West Consulting Voice and Video Network Design and Final Proposal

From the previous weeks’ papers, it is evident that network design is not a one-time design due to increasing company demand. In this paper, I will continue improving the network design of the firm due to the expansion and growth of West Consulting Firm. In this case, I will develop a data center and a security plan.

WLAN infrastructure that can be integrated to the existing enterprise network

When integrating WLAN design into the existing enterprise network, one should keep the few capabilities in mind which are self-healing, self-defending, self-optimizing, and self-awareness. WLAN infrastructure is built around four main software and hardware components which are Cisco WLAN controllers, Cisco Lightweight Aps, Cisco Prime Infrastructure (PI), and cisco mobility services engine (MSE). For West Consulting Firm, I would recommend, the adoption of Cisco WLAN controllers for the WLAN infrastructure. This is because controller design have lower operational expenses, optimized turn-up and an improved return on investment.

Data flow between segments of the enterprise network

To design a DMZ, the network design must know the entrance point into the system. Additionally, when designing a data center for West Consulting Firm, the designer must install two network cards in the organization web server. The first NIC must be configured to the default gateway to the inside firewall while the second NIC card is configured to default gateway to the outside firewall. The dual NIC cards provides a greater security (Halper, 2012).

List of network assets and their use

The following is a list of network assets and how they are used;

· Servers: This are types of computers that hold shared files, applications, and network operating system.

· Transmission media: These are facilities which are used to interconnect computers in a network like coaxial cable, optical fiber cable, and twisted-pair wire

· Hub: This is an asset that splits a network connection into multiple computers. Hub acts like a distribution center

· Switch is an asset which groups together network components example computers. It act like a hub but built with more advanced features.

· Router: This is a network asset that connects LAN with an internet connection.

· LAN cable: This is a data cable or Ethernet cable which is wired and used to connect a device to the internet.

Potential threats and vulnerabilities

Fraud vulnerabilities is a potential vulnerability that can disclose confidential information for West Consulting Firm for unauthorized people. Fraud can make West Consulting Firm systems more vulnerable to subsequent fraud. Other vulnerabilities are through hardware where one might have misconfigured the hardware, susceptibility to dusts, humidity, and heat or even outdated hardware.

Denial of service attack: Denial of service attack (DoS) is a type of attack in which the perpetrator seeks to make a network or machine resource unavailable to all its intended users by temporarily or indefinitely disrupting services of a host that is connected to the internet. This type of attack can be accomplished by flooding the targeted machine with superfluous requests

Spoofing: Spoofing type of attack is when an attacker acts as another person on behalf of another. The attacker pretends to be someone else on a network so as to trick other devices, people or computers into performing legitimate actions.

Sniffing: A sniffer is a type of attack where an application or any device can read or monitor any data exchanges within a network. A sniffer can analyze ones network and eventually cause the organization network to crash (Merkow & Breithaupt, 2014).

High-level incident handling process

Sniffer and spoofing types of attacks are reported to the network administrator and can only be handled by encrypting packets. West Consulting Firm can mitigate DDoS type of attack by using cloud mitigation provider. These are experts who specialized in mitigating DDoS types of attacks. Once an organization experiences DDoS types of attacks are directly reported to CIO of the organization. Fraud type of vulnerabilities can only be mitigated by educating computers uses. Misconfigured hardware are directly reported to system administrators to reconfigure the hardware. Dusting computers regularly and installing cooling systems in server and computer rooms helps in reducing some of vulnerabilities due to hardware failure (Stallings & Brown, 2018).

Figure one: West consulting data design

References

Halper, R. F. (2012). Computer data center design: a guide to planning, designing, constructing, and operating computer data centers.

Merkow, M. S., & Breithaupt, J. (2014). Information security: principles and practices. Indianapolis: Pearson Education.

Stallings, W., & Brown, L. (2018). Computer security: principles and practice.