1

Module: CO4606 Wired and Wireless

Evaluating Firewall Policies to Manage Network TrafficAdvanced Scenario 1. In this scenario we upgrade the WAN link to OC12 and it generate the critical application responce time for credit card authorization which is 0.58 seconds as show in Fig3, and HTTP responce time is 0.025 second shown in Fig4. In the scenario we can take different approach to improve the given scenario. First we activate the firewall policy to prevent the illegal downloading etc (Video, Music and File Transfer), secondly to improve the performance of the network we upgrade the cable 10Mbps to 100Mbps from 7 file Print & Email Servers to floor10 and upgrading the cable between Cisco PIX firewall and Core Switch. By running the simulation we chage the WAN link rate to T1 instead of OC12 the reason is bank is paying more money for OC12 WAN link by active the firewall and upgrade the LAN network cable it save the bank money. To get the result of critical application response time we run the simulation and it generate the result as show in Fig5.

Fig3. Credit card authorization response time.

Fig5. Credit card authorization response time upgrading LAN cable 100Mbps.

Fig4. HTTP response time.

Another approach will can implement is collapsed backbone network without upgrading the cable on the network it shows the similar result as shown in Fig6.

Advanced Scenario 2.

Student Name: Sheraz Salim

Student ID: 20388626

2

Module: CO4606 Wired and Wireless show it download utilization time is 0.02second where as floor 4 switch download utilization is less than 0.01 second as shown in Fig7.

Fig6. Collapsed backbone network with 10Mbps cable.

Conclusion After taking different approach on the above scenario and as a network consultant I shall recommend Collapsed backbone topology as it saving us to upgrade and giving more high performance after active the firewall policy and cut down the WAN link to T1. Challenge wireless connection implementation takes place on the whole network with firewall policy on. We place a single mobile wireless node 11Mbps on each LAN total of 9 nodes. The wireless router data rate is 11Mbps is placed on floor 4. However to generate the result of wireless LAN application profile is change as show in table. Wireless Node Mobile Node 0 Application Profile Email, Credit Card Authorization Mobile Node 1 HTTP(light), Music and Video Transfer Mobile Node 2 Music and Video, Email Mobile Node 3 File Printing, HTTP(light) Mobile Node 4 Credit Card and HTTP(light) Similar data value are set in remaining 5 mobile node. To see the performance of the wireless router utilization we change it to As it to time average as show in the fig. The average time Student Name: Sheraz Salim

Fig7. Comparison of Wireless Router and floor4 switch.

To see the performance of the Credit card authorization response time we compare the firewall implementation scenario with firewall implantation with wireless node as shown in Fig8.

Fig8. Credit card authorization response time with Firewall_Implemented and Credit card authorization response time with Firewall_Implemented with wireless nodes.

The result showed there is not a difference of credit card authorization response time. To see the performance of wireless node on network we see the result of different wireless node that we placed on different LANs Fig is shown in 9, 10, 11.

Student ID: 20388626

3

Module: CO4606 Wired and Wireless

Fig9. Mobile wireless Node on Floor1.

Fig11. Mobile wireless Node on Floor 10

Conclusion The lab teach the response time of the credit card authorization on LAN network with firewall policy off and then firewall policy on. This shows a significant improve response time on LAN network. Later on we use wireless node to analysis the result of network with 11Mbps wireless router and wireless nodes. As a network consults it will be good practice if we change all the 10Mbps to 100Mbps cable to speed up the network. As similar to this lab we already implement 1Gbps cable on network which not showed a significant result on the LAN network. As company need more security and stick firewall policy we need to implement a security on wireless nodes etc password. To avoid the wireless LAN delay we must have to put two wireless routers on the wireless network traffic. This will be diverted on two routers on different frequencies. By changing the data rate on WAN will be cost effective therefore using T1 will be worth it using by firewall policy to stop illegal downloading. This lab gives us a good practice how to implement a wireless LAN deployment on LAN network and doing analysis on the result it generated. Student ID: 20388626

Fig10. Mobile wireless Node on Floor4

Before analysis on the generated result, and for better understanding we placed wireless node 0 on floor 1, wireless node 8 on floor 4 with wireless router and wireless node 5 on floor 10. To analyse the result we look at wireless LAN delay result, wireless delay is the distance between the wireless router and wireless nodes as each node is placed on different floor so the delay may vary on different wireless nodes. Secondly, Wireless LAN load is the wireless node applications which are running on wireless node etc. (Mobile node 4) Credit card authorization and HTTP page response time.

Student Name: Sheraz Salim