcp-vs-udp.html
Micro Ai. (s.d.). Micro AI. Récupéré sur IoT Security: https://micro.ai/blog/iot-security-the-top-
six-risks

Page 10 of 12
Oracle . (s.d.). Oracle. Récupéré sur Oracle: https://www.oracle.com/internet-of-things/what-is-
iot/
TP link. (s.d.). Tplink. Récupéré sur https://www.tp-link.com/us/wifi6/:
https://www.tp-link.com/us/wifi6/
Williams, L. (2022, 12 17). type-of-network-topology. Récupéré sur GURU99:
https://www.guru99.com/type-of-network-topology.html

Page 11 of 12