Wednesday, May 6, 2020
Enterprise Network and Security Management â⬠MyAssignmenthelp.com
Question: Discuss about the Enterprise Network and Security Management. Answer: Introduction: Comparing and contrasting the OSI reference model with the TCP/IP model it can be found that both the models finds its use for network communication. The main difference between the OSI and the TCP/IP model is that the OSI model is not used in the practical field for communication because it is a conceptual model but the TCP/IP model is applied for the establishment of connection between the hosts connected in the network (Colin, Mathieu Nakechbandi, 2016). The TCP/IP model is based on client server architecture while the OSI reference model is a theoretical model. There are 4 layers in the TCP/IP model but the OSI model consists of the 7 layers. The TCP/IP model was developed by the department of defense and the OSI model was developed by the international standard organization (ISO). The OSI model is not tangible but the TCP/IP model is tangible. The TCPP/IP model is mostly used but the OSI model is never used in the network communication. From the above network models the OSI reference model is the most useful for describing the network because this model is based on the layering concept and each of the layers in the model have different functionality. A bottom up approach is followed and for transferring data packets in the network and it is flexible to handle different protocols used for communication in the network (Kori Rai, 2016). There are four layers in the TCP/IP model but in OSI model the layers are broken down into seven layers and it makes the TCP/IP model to rely on the OSI reference model. For the completion of the hands on project 2.3 the a web browser is opened and the URL www.gestioip.net/cgi-bin/subnet_calculator.cgi is inputted for determining the number of subnet mask that are required for supporting the specific subnet in an IPv4 network. The network address for the IP address 192.168.0.0 is defines with the help of the online subnet calculator tool. The instruction is followed as given on the requirement and a similar result is obtained and demonstrated in the following figure. The information generated from the subnet calculator are reviewed and the last two fields consists of the mapped IPv4 address and the 6 to 4 prefix that can be used for the configuration of the dual stack network. The configuration of the dual stack network is important for enabling communication with the IPv6 network. Calculation of host address range, broadcast address For proceeding with the hands on project 2.5 a web browser is opened and the URL www.subnet-calculator.com is inputted for the determination of the range of host address, broadcast address and the different values that can be used for an IP address. The website provides a detailed description of the network calculations and describes the usage of the wild card mask, broadcast address and the subnet range for configuration of a network. The maximum subnet drop down list is clicked to open and different values appears such as 1, 2, 4, 8, 16, 32 and 64 and from them the 4 is selected and the new values are recorded. The calculation is done for the class c network address 192.168.0.1 and the following table is created. Subnet mask Subnet bits Mask Bits Hosts per subnet Host Address range Broadcast Address 255.255.255.192 2 26 62 192.168.0.1 - 192.168.0.62 192.168.0.63 On the selection of the Class network the IP address changes to 10.0.0.1 and the mask address is changed to 255.255.0.0 and thee new values for the subnet is given in the following table. Subnet calculation of IP 10.0.0.1 Subnet bits Maximum subnets Mask Bits Hosts per subnet Host Address range Broadcast Address 8 256 16 65534 10.0.0.1 - 10.0.255.254 10.0.255.255 When the class A address table is compared with the class C address table it is found that the IP address changes and range of the first octet also changes. For the class C subnet mask it cannot be changed to 255.255.255.0 and it starts from 255.255.255.0. The experiment is continued with the different class of IP address such as Class B and the changes in the values are noted such as the range of the IP address, Subnet ID and the broadcast address. It is network layer protocol that is used for the conversion of the IP address to the Mac address also known as the Ethernet address. If a physical address needs to be obtained by the host an ARP request is sent to the TCP/IP network and the reply is received with the physical address (Medhi Ramasamy, 2017). The application of the reverse ARP is used for getting the IP address of the host by broadcasting the physical address and a reply is received from the server with the IP address of the host. The Arp cache is used to maintain a map between the IP and the Mac address of the host and communicating using the ARP protocol. It carries the data packet to the specified IP address and used as a mediator between the network layer and the IP protocols. Case Study Task The network solution is designed for a medium sized organization named Foreshore IT Solutions for accommodation of the expansion. The network is designed such that the six branches of the organization are able to communicate with each other. A class A network address is used for the preparation of the network subnet plan. A single router is used for each of the department and the interface of the router is required to be configured following the network subnet plan. The network address plan is created for minimizing the wastage of the IP address and increase the efficiency of the solution. The subnet is created for increasing the security of the network and enabling better control on the hosts connected in each of the subnets of the proposed network solution. A prototype of the network is designed in cisco packet tracer and the network devices are configured according to the subnet plan for testing the connection between the different departments of the organization. A central router is deployed in the network for the management of the network traffic for each of the department of the organization. The router also needs to be configured with access control list such that the hosts connected in the network can be managed and monitored for increasing the security. The router is connected with a layer 3 switch and the servers are connected to it such that all the department can access the servers via the central router. The firewall is used for connecting the ISP with the internal network of the organization such that the unknown request can be blocked and the central res ources can be secured. Network Address solution Network Address:10.0.0.0/21 Number of IP address available for the network:2046 Required number of IP address:1130 Number of IP address available in the subnet:2036 Subnet Name Needed Size Allocated Size Mask Dec Mask Address Assignable Range Broadcast Head_Office 60 62 /26 255.255.255.192 10.0.7.128 10.0.7.129 - 10.0.7.190 10.0.7.191 Finance_office 260 510 /23 255.255.254.0 10.0.4.0 10.0.4.1 - 10.0.5.254 10.0.5.255 IT_Call Centre 520 1022 /22 255.255.252.0 10.0.0.0 10.0.0.1 - 10.0.3.254 10.0.3.255 Research_and_Development_Office 120 126 /25 255.255.255.128 10.0.7.0 10.0.7.1 - 10.0.7.126 10.0.7.127 Marketing_Department 40 62 /26 255.255.255.192 10.0.7.192 10.0.7.193 - 10.0.7.254 10.0.7.255 Information_Technology 130 254 /24 255.255.255.0 10.0.6.0 10.0.6.1 - 10.0.6.254 10.0.6.255 The address solution is created by calculating the subnet for each of the offices and allocating the range of IP address for connecting the hosts deployed in the network. Six DHCP pool is created with the range of the IP address and the IP used for the interface of the router are excluded from the IP address. Some extra IP address are kept in reserve for the accommodating the future growth of the organization. The central router needs to connect with the six sub network for connecting the offices and enabling the hosts to communicate with the other office network. The router is configured with static routing such that the paths between the routers are updated and reduce the consumption of the bandwidth and increase the efficiency of the network. Each of the branch office network are configured with VLAN such that the collision in the data traffic can be reduced. The IP route command is used with specifying the next hop address for the creation of point to point interface. If the number of hosts per subnet increases to 1024 there would be a need to re calculate the subnet plan and the following network address should be used for the accommodation of the new hosts in the network. The configuration interface of the router and the static routes must be cleared and the new IP address should be inputted for the configuration of the network. Subnet Name Needed Size Allocated Size Address Mask Dec Mask Assignable Range Broadcast Finance_office 1024 2046 10.0.0.0 /21 255.255.248.0 10.0.0.1 - 10.0.7.254 10.0.7.255 Head_Office 1024 2046 10.0.8.0 /21 255.255.248.0 10.0.8.1 - 10.0.15.254 10.0.15.255 IT_Call Centre 1024 2046 10.0.16.0 /21 255.255.248.0 10.0.16.1 - 10.0.23.254 10.0.23.255 Information_Technology 1024 2046 10.0.24.0 /21 255.255.248.0 10.0.24.1 - 10.0.31.254 10.0.31.255 Marketing_Department 1024 2046 10.0.32.0 /21 255.255.248.0 10.0.32.1 - 10.0.39.254 10.0.39.255 Research_and_Development_Office 1024 2046 10.0.40.0 /21 255.255.248.0 10.0.40.1 - 10.0.47.254 10.0.47.255 Conclusion The network solution is proposed for the Foreshore IT solution for increasing its efficiency and meet the current growth of the organization. The area of expansion and the requirement must be analyzed before deployment of the network. The hardware device installed in the network must be configured according the address solution prepared for the organization. In case of increase in the number of host the router needs to be reconfigured with the new address plan created for the network. For increasing the security of the network the traffic of the network must be monitored and all the network devices must be password protected such that the unauthorized users does not have access of the network configuration. Bibliography Colin, J. Y., Mathieu, H., Nakechbandi, M. (2016, May). A proposal for an open logistics interconnection reference model for a Physical Internet. In Logistics Operations Management (GOL), 2016 3rd International Conference on(pp. 1-6). IEEE. Edwards, J., Bramante, R. (2015).Networking self-teaching guide: OSI, TCP/IP, LANs, MANs, WANs, implementation, management, and maintenance. John Wiley Sons. Hamadneh, N., Murray, D. (2017, August). Private subnetting one (PS1), an algorithm for private IPv4 address allocation. InProceedings of the 7th International Conference on Information Communication and Management (pp. 40-44). ACM. IPv4/IPv6 subnet calculator and addressing planner. (2018).Gestioip.net. Retrieved 27 March 2018, from https://www.gestioip.net/cgi-bin/subnet_calculator.cgi Jafarian, J. H., Al-Shaer, E., Duan, Q. (2015, April). Adversary-aware IP address randomization for proactive agility against sophisticated attackers. InComputer Communications (INFOCOM), 2015 IEEE Conference on(pp. 738-746). IEEE. Kori, P., Rai, S. S. (2016). ANALYSIS OF NETWORK SECURITY THREATS AND VULNERABILITIES BY DEVELOPMENT IMPLEMENTATION OF A SECURITY NETWORK MONITORING SOLUTION.International Journal of Engineering, Management Medical Research (IJEMMR),2(8). Medhi, D., Ramasamy, K. (2017).Network routing: algorithms, protocols, and architectures. Morgan Kaufmann. Oppitz, M., Tomsu, P. (2018). Networks for Sharing and Connecting. InInventing the Cloud Century(pp. 97-129). Springer, Cham. Panko, J., Panko, R. R. (2015).Business data networks and security. Pearson Education. Porter, C. (2018).Online IP Subnet Calculator.Subnet-calculator.com. Retrieved 27 March 2018, from https://www.subnet-calculator.com/ Robertson, S., Alexander, S., Micallef, J., Pucci, J., Tanis, J., Macera, A. (2015, September). CINDAM: Customized information networks for deception and attack mitigation. InSelf-Adaptive and Self-Organizing Systems Workshops (SASOW), 2015 IEEE International Conference on(pp. 114-119). IEEE. Santos, M. G. M., Marcillo, P. A. A. (2018). Security in the data link layer of the OSI model on LANs wired Cisco.Journal of Science and Research: Revista Ciencia e Investigacin,3(CITT2017), 106-112. Shin, B. (2017). A Practical Introduction to Enterprise Network and Security Management. Wang, Y., Wang, H., Liu, L., Song, W., Lu, J. (2015, December). Research and implementation of network planning and design for community. InComputer Science and Network Technology (ICCSNT), 2015 4th International Conference on(Vol. 1, pp. 847-850). IEEE.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment