Table of Contents :

Introduction:...................................................................................2
Task-1 -Planning a Network...........................................................3
Explaining Logical Topology.......................................................3
Illustration of Diagram:...............................................................4
b) Issue of Network Problems faced by enterprise....................5
Advantages of Mesh Topology:..................................................5
Assumptions for Network Design:..............................................5
Network Hardening Measures:..................................................6
Diagram 2: Mesh Topology.........................................................6
Task-2 Network Operating Systems..............................................7
Proprietary NOS.........................................................................7
Advantages:...........................................................................7
Disadvantages:.......................................................................7
Examples of NOS (network Operating system)......................9
Enterprise networks that utilise Network Operating Systems
(NOS) that have reached End of Life (EOL) may encounter the
following serious problems:........................................................9
Task 3- Design of Network...........................................................10
Task-4-VPN................................................................................. 12
Advantages of A VPN:..............................................................13
Disadvantages of A VPN:.........................................................13
Task-5- Firewalls..........................................................................14
Advantages of Hardware Firewall:...........................................14
Disadvantages of Hardware Firewall:......................................15
Task -6-Recommendation of Network.........................................15
 a) Scalability Considerations:...................................................15
b) Network Security Measures.................................................16
Conclusion:..................................................................................16
References..................................................................................17
Appendix A:................................................................................. 17
Appendix B-.................................................................................19

Introduction:
Businesses must undergo digital transformation to grow and survive; therefore,
strategically upgrading network infrastructure is essential to boost operational efficiency
and consumer engagement. This project focuses on developing and installing a solid
network infrastructure for WeBuyAnyVehicle, a nationwide car dealership moving to a
modern, flexible office. The impending change presents an opportunity to upgrade their
network infrastructure to meet expanding connectivity needs, incorporate cutting-edge
wireless technologies, and encourage a flexible office model with hot desking.
Businesses must undergo digital transformation to grow and survive; therefore,
strategically upgrading network infrastructure is essential to boost operational efficiency
and consumer engagement. This project focuses on developing and installing a solid
network infrastructure for WeBuyAnyVehicle, a nationwide car dealership moving to a
modern, flexible office. The impending change presents an opportunity to upgrade their
network infrastructure to meet expanding connectivity needs, incorporate cutting-edge
wireless technologies, and encourage a flexible office model with hot desking.

This paper aims to demonstrate a thorough understanding of computer networking

principles in a real-world setting. The assignment will handle network design, security,
and scalability using theoretical and practical skills. This will require investigating
network topologies, operating systems, and strategic security measures to protect the
network from cyberattacks.

In designing a network that supports over 200 employees with remote access,
WeBuyAnyVehicle will focus on establishing a durable, scalable architecture that fulfils
current operational needs and anticipates future development and technology
advances. This project will outline a network that boosts efficiency, secures data, and
supports the company's growth through careful planning and strategic design.

Task-1 -Planning a Network

Explaining Logical Topology
Unlike the physical architecture of devices and cables, "logical topology" relates to data
flow within a network. It describes how devices communicate over a network regardless
of location. Logical topology focuses on software, protocols, and data transfer
mechanisms used to route data between network nodes. Depending on the network
architecture, devices in a physical star topology may communicate logically in a ring or
bus style. (techopedia, 2012)
Data movement and network services like routing and switching depend on logical
topologies. Network performance, security, and scalability depend on logical topologies.
They define network node and device structure and communication. Linear (bus), ring,
star, tree, and mesh topologies are common. Each topology affects network data
transmission and reception.
It is crucial for “WeBuyAnyVehicle” to implement a logical architecture that enables
scalability, flexibility, and security. This is particularly important due to the company's
expansion and the increasing use of wireless and cloud-based technologies.

Illustration of Diagram:
To illustrate a logical topology, let's consider a simplified mesh topology for
WeBuyAnyVehicle's network. This will show how devices might communicate within a
wireless network setup, emphasizing the data flow and connections rather than the
physical placement of devices.

Diagram 1: logical network topology diagram.

Presented below is a streamlined representation of a logical network topology diagram.

The setup includes a solitary core router, two switches, one server, and numerous PCs
and laptops with wireless connectivity. The router is depicted establishing a connection
with the internet and the switches, which subsequently establish connections with the
server and PCs. In addition, there are a few wireless access points that offer
connectivity to the laptops. The connections are represented by simple lines, and the
direction of data flow is indicated by arrows.

b) Issue of Network Problems faced by enterprise

A mesh topology would be best for WeBuyAnyVehicle's wireless connectivity and failure
tolerance. Each wireless access point (WAP) with a mesh architecture connects to
several additional WAPs, not just the router. This creates a network with many data
pathways between any two sites, ensuring ongoing connectivity even if one or more
access points fail.

Advantages of Mesh Topology:

 Self-Healing: Data is automatically sent somewhere else if an entry point fails.
(.geeksforgeeks., 2022)
 Scalability: Adding new access points is a simple way to extend network
coverage without requiring extensive network modifications. (.geeksforgeeks.,
2022)
 Resilience: Having multiple paths makes the network better able to handle a lot
of data and keep services running. (.geeksforgeeks., 2022)

Assumptions for Network Design:

 Growth: Network design is responsible for an extra 10% increase in staff.
 Device Compatibility: New WAPs should be able to work with devices that
already support Wi-Fi 5 (802.11ac).
 Hot Desking Support: When workers move from desk to desk, the wireless
network must allow them to do so without any problems.
 File Server Upgrade: Move from Windows Server 2012 to a cloud option like
Office365 to improve remote access and reduce the strain on local infrastructure.
Network Hardening Measures:
 Installing the newest Wi-Fi security standards.
 All network gadgets should get regular updates and patches.
 For better protection, separating the network into VLANs for each department.

Diagram 2: Mesh Topology.

The simplified picture shows the layout of a wireless mesh network. It has a central
router that is linked to several wireless access points (WAPs). The WAPs are then
linked to each other to provide more than one way to join. This makes sure that the
network will still work if one WAP fails, since devices can still join through other WAPs.
Mobile devices are shown connecting wirelessly to the network. This shows how flexible
and reliable a mesh topology can be in a changing office setting like
WeBuyAnyVehicle's, where some workers work from home and others in the office.
Task-2 Network Operating Systems
a)

A Network Operating System (NOS) is specialized software used to manage and

coordinate network resources among multiple linked devices. Unlike an operating
system for a single computer, a NOS manages data and services via a network,
providing features such as printer access, file sharing, network traffic control, and user
authentication. This system enables devices on a network to communicate with each
other and share resources more efficiently.

Proprietary NOS
A firm develops and maintains its own proprietary network operating systems, and
oversees the distribution of source code.

Advantages:
 Support and Updates: Vendor support is typically included with proprietary NOS,
ensuring expert assistance, regular updates, and patches. (Toppr, n.d.)
 Integration: consistently offer a seamless integration with other offerings from the
same provider, fostering a cohesive and interconnected ecosystem. (Toppr, n.d.)
 User Experience: The learning curve for users and administrators is typically
lowered by their more user-friendly interfaces and documentation. (Toppr, n.d.)

Disadvantages:
 Cost: The exorbitant expense can constrain the IT budget, so curtailing a
company's capacity to allocate funds towards essential areas such as hardware
enhancements, supplementary software tools, or personnel development
initiatives.

 Vendor-Lock-In: Vendor lock-in can result in diminished negotiating leverage,

perhaps leading to increased expenses over an extended period. Additionally,
this implies that a corporation could need to make concessions on innovation or
 ideal solutions as a result of the constraints imposed by adhering to a single
vendor's ecosystem.
 Compatibility: Incompatibility problems may result in extra expenses for
middleware or customized solutions to address the lack of interoperability.
Additionally, it may impede a company's capacity to embrace novel technologies
that are incompatible with the exclusive system, hence potentially obstructing
business flexibility and expansion.

Open-Source NOS

Network operating systems that are open-source allow anybody to freely use, modify,
and distribute their source code.

Advantages:

 Cost-Effectiveness: The total cost of IT is decreased by using open-source NOS,

which are typically free or very inexpensive.
 Flexibility: One can obtain the source code and modify it to suit the specific
needs of an organisation.
 Community Support: Open-source projects are frequently accompanied by a
robust community support network that offers an abundance of resources and
mutual knowledge.

Disadvantages:

 Complexity: It might be difficult to customise and maintain an open-source NOS,

and it may take knowledgeable staff to handle it.
 Inconsistent support: As opposed to direct help from proprietary systems, which
might be inconsistent, support is provided by the community or through services
that are paid for.
 Maintenance and stability: There could be security and dependability problems
with open-source projects since they don't have the same level of stability and
regular upgrades.
Examples of NOS (network Operating system)
 Microsoft Windows Server: a line of Microsoft-designed proprietary server
operating systems that offer enterprise-level connectivity, data storage,
applications, and management.
 Linux (e.g., Ubuntu Server, Red Hat Enterprise Linux): These are a few
instances of popular open-source operating systems for workstations and servers
that have a sizable user base and a range of distributions designed for network
settings.

b)

Enterprise networks that utilise Network Operating Systems (NOS) that have
reached End of Life (EOL) may encounter the following serious problems:
 Security Vulnerabilities: If the manufacturer doesn't provide regular updates
and patches, the NOS is more vulnerable to security flaws. Hackers
frequently target out-of-date systems that have known exploits, which can
result in malware infections, unauthorised access, and data breaches.
 Compliance risk: Strict regulatory restrictions that demand the usage of
supported software are in place for many businesses. Using an (EOL) NOS
may result in non-compliance, which could harm the company's reputation
and incur fines and legal penalties.
 Software incompatibility: It is common for new services and apps to be
created with the newest operating systems in mind. An (EOL) NOS might not
work with updated software, which could reduce productivity and restrict the
functionality that the company can use.
 Lack of Support: Technical assistance from the vendor usually ends when a
NOS reaches end of life. Any problems that crop up as a result of this lack of
support will be more challenging to fix and may cause prolonged downtime.
 Increased Operational costs: Over time, maintaining an antiquated NOS may
prove to be more expensive. Businesses might have to spend more money
on bespoke solutions to fix compatibility problems and security holes, or they
might have to pay more for longer maintenance contracts if they are offered.
Task 3- Design of Network

Diagram 3:

The network diagram above illustrates the wirelessly-focused, scalable infrastructure

that WeBuyAnyVehicle has implemented for their open-plan office. The workplace can
accommodate 200 users, with an additional 10% capacity for personnel. This setup
demonstrates a modern approach to hot-desking, allowing employees to move freely
within the area and connect to the network wirelessly.

General Staff Network

IP Range: 192.168.10.0/24

Device Count: Supports up to 254 devices; allocated for 200 staff plus growth.

Connectivity: Wireless access points (WAPs) strategically placed for full coverage,
allowing for seamless roaming for employees with their Microsoft Surface devices.

Security: WPA3 encryption for secure wireless communication.

HR and Finance Network

IP Range: 192.168.20.0/26

Device Count: Supports up to 62 devices; allocated for 30 staff plus growth.

Connectivity: Separate WAPs to ensure dedicated and secure wireless coverage for the
department handling sensitive information.

Security: Additional network security measures such as VLAN separation and enhanced
firewall rules to protect financial data.

Management Network

IP Range: 192.168.30.0/28

Device Count: Supports up to 14 devices; allocated for 10 staff plus growth.

Connectivity: Dedicated WAPs, likely fewer due to the smaller team size, but ensuring
strong, consistent signal strength.

Security: Possible additional measures like multi-factor authentication to access this

network due to the nature of management's work.

IT Network

IP Range: 192.168.40.0/26

Device Count: Supports up to 62 devices; allocated for 45 staff plus growth.

Connectivity: WAPs configured for IT staff's technical needs, perhaps with priority on
bandwidth for IT operations.
Security: IT network likely has the strictest controls, with secure VPN access for remote
support and advanced intrusion detection systems in place.

Interconnection and Security Devices

Switches: Not pictured but would be present to connect WAPs and any wired devices if
necessary.

Firewall: A robust, central firewall routes traffic between the network segments,
implementing security policies and protecting against external threats.

Router: The diagram shows a central router managing traffic, which would also include
DHCP services for IP address assignment.

Intrusion Prevention System (IPS): Deployed to monitor network traffic for malicious
activity and respond immediately to any threats.

Additional Notes

The central file server needs to be addressed. Options include upgrading to a newer
Windows Server version or migrating to a cloud solution like Office365.

The need for minimal reconfiguration for scalability is met by having a subnet design
that allows for easy expansion within each segment.

The network is assumed to be using Wi-Fi 6 technology to accommodate the

requirements of the Surface devices and improve file transfer speeds, even though it’s
not a current priority.

This diagram reflects a network designed for flexibility, growth, and security, keeping in
line with WeBuyAnyVehicle's vision for their new office space.
Task-4-VPN

A Virtual Private Network (VPN) is a tool that establishes a secure connection over the
internet, encrypting the data transmitted between the user's device and the network.
This encryption process utilizes complex algorithms to ensure that sensitive information
remains protected from unauthorized access or interception. By creating a secure
tunnel, VPN technology allows for the safe and private transmission of data, making it
an essential tool for safeguarding sensitive information such as personal details,
financial transactions, and business communications. (SentinelOne, n.d.)

In an enterprise network, a VPN can be implemented through:

Client-to-Site VPNs: where remote users create a secure connection to the company
network using VPN client software.

Site-to-Site VPNs: that will allow safe connections between servers located in various
geographic areas by connecting complete networks in different regions to one another.

VPN Appliances: specialised hardware options that can manage high VPN traffic
volumes and offer strong security.

Cloud-based VPN services: cloud-based platforms that will provide easy deployment
and scalability for managed VPN services.

Advantages of A VPN:
Secure Remote Access: By giving employees access to the company's internal network
from a variety of places, virtual private networks (VPNs) guarantee that remote work is
just as safe as on-site work.

Data privacy: VPNs guard sensitive data by encrypting the connection, which is
particularly crucial in the current environment of growing cyberthreats.

Decreased Operational Costs: VPNs save overall operating costs by doing away with
the requirement for pricey dedicated leased lines for remote connectivity.
Scalability: VPNs can be expanded to support more users and locations as a business
expands without requiring a significant investment in new infrastructure.

Disadvantages of A VPN:
Impact on Performance: The connection speed may be slowed down by encryption and
decryption operations, which could have an adverse effect on output.

Complicated Setup and Maintenance: To ensure that security measures remain current,
a VPN must be implemented properly, which calls for experience and continuous
maintenance.

The compromise of a VPN: presents a security risk since it might turn into a single point
of failure, providing hackers with possible access to the whole network.

User Experience: It can occasionally be difficult for users to initiate a VPN connection,
which can cause resistance or improper use.

Task-5- Firewalls
A hardware firewall is a physical device placed between a local network and the
internet, while a software firewall is a program installed on individual devices or servers
to control incoming and outgoing network traffic.

Advantages of Hardware Firewall:

Network-Wide Protection: Hardware firewalls provide comprehensive protection for all
devices connected to a network, ensuring centralized security management and
consistent enforcement of security policies.

Dedicated Device: Being a standalone device, hardware firewalls do not rely on host
resources, resulting in minimal impact on device performance and scalability.

High Performance: Hardware firewalls often feature specialized hardware components

optimized for packet inspection and filtering, leading to faster processing of network
traffic and better overall performance.

Ease of Management: Once configured, hardware firewalls require minimal

maintenance and can be managed centrally through a web interface or command-line
interface, offering convenient monitoring and configuration options.
Protection Against DDoS Attacks: Hardware firewalls can mitigate Distributed Denial
of Service (DDoS) attacks by filtering out malicious traffic before it reaches the internal
network, thereby safeguarding network resources and services.

Disadvantages of Hardware Firewall:

Cost: Hardware firewalls require a separate physical device, which can be expensive to
purchase, deploy, and maintain, especially for small businesses or individual users.

Limited Customization: Hardware firewalls may offer limited customization options

compared to software firewalls, making it challenging for advanced users to tailor
settings to specific requirements.

Deployment Complexity: Installing and configuring a hardware firewall can be

complex, requiring technical expertise and potentially involving network topology
changes, which may be difficult to implement in large or distributed networks.

Single Point of Failure: Since hardware firewalls are standalone devices, they
represent a single point of failure in the network. Malfunctions or outages can disrupt
network traffic and compromise security.

Scalability: Upgrading or expanding the capacity of a hardware firewall may

necessitate replacing the existing device with a higher-capacity model, which can be
cumbersome and expensive.

Advantages of Software Firewall:

In Appendix-B

Disadvantages of Software Firewall:

In Appendix B

Task -6-Recommendation of Network

a) Scalability Considerations:
Modular Infrastructure: Developing a modular network infrastructure that facilitates
seamless growth and integration of additional devices without necessitating significant
reconfigurations. This may entail utilizing scalable wireless access points and switches
that are capable of accommodating a substantial number of connections and can be
quickly expanded as the organization expands.

Cloud-Based Services: Migrating to cloud-based services like Office 365 not only
resolves the problem of using outdated servers, but also offers the opportunity to easily
adjust storage capacity, manage users, and access applications. Cloud solutions have
the ability to effortlessly handle a growing number of users and data without requiring
frequent hardware updates.

Dynamic IP Address Allocation: Implementing dynamic IP address allocation using

DHCP to efficiently manage IP addresses across the network. This allows for automatic
assignment and release of IP addresses as devices connect and disconnect, eliminating
the need for manual IP configuration and facilitating scalability.

b) Network Security Measures

In Appendix-A

Conclusion:
The strategic design and execution of WeBuyAnyVehicle's new office network
infrastructure were assessed in this task. We addressed network topology, operating
systems, security, and advanced wireless technologies by analyzing and implementing
computer networking ideas. The proposed network design meets the company's current
operational needs while incorporating scalability and flexibility for future growth and
technological advancement.

We examined the company's changing work environment and the need for high
security, especially given cyber threats. The network guidelines help WeBuyAnyVehicle
manage a secure, efficient, and scalable network. These steps are essential to the
company's growth and the need for a reliable digital infrastructure for in-house and
remote workers.
In short, the network design aligns with WeBuyAnyVehicle's operating objectives and
guarantees both security and expansion. The meticulous strategic planning and
deliberate selection of technology ensure that the network will successfully align with
the business objectives and uphold the company's dedication to innovation and
customer service.

References
.geeksforgeeks., 2022. Advantage and Disadvantage of Mesh
Topology. [Online]
Available at: https://www.geeksforgeeks.org/advantage-and-
disadvantage-of-mesh-topology/
rocket.chat, n.d. [Online]
Available at: https://www.rocket.chat/blog/open-source-software-
advantages
SentinelOne, n.d. [Online]
Available at:
https://www.sentinelone.com/cybersecurity-101/virtual-private-
networks-vpns/?utm_source=google-paid&utm_medium=paid-
search&utm_campaign=uki-bau-brand-
pmax&utm_term=&campaign_id=20874776339&ad_id=&gad_sou
rce=1&gclid=CjwKCAjw_e2wBhAEEiwAyFFFo3ZstmOt9PQS7-cx
techopedia, 2012. Techopedia. [Online]
Available at: https://www.techopedia.com/definition/25890/logical-
topology
Toppr, n.d. Proprietary Software. [Online]
Available at:
https://www.toppr.com/guides/computer-science/computer-
fundamentals/open-source-concepts/proprietary-software/
Appendix A:

Network Security Measures:

Firewall Configuration: Implement robust firewall rules to control inbound and outbound
traffic, restricting unauthorized access and preventing the spread of malware. Regularly
update firewall configurations to adapt to evolving security threats and ensure that only
necessary services and ports are accessible from the outside.

Network Segmentation: Divide the network into separate segments using VLANs to
isolate sensitive areas such as HR, Finance, and Management from the rest of the
network. This limits the potential impact of a security breach by containing it within
specific segments and prevents lateral movement by attackers.

Access Control Policies: Enforce strict access control policies using role-based access
control (RBAC) to ensure that users only have access to resources and data that are
necessary for their roles. Regularly review and update user permissions to prevent
unauthorized access and minimize the risk of insider threats.

Intrusion Detection and Prevention Systems (IDPS): Deploy IDPS solutions to monitor
network traffic for suspicious activity and automatically respond to potential security
threats. This includes detecting and blocking malicious traffic, identifying unauthorized
access attempts, and alerting network administrators to potential security breaches in
real-time.

Employee Training and Awareness: Implement frequent security awareness training

sessions for employees to provide them with knowledge on prevalent security risks,
including phishing attacks, social engineering, and malware. Promptly encourage staff
to report any suspicious behavior and set well-defined protocols for reacting to security
issues in order to minimize the impact on the network.

By implementing these recommendations, WeBuyAnyVehicle can ensure that its

network infrastructure is scalable, resilient, and secure against a wide range of threats,
thereby supporting the company's continued growth and success.

Appendix B-
Advantages of Software Firewall:

Granular Control: Software firewalls offer granular control over individual devices,
allowing users to define specific rules and policies for inbound and outbound traffic,
enabling tailored security configurations.

Cost-Effective: Software firewalls are often included as part of operating systems or

security software suites, making them more cost-effective for small businesses or
individual users, as they do not require separate hardware purchases.

Flexibility: Software firewalls can be installed on various devices, including desktop

computers, servers, and virtual machines, ensuring consistent security policies across
different platforms and environments.

Application-Level Filtering: Some software firewalls provide application-level filtering,

enabling users to control access to specific programs or services based on predefined
rules, thereby preventing unauthorized access to sensitive applications.

Easy Updates: Software firewalls can be easily updated and patched to address
emerging threats or vulnerabilities, with updates automatically downloaded and
installed, ensuring the firewall remains up-to-date with the latest security features.
Disadvantages of Software Firewall:

Resource Consumption: Software firewalls consume system resources, such as CPU

and memory, which can impact device performance, particularly on older hardware or
low-powered devices.

Vulnerability to Malware: Software firewalls running on the same device they protect are
susceptible to compromise by malware or malicious attacks targeting the underlying
operating system or security software.

Configuration Complexity: Configuring software firewalls with complex rule sets or

network configurations can be challenging for novice users, with misconfigurations
potentially leading to security vulnerabilities or connectivity issues.

Dependence on Host System: Software firewalls rely on the host device's operating
system and network stack, so if the host system crashes or experiences hardware
failures, firewall protection may be compromised.

Limited Network-Level Protection: While software firewalls offer robust protection at the
device level, they may not provide comprehensive network-level protection for all
devices connected to the same network, necessitating additional measures such as a
hardware firewall for complete network security.