Higher Nationals in Networking Foudation

Assignment 1

Assessor name: Ngo Quoc Anh

Learner’s name:

1. Vo Huynh Dang Khoa GBS210751 (Leader)

2. Nguyen Hoang Bao GCS230602
3. Vu Ngoc Bao GCS230566
Class: COS1205

Subject code: 29

Assignment due: 0 4 S e p . 2 4 Assignment submitted 0 4 S e p . 2 4

 PROJECT FRONT SHEET

Unit number and title Unit 2: Networking Foundation

Submission date 4/9/2024

Vo Huynh Dang Khoa GBS210751

Student Name Nguyen Hoang Bao Student ID GCS230602

Vu Ngoc Bao GCS230566

Class COS1205 Assessor name Ngo Quoc Anh

❒ Summative Feedback:
Feedback:

Grade: Assessor Signature: Date:

 PROJECT BRIEF
Vo Huynh Dang Khoa – GBS210751
Student Name/ID Number: Nguyen Hoang Bao – GCS230602
Vu Ngoc Bao - 230566
Unit Number and Title: Unit 2: Networking Foundation
Academic Year: 2022 – 2023
Unit Assessor: Van Ho
Project Title: Networking Infrastructure
Issue Date: October 25, 2022
Submission Date: 4/9/2024
Internal Verifier Name:
Date:

Submission Format:

Format:

● The submission is in the form of an individual written report. This should be written in a concise,
formal business style using single spacing and font size 12. You are required to make use of
headings, paragraphs and subsections as appropriate, and all work must be supported with research
and referenced using the Harvard referencing system. Please also provide a bibliography using the
Harvard referencing system.
Submission

● Students are compulsory to submit the project in due date and in a way requested by the Tutor.
● The form of submission will be a soft copy posted on http://cms.greenwich.edu.vn/.
● Remember to convert the word file into PDF file before the submission on CMS.
Note:

● The project must be your own work, and not copied by or from another student.
● If you use ideas, quotes or data (such as diagrams) from books, journals or other sources, you
must reference your sources, using the Harvard style.
● Make sure that you understand and follow the guidelines to avoid plagiarism. Failure to comply
this requirement will result in a failed project.

Unit Learning Outcomes:

1
LO3 Design efficient networked systems.

LO4 Implement and diagnose networked systems.

Project Brief and Guidance:

Project scenario

You are employed as a network engineer by Nguyen Networking Limited, a high-tech networking
solution development company, which has branches in Ho Chi Minh City, Hanoi, Da Nang and Can Tho.
The company has been contracted to implement a networking project from a local educational institute.
The specification of the project is given below:

• People: 200 students, 15 teachers, 12 marketing and administration staff, 5 higher managers
including the academic heads and the programme managers, and 3 computer network
administrators.
• Resources: 50 student lab computers, 35 staff computers, and 3 printers.
• Building: 3 floors, all computers and printers are on the ground floor apart from the IT labs – one
lab located on the first floor and another located on the second floor.
You need to design and implement the networking project within a given timeframe:

LO3

Design efficient networked systems:

• Prepare a written step-by-step plan of how you are going to design a Local Area Network including
a blueprint of your LAN.
• Justify your choice of devices for your network design.
• Produce a test plan to evaluate this design for the requirements of bandwidth and cost constraints
as per user specifications.
• Justify the security requirements and quality of services needed for selection of accessories.
• Suggest a maintenance schedule to support the networked system.
LO4

Implement test and diagnose networked systems:

• Implement a networked system based on your prepared design.

• Conduct verification with, e.g., Ping, extended ping, trace route, telnet, SSH, etc.
• Record the test results and analyse these against expected results.
• Investigate what functionalities would allow the system to support device growth and the addition
of communication devices.
• Discuss the significance of upgrades and security requirements in your recommendations.

2
Learning Outcomes and Assessment Criteria:
Learning Outcome Grade: 5 - 6 pts Grade: 7 - 8 pts Grade: 9 - 10 pts
LO3 Task 1 - Provide a Task 2.1 - Install and Task 2.1.1 - Design a
logical/physical configure network maintenance schedule
design of the services and to support the
networked system applications on your networked system.
with clear explanation choice.
and addressing table.

Task 2 - Evaluate the

design to meet the
requirements.
LO4 Task 3 - Implement a Task 4.1 - Task 4.1.1 - Use
networked system Recommend potential critical reflection to
based on a prepared enhancements for the evaluate own work
design. networked systems. and justify valid
conclusions.
Task 4 - Document
and analyses test
results against
expected results.

3
Table of Contents
PROJECT BRIEF .............................................................................................................................. 1
Task 1 Provide a logical/physical design of the networked system with clear explanation and
addressing table.(Vo Huynh Dang Khoa) ........................................................................................ 1
1. Explain the difference the Logical and Physical Design of IoT .......................................... 1
2. Describe and elaborate on the user requirement for the design: ....................................... 1
3. Provide a logical design of the network based on user requirement: ................................ 5
4. Provide addressing table for the network based on user requirement .............................. 5
Task 2 Evaluate the design to meet the requirements. ................................................................. 7
1. Objective: ................................................................................................................................. 7
2. Scope: ....................................................................................................................................... 7
1. Testing Methodology: ............................................................................................................. 7
a. Connectivity Testing: .......................................................................................................... 7
b. Bandwidth Testing: ......................................................................................................... 8
c. Latency Testing: .................................................................................................................. 8
d. Security Testing: .............................................................................................................. 8
e. QoS Testing:......................................................................................................................... 8
2. Success Criteria: ...................................................................................................................... 8
3. Evaluation of the Network Design ......................................................................................... 8
4. Recommendations for Effective Network Operation .......................................................... 9
5. Conclusion ............................................................................................................................... 9
Task 2.1 Install and configure network services and applications on your choice.(Nguyen
Hoang Bao) ....................................................................................................................................... 10
1. Step-by-Step Plan for Designing a Local Area Network (LAN) ....................................... 10
a. Requirements Gathering .................................................................................................. 10
b. Network Design and Blueprint Creation ..................................................................... 10
c. Device Selection and Justification .................................................................................... 10
d. Test Plan for Evaluation ............................................................................................... 11
e. Security and QoS Justification ......................................................................................... 11
f. Maintenance Schedule ...................................................................................................... 11
2. Installing and Configuring Network Services: DNS and FTP .......................................... 11
a. DNS Service Installation and Configuration .................................................................. 11
b. FTP Service Installation and Configuration ............................................................... 12
Task 3 Implement a networked system based on a prepared design.(Vo Huynh Dang Khoa)
13

1
 1. DHCP router configuration ................................................................................................. 13
2. DHCP of Devices in the Ground Floor................................................................................ 14
3. DHCP of devices in the First floor ....................................................................................... 18
4. DHCP of devices in the Second floor ................................................................................... 19
Task 4 Document and analyses test results against expected results.(Vu Ngoc Bao) .............. 20
1. Implementation Process Documentation ............................................................................ 20
Task 4.1 Recommend potential enhancements for the networked systems.(Vu Ngoc Bao) ... 22
1. Expand Wireless Coverage: ................................................................................................. 22
2. Enhance Network Security: ................................................................................................. 22
3. Improve Network Performance and Scalability: ............................................................... 22
4. Enhance Network Monitoring and Management: ............................................................. 23

Figure 1: Difference Between Physical and Logical Design of IoT ............................................... 1

Figure 2: Types of user requirements .............................................................................................. 2
Figure 3: Requirements become more technical as we move closer to network devices. ........... 3
Figure 4: Logical Design .................................................................................................................... 5
Figure 5: Physical Design .................................................................................................................. 7
Figure 6: DHCP Config for Router and Ground Floor ................................................................ 13
Figure 7: DHCP Config for First Floor and Second Floor .......................................................... 13
Figure 8: DHCP Staff_1 .................................................................................................................. 14
Figure 9: DHCP Staff_32 ................................................................................................................ 14
Figure 10: DHCP ADMIN_1 ........................................................................................................... 15
Figure 11: DHCP ADMIN_2 ........................................................................................................... 15
Figure 12: DHCP ADMIN_3 ........................................................................................................... 16
Figure 13: DHCP Printer 1 ............................................................................................................. 16
Figure 14: DHCP Printer 2 ............................................................................................................. 17
Figure 15: DHCP Printer 3 ............................................................................................................. 17
Figure 16: DHCP PCLAB_1 ........................................................................................................... 18
Figure 17: PCLAB_25 ..................................................................................................................... 18
Figure 18: DHCP PCLAB_26 ......................................................................................................... 19
Figure 19: DHCP PCLAB_50 ......................................................................................................... 19

2
 Assignment 1

Task 1 Provide a logical/physical design of the networked system with clear

explanation and addressing table.(Vo Huynh Dang Khoa)

1. Explain the difference the Logical and Physical Design of IoT

As the Internet of Things (IoT) continues to develop, it is increasingly important for companies to
determine the most effective method of incorporating IoT into their everyday operations. First and
foremost, it's crucial to grasp the concepts of logical design and physical design, as well as the
distinctions between them, in order to achieve optimal outcomes (Airtel Business, 2024).

Figure 1: Difference Between Physical and Logical Design of IoT

It is important for businesses to understand the logical and physical aspects of IoT in order to
effectively utilize IoT technology. The logical design is what gives us the overall structure and
capabilities of a system. The physical design breathes life into it by incorporating devices and
infrastructure.

2. Describe and elaborate on the user requirement for the design:

(McCabe Jr., 2003).

The user component is located at the highest level in our generic system's component paradigm.
The word "user" mostly refers to the end users of the system, but it may also include network and
system administrators and management. User requirements refer to the set of needs that are
obtained from user input and are essential for users to efficiently fulfill their responsibilities on the
system

Usually, throughout the process of collecting requirements, all individuals associated with the
network are regarded as prospective users. Figure 2 displays a set of illustrative user needs.

1
 Figure 2: Types of user requirements

At this stage, we start the description of needs, which will subsequently result in the formulation of
more detailed requirements as we go through each of the components.

From the user's standpoint, we may inquire, "What is required to accomplish the task?" Typically,
this will lead to a collection of qualitative needs rather than quantitative ones. One of our
responsibilities in collecting and determining user needs is to convert them into quantitative
measures wherever feasible.

Overall, the system should be capable of adjusting to users and their surroundings, ensuring prompt
and dependable access to information, and delivering high-quality service to the user. The statement
outlines the following overall prerequisites:

• Timeliness
• Interactivity
• Reliability
• Presentation Quality
• Adaptability
• Security
• Affordability
• Functionality
• Supportability
• Future growth
User criteria are the least technical and the most subjective. Figure 3 demonstrates that needs get
more technical as they transition from consumers to the network. As we go through the application,
device, and network components, we will provide more detailed development for all of these needs.

2
 Figure 3: Requirements become more technical as we move closer to network devices.

The purpose is to utilize them as a starting point for developing more impartial and technical
requirements in the other components. Here are some example requirements that can help you
develop requirements for your network. Keep in mind that these requirements may vary depending
on your specific environment.

Being able to access, transfer, or modify information within a reasonable time frame is an important
requirement for the user. The definition of a "tolerable" time frame, naturally, varies based on how
the user perceives delays in the system. We want to quantify this perception. For instance, a person
might want to download files from a server and make sure that each transfer is finished within 10
minutes. Alternatively, the user might want to receive video frames at a rate of 30 milliseconds.
Every single one of these instances represents a delay that the network will have to accommodate.
When it comes to being on time, measuring end-to-end or round-trip delay can be quite useful.

Interactivity is like timeliness, but it emphasizes the system's response time (including the network)
being comparable to the response times of users. In the example mentioned earlier, we can think of
the 10 minutes required to download a file as the time it takes for the system to respond. We also
mention that the file transfer is interacting with the user, although the level of interactivity in this
example is quite minimal and not particularly noteworthy from an architectural or design
standpoint. It becomes intriguing when the response times of the system and network are similar to
the response times experienced by users. In such cases, any modifications made to the network
architecture and design to improve response times can directly affect how users perceive the level
of interactivity. So, interactivity is basically how quickly the system and network can respond when
they need to interact with users. Delay, specifically the round-trip delay, is a way to measure
interactivity. Based on these descriptions, timeliness is usually linked to transferring large files or
images, while interactivity is commonly associated with accessing remote devices (like telnet),
using the web, or visualizing data.

From the user's point of view, reliability is a crucial requirement for ensuring a consistently
available service. The user should have consistent access to system resources most of the time, and
the level of service provided to the user, whether it's application usage or information delivery,
should also be consistent. So, reliability is closely connected to the performance characteristic
called reliability (which was discussed in Chapter 1 as part of RMA), but delay and capacity are
also significant factors to consider. Reliability is typically described by considering a combination
of all performance characteristics.

3
Presentation quality is all about how well the presentation is presented to the user. It seems like the
user is talking about how they perceive audio, video, and/or data displays. For example, let's think
about the current things we can do on the Internet like having video conferences, watching live or
recorded videos, and making phone calls. While it is true that these tasks can be done online, there
are currently other methods that offer significantly improved presentation quality. Often, simply
having a capability over a network is not enough. That capability needs to be just as good, if not
better, than other methods. Otherwise, the user will end up feeling let down. Many network
architects and designers often overlook this concept. Quality measures encompass all the
performance characteristics.

Adaptability refers to the system's capacity to adjust and accommodate the evolving needs of users.
There are a few examples of this, such as distance-independence and mobility. As people
increasingly depend on the network, they are becoming more connected to virtual services and less
connected to physical servers. Users no longer need to worry about the location of servers. They
just need to make sure they can access the services they require. One consequence of this is that the
user no longer has any awareness of where jobs are being performed or where data is coming from,
stored, or transferred across the network. Mobility is all about being able to use portable devices
and wireless networks to access services and resources from anywhere. It's like being able to take
your computer with you wherever you go. The system architecture and design must be adapted to
meet the needs of users.

From the user's point of view, security is essential to ensure that their information and physical
resources are kept confidential, intact, and authentic. It also ensures that users have proper access to
both their own resources and system resources. When it comes to performance, reliability is the
characteristic that is most closely related to security. However, security also has an impact on
capacity and delay.

Affordability means that purchases need to be within a budget. Even though this requirement isn't
technical, it will still have an impact on the architecture and design. Our main objective for this
requirement is to figure out what users or management can actually afford to buy for the network,
so that our architecture and design don't end up being too expensive to implement. As a user
requirement, we are interested in understanding how costs and funding are connected to individual
users, groups of users, and management. Let's also talk about funding as something that is necessary
for the entire system, considering the overall budget.

Functionality refers to the various tasks and features that the user will need from the system. The
system's functions are often connected to the applications used on it. It's important to understand
functionality because it will help determine the requirements for application development (which
will be covered in the next section). In order to truly understand how something works, it is
important to figure out which applications users actually desire or use in their day-to-day tasks. We
would prefer not to analyze applications that nobody intends to use.

Supportability refers to a collection of qualities that determine how effectively the customer can
maintain the network's performance as intended, regardless of the various mission scenarios
outlined by the customer during the requirements analysis phase. Users have specific preferences
and requirements when it comes to receiving support from their network operations staff. They also
have interactions with a network operations center (NOC) that need to be taken into account. For

4
instance, would it be necessary to reconfigure the network in order to accommodate various or
evolving user requirements? Which applications will the network operations staff and/or NOC need
in order to assist users, identify issues, and troubleshoot problems on the network? This information
will be used later as input to the network management architecture.

Future growth involves understanding when and how users intend to deploy and utilize new
applications and devices on the network.

Furthermore, we would like to gather information about the number of users anticipated to be on the
network and their respective locations. Could you please provide an estimate of how many users
you anticipate the network will gain during the first 1 to 3 years after it becomes operational, or
throughout its expected lifespan?

3. Provide a logical design of the network based on user requirement:

Figure 4: Logical Design

Ground floor: Switch 2 connects 32 Staff computers (STAFF-1 to STAFF-32), 3 Printers and use
the same internal IP address net1: 192.168.0.0/24

First floor: Switch 3 connects 25 Student computers (PC-LAB_1 to PC-LAB_25) and uses the same
internal IP address Net3: 192.168.1.0/24

Second floor: Switch 4 connects 25 Student computers (PC-LAB_26, PC-LAB_50) and uses the
internal IP address (Net 4): 192.168.2.0/24

4. Provide addressing table for the network based on user requirement

Device Interface IP Address Subnet Mask Default Gateway
Router (DHCP Server) Fa1/0 192.168.100.100 255.255.255.0 N/A
Fa0/0 192.168.0.100 255.255.255.0 N/A

5
 Fa9/0 192.168.1.100 255.255.255.0 N/A
Fa2/0 192.168.2.100 255.255.255.0 N/A
DNS Server Fa0 192.168.100.1 255.255.255.0 192.168.100.100
STAFF 1 to STAFF 32 Fa0 192.168.0.1 - 0.42 255.255.255.0 192.168.0.100
ADMIN 1 to ADMIN 3 Fa0 192.168.0.1 - 0.3 255.255.255.0 192.168.0.100
PC 1 to PC 25 Fa0 192.168.1.11 - 1.35 255.255.255.0 192.168.1.100
PC 26 to PC 50 Fa0 192.168.2.11 - 2.35 255.255.255.0 192.168.2.100

• The router configuration:

The router acts as the central hub of the network, connecting to various subnets through multiple
interfaces (Fa1/0, Fa0/0, Fa9/0, Fa2/0). The interfaces are set up with IP addresses that match the
subnet they control. This enables the router to guide traffic between various parts of the network.

• The DNS server:

The DNS server has been set up with the IP address 192.168.100.1 and is connected to the router
using the Fa1/0 interface. The device uses the router's IP address 192.168.100.100 as its default
gateway. This allows it to communicate with other devices that are in different subnets.

• Staff and admin PCs:

The staff and admin PCs are connected to the router via the Fa0/0 interface and are located in the
192.168.0.0/24 subnet. These devices use the router's IP address 192.168.0.100 as their default
gateway in order to access other subnets.

• Computers on Different Floors:

Computers on the first floor, specifically PC 1 to PC 25, are in the 192.168.1.0/24 subnet. They are
connected to the router via the Fa9/0 interface. On the other hand, computers on the second floor,
PC 26 to PC 50, are in the 192.168.2.0/24 subnet and are connected to the router through the Fa2/0
interface. Every group of computers uses the matching IP address of the router interface as the
default gateway to connect with other networks.

This setup enables the network traffic to be divided into different segments based on the physical
location (such as different floors) and functional groups (like STAFF and ADMIN). All the
segments can communicate with each other through the router, and the DNS server helps in
providing name resolution services for the entire network.

6
 Figure 5: Physical Design

There are three rooms on the ground floor. The staff room, admin room, and print room are all
connected by a single switch that leads out.

The first floor is equipped with 25 computers that are all connected to a single switch for network
connectivity.

The second floor has a total of 25 computers that are all connected to a single switch, which allows
them to connect to the network.

Task 2 Evaluate the design to meet the requirements.

1. Objective:
To verify that the Local Area Network (LAN) design meets the user specifications, particularly in
terms of bandwidth requirements and cost constraints, while maintaining robust security and
Quality of Service (QoS).

2. Scope:
The test plan will cover key aspects including connectivity, bandwidth, latency, security, and QoS.
The goal is to ensure that the network operates efficiently within the specified budget and supports
all intended applications.

1. Testing Methodology:

a. Connectivity Testing:
• Objective: Verify that all devices can communicate effectively across the network.
• Method: Perform ping tests between all networked devices, both wired and wireless, to
ensure connectivity.
• Expected Outcome: 100% connectivity with no packet loss.

7
 b. Bandwidth Testing:
• Objective: Ensure that the network can handle the required bandwidth under normal and
peak loads.
• Method: Utilize tools like iPerf or LAN Speed Test to simulate network traffic and measure
throughput.
• Expected Outcome: The network should support at least 90% of the maximum expected
bandwidth without significant performance degradation.

c. Latency Testing:
• Objective: Ensure that network latency is within acceptable limits, particularly for real-time
applications like VoIP and video conferencing.
• Method: Conduct latency tests using tools like PingPlotter or Wireshark.
• Expected Outcome: Latency should be below 50 milliseconds for time-sensitive
applications.

d. Security Testing:
• Objective: Identify any security vulnerabilities within the network.
• Method: Perform penetration testing using tools like Nmap or Metasploit and conduct a
thorough vulnerability assessment.
• Expected Outcome: No critical vulnerabilities should be found; the network should pass all
security checks.

e. QoS Testing:
• Objective: Validate that the Quality-of-Service settings prioritize critical applications
effectively.
• Method: Simulate traffic loads for various applications and monitor the performance of
high-priority services.
• Expected Outcome: High-priority traffic should maintain optimal performance even under
heavy load.

2. Success Criteria:
• Connectivity: All devices must achieve 100% connectivity with no packet loss.
• Bandwidth: The network should consistently support the required bandwidth, with
throughput meeting or exceeding 90% of expected levels.
• Latency: Latency should not exceed 50 milliseconds for real-time applications.
• Security: The network should have no critical security vulnerabilities.
• QoS: Critical applications should receive priority as configured, with no significant
performance degradation.

3. Evaluation of the Network Design

Pros:

• Scalability: The star topology with managed switches allows for easy expansion as new
devices or users are added. This makes the network adaptable to future growth.
• Performance: The use of Gigabit Ethernet and Wi-Fi 6 ensures that the network can handle
high bandwidth applications and provide fast, reliable connections.

8
 • Security: Robust security measures, including VLAN segmentation and advanced firewall
configurations, protect against external and internal threats.
• QoS: Implementing QoS ensures that critical applications receive the necessary bandwidth
and low latency, improving the overall user experience.
Cons:

• Cost: The choice of high-performance devices, such as managed switches and advanced
routers, may increase the initial setup costs. This could be a challenge if budget constraints
are strict.
• Complexity: The network's complexity, particularly in terms of managing VLANs, QoS,
and security settings, may require skilled personnel for effective management.
• Single Points of Failure: If not properly addressed, the reliance on central switches and
routers could create single points of failure, potentially disrupting the entire network.

4. Recommendations for Effective Network Operation

• Cost Management: To stay within budget constraints, consider using a mix of managed
and unmanaged switches where full control isn't necessary. This can reduce costs while
maintaining performance in critical areas.
• Redundancy: Implement redundancy in critical components, such as switches and routers,
to avoid single points of failure. This could involve using multiple switches in a stack or
deploying backup routers.
• Regular Monitoring and Maintenance:
o Monitoring: Utilize network monitoring tools like SolarWinds or PRTG to
continuously monitor performance and detect issues early.
o Maintenance Schedule: Establish a routine maintenance schedule that includes
regular firmware updates, security patches, and hardware inspections. For example,
schedule quarterly reviews of network performance and security assessments.
• Security Best Practices: Regularly update firewall rules, conduct periodic security audits,
and implement employee training programs to minimize human error and enhance overall
network security.
• Scalability Planning: Plan for future growth by ensuring the network can support
additional devices and increased bandwidth. This could involve future-proofing the network
with modular equipment that can be upgraded as needed.

5. Conclusion
By following this test plan and implementing the recommended strategies, the LAN design can
meet user requirements effectively. The network will be scalable, secure, and capable of handling
the required bandwidth within the specified cost constraints. Regular maintenance and monitoring
will ensure ongoing performance and security, while the implementation of redundancy will
mitigate risks associated with single points of failure.

9
Task 2.1 Install and configure network services and applications on your
choice.(Nguyen Hoang Bao)

1. Step-by-Step Plan for Designing a Local Area Network (LAN)

a. Requirements Gathering
• User Needs Analysis:
o Determine the number of users and devices, such as workstations, servers, printers,
and access points.
o Identify key applications and services required, such as file sharing, internet access,
VoIP, and video conferencing.
o Assess the bandwidth needs and budget constraints.
• Security Considerations:
o Evaluate the security requirements based on the sensitivity of the data and
compliance needs (e.g., GDPR).
o Determine the need for firewalls, VPNs, and network segmentation (e.g., VLANs).

b. Network Design and Blueprint Creation

• Topology Selection:
o Choose a star topology to provide centralized management and scalability. This
involves connecting all devices to a central switch.
• Device Placement:
o Centralize core network devices like switches and routers in a network closet or
server room.
o Position wireless access points (WAPs) strategically to ensure even coverage.
• Cable Layout:
o Use CAT6 Ethernet cables for wired connections, ensuring a maximum distance of
100 meters per segment.
o Label all cables for easy identification and maintenance.
• Blueprint Creation:
o Draw a detailed network diagram that shows the placement of all devices, the
topology, and the IP addressing scheme.

c. Device Selection and Justification

• Switches:
o Managed Gigabit Switches: Allow for VLAN creation, QoS configuration, and
monitoring, ensuring better performance and security.
• Router:
o High-Performance Router: Capable of handling heavy traffic, supporting QoS, and
managing network traffic efficiently.
• Firewall:
o Dedicated Firewall Appliance: Provides robust security by filtering incoming and
outgoing traffic, preventing unauthorized access.
• Access Points:
o Wi-Fi 6 Access Points: Offer improved speed and capacity, ensuring reliable
wireless connectivity across the network.
• Servers:
o DNS and DHCP Servers: Essential for IP address management and resolving domain
names, facilitating seamless network operation.

10
d. Test Plan for Evaluation
• Objective: Verify that the network meets bandwidth and cost requirements while providing
adequate security and QoS.
• Test Scope:
o Connectivity Testing: Ensure all devices are connected and can communicate as
intended.
o Bandwidth Testing: Use tools like iPerf to simulate traffic and measure throughput.
o Latency Testing: Ensure latency is within acceptable limits for real-time
applications.
o Security Testing: Perform penetration testing and vulnerability assessments.
o QoS Testing: Simulate various traffic loads to verify that critical applications are
prioritized.

e. Security and QoS Justification

• Security Needs:
o Firewall: Essential for protecting the network from external threats.
o VLANs: Provide network segmentation, reducing the attack surface and improving
security.
o Encryption: Use WPA3 for Wi-Fi security and VPNs for remote access.
• Quality of Service (QoS):
o Bandwidth Management: Prioritize traffic for critical applications like VoIP and
video conferencing to ensure consistent performance.

f. Maintenance Schedule
• Daily: Monitor network performance using tools like PRTG or SolarWinds.
• Weekly: Review security logs and update firewall rules if necessary.
• Monthly: Perform firmware updates on all network devices and review network
performance reports.
• Quarterly: Conduct a full security audit and test backup and recovery procedures.
• Annually: Evaluate network scalability and plan for upgrades or expansions as needed.

2. Installing and Configuring Network Services: DNS and FTP

a. DNS Service Installation and Configuration

• Choose the DNS Server Software: For this example, we'll use BIND (Berkeley Internet
Name Domain) on a Linux server.
• Installation:
o Open the terminal.
o Install BIND using the command: “sudo apt-get install bind9”.
• Configuration:
o Navigate to the configuration directory: `cd /etc/bind/`.
o Edit the main configuration file: “sudo nano named.conf.local”.
o Define your domain and zone:

11
 o Create the zone file: `sudo cp db.local db.example.com`.
o Edit the zone file to include your domain's IP addresses:

o Restart BIND: `sudo systemctl restart bind9`.

b. FTP Service Installation and Configuration

• Choose the FTP Server Software: We'll use vsftpd (Very Secure FTP Daemon) on a Linux
server.
• Installation:
o Open the terminal.
o Install vsftpd using the command:`sudo apt-get install vsftpd`.
• Configuration:
o Edit the configuration file: `sudo nano /etc/vsftpd.conf `.
o Enable anonymous access (if required) and configure local user access:

o Set the FTP directory permissions and ownership:

o Restart vsftpd: `sudo systemctl restart vsftpd `.

12
Task 3 Implement a networked system based on a prepared design.(Vo Huynh
Dang Khoa)

1. DHCP router configuration

Figure 6: DHCP Config for Router and Ground Floor

Figure 7: DHCP Config for First Floor and Second Floor

13
2. DHCP of Devices in the Ground Floor

Figure 8: DHCP Staff_1

Figure 9: DHCP Staff_32

14
Figure 10: DHCP ADMIN_1

Figure 11: DHCP ADMIN_2

15
Figure 12: DHCP ADMIN_3

Figure 13: DHCP Printer 1

16
Figure 14: DHCP Printer 2

Figure 15: DHCP Printer 3

17
3. DHCP of devices in the First floor

Figure 16: DHCP PCLAB_1

Figure 17: PCLAB_25

18
4. DHCP of devices in the Second floor

Figure 18: DHCP PCLAB_26

Figure 19: DHCP PCLAB_50

19
 Task 4 Document and analyses test results against expected results.(Vu Ngoc
Bao)

1. Implementation Process Documentation

Component Details Comments

Router Configured interfaces: Fa1/0 (DNS), Router successfully connected all

Configuration Fa0/0 (Ground Floor), Fa9/0 (First subnets as per the network
Floor), Fa2/0 (Second Floor) realization diagram.

Switches Ground Floor: 32 Staff PCs, 3 Switches configured and

Printers, Admin PCs; First Floor: connected to corresponding
25 PCs; Second Floor: 25 PCs devices, ensuring proper
segmentation.

DNS Server Configured with IP 192.168.100.1, DNS server successfully resolving

connected to router for name domain names across the network.
resolution

DHCP DHCP set up on router to assign IPs All devices received correct IP
Configuration within each subnet addresses, ensuring seamless
network connectivity.

Network VLANs created for Admin, Staff, Segmentation confirmed, with

Segmentation Students to enhance security and proper isolation of network traffic
traffic management across different user groups.

2. Network Testing

Test type Objective Method Result Conclusion

Connectivity Verify full Ping tests All devices 100% connectivity

Testing network across (Admin, Staff, confirmed;
connectivity subnets Students, Printers) successful device
across all responded to pings communication
devices with 0% packet across subnets.
loss.

20
Bandwidth Ensure network iPerf Normal Load: Network efficiently
Testing can handle simulations 95% of expected handled both
expected under normal bandwidth; Peak normal and peak
bandwidth and peak Load: 90% of loads with minimal
loads expected performance
bandwidth. degradation.

Latency Measure PingPlotter Average Latency: Latency within

Testing network latency tests 30ms; Maximum acceptable range,
for real-time Latency: 45ms. ensuring smooth
applications operation for real-
time applications.

Security Identify Penetration No critical Network security

Testing vulnerabilities in testing using vulnerabilities configurations
the network Nmap and found. effective, providing
Metasploit robust protection.

QoS Testing Validate that Traffic load High-priority QoS settings

QoS settings simulations applications correctly
prioritize critical maintained configured, ensuring
applications optimal critical applications
performance are prioritized
under heavy without
traffic. degradation.

3. Summary of Findings

Aspect Conclusion

Overall Performance The network met all design requirements, ensuring robust
connectivity, performance, and security.

Future Routine monitoring, regular security audits, and performance

Recommendations reviews should be conducted for ongoing success.

Conclusion

21
This table format organizes the logbook in a clear and structured way, making it easy to reference
each section, record the necessary details, and ensure that all critical aspects of the network
implementation and testing are captured.

Task 4.1 Recommend potential enhancements for the networked systems.(Vu Ngoc
Bao)
Upgrading the network system after prolonged use is essential to ensure that it continues to meet
evolving requirements and operates efficiently. Here are some potential enhancements that can be
made to the networked system:

1. Expand Wireless Coverage:

As the number of network users grows, the demand for reliable wireless connectivity increases. To
address this:

• Install Additional Wireless Access Points (WAPs): Deploy more WAPs, especially in
areas with high user density or poor signal coverage. Opt for Wi-Fi 6 or newer technology to
support higher data rates, improved capacity, and better performance in congested
environments.
• Mesh Networking: Implement a mesh network system to extend wireless coverage
seamlessly across larger areas. This setup will ensure consistent connectivity and eliminate
dead zones.

2. Enhance Network Security:

As cyber threats become more sophisticated, it's crucial to bolster the network's security measures:

• Install Advanced Firewalls: Upgrade to next-generation firewalls (NGFW) that provide

deep packet inspection, intrusion prevention, and advanced threat protection. These firewalls
can detect and block sophisticated attacks, ensuring the network remains secure.
• Implement Network Access Control (NAC): Deploy NAC solutions to enforce security
policies, such as ensuring that only authorized and compliant devices can access the
network. This helps in preventing unauthorized access and reduces the risk of internal
threats.
• Regular Security Audits: Establish a routine schedule for comprehensive security audits
and penetration testing to identify and address potential vulnerabilities promptly.

3. Improve Network Performance and Scalability:

To accommodate future growth and maintain optimal performance:

• Upgrade to 10 Gigabit Ethernet: Replace existing Gigabit switches and network

infrastructure with 10 Gigabit Ethernet to handle increased data traffic and reduce
bottlenecks, particularly in data-intensive environments.
• Implement Load Balancing: Introduce load balancing for critical network services, such as
DNS and DHCP, to distribute traffic evenly across multiple servers. This will enhance
reliability and performance by preventing any single point of failure.
• Expand Network Segmentation: Consider further segmenting the network using Virtual
Local Area Networks (VLANs) or software-defined networking (SDN) to improve traffic
management and isolate sensitive data, reducing the impact of potential security breaches.

22
 4. Enhance Network Monitoring and Management:
As the network grows more complex, effective monitoring and management become crucial:

• Deploy Advanced Monitoring Tools: Utilize network monitoring solutions like

SolarWinds or PRTG with enhanced capabilities for real-time performance tracking,
alerting, and diagnostics. These tools can help in quickly identifying and resolving issues
before they affect users.
• Automate Network Management: Implement automation for routine network management
tasks, such as configuration backups, firmware updates, and security patching. Automation
reduces human error and ensures consistent maintenance.

REFERENCES

1. Airtel Business (2024) Exploring logical and physical design of IoT in 2024, Airtel

Business, [online] Available at: https://www.airtel.in/b2b/insights/blogs/physical-and-

logical-design-of-iot/ (Accessed September 2, 2024).

2. Liebeherr, Jörg & El Zarki, Magda. (2004). Mastering Networks: An Internet Lab Manual.
3. McCabe Jr., J. D. (2003) Network Analysis, Architecture and Design, second edition (The

Morgan Kaufmann Series in Networking), Flylib.com, [online] Available at:

https://flylib.com/books/en/2.809.1.24/1/ (Accessed September 2, 2024).

23