After a detailed investigation of the infrastructure of the organization and identification of the needs of the network the report is prepared. The current needs of the organization is to establish a VPN connection between remote sites of the same organization and securely transmission of the data packets in the network. The success of the development of the network depends on the successful implementation of the VPN. The VPN services that should be identified that are needed by the organization and the scopes of the project should be defined for the implementation of the new technology.
For the development of the VPN network the current network framework should be identified and with the required number of hardware and software that are essential for the development of the network. The network device should be configured according to the needs of the organization and there should be used in future for the expansion of the current network. The network should be connected with a wireless router such that the users with mobile devices can connect with the wifi network for sending and receiving data packets in the network. A secure cloud solution can be used for the storage of the data and allowing the access to the limited number of users for the management of the information.
During the project development different barrier or constraint can rise that can affect the project development such as the addition of extra cost during the progress of the project. The unavailability of a hardware device and incompatibility of a device with the protocols and service required for the configuration of the vpn network should be identified before the selection of the network hardware. The skills and knowledge of the network engineer for configuration and troubleshooting the network can also become a problem for the development of the network.
For the analysis of the requirement the stakeholders must be involved and the service required by them should be identified. The list of requirement for the development of the network are listed below:
a. Logical Design
b. Physical Design
c. Network Topologies
For the development of the network the selection of the topology is important for the deployment of the network device and configuration of the network. The branch is connected using the vpn hub and spoke topology such that all the communication between the remote branches is done using the central server. A site to site vpn connection is established between the remote branches connected with each other and traffic of the internal network is passed via the hub and then the out to the destination address.
d. IP Addressing
Major Network: 172.139.28.0/22
Available IP addresses in major network: 1022
Number of IP addresses needed: 500
Available IP addresses in allocated subnets: 696
About 69% of available major network address space is used
About 72% of subnetted network address space is used
|
Subnet Name |
Needed Size |
Allocated Size |
Address |
Mask |
Dec Mask |
Assignable Range |
Broadcast |
|
Administrative network |
50 |
62 |
172.139.30.128 |
/26 |
255.255.255.192 |
172.39.30.129 – 172.39.30.190 |
172.139.30.191 |
|
Finance Network |
100 |
126 |
172.139.30.0 |
/25 |
255.255.255.128 |
172.39.30.1 – 172.39.30.126 |
172.139.30.127 |
|
Sales Network |
200 |
254 |
172.139.28.0 |
/24 |
255.255.255.0 |
172.139.28.1 – 172.139.28.254 |
172.139.28.255 |
|
Dispatch Network |
150 |
254 |
172.139.29.0 |
/24 |
255.255.255.0 |
172.139.29.1 – 172.139.29.254 |
172.39.29.255 |
e. Security features and policies
The application of the IPSec design between the routers can create an encrypted channel with the spoke router. The A multi-layer security model is selected for the management of the security of the network framework. The internal network is divided into different modules such that a specific module can be provided with limited access. The use CHAP authentication and RADIUS server help in maintaining the identity of the user.
f. Redundancy and failover plans
The fail over plan and the redundancy can be used for the creation of the back up link and help in increasing the network uptime. The source can reach the destination via multiple path and if one path is unavailable the other path is selected for successfully delivering the data packet.
g. VPN service implementation
For the implementation of the vpn service the router of the organization needs to be configured with the ipsec policy and an encryption key should be used for the authentication of the access of the remote user. For the implementation of the VPN service a research is done on maintaining the confidentiality of data, tunneling, authentication, integration of data. The IPSEC, PPP, MPPE protocols are used for the management of the authorization and encryption of the channels to secure the network.
For the development of the network the access of the security controls should be available to the network administrator such that it is ensured that the data is sent and received using secure communication tunnel. A proper authentication mechanism is followed for the authentication and authorization of the users for creating a unique identification procedure. It is used for management of the corporate resources and ensuring secure transmission of data.
Network Diagram for configuring IPsec Client VPN
Configuration of Crypto isakmp
Installation of the Email and the file server in the DMZ zone improves the security and reliability of the network and it creates a perimeter of the network where the internal resources are secured from the external resources. The DMZ is configured such that an additional security layer is imposed in the network and allows the network administrator to easily identify the breaches in the network. The demilitarized zone is created for protecting the network from different types of vulnerability and protect the network from the internal and the outside users.
Conclusion
It can be concluded that the requirement of a SME organization should be analyze for the selection of the vpn service that would help the organization to meet their long term goals. It is important to create an security policy for maintaining the access of the user to the different parts of the network. For the establishment nt of the remote connection the VPN hub and spoke topology is selected where a failover plan is also created for the management of the complexity of the network. The network suitable for the small and medium sized organization should be identified for the management of the current network capacity and management of the growth of the organization.
“IEEE/ACM Transactions on Networking society information”, IEEE/ACM Transactions on Networking, vol. 24, no. 5, pp. C3-C3, 2016.
“Optical Switching and Networking”, Optical Switching and Networking, vol. 10, no. 4, pp. 463-464, 2013.
“Introduction to Information Security”, Network Security, vol. 2013, no. 12, p. 4, 2013.
“The Practice of Network Security Monitoring”, Network Security, vol. 2014, no. 10, p. 4, 2014.
Wang, “The Design of Improved Elman Network Intrusion Detection Algorithm in Digital Campus Network“, Advanced Materials Research, vol. 1049-1050, pp. 2096-2099, 2014.
Kermanshahi, Y. Shafahi and M. Bagherian, “Application of a new rapid transit network design model to bus rapid transit network design: case study Isfahan metropolitan area”, Transport, vol. 30, no. 1, pp. 93-102, 2013.
Yadegari, M. Zandieh and H. Najmi, “A hybrid spanning tree-based genetic/simulated annealing algorithm for a closed-loop logistics network design problem”, International Journal of Applied Decision Sciences, vol. 8, no. 4, p. 400, 2015.
Liu and W. Qu, “Design of Campus Network Database Access Based on Encryption”, Applied Mechanics and Materials, vol. 608-609, pp. 331-335, 2014.
Hosapujari and A. Verma, “Development of a Hub and Spoke Model for Bus Transit Route Network Design”, Procedia – Social and Behavioral Sciences, vol. 104, pp. 835-844, 2013.
“The Comprehensive Evaluation Research of Campus Network Security Based on the Analytic Hierarchy Process (AHP)”, INTERNATIONAL JOURNAL ON Advances in Information Sciences and Service Sciences, vol. 5, no. 7, pp. 809-816, 2013.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download