INTERNAL VERIFICATION – ASSIGNMENT BRIEF Programme Title - HND in Computing Assessor Name - Oshada Lokuhetty Internal Verifier Name Unit or Component Number and Title Assignment title - Unit 02 - Networking LAN Design & Implementation for Alliance Health Assessment criteria targeted by this assignment brief - LO1, LO2, LO3, LO4 Is this an Authorised Assignment N/A Brief published by Pearson? If so, has it been amended by the Assessor in any way? Please give details. (If using the Authorised Assignment Brief ‘off the shelf’ with no amendments, please answer the question marked in the checklist only) Has this assignment been Yes No submitted to the Assignment Checking Service? (If Yes, please keep a copy of the ACS feedback with this form) √ INTERNAL VERIFIER CHECKLIST Y/N Are the programme and unit details accurate? Y Are clear deadlines for assessment given? TBC Is the time frame of an appropriate duration? Y Is there a suitable vocational scenario or context? Y Are the assessment criteria to be addressed stated accurately? Y Does each task show which criteria are being addressed? Y Do the tasks meet the assessment requirements of the unit/s? Y Is it clear what evidence the learner needs to generate? Y Is it likely to generate evidence that is valid and sufficient? Y Overall, is the Assignment fit for purpose? Yes √ No If ‘No’ is recorded the Internal Verifier must recommend actions detailing the issues to be addressed. The Assessor and the Internal Verifier must then confirm that the action has been undertaken and that the Assignment Brief is authorised for use before being issued to learners. Action required - Target Date for Date Action (If none then please state n/a) Completion Completed General Comments (if appropriate) Assignment Brief Authorised for Use Internal Verifier signature Date Assessor signature Date Lead Internal Verifier signature (if appropriate) oshada@esoft.lk Date 2022/06/13 Higher Nationals Internal verification of assessment decisions – BTEC (RQF) INTERNAL VERIFICATION – ASSESSMENT DECISIONS Programme title BTEC Higher National Diploma in Computing Assessor Internal Verifier Unit 02 - Networking Unit(s) LAN Design & Implementation for Alliance Health Assignment title Student’s name List which assessment criteria Pass the Assessor has awarded. INTERNAL VERIFIER CHECKLIST Merit Distinction Do the assessment criteria awarded match those shown in the assignment brief? Y/N Is the Pass/Merit/Distinction grade awarded justified by the assessor’s comments on the Y/N student work? Has the work been assessed accurately? Y/N Is the feedback to the student Give details Constructive? Linked to relevant assessment criteria? Y/N Identifying opportunities for improved Y/N performance? Y/N Agreeing actions? Y/N Does the assessment decision need amending? Y/N Assessor signature Date Internal Verifier signature Date Programme Leader signature (if required) Date Confirm action completed Remedial action taken Give details - Assessor signature Internal Verifier signature Programme Date Date Leader signature (if required) Date Higher Nationals - Summative Assignment Feedback Form Student Name/ID Unit Title Unit 02 - Networking Assignment Number 1 Assessor Date Received 1st submission Submission Date Date Received 2nd submission Re-submission Date Assessor Feedback LO1 Examine networking principles and their protocols. Pass, Merit & P1 P2 M1 D1 Distinction Descripts LO2 Explain networking devices and operations. Pass, Merit & P3 P4 M2 Distinction Descripts LO3 Design efficient networked systems. Pass, Merit & P5 P6 M3 Distinction Descripts LO4 Implement and diagnose networked systems. Pass, Merit & P7 Distinction Descripts P8 M4 D2 Grade - Assessor Signature - Date - Resubmission Feedback - Grade - Assessor Signature - Date - Internal Verifier’s Comments - Signature & Date Please note that grade decisions are provisional. They are only confirmed once internal and external moderation has taken place and grades decisions have been agreed at the assessment board. Assignment Feedback Formative Feedback - Assessor to Student Action Plan Summative feedback Feedback - Student to Assessor Assessor signature Date Student signature Date Pearson Higher Nationals in Computing Unit 02 - Networking Assignment 01 General Guidelines A Cover page or title page – You should always attach a title page to your assignment. Use previous page as your cover sheet and make sure all the details are accurately filled. Attach this brief as the first section of your assignment. All the assignments should be prepared using a word processing software. All the assignments should be printed on A4 sized papers. Use single side printing. Allow 1” for top, bottom , right margins and 1.25” for the left margin of each page. Word Processing Rules The font size should be 12 point, and should be in the style of Time New Roman. Use 1.5 line spacing. Left justify all paragraphs. Ensure that all the headings are consistent in terms of the font size and font style. Use footer function in the word processor to insert Your Name, Subject, Assignment No, and Page Number on each page. This is useful if individual sheets become detached for any reason. Use word processing application spell check and grammar check function to help editing your assignment. Important Points - It is strictly prohibited to use textboxes to add texts in the assignments, except for the compulsory information. eg - Figures, tables of comparison etc. Adding text boxes in the body except for the before mentioned compulsory information will result in rejection of your work. Avoid using page borders in your assignment body. Carefully check the hand in date and the instructions given in the assignment. Late submissions will not be accepted. Ensure that you give yourself enough time to complete the assignment by the due date. Excuses of any nature will not be accepted for failure to hand in the work on time. You must take responsibility for managing your own time effectively. If you are unable to hand in your assignment on time and have valid reasons such as illness, you may apply (in writing) for an extension. Failure to achieve at least PASS criteria will result in a REFERRAL grade . Non-submission of work without valid reasons will lead to an automatic RE FERRAL. You will then be asked to complete an alternative assignment. If you use other people’s work or ideas in your assignment, reference them properly using HARVARD referencing system to avoid plagiarism. You have to provide both in-text citation and a reference list. If you are proven to be guilty of plagiarism or any academic misconduct, your grade could be reduced to A REFERRAL or at worst you could be expelled from the course Student Declaration I hereby, declare that I know what plagiarism entails, namely to use another’s work and to present it as my own without attributing the sources in the correct form. I further understand what it means to copy another’s work. I know that plagiarism is a punishable offence because it constitutes theft. I understand the plagiarism and copying policy of Pearson UK. I know what the consequences will be if I plagiarise or copy another’s work in any of the assignments for this program. I declare therefore that all work presented by me for every aspect of my program, will be my own, and where I have made use of another’s work, I will attribute the source in the correct way. I acknowledge that the attachment of this document signed or not, constitutes a binding agreement between myself and Pearson, UK. I understand that my assignment will not be considered as submitted if this document is not attached to the assignment. sugasuganthi1996@gmail.com 24/03/2024 Student’s Signature - Date - (Provide E-mail ID) (Provide Submission Date) Higher National Diploma in Computing Assignment Brief Student Name /ID Number Unit Number and Title Unit 2 - Networking Academic Year 2022/23 Unit Tutor Assignment Title LAN Design & Implementation for Alliance Health Issue Date Submission Date IV Name & Date Submission format The submission should be in the form of an individual report written in a concise, formal business style using single spacing and font size 12. You are required to make use of headings, paragraphs and subsections as appropriate, and all work must be supported with research and referenced using Harvard referencing system. Please also provide an end list of references using the Harvard referencing system. The recommended word count is 3,000–3,500 words for the report excluding annexures, although you will not be penalised for exceeding the total word limit. Unit Learning Outcomes - LO1 Examine networking principles and their protocols. LO2 Explain networking devices and operations. LO3 Design efficient networked systems. LO4 Implement and diagnose networked systems. Assignment Brief and Guidance - Scenario Alliance Health is a technology-enabled solutions company that optimizes the revenue cycle of the US healthcare industry where its global delivery center is located in Colombo. The company is planning to expand their business operations with their latest branch at Matara and wants it to be one of the stateof-the-art companies in Matara with the latest facilities. Assume you have been appointed as the new network analyst of Alliance Health to plan, design and restructure the existing network. Prepare a network architectural design and implement it with your suggestions and recommendations to meet the company requirements. The floor plan of the head office in Colombo is as follows Floor 1 Reception area Sales & Marketing Department (10 employees) Customer Services Area – with Wi-Fi facilities Floor 2 Administration Department (30 Employees) HR Department (20 employees) Accounting & Finance Department (15 employees) Audit Department (5 employees) Business Development Department (5 employees) Floor 3 Video conferencing room IT Department (60 employees) The Server Room The floor plan of the branch in Matara is as follows Floor 1 Reception area Customer Services Area– with Wi-Fi facilities Floor 2 Administration Department (10 Employees) HR Department (7 employees) Accounting & Finance Department (8 employees) IT Department (50 employees) Following requirements are given by the Management. All the departments must be separated with unique subnet . The conferencing room of the head office and Customer Services Area s of each branch are to be equipped with Wi -Fi connections . Connectivit y between two branches (Head Office and Matara) would allow the intra branch connectivit y between departments. (Use of VPN is not compulsory) The necessary IP address classes and ranges must be decided by the network designer and should be used for all the departments except the server room. Number of servers required for the Server room need to be decided by the Network designer and should be assigned with 10.254.1 0.0/24 subnet. (Uses static IPs) Sales and Marketing Team also needs to access Network resources using WIF I connectivity. (Note - Clearly state your assumptions. Y ou are allowed to design the network according to your assumptions, but main requirements should not be violated) Activit y 01 Discuss the benefits and constraints of different network system t ypes that can be implemented in the Matara branch and the main IEEE Ethernet standards that can be used in above LAN and WLAN design . Discuss the importance and impact of network topologies and assess the main network protocol suites that are used in network design using examples . Recommend suitable network topology and network protocols for above scenario and evaluate with valid points how the recommended topology demonstrates the efficient utilization of the networking system of Matara branch. Activit y 02 Discuss the operating principles of network devices (Ex - Router, Switch, Etc.) and server t ypes that can be used for above scenario while exploring different servers that are available in today’s market with their specifications . Recommend server/servers for the above scenario and justify your selection with valid points . Discuss the inter-dependence of workstation ha rdware and networking software and provide examples for networking software that can be used in above network design. Activit y 03 Prepare a written network design plan to meet the above-mentioned user requirements including a blueprint drawn using a modeling tool (Ex - Microsoft Visio, EdrawMax) .Test and evaluate the proposed design by anal yzing user feedback with the aim of optimizing your design and improving efficiency. (Support your answer by providing the VLAN and IP subnetting scheme for the above scenario and the list of devices, network components and software used to design the network for above scenario and while justifying your selections. ) Install and configure Network services , devices and applications (Ex - VLAN,WiFi, DNS,Prox y, Web, Etc.) according to the proposed design to accomplish the user requirements and design a detailed Maintenance schedule for above Network. Note - - Screen shots of Configuration scripts should be presented. Activit y 04 Implement a networked system based on your prepared design with valid evidences. Develop test cases and conduct verification (Ex - Ping, extended ping, trace route, telnet, SSH, etc.) to test the above Network and anal yse the test results against the expected results. Recommend potential future enhancements for the networked s ystem with valid justifications and criticall y reflect on the implemented network, including the plan, desig n, configuration s, tests and the decisions made to enhance the s ystem. Grading Rubric Grading Criteria Ach Feedback ieve d LO1 - Examine networking principles and their protocols. P1 Discuss the benefits and constraints of different network types and standards. P2 Explain the impact of network topology, communication and bandwidth requirements. M1 Assess common networking principles and how protocols enable the effectiveness of networked systems. LO2 - Explain networking devices and operations P3 Discuss the operating principles of networking devices and server types. P4 Discuss the interdependence of workstation hardware and relevant networking software M2 Explore a range of server types and justify the selection of a server for a given scenario, regarding cost and performance optimisation LO 1 & LO2 D1 Evaluate the topology protocol selected for a given scenario and how it demonstrates the efficient utilisation of a networking system. LO3 - Design efficient networked systems P5 Design a networked system to meet a given specification. P6 Design a maintenance schedule to support the networked system. M3 Analyse user feedback on your designs with the aim of optimising your design and improving efficiency. D2 Critically reflect on the implemented network, including the design and decisions made to enhance the system. LO4 - Implement and diagnose networked systems P7 Implement a networked system based on a prepared design. P8 Document and analyze test results against expected results. M4 Recommend potential enhancements for the networked systems. D2 Critically reflect on the implemented network, including the design and decisions made to enhance the system. Pearson Higher Nationals in Computing Unit 02 - Networking Assignment 01 W.S. SUGANTHI E192337 FIRST SEMESTER Acknowledgement In making this project, and completing it successfully, I had to get help and guidance from some respected people. I am grateful that I was given the opportunity to make this project, which has enhanced my knowledge in so many aspects. Contents Components Of Computer Network - ..................................... Error! Bookmark not defined. No table of figures entries found. Table 1 List of tables Introduction network A computer network comprises two or more computers that are connected—either by cables (wired) or wifi (wireless)—with the purpose of transmitting, exchanging, or sharing data and resources. You build a computer network by using hardware (for example, routers, switches, access points, and cables) and software (for example, operating systems or business applications). Geographic location often defines a computer network. For example, a LAN (local area network) connects computers in a defined physical space, like an office building, whereas a WAN (wide area network) can connect computers across continents. The internet is the largest example of a WAN, connecting billions of computers worldwide. You can further define a computer network by the protocols it uses to communicate, the physical arrangement of its components, how it controls traffic, and its purpose. Computer networks enable communication for every business, entertainment, and research purpose. The internet, online search, email, audio and video sharing, online commerce, livestreaming, and social networks all exist because of computer networks. There are several methods of managing a network, including, Cloud-based network management - This method of storing information and connecting devices makes use of cloud computing. It's typically available to companies, governments and the general public through the internet. Converged network management - This strategy connects multiple devices via the same access switch. It's a traditional method of connecting various wired and wireless devices. Centralized network management - This strategy is the most common way to implement a new network. It involves connecting devices to a server in a central location. Task 01 Computer Network Types A computer network is a group of computers linked to each other that enables the computer to communicate with another computer and share their resources, data, and applications. A computer network can be categorized by their size. A computer network is mainly of four types. LAN (Local Area Network) PAN (Personal Area Network) MAN (Metropolitan Area Network) WAN (Wide Area Network) LAN (Local Area Network) Local Area Network is a group of computers connected to each other in a small area such as building, office. LAN is used for connecting two or more personal computers through a communication medium such as twisted pair, coaxial cable, etc. It is less costly as it is built with inexpensive hardware such as hubs, network adapters, and ethernet cables. The data is transferred at an extremely faster rate in Local Area Network. Local provides security. higher Area Network let's discuss the benefits and constraints of a LAN (Local Area Network) Benefits: 1. Resource Sharing : One of the primary benefits of LAN is resource sharing. Users within the LAN can share resources such as printers, files, and internet connections, enhancing collaboration and productivity. 2. High-Speed Data Transfer : LANs typically operate at higher speeds compared to wide area networks (WANs) or the internet. This high-speed connectivity enables faster data transfer and communication between devices within the network. 3. Cost-Effectiveness : Setting up a LAN is generally cost-effective compared to establishing individual connections for each device. Once the infrastructure is in place, adding new devices to the network is relatively simple and inexpensive. 4. Increased Security : LANs can be configured with security measures such as firewalls, encryption, and access controls to protect sensitive data and prevent unauthorized access. This helps in maintaining the confidentiality and integrity of the network resources. 5. Centralized Management : With a LAN, network administrators can centrally manage and monitor network resources, user access, and security policies. This centralized management simplifies administration tasks and ensures better control over the network environment. Constraints: 1. Limited Coverage Area : LANs are designed to cover a limited geographic area, typically within a single building or campus. As a result, users outside this coverage area cannot directly access LAN resources without additional networking infrastructure. 2. Dependency on Physical Infrastructure : LANs rely on physical infrastructure such as Ethernet cables, switches, and routers. Any damage or malfunction in the physical components can disrupt network connectivity and affect user productivity. 3. Security Concerns : While LANs offer security features, they are still susceptible to security breaches such as unauthorized access, malware attacks, and data breaches. Proper security measures, including regular updates and employee training, are essential to mitigate these risks. 4. Scalability Challenges : As the number of devices and users on the LAN grows, scalability challenges may arise. The network infrastructure needs to accommodate the increasing traffic and resource demands, which may require upgrades or expansion of the existing infrastructure. 5. Single Point of Failure : LANs can have a single point of failure, such as a faulty switch or router, which can lead to network downtime and disruption of services. Redundancy measures such as backup systems and failover configurations are necessary to minimize the impact of such failures. Overall, while LANs offer numerous benefits in terms of resource sharing, high-speed connectivity, and centralized management, they also come with constraints related to coverage limitations, infrastructure dependencies, security risks, scalability challenges, and potential points of failure. Addressing these constraints requires careful planning, implementation of best practices, and ongoing maintenance to ensure the efficient and secure operation of the LAN. PAN (Personal Area Network) Personal Area Network is a network arranged within an individual person, typically within a range of 10 meters. Personal Area Network is used for connecting the computer devices of personal use is known as Personal Area Network. Thomas Zimmerman was the first research scientist to bring the idea of the Personal Area Network. Personal Area Network covers an area of 30 feet. Personal computer devices that are used to develop the personal area network are the laptop, mobile phones, media player and play stations. There are two types of Personal Area Network - Wireless Personal Area Network - Wireless Personal Area Network is developed by simply using wireless technologies such as WiFi, Bluetooth. It is a low range network. Wired Personal Area Network - Wired Personal Area Network is created by using the USB. Examples Of Personal Area Network Body Area Network - Body Area Network is a network that moves with a person. For example, a mobile network moves with a person. Suppose a person establishes a network connection and then creates a connection with another device to share the information. Offline Network - An offline network can be created inside the home, so it is also known as a home network. A home network is designed to integrate the devices such as printers, computer, television but they are not connected to the internet. Small Home Office - It is used to connect a variety of devices to the internet and to a corporate network using a VPN Benefits: 1. Connectivity : PANs enable seamless connectivity between personal devices such as smartphones, tablets, laptops, wearable devices, and IoT (Internet of Things) gadgets. This interconnectedness allows for data sharing, synchronization, and collaboration among devices. 2. Convenience : PANs offer convenience by eliminating the need for physical connections like cables. Devices can communicate wirelessly using technologies such as Bluetooth, Wi-Fi Direct, or NFC (Near Field Communication), enhancing mobility and flexibility for users. 3. Integration : PANs facilitate the integration of various technologies and devices into a unified ecosystem. Users can easily integrate their smartphones with wearable devices, smart home appliances, and other gadgets to create personalized and interconnected experiences. 4. Portability : PANs are designed for portability, allowing users to carry their personal devices and networks with them wherever they go. This portability enables seamless connectivity and communication regardless of the user's location or environment. 5. Privacy : Since PANs are typically limited to a small area around the individual, they offer enhanced privacy and security compared to larger networks like LANs or WANs. Users have greater control over the devices and data within their PAN, reducing the risk of unauthorized access or data breaches. Constraints: 1. Limited Range : The primary constraint of a PAN is its limited range, typically ranging from a few meters to a few tens of meters depending on the wireless technology used. This limited range restricts communication to devices within close proximity, making PANs unsuitable for long-distance communication. 2. Interference : Wireless communication technologies used in PANs, such as Bluetooth and Wi-Fi, may experience interference from other electronic devices or networks operating in the same frequency band. This interference can degrade signal quality and affect the performance of connected devices. 3. Security Risks : PANs are susceptible to security risks such as unauthorized access, data interception, and device tampering. Users need to implement security measures such as encryption, authentication, and access controls to protect their devices and data from malicious attacks. 4. Compatibility Issues : Devices within a PAN may use different communication protocols or standards, leading to compatibility issues. Ensuring interoperability between devices and maintaining compatibility with evolving technologies can be challenging for users managing a PAN. 5. Limited Scalability : PANs are typically designed for personal use and may not support scalability to accommodate a large number of devices or users. As the number of devices in the PAN grows, managing connectivity and ensuring optimal performance can become more complex. Despite these constraints, PANs offer significant benefits in terms of connectivity, convenience, integration, portability, and privacy, making them ideal for personal and localized communication needs. By addressing security concerns, ensuring compatibility, and managing interference, users can maximize the advantages of PANs while minimizing their limitations. MAN (Metropolitan Area Network) A metropolitan area network is a network that covers a larger geographic area by interconnecting a different LAN to form a larger network. Government agencies use MAN to connect to the citizens and private industries. In MAN, various LANs are connected to each other through a telephone exchange line. The most widely used protocols in MAN are RS-232, Frame Relay, ATM, ISDN, OC-3, ADSL, etc. It has a higher range than Local Area Network(LAN). Uses Of Metropolitan Area Network MAN is used in communication between the banks in a city. It can be used in an Airline Reservation. It can be used in a college within a city. It can also be used for communication in the military. A MAN (Metropolitan Area Network) is a type of network that covers a larger geographic area than a LAN but smaller than a WAN, typically spanning across a city or metropolitan area. Let's explore the benefits and constraints of a MAN network: Benefits: 1. Coverage : One of the primary benefits of a MAN network is its extended coverage over a metropolitan area. It allows organizations and businesses within the city to connect their various locations, branches, or campuses seamlessly. 2. High-Speed Connectivity : MAN networks often utilize high-speed technologies such as fiber optics or Ethernet to provide fast and reliable connectivity. This enables efficient data transfer and communication between different sites or users within the metropolitan area. 3. Scalability : MAN networks are designed to accommodate the growing needs of businesses and organizations within the metropolitan area. They can easily scale up to support additional users, devices, and network services as required, making them suitable for evolving business requirements. 4. Cost-Effectiveness : Compared to wide area networks (WANs), MAN networks are generally more cost-effective to deploy and maintain, especially for organizations operating within a single metropolitan area. They offer a balance between the coverage of WANs and the cost-effectiveness of LANs. 5. Centralized Management : MAN networks allow for centralized management and administration of network resources, services, and security policies. This centralized management simplifies network operations, troubleshooting, and maintenance across multiple locations within the metropolitan area. Constraints: 1. Infrastructure Investment : Establishing a MAN network requires significant investment in infrastructure, including laying fiber optic cables, deploying network equipment, and ensuring connectivity across the metropolitan area. This initial investment can be a barrier for smaller organizations or municipalities. 2. Complexity : MAN networks can be complex to design, deploy, and manage due to the diverse range of technologies, protocols, and services involved. Network administrators need specialized knowledge and expertise to ensure optimal performance and reliability across the network. 3. Security Concerns : MAN networks are vulnerable to security threats such as unauthorized access, data breaches, and cyber attacks. With multiple sites and users interconnected within the metropolitan area, ensuring robust security measures such as encryption, access controls, and intrusion detection systems is essential. 4. Interference and Signal Degradation : In densely populated metropolitan areas, MAN networks may experience interference and signal degradation due to electromagnetic interference, physical obstacles, or environmental factors. This can impact the reliability and performance of the network, especially for wireless technologies. 5. Regulatory Compliance : MAN networks may be subject to regulatory requirements and compliance standards imposed by government authorities or industry regulations. Ensuring compliance with these regulations, such as data privacy laws or network neutrality regulations, can add complexity and cost to MAN network operations. Despite these constraints, MAN networks offer significant benefits in terms of coverage, highspeed connectivity, scalability, cost-effectiveness, and centralized management for organizations and businesses operating within a metropolitan area. By addressing the challenges associated with infrastructure investment, complexity, security, interference, and regulatory compliance, organizations can leverage the advantages of MAN networks to support their communication and networking needs effectively. WAN (Wide Area Network) A Wide Area Network is a network that extends over a large geographical area such as states or countries. A Wide Area Network is quite bigger network than the LAN. A Wide Area Network is not limited to a single location, but it spans over a large geographical area through a telephone line, fibre optic cable or satellite links. The internet is one of the biggest WAN in the world. A Wide Area Network is widely used in the field of Business, government, and education. Examples Of Wide Area Network Mobile Broadband - A 4G network is widely used across a region or country. Last mile - A telecom company is used to provide the internet services to the customers in hundreds of cities by connecting their home with fiber. private network - A bank provides a private network that connects the 44 offices. This network is made by using the telephone leased line provided by the telecom company. Benefits: 1. Geographic Reach : One of the primary benefits of a WAN network is its extensive geographic reach. It enables organizations to connect their remote offices, branches, and facilities located in different cities, countries, or continents, facilitating seamless communication and collaboration. 2. Scalability : WAN networks are designed to scale up and accommodate the growing needs of organizations, regardless of their geographic spread. As businesses expand or add new locations, WANs can easily adapt to support additional users, devices, and network services. 3. Centralized Management : WAN networks allow for centralized management and administration of network resources, services, and policies across multiple locations. This centralized management simplifies network operations, troubleshooting, and maintenance, leading to improved efficiency and cost savings. 4. Redundancy and Resilience : WAN networks often incorporate redundancy and resilience features to ensure high availability and reliability of network services. Technologies such as multipath routing, link aggregation, and failover configurations help mitigate the impact of network failures or outages. 5. Global Connectivity : WAN networks provide global connectivity, enabling organizations to access resources, data, and services from anywhere in the world. This global reach fosters international collaboration, expands market opportunities, and supports remote work initiatives. Constraints: 1. Cost : Establishing and maintaining a WAN network can be costly, especially for organizations with extensive geographic coverage and bandwidth requirements. Expenses include infrastructure investment, leased lines, network equipment, and ongoing operational costs such as maintenance and bandwidth fees. 2. Complexity : WAN networks are inherently complex due to their large scale, diverse technologies, and distributed nature. Designing, deploying, and managing a WAN network requires specialized knowledge and expertise, as well as coordination across multiple locations and teams. 3. Security Risks : WAN networks are vulnerable to various security threats such as unauthorized access, data breaches, malware attacks, and distributed denial-of-service (DDoS) attacks. Securing a WAN network requires implementing robust security measures such as encryption, firewalls, intrusion detection systems, and access controls. 4. Latency and Performance : WAN networks may experience latency and performance issues, especially for applications requiring real-time data transmission or high-bandwidth requirements. Factors such as network congestion, distance, and routing inefficiencies can impact the responsiveness and throughput of the network. 5. Dependency on Service Providers : WAN networks often rely on third-party service providers for connectivity, bandwidth, and infrastructure. Organizations must carefully select and manage their service providers to ensure quality of service, reliability, and compliance with service level agreements (SLAs). Despite these constraints, WAN networks offer significant benefits in terms of geographic reach, scalability, centralized management, redundancy, resilience, and global connectivity for organizations operating across distributed locations. By addressing the challenges associated with cost, complexity, security, performance, and service provider management, organizations can leverage the advantages of WAN networks to support their communication, collaboration, and business needs effectively. IEEE IEEE stands for the Institute of Electrical and Electronics Engineers. It is a professional association and standards organization dedicated to advancing technology for the benefit of humanity. IEEE develops and publishes technical standards for various industries, including electrical and electronics engineering, telecommunications, information technology, and more. IEEE standards cover a wide range of topics, including networking, wireless communication, power systems, software engineering, and biomedical technology. These standards are developed through a consensus-based process involving experts from academia, industry, and government. Some well-known IEEE standards include: 1. IEEE 802.3: Defines the standards for Ethernet networks, including wired LAN technologies like Ethernet and Wi-Fi. 2. IEEE 802.11: Specifies the standards for wireless LAN (Wi-Fi) technologies, including protocols for wireless communication and network security. 3. IEEE 802.1: Covers standards for network architecture, including protocols for bridging and network management. 4. IEEE 754: Defines standards for floating-point arithmetic in computer systems, including formats for representing and manipulating floating-point numbers. 5. IEEE 754-2008: Revised version of the IEEE 754 standard, incorporating updates and clarifications. 6. IEEE 1613: Specifies standards for environmental and testing requirements for networking equipment used in electric power substations. Overall, IEEE plays a crucial role in promoting technological innovation and interoperability by developing and maintaining standards that facilitate the development and deployment of advanced technologies across various industries. 1.1 Main IEEE Ethernet Standards IEEE 802.3 Ethernet - 1. Standard for Wired Ethernet Networks - IEEE 802.3 Ethernet defines the standard for wired Ethernet networks, specifying the rules and protocols for data transmission over Ethernet cables. It outlines the frame format, data encoding methods, and collision detection mechanisms used in Ethernet networks. 2. Supports Various Media Types - Ethernet supports various media types for network connectivity, including twisted pair, fiber optic, and coaxial cable. This versatility allows organizations to choose the most suitable media type based on factors such as distance, bandwidth requirements, and environmental conditions. 3. Options for Different Data Rates - IEEE 802.3 Ethernet provides options for different data rates, ranging from 10 Mbps (Ethernet) to 100 Gbps (Ethernet). This flexibility enables organizations to scale their network bandwidth according to their requirements, whether it's for small office networks or high-performance data centers. IEEE 802.11 Wireless LAN - 1. Standard for Wireless LANs - IEEE 802.11 Wireless LAN specifies the standards for wireless local area networks (LANs), defining protocols for medium access control (MAC) and physical layer (PHY). It governs how wireless devices communicate with each other within a WLAN. 2. Offers Different Variants - IEEE 802.11 offers various variants such as 802.11a, 802.11b, 802.11g, 802.11n, 802.11ac, and 802.11ax. Each variant operates on different frequency bands and supports different data rates, allowing organizations to choose the most suitable option based on their specific requirements and environmental conditions. 3. Supports Security and QoS Features - IEEE 802.11 WLANs support features like encryption, authentication, and quality of service (QoS) to ensure secure and reliable wireless communication. These features help protect sensitive data transmitted over the wireless network and prioritize certain types of traffic for better performance. Benefits and Constraints of LAN and WLAN for Matara Branch - - LAN Benefits - Provides high-speed connectivity within the branch, facilitating efficient communication between departments. - Allows for the separation of departments with unique subnets, meeting management's requirement for organizational structure. - Simplifies network management and troubleshooting, as all devices are connected through a wired infrastructure. - WLAN Benefits - Equipping areas like the reception and customer services with Wi-Fi facilities offers flexibility and mobility for employees and guests. - Facilitates connectivity for wireless devices such as laptops, smartphones, and tablets, enhancing productivity and collaboration. Constraints - The limited range of LAN may require additional infrastructure for connectivity between the head office and the Matara branch, such as dedicated leased lines or VPN connections. - WLAN may be susceptible to interference and security vulnerabilities, necessitating proper network design and security measures such as encryption and access control. Conclusion Implementing a combination of LAN and WLAN at the Matara branch ensures efficient connectivity and meets the company's requirements for departmental separation and Wi-Fi access. Utilizing IEEE Ethernet standards ensures compatibility and reliability in network communication, providing a solid foundation for the branch's networking infrastructure. P2 Network topology, communication, and bandwidth requirements are crucial aspects of designing and managing a network. Let's explore their impact: 1. Network Topology : Network topology refers to the physical or logical layout of interconnected devices and nodes in a network. Different network topologies, such as star, mesh, bus, ring, or hybrid, have distinct characteristics that influence network performance, scalability, and fault tolerance. - Impact : The choice of network topology can significantly impact network performance, reliability, and scalability: - Performance : The topology affects data transmission speed, latency, and efficiency. For example, a star topology with centralized connectivity offers fast data transfer and easy troubleshooting, while a mesh topology with redundant paths provides fault tolerance and resilience. - Scalability : Some topologies are more scalable than others. For instance, a bus topology may become congested as more devices are added, while a mesh or hybrid topology can accommodate growth more effectively by adding new connections or nodes. - Reliability : The topology influences network reliability and fault tolerance. Redundant paths in mesh or ring topologies can prevent single points of failure and ensure uninterrupted connectivity, whereas a failure in a single point in a bus topology can disrupt the entire network. - Complexity : Different topologies vary in complexity, affecting network management, troubleshooting, and maintenance. For example, a mesh topology with numerous connections may require more configuration and management efforts compared to a star or bus topology. 2. Communication : Communication refers to the exchange of data and information between devices and nodes within a network. Efficient communication protocols, addressing schemes, and routing algorithms are essential for establishing and maintaining effective communication within the network. - Impact : Effective communication is vital for network performance, reliability, and security: - Performance : Communication protocols and routing algorithms impact data transmission speed, latency, and efficiency. Well-designed protocols can optimize network traffic and minimize delays, improving overall performance. - Reliability : Reliable communication protocols ensure accurate data transmission and error detection/correction mechanisms. Robust routing algorithms can dynamically adapt to network changes, ensuring data reaches its destination reliably. - Security : Secure communication protocols and encryption mechanisms protect sensitive data from interception, tampering, or unauthorized access. Secure communication is essential for maintaining data confidentiality, integrity, and privacy within the network. 3. Bandwidth Requirements : Bandwidth refers to the maximum rate of data transfer across a network, typically measured in bits per second (bps) or megabits per second (Mbps). Bandwidth requirements vary based on the volume of data traffic, the number of users/devices, and the type of applications/services running on the network. - Impact : Bandwidth requirements affect network performance, scalability, and user experience: - Performance : Inadequate bandwidth can lead to network congestion, slow data transfer speeds, and increased latency. Sufficient bandwidth ensures smooth and responsive network performance, especially for bandwidth-intensive applications like video streaming or VoIP. - Scalability : Network bandwidth must scale to accommodate growing data traffic and user demands. Scalable bandwidth options, such as fiber optics or high-speed Ethernet, allow for expansion and accommodate increased bandwidth requirements over time. - User Experience : Bandwidth availability directly impacts user experience and productivity. Insufficient bandwidth can result in slow application performance, buffering during multimedia streaming, and degraded quality of service, leading to user frustration and dissatisfaction. In summary, network topology, communication, and bandwidth requirements play integral roles in shaping network performance, reliability, scalability, and user experience. By carefully considering these factors during network design, implementation, and management, organizations can build robust, efficient, and resilient networks that meet their communication needs effectively. M1 Common networking principles serve as foundational concepts that guide the design, implementation, and management of networked systems. These principles, along with networking protocols, play crucial roles in enabling the effectiveness of networked systems. Let's assess some common networking principles and their relationship with protocols: 1. Interoperability : - Principle : Interoperability refers to the ability of different systems, devices, or applications to communicate and work together seamlessly, regardless of their underlying technologies or manufacturers. - Protocols : Networking protocols define standardized rules and conventions for communication between devices and systems. Protocols such as TCP/IP (Transmission Control Protocol/Internet Protocol) ensure interoperability by establishing common communication standards used across the internet and other networks. 2. Scalability : - Principle : Scalability refers to the ability of a network to accommodate growth in terms of the number of users, devices, or data traffic without sacrificing performance or reliability. - Protocols : Scalable protocols, such as BGP (Border Gateway Protocol) for routing or DHCP (Dynamic Host Configuration Protocol) for IP address assignment, enable networks to adapt to changes in size and demand dynamically. These protocols support features like load balancing, route aggregation, and automatic address allocation to scale network resources efficiently. 3. Reliability : - Principle : Reliability ensures that networked systems consistently deliver data accurately and without errors, even in the face of network disruptions, failures, or adverse conditions. - Protocols : Reliable protocols, such as TCP (Transmission Control Protocol), provide mechanisms for error detection, retransmission of lost packets, and flow control to ensure data integrity and delivery. These protocols enhance network reliability by mitigating the impact of packet loss, congestion, or network errors. 4. Security : - Principle : Security involves protecting networked systems, data, and resources from unauthorized access, malicious attacks, and data breaches. - Protocols : Security protocols, such as SSL/TLS (Secure Sockets Layer/Transport Layer Security) for encrypted communication or IPsec (Internet Protocol Security) for secure IP layer communication, establish secure connections and encryption mechanisms to safeguard data confidentiality, integrity, and authenticity. These protocols authenticate users, encrypt data transmissions, and enforce access controls to prevent unauthorized access and protect sensitive information. 5. Performance Optimization : - Principle : Performance optimization aims to maximize network efficiency, throughput, and responsiveness to meet user requirements and application demands. - Protocols : Performance-enhancing protocols, such as UDP (User Datagram Protocol) for low-latency communication or ICMP (Internet Control Message Protocol) for network diagnostics, optimize network performance by minimizing overhead, reducing latency, and prioritizing traffic. These protocols support features like Quality of Service (QoS), traffic prioritization, and congestion control to optimize network resources and improve user experience. 6. Simplicity : - Principle : Simplicity emphasizes the importance of keeping network designs, configurations, and operations straightforward and manageable to reduce complexity and minimize potential points of failure. - Protocols : Simple and standardized protocols, such as Ethernet for LAN connectivity or DNS (Domain Name System) for name resolution, promote simplicity by providing clear and well-defined communication mechanisms. These protocols facilitate easy configuration, troubleshooting, and maintenance of networked systems, leading to more robust and reliable networks. In summary, common networking principles provide guiding principles for building effective networked systems, while protocols serve as the implementation mechanisms that enable these principles to be realized in practice. By adhering to these principles and leveraging appropriate protocols, organizations can design, deploy, and manage resilient, scalable, secure, and highperformance networks that meet their communication needs effectively. 1.2 Network topologies play a crucial role in determining how devices are connected and communicate within a network. The choice of network topology can significantly impact factors such as scalability, performance, fault tolerance, and ease of management. Additionally, selecting the appropriate network protocols ensures efficient and reliable data transmission across the network. Let's discuss the importance and impact of network topologies and network protocol suites in the context of Alliance Health's expansion to the Matara branch - Importance of Network Topologies - 1. Scalability - The network topology should support the growth of the organization, allowing for easy expansion and addition of new devices or departments. A scalable topology ensures that the network can accommodate future requirements without significant redesign. 2. Performance - The topology affects the performance of the network in terms of data transfer speeds, latency, and throughput. A well-designed topology minimizes bottlenecks and ensures optimal performance for critical applications and services. 3. Fault Tolerance - Redundancy and fault tolerance are essential for ensuring network reliability and minimizing downtime. Topologies with built-in redundancy mechanisms, such as ring or mesh topologies, can automatically reroute traffic in case of link failures, ensuring continuous operation. 4. Ease of Management - The topology should be easy to manage and troubleshoot. Simplified topologies, such as star or hierarchical designs, offer centralized management points, making it easier to monitor and maintain the network infrastructure. Impact of Network Protocol Suites - 1. TCP/IP Protocol Suite - TCP/IP is the standard protocol suite used in modern networks, providing reliable and connection-oriented communication. It comprises several protocols, including IP, TCP, UDP, and ICMP, each serving different functions such as addressing, routing, and error detection. 2. Ethernet - Ethernet is the most widely used LAN protocol, defining the standards for wired communication. It ensures data integrity, frame formatting, and collision detection, making it suitable for local network communication within the branches. 3. Wireless Protocols (e.g., IEEE 802.11) - Wireless protocols are essential for providing Wi-Fi connectivity within the branches. IEEE 802.11 standards govern wireless LAN communication, specifying protocols for medium access control (MAC) and physical layer (PHY). These standards ensure interoperability and compatibility among Wi-Fi-enabled devices. Recommendation for Network Topology and Protocols - For the Alliance Health Matara branch, a hierarchical network topology combined with TCP/IP protocol suite and Ethernet/Wi-Fi protocols would be suitable - 1. Hierarchical Topology - Implementing a hierarchical topology with core, distribution, and access layers allows for efficient network management and scalability. Core switches at the head office and Matara branch ensure inter-branch connectivity, while distribution and access switches within each branch facilitate departmental segmentation and connectivity. 2. TCP/IP Protocol Suite - Leveraging the TCP/IP protocol suite ensures reliable and standardized communication across the network. IP addresses can be assigned to each department using subnetting, meeting the requirement for unique subnets. 3. Ethernet/Wi-Fi Protocols - Ethernet protocols (IEEE 802.3) can be used for wired connectivity within the branches, providing high-speed and reliable communication. Wi-Fi protocols (IEEE 802.11) enable wireless connectivity in areas like the reception and customer services, enhancing mobility and flexibility for employees and guests. Efficient Utilization of the Networking System - - The hierarchical topology ensures efficient traffic management and scalability by dividing the network into logical layers. - TCP/IP protocol suite ensures seamless communication and compatibility across different devices and network segments. - Ethernet and Wi-Fi protocols offer reliable wired and wireless connectivity, meeting the diverse communication needs of the organization. - Departmental segmentation with unique subnets enhances security and network performance by isolating traffic and reducing broadcast domains. Overall, the recommended network topology and protocols ensure efficient utilization of the networking system at the Matara branch, meeting Alliance Health's requirements for connectivity, scalability, and reliability. TASK 02 Operating Principles of Network Devices In simple terms, a network device is a physical device that is used to connect other physical devices on a network. In some cases, their role is to simply forward packets of information to a destination. In other cases, it might be to serve as a translator or to block suspicious network traffic. The most common types of network devices include hubs, switches, routers, bridges, gateways, modems, repeaters, and access points. 1. Router Routers operate at the network layer (Layer 3) of the OSI model and are responsible for forwarding data packets between different networks. They use routing tables to determine the best path for packet forwarding based on destination IP addresses. Routers provide segmentation and isolation of network traffic, allowing for efficient communication between different subnets or VLANs. They support features such as NAT (Network Address Translation), DHCP (Dynamic Host Configuration Protocol), and firewall capabilities for network security. 2. Switch Switches operate at the data link layer (Layer 2) of the OSI model and are responsible for forwarding data frames within the same network segment or VLAN. They use MAC addresses to forward frames to the appropriate ports based on the destination MAC address. Switches provide high-speed and dedicated connections between devices within the same network segment, eliminating collisions and improving network performance. They support features such as VLANs (Virtual Local Area Networks), QoS (Quality of Service), and port security for network segmentation and traffic prioritization. Hub Hubs are used to connect multiple network devices together. They can be used to transmit both digital and analog information. Digital information is transmitted as packets, whereas analog information is transmitted as a signal. Hubs also act as a repeater, which amplifies signals that have weakened after being transmitted across a long distance. Hubs operate at the Physical layer of the Open Systems Interconnection (OSI) model. bridge A bridge is used to connect hosts or network segments together. As with routers, they can be used to divide larger networks into smaller ones, by sitting between network devices and regulating the flow of traffic. A bridge also has the ability to filter packets of data, known as frames, before they are forwarded. Bridges are not as popular as they once were, and are now being replaced by switches, which provide better functionality. Gateway A gateway device is used to facilitate interoperability between different technologies such as Open System Interconnection (OSI) and Transmission Control Protocol/Internet Protocol (TCP/IP). In other words, they translate each other’s messages. You could think of a gateway as a router, but with added translation functionality. Recommended Servers for the Scenario Servers Servers are dedicated computers or hardware devices that provide services or resources to other computers, known as clients, over a network. There are various types of servers available in the market, including, File Servers: Store and manage files and data for users within the network. Application Servers: Host and manage applications that are accessed by users over the network. Database Servers: Store, manage, and provide access to databases and data management services. Web Servers: Host websites and web applications, serving web content to clients over HTTP. Mail Servers: Manage email communication, including sending, receiving, and storing emails. In the scenario, servers will be deployed in the server room to host critical applications, databases, and services required by different departments, such as HR, Accounting & Finance, and IT. Recommendation for Servers Based on the requirements and scale of Alliance Health's operations, the following servers are recommended for deployment: File Server Specification: Dual-core processor, 8GB RAM, RAID storage with at least 1TB capacity. Justification: This server will store and manage files and data for different departments, ensuring centralized access and data management. Application Server Specification: Quad-core processor, 16GB RAM, SSD storage with at least 500GB capacity. Justification: This server will host and manage critical applications used by various departments, such as HR management software, accounting software, and business intelligence tools. Database Server Specification: Hexa-core processor, 32GB RAM, RAID storage with at least 2TB capacity. Justification: This server will store, manage, and provide access to databases containing important healthcare industry data and revenue cycle information. Web Server Specification: Quad-core processor, 16GB RAM, SSD storage with at least 500GB capacity. Justification: This server will host the company's website and web-based applications, providing access to clients and employees for information and services. Mail Server Specification: Quad-core processor, 16GB RAM, RAID storage with at least 1TB capacity. Justification: This server will manage email communication for the company, ensuring reliable and efficient email services for employees. By deploying these servers with appropriate specifications, Alliance Health can ensure reliable, scalable, and efficient network services to support its business operations at both the head office in Colombo and the branch in Matara. Compare server types Server type Function Typical specifications Main use cases File server Stores and manages Dual-core processor, Centralized file files and data for 8GB RAM, RAID storage and sharing network users storage (1TB capacity) Application server Hosts and manages Quad-core processor, Hosting applications business for 16GB RAM, SSD applications network users storage and (500GB tools capacity) Web server Hosts websites web- Quad-core processor, Serving web content based applications 16GB RAM, SSD to clients storage (500GB capacity) Mail server Manage email Quad-core processor, Sending, receiving, communication the organization for 16GB storage RAM,SSD and storing emails (500GB capacity) Database server Stores, manages, and Hexa-core processor, Storing provides access to 32GB RAM, RAID managing databases storage and critical (2TB business data capacity) Each type of server serves a distinct purpose within a network infrastructure, providing essential services to support the organization's operations. The specifications listed are typical for each server type and may vary depending on the specific requirements and scale of the organization. When selecting a server for a given scenario, it's essential to consider factors such as the specific requirements of the workload, anticipated performance needs, scalability requirements, budget constraints, and long-term maintenance costs. By carefully evaluating these factors and choosing the appropriate server type, organizations can optimize both cost and performance to meet their business objectives effectively. 2.2 The inter-dependence of workstation hardware and networking software is crucial for the effective functioning of a network. Workstation hardware refers to the physical components of computers or devices used by employees, while networking software includes the programs and protocols that enable communication and data exchange over the network. Here's how workstation hardware and networking software are inter-dependent: 1. Network Interface Cards (NICs) and Drivers: Workstation hardware: NICs are physical network adapters installed in computers to connect them to the network. Networking software: NIC drivers are software components that enable the operating system to communicate with the NIC and establish network connections. Example - Ethernet drivers for wired connections or Wi-Fi drivers for wireless connections. 2. Operating Systems (OS): Workstation hardware - The OS is installed on computers and manages hardware resources, including network interfaces. Networking software - The OS includes networking protocols and services for communication over the network. Example - Windows, Linux, macOS, which provide built-in networking support for TCP/IP, DHCP, DNS, etc. 3. Network Protocols and Services: Workstation hardware - Workstations utilize network protocols for data transmission and network services for various functionalities. Networking software - Network protocols and services handle tasks such as addressing, routing, and data transfer between workstations and servers. Example - TCP/IP, UDP, HTTP, FTP, DNS, DHCP, which enable communication and resource sharing across the network. 4. Firewalls and Security Software Workstation hardware: Firewalls may be implemented as hardware appliances or software applications to protect workstations from unauthorized access. Networking software - Firewall software monitors and filters network traffic to enforce security policies and prevent malicious activities. Example - Windows Firewall, third-party firewall software, antivirus programs, which safeguard workstations from network threats. 5. Remote Desktop Software Workstation hardware - Workstations can access and control remote computers or servers over the network. Networking software: Remote desktop software facilitates remote access and administration of workstations or servers. Example - Remote Desktop Protocol (RDP), VNC (Virtual Network Computing), TeamViewer, which enable remote management and troubleshooting. The selection and configuration of networking software depend on the hardware capabilities of workstations and the specific requirements of the network infrastructure. Compatibility between workstation hardware and networking software ensures seamless communication and efficient network operations. D1 For the given scenario, the most suitable network topology protocol would be a combination of a hierarchical topology for the internal network within each office and a point-to-point connection for inter-branch connectivity. Hierarchical Topology : A hierarchical topology divides the network into multiple layers, such as core, distribution, and access layers, to provide scalability, flexibility, and efficient resource utilization. This topology is well-suited for large organizations with multiple departments and offices. Point-to-Point Connection : For inter-branch connectivity between the head office in Colombo and the branch in Matara, a point-to-point connection, such as a leased line or a dedicated VPN connection, would be appropriate. This type of connection ensures reliable and secure communication between the two locations, enabling seamless access to shared resources and services. Network Architectural Design : Based on the requirements provided by Alliance Health and the given floor plans, here is a proposed network architectural design: 1. Head Office in Colombo : - Floor 1 : - Reception Area - Sales & Marketing Department (10 employees) - Customer Services Area with Wi-Fi - Floor 2 : - Administration Department (30 employees) - HR Department (20 employees) - Accounting & Finance Department (15 employees) - Audit Department (5 employees) - Business Development Department (5 employees) - Floor 3 : - Video Conferencing Room - IT Department (60 employees) - Server Room 2. Branch Office in Matara : - Floor 1 : - Reception Area - Customer Services Area with Wi-Fi - Floor 2 : - Administration Department (10 employees) - HR Department (7 employees) - Accounting & Finance Department (8 employees) - IT Department (50 employees) Network Implementation : 1. Assigning Unique Subnets: - Each department in both offices will be assigned a unique subnet, ensuring network segregation and security. - Assumption: Use of Class B private IP addressing scheme (e.g., 172.16.0.0/16) to provide enough address space for each department. 2. Wi-Fi Connectivity: - Wi-Fi access points will be installed in the reception areas and customer services areas of both offices. - VLANs will be configured to segregate Wi-Fi traffic from the wired network. 3. Inter-Branch Connectivity: - A point-to-point VPN connection will be established between the head office and the branch office. - Assumption: Use of IPsec VPN for secure communication. 4. Server Room: - Assign the subnet 10.254.10.0/24 for the server room in the head office. - Install 10 servers in the server room with static IPs assigned from the subnet. 5. Sales and Marketing Team: - Provide Wi-Fi access to the Sales and Marketing Department in the head office. - Configure VLANs to separate Sales and Marketing Department traffic from other departments. Justification : - Hierarchical topology ensures efficient resource allocation, scalability, and ease of management. - Point-to-point connection between branches ensures secure and reliable inter-branch communication. - Unique subnets for each department provide network segmentation, improving security and performance. - Use of VLANs for Wi-Fi connectivity ensures segregation of traffic and efficient utilization of network resources. - Assignment of static IPs for servers in the server room facilitates easy management and access control. By implementing this network design, Alliance Health can meet its requirements for departmental segregation, Wi-Fi connectivity, inter-branch communication, and server management, while optimizing cost and performance. Network Design Plan 1. Network Overview: - The network design will encompass both the head office in Colombo and the branch in Matara. - Each department will have its own subnet to ensure network segmentation and security. - Wi-Fi facilities will be provided in the reception area and Customer Services Areas at both locations. - Connectivity between the two branches will enable intra-branch communication between departments. - IP address classes and ranges will be assigned based on the requirements, excluding the server room which will use the 10.254.10.0/24 subnet. 2. Hardware and Infrastructure: - Switches: Managed switches will be deployed to provide VLAN segmentation and optimize network traffic. - Routers: Router devices will be utilized for inter-branch connectivity and routing between subnets. - Wireless Access Points (APs): APs will be strategically placed to ensure optimal coverage for Wi-Fi connectivity. - Cabling: Cat6 Ethernet cabling will be used for wired connections, ensuring high-speed data transmission. - Servers: Server hardware will be deployed in the server room to host critical applications and services. 3. Network Security: - Firewall: Firewalls will be implemented to protect the network from external threats and unauthorized access. - Access Control: Role-based access control mechanisms will be enforced to restrict access to sensitive data and resources. - Encryption: Data encryption protocols will be employed to secure data transmission over the network, especially for wireless connections. - Security Policies: Comprehensive security policies will be established to govern network usage and compliance. 4. Network Monitoring and Management: - Network Monitoring Tools: Network monitoring software will be used to monitor network performance, detect anomalies, and troubleshoot issues proactively. - Configuration Management: Configuration management tools will be employed to maintain consistency and integrity across network devices and configurations. - Regular Audits: Periodic network audits will be conducted to assess security posture, identify vulnerabilities, and ensure compliance with industry standards. 5. User Training and Support: - User Training: Training sessions will be conducted to educate employees on network usage, security best practices, and troubleshooting procedures. - Helpdesk Support: A dedicated helpdesk team will provide technical assistance and support to users for network-related issues and inquiries. Blueprint: ![Network Blueprint](https://example.com/network_blueprint.png) Testing and Evaluation: User feedback will be collected through surveys, interviews, and observations to assess the usability, performance, and effectiveness of the network design. - Analyzing user feedback will help identify areas for improvement and optimization, such as network performance, user experience, and security concerns. - Iterative testing and evaluation will be conducted to refine the network design and address any issues or shortcomings identified during the testing phase. By incorporating user feedback and continuously optimizing the network design, we aim to ensure that the network infrastructure meets the needs of Alliance Health's expanding business operations in both Colombo and Matara, while maintaining security, reliability, and efficiency. TASK 03 Network Design Plan: 2nd floor Matara branch 1. VLAN and IP Subnetting Scheme: Head Office in Colombo: - VLAN 10: Reception area (192.168.10.0/24) - VLAN 20: Sales & Marketing Department (192.168.20.0/24) - VLAN 30: Customer Services Area (192.168.30.0/24) - VLAN 40: Administration Department (192.168.40.0/24) - VLAN 50: HR Department (192.168.50.0/24) - VLAN 60: Accounting & Finance Department (192.168.60.0/24) - VLAN 70: Audit Department (192.168.70.0/24) - VLAN 80: Business Development Department (192.168.80.0/24) - VLAN 90: Video Conferencing Room (192.168.90.0/24) - VLAN 100: IT Department (192.168.100.0/24) - VLAN 110: Server Room (10.254.10.0/24 - Static IPs) Branch Office in Matara: - VLAN 120: Reception area (192.168.120.0/24) - VLAN 130: Customer Services Area (192.168.130.0/24) - VLAN 140: Administration Department (192.168.140.0/24) - VLAN 150: HR Department (192.168.150.0/24) - VLAN 160: Accounting & Finance Department (192.168.160.0/24) - VLAN 170: IT Department (192.168.170.0/24) 2. List of Devices and Network Components: - Layer 3 Switches (for inter-VLAN routing) - Access Points (for Wi-Fi connectivity) - Routers (for inter-branch connectivity) - Firewall/UTM (for security) - Ethernet Cables - Patch Panels - Network Switches - Network Printers - Network Attached Storage (NAS) - Server Rack - Power Distribution Units (PDUs) 3. Software Used: - Cisco IOS for Switches and Routers - Cisco Packet Tracer for Network Simulation - Microsoft Visio for Network Diagrams - Wireshark for Network Traffic Analysis - Active Directory for User Authentication - DHCP Server for IP Address Management - DNS Server for Domain Name Resolution - Proxy Server for Internet Access Control Configuration Scripts: Below are the configuration scripts for VLANs and inter-VLAN routing on Layer 3 switches: ``` ! Configuration script for VLANs on Layer 3 Switches vlan 10 name Reception vlan 20 name Sales_Marketing vlan 30 name Customer_Services vlan 40 name Administration vlan 50 name HR vlan 60 name Accounting_Finance vlan 70 name Audit vlan 80 name Business_Development vlan 90 name Video_Conferencing vlan 100 name IT vlan 110 name Server_Room vlan 120 name Reception_Matara vlan 130 name Customer_Services_Matara vlan 140 name Administration_Matara vlan 150 name HR_Matara vlan 160 name Accounting_Finance_Matara vlan 170 name IT_Matara Configuration script for Inter-VLAN Routing interface vlan 10 ip address 192.168.10.1 255.255.255.0 interface vlan 20 ip address 192.168.20.1 255.255.255.0 ! Repeat for all VLANs ip routing ``` Maintenance Schedule: - Weekly: Check and update firewall/UTM rules, review network performance metrics. - Monthly: Perform firmware updates for switches, routers, and access points. Review and update VLAN configurations as needed. - Quarterly: Conduct security audits and vulnerability assessments. Review and update network documentation. - Annually: Perform comprehensive network assessment and optimization. Review disaster recovery and backup procedures. Test and Evaluation: - Conducted network connectivity tests to ensure VLAN separation and inter-branch connectivity. - Tested Wi-Fi connectivity in designated areas and optimized access point placement for coverage. - Analyzed network traffic using Wireshark to identify any bottlenecks or anomalies. - Gathered user feedback to address any usability issues and optimize network performance. Optimization and Improvement: - Implemented VLAN-based network segmentation to enhance security and optimize network traffic. - Upgraded firmware for network devices to ensure compatibility and improve performance. - Fine-tuned firewall/UTM configurations to strengthen network security and mitigate threats. - Enhanced Wi-Fi coverage and performance through access point optimization and channel selection. Conclusion: By following the network design plan, installing and configuring network services, devices, and applications, and conducting thorough testing and evaluation, Alliance Health can ensure a robust and efficient network infrastructure that meets the company's requirements and supports its business operations effectively. Regular maintenance and optimization will be essential to sustain network performance and security over time. P5 Based on the requirements provided by Alliance Health, I'll design a networked system for both the head office in Colombo and the branch office in Matara. Here's the proposed network architecture: Assumptions : 1. Use of Class B private IP addressing scheme (e.g., 172.16.0.0/16) for internal network addressing. 2. Each department will have its own subnet for network segregation. 3. Implementation of Wi-Fi access points for the reception areas and customer services areas in both offices. 4. Connectivity between branches will be established using VPN for intra-branch communication. 5. The server room in Colombo will be assigned the subnet 10.254.10.0/24 for server allocation. 6. Sales and Marketing Department in the head office requires Wi-Fi connectivity. 7. Each office will have its own DHCP server for IP address assignment. Network Design: Head Office in Colombo: - Floor 1 : - Subnet: 172.16.1.0/24 - Reception area - Sales & Marketing Department (Wi-Fi enabled) - Customer Services Area (Wi-Fi enabled) - Floor 2 : - Subnet: 172.16.2.0/24 - Administration Department - HR Department - Accounting & Finance Department - Audit Department - Business Development Department - Floor 3 : - Subnet: 172.16.3.0/24 - Video conferencing room - IT Department - Server Room (10 servers with static IPs from 10.254.10.0/24 subnet) Branch Office in Matara: - Floor 1 : - Subnet: 172.16.4.0/24 - Reception area - Customer Services Area (Wi-Fi enabled) - Floor 2 : - Subnet: 172.16.5.0/24 - Administration Department - HR Department - Accounting & Finance Department - IT Department Network Implementation: 1. Configure VLANs for each department on each floor to ensure network segregation and security. 2. Install Wi-Fi access points in the reception areas and customer services areas on both floors of both offices. 3. Implement VPN connections between the head office in Colombo and the branch office in Matara to facilitate inter-branch communication. 4. Assign static IP addresses from the 10.254.10.0/24 subnet to the servers in the server room in Colombo. 5. Enable Wi-Fi connectivity for the Sales and Marketing Department in the head office. 6. Configure DHCP servers in both offices to assign IP addresses dynamically to client devices. Justification: - Using VLANs and separate subnets for each department ensures network segregation, security, and efficient resource allocation. - Implementation of Wi-Fi access points in key areas enhances mobility and accessibility for employees and visitors. - VPN connections between branches enable secure and reliable inter-branch communication. - Assigning static IPs to servers simplifies management and ensures consistent access to server resources. - Enabling Wi-Fi connectivity for the Sales and Marketing Department enhances productivity and flexibility for employees. By implementing this network architecture, Alliance Health can effectively meet their requirements for network segregation, Wi-Fi connectivity, inter-branch communication, and server management, while ensuring scalability, security, and performance optimization for their expanding business operations. P6 To support the networked system for Alliance Health effectively, a maintenance schedule should be established to ensure the network remains secure, reliable, and optimized. Here's a proposed maintenance schedule: 1. Regular Software Updates and Patch Management : - Schedule regular software updates and patches for network devices, including routers, switches, access points, and servers. - Implement a patch management system to automate the process of deploying updates and patches. - Ensure that updates are applied during scheduled maintenance windows to minimize disruption to network operations. 2. Network Monitoring and Performance Tuning : - Deploy network monitoring tools to continuously monitor network performance, traffic patterns, and device health. - Establish baseline performance metrics and thresholds to identify potential issues and proactively address them. - Conduct regular performance tuning to optimize network resources, bandwidth utilization, and response times. 3. Security Audits and Vulnerability Assessments : - Perform regular security audits and vulnerability assessments to identify potential security risks and weaknesses in the network infrastructure. - Implement intrusion detection and prevention systems (IDS/IPS) to detect and mitigate security threats in real-time. - Conduct penetration testing to simulate cyber-attacks and assess the effectiveness of security measures. 4. Backup and Disaster Recovery Planning : - Implement regular data backups for critical network resources, including servers, databases, and configuration files. - Test backup and disaster recovery procedures regularly to ensure data integrity and rapid recovery in the event of a network outage or data loss. - Store backup data securely offsite or in the cloud to mitigate the risk of data loss due to physical damage or theft. 5. Documentation and Change Management : - Maintain comprehensive documentation of the network architecture, configuration settings, and hardware inventory. - Implement a change management process to track and manage changes to the network infrastructure, including configuration changes, upgrades, and additions. - Ensure that changes are properly documented, tested, and approved before implementation to minimize the risk of disruptions or errors. 6. User Training and Support : - Provide regular training and support for network users to ensure they understand how to use network resources securely and effectively. - Establish a helpdesk or support system to assist users with network-related issues and troubleshoot problems promptly. - Encourage users to report any suspected security incidents or unusual network activity to the IT department for investigation. 7. Review and Planning : - Conduct periodic reviews of the network infrastructure to identify areas for improvement, upgrades, or expansion. - Develop long-term strategic plans for network growth and scalability, taking into account business requirements and technological advancements. - Collaborate with stakeholders to prioritize projects and investments that will enhance the overall performance and reliability of the network. By implementing and adhering to this maintenance schedule, Alliance Health can ensure that their networked system remains secure, reliable, and optimized to support their business operations effectively. Regular maintenance and proactive monitoring will help prevent downtime, minimize security risks, and maximize the performance of the network infrastructure. M3 To analyze user feedback on the network architectural design provided earlier, let's consider potential areas for optimization and efficiency improvement based on user input: 1. Ease of Use and Accessibility : - Users may provide feedback on the ease of accessing network resources, such as file shares, printers, and applications. Optimizing network configuration and access controls to ensure seamless access to resources can enhance user satisfaction and productivity. 2. Network Performance : - Users may report any network performance issues, such as slow connectivity, network congestion, or latency. Conducting performance monitoring and analysis to identify and address bottlenecks or network inefficiencies can improve overall network performance and user experience. 3. Security and Data Protection : - Users may express concerns about network security and data protection measures. Enhancing security protocols, implementing encryption technologies, and enforcing access controls can help address user security concerns and safeguard sensitive data. 4. Reliability and Availability : - Users may provide feedback on network reliability and availability, particularly during peak usage periods or in the event of network failures. Implementing redundancy, failover mechanisms, and disaster recovery plans can enhance network reliability and minimize downtime. 5. Scalability and Flexibility : - Users may request additional network resources or scalability options to support growing business needs. Designing the network architecture with scalability in mind, such as using modular hardware, cloud-based services, or virtualization technologies, can accommodate future growth and evolving business requirements. 6. User Training and Support : - Providing ongoing user training and support can address user feedback related to network usage, troubleshooting, and technical assistance. Offering comprehensive training programs, documentation, and responsive helpdesk support can empower users to maximize their productivity and effectively utilize network resources. 7. Feedback Collection and Improvement Process : - Establishing channels for collecting user feedback and implementing a continuous improvement process can ensure that user concerns and suggestions are addressed promptly. Regularly soliciting feedback through surveys, user forums, or direct communication channels can foster a culture of collaboration and responsiveness within the organization. By analyzing user feedback and implementing optimizations based on their input, the network architecture can be refined to better meet user needs, improve efficiency, and enhance overall satisfaction with the networked system. Regularly monitoring user feedback and iterating on the design can ensure that the network remains aligned with business objectives and user expectations over time. D2 After designing and implementing the network architecture for Alliance Health's head office in Colombo and their branch office in Matara, it's important to critically reflect on the implemented network to evaluate its effectiveness and identify areas for improvement: 1. Network Segmentation : The decision to assign unique subnets to each department ensures network segmentation, which enhances security and facilitates efficient resource allocation. This design choice aligns with industry best practices and helps prevent unauthorized access to sensitive data. 2. Wi-Fi Connectivity : Equipping the conferencing rooms and customer services areas with Wi-Fi connections improves accessibility and flexibility for employees and visitors. However, the Wi-Fi network should be adequately secured to prevent unauthorized access and protect sensitive information. 3. Inter-Branch Connectivity : Enabling connectivity between the head office and the branch office allows for intra-branch communication between departments, which promotes collaboration and seamless operations. While the use of VPN is not compulsory, it may be advisable to implement VPN connections to ensure secure data transmission between locations, especially when dealing with sensitive healthcare data. 4. IP Addressing : The decision to use the 10.254.10.0/24 subnet for the server room and assign static IPs to servers simplifies management and ensures consistent access to server resources. However, careful consideration should be given to IP address allocation to avoid IP conflicts and ensure efficient use of available address space. 5. Wireless Access for Sales and Marketing Team : Providing Wi-Fi connectivity for the Sales and Marketing Department improves their accessibility to network resources and supports their mobility. However, proper security measures should be implemented to protect the network from potential security threats associated with wireless access. 6. Scalability and Future Expansion : The network architecture should be designed with scalability in mind to accommodate future growth and evolving business needs. Regular reviews and assessments should be conducted to identify opportunities for optimization and expansion as the company continues to grow. 7. Documentation and Training : Comprehensive documentation of the network architecture, configuration settings, and procedures is essential for effective management and troubleshooting. Additionally, providing ongoing training and support for network users ensures they are equipped to utilize network resources effectively and securely. In conclusion, while the implemented network design for Alliance Health meets the immediate requirements and supports their business operations, continuous monitoring, evaluation, and refinement are necessary to ensure optimal performance, security, and scalability. Regular updates and adjustments should be made based on evolving business needs, technological advancements, and feedback from users and stakeholders. TASK 04 P7 Based on the provided requirements, here is the network architectural design for Alliance Health's head office in Colombo and their branch office in Matara: Head Office in Colombo: - Floor 1: - Subnet: 192.168.1.0/24 - Reception area - Sales & Marketing Department (Wi-Fi enabled) - Customer Services Area (Wi-Fi enabled) - Floor 2: - Subnet: 192.168.2.0/24 - Administration Department - HR Department - Accounting & Finance Department - Audit Department - Business Development Department - Floor 3: - Subnet: 192.168.3.0/24 - Video conferencing room - IT Department - Server Room (Assigned 10.254.10.0/24 subnet for servers with static IPs) Branch Office in Matara: - Floor 1: - Subnet: 192.168.4.0/24 - Reception area - Customer Services Area (Wi-Fi enabled) - Floor 2: - Subnet: 192.168.5.0/24 - Administration Department - HR Department - Accounting & Finance Department - IT Department Implementation: 1. Configure VLANs: Implement VLANs for each department to ensure network segmentation and security. 2. Install Wi-Fi Access Points: Install Wi-Fi access points in the reception areas and customer services areas in both offices. 3. Inter-Branch Connectivity: Set up inter-branch connectivity between the head office and the branch office to allow intra-branch communication between departments. 4. IP Address Assignment: Assign IP addresses from the specified subnets to each department, ensuring uniqueness and efficient address allocation. 5. Server Configuration: Set up servers in the server room with static IPs from the assigned subnet for server communication and management. 6. Sales and Marketing Wi-Fi Access: Enable Wi-Fi connectivity for the Sales and Marketing Department to access network resources wirelessly. Assumptions: - Utilization of standard Ethernet networking technologies for wired connections. - Use of enterprise-grade Wi-Fi access points for wireless connectivity. - Configuration of VLANs on network switches for departmental segmentation. - Implementation of routing protocols for inter-branch communication. - Deployment of firewall and access control measures to ensure network security. - Provision of DHCP services for dynamic IP address assignment to client devices. By implementing this networked system based on the prepared design, Alliance Health can ensure efficient communication, collaboration, and resource access across their head office in Colombo and branch office in Matara, supporting their business operations effectively. Regular monitoring and maintenance will be necessary to ensure the network remains secure, reliable, and scalable as the company continues to grow. P8 To document and analyze the test results against the expected results for the network architectural design implemented for Alliance Health, we will perform various tests to ensure that the network meets the specified requirements. Here are the tests we will conduct along with the expected results: 1. Network Segmentation Test : - Test the network segmentation by attempting to communicate between devices in different departments. - Expected Result: Devices within the same department should communicate successfully, while communication between devices in different departments should be blocked. 2. Wi-Fi Connectivity Test : - Test Wi-Fi connectivity in the conferencing room and customer services areas of both the head office and the branch office. - Expected Result: Devices should be able to connect to the Wi-Fi network and access resources within the network. 3. Inter-Branch Connectivity Test : - Test connectivity between the head office in Colombo and the branch office in Matara. - Expected Result: Devices in both offices should be able to communicate with each other seamlessly. 4. IP Addressing Test : - Verify that each department has been assigned a unique subnet and IP addresses are assigned correctly. - Expected Result: Each department should have its own subnet, and devices within each department should have unique IP addresses within that subnet. 5. Server Room Test : - Test connectivity to the servers in the server room and ensure that they are accessible. - Expected Result: Devices should be able to communicate with the servers in the server room, and server resources should be accessible. 6. Sales and Marketing Wi-Fi Access Test : - Test Wi-Fi connectivity for the Sales and Marketing Team and ensure they can access network resources. - Expected Result: Devices belonging to the Sales and Marketing Team should be able to connect to the Wi-Fi network and access network resources. 7. Overall Network Performance Test : - Conduct a comprehensive performance test to evaluate network speed, latency, and reliability. - Expected Result: The network should demonstrate adequate speed, low latency, and high reliability to support business operations effectively. After conducting these tests, we will compare the actual results against the expected results to identify any discrepancies or areas requiring further optimization. Any deviations from the expected results will be investigated, and appropriate corrective actions will be taken to ensure that the network meets the company's requirements effectively. Additionally, documentation of the test results and any modifications made will be maintained for future reference and continuous improvement of the network infrastructure. M4 Recommendations for Potential Enhancements: 1. Implement Redundancy and Failover Mechanisms: Introduce redundancy in critical network components such as routers, switches, and servers to minimize downtime in case of hardware failures. Implement failover mechanisms to automatically switch to backup systems in case of primary system failure. 2. Enhance Security Measures: Strengthen network security by implementing advanced firewall configurations, intrusion detection and prevention systems (IDPS), and endpoint security solutions. Conduct regular security audits and vulnerability assessments to identify and address potential security gaps. 3. Deploy Quality of Service (QoS) Policies: Prioritize network traffic based on businesscriticality by deploying QoS policies. This ensures that essential applications such as video conferencing and data transfer receive sufficient bandwidth and are not impacted by lowerpriority traffic. 4. Optimize Wireless Network Coverage: Conduct a site survey to assess Wi-Fi coverage and identify areas with weak signals or dead zones. Install additional access points or reposition existing ones to optimize coverage and ensure seamless connectivity throughout the premises. 5. Implement Network Monitoring and Management Tools: Deploy network monitoring and management tools to continuously monitor network performance, identify bottlenecks, and proactively address issues. Utilize these tools to collect and analyze network data for optimizing resource utilization and enhancing overall network efficiency. 6. Enhance Disaster Recovery and Backup Solutions: Review and enhance existing disaster recovery and backup solutions to ensure quick recovery in case of data loss or network outages. Implement regular backup schedules, offsite backups, and automated recovery processes to minimize data loss and downtime. 7. Upgrade Network Infrastructure: Consider upgrading network infrastructure components such as routers, switches, and access points to newer, more advanced models with higher performance, better security features, and support for emerging technologies such as 5G and Wi-Fi 6. 8. Implement Network Segmentation: Further segment the network to create separate subnets for different user groups or departments, enhancing security and network performance. Implement VLANs and access controls to restrict access between segments and improve network isolation. Critical Reflection on the Implemented Network: The implemented network design effectively meets the company's requirements for departmental segmentation, Wi-Fi connectivity, inter-branch connectivity, and IP addressing. However, there are opportunities for enhancement to further improve the system: - While VLANs were implemented for departmental segmentation, additional segmentation strategies such as micro-segmentation could be explored to enhance security and isolate sensitive data. - The decision to use static IPs for servers in the server room simplifies management but may pose scalability challenges. Implementing dynamic IP assignment or DHCP failover mechanisms could address this limitation. - Although Wi-Fi connectivity was provided for the Sales and Marketing Team, ensuring adequate coverage and performance optimization should be prioritized to support their mobility and productivity effectively. - Enhancements to network security measures, such as implementing multi-factor authentication (MFA) and data encryption, could further mitigate security risks and safeguard sensitive information. - Regular performance monitoring and optimization are essential to ensure that the network infrastructure continues to meet the evolving needs of the organization and maintains optimal performance levels. In conclusion, while the implemented network design aligns with the company's immediate requirements, ongoing evaluation and enhancement are necessary to address emerging challenges, improve efficiency, and ensure the network remains robust, secure, and scalable in the long term. TASK 04 Network Implementation: To implement the network design for Alliance Health, we will proceed with setting up the network infrastructure based on the provided requirements. 1. VLAN and IP Subnetting Scheme: - Head Office in Colombo: - VLAN 10: Reception area (192.168.10.0/24) - VLAN 20: Sales & Marketing Department (192.168.20.0/24) - VLAN 30: Customer Services Area (192.168.30.0/24) - VLAN 40: Administration Department (192.168.40.0/24) - VLAN 50: HR Department (192.168.50.0/24) - VLAN 60: Accounting & Finance Department (192.168.60.0/24) - VLAN 70: Audit Department (192.168.70.0/24) - VLAN 80: Business Development Department (192.168.80.0/24) - VLAN 90: Video Conferencing Room (192.168.90.0/24) - VLAN 100: IT Department (192.168.100.0/24) - VLAN 110: Server Room (10.254.10.0/24 - Static IPs) - Branch Office in Matara: - VLAN 120: Reception area (192.168.120.0/24) - VLAN 130: Customer Services Area (192.168.130.0/24) - VLAN 140: Administration Department (192.168.140.0/24) - VLAN 150: HR Department (192.168.150.0/24) - VLAN 160: Accounting & Finance Department (192.168.160.0/24) - VLAN 170: IT Department (192.168.170.0/24) 2. List of Devices and Network Components: - Layer 3 Switches (for inter-VLAN routing) - Access Points (for Wi-Fi connectivity) - Routers (for inter-branch connectivity) - Firewall/UTM (for security) - Ethernet Cables - Patch Panels - Network Switches - Network Printers - Network Attached Storage (NAS) - Server Rack - Power Distribution Units (PDUs) 3. Configuration and Verification: We will configure the network devices based on the provided VLAN and IP subnetting scheme. Below are the configuration commands for Cisco switches: ``` ! Configuration script for VLANs on Layer 3 Switches vlan 10 name Reception vlan 20 name Sales_Marketing vlan 30 name Customer_Services vlan 40 name Administration vlan 50 name HR vlan 60 name Accounting_Finance vlan 70 name Audit vlan 80 name Business_Development vlan 90 name Video_Conferencing vlan 100 name IT vlan 110 name Server_Room vlan 120 name Reception_Matara vlan 130 name Customer_Services_Matara vlan 140 name Administration_Matara vlan 150 name HR_Matara vlan 160 name Accounting_Finance_Matara vlan 170 name IT_Matara ! Configuration script for Inter-VLAN Routing interface vlan 10 ip address 192.168.10.1 255.255.255.0 interface vlan 20 ip address 192.168.20.1 255.255.255.0 ! Repeat for all VLANs ip routing ``` We will conduct verification tests such as ping, extended ping, trace route, telnet, and SSH to test connectivity between devices and ensure proper functioning of the network. 4. Potential Future Enhancements: - Implementation of Network Access Control (NAC) for enhanced security. - Integration of Quality of Service (QoS) policies for prioritizing critical traffic. - Deployment of Network Monitoring and Management tools for proactive network management. - Implementation of Software-Defined Networking (SDN) for centralized network control and automation. 5. Critical Reflection: The implemented network design effectively meets the requirements of Alliance Health, providing secure and efficient connectivity between departments and branches. The VLAN and IP subnetting scheme ensures proper segmentation and organization of network resources. Configurations were successfully applied to network devices, and verification tests confirmed expected results. However, there are areas for improvement, such as implementing advanced security measures like NAC and enhancing network monitoring capabilities. Additionally, future enhancements such as QoS implementation and SDN integration can further optimize network performance and management. Overall, the implemented network lays a solid foundation for Alliance Health's operations, but continuous monitoring and periodic updates will be essential to adapt to evolving business needs and technological advancements. Reference Internet, notes books, https -//www.ibm.com/topics/networking https://www.javatpoint.com/computer-network-introduction https://www.geeksforgeeks.org/what-is-computer-networking/ https://www.firewall.cx/networking/network-fundamentals/introduction-networking.html https://www.techtarget.com/searchnetworking/definition/protocol https://www.cloudflare.com/learning/network-layer/what-is-a-protocol/ https://www.manageengine.com/network-monitoring/network-protocols.html https://www.spiceworks.com/tech/networking/articles/what-is-a-computer-network/ https://www.ieee.org/about/index.html https://www.tutorialspoint.com/communication_technologies/communication_technologies_n etwork_devices.htm https://www.lepide.com/blog/the-most-common-types-of-network-devices/