INFRASTRUCTURE
There is a wide gap in business data analysis and information forecasting in the business world. Analytic Co. is a data collection and analytics company specializing in collection, analysis and storage of data. The company is experiencing tremendous growth as a result of efficient business practices. However, it needs efficient networking and security as it plans to expand from one to three floors. In order to facilitate expansion process, it has to occupy two more additional floors. For it to achieve full business potential, it needs an expanded networking solution that guarantees better communication and internet availability. The offices will utilize a wired and wireless Local Area Network. It anticipates establishing a wired LAN for its office employees and a wireless network for mobile workers. Wireless network will accommodate mobile users within the company premises.
HARDWARE CONFIGURATION
Hardware is the computer components that would be assembled to ensure internet connection. This is in the form of modems and routers among other components. The term modem refers to the device that modulates and demodulates an analogue carrier signal in order to encode digital information and demodulate the signal to decode the information. Thus, modems convert wireless digital data into radio signals and back. Wireless networking is a mechanism where all the computers in a room are connected to the internet through a wireless network. The wireless network referred to uses radio signals instead of cables to connect each computer to the internet. The wireless connectivity is facilitated by a wireless router that sends signals to each computer using radio signals. The components of a wireless network consist of the following;
- Wired network
- Access point or wireless router
- Repeater
Wireless router/Access point
The network diagram for the office configuration involving workstations, printers, and mobile devices are illustrated below
Diagram 1 Network configuration
Wireless router performs the functions of authorizing and control of the client devices connection to the wired network. It controls the speed, security features, and devices accessing the network among other functions. Technically, it is the backbone of the Wi-Fi network.
Residential gateways and routers are advanced forms of base stations that promote additional network functionalities. Gateways have the same functions as routers such as access control and application connectivity while routers differ by enabling multiple computer connection on a single broadband connection.
Access controllers are physical devices residing on the wired component of the network and between access points and the protected part of the network. Their main purpose includes the provision of centralized intelligence behind the access points and IDS to monitor traffic of the open wireless networks and other resources. This feature is usually implemented in the absence of Quality of Service, and enhanced security and roaming mechanisms for the wireless network standards.
There are two kinds of wireless routers standards, 802.11b and 802.11g. Both of these standards can transmit data at 54Mbps. Data is encoded in a direct-sequence spread spectrum DSSS and transmitted in the unlicensed radio spectrum of 2.5GHz. 802.11b has a maximum transmission rate of 11Mbps, but 802.11g has various auto rate sensing rates of up to 108Mbps. For maximum data rates, the 802.11g standard is chosen.
An example of a wireless router is the Minitar Router Point MWNAPR-1 founded on the 802.11n wireless technology. It is a standardized reliable router that supports optimum rates of up to 300Mbps. It has a WAN interface and an in built NAT that allow multiple PCs to share internet connection. Other notable features include advanced MIMO technology and VPN pass through.
Wired network
Internet connectivity through an ISP is made available to the wireless networks through the Ethernet connection to the router or modem. Ethernet is the standard networking design for home or business users. Ethernet utilizes the CAT5, CATe or CAT6 cables to connect to the LAN.
It is a device that bridges the wireless connection into wired connection. Client Bridge works in the reverse mechanism of the access point. This component takes the wireless signal and reverses it into the wired connection to be used by devices that do not support wireless connection. For example, a printer in the office that does not support wireless connection can be made useful by the use of a client bridge. Printers and Xbox can be connected to the network without the use of CAT5 Ethernet cables through the use of client bridge devices.
Repeater
Repeaters function as client bridges, but instead of bridging the wired connection, they bridge another area of a wireless network. In a large office space, a repeater is necessary to extend the wireless link to de ices around the repeater. Repeaters are important in an office setting to extend the wireless signals to distant devices, but the bandwidth and speed are sacrificed. Repeaters use double the bandwidth of a normal client device because it has to capture the information and forward it out of the channel that it received it.
Wireless Antennas
Access points require Wi-Fi antennas to increase the communication range of the wireless radio signals. Usually the antennas are optional and can be removed if a broader signal range is not desired. When need arises, aftermarket add-on antennas are mounted to widen the wireless range of wireless adapters.
The companies departments are connected as shown.
Diagram 2 Departmental configuration
SECURITY
Wireless networks will be secured through the use of 802.11i security protocol with Advanced Encryption Standard for encryption. The business requires sufficient protection of sensitive computer data and employee privacy. It will also be relevant to draft a security policy that governs data access, user privileges and authentication according to NIST and FISMA standards.
Data in the clouds pose serious security challenges, and as such, the company will secure its databases through AES encryption techniques. By establishing efficient cloud security architecture, Analytic will implement security management controls that safeguard the clients’ data. The company deals in a kind of business that demands highest level of trust for continued business. Given the flexibility and vulnerabilities associated with cloud computing, deterrent, preventive, detective and corrective controls should be established. Cloud information protection platforms at the company’s network edge ensure that data is fully protected before it leaves for the clouds. Other mechanisms include sufficient encryption key management and user policies.
The above business requirements will be implemented in steps to ensure smooth transition continuity of business operations. Expansion process will be subdivided into small tasks presided over by different personnel and external parties. It is anticipated that after full implementation of the above noted practices and processes, projected business goals will be achieved.
The security protocols that are in place to protect broadband wireless connection include WEP, WAP and WAP2. Generally, wireless networks are inherently insecure and therefore sufficient security is essential in order to ensure data integrity, availability and privacy. The broadcasting mechanism of wireless networks makes it potentially dangerous to work with.
In order to product wireless computers and information contained in it, the most secure step involve the reconfiguration of the default wireless router settings to safeguard the system from the hackers who have gained access to default information of most wireless router companies. Strong passwords are also essential for total protection of the system in addition to firewalls and antivirus software’s. Other measures such as updating the antivirus software’s and shutting down the computer when not are use is beneficial in keeping hackers and sniffing devices out of the computers. In order to secure personal data on the computer systems while using public wireless networks, it is recommended that file sharing features are disabled at all times.
IT ACCESS CONTROL POLICY
4.4 Network Access control
4.4.1 Network use Policy
The company will provide connection to the network for the purpose of research and learning. Network access should be used for academic purposes alone. Students will be granted access to permitted networks while other networks will only be accessed after specific authorization has been granted (Gildas Avoine, 2007).
4.4.2 Authentication for external connection
All remote users will be authenticated in order to access information resources such as financial transactions and examinations. The Chief Security Officer will be responsible for providing this service.
4.4.3 Remote diagnostic Port Protection
Modems attached to systems are protected from unauthorized use by disconnecting diagnostic ports not in use. Third party users must be authenticated before accessing devices through remote ports.
4.4.4 Network segregation.
A risk assessment based on the cost and the impact of routing and gateway technology is performed to grant third parties necessary controls to access networks.
New networks that are developed and tested are segregated from the rest of the Company internal network through firewalls to eliminate the effects of malfunctioned software’s.
Confidential information should be segregated and assigned different servers.
4.4.5 Wireless network policy
Wireless networks at the Company should be restricted to lock out intruders and third parties.
Computers connected via wireless technology should be restricted to the Company library and lecture halls.
References
Dean, T. (2009). Network+ Guide to Networks. Cengage Learning.
Deborah Morley, C. S. (2009). Understanding Computers 2009:. Cengage Learning.
Glenn R. Lowry, R. L. (2007). Information systems and technology education. Idea Group Inc .
Haley, E. P. (2006). Over-the-Road Wireless For Dummies. John Wiley & Sons.
Miller, M. (2011). Special edition using the Internet and Web. Que Publishing.
