UC NETWORK DESIGN FOR

BLENDED TEACHING HUBS

A report on a proposed subnetwork design for
UTAS

Author Name
[Email address]
UC Network for Blended Teaching Hubs [Author Name]

Executive Summary
The report focuses on the design of a university subnetwork for effective communication between
its teachers and students while adhering to stakeholder requirements, networking principles and
security. All recommendations made in the report will be due to change upon a budget being set
after a cost-benefit analysis is conducted based on the stakeholder requirements and equipment
costs.

i
UC Network for Blended Teaching Hubs [Author Name]

Contents
Executive Summary.................................................................................................................................. i
Contents .................................................................................................................................................. ii
1 Aims and Objectives of the Network Design .................................................................................. 3
1.1 Stakeholders, Stakeholder requirements and Stakeholder needs ......................................... 3
1.2 Purpose of the UC Subnetwork: Aims and Objectives ............................................................ 4
2 Policy and procedures relating to the Administration .................................................................... 5
2.1 Technological requirements of the proposed network .......................................................... 5
2.2 Software requirements for existing and future devices ......................................................... 5
3 Network Design and Implementation(OSI Reference Model Layer) .............................................. 6
3.1 New subnetwork topology design .......................................................................................... 6
3.2 Modelling the subnetwork...................................................................................................... 7
4 Securing the Network and relevant Principles................................................................................ 8
4.1 Cyber security threats to the UC model in higher education ................................................. 8
4.2 Relevant countermeasures and their operations ................................................................... 8
References .............................................................................................................................................. 9

ii
UC Network for Blended Teaching Hubs [Author Name]

1 Aims and Objectives of the Network Design

Identifying relevant stakeholders and expanding on the purpose of the subnetwork is crucial to the
design phase.

1.1 Stakeholders, Stakeholder requirements and Stakeholder needs

The stakeholder details relevant to the proposed new subnetwork are presented in the table below:

Stakeholder Type Stakeholder requirements Stakeholder needs

Students (inc. • Accessing learning resources • Easy to use system
international and local) • Accessing tutor help • Simplified access and
• Accessing online learning authentication
• Accessing online tests
Teaching staff • Accessing course content • Besides ease of use, the option
• Communicating with students to moderate tests

Admin and IT staff • Conducting relevant • Moderate and ensure safe user
administrative activities activity across the network
• Ability to set access levels for • Troubleshooting network
different levels of users accessing issues for students
(UTAS, 2021)
Visitors • Access to the university website • Ease of use
and its resources/documents
Educational Technology • Consulting on the viability of the • A viable university sub-network
experts network infrastructure for setup
maximum efficiency
• Work collaboratively with
university IT staff
Government • Consulting on the government- • Secure network regulation
specific standards of networks based on standards set by the
in schools government (Australian
Government Department of
Home Affairs, 2022)

3
UC Network for Blended Teaching Hubs [Author Name]

1.2 Purpose of the UC Subnetwork: Aims and Objectives

The introduction and implementation of ICT in schools have potential benefits which include
incorporating capabilities to support professional learning within a global setting, enabling
leadership and also enhancing learning in students (Victoria State Government, 2020).

A university subnetwork should be considered a vital part of the overall embedding of ICT in
Australian schools as it facilitates key communication channels between teachers and their students
to potentially create a more viable learning environment. The subnetwork will be responsible for
accommodating integrated teaching hubs where students can learn in a safe and secure
environment that is resistant to cyberattacks.

The aforementioned teaching hubs will host online classes for students to communicate across
campuses and learn in unity with consistency. The subnetwork will also enable enrolled students all
around the world to attend and engage in online classes. The subnetwork is also of great benefit to
teachers who can join online classes from any location and forward classroom quality learning
content. The teaching hubs will incorporate multiple teaching spaces, computer laboratories and
video conferencing software to accomplish the goals mentioned above.

The subnetwork will also accommodate interoperable ICT systems responsible for managing student
records and simplifying daily tasks for university staff. E.g., streamlining student data, and
automating student attendance checking will greatly enhance operational efficiencies to effectively
reduce time and costs.

4
UC Network for Blended Teaching Hubs [Author Name]

2 Policy and procedures relating to the Administration

2.1 Technological requirements of the proposed network

The technologies required for complete implementation of the proposed network are listed below:

➢ Existing enterprise networking solution: Aruba (UTAS, 2021)

➢ Hardware equipment:
o Router (currently in-use)
o Switches (based on the port requirements set out in section 3.2)
o Wireless LAN Access Points (currently in-use)
o Cloud-based data servers with an integrated backup schedule
o Dedicated racks (19-inch width racks to accommodate 32 port switch(es))
o Ethernet Cable (preferably CAT 5e for extra bandwidth)
o Firewall (currently in-use)
➢ Video Cameras for lab computers, distance learning personal computers, classrooms, and lecture
halls (currently in use)
➢ Interactive boards e.g., Google Jam Board to present the breakdown of problems to both
classroom and distance learning students
➢ Microphones, Speakers, touchscreens, and interactive markers/pens to be used with the
interactive boards (currently in-use)
➢ Soundproofing the classrooms and lecture halls (implemented in selected teaching spaces)

2.2 Software requirements for existing and future devices

The software requirements for facilitating the teaching hubs are presented below:

Existing software:

o Desktop End-Point Software: Facilitates video conferencing for computer users

o Video Conferencing Mobile Apps: For smartphone and tablet users
o Web Conferencing Software: Video streaming, video calling and messaging for teaching
station
o Estduent, Webmail and MyLo
o MS Office, Coding IDEs such as Visual Studio and Web Browsers

Potential Additions:

o Discord: Integration of discord to connect with a wider community on different topics

o EndNote: For taking notes during a live class
o Scheduling Software: Enable students to get on top of their study and personal
commitments

Software for remote students:

o Zoom/Skype: To bring together both distance learning students and campus attending
students

5
UC Network for Blended Teaching Hubs [Author Name]

3 Network Design and Implementation(OSI Reference Model Layer)

3.1 New subnetwork topology design

The star topology will be used to create the network layers and teaching hubs within the
subnetwork. In a star topology, devices such as the student computers, lab computers and teaching
podium will be connected to a single switch hub, which will be sitting in front of a dedicated router
for each campus.

The teaching space will primarily take the shape of a virtual private network that uses a public
network to connect remote users (this is important to connect distance learning students). The VPN
is established by using dedicated connections and tunnelling protocols. A firewall sits between the
network and the private network i.e., the teaching hub and acts as a protection barrier (Dandamudi,
2015).

IP and MAC Address filtering is enabled by the router for each campus which allows an administrator
to configure the network accordingly based on the available bandwidth. MAC address filtering to

6
UC Network for Blended Teaching Hubs [Author Name]

control wireless devices enables administrators to prevent malicious threats that may result in data
theft and other cyber security attacks (Sari, 2017).

3.2 Modelling the subnetwork

The recommended switch configuration for both campuses is a 32-port switch hub to accommodate
all users and their devices within the scope of the teaching hub. The port calculation for both
campuses is presented below:

No of Lab Computers on each campus: 20

Wireless Access Points for handheld devices: 2

Spare ports: 2

Teaching podium computers: 1 Computer + 1 Smart Tablet

Teaching space wireless ports: 2

Teaching space spare ports: 2

Total number of ports for each campus = 20+2+2+1+1+2+2 = 30

The university has a class C network 166.214 where the IP addresses 166.214.0.0 – 166.214.12.0 are
already in use. Given this information and from our previous calculations, the subnetwork needed to
accommodate both teaching spaces and all the devices within it, that amount to a total of 60(30x2)
ports, is presented below:

A class C network means a 24-bit network address and an 8-bit host address. Using the subnet
calculator at https://www.site24x7.com/tools/ipv4-subnetcalculator.html, the subnet can be
configured like this:

7
UC Network for Blended Teaching Hubs [Author Name]

4 Securing the Network and relevant Principles

Accelerated development of ICT architecture across the globe means a greater number of cyber
security attacks and therefore a network must protect all its hosts and their information (AlSarhan,
2016)

4.1 Cyber security threats to the UC model in higher education

On 11th August of 2020, electronic files belonging to university students were accessed without
authorization on a SharePoint site on the Office365 platform (Tasmania, 2022). The compromised
files contained the personal information of approximately 19,900 enrolled students in 2020
(Tasmania, 2022). The breach took place because of an unintentional misconfiguration of the
security settings of the SharePoint site.

According to a report published by Newsday (Tyrrell, 2022), Long Island schools have reported 29
occurrences of ransomware and other cyber security incidents over the last 3 years. The attacks
seemingly revealed private information such as social security numbers and addresses. The
increased number of online courses during the pandemic has created new opportunities for cyber
threats (Sharma, 2022).

Ransomware groups target weak systems which are often developed with a limited budget for
cybersecurity expertise (AL JAZEERA, 2022). Ransomware is a type of malware that encrypts files on
a device, making the system of the said device unusable. Ransomware gangs, injecting the malware,
demand ransom for decrypting the files (Stop Ransom Ware, 2022).

4.2 Relevant countermeasures and their operations

The countermeasures that can be applied against ransomware and unauthorized access, both from a
user endpoint perspective and network perspective are listed below:

VLANs as existing countermeasures: Splits up university networks into separate VLANs for students
and staff (UTAS, 2021).

Demilitarized Zones (DMZs): Secure communications between the university and the internet
(UTAS, 2021).

Virtual Switches: The virtual switch is used for protecting network systems. It does this by acting as
the middleman between access points and computers while moderating the transmission and
assigning unique IP addresses using its ports (AlSarhan, 2016).

Further Network Segmentation: A large network can be secured by breaking it up into smaller
segments and limiting the damage that can be caused by a cyber attacker (Wagner, 2017) . E.g., old
networks using /8 and /16 are vulnerable to infection in a short amount of time. A class C network
i.e., /24 is comparatively safer but, if possible, it needs to be further broken-down meaning creating
individual clusters of computer networks instead of connecting all computers to the same network.

8
UC Network for Blended Teaching Hubs [Author Name]

Virtualization for endpoint devices: A virtual machine runs separately from the host computer’s
operating system meaning a user can do all their tasks safely without risking the safety of his/her
operating system.

Intrusion Detection Systems: An intrusion detection system watches networked devices and looks
out for malicious behaviour in the activity patterns within the audit stream (Marcos M. Campos,
2005). The malicious behaviour, upon detection, is reported to an administrator or a security
information management system. The IDS operates in the OSI Layer 3 which is also known as the
network layer.

Staff Training and Backup: Improve staff training to contain mishaps that caused the privacy breach
of university students in August 2020. Also, implement scheduled backups to keep copies of
information vital for the daily operation of university systems to counter malicious encryption.

References
AL JAZEERA. (2022, January 31). Cyberattacks on US schools increasing amid reliance on technology.
Retrieved from ALJAZEERA: https://www.aljazeera.com/news/2022/1/31/cyberattacks-on-
us-schools-increasing-amid-reliance-on-technology

AlSarhan, R. S. (2016). Computer Network Design for Universities in Developing Countries.

Information Technology Capstone Research Project Reports. 2.

Australian Government Department of Home Affairs. (2022, March 22). Cyber security regulation
incentives. Retrieved from Home Affairs: https://www.homeaffairs.gov.au/reports-and-
publications/submissions-and-discussion-papers/cyber-security-regulations-incentives

Dandamudi, S. a. (2015). Firewalls implementation in computer networks and their role in network
security. Journal of Multidisciplinary Engineering Science and Technology (JMEST), 408-411.

Hong, S. a. (2018). Ransomware attack analysis and countermeasures of defensive aspects. Journal
of Convergence for Information Technology, 139-145.

Marcos M. Campos, B. L. (2005). Creation and Deployment of Data Mining-Based Intrusion

Detection. Fourth International Conference on Machine Learning and Applications.

Sari, R. S. (2017). A review of ip and mac address filtering in wireless network security. Int. J. Sci. Res.
Sci. Technol, 3(6), 470-473.

Sharma, S. (2022, January 24). Education sector hounded by cyberattacks in 2021. Retrieved from
CSO : https://www.csoonline.com/article/3647760/education-sector-hounded-by-
cyberattacks-in-2021.html

Stop Ransom Ware. (2022). What is Ransomware? Retrieved from Stop Ransom Ware:
https://www.cisa.gov/stopransomware

Tasmania, U. o. (2022). University of Tasmania. Retrieved from Privacy Breach:

https://www.utas.edu.au/legal-services/breach-2020

9
UC Network for Blended Teaching Hubs [Author Name]

Tyrrell, C. S. (2022, March 27). LI schools hit with 29 ransomware attacks, hacks, other cyber
incidents in past 3 years. Retrieved from Newsday: https://www.newsday.com/long-
island/education/ransomware-cyberattack-virus-school-computer-networks-p5wjjhed

UTAS. (2021, March 24). ZAT111 Assignment 3 Site Visit. Hobart, Tasmania, Australia.

Victoria State Government. (2020, March). ICT design model for schools. Retrieved from Victoria
State Government Education & Training:
https://www.education.vic.gov.au/Documents/school/teachers/management/infrastructure
/ICT-Design-Model-for-Schools.pdf

Wagner, N. Ş. (2017). Capturing the security effects of network segmentation via a continuous-time
markov chain model. In Proceedings of the 50th Annual Simulation Symposium (pp. 1-12).

10