Network are often designed to be unique

Network AddressingA network address is a unique numerical identifier for a network interface. Network addresses are often designed to be unique across the network, but although some networks allow for local or private addresses that may not be unique. More than one type of network address may be used in any one network. The MAC addresses are needed to make a local Ethernet network function correctly and allow a network device to see other single directly connected devices, even though the physical connection is shared. This can be important when thousands of devices are connected together within a single organisation. They serve no function on the wider internet.Comparisons and contrasts between OSI and TCP/IP ModelsThere are many both comparisons and contrasts between OSI and TCP/IP networking models. The OSI is a generic, protocol independent standard, acting as a communication gateway between the network and end user whilst on the other hand TCP/IP model is based on standard protocols in which the Internet has developed. It is a communication protocol, which allows connection of hosts over a single network. Another comparison within the OSI model is that the transport layer guarantees the delivery of packets whilst the TCP/IP model the transport layer does not guarantee delivery of packets, but the TCP/IP model is more reliable than the OSI model. The OSI model follows vertical approach whilst the TCP/IP follows horizontal approach. Furthermore, the OSI model has a separate Presentation layer and Session layer in which the TCP/IP does not have a separate Presentation layer or Session layer. OSI is a reference model around which the networks are built and generally it is used as a guidance tool whilst the TCP/IP model is an implementation of the OSI model.The role of TCP/IP Models in a networkTCP/IP specifies how data is exchanged over the internet by providing end-to-end communications that identify how it should be broken into packets, how it should be addressed, transmitted, routed and then received at its destination. TCP/IP requires little central management, and it is designed to make networks reliable, with the ability to recover automatically from the failure of any device on the network. Data is sent from the machine which is then is sent to the IP protocol’s module, where the data packets are bundled into IP packets and sent over the network or internet.P2Security considerations for NetworksNetwork security consists of both policies and practices which are adopted to both help prevent and monitor unauthorized access, misuse, modification or a DDOS attack on a network. Network security involves the authorization of use of data in a network, which is controlled by a network administrator. Users will be assigned an ID and password that allows the user to gain access to information and programs within their authority level. Network security covers a variety of computer networks which include both public and private networks that are used in everyday jobs such as by conducting transactions and communications among businesses, government agencies and individuals. Networks can be both private, such as within a school, and others which may be open to public access. Network security is usually used in most networks now and include the use in networks within organizations, enterprises, and other types of businesses. It secures the network, as well as taking the role of protecting the network also to make sure that only certain tasks and programmes may be accessed by authorised personnel. The most common way of protecting a network is by assigning the network with a unique name and a password to ensure that files are protected even if it is the lowest level of security.Ways to improve the security of a network may include taking actions such as implementing measures such as: Communications – A sound security policy is only as good as the people who adhere to it. In that regard, it is necessary to educate your users on how their actions may impact the network.•Virus Management – Viruses and other malware can cause a wide range of problems, from slowing network activity to theft. To combat this virus-detection and spyware software must be installed and updated regularly. •Patch Management – Hackers often use known software security holes to exploit networks. Therefore a key component of your defence should involve an automated patch solution. •Encryption – In the event that your network is compromised, encrypting your data will store it in an unreadable format and useless to hackers. •Physical Security –This can be done with appropriate access control hardware and software. •Passwords – Dictionary attacks are another tool in a hacker’s arsenal. Most businesses have implemented a password policy should require strong passwords which may include a combination of letters, numbers and special characters and force password changes every few months. •Vulnerability Scanning – A vulnerability scanning tool will assess any weaknesses within your network and offer suggesting and methods to help address the issues. •Spam Filtering – Spam now account for a significant amount of business emails. These messages lure users to click on links intended to give away sensitive information. The use of a spam filter is to catch these infected emails before they arrive in your users in-boxes. •Event Logs – Logs are an essential tool in uncovering potential attacks and therefore log management software can be used to help prevent an attack before it happens. •Backup and Disaster Recovery – In the event of network failure, files that have not been backed up to give another copy of the file will be permanently lost in this case and will become unrecoverable. By backing up all files it will ensure that this does not happen.P3Reduce costsIt can reduce costs by including many managed sources and documents that have been implemented that can aid the employee in their work instead of using a printer or paper for each work documentImprove ProductivityIt can improve productivity by insuring that all documents are easily accessible by any employees or clients that need the resources. This will overall increase efficiency within the workplace and improve customer satisfaction as they will be dealt with in overall less time.Improve communicationsCommunications are improved by using email messaging within the workplace to both other employees and clients. Video conferencing can also be used to easily communicate information such as presentations or information to one or many people. ApplicationsFor finance systems I have chosen the Xero standard package which includes allowing being about to send unlimited invoices & quotes, enter any number of bills, reconcile bank transactions and submitting VAT online. This will allow for easy management of finances and is also easy to use for any employees in need of use of the software.For HR systems I have chosen the PeopleHR professional package costing £3 a month per employee which includes an excellent value for money package which includes Essential HR, Employee Self-Service, high performance, and exclusive high-Impact extras.For Facilitates management I’ve chosen a package by Clik costing £100 which includes keeping track of job progress and expenses, also it allows you to see updated job sheets instantly. It also removes reliance on paper in and out of the office and doesn’t require an internet connection needed when in the field but only to upload and download jobs.Ive also included Office 365 Business premium which includes Outlook, Word, Excel, PowerPoint, OneNote and Access aswell as Exchange, OneDrive, SharePoint, Skype for Business, Microsoft Teams and Yammer. Included with skype for business video conferencing will be free. Skype can easily be accessed and downloaded by any person with an internet connection making it a good choice to use within the business.ServicesFor user management I have chosen to include a username and password system which must include a password of at least eight characters and be changed every 6 months. It will also work on an authorization management system meaning that users will only be able to access documents and information relevant to their job roles. Also, there will be a lockout after 5 failed password attempts to prevent brute force. Audit logs will be used to record all the employees current and previous tasks to ensure they are doing their job correctly.For email Microsoft Outlook will be used as it is included in the Office 365 Business premium package and includes large email storage and sending of large files with ease.For printing I have chosen the HP PageWide Pro 477DW A4 Colour Multifunction Inkjet Printer which costs £384. This printer will be able to print out documents at exceptional standards and rates with a low start up price compared to competitors on the market.For system administration users will be limited to see information and documents only relevant to their job role and all tasks completed will be audited by a system administrator.ConstraintsThe cost of the entire network initial cost is extremely high but is low in comparison to other setups. With the high initial cost there will then be a low maintenance cost to pay for software and internet access. This will cause the business to have a low cashflow until the components and software are payed for but then will have a lot of utility and improvement of efficiency after the network has been implemented into the business.The time to setup the entire network could take multiple weeks which will also impact the efficiency and standard of the employees work as they will be constantly pestered or in some cases may be forced to stop their work completely until the needed components have been installed.Training costs will be low as I have chosen an on-the-job training scheme which will teach employees how to use all the new software to ensure that they are capable to use it in junction with their job. With on-the-job training it will also allow the employees to use the exact software and components they will be using whilst off-the-job may only use similar devices and software which are useless for the job.SecurityPhysical security will include a biometric fingerprint system to access the server room with another look within a case placed over the server. The room will have locks on windows and include security cameras to monitor anyone entering and exiting the room.Wi-Fi Security will include a different router for the employees than the clients to ensure that no documents or confidential information can be accessed by any unauthorised people. The staff Wi-Fi connection will include a username and password system which will be the same password and username as to their computer logins to ensure the highest possible security levels.The network security will feature multiple firewalls within the network both on the public and private networks to ensure that no harmful materials are passed through the network. It will also feature anti DDOS cloudflare software and audit logs to ensure that the network is not misused.PurposeWith the implementation of a fibre optic connection it will allow for extremely fast transfer of files and information across the internet. This will allow for increased efficiency within the workplace which will lead to an overall greater customer satisfactionWith a large extremely fast printer it allows for the printing of documents from any computer to print documents within seconds which will therefore allow for increased efficiency within the workplace.With a large server implemented it will allow for file sharing with any connected computer in the network if they have been authorised to access the selected documentation.P4Network DiagramNetwork SpecificationFor the client being a small sized business, I have appropriately chosen a relatively cheap server, the HPE ProLiant ML30 Gen9 Server which costs £811.40. This server comes equipped with an Intel® Xeon® E3-1200 v5 processor with four cores. The server also comes with a 8MB L3 processor cache with a speed of 4.0GHz. The maximum memory is a large 64GB with 4 DIMM slots for memory having the memory type of DDR4 UDIMM. The server also comes with a 1Gb 332i Ethernet Adapter network controller and comes with a LFF SAS/SATA/SSD drive. This server both comes at a low and affordable price for a small business and will be able to complete any task given at ease by the users of the network.Other components that will be required is a network adapter. I have chosen a TP-LINK TL-WDN4800 PCIe Wireless Card which costs £20 each but provide extremely fast network speeds. Basic Ethernet cables will also be plugged into every computer to ensure for speeds quicker than by using a Wi-Fi connection if required. The cable connectors used will be basic RJ45 connectors. For an internet connection I have chosen the Virgin Media business edition which comes with unlimited UK calls costing £55 per month with no line rental fee. This comes with a fast connection of up to 350Mbps download and up to 20Mbps Upload speed with unlimited usage which is suitable for the business and provides either a dynamic IP address or up to 5 static IPs.For network monitoring I have chosen an expensive but extremely effective software to provide the best protection against any cyber-attacks which is a SolarWinds NPM SL100 monitor costing £2,195 but will prevent most known attacks or breaches before they occur. For DDOS protection I have chosen the Pro cloudflare package costing $20 a month which includes Web application firewall (WAF) with Cloudflare rulesets, Image optimizations with Polish, Mobile optimizations with Mirage, I’m Under Attack mode, Access to account Audit Logs, Unmetered Mitigation of DDoS, Global CDN, Shared SSL certificate and 20 page rules. Cloudflare will ensure that the servers and website will not go down due to a DDOS attack with the best protection against attacks on the market at an affordable price. With the implementation of Audit logs in both cloudflare and the network monitoring software I have chosen it will also ensure that no unauthorised employees or clients will be able to access any unnecessary information or documents. With the implementation of these software’s it will ensure that the network is best protected against all sorts of attacks. User RequirementsEvery user within the business will have a copy of Microsoft office on their account but different job roles will have different software’s than others such as HR require payroll software as well as file management software to aid them in their job as well as record software. Only HR will have access to financial information as it is essential for their job role, but other roles will not have access to this software to help prevent any confidentiality being leaked. All users will have access to the fibre optic ethernet access as well as use of the employee internet connection.ComponentsFor cabling cat 6 cables will be plugged into each computer to ensure the highest speeds possible. A basic patch panel will be used to help save money to make up for expensive components in other areas. There will be a medium sized equipment cabinet to ensure that all components are able to fit into it. A TP link business switch with 24 ports will be used costing just under £70 which will be able to provide transfer speeds of up to 10GBs across the network. The router used will be the virgin media business hub which will be able to provide download speeds of up to 350MBps. There will be two different wireless access points, one for staff members and one for public use. This will ensure that files on the private network cannot be accessed by users on the public network. SoftwareAll computers within the network will be running windows 10 pro edition which will allow for ease of use for all users. All tablets will be running apples iOS software which can be easily used by anyone. The website will be hosted by go daddy as they provide affordable prices as well as excellent customer support. Firewalls will be implemented throughout the network as well as antivirus software and encryption will be used to ensure the highest possible security levels possible.Network ServicesActive directory will be used to manager users and devices and will also help to provide security within the network. DHCP will be used to provide addressing to all network devices. A DNS server will also be used so each device can communicate with each other.There will also be separate file server, print server, email server and wed servers to ensure that if one goes offline all will not go offline so that efficiency is not completely stopped, and that work can still be continued.Network SecurityPhysical security will include a biometric fingerprint system to access the server room with another look within a case placed over the server. The room will have locks on windows and include security cameras to monitor anyone entering and exiting the room.A password policy and lockout policy will be implemented where the employee must enter a username and password to access their account and their password must be changed every 6 months to maintain security levels to a high standard.The wireless access point will feature WPA-2 security as it is the best security protocol possible.Planning DocumentationGantt charts will be used to show when the project will begin as well as when each feature will be implemented into the business which will help ensure that all employees are kept informed as to what is currently underway and will also feature a finish date for the project.Configuration testing tools such as ping, ipconfig, pathping, tracert and route will be used to ensure that the network will be working correctly with no faults through command prompt.P5     Test PlanTest No. Date Description Input Expected Output1 20/1/18 Computers will be tested to ensure internet connection works Ethernet cable is put into computer which is connected to router Computer will be able to open a website with no issues2 20/1/18 Username and password system will be tested Validated Username and password User should be logged in on the first attempt3 21/1/18 Authentication and authorisation system testing An unauthorised account Files unauthorised to users should not be able to be accessed4 21/1/18 Server room will be tested for any invulnerabilities Locks and keys, Unauthorised fingerprint Biometrics will be tested as well as locks secured5 21/1/18 Brute force will be carried out Brute force programme Passwords should not be easy to crack6 22/1/18 DDOS testing will be carried out DDOS programme Network should not go offline7 22/1/18 Computer will be scanned for any viruses Antivirus software No viruses should be found on the computerP6Test No. Date Description Input Expected Output Result Discrepancy1 25/1/18 Updates Files transfer from server to computer Software will be updated to latest versions Software Updated and is functioning correctly2 30/1/18 Backup Data transferred to server All Information and documents will be backed up to the server All data is backed up with no corrupted files3 4/1/18 Device Maintenance Replacement parts for broken parts All devices should be correctly functioning No devices are found to have broken parts4 9/1/18 Security New physical security features No security breaches or risks No security risks have been found5 14/1/18 Troubleshooting Troubleshooting programme Found ways to address found issues Found solutions to issues6 19/1/18 Backup Data transferred to server All Information and documents will be backed up to the server All data is backed up with no corrupted files7 24/1/18 Updates Files transfer from server to computer Software will be updated to latest versions Software Updated and is functioning correctly