Executive Summary
The Woodgrove Bank has offices in multiple countries and as a form of expansion requires a network infrastructure for the segments within the enterprise. The new network infrastructure needs to take into consideration various aspects of the expansion that has taken place and the ones that are anticipated by the institution. The new network infrastructure needs to take the following points into consideration: the incorporation of the new Canadian branches into the Toronto hub site and regional bank in Washington should also be integrated into the network. The regions are also supposed to operate independently and the failure of any of the WAN link between the regions should not affect other regions. The proposed network infrastructure will be a combination of a hierarchical structure and a webbed structure. The hierarchical part of the network will ensure top-bottom and bottom-top level management of the network. This will help in disseminating information within the network and also in handling security issues of the network since access to different resources within the network will be easily controlled. The incorporation of the webbed structure will ensure data redundancy and help in creating backups such that when one system or one link in the network fails, it does not affect the other links in the network. The routing protocol to be used in the network is the EIGRP protocol which has several advantages over other forms of the routing protocols. EIGRP is a long distance vector protocol and supports the use of VLSM which can allow for the subdivision of a classful network. Some people still use the RIPv1 and the IGRP which are currently being rendered obsolete. This makes our proposal one of the best as it makes use of the latest technology with more efficiency in its operability. The proposal also includes a system of monitoring the network to prevent illegitimate operation and protects the clients’ network from any kind of external attack. The proposed plan will help in the effective management of the network and efficient utilization of resources within the network.
DNS resolution Scheme
As new devices are added into the network and many of them are not traditional workstations or routers, there are some requirements that the first hop router should provide some network service for the host. A third party server in the network may also request services which are related to the host from the first hop router. Therefore it is necessary to have a standard mechanism for the third party device to find the first-hop router. In this network upgrading, DNS-based mechanism have been defined for the resolution of the routers addresses for class RFC 1035 and subnets RFC 1101. The RFC 1101 subnets on the other hand have a number of defects like its inability to support variable length subnet masks commonly set up in the internet. This section is dedicated towards formulating a scheme of addressing the above named defects. The DNS mechanisms for dealing with the group of networks without classes have been defined as shown in the following section. We are going to implement the usage of 110 servers. The number of servers in every location is directly proportional to the number of users in that particular location. Each server is supposed to be dedicated to one zone in the network. Due to the long distances existing between the hub sites, the servers are going to be interconnected through wireless connections so as to save on the costs that could have been involved when laying a physical connection between the servers and the zones in the network. Each server in any of zones will serve several hub sites as shown below:
In summary, the zones are interconnected with each other through the servers. Each server is dedicated towards one zone and then the hubs can interconnected. The servers are also interconnected so as to ensure redundancy and ensure that all the hub sites can communicate with each other.
IP addressing Scheme
The networks shown below are interconnected using servers stationed at specific zones as shown in the map for DNS resolution above.
The networks are interlinked as shown in DNS resolution map. Each of the networks is then assigned to a specific network range as shown below depending on the number of users attached to each of the components. The number of users assigned to each of the subnet will determine the range that can be assigned to that particular network. In this section we used the class B network which could allow for the entry of a significant number of hosts as shown below:
Files and Printing services plan
The files and printing services can be shared across the network. This will help in ensuring that a user does not have to move physically to different destination in the network in order to obtain a file or have a printing job done. The this plan will help in reducing the number of printers in the network and also reduce the usage of portable media for transferring information which can get lost or become a source of virus transmission across different computers in the network. In order to ensure that the network resources are always available and can be easily accessed within the network, both the application minor node and the defining major node must be active. The minor node must also be in a connectable condition at all times. This will ensure that information is always available to the legitimate users of the system. To ensure that the network resources are properly backed up, several alternatives can be considered among them replication and installing a backup software that will ensure that whenever data is processed in the system, a replica of the same is kept in a remote location. This will help in ensuring availability of network resources at all times. If the system fails in the course of the operation, a backup can then be used to restore the settings and the information which could have otherwise been lost. Sharing of files in the network can also help in ensuring availability of resources as the resources are not stored in only one computer. One file can be replicated in more than one computer in the system through data redundancy and this will ensure availability of information all the time across the network. The figure below shows the DNS Scheme. In the network shown below, data can be stored in any of the zones. The zones can then be interconnected so that a person can be able to access information from any of the zones.
Virtualization
Virtualization in general can help organizations to improve the utilization of their resources and also reduce hardware and management costs. Virtualization also helps in lowering the power consumption and help in the overall disaster recovery. It helps in making the information technology systems of several organizations more successful. However, it not properly implemented, virtualization can lead to stalled systems and hence reduce the overall efficiency of the system. It is therefore advisable that if one is not very proficient in virtualization, he/she should engage an expert in order to prevent wastage of resources and ensure more efficiency from the system. In order to implement virtualization properly, you need to take time and look at the whole process of virtualization from the point of view of the whole IT portfolio. One need to know their systems properly and when performing virtualization, the organization should not virtualize everything. One also needs to understand the applications portfolio and each application should deal with a specific type of virtualization. When conducting virtualization, one should consider prioritization so that only the critical applications are taken into consideration in cases whereby there is only one resource available and more than one items to be virtualized. If all these are taken into consideration, then the whole process of virtualization will be successful. in the implementation of virtualization, I would suggest the use of Microsoft Hyper-V server 2008 R2 platform. This platform is better than most of the other platforms available as it offers several functionalities and advantages not found in other platforms. It allows the user to merge workloads onto one single physical layer. This platform is also stand alone and provides optimized virtualization solution that helps in reducing the costs of virtualization and also improving the server utilization. It easily plugs into the existing IT environment and therefore easy to use.
Network security
Firewall is one of the most common types of network security measures. The firewall denies or permits traffic into the network. There are several types of firewalls that are used to protect different networks. Wireless networks are some of the most difficult category of networks to be secured. However, there are some dedicated processes that can be used to secure wireless network and ensure that traffic is properly controlled. Wireless networks can be secured through the use of either a WPA or WEP encryption techniques. The encryption techniques will encode the data that is transmitted between a computer in the network and the wireless router found in the network. Most routers are however, purchased with their encryption turned off. It is therefore necessary for the user of any wireless router to ensure that the encryption is turned on. This helps in hiding the information being transmitted from any kind of external interception. The Wireless Protected Access has more sophisticated methods of ensuring data security as compared to the wireless Encryption Protocol (WEP). I would recommend the use of Wireless Protected Access as it is more secure than the use of the WEP. The WPA is very hard to crack and hence provides a better method of ensuring that data is always kept secure.
References
1. Comer, Douglas (2000). Internetworking with TCP/IP:Principles, Protocols, and Architectures -- 4th ed.. Upper Saddle River, NJ: Prentice Hall. p. 394.
2. Dale Tesch (2006) Security Threat Mitigation and Response: Understanding CS-MARS, Cisco Press
3. Duane DeCapite, (2006) Self-Defending Networks: The Next Generation of Network Security, Cisco Press
4. Turban, E; King, D; Lee, J; Viehland, D (2008). Building E-Commerce Applications and Infrastructure. Electronic Commerce A Managerial Perspective. pp. 27.