Design A Small System For The University Of Laverne It

Design a Small System For The University Of Laverne It

Design a small system for the University of LaVerne that supports the following requirements: four departments, each with users; an administrative function with 30 users; remote sites including VAFB, Athens, Greece, and Alaska, each with specific student and computer counts; and appropriate network infrastructure considerations such as LAN, WAN, topology, protocols, internet connectivity, security, and encryption. The system must address equipment planning, including computers, communication cables, and related hardware. Computer labs are located within department buildings, and the project should ensure integration of these components into a cohesive network with well-justified design choices, including alternatives considered. Assumptions, such as pre-existing computers at remote sites, should be clearly articulated, and costs, implementation timelines, and rationale for network topology and security measures should be included, presented as a comprehensive proposal to ULV administration.

Paper For Above instruction

The design of a comprehensive network system for the University of LaVerne requires meticulous planning to ensure connectivity, security, scalability, and cost-effectiveness. Given the specified requirements, the system's architecture must integrate the main campus with multiple remote sites, facilitate communication among various departments, and support administrative and academic functions seamlessly.

Assessment of Current and Future Needs

The university comprises four departments, each with dedicated users, along with an administrative office with 30 users, necessitating a reliable Local Area Network (LAN) within each building. The computer labs within departments have varying user capacities, from 25 to 50 users, demanding sufficient bandwidth and hardware support. The remote sites vary significantly in size, from VAFB with 200 students and 15 computers to Athens, Greece, with 1,000 students and 100 computers, plus personnel. Alaska is relatively smaller with 150 students and 15 computers. The network design must support these remote locations via a Wide Area Network (WAN), ensuring secure and efficient data transfer.

Network Topology and Physical Layout

The physical infrastructure will be based on a hybrid topology combining star and hierarchical models. The core campus network will utilize a star topology to centralize management and optimize performance, with switches connecting department labs, administration, and campus servers. Remote sites will connect via secure VPN over the internet, leveraging a hub-and-spoke model to connect each remote site to the central campus network.

Given the distances—ranging from 100 m to 450 m—fiber optic cabling will be used within buildings and for inter-building connections on campus, offering high bandwidth and low latency. For interior connections within labs and offices, high-quality Ethernet cables (Cat6 or higher) will provide cost-effective robustness.

Protocols and Internet Connectivity

The network will employ TCP/IP as the fundamental protocol suite, supporting standard services like HTTP, FTP, and email. Routers at the campus perimeter will manage internet access, with Firewalls and Intrusion Detection Systems (IDS) in place to safeguard against external threats. Internet connectivity will be via a fiber optic connection to an ISP with redundancy to ensure high uptime.

Security and Encryption

Security measures include WPA2/WPA3 encryption for wireless connections, VPN tunnels for remote site access, and secure SSH protocols for administrative access. User authentication will be managed via Active Directory or similar directory services. Data encryption will extend to WAN links using IPsec VPNs and SSL/TLS protocols for sensitive data, ensuring confidentiality in transmissions.

Furthermore, network access controls, such as MAC address filtering and VLAN segmentation, will enforce security boundaries within the LAN, isolating departments and lab networks from administrative systems to prevent unauthorized access.

Equipment and Implementation Planning

Within the campus, high-performance switches, routers, and wireless access points will support internal and external communications. For remote sites, satellite or fiber-based VPN connections will link the local networks with the central system.

Based on the user counts, the system will include several core switches (e.g., Cisco Catalyst series), enterprise-grade wireless access points, and firewalls, with estimated costs outlined below:

• Switches and routers: $50,000
• Fiber optic cabling and connectors: $20,000
• Wireless access points: $15,000
• VPN hardware/software licenses: $10,000
• Security appliances (firewalls, IDS): $25,000
• Installation and labor: $30,000
• Contingency and miscellaneous: $10,000

Total estimated equipment and installation cost: approximately $160,000.

Implementation Schedule and Deployment

The project will proceed in phases:

1. Initial Planning and Procurement (Month 1-2): Determine detailed specifications, acquire equipment, and prepare site plans.
2. Infrastructure Deployment (Month 3-4): Install cabling, network hardware, and configure network devices.
3. Testing and Configuration (Month 5): Verify connectivity, security, and performance, and adjust configurations as needed.
4. User Training and Transition (Month 6): Train users, switch over to the new system, and decommission old infrastructure.

The phased approach ensures minimal disruption and allows room for troubleshooting and adjustments.

Design Justification and Alternatives

The choice of fiber optic cabling within the campus offers high bandwidth capacity with minimal latency, which is crucial given the size of data transmitted and the number of users. Alternatives such as copper wiring were considered but rejected due to distance limitations and lower data rates.

The hybrid topology combining star and hub-and-spoke models provides a balance between centralized management and remote site security. Alternatives like full mesh networks were considered but deemed unnecessary given the cost and complexity.

Security measures, including VPNs, encryption, and segmentation, were prioritized to safeguard sensitive academic and administrative data. Alternative approaches like relying solely on physical security were rejected because cyber threats require layered virtual security.

Assumptions

• The existing computers at remote sites are functional and will be connected to the network with necessary network interface cards (NICs).
• The university’s existing internet service provider offers sufficient bandwidth for planned activities.
• The campus architecture permits installation of fiber optic cabling and wireless access points without major structural modifications.
• The budgeting reflects current market prices as of the project's start date; actual costs may vary slightly.

Conclusion

The proposed network design for the University of LaVerne aims to provide a secure, scalable, and efficient infrastructure supporting academic, administrative, and research activities across multiple locations. By balancing high-performance hardware, secure protocols, and strategic topology choices, the system ensures reliable connectivity, data security, and future scalability, aligned with institutional goals and budget constraints.

References

• Stallings, W. (2017). Network Security Essentials: Applications and Standards. Pearson.
• Tanenbaum, A. S., & Wetherall, D. J. (2011). Computer Networks (5th ed.). Pearson.
• Cisco Systems. (2020). Cisco Catalyst Switches Data Sheet. Cisco.
• ISO/IEC 27001:2013. Information Security Management Systems. International Organization for Standardization.
• Chen, B., & Huang, Y. (2020). Wireless Security Technologies and Protocols. IEEE Communications Surveys & Tutorials, 22(2), 1245-1272.
• Peterson, L. L., & Davie, B. S. (2019). Computer Networks: A Systems Approach. Morgan Kaufmann.
• Fortinet. (2021). FortiGate Firewall Solutions. Fortinet.
• Federal Communications Commission. (2022). Guide to Internet Security. FCC Publication.
• Gibson, T., & Gangeshwaran, R. (2018). Network Infrastructure Design Principles. Journal of Network and Systems Management, 26(3), 543-561.
• Rouse, M. (2023). VPN Overview and Best Practices. TechTarget.