Deric Law CGS00479903
1. Improving Network Topology Draw the topology of the network that you are currently using. Be sure to include addressing structures, network architecture, and include devices such as core switches, workgroup switches, firewalls, routers, and other network devices. Analyze the security of the topology and then draw a proposed new topology. Be sure to include security detection systems as well as security zones. Kazakhstan International School had implemented their network infrastructure since 2007. The school had around 100 computers and every computer is connected to Internet, serving more than 200 users. The school uses 3 subnets to divide the general administration, computer laboratory and Classrooms. Internet service provider (ISP) of the school is Corporate Telecommunication System (CTC), provided the Fibre Optic network connection for the school. The internal network IP addresses make up of 192.168.1.1 - 192.168.1.254, (General Administration) 192.168.2.1 – 192.168.2.254, (Classroom PC) 192.168.3.1 – 192.168.3.254 (Computer Laboratory) With the subnet 255.255.255.0 Majority of the network topology in the school are makeup of star topology. The figure below shows a section of the network topology (Star Topology) in Kazakhstan International School.
The school do not have managed switch, all of the switches in the school are of unmanaged switches. The number of ports of the switch range from 4 to 24. The models of the switches are D-Link DES-1024D, D-Link DES-1008D, and D-Link DES-1005D. They support the network speed up to 100 Mbps.
Deric Law CGS00479903
As of the internet connection, the school had setup a proxy server with the firewall software in between the ISP and the user. The Router from the ISP provides two external connections for the school through its fibre optic network: 1. External IP address 172.25.146.1 Subnet Mask 220.127.116.11 Connection within Kazakhstan WAN 100 Megabits per second (Download and Upload Speed) Internet Connection 10 Megabits per second (Download) & 5 Megabits per second (Upload Speed)
2. External IP address 172.18.146.1 Subnet Mask 18.104.22.168 Connection within Kazakhstan WAN 100 Megabits per second (Download and Upload Speed) Internet Connection 512 Kilobits per second (Download & Upload speed)
The proxy server directs network traffic according to the school network policy rules. The entire Internet access was monitored and filtered through its software. It produces a monthly user usage report and the result was then emailed to the user by the system. The school apply a very strict filtering scheme, since all the students had access to the internet through the school network. The proxy server also adds a layer of firewall through its software. As of the wireless network, the school using the static TCPIP address through the RJ45 connection. The wireless networks follow the 801.11g IEEE standard which uses Wi-Fi Protected Access Pre-Shared Key (WPA-PSK) wireless security. The speed provided for the WIFI users can go up to 54 Megabits per second. The School uses a few Netgear WGR614 Wireless-G Routers to manage the wireless network. The wireless router provides a built-in layer of firewall for all the WIFI users. The users must also provide the user login information for the proxy server in order to access the internet on top of the usual wireless connection password. The Local Area Network (LAN) of the school connects the computers together throughout the entire campus. There are a few solutions and software build on top of the LAN, 1. The Vypress Chat enable PC users to chat with each other, send documents across the different PCs, read & post bulletins, participate in the school forum only using the LAN connection. 2. The NetSupport enable the IT Department to provide instant Help-desk operation on any PC within the campus. It allowed screen-sharing, monitoring, control and other...