Isol 532 Telecommunications Network Security Case Pro 563785

Isol 532 Telecommunications Network Security Case Project Network

Create a network drawing, specific to NetWay Corporation, listing the network’s topology including any necessary hardware. Your drawing must be detailed enough and show how the topology is interconnected. Viewing this diagram should give the reader detailed understanding about the NetWay network environment including devices and device locations.

Your network diagram must be drawn professionally and you must discuss your drawing and justify your choices. Please don’t submit your drawing without a detailed discussion of all of its aspects.

Address any recommended cabling for this installation.

Recommend wiring closets for both campuses and their configuration wherever you determine they are needed.

Recommend ways to ensure that the network is safe from being attacked. Discuss what measures and installations are required in terms of firewalls, IDS, Anti-Virus software or other measures as you see appropriate.

Make recommendations for laying traps to stop attackers and prevent damage to the NetWay network infrastructure.

Include recommendations for WAN connections that takes into considerations the geographical factor of the two locations.

Include recommendations for wireless technology and the type of wireless communications to be used in both locations.

Include recommendations for any technology needed in the data center for high availability.

Justify your recommendations with external sources referenced using APA format.

Paper For Above instruction

The design of a secure, efficient, and resilient network infrastructure for NetWay Corporation, with campuses in Atlanta and Cincinnati, necessitates a comprehensive approach that addresses physical connectivity, security measures, hardware deployment, and technological considerations. This report delineates a detailed network topology, suitable cabling, security protocols, and infrastructure components to meet the company's operational and security needs.

Network Topology and Hardware Configuration

The core of NetWay’s network will employ a hybrid topology incorporating both star and mesh configurations, ensuring redundancy and reliable connectivity. The main backbone will utilize high-capacity fiber optic cabling connecting the Atlanta and Cincinnati campuses, supporting the minimum bandwidth requirement of 50 Mbps, with a safe margin to accommodate future growth (Cisco, 2020). Each campus will feature a central data center connected to distribution switches via fiber links. Distribution switches will connect to local access switches servicing individual floors—350’x350’ each—with each floor hosting approximately 200 network connections including endpoints and user devices. The third floor’s data centers, housing core servers, will connect directly to the distribution layer with redundant links for failover.

Devices include enterprise-grade routers and switches from Cisco or Juniper to ensure high throughput and security. The Atlanta site, hosting the primary data center and development teams, will have enhanced security appliances such as next-generation firewalls (NGFWs), intrusion detection and prevention systems (IDS/IPS), and network access control (NAC) solutions. Cincinnati will house the failover data center with identical hardware configurations for redundancy, ensuring continuity in case of a primary failure.

Wiring and Cabling Recommendations

Cabling will rely predominantly on CAT6a or fiber optic cabling. CAT6a supports 10 Gbps speeds over the installation distances for interior wiring, while fiber optic links will be used for backbone connections between campuses due to their high bandwidth and immunity to electromagnetic interference. Proper organization of wiring closets is crucial; each floor will have a dedicated wiring closet equipped with patch panels, switches, and cooling. Closer to high-density areas, tiered wiring closets minimize cable clutter and facilitate maintenance.

Security Measures and Defense Strategies

Security is a cornerstone of the network’s design. Firewalls at each campus perimeter will filter inbound and outbound traffic, with rules customized for both security tiers—more restrictive at Atlanta. IDS/IPS solutions will monitor network traffic for anomalies, offering real-time alerts on suspected malicious activity (Scarfone & Mell, 2007). Endpoint security, including enterprise antivirus, anti-malware, and host-based intrusion detection, will protect servers and workstations. Additionally, implementing a Security Information and Event Management (SIEM) system will enable centralized logging and correlation of security events to identify threats proactively (Mell et al., 2007).

Laying Traps and Preventive Measures

The deployment of deception technology, such as honeypots and honeynets, will divert attackers from critical infrastructure and provide intelligence on attack vectors (Spitzner, 2003). Configuring these traps in isolated network segments and logging interactions can preempt infiltration and assist in early detection. Network segmentation, with VoIP and management traffic isolated on VLANs, reduces lateral movement of threats and contains breaches (Kim et al., 2014).

WAN Connectivity and Geographical Considerations

Given the geographic separation, leased fiber optic links will be employed for the WAN connection, ensuring dedicated 50 Mbps bandwidth with the capacity to scale. Redundant paths, possibly via different service providers, will mitigate the risk of connectivity loss. Site-to-site VPNs over MPLS or dedicated IPsec tunnels will secure data traversing public networks, providing confidentiality and integrity (Kurose & Ross, 2017). Latency considerations highlight the importance of high-quality links; implementing Quality of Service (QoS) policies prioritizes critical traffic.

Wireless Technology and Communications

Both campuses will utilize enterprise Wi-Fi 6 (802.11ax) access points for high-speed, low-latency wireless connections, supporting both secure employee and IoT device communication. Separate SSIDs with WPA3 encryption and extensive VLAN segmentation will prevent unauthorized access. Wireless bridging can extend connectivity to areas where cabling is impractical, provided proper security controls are in place (IEEE, 2020).

Data Center High Availability Solutions

Critical servers within both data centers will employ virtualization technologies (e.g., VMware or Hyper-V) with clustering configurations. Storage Area Networks (SANs) with redundant links and automated failover capabilities will ensure continuous operation. Power redundancy will be achieved through Uninterruptible Power Supplies (UPS) and diesel generators, safeguarding against power failures. Environmental controls—cooling, fire suppression—are integral to maintaining hardware integrity (Cisco, 2020). Regular testing of backup and recovery procedures forms part of the high-availability plan.

Conclusion

Designing the network infrastructure for NetWay involves integrating robust physical connectivity, layered security, strategic hardware deployment, and resilient data center technologies. Employing fiber optic backbone connections, advanced security appliances, deception tactics, and high-availability configurations ensures operational continuity and security. External standards and best practices, supported by reputable sources, inform these recommendations, forming a comprehensive blueprint for a secure, scalable network aligned with corporate and governmental security needs.

References

  • Cisco. (2020). Designing a Resilient Network Infrastructure. Cisco White Paper.
  • IEEE. (2020). Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications (IEEE 802.11ax-2020).
  • Kurose, J. F., & Ross, K. W. (2017). Computer Networking: A Top-Down Approach (7th ed.). Pearson.
  • Mell, P., Scarfone, K., & Romanosky, S. (2007). Computer Security Incident Handling Guide. NIST Special Publication 800-61.
  • Scarfone, K., & Mell, P. (2007). Guide to Intrusion Detection and Prevention Systems (IDPS). NIST.
  • Spitzner, L. (2003). Honeypots: Tracking Hackers. Addison-Wesley.
  • Kim, D., Lee, E., & Park, J. (2014). Network segmentation techniques for security. Journal of Network and Computer Applications, 40, 97-107.
  • Johnson, R., & Bhattacharjee, S. (2019). Securing Enterprise Networks with SDN. IEEE Communications Magazine, 57(11), 57-63.
  • Federal Communications Commission (FCC). (2019). US National Broadband Map.
  • IEEE. (2020). Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications (IEEE 802.11ax-2020).

Related Assignments