Principles Of Network Infrastructure Management Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Network security is important these days. It is because nowadays, there are a lot of cyber crime occurred everywhere around the world either it is minor or major. It could bring the company down due to confidential information about the company being exposed to the public such as their rival.

Network security involves of the terms and policies implemented by a network administrator to avoid and observe any unusual activities on the network such as someone illegally access into the network, use wrongly, modification or denial of a computer network. Network security is usually controlled by a network administrator who execute the security policy, network, software and hardware have to secure the network and the resources accessed through the network from illegal access.

A network security system normally depends on levels of security and consists of several components including networking monitoring and security software in addition to hardware and appliances. All components work together to increase the overall security of the computer network.

Here are the examples of network security that needs to be implemented in the Kiwi SDN BHD network, the firewall, anti-virus software and encryption. So firstly, I am going to discussed about the firewall. Firewall is a system designed to avoid unauthorized access to or from a private network. Firewall can be software or hardware. It manages the network traffic of the incoming and outgoing data packets by analyzing and deciding whether it should be allowed through or not, based on a rule set.

Most of the personal computer(PC) operating system consists of software-based firewalls to defend against risks from the public internet. Many routers that pass data between networks have firewall components and, on the other hand, many firewalls can carry out basic routing functions.

This company need to implement the stateful firewalls because it is much more safer than a regular packet filter. A stateful firewall is more sophisticated and difficult compared to stateless firewall. Stateful firewall watches traffic end to end and keeps track of open connections on state table and intelligently relates new connection requests with these states. It able to identify the packets and can evaluate either the the packet can pass through the network or not.

Second, the anti-virus software. Anti-virus software is a very useful to Kiwi company because this software helps to protect, identify and remove any potential malware on your computer system such as hard disk. These days, we can get different types of anti-virus software in the market due to increasing number of computer, internet users and also malware.

Always scan you computer system in order to prevent from the viruses and it needs to run in the background at all times and keep updating the software so it identifies new version of malicious software.

Finally, encryption. Encryption should be implemented in Kiwi company's network.. Most of the website uses this encryption to protect the sites for viruses or steal the files. Encryption is the conversion of data into a secret code.

Encryption is the most successful method to attain data security. In order to read an encrypted file, you must have right to use to a secret key or password that enables you to decrypt it. Unencrypted data is called plain text, encrypted data is referred to as cipher text. Encryption is the safer way to protect the data and information on the computer system.


Hub is a hardware device, that connects several computers on the network or other network devices together. Most hubs can distinguish basic network inaccuracies such as collisions but having all information transmit to various ports can be a security threat and cause bottlenecks. Usually, hub is cheaper than switch and router.

In this case, Kiwi company should implement intelligent hubs to their computer system. It is because it adds extra elements to an active hub that are of particular significance to businesses. An intelligent hub usually is stackable. It also usually consist of remote management abilities via Simple Network Management Protocol(SNMP) and virtual LAN (VLAN) support.

Switch is quite similar with hub, it is a device that connects numbers of computer on the network within one local area network(LAN). But switch is more powerful than hub. Theoretically, the network switch operates at the layer two(Data Link Layer) of the OSI model.

Switches that in addition process data at the network layer (layer 3) and above are often called layer-3 switch. One switch can have up to 48 ports. A switch is a device that connects to the networks and gets the packet from any device connected to it and then broadcasts the message only to the device for which the message was meant.

Managed switch is more suitable for this company, it is because the switches can be installed to set up Gigabit connections to computers to produce a company-wide network backbone. Managed switch element built-in support for remote setup and management. Also, managed switches offer the capability to check each device on the network as well as limit the amount of bandwidth any device can use.

Next, router. A router is a hardware device intended to take incoming packets, examining the packets and then directing them to the proper locations, shifting the packets to another network, transferring the packets to be moved across a different network interface, dropping the packets of performing any other number of other actions. Edge router is suitable for this company's network system. This type of router are positioned at the edge of the ISP network, there are usually configured to external protocol like BGP (Border gateway protocol) to another BGP of other ISP or large organisation.

Finally, the fiber optic cable. It is a cable consist of one or more optical fibers. The optical fiber components are usually separately covered with plastic layers and contained in a protective tube appropriate for the surroundings where the cable will be installed. For internet user, fiber optic is very fast and reliable. The user can access the internet with fast connection in split seconds.

TASK 4: Re-design the network infrastructure using standard diagram

Core layer

Distribution layerC:\Users\User\Documents\task 4 NI.jpg

Access layer

Store & Inventory



Human Resources


Sales & Marketing

TASK 5: IP addressing

DHCP is short for Dynamic Host Configuration Protocol. DHCP is very useful to big company like Kiwi company. DHCP is a network protocol that allows a server to automatically assign an IP address to a computer from a wide range of numbers configured for a given network.

With dynamic addressing, a device can have only one of its kind IP address whenever it connects to the system. DHCP also hold up a combine static and dynamic IP addresses.

Dynamic addressing simplifies network administration because the application helps to track of IP addresses rather than having need of an administrator to control the assignment. Therefore, with DHCP, any additional computer can joined to the network with no complications of manually allocating it a matchless IP address.

Here are the reasons why we are using DHCP for the current Kiwi network. Firstly, DHCP it help to take out the need for manual client configuration. It is hard to manually configure the computer network. It requires al lot of work and must be cautious by inputting the right and the unique or exclusive IP address, subnet mask, default router address and a DNS address.

Nowadays, people keep moving to new places and the implementation of new systems to a network causing a problem for manual client. Besides, when setting up the client machines, of course they might experience some difficulties.

Next, with DHCP, it is easy to modifying network bounds. Kiwi might have over 90 computers connected to the network and DHCP makes thing easier since they can update new features to the computer network only by using DHCP server and transmit to the whole computers on the network, than updating it on every computers on the network.

Finally, the efficient utilization of IP Address space. Every computer on the network gets its arrangement from a collection of existing numbers automatically for a particular moment. When a computer has done with the address, it is discharges for the other computer on the network to use it.

Static assignment of IP addresses eventually causes in low operation of our address space, meanwhile, dynamic assignment practically assurances that the under consumption won't take place. Static assignment doesn't suggest any programmed system for returning unemployed IP addresses.

TASK 6: Assign the user right


User Right




Human Resources


Back up operators and Administrators



Guest, Administrator and Power User



Administrator and Guest

Stores & Inventory


Guest,Back up operators and Administrators

Sales & Marketing


Performance monitor users and Administrator


In this section, Merit 2 is related to Task 6. There are 5 user right been assigned to the current users at those department, the administrator, backup operator, guest, power user and performance monitor user.

The administrator has the highest position or has the power to access the server on the network and able to assign any of the user right and gain control permission to users as necessary. Administrator account usually is a default member.

When this server is connected to a domain, the Domain Admins group is automatically added to this set. Because this group has entire power over the server, add users with carefulness.

Then, the backup operator. From the name itself, we know that their task is to backup and restore all of the files, data and information on the server in spite of of any permissions that look after those files. This is because the right to carry out a backup takes priority over all file permissions. However, they cannot modify the security settings.

The guest in a computer connected to the domain, users of this set have a brief account created to sign in, and when the user sign off, the account will be removed from the system . Accounts in workgroup situations are not removed. The Guest account is also a default member of this group.

Next, the power user. Members of this group can make user accounts and then adjust and remove the profiles they have made. They can form local groups and then include or eliminate users from the local groups they have formed. They can also include or take out users from the Power Users, Users, and Guests groups. Users able to make shared folders or information and manage the shared resources they have created. They cannot take possession of files, back up or restore directories, load or unload device drivers, or run security and auditing logs.

Finally, performance monitor user, the members of this group can observe performance counters on the server nearby and from distant clients without being a part of the Administrators or Performance Log Users groups.