kiddie kampus network designclaw network solutions file · web viewintroductionclaw...
TRANSCRIPT
Kiddie Kampus
Kiddie Kampus Network Design
CLAW Network Solutions
Jordan Crouse, Patricia Langston, Titus Alcock, Jamie Watson
Kiddie Kampus
IntroductionCLAW Networking Solutions has provided this detailed design proposal to your company which, if
implemented, will enhance the network that is currently in use. The old network would be replaced
with the most current and up-to-date Ethernet technologies including cabling, switches, and a star
topology. Our company knows the significance of having a reliable network infrastructure in place and
the need for a small business to continue thriving. Therefore, CLAW Networking Solutions has listed our
recommendations that we believe will provide you with the best possible solution for yourself and your
business needs.
Kiddie Kampus
BackgroundKiddie Kampus is a popular family owned and operated childcare facility located in Wilson, North
Carolina. As the center is gaining more and more popularity, the owners are looking to expand their
network and to make sure it is as secure as possible. The current network design is simply three
computers and two printers all connected to a wireless router. The wireless router connects to a cable
modem for internet access through the local cable company. Also, there is a fax machine and three
telephones that are currently being operated on plain old standard telephone lines that will be
converted to a VOIP system. They have one camera set up in one of the classrooms with a monitor
located in the office for observation.
Our consultants are trained to know the advantages as well as the disadvantages of each recommended
piece of equipment while comparing each option based on the cost, speed, and efficiency. Based on our
research, we decided on two possible solutions that we know will improve your business. The first
option is a more cost effective proposed plan and the other is the performance based option, which we
highly recommend. Inside this proposal you will find both the cost effective approach in addition to the
performance based approach. We have also provided an implementation timeline for completion,
detailed budget estimations, a Logical LAN diagram, and a Physical LAN diagram. All childcare facilities
are required to comply with local, state, and federal regulations regarding student safety and data
security. Our team will do our best to provide the most cost efficient and secure network design for
your facility.
Kiddie Kampus
Detailed SolutionsCLAW Solutions highly recommends that the center is getting their DSL service through their local
telephone company instead of using the cable provider. This is because even though cable service
providers advertises faster speeds, they typically share bandwidth with neighboring users. This would
cause a security issue because neighboring businesses would potentially have access to the Kiddie
Kampus network and will be able to observe all the packets travelling back and forth by using packet
sniffer software.
Physical Layer
Next, we will focus on the physical layer of the network. We would like to run UTP Ethernet plenum
cable throughout the building for linking each device to the company LAN network. We are
recommending using plenum because we have to run the cable through the drop in ceiling and this
would be required to be in compliant with the building code. Plenum cable is fire resistant and used to
prevent fires from spreading using the cables as wicks in the plenum environment. We are
recommending using an Ethernet cable for connections within the LAN instead of using wireless for
several reasons. Cable can provide faster speeds and can handle simultaneous communication through
the switch whereas wireless networks can only handle one communication at a time. Using cable is a lot
more secure than sending all data communication wirelessly and it is best for optimal performance.
Cable is, also, more reliable and consistent than wireless media. Wired Ethernet workstations should
still receive the same speeds as long as they are placed as well as located within 100 yards of the switch.
Wireless users would notice substandard performance the further they travel away from the access
points.
Kiddie Kampus
CLAW Solutions recommends using a Cat 6 cable because it offers faster speed than Cat 5 or 5e for an
additional cost. A Cat 6 cable can also handle all the data and video needs for Kiddie Kampus plus much
more. We did consider using a fiber optic for even greater performance but, we think its cost would
outweigh the benefit. The newly improved Kiddie Kampus network will be designed using a star
topology which will allow for better performance and reliability. For instance, if one user goes down,
the network will still operate.
Network and Transport Layer
The needs for the Kiddie Kampus network layer of the LAN would be best met with a layer two switch.
We are recommending a switch over a hub for better performance. The switch will create separate
collision domains and would allow for duplex communication between devices. Using a switch to route
all internal traffic will reduce latency as opposed to using a router for routing traffic within the LAN. The
switch will need to be connected to a router for routing all packets leaving and entering the LAN. The
network needs to implement a firewall to filter traffic coming into the network from the internet. The
Firewall can filter ports and IP address and add security needed to protect the LAN from the internet.
Also, the network will use NAT (Network Address Translation) to hide the internal IP address of the
computers within the LAN. The NAT would provide a separate IP address for the public side of the
network to see and then translate the address to the local IP address for routing within the LAN. The
router will be configured to assign IP address for all devices accessing the network using DHCP. The
router will be configured as the default gateway and will also have the DNS (Domain Name Server)
address for resolving the IP address for the websites being requested for access. All users requesting
access to the network would need to be authenticated before being granted access. We will implement
an AAA (Authentication, Authorization, and Accounting) type protocol such as RADIUS (Remote,
Authentication, Dial in User Service) for all users requesting access to the LAN. Also, we will implement
Kiddie Kampus
Qos (Quality of Service) to give priority of packets for the VOIP phones and video data for the cameras.
The switch needed would need to be able to handle three computers, three phones, one camera and
one fax for a minimum of 8 ports. It is recommend that you go ahead and purchase a switch with extra
ports for future expansion. Other considerations for future needs that may go ahead and be
implemented into the network are any additional computers possibly needed for the children to use or
for administration, additional cameras for the other classrooms and maybe adding an access point for
wireless capability. Upon further consultations with Kiddie Kampus, it may be decided to go ahead and
install capacity for additional capabilities like these while installing the upgrade. CLAW recommends
planning for future expansion and all forecasted needs while making these network upgrades.
We did not believe that wireless access capability is a necessity at this time but if it is desired for the
LAN, there are several considerations we will need to make. We will first determine the required
coverage area required for wireless access. Next we will look at the layout of the building and the
construction for placement of the wireless access points. Ideally coverage can be provided by placing
access points every fifty feet. Sometimes they can be spaced a little further apart in wide open spaces
and sometimes they would need to be closer if there are walls in-between to obstruct the signals. We
will design for some overlap so that continuous coverage can be provided. Also, we will configure the
channels on the wireless access points to minimize interference. We will set the SSID (Service Set
Identifier) and make it hidden to minimize attempts of unauthorized access. We will also enable WPA
(Wi-Fi Protected Access) for encryption and secure access.
Kiddie Kampus
Network Design Approaches
Cost Effective Proposal
Material CostsNeed Item Quantity $/Item TotalDSLUTP Ethernet Plenum
Cat5e StarTech WIR5ECMPGRY 1000 ft. Cat 5E Gray Roll of Gray Plenum CMP Cat5e Solid UTP Bulk Cable
3 (1000 Ft) $295.55 $887.97
Ethernet Cable (Wall to Device)RJ-45 Connectors pre-installed
Cat5e Coboc CY-CAT5E-25-BK 25ft.24AWG Snagless Cat 5e Black Color 350MHz UTP Ethernet Stranded Copper Patch cord /Molded Network lan Cable
4(25 Ft) $3.49 $13.96
RJ-45 Keystone Jacks Cat5E
BELKIN R6D024-AB5E-WHT Cat.5e Keystone Jack
5 $5.99 $29.95
RJ-11 Keystone Jacks (Phones)
RJ-11 Toolless Keystone Jack - White (7288)
3 $2.66 $7.98
Wall Plate Multi-Media Keystone Wall Plate 1 Port Almond Monster Cable 140172-00
8 $1.57 $12.56
Layer 2 Switch NETGEAR ProSAFE 24-Port Gigabit POE+ Managed Switch Layer 2+ With Static L3 Routing (GSM7224P)
1 $655.03 $655.03
Patch Cables C2G 22679 5 ft. Cat 5E Blue Cat5E 350 MHz Assembled M-M Patch Cable - Blue
8 $2.00 $16.00
Patch Panel BELKIN C-PP5-24-F- 1 $113.80 $113.80
Kiddie Kampus
BK 24 Port Cat5e Network Patch PanelCompareBELKIN C-PP5-24-F-BK 24 Port Cat5e Network Patch Panel
Switch Rack Tripp Lite SRWO8U22 8U Wall Mount Open Frame Cabinet
1 $116.99 $116.99
Router LINKSYS LRT214 Business Gigabit VPN Router
1 $209.99 $209.99
Firewall Norton Small Business, 5 Devices
1 $99.99 $99.99
Sub-Total $2164.22Sales Tax 7% $151.50Labor Telecommunications
Technician40 Hours $104.00 $4160.00
Total $6475.72
Best Performance Proposal
Material CostsNeed Item Quantity $/Item TotalDSLUTP Ethernet Plenum
StarTech WIRC6CMPGRY 1000 ft. Cat 6 Gray Roll of Gray Plenum CMP Cat 6 Solid UTP Bulk Cable
3(1000 Ft) $446.99 $1340.97
Ethernet Cable (Wall to Device)RJ-45 Connectors pre-installed
Cat6A Coboc CY-CAT6A-STP-25-BL 25ft.26AWG Snagless Cat 6A Blue Color 550MHz SSTP(PIMF) Shielded Ethernet Stranded Copper Patch cord /Molded Network lan Cable
4(25 ft) $9.26 $37.04
Kiddie Kampus
RJ-45 RJ-45 Keystone Jacks Cat6
Belkin Cat.6 Keystone Jack
5 $5.99 $29.95
RJ-11 Keystone Jacks (Phones)
RJ-11 Toolless Keystone Jack - White (7288)
3 $2.66 $7.98
Wall Plate Multi-Media Keystone Wall Plate 1 Port Almond Monster Cable 140172-00
8 $1.57 $12.56
Layer 2 Switch NETGEAR ProSAFE 24-Port Gigabit POE+ Managed Switch Layer 2+ With Static L3 Routing (GSM7228PS)
1 $1508.99 $1508.99
Patch Cables Tripp Lite 5-ft. Cat6 Gigabit Snagless Molded Patch Cable
8 $3.99 $31.92
Patch Panel BELKIN F4P638-24-AB5 24 Port Cat6 Patch Panel
1 $60.90 $60.90
Switch Rack Tripp Lite SRWO8U22 8U Wall Mount Open Frame Cabinet
1 $116.99 $116.99
Router LINKSYS LRT224 Business Dual WAN Gigabit VPN Router
1 $239.99 $239.99
Firewall Norton Small Business, 5 devices
1 $99.99 $99.99
Sub-Total $3487.28Sales Tax 7% $244.11Labor Telecommunications
Technician40 Hours $104.00 $4160.00
Total $7891.39
Kiddie Kampus
Cost Effective Proposal
The first of the two systems that we have created a complete full budgeted proposal for is the cost
effective proposal. While this system doesn’t offer quite the same speed and performance of our
performance based system, we feel as though it will adequately meet the needs of your company. This
systems starts off with Cat5E UTP Plenum cabling wired using two twisted pairs. This results in a network
that is in accordance with IEEE 802.3 standards, classified as a 100BaseTX network. This network will
allow up to 100 meters of cable length to be run from the patch panel to the wall plate and will allow
speeds up to 100Mbps.
In accordance to the star topology, we have decided to install the switch rack in a central location. The
network will run off of a NetGear Prosafe 24 Port Layer 2 switch. It will then connect to a Belkin 24 port
Cat5E patch panel, which connects to the switch using patch cables. The Cat5E UTP cabling is connected
to the back of the patch panel, which is run directly from each wall jack to the patch panel. The switch
will be connected to a LINKSYS LRT214 Business Gigabit VPN Router which is connected to the DSL
provided by the phone company.
Although the system only requires 8 ports, we have decided to recommend a 24 port switch and patch
panel for future additions to the system. The switch rack that we have selected will allow the addition of
up to 8 more switches of 24 ports to be added into the network. Each of the devices in the network will
be connected at a wall jack, with the computers and printers using RJ-45 connections and the provided
25 Ft premade RJ-45 cables to connect to the devices. The phones will be connected at a wall jack using
RJ-11 jacks and the supplied standard phone cables. This system is a definite upgrade from the current
system used by Kiddie Kampus, and it will provide upgradeability for future additions.
Kiddie Kampus
Best Performance Proposal
For this proposal we stepped this up a notch. We decided to stay with the same companies for each of
the hardware pieces, but we are proposing higher end options that will increase overall performance
and system capabilities. This system will be founded on a Cat6 network of cabling. The network will use
Cat6 UTP Plenum cabling employing a four pair twisted pairing which will allow the system to operate at
a max speed of 1000Mbps. In accordance with IEEE 802.3 standards the network will be classified as a
1000BaseT.
The switch for this system will be a NetGear Prosafe 24 port layer 2 switch with layer 3 capabilities. That
will then be connected to a Belkin 24 port Cat6 patch panel, which will be mounted on a Tripp Lite
switch rack that allows for eight 24 port switches to be installed. The switch will be connected to an
upgraded LINKSYS router with VPN and WAN capabilities which also allows gigabit transfer speeds. All of
the devices will be connected in the same manner as the cost effective system, but will all upgraded
technology. The upgraded capabilities of the system will allow Kiddie Kampus to add devices to their
system and maintain fast speeds for years to come. The cost effective system uses Cat5E which is slowly
becoming outdated because it doesn’t allow for transfer rates as fast as Cat6. With the upgraded switch,
we also feel confident that this system will not be outdated for many years.
As mentioned above, our company is fully capable of installing a fiber optic backbone network that will
provide even faster speeds of up to 10Gbps. It will cost considerably more money as well as labor to
install, but it will be state of the art once we are through. We can also provide you with servers,
centralized databases, and wireless internet, which can all be easily connected into the network that we
are proposing. Finally, we are proposing that regardless of which network you choose, that you use a
strong internet security antivirus and firewall software package. We are recommending that you use
Kiddie Kampus
Norton Small Business, which provides protection for up to five devices, but can easily be upgraded to
10 or 20.
Kiddie Kampus
CLAW Recommendation
CLAW Solutions is always looking for a way to help local families and businesses. By putting together
two different proposals, we are really hoping to allow you to recreate your network in an affordable,
efficient way. Both options are fully working and will allow your network to run smoothly. However, the
“Best Performance” proposal will allow your business to run faster and more efficiently. It will allow
more room for future growth and will provide optimal safety measures for the students and their
families.
Kiddie Kampus
Risk Assessment
We conducted a high-level risk assessment to analyze and prioritize the possible security risks to Kiddie
Kampus’ information systems and network. We have identified four business areas that could be
impacted in the event Kiddie Kampus were to be exposed to security threats. The areas impacted are
Operational/Productivity, Financial, Reputational and Legal. We have outlined below a prioritized list of
risks identified for each area of impact.
1) The risk of operational failure/downtime and financial loss, due to improper physical access
controls to key systems/hardware.
a) External customers and employees have access to the office, administrative area, and
restroom/closet (where the current telephone system components reside), which all contain
network components and system hardware.
(1) Possible scenario - A disgruntled parent or employee could go into the restroom and cut
the lines to the phone system. The daycare could operate with cell phones, but the
teachers aren’t allow to have them. So they would have to walk to each room to
communicate with the teachers, and external customer communication would be down
b) In the event that the Procare Touch fingerprint scanner is down, it requires resources to
manually allow customers in consistently throughout the day.
c) Routers/systems hardware in administrative area and office could be easily accessed and
damaged, since the door is normally left open to the office. There is nothing preventing a
parent from walking behind the desk up front.
Kiddie Kampus
2) The risk of exposure to client confidential data and potential fraud due to data protection risk
awareness, and vendor management. This could have a reputational, financial and legal
impact.
a) Confidential internal/child health data is displayed on system screens and in plain view,
available for public viewing. Normally someone is sitting at the computers, but there are
times when they are not.
b) Confidential information is sent electronically to external vendors however there has been
no risk assessment done to determine what happens to that data when the vendor receives
it.
c) Employees/management dealing with confidential data need more training on information
security and protection
3) The risk of data loss/compromise due to lack of knowledge associated with patching
requirements for systems residing on the network.
a) Vulnerability scans are not conducted on consistent basis to check for available patches
b) Security updates are not applied as needed
While the volume of data maintained by Kiddie Kampus is low and their networks and systems are fairly
simple, the likelihood that the above security threats could occur is moderate to high. The impact would
be high in terms of the potential risk to the company’s reputation. If their systems or network were to
go down, they would call their provider or vendor to diagnose and resolve the issue. Financial loss could
be possible if they were required to purchase new hardware. We recommend that Kiddie Kampus
implement clean desk policies to limit the possibility of confidential data loss. This includes training
employees on the policies, purchasing shredders and establishing proper controls for monitoring. In
Kiddie Kampus
addition to these new policies and training, we feel that our recommended solution will greatly reduce
the risks outlined above.
Kiddie Kampus
Works Cited
All pricing for hardware was obtained from http://www.newegg.com/
Pricing for Norton Small Business was obtained from http://us.norton.com/small-business