This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
"The World" is a newspaper publishing company with 2000 employees over three sites. The first site (A) is responsible for the writing of the text and the formatting of the paper before it is sent to the printing press. The second site (B) is separated to the site A by a road. It saves the archives and develops photos. The last site (C) is at 35 kilometers outside of the city. It is in charge of the printing presses and the distribution of the newspaper.
The sites A and B communicate via an Internet connection and a FTP site. To communicate with the site C, The site A sends a courier to deliver the electronic version of the newspaper, which was transferred onto a CD. We estimate that the time of the delivery is 2 hours, so the paper must be finalized 2 hours before to be printed.
Furthermore, the majority of the employees are nomadic. They send by email their work into the company via their home desktop computer. Often, they miss the time of the finalization; all journalists have not a laptop or a smart phone to send their work from anywhere.
The sites are based on a cat3 UTP hub based LAN environment. The Internet connection is currently only 512 kbps.
Estimation of needs
"The World" needs a network to interconnect its sites. The first priority is to improve the Internet connection. Then, we put in place a bridge of communication between the site A and the site C to reduce the delay between the finalization dead line of the newspaper and its printing. And finally, we must find a solution for the nomadic staff.
The first failing is the Internet network. The reason is the hubs. First, with a hub, the broadband is shared between all computers. Then, it just allows connection of a number of devices together, a hub doesn't make decisions; it sends all information to all computers which are connected. So, the traffic on the bandwidth is high: there are a lot of collisions of information and the connection is very slow. The solution is the installation of switches on each floor. Switches route information only for the beneficiary, so the traffic is more intelligent and moving freely. Furthermore, these devices switch the bandwidth: each computer which is connected can make the most of the bandwidth. With these components, the Internet and data transfers will be faster.
Now, with a good Internet connection, we can foresee an internal network. The priority will be the security. So, I propose a big network with the site A and B: the LAN1 and another for the site C: the LAN2. A LAN is a local area network. It is a number of data sharing nodes, in a small geographical area. For its composition, each site needs a router between switches and the Internet access. A router is a device which connects a LAN to another LAN or a WAN (wide area network). A WAN is a computer network that covers a broad area. The better example of WAN is Internet. Routers are most commonly based on IP addresses: a number to identify a computer or the computer network. For the security, I choose a router VPN: it allows to send and to receive encrypted data via Internet between the LAN1 and the LAN2. It is a safe way to transmit for example the finalized paper.
LAN1Our nomadic colleagues need Wi-Fi accesses points when they come with their laptops or to connect their smart phones. So Wireless Internet hotspots are necessary in each floor of the three sites. Furthermore, the site A and the site B will use wireless technology to communicate.
The incorporation of hardware is by a star topology. Every PC is connected to the switch of its floor. It is the same for peripherals like the copier of the 2nd floor of the site A. We foresee a Wi-Fi hotspot in each site for the nomadic or for the employees who come with their laptop. Currently, the network is based on cat3 UTP, so the connection can reach 10 Mbps, whereas it is only 512 kbps. So the wires can stay for the moment. But today, cat5 UTP are became a minimum installation for a network. The change of wires would permit connections of 100 Mbps and the installation of new locations of connection to receive new PC's.
To optimize the access of the archives, I suggest adding a switch in the 2nd floor of the site B to connect all the servers. A server is both a set of software and the computer which hosts, whose role is to respond to requests sent by client. We choose a star topology. So, data can be backup one central location. It provides a better security and it is easy to administrate even if the network is large. Another solution might be the Peer-to-Peer. But, in this architecture, all of the nodes are connected directly to each other. It should not really exceed ten computers. Furthermore, all machine sharing the resource. It is not a good configuration for our company. However, the server can become overloaded, if the number of simultaneous client requests to a given server is important. So, this switch can avoid such situations.
Using VOIP is possible with the new network. Wires, which are in buildings, can easily be adapted to runÂ VoIP. While Cat 5 or higher is strongly recommended for VoIP. This technology uses both voice and data communications in a single network. It significantly reduces the costs of phone calls. The prices of extensions on VoIP are substantial. But, the profitability is more important. Furthermore, instead of buy VOIP phones, we can buy a soft phone. So, with headphones, we can phone colleagues who are in any sites of the company or at their home if they install the software. I think that the investment of the change of the wires will useful when the company will upgrade.
The Internet access
The Internet access will be regulated by the router of each building. It is an interface between networks. It selectively interchanges packets of data between them. Data packets contain IP address information which are used by the router to determine if the source and destination are on the same network, or if the data packet must be transferred from one network to another. Where multiple routers are used, the routers exchange information about receive system addresses, so each router build up a table its preferred paths between any two systems on the interconnected networks. With these devices, the Internet connection will faster and the downloading of heavy multimedia supports will possible.
Communication between the different sites
I suggest using the VPN. It is a virtual private network which encrypts data transfers between users who are not on the same private network. So, the transferred data private go through local or wide area networks, like the Internet. A good compromise is to use the Internet as a transmitting support with a tunnelling protocol. A tunnelling protocol encapsulates data and encodes them. The VPN is a way to have a secure line more cheaply, except the purchase of devices. The VPN is designed to provide essential elements in the transmission: authentication (and identification) of the interlocutors and the integrity of data.
The most vulnerable point of a network is its Internet access. The best protection is a good firewall and an absolute control on the connection rights. Its role is to allow working on the Internet safely. It can prevent potential attacks from the Internet. It has some options like to forbid users of the network to download programs which may by dangerous programs. Firewalls can be implemented in either software or hardware. The first solution, the hardware solution can sometimes add functions as a firewall and can have functions of routing and network hub. The advantage of this product is the filtering of incoming packets: it is done outside the computer to be protected it.Â Moreover, the network computer is faster: it has not to filter data. This solution represents a cost which cannot be neglected. The second solution is to install software on each computer in the network to protect.Â However, this service is long to implement, because the administrator must go install the software on each computer. Furthermore, own PCs or mobile phone of employees which use the Wi-Fi access open a fail in the network. So, I choose the first option: the hardware solution. It is normally placed between an unprotected network like Internet and a protected network.
Malware isÂ softwareÂ which infiltrates a computer without the user's consent. Malware can be computer viruses,Â Trojan horses, worms,Â spy ware, etc. There are two types of solutions. The first can provide real time protection against the malware attack on a computer. It scans all incoming network data and blocks any threats. Anti-malware software programs can be used for detection and removal of malware software that has already been installed onto a computer. This type of anti-malware software scans the contents of a computer and will provide a list of any threats found, allowing the user to choose which files to delete or keep.
Furthermore, we must give a particular attention to the wireless network. Â I suggest using a hidden network that would be isolated (without Internet access) for transmitting data to the servers, in the LAN1. The LAN2 will already communicate with the LAN1 with a secure process. We will also use a network to the offers Internet. This last network will be protected by a password: an encrypted key (WAP2). A MAC filtering will necessary too. It is based on MAC address: the number of the network card of each device. Its address is (normally) unique and permanent. The MAC filtering is a security access control methodology which a connection access only if it know the MAC address of the device. To collect MAC addresses may be tedious in a large network. When an employee bring its laptops or want to connect its mobile phone, the configuration of filtering system must be updated. It is the minimum required to protect a wireless network.
To work on a common network supposes a responsible behaviour of every user of the network. So, an IT charter must be established. It has to describe the policy of the security of the company and the course of action of the employees. For example, the visit of dubious sites and the opening of suspect e-mail are important details which save the protection of a network. The main threats are:
A user of the system (the vast majority of problems about the security of an information network is the tactless user).
A malicious person (a person wants to break into the system, legitimately or not, and then access to data or programs, using uncorrectedÂ software and known vulnerabilities).
Safety is judged according to several criteria:
Availability: to guarantee data are accessible when they are needed by authorized persons.
Integrity: to assure data are complete and accurate.
Confidentiality: to guarantee only authorized persons to have access to data.
Tracking (or "Proof"): to guarantee access and attempted access to data are traced and these traces are preserved and exploited
To increase the level of security, training for employees should be considered. IT technologies are in continuous development. So, everybody must be informed of the new risks, especially employees who maintain the network. It is the same for security software which update.