Universal Exports Corp. Manufacturing
This is a network design document for Universal Exports Corp. Manufacturing. It is a design to implement a WAN for said company. The company has four departments; plant facility, distribution offices, engineering and the headquarters, with the distribution offices spread across four locations in the U.S., the plant facility in China and both engineering and HQ across the street from each other in Atlanta, GA.
There are many things that are considered hardware devices that will be needed for the WAN. A hardware device is an actual physical machine, as opposed to a software application, that is used on the network. All of the locations will need routers to get on the Internet, switches to control network traffic and outgoing and incoming traffic. A physical firewall will be placed at each location, directly behind the router so that all traffic will have to be approved or denied by the firewall. All devices will have software firewalls placed on them as well. A telephone system will be implemented, more than likely using a PBX system with VoIP protocol for high speed voice communications. Headquarters will have a mainframe and several other servers like an email server and a payroll server to house and protect the different databases that are needed by the company. There will also have to be wireless routers and access points to allow users and equipment to wirelessly connect to network resources. The mainframe at HQ is the link to the network. Everyone will have to be approved by this before getting onto the network, and it will check to make sure network resources are available and approved for access.
The routers will be using the HDLC protocols to communicate and the company should use at least a T1 line or a fiber optic line to ensure bandwidth room and that the network does not slow down or become clogged.
This network will use a star topology at every location with an Ethernet network. The Ethernet network will use mainly Ethernet cabling and will allow speeds of up to 1000mbps. With the reliance on the TCP/IP protocol for network communications, the Ethernet network gives plenty of speed for the network to run efficiently as well as being the preferred medium for IP based protocols. Each location will have its own star network. The star network will allow two things to happen. First, it will allow all users to see and communicate with each other at each location; secondly, it will centralize the network and access to network resources. A server will be in the central location of the star and will authorize access to the other devices. Each location will have this star so that communications across the network will go from one server to another and then to the resource that is being requested. This will keep everything centralized and will make the network more secure and more stable as well as reducing costs. The only link from location to location across the network will be from server to server in the middle of the star, and every centralized server in every star will have a link to the other. This is vital because the plant facility in China needs to be directly connected to the Los Angeles distribution center.
At first glance it would seem that a class b addressing scheme is needed, but if a class c subnet is used, that will give 254 usable host addresses per network bit. With 21 different network ID bits available, that means that 254 are available per bit set, or say per location. So each location could have up to 254 hosts, and if that is not enough more than one network ID could be used at a location. A class c subnet mask would actually allow 256 addresses, but remember that the first address is the default gateway on any network and the last is the broadcast address. Always.
So there are 254 usable addresses. There would be a different subnet for each location, or each star on the network will have its own subnet mask. Therefore, since there is a request to keep the IP addresses private, the range of IP addresses would look something like 192.168.0.0 to 192.168.255.255, with over 65,000 IP addresses available in that scheme. Remember that the usable range is slightly less since the first and last are reserved.
A virtual local area network will be used on each floor of each building for the entire network. There are several reasons for this implementation. First of all, this will create many different broadcast domains so that each one is isolated. The only way that the TCP/IP packets can be passed across the VLANs is by router to router, or router to switch. This will allow port control on the switch, so that each user will have to use a different port on the switch and that port has to be authorized by a network administrator. This is a cost effective way to heighten security since the switch has to be configured to allow each user outside access and someone with malicious content cannot just plug in and user a packet sniffing tool to hack the network. Also, a VLAN will reduce network traffic and speed up the network since a broadcast will only go to the required VLAN instead of broadcasting across the entire network.
PBX and VoIP can be used here to create instant access across the network. What will be used is the IP PBX. This gives employees an extension number and the ability to conference, transfer and dial other colleagues. All calls are sent via data packets over a data network instead of the traditional phone network. With the use of a VOIP gateway, a user can connect existing phone lines to the IP PBX and make and receive phone calls via a regular PSTN line. This will make the telephone system faster and more secure and will allow anyone in the network to be just an extension away. A user in LA can immediately talk to someone at the plant in China just by dialing a three or four digit extension. Users can also use mobile phones in places like the plant floor to be always accessible as long as they are in the network and in wireless range. This is where the wireless access points will come in.
Security has been discussed throughout this proposal. In fact everything that is proposed is done with security in mind. The VLAN, the network equipment, the subnet masks, the star topology, everything. Logical and physical firewalls will be used; passwords and group permissions, and online backup will all be main features at every site so that security is at a premium. There are a few things to mention here about the wireless access. All data sent and received using packet encryption like WPA and all networks will be secured with a WEP key. There will be a different key for every location, or for every router so that the wireless will be just as secure as the wired transmissions, if not more so.
In conclusion, this design will give the company the fastest and most secure network as possible while at the same time being very cost effective. All employees will be just an extension away no matter the physical distance. Performance will be faster, security will be higher and the users will be more connected to each than ever before. This will reduce cost and increase productivity, generating more revenue for the company while saving money at the same time.
Stallings, W. (2009). Business Data Communications (6th ed.). Retrieved from The University of Phoenix eBook Collection Database.
IP PBX, SIP & VOIP FAQ. (2013). Retrieved from http://www.3cx.com/PBX/IP-PBX-faq/