SIT 202 NETWORK DESIGN AND MANAGEMENT

Network Administration

Network administration is the process of managing, maintaining and troubleshooting a

computer network. This includes tasks such as configuring network hardware and software,
setting up and maintaining network security, monitoring network performance, and
troubleshooting network issues. Network administrators also often manage and maintain
servers, and may be responsible for configuring and maintaining networked applications
and services. They also need to ensure the network is running smoothly and efficiently,
and that it is secure from unauthorized access and threats such as malware or cyber-attacks.

The functions of network administrator

The main functions of a network administrator include:

1. Designing, implementing, and maintaining the network infrastructure: This includes
selecting and configuring network hardware and software, and ensuring that the
network is properly wired and connected.
2. Managing network security: This includes implementing security measures such as
firewalls and intrusion detection systems to protect the network from unauthorized
access and cyber-attacks.
3. Monitoring network performance: This includes using tools to monitor the network
for issues such as bottlenecks, and troubleshooting and resolving problems as they
arise.
4. Managing and maintaining servers: This includes installing, configuring, and
maintaining servers and server applications, as well as ensuring that they are backed
up and have adequate resources to function properly.
5. Managing and maintaining networked applications and services: This includes
configuring, maintaining, and troubleshooting networked applications and services
such as email, databases, and file sharing.
6. Staying up to date with new technologies and best practices: Network
administrators need to stay current with new technologies and best practices in
order to continue to provide a secure and efficient network for their organization.
7. Managing user access and permissions: Network administrators are responsible for
creating and managing user accounts, and for controlling access to network
resources such as servers and applications.

Expected Ethical roles and responsibilities of a network administrator

The ethical roles and responsibilities of a network administrator include:

1. Protecting the confidentiality, integrity and availability of data: Network
administrators have an ethical responsibility to protect the sensitive information that
is stored on the network from unauthorized access, disclosure, modification, or
destruction.
2. Maintaining the privacy of users: Network administrators have an ethical
responsibility to protect the privacy of the users of the network. This includes not

1|Page
 monitoring or accessing user data without proper authorization and not sharing user
data with third parties without their consent.
3. Being honest and transparent: Network administrators have an ethical responsibility
to be honest and transparent with their organization and its users about the
capabilities and limitations of the network.
4. Being accountable for their actions: Network administrators have an ethical
responsibility to be accountable for their actions, and to take responsibility for any
harm that may result from their actions or inactions.
5. Complying with laws and regulations: Network administrators have an ethical
responsibility to comply with all relevant laws and regulations, including those
related to data privacy and security.
6. Continuously improve security measures: Network administrators are responsible
for continuously monitoring and improving the security measures in place to protect
the network and its users from cyber-attacks and other threats.
7. Being impartial: Network administrators should not give preference to certain users
or groups, and should make sure that the network is used in an ethical and lawful
way.
8. Maintaining the integrity of the network: Network administrators have an ethical
responsibility to protect the integrity of the network by preventing unauthorized
access, use, disclosure, disruption, modification, or destruction of the network.
Ethical Issues a Network Administrator May Encounter
1. Invasion of Privacy
One of the tasks a company could assign a network administrator could be looking at at
the browser activities and emails of employees to enforce company Internet usage policies.
In this case, the network administrator could feel that it is unethical to invade employees'
privacy in this way. However, if the company's employment contract states that the
company could review their Internet activities, then the employees were forewarned not
to do anything private on their company computers or company email accounts.
2. Equality in Reporting
Another ethical issue a network administrator could encounter in the process of reviewing
employee browsing and email usage involves deciding what infractions to report. In other
words, should the administrator report every single infraction, no matter how small, or
should he only report serious infractions? In this case, the administrator may use his own
values to determine what constitutes a "serious" infraction, and these values would also
decide which employees will be let off and which ones could face disciplinary action.
3. Sensitive Information
A network administrator must know everything about his employer's technology
infrastructure. This can include proprietary technologies and business practices. If a
network administrator begins a new job at a different company, he could find himself in a
situation where he could use knowledge from his previous employment for gain at his new
job. In this case, the network administrator has to look for ethical, as well as legal,
guidance to any non-disclosure agreements he may have signed at his old company.
4. Whistle Blower Situations
In this course of a network administrator's job with unlimited access to any file on the
company's servers, she may come across information that implicates her company in
activities that are either unethical or strictly illegal. In this case, the network administrator
may find herself torn between reporting her employer and her own job security. The
employee needs to balance whether the activity is strictly illegal or simply unethical, with
the constraints of any non-disclosure agreements she may have signed before going
forward to report her employer.
Computer Network Design, its importance, design goals and illustration of how to design a
simply LAN,
Computer network design is the process of planning, laying out, and implementing a
network infrastructure for connecting computers, servers, printers, and other devices. It
involves the selection of hardware, software, and services, such as cloud computing, as
well as the planning of the physical layout of cables and other devices.

The primary goal of network design is to provide a reliable, secure, and high-speed
network that meets the needs of its users. Network design is important for organizations
because it determines the overall performance, reliability, and scalability of the network.
The design must provide for the needs of the users, and ensure that the network is secure
and reliable. In addition, the design must provide for the future growth and expansion of
the network, as well as the scalability necessary to meet the changing needs of the
organization.

To illustrate how to design a simple Local Area Network (LAN), let's assume we are
designing a network for a small office of five computers.
 The first step is to plan out the network structure. We will need to consider the
number of computers, what type of devices will be connected to the network, and
whether or not we will use a wired or wireless connection. 

 The next step is to select the appropriate hardware and software, such as
switches, routers, and firewalls. Once the hardware and software are selected, we
can begin to physically install and configure the network.

 The next step is to create a logical diagram of the network, which will show how
the network devices are connected to each other. This diagram should include the
physical layout of the network and the logical connections between the devices. 

2|Page
 This diagram can be used to troubleshoot the network and to verify
the functionality of the network.
 Finally, we need to test the network to ensure that it is functioning properly. This
includes testing the speed, reliability, and security of the network. Once the tests are
completed, the network is ready for use. The following diagram illustrates a simple
LAN: [Diagram].

LAN DESIGN CONSIDERATIONS

You need to consider the following before designing a local area network:

 Number of ports required

 Network speed required; for example 100Mbps, 1Gbps, etc.
 Media consideration- Ethernet, wireless, token ring, etc.
 Devices required- Switches, Routers, Access Points
 Installation and configuration efforts required
 Ease of management

Computer Network Design Goals

The goals of computer network design include:

 Reliability: The network should be able to function properly and

without interruption even in the event of component failures. For
networks to be reliable, they need redundancies in place. It means
having multiple paths for data to travel and backup systems in place in
case of failure. Redundancy is significant for critical systems like e-
commerce or healthcare, where downtime can result in lost revenue. It is
achieved by using multiple devices or links between devices. 


 Scalability: The network should be able to expand or contract easily as the needs
of the organization change. The ability of a network to grow and handle increased
traffic is known as scalability. When planning for scalability, it’s essential to
consider the expected future growth of your company and what kind of demands
it will place on your network. You also need to think about how you can add new
devices or users quickly and without disruption.


 Security: The network should be protected from unauthorized access,
use, disclosure, disruption, modification, or destruction. Security is always
a top concern when it comes to networks. With hackers getting more
sophisticated, it’s important to have layers of protection in place. That
might include firewalls, antivirus software, and intrusion detection
systems. It is also important to keep your systems up to date with the
latest security patches.


 Performance: The network should be able to handle the required amount of data
and users effectively, with minimal delay and errors. Network performance is
critical for businesses of all sizes. Slow or unreliable networks can impact
employee productivity, customer satisfaction, and even the bottom line. That’s
why it’s important to carefully design your network to ensure optimal
performance. It can be guaranteed by using the right equipment, optimizing your
network traffic, and troubleshooting any potential problems.
 Usability:
There’s no point in having a fast network if it’s challenging to use. Make sure you
design your network with usability in mind. It includes ensuring that users can
easily find the resources they need, setting up adequate user permissions, and
providing clear instructions on how to use the network. It is important to keep in
mind that not everyone using your network will be tech-savvy, so make sure it’s
easy for everyone to use.


 Cost-effectiveness: The network should be built and maintained at minimal
 cost while still meeting the above goals.
 Maintainability: The network should be easy to manage and troubleshoot.


 Interoperability: The network should be able to support various devices
and protocols, and be able to communicate effectively with other
networks.

Types of LAN network design

There are several types of LAN (Local Area Network) network designs, including:

 Bus: A bus network uses a single cable or backbone to connect all devices on the
network. This is the simplest and most cost-effective design, but it can be less
reliable and less scalable than other designs.


 Star: A star network connects all devices to a central hub or switch. This design
is more reliable than a bus network, but it can be more expensive and complex. 


 Ring: A ring network connects devices in a circular configuration, with data flowing
in one direction. This design is more reliable than a bus network, but it can be
more expensive and complex. 

3|Page
  Mesh: A mesh network connects devices in a web-like configuration, with multiple
paths between devices. This design is the most reliable and scalable, but it can be
the most expensive and complex.


 Tree: A tree network is a combination of a star and a bus network, where the
central hub or switch connects to multiple other hubs or switches in a hierarchical
manner. This design is more reliable and scalable than a star network and more
cost-effective than a mesh network.

Hybrid: A hybrid network is a combination of two or more of the above network
designs, which is used to optimize the strengths and minimize the weaknesses of different
network designs.

Different Types of LAN

1. Client-server LAN
In a client-server LAN environment, a single server connects to multiple devices known
as clients. Client devices cannot interact with each other and a centralized machine
handles activities like network traffic management, network access control, etc. This LAN
type may be faster in small perimeters, but in a large perimeter, it places too much
pressure on the central server.
2. Peer to peer (P2P) LAN
In a P2P LAN, there is no centralized server, and all connected devices have access to
each other, regardless of whether they are servers or clients. The advantage of a P2P
LAN is that devices can freely exchange data with one another, making it easier to
stream media, send files, and perform similar data exchange activities. On the downside,
they tend to be less powerful than client-server LANs.
3. Token ring LAN
Based on the architecture design, you can classify LANs into a token ring or token bus
categories. In the former, all devices are arranged in a ring when they are connected. A
token is assigned to every connected device based on its requirements. It was introduced
by IBM in 1984 for use in corporate environments when ethernet technology was still in
the early stages of development.
4. Token bus LAN
In a token bus LAN, connected nodes are arranged in a tree-like topology, and tokens
are transferred either left or right. Typically, it provides better bandwidth capacities than
a token ring LAN environment.
5. Wired LAN
Wired LAN is probably the most common LAN type in use today. It uses electronic
waves to transfer data across optical fiber (or cable variants) instead of tokens. Wired
LAN is extremely reliable and can be very fast, depending on the performance of the
central server. However, it can hinder portability and flexibility, particularly in
environments with no fixed number of devices.
6. Wireless LAN
Wireless LAN is commonly used in home environments to connect computing devices,
wearables, smart appliances, etc. but there is a massive enterprise market for wireless
LAN as well, growing by 10.3% year over year as per IDC. This type of LAN uses
radiofrequency for data transfers, which can make it susceptible to security risks. It is also
battery-intensive and may show fluctuating performance depending on where the
wireless device is situated.
7. Cloud-managed LAN
Cloud-managed LAN is a specific type of wireless LAN where a centralized cloud
platform is used to manage network provisioning, policy enforcement, access control,
and other aspects of network performance and security. In a heterogeneous networked
environment, cloud-managed LAN streamlines governance, making it a good fit for
enterprise use. By 2025, cloud-managed LAN will be worth over $1.18 billion globally,
as per research by Market Research Future.

Network Design Models

There are several different network design models that are used to help guide the design
and implementation of computer networks. These include:
1. The OSI (Open Systems Interconnection) model: This model is a framework for
understanding how different network protocols and technologies interact. It is
divided into seven layers, each of which performs a specific function, such as
defining how data is transmitted or how network devices are addressed.

2. The TCP/IP (Transmission Control Protocol/Internet Protocol) model: This model is

similar to the OSI model, but it is more commonly used in practice. It is based on
four layers: the network interface, internet, transport, and application layers.
3. The Cisco three-layer hierarchical model: This model is often used in enterprise
networks and it is divided into three layers: the access layer, distribution layer, and
core layer. The access layer connects end devices to the network, the distribution
layer provides policy-based connectivity, and the core layer provides high-speed,
non-blocking switching.
Because networks can be extremely complicated, with multiple protocols and
diverse technologies, Cisco has developed a layered hierarchical model for designing
a reliable network infrastructure. This three-layer model helps you design,
implement, and maintain a scalable, reliable, and cost-effective network. Each of
layers has its own features and functionality, which reduces network complexity.

Here is an example of the Cisco hierarchical model:

 Access – controls user and workgroup access to the resources on the network.
This layer usually incorporates Layer 2 switches and access points that provide
connectivity between workstations and servers. You can manage access control and
policy, create separate collision domains, and implement port security at this layer.
 Distribution – serves as the communication point between the access layer and
the core. Its primary functions are to provide routing, filtering, and WAN access and to
determine how packets can access the core. This layer determines the fastest way that
network service requests are accessed – for example, how a file request is forwarded to a
server – and, if necessary, forwards the request to the core layer. This layer usually
consists of routers and multilayer switches.
 Core – also referred to as the network backbone, this layer is responsible for
transporting large amounts of traffic quickly. The core layer provides interconnectivity
between distribution layer devices it usually consists of high speed devices, like high end
routers and switches with redundant links.

4. The Cisco enterprise campus model: A campus network is a building or group of

buildings connected into one enterprise network that consists of many LANs. A campus is
generally limited to a fixed geographic area, but it can span several neighboring buildings
(for example, an industrial complex or business park environment). Regional offices,
SOHOs, and mobile workers may need to connect to the central campus for data and
information.
5. Peer to Peer Model
6. Client-server Model
These models provide a general guideline for network design and can be adapted to fit the
specific needs of an organization. However, it's important to note that there isn't one
model that fits all scenarios and network administrators should choose the one that best
suits the organization's goals and needs.

4|Page
The Cisco three-layer hierarchical model commonly used for LAN

Hierarchical network design is a method used by Cisco and other network designers to
create a logical and modular structure for LANs (Local Area Networks). The hierarchical
design is based on three layers: the core, distribution, and access layers.

 Core Layer: The core layer is the backbone of the network and is responsible for
high-speed, non-blocking data transport between distribution layers. It provides a
fast, highly available and secure connection between distribution layer devices. 


 Distribution Layer: The distribution layer provides the segmentation and filtering of
network traffic between different LAN segments and VLANs. It also provides
routing services between VLANs, and connecting the core and access layers. 


 Access Layer: The access layer connects end users and devices to the network. It
provides the interface for users to access network services and applications. It
also provides security and quality of service (QoS) for the end-user devices.

This hierarchical design allows for better scalability, manageability, and security of the
network. It also allows for easy identification and troubleshooting of network issues by
isolating them to specific layers.

Also, the separation of concerns on each layer allows for ease in future expansion and
upgrades without affecting the whole network. It also makes it easier to implement
different security policies, QoS, and traffic management at each layer.

Illustrate simple LAN design

A simple LAN (Local Area Network) design typically consists of the following components:

 End Devices: These are the devices that users interact with, such as
computers, laptops, smartphones, and printers.


 Network Interface Card (NIC): Each end device has a NIC which is responsible
for connecting the device to the network.


 Switch: A switch is a networking device that connects end devices together,
allowing them to communicate with each other.


 Router: A router is a networking device that connects different LANs together
and directs traffic between them. 


 Cable: Cables, such as Ethernet cables, are used to connect the end devices,
switch, and router together.

5|Page
A simple LAN design would look like this:

End Devices (Computer 1, Computer 2, Printer) <-> Switch <-> Router <-> Internet
In this example, the end devices are connected to the switch, and the switch is connected
to the router. The router is connected to the internet, which allows the end devices to
access the internet. The switch allows the end devices to communicate with each other and
share resources, such as printers.

This is a very basic LAN design, in reality, the LAN might be more complex, and include
multiple switches, routers, firewalls, and other networking equipment to meet the
organization needs

Redundant network models with secure network models

Redundant network models and secure network models are two distinct concepts in
network design and management, but they do have some overlap in terms of their goals
and objectives.

A redundant network model is a design approach that aims to provide a level of fault
tolerance by having multiple redundant components in place. This means that if one
component fails, another component can take over and keep the network running.
Examples of redundant network components include multiple routers, switches, or servers.
This approach is used to ensure that the network stays online even if one of its
components fails.

A secure network model is a design approach that aims to protect the network and its
resources from unauthorized access and threats such as malware or cyber-attacks. This
means that the network is designed with security measures such as firewalls, intrusion
detection systems, and encryption in place. The goal is to ensure that the network is
protected from external threats, and that internal network users are only able to access the
resources that they are authorized to access.

Redundant network models and secure network models are not mutually exclusive and are
often used in combination to ensure that a network is both reliable and secure. For
example,

6|Page
a redundant network design that also includes firewalls, intrusion detection systems and
VPNs would be considered as a secure and redundant network model.

In summary, a redundant network model aims to ensure that the network stays online,
while a secure network model aims to protect the network from unauthorized access and
threats. Both are important in maintaining a stable and secure network infrastructure.

Examples of redundant network models include:

 Redundant power supplies: This involves having multiple power supplies in a

network device such as a switch or router, so that if one power supply fails,
the other can take over and keep the device running.


 Redundant links: This involves having multiple network links between devices or
networks, such as multiple Ethernet cables connecting two switches, so that if
one link fails, the other can take over and keep the network running.


 Redundant routers: This involves having multiple routers in a network, so that if
one router fails, the other can take over and keep the network running. 


 Redundant servers: This involves having multiple servers in a network, so that if
one server fails, the other can take over and keep the network running. 

Examples of secure network models include:

 Firewall: This is a network security system that monitors and controls incoming and
outgoing network traffic based on a set of security rules and policies.


 Intrusion Detection System (IDS): This is a system that monitors network traffic and
alerts administrators to any suspicious activity or potential security breaches. 


 Virtual Private Network (VPN): This is a secure method of connecting to a remote
network over the internet, typically using encryption to protect the data being
transmitted.


 Access control: This involves implementing mechanisms to control access to network
resources based on user roles, permissions and policies. 


 Encryption: This involves the use of encryption technologies to protect data
transmitted over the network, such as SSL/TLS for web traffic, or IPsec for
VPNs.


 Security Information and Event Management (SIEM): This is a solution that
aggregates and analyzes security-related data from various sources in real-time
to identify and respond to cyber-threats.

These are just a few examples of the many different technologies and techniques that can
be used to design and implement a redundant and secure network. The specific
combination of

7|Page
technologies and techniques used will depend on the specific requirements of the
organization.

LAN Design Considerations

There are several key considerations that need to be taken into account when designing a
local area network (LAN). By taking these considerations into account, network
administrators can design a LAN that is reliable, secure, and able to meet the needs of the
organization.

When selecting a LAN technology, there are several key factors that need to be taken
into account, such as:

8|Page
 1. Network speed and bandwidth: The speed and bandwidth requirements of the
network will determine the type of technology that can be used. For example, if
the network needs to support high-speed data transfer, then faster technologies such
as 10 Gigabit Ethernet or 40 Gigabit Ethernet should be considered.
2. Network topology: The physical layout of the network, including the location of
devices such as routers, switches, and servers, as well as the cabling used to
connect them. The topology of the network will determine the type of technology
that can be used. For example, if the network uses a bus topology, then a
technology that supports this topology, such as Token Ring, should be considered.
3. Network security: This includes implementing security measures such as firewalls,
intrusion detection systems, and access controls to protect the network from
unauthorized access and cyber-attacks. Some technologies have built-in security
features, while others may require additional security measures to be
implemented.
4. Network scalability: The network should be designed to be able to expand and
accommodate additional devices and users as the organization grows. Some
technologies have a limited number of devices that can be connected, while others
are more scalable.
5. Network management: This includes planning for the management and
maintenance of the network, including monitoring and troubleshooting tools, and
procedures for managing user access and permissions. Some technologies have built-
in management features, while others may require additional management tools to
be used.
6. Cost: The cost of the technology, including the cost of devices, cabling, and
any additional software or services required, should be taken into account.
7. Interoperability: The network should be designed to be able to communicate and
interoperate with other networks and systems, both within the organization and
outside of it. Some technologies are more widely supported and interoperable
than others.
8. Compliance: The network should comply with any relevant laws, regulations, and
industry standards. Some technologies may not be compliant with
certain regulations.
By taking these factors into account, network administrators can select a LAN
technology that meets the needs of the organization in terms of speed, security,
scalability, manageability, cost and compliance.

9|Page