Wireless LAN Network Design And Enlargement Project Essay.

1.3 Ensure document design is consistent with company and/or client requirements, using basic design principles
1.4 Discuss and clarify format and style with person requesting document/publication

Welcome to the learner’s guide for this unit of competency for the qualification ICT50115 Diploma of Information Technology. This guide provides you with essential information on competency standards, delivery plan and schedule, assessment plan, assessment tasks and learning resources for this unit of competency.

The purpose of this learner’s guide is to:
? Provide you with information on delivery schedule and plan of this unit
? Ensure the you understand how students will be assessed in this unit
? Provide information on assessment methods, strategies, and evidence requirements
? Provide information on learning activities and assessment tasks
? List resources which may assist in student learning and assessment tasks

Purpose of the learner's guide

For the last decades now the use of wireless communication has far ahead reached great milestones with the adoption rate being so high. Wireless communication are known for mobility aspects related to them though a lot need to be done to even get better with the systems. Wireless LAN are emerging as most effective means of connecting networks in schools because of the mobility of Management and Junior employees where the use of cables is limited due to the huge numbers.

This activity aims to fulfill four fundamental network goals namely

1. Security,
2. Availability,

• Manageability and

The wireless LAN shall be real time. There are effective location security devices to secure the wireless LAN and the network Management will help manage and support the network. The wireless LAN will serve the Organization of Networks for the next seven to ten years. It will also help in framework of future LAN procurement activities (Tankard, 2011). This exercise will provide a flexible connectivity for PC workstations; wireless LAN connected host computers and wide range of end systems.

Figure 1: Network Flexibility

Why this implementation?

The current system serves all the floors in the institution but the future LAN is expected to be a repetition of the topology on every floor of the building. There will be a router in every part floor where all the wireless access points will be connected.

Figure 2: The current and the expected future scenario respectively

The above scenarios are presented with the first one the institution assuming implementing a star topology that will be implemented in the various floors as a duplicate. The connection form one floor to another is basically buy the use of a router. The main aim of this exercise is to establish if the network will support the infrastructural growth implemented. The aim is to compare how the system will look at the end of incrementing.

Figure 3: Server load comparison with network enlargement

After the implementation of the network design and enlargement it’s high time that the variation in the network load is determined. The expected graphics that are shown above represent the server become loaded as there is increase in the network devices with the increasing number of floor there are connections. Also there are expected network delays expected and the figure below shows the different delay variation from the first floor to the second floor of the building and more expected as there is increase in the number of users.

Network Flexibility

Figure 4 Network delay comparison

Steps

1. Choosing the design type

The first step is choosing the design type for the security project. The project considered suggested options and analyzed them to come up with the best option among them. There are three options available for the design type in this project namely; High-Density Large Campus design, Medium-Density Campus design, and Small-Site Campus design.  The project focused on High-Density Large Campus design with the use of a hierarchical architecture. The option is better because the name suggest that it is important for large area. This project deals with a wide area and two distribution sites with different access points hence the need for large campus design.

1. Unified Wireless Network Mobility

The second activity in the project concerned the mobility of the network system to be created. The project settled for the unified Wireless Network Mobility. This architecture will help educational environment at the organization to send internal emails and communicate in different departments. All the users will access internet throughout the buildings. The mobility service has segmentations with differentiated services for junior employees and faculty. The wireless LAN will provide a lower cost internet service to junior employees and Management using video calling of other software clients to reduce the cost of connecting to other junior employees in larger departments (Stallings, 2017). The design provides safety for junior employees and faculty through a wireless video surveillance as they move within and outside the campus. The RFID tags on research tools and valuable computing devices will ensure known locations to deter theft.

• Choosing the Primary components of the wireless LAN

The component selection for this project is based on industry Standards IEE 802. 11. One of the Unified Wireless companies that address the layers of wireless LAN from different access pints and clients to network infrastructure is Cisco Networking Company (Mohanty and Akyildiz, 2006). The Cisco Unified Wireless Company has different components required for this project. The choice of Cisco is due to the availability of the experts and also the need for easy and cost effective maintenance. For a good period of time Cisco has proved that their systems are durable and can handle huge traffic in big institutions up WMAX level.

The organization expects to use computers at the laboratories and different faculties, which means they should have operating systems compatible with the network system. There are various client solutions used in this project. Operating systems with a native internet protocol security (IPSec) support include Linux Kernel Version 2.6, Microsoft Windows 10 and XP, Mac OS X and free BSD. The project did not test other systems that have native Internet Protocol Security support such as OpenBSD and NetBSD. However, the systems can work using Cisco and Linux Internet Protocol Security gateway alone. The Cisco VPN concentrator available for Linux, Mac OS, and Microsoft windows is important for client operations.

Why this implementation?

The moving VPN client will help in palm and pocket Personal computers used by Junior employees and Management moving around the organization. However, the client does not support key authentications in RSA because of the restricted computational power in palm and pocket PC devices. Linux based Opie will help with open sources based OS to provide native IPSec.

The wireless LAN will adopt secure clients that can work outside the box. Here we will use Cisco compatible Aironet client devices.

Figure 5: Client Devices

The project is entirely based on use of access points and the choice makes it the best part of it. There are different types of access points but the most common are HP and Cisco due to the compatibility issues.  Cisco is the most suitable for this setup of network for its cost effective, efficient and reliable.

Aironet access pints and bridges will connect the wireless devices to the wired networks while providing network access. The Access points will be managed through LWAP while some will operate autonomously. The gadgets include Cisco Aironet Access points; 1500, 1300, 1230 AG, 1240AG, 1000AG and 1130AG. Bridges will be 1400 and 1300.

Figure 6: Access Points

Figure 7: HP and Cisco performance evaluation

Figure 8: The interconnection of the AP as per every floor of the building using s switch

The Network Unification Infrastructures functions smoothly across different platforms. They include Cisco Catalyst 6500 Series (WiSM), Wireless LAN controller Module in integrated service routers, Cisco 4400 series, Cisco Catalyst 3750 series with Integrated Wireless LAN controller and 2000 series with WLAN controllers (Roshan and Leary, 2004).

The above figure represents evaluation between two technologies one from the Hp and the second one from Cisco. At first for a small number of users both perform in such a way that little difference is noted but as the load increased there is a big variation in the network. Cisco equipments are performing better for a large number of users as compared to the Hp due to ability to handle huge traffic at a go. They all have a point where additional load will lower the performance of the network unless a new AP is added to support high performance in the network.

Network standard (IEEE 802.1)

Wi-Fi WLAN, IEEE 802.11 is the standard for wireless LANs. The project compared the requirements at the Organization with various IEE 802.11 specification. IEEE 802.11 can send network packets from a sending host to unicast or multicast receiving hosts (IEEE Computer Society LAN MAN Standards Committee, 1997). Its protocol specifies a wireless specified network, meaning one person can only use the maximum bundle at a time. Another challenge with 802.11 is that it has a large-scale security risk. Wired Equivalent Privacy Protocol failed to could not provide security during testing. However, Wi-Fi protected Access 2 addressed the security problem. The standard relies on passwords for authentication.

Version (802.11)	Frequency rating (GHz)			Maximum Modulation Rates	Typical Data Rates		Modulation
a		5	54 Mbps			20 Mbps		OFDM	16QAM
b		2.4	11 Mbps			5 Mbps		DSSS	CCK
g		2.4	54 Mbps			20 Mbps		DSSS, OFDM	16QAM
n		2.4 or 5	600 Mbps			170 Mbps		OFDM	64QAM
ac		5	1300 Mbps			TBD Mbps		OFDM	256QAM

Steps

Table 1: Network Standards

The Organization of Networks requires a hierarchical design model to break its wired LAN design to modular groups of layers. Since the organization has two sites, it requires different layers with different functions. The Junior employee body and the faculty also need to use the network while moving within the campus. Each layer will implement a specific function in the design simplifying the network design and deploying easy management of the network. A hierarchical design helps to manage and improve resiliency (Vaidya, Dugar, Gupta, and Bahl, 2005). It has three layers:

1. Access layer-This layer provides the users and endpoints to enhance access that is direct to the wireless LAN.
2. Distribution Layer- It groups the access layers as well as enabling the connectivity to the various services offered.
3. Core Layer-It enhances the linking between the distribution layers and the larger LAN establishment.

The Wireless LAN architectural Design for the Organization of Networks

The organization wireless LAN requires a receiver device, which will acts as the access point. A standard Ethernet cable will connect the access point to relay data between wireless computers and devices in the wireless networks at the organization main sites namely firs site and the second site. The first site is the main site comprising of five buildings with letters A to E. The second site has two buildings F and G. The access point receivers will transmit and buffer data between the wirelesses LAN the wired network infrastructure. For the benefit of mobility, a wireless end user will have a full connection of the network within the range of the access points.

Layer 2 and 3 Switches

Switches will help to build networks, link devices together and forward data from the one point to another. The information provided is organized in a manner that conforms to the Operating System Interconnection (OSI). The project adhered to seven-layer model to ensure interoperability between the products. Since this is a large network, it will have a mix of both layer 2 and 3 switches. A layer 3 switch enables department segmentation, which is a requirement by the organization (Sankar, 2005). Layer 3 will also help in easy control without loss of bandwidth. Layer three switches are able segment a network logically into more LANS. In this case, there are two sections; first site and second site.

Each floor will have a WEBR 6003 router on all the buildings. There will be three computer laboratories with the router on each floor. The printer will be connected through the wireless network so that Junior employees can print documents from the internet and organization computers. All the computers in the laboratory will be connected to a single network in the library through a Local Area Connection. Since each floor will have a router, the computers will connect directly to the network through a wireless network. The figure below shows how each floor will receive wireless connection with the help of a WEB 6003 router. There will be more computers especially in the laboratory as required by the organization and the router is able to serve more gadgets including Wi-Fi mobile phones and tablets used by faculty members in all the buildings.

Network Unification Infrastructures

3Com Wireless LAN (Building to Building)

The below component will be used in each building to act as a bridge and deliver three to four times bandwidth of TI links and will work at a distance of up to 15 miles. This will help connect sites A and B using a wireless connection. The bridge supports one-to-one and one-to-many topologies to create a maximum flexibility when configuring building-to-building networks. In addition to the component’s Wi-Fi compatibility, it supports IEE 802.11 b with 11 Mbps wireless transmission and for 802.3af for Ethernet power (Bianchi, 2000). It will help keep network available every time 24 hours a day, 7 days a week.

CAPTURING AND ANALYZING WIRELESS TRAFFIC

There are different formidable tools that can capture and analyze wireless traffic. The options include Wild Packets Omni peak Enterprise, Air Manet Wi-Fi analyzer, Aruba Networks Protect Mobile and Wireshark. Unlike other tools, Wireshark captures packets in real time and display them in readable form as shown in the screen short below (Orebaugh, Ramirez, and Beale, 2006). Wireshark includes color-coding, filters, and other features that allow one to dig dipper into the network traffic and help to inspect individual packets. It is the world’s most popular wireless LAN network protocol analysis.

The Management involved in the operations of the wireless LAN network will receive training on the operation of the systems. The best way to train the IT Management is through selecting different groups each week and conducting an orientation for the system (Zhang, Weinstein, and Tu, 2001). The Junior employees will have a documented version of the wireless LAN system to help them understand how to use the Wi-Fi around the school. The documents will also state the specific hot spots for the Organization’s Network. Junior employees with gadgets such as android phones and IPad and other substances that can access wireless networks will get help from the reception of each building. The Organization of Networks will also take its IT Management through training on computer networks with the help of Cisco Networking Company.

The Organization of Networks will take over the duties such as maintenance. The trained IT Management will have a department that maintains the computers, components and give suggestions for future developments of the wireless LAN system. User support after the training is a must since the users can not capture all the required knowledge in one single occasion. User support for this specific system will last for  6 months after the installation of the network. After the purchase of the components, organization remains responsible for the activities of the department. Every system and equipment used in the coming up with the network will e under warranty for 24 months any failure is subject to replacement by the vendor. During all this period of time, maintenance of the network is not done by the organization. When the 24 months are over it now becomes the responsibility of the Organization ICT department to maintain the network. After the warranty is over all the activities requiring the system decisions is carried out by the ICT department. Other installations will happen as per the growth of the faculty and development of the organization.  

Duration(weeks)	Task	Duties performed
0-4	User training and maintenance	Train the users on how the system works. Maintaining the network infrastructure.
4- 24	User support	Users are given support on the various functionalities of the system.
0-105	Equipment warranty	All the equipment used are under warranty and if it fails the network installation firm replaces it on immediate effect.
105-infinity	ICT Department maintenance	After the warranty period the system is handed over to the Organization’s ICT department.

Network Standard (IEEE 802.1)

Risk management can be implemented in an organization with the use of both proactive as well as reactive approach. Companies use the reactive approach as a retort to the safety risks that have previously happened in the organization. Due to different security incidents, an effective response is generated in a reactive approach. The examination of the reasons for creating security incidents assists in avoiding them in future. While applying the reactive approach, there is a need to follow the six steps (Stroie & Rusu, 2011). There must be laws in organizations that can protect human life and prevent workplace accidents. If there is any damage, this must be stopped and not allow to get spread. After the damage, it is also required to have the assessment of damage. For instance, in case of cyber-attack, there is a requirement for assessing the cyber damage. This will consist of conduction of detailed investigations related to the incident as well as immediate actions for restoring or replacing the hardware. Then there is a need for defining the damage causes. After this assessment, repairing of damages should be done. Moreover, policies and responses must be reviewed under reactive approach. The other approach is proactive approach, and it has many advantages as compared to the use of reactive approach (Stroie & Rusu, 2011). It is economical to lessen the likelihood of occurring the risk as compared to reacting towards the incident after its happening. Organizations must have plans for protection of their assets and for the implementation of controls, in order to lessen the risk of mistreatment of organization’s susceptibilities by malicious software’s. Also, if an organization is using the effective security strategies that this will result in reputational benefits along with cost savings, and reduction in incident response times. However, if an organization fails in the implementation of adequate security measures then organization’s competitive position will remain no more in the industry. This is due to the reason that in today technological world, business have huge amount of customers data. Customers in return expect business to protect their sensitive data. Thus, breach prevention along with the information security management is significant to organizational success.

Usually, data breaches narrate to one of three comprehensive categories that are confidentiality breaches along with the integrity breaches in addition to availability breaches. Confidentiality breaches are attempts to obtain admittance to delicate data while integrity breaches are more linked with modification. There are availability breaches that result in system outages.  Organizations are now able to lessen the number of breaches but their rate is still very high in some industries as in healthcare. Moreover, with the change of conditions, risk management methodologies also evolve in view of that. One of the proactive approaches to risk management that have evolved with time is to use information security risk management (ISRM), model. Information security risk management (ISRM) provides the organizations with most effective and cost-effectual methods that enable organizations to regulate their information assets. It delivers an organization with a roadmap for the purpose of protection of information infrastructure.

References

Bianchi, G., 2000. Performance analysis of the IEEE 802.11 distributed coordination function. Selected Areas in Communications, IEEE Journal on,18(3), pp. 535-547.

IEEE Computer Society LAN MAN Standards Committee. 1997. Wireless LAN medium access control (MAC) and physical layer (PHY) specifications.

Mohanty, S., & Akyildiz, I. F., 2006. A cross-layer (layer 2+ 3) handoff management protocol for next-generation wireless systems. Mobile Computing, IEEE Transactions on, 5(10), pp. 1347-1360.

Orebaugh, A., Ramirez, G., & Beale, J., 2006. Wireshark & Ethereal network protocol analyzer toolkit. Syngress.

RefeBing, B. (Ed.), 2002. Wireless local area networks: the new wireless revolution. New York, NY, USA:: Wiley-Interscience.rences

Roshan, P., & Leary, J., 2004. 802.11 Wireless LAN fundamentals. Cisco press.

Sankar, K. 2005. Cisco Wireless LAN Security. Cisco Press.

Stallings, W., 2017. Cryptography and network security: principles and practice (p. 743). Upper Saddle River, NJ: Pearson.

Tankard, C., 2011. Advanced persistent threats and how to monitor and deter them. Network security, 2011(8), pp.16-19.

Vaidya, N., Dugar, A., Gupta, S., & Bahl, P., 2005. Distributed fair scheduling in a wireless LAN. Mobile Computing, IEEE Transactions on,4(6), pp. 616-629.

Zahur, Y., & Yang, T. A., 2004. Wireless LAN security and laboratory designs. Journal of Computing Sciences in Colleges, 19(3), pp. 44-60.

Zhang, J., Li, J., Weinstein, S., & Tu, N., 2001. U.S. Patent Application No. 09/989,157.