Interim Report

HIT374

Shamsad Ahmed
S342264

4/22/2024
Contents
1. Introduction.............................................................................................................................................2
a. Background:.........................................................................................................................................2
b. Literature Review:...............................................................................................................................2
c. Aim and Scope:....................................................................................................................................2
2. Design:.....................................................................................................................................................3
i. Topology:..............................................................................................................................................3
ii. Description:..........................................................................................................................................3
iii. IP Addressing:.....................................................................................................................................3
3. Conclusion:..............................................................................................................................................4
4. References:..............................................................................................................................................4
1. Introduction

a. Background:
The given network is designed for a large multinational company, where there are 3 main LANs, where
one of them is of Head Quarter (HQ) and the other 2 are of remote LANs, for their offices. In today’s
interconnected world, this type of robust network infrastructures is essential for seamless
communication and data connection for any company.

Here, as per given in the project requirement in the packet tracer file, it mandates some specific design
requirements for the HQ and the office LANs. For HQ, the requirements are redundancy, DMZ, NAT,
DNS, DHCP, at least 5 routers connected via static and OSPF routing. Also, the ACL requirements are:
only web server can access HQ outside of HQ LAN in the DMZ. Only a certain amount of PC can access
the other remote 1 & 2 LANs. The HQ can access the WWW server. Then, for remote LAN1 or the office
1, we have VLAN, STP, Etherchannel, switchport security, appropriate ACLs, file server for internal use.
The ACL requirement is to allow Remote 1 LAN to access WWW server.

The project mandates meeting specific design requirements for each LAN, including redundancy, DMZ
setup, NAT, DNS, DHCP servers, OSP/static routing, VLANs, STP, Etherchannel, switchport security, ACLs,
and file servers. Additionally, for Remote2 LAN, the implementation of either IoT or SDN is required.
Lastly, for the Remote2 LAN, I have implemented IoT (Internet of Things)
Design Requirements for Remote2 LAN: IoT devices must be accessible outside remote2 LAN, including
multiple IoT devices and IoT server.

b. Literature Review:
Here, IoT is chosen instead of the SDN because IoT is cost effective solution, where human effort is
minimized and electricity efficiency is maximized. It can also keep track of visitors. Therefore, it is a
flexible solution too [2]. But also the service and the coverage of the mobile devices should also be
considered for the IoT devices [1]. Integrating new devices and technology without degrading the
current performance is also a big challenge for this type of office solution [1].

There is also an issue of security. The devices are prone to malware attacks, as they are connected
wirelessly. As IoT devices are low power devices, they can’t handle the process and power consuming
complex security checks [3]. Therefore, outsider can gain unauthorized data from the user. Also, there is
a challenge of large data, which is ever changing and time evolving, that needs to be analyzed to get the
user experience better [4].

Again, there is issue of increasing number of connecting devices, data storage for storing a lot of user’s
data, security threats handling and diverse technological problems that needs to be mitigated [5].

So, in solution, cloud technology can be used to solve the storage and threat processing issues.

c. Aim and Scope:

The aim and scope of this network project is to design and implement the industry standard networking
solution for a multinational company. Where, the network is secured from the potential hacker, while
there is seamless connection between the LANs of the company. In the Remote2 LAN, I have used the
implementation of IoT devices. Here, as per requirement, I have used the implementation of:
redundancy, DHCP, DNS, DMZ, NAT, VLAN, STP, switchport security, ACL, file server, etherchannel and
IoT. Also, while configuring the networking devices, I have also, implemented the proper IP addressing
using VLSM, for the proper use of the IPv4 addresses. As switchport security and other security features
like ACL, VLAN etc are used, it should not be vulnerable to security threats. Also, as etherchannel is used,
the network will be free and not easily congested for high traffic flow. The primary aim of implementing
IoT devices is to reaping the benefits of operational visibility, automating processes and improving
overall efficiency in Remote2 LAN. In terms of limitation or out of scope in this project, it should be the
wireless connectivity. This is a double-edged sword, as wireless network is convenient but less secured
than wired network.

2. Design:

i. Topology:
Our network topology comprises three routers - HQ, Remote1, and Remote2 - interconnected via a
cloud network. Each router is connected to respective LAN segments, fulfilling the design requirements
specified for HQ, Remote1, and Remote2 LANs. In the HQ LAN, there will be at least 5 router, having in
total 12 networks. There will also be a DMZ server in the DMZ area of HQ. In the Remote2 LAN, there
will be 2 networks and several pcs. Then in the Remote3 LAN, there will be 2 gateways for connecting
the IoT devices and 2 smartphones for controlling the IoT devices.

ii. Description:
The chosen topology facilitates redundancy through redundant links between routers, ensuring
uninterrupted connectivity in case of link failures. The DMZ setup at HQ accommodates a web server
accessible from external networks while maintaining perfect security measures to prevent unauthorized
access to the internal network. NAT and DNS/DHCP servers are configured to facilitate seamless internet
connectivity and address assignment within the HQ LAN.

iii. IP Addressing:
Below is the IP addressing table for the topology:

HQ LAN
Subnet: 192.168.1.0/24
Here, total 12 networks will be created, having
VLSM. There will be servers of DHCP, DNS, NAT
etc.
 Remote1 LAN:
Subnet: 192.168.2.0/24
Switches and PCs will be suited.

Remote2 LAN:
Subnet: 192.168.3.0/24
IoT devices.

The further IP addressing of each of the ports of the routers and servers will be given in the final report.

3. Ethical Consideration:

Throughout the project, ethics have been diligently maintained to meet the requirements of an IT
professional. Key measures were taken to prioritize the security and privacy of all users, ensuring their
data is protected through VLAN, ACL, and encryption mechanisms. For instance, access within the HQ
LAN is strictly controlled to authorized devices only, enhancing data protection.

To improve the quality of service, the design incorporates redundant routers and multiple switch paths.
Advanced routing protocols such as OSPF and technologies like EtherChannel for link aggregation were
used to ensure high availability and performance. This approach minimizes downtime and optimizes
network efficiency.

Clear and transparent documentation is an essential aspect of the project, with detailed configuration
records and access credentials provided for easy management and oversight. This transparency supports
honesty and integrity in the project's execution.

The network is designed using cutting-edge technology to provide fast and secure connections, aligning
with industry standards and ensuring competence. The inclusion of real-life scenarios, such as the
integration of IoT devices, demonstrates a commitment to professional development and practical
application.

Professionalism is reflected in the meticulous adherence to industry standards and comprehensive

documentation practices. The project ensures confidentiality through secure password management
and robust configuration documentation.

The network's security and reliability are paramount, with measures like encrypted passwords and
access control lists in place to prevent unauthorized access.

By focusing on fairness, all users are equally protected and their privacy is safeguarded. These ethical
considerations align with the standards expected of IT professionals and demonstrate a commitment to
maintaining high ethical standards throughout the project.
3. Further Work:

To enhance the network's capabilities and future-proof it against evolving demands, several advanced
features can be considered:

1. **Artificial Intelligence and Machine Learning Integration**:

- Implement AI and ML to automate network management and security. These technologies can
predict potential issues, optimize traffic flow, and detect anomalies in real-time, thereby improving
overall network performance and security.

2. **Network Function Virtualization (NFV)**:

- Deploy NFV to virtualize network services such as firewalls, load balancers, and routers. This
approach reduces hardware dependencies, increases flexibility, and allows for quicker deployment of
network services.

3. **Zero Trust Security Model**:

- Adopt a Zero Trust approach to enhance network security. This model requires strict verification for
every device and user attempting to access resources within the network, significantly reducing the risk
of breaches.

4. **Edge Computing**:

- Implement edge computing to process data closer to where it is generated, reducing latency and
bandwidth usage. This is particularly beneficial for IoT devices and applications requiring real-time
processing.

5. **Quantum Key Distribution (QKD)**:

- Explore the use of QKD for encryption to achieve theoretically unbreakable security. This advanced
method uses quantum mechanics principles to secure communications against even the most
sophisticated attacks.

6. **Enhanced Monitoring and Analytics**:

 - Utilize advanced monitoring tools and analytics to gain deeper insights into network performance
and security. Implementing real-time analytics can help in proactive troubleshooting and performance
optimization.

7. **5G Integration**:

- Prepare the network for 5G technology to support faster wireless communication and better handling
of IoT devices. This integration will also enhance mobile connectivity and provide more robust support
for remote work.

8. **Blockchain for Network Security**:

- Integrate blockchain technology to enhance network security and integrity. Blockchain can be used to
create tamper-proof records of network transactions and configurations, ensuring data integrity and
traceability.

By incorporating these advanced features, the network will not only be more robust and secure but also
capable of adapting to future technological advancements and increasing demands.

4. Conclusion:

In conclusion, this report implements the networking topology with the use of IoT devices for a
redundant, robust, scalable and secure network, for a big multinational company’s HQ and its 2 offices.

The use of various networking technologies and security measures ensures the stability and scalability of
the company’s network.

5. References:
1. Lawal, Kehinde, and Hamed Nabizadeh Rafsanjani. "Trends, benefits, risks, and challenges of IoT
implementation in residential and commercial buildings." Energy and Built Environment 3.3 (2022): 251-
266.

2. Rodge, P. R., et al. "Iot based smart interactive office automation." International Research Journal of
Engineering and Technology (IRJET) 4.04 (2017): 982-986.

3. Cyber security and the internet of things: Vulnerabilities, threats, intruders and attacks.

Abomhara, Mohamed, and Geir M. Køien. "Cyber security and the internet of things: Vulnerabilities,
threats, intruders and attacks." J. Cyber Secur. Mobil. 4.1 (2015): 65-88.
4. Scalability in internet of things: features, techniques and research challenges

Gupta, Anisha, Rivana Christie, and R. Manjula. "Scalability in internet of things: features, techniques and
research challenges." Int. J. Comput. Intell. Res 13.7 (2017): 1617-1627.

5. Internet of Things (IoT): A review of enabling technologies, challenges, and open research issues

Čolaković, Alem, and Mesud Hadžialić. "Internet of Things (IoT): A review of enabling technologies,
challenges, and open research issues." Computer networks 144 (2018): 17-39.