Scribd
Upload
38 views25 pages

10 - Project Report - Merged

Project report.

Uploaded by

12pluckmypub34shutthedoor
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
38 views25 pages

10 - Project Report - Merged

Project report.

Uploaded by

12pluckmypub34shutthedoor
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 25

DEPARTMENT OF

COMPUTER SCIENCE & ENGINEERING

Experiment 9
Student Name: Manisha Rebari UID: 23BCS80099
Branch: CSE Section/Group: 611 - A
Semester: 5th Date of Performance:14/10/24
Subject Name: Computer Networks Subject Code: 22CSH-312

1. Aim: Configuring DNS Server and accessing web Resources by Domain Name.

2. Objective: To configure a DNS (Domain Name System) server and access web
resources using domain names instead of IP addresses. This process involves setting
up a DNS server, creating DNS records, and testing the resolution of domain names to
access web resources efficiently.

3. Requirements:

Hardware:
 A computer or server for hosting the DNS server.
 Client machines to test DNS resolution.

Software:
 Linux (e.g., Ubuntu, CentOS) or Windows Server.
 DNS server software (e.g., BIND for Linux or Microsoft DNS for Windows Server).
 Text editor (e.g., nano, vim for Linux or Notepad for Windows).
 Network tools (e.g., nslookup, dig, ping).

Network Configuration:
 Access to configure IP addresses
 Basic knowledge of IP addressing and subnetting.
 IP addresses for your DNS server and the web resources to be accessed.

4. Procedure:

Physical Connection:
 Connect each computer to the network switch using Ethernet cables.
 Ensure the network switch is powered on and operational.
Check Connectivity:
DEPARTMENT OF
COMPUTER SCIENCE & ENGINEERING

 Verify physical connections and power status.


 Ensure that each computer is properly connected to the network.
Configuring IP Addresses
 Go to Control Panel → Network and Sharing Center → Change adapter settings.
 Right-click on your network connection and select Properties.
 Select Internet Protocol Version 4 (TCP/IPv4) and click Properties.
 Choose Use the following IP address and enter:
 IP address: e.g., 192.168.1.2 for the first computer, 192.168.1.3 for the second
computer.
 Subnet mask: 255.255.255.0
 Default gateway: Leave blank or enter the gateway IP if needed.
 Click OK to apply settings.

5. Output:

Fig 8.1 DNS Server Setup


DEPARTMENT OF
COMPUTER SCIENCE & ENGINEERING

Fig 8.2 (PC Command Prompt Ping Command)

Fig 8.3 (Accessing Web resource using DNS Server)

6. Learning Outcome
 Understand how to configure a DNS server to resolve domain names to IP addresses.
 Be able to set up DNS zone files and records (A, CNAME, NS).
 Test domain name resolution using tools like nslookup and dig.
 Access web resources using domain names, improving user-friendly access to network
resources.
 Gain insight into troubleshooting DNS-related issues and ensuring efficient name resolution.
DEPARTMENT OF
COMPUTER SCIENCE & ENGINEERING

Experiment 9
Student Name: Nidhi Singh UID: 23BCS80101
Branch: CSE Section/Group: 611 - A
Semester: 5th Date of Performance:14/10/24
Subject Name: Computer Networks Subject Code: 22CSH-312

1. Aim: Configuring DNS Server and accessing web Resources by Domain Name.

2. Objective: To configure a DNS (Domain Name System) server and access web
resources using domain names instead of IP addresses. This process involves setting
up a DNS server, creating DNS records, and testing the resolution of domain names to
access web resources efficiently.

3. Requirements:

Hardware:
 A computer or server for hosting the DNS server.
 Client machines to test DNS resolution.

Software:
 Linux (e.g., Ubuntu, CentOS) or Windows Server.
 DNS server software (e.g., BIND for Linux or Microsoft DNS for Windows Server).
 Text editor (e.g., nano, vim for Linux or Notepad for Windows).
 Network tools (e.g., nslookup, dig, ping).

Network Configuration:
 Access to configure IP addresses
 Basic knowledge of IP addressing and subnetting.
 IP addresses for your DNS server and the web resources to be accessed.

4. Procedure:

Physical Connection:
 Connect each computer to the network switch using Ethernet cables.
 Ensure the network switch is powered on and operational.
Check Connectivity:
DEPARTMENT OF
COMPUTER SCIENCE & ENGINEERING

 Verify physical connections and power status.


 Ensure that each computer is properly connected to the network.
Configuring IP Addresses
 Go to Control Panel → Network and Sharing Center → Change adapter settings.
 Right-click on your network connection and select Properties.
 Select Internet Protocol Version 4 (TCP/IPv4) and click Properties.
 Choose Use the following IP address and enter:
 IP address: e.g., 192.168.1.2 for the first computer, 192.168.1.3 for the second
computer.
 Subnet mask: 255.255.255.0
 Default gateway: Leave blank or enter the gateway IP if needed.
 Click OK to apply settings.

5. Output:

Fig 8.1 DNS Server Setup


DEPARTMENT OF
COMPUTER SCIENCE & ENGINEERING

Fig 8.2 (PC Command Prompt Ping Command)

Fig 8.3 (Accessing Web resource using DNS Server)

6. Learning Outcome
 Understand how to configure a DNS server to resolve domain names to IP addresses.
 Be able to set up DNS zone files and records (A, CNAME, NS).
 Test domain name resolution using tools like nslookup and dig.
 Access web resources using domain names, improving user-friendly access to network
resources.
 Gain insight into troubleshooting DNS-related issues and ensuring efficient name resolution.
Network design and simulation using cisco packet tracer
A PROJECT REPORT

Submitted by

Manisha Rebari (23BCS80099)


Nidhi Singh (23BCS80101)
Rajneesh Verma (23BCS80093)

in partial fulfillment for the award of the degree of

BACHELOR OF ENGINEERING

IN

COMPUTER SCIENCE AND ENGINEERING

Chandigarh University
Oct 2024

1
BONAFIDE CERTIFICATE

Certified that this project report “Network design and simulation using cisco packet
tracer” is the bonafide work of “Manisha Rebari, Nidhi Singh and Rajneesh
Verma” who carried out the project work under the supervision of Er. Gurleen Kaur.

SIGNATURE [HOD] SIGNATURE

Dr. Sandeep Singh Kang Er. Narinder Yadav (E16474)


HEAD OF THE DEPARTMENT SUPERVISOR
Computer Science & Engineering Computer Science & Engineering

Submitted for the project viva-voce examination held on

INTERNAL EXAMINER EXTERNAL EXAMINER

2
TABLE OF CONTENTS
Abstract ............................................................................................................................................. 4
Abbreviations .................................................................................................................................... 5
Chapter 1. Introduction ................................................................................................................... 6
1.1 Client Intoduction .............................................................................................................. 6
1.2 Identification of Problem .................................................................................................. 6
1.3 Identification of Task......................................................................................................... 7
1.4 Timeline .............................................................................................................................. 8
1.5 Organization of the report ................................................................................................ 9
Chapter 2. Design Flow/Process ..................................................................................................... 10
2.1 Evaluation & Selection of Specification/Features ......................................................... 10
2.2 Design Constraints ........................................................................................................... 11
2.3 Design Flow… .................................................................................................................. 11
2.4 Design Selection................................................................................................................ 12
2.5 Implementation plan/Methodology… ............................................................................ 13
Chapter 3. Result Analysis and Validation ................................................................................... 14
3.1 Implementation of Solution............................................................................................. 14
Chapter 4. Conclusion and Future work ...................................................................................... 15
4.1 Conclusion ........................................................................................................................ 15
4.2 Future Work ..................................................................................................................... 16

3
ABSTRACT

This project presents the design, implementation, and simulation of a secure, multi-location office
network using Cisco Packet Tracer. The project consists of three office locations, each with distinct
networking requirements. The primary objective is to establish an efficient and secure network
infrastructure by utilizing the Dynamic Host Configuration Protocol (DHCP) and DHCP relay agents
for automated IP address allocation across multiple subnets.
At the first two locations, the network accommodates three teams: Marketing, IT, and Finance, each
comprising 10 workstations. A unique network rule is applied where team leaders from each team are
allowed to ping one another, but communication between team members is restricted. Team members
are permitted to communicate only with others from the same team within the same location, enforcing
intra-team and intra-location communication boundaries. Additionally, communication across
locations between team members of the same team is not allowed, enhancing security and traffic
control.
The third location includes two specialized teams: the Audit and Management teams, which are
configured to have higher communication privileges. These teams can communicate with each other,
as well as with team leaders from the other two locations. A Security Engineer, located on a separate
floor within the third location, is also granted controlled access to the Audit, Management, and team
leader communications while being isolated from other teams.
Furthermore, a special committee of two members is added to the network, designed to have
communication access to both the Audit and Management teams, the Security Engineer, and each
other. This special committee's configuration emphasizes selective cross-location communication,
enhancing collaboration across critical departments.
The entire network is divided into distinct subnets, each tailored for the specific requirements of the
teams and roles, ensuring data privacy, efficient routing, and reduced broadcast traffic. The project
involves the initial configuration of switches and routers, implementing security policies through
access control lists (ACLs), and configuring VLANs for segmentation. The overall design ensures a
balance between security, scalability, and functionality in the simulated office environment, mirroring
real-world networking practices. This setup demonstrates the ability to manage complex
communication requirements while maintaining strict security measures across different network
segments.

4
ABBREVIATIONS

 VLAN: Virtual Local Area Network

 IP: Internet Protocol

 ACL: Access Control Lists

 DHCP: Dynamic Host Configuration Protocol

 IT: Information Technology

 IDS: Intrusion Detection Systems

 IPS: Intrusion Prevention Systems

5
CHAPTER 1.

INTRODUCTION

1.1. Client Identification/Need Identification/Identification of relevant


Contemporary issue
In today’s highly connected business environment, efficient and secure communication
within office networks is paramount. The client for this project is a mid-sized company with
three office locations. These offices house various teams responsible for Marketing, IT,
Finance, Audit, and Management functions. The client’s need stems from the complexity of
coordinating cross-team and cross-location communication in a way that ensures both
security and efficiency. With the continuous growth in digital transformation and remote
working scenarios, the client seeks a scalable networking solution that integrates seamless
communication while enforcing stringent access controls. The goal is to create a well-
organized and secure network infrastructure that automates the allocation of IP addresses
and ensures that communication across different teams and locations follows strict
guidelines to prevent unauthorized access or security breaches. Additionally, there is a need
for efficient network management tools to ensure ease of monitoring and troubleshooting,
along with the capacity to expand the network as the organization grows.

1.2. Identification of Problem


The client’s current office network lacks the necessary structure to manage communication
between different teams and locations in a secure and organized manner. Specific challenges
include:
 Unrestricted Communication: Currently, team members can communicate freely with
one another across all locations. This lack of communication boundaries creates the risk
of potential data breaches, inefficient traffic management, and privacy violations.
 IP Addressing Issues: The company’s existing network configuration uses static IP
addressing, which is time-consuming to manage and prone to human error. A dynamic
solution like DHCP is needed to streamline the process.

6
 Absence of Segmentation: The network lacks proper segmentation, which limits the
organization’s ability to control traffic flow and restrict communication between
different roles and teams. This could lead to security vulnerabilities, especially in an
environment where sensitive information is frequently exchanged between departments
like Finance, IT, and Management.
 Lack of Prioritized Communication: High-level communication, such as between team
leaders or between the Management and Audit teams, is not properly isolated or
prioritized. This results in unnecessary congestion and increased risks of sensitive
information being accessed by unauthorized personnel.

1.3. Identification of Tasks

To address the identified problems and meet the client’s needs, the following tasks have
been outlined for this project:
 Task1: Network Design
Design a network topology that incorporates three office locations, each with distinct
subnets, teams, and communication requirements. Each location should have its own
network to manage traffic independently while remaining connected to the wider
company network through routers.
 Task 2: DHCP and DHCP Relay Configuration
Configure DHCP at one location for automated IP addressing and use DHCP relay
agents at another location to ensure that IPs are dynamically assigned based on location-
specific requirements. This will eliminate the need for manual IP configuration.
 Task 3: VLAN and Access Control Configuration
Implement VLANs across all three locations to separate the various teams. VLANs will
ensure that teams within the same location can communicate internally while restricting
cross-team and cross-location communication based on predefined rules.
 Task 4: Access Control Lists (ACLs)
Create and apply ACLs to define who can communicate with whom within the network.
Specific rules will be created to allow team leaders, Audit, and Management teams to
communicate with each other, while restricting team members from communicating
outside their roles.

7
 Task 5: Special Committee and Security Configuration
The special committee and Security Engineer will be placed in isolated VLANs with
controlled access. The Security Engineer will be able to communicate with critical teams
such as Audit, Management, and the special committee, but will be restricted from
interacting with regular team members.
 Task 6: Network Testing and Validation
After configuring the network, test the system to ensure that communication flows are
functioning as per the rules defined, DHCP is dynamically assigning IP addresses, and
ACLs are correctly restricting and allowing traffic.

1.4. Timeline

The project was completed over a span of 10 weeks. The following timeline outlines the
major milestones achieved during the project lifecycle:
 Week 1: Requirements Gathering and Network Design The first phase involved
gathering client requirements and drafting the network design. Detailed communication
requirements were defined for each team, and the overall network structure was planned. 
 Week 2: Initial Topology Setup During this phase, the basic topology, including
routers, switches, and workstations, was set up in Cisco Packet Tracer. Preliminary
testing for connectivity between locations and devices was conducted. 
 Week 3: DHCP and DHCP Relay Configuration DHCP was configured at one
location, and DHCP relay agents were set up at another location to ensure IP addresses
were automatically allocated based on team requirements. 
 Week 4: VLAN and ACL Implementation VLANs were configured across all
switches to segregate traffic between teams. ACLs were also set up to enforce access
restrictions.
 Week 5: Testing and Troubleshooting Detailed testing was carried out to ensure the
communication flows adhered to the rules defined for team members, team leaders, and
special teams. Issues were identified and addressed through troubleshooting. 
 Week 6: Final Validation and Report Writing The network configuration was
finalized, and the results were documented in the project report. Final validation was
conducted to ensure that the network met the client’s requirements. 

8
1.5. Organization of the report

This report is organized into six chapters, each focusing on different aspects of the project:
Chapter 1: Introduction
This chapter introduces the project, identifies the client’s needs, and outlines the problems,
tasks, and project timeline.
Chapter 2: Literature Review
This chapter discusses relevant networking concepts, including VLANs, DHCP, ACLs,
and network security, along with their contemporary applications in office environments.
Chapter 3: Methodology
The methodology chapter outlines the detailed steps taken to implement the network,
including hardware and software configuration, design decisions, and security measures.
Chapter 4: Results and Discussion
This chapter presents the outcomes of the network simulation, along with analysis of the
communication flows, IP assignment, and security policies implemented.
Chapter 5: Conclusion and Recommendations
The final chapter concludes the report by summarizing the project’s achievements and
suggesting areas for future improvements or scalability.

9
CHAPTER 2.

DESIGN FLOW/PROCESS

2.1. Evaluation & Selection of Specifications/Features

The design of the network for this office setup required careful evaluation of the company's
requirements, taking into consideration the structure of teams, security concerns, and
operational efficiency. The following key specifications and features were evaluated for
inclusion in the final design:

 Dynamic IP Address Allocation: The need for dynamic IP addressing was evident given
the size of the organization and the complexity of managing static IP addresses. To meet
this requirement, a combination of Dynamic Host Configuration Protocol (DHCP) and
DHCP relay agents was chosen. This feature ensures automated and efficient IP
management across different locations.
 Team Segmentation: The network had to be segmented based on teams, and this was
achieved through Virtual Local Area Networks (VLANs). VLANs were evaluated as the
best solution for separating the traffic of different teams within the same location to
prevent unnecessary inter-team communication.
 Access Control: To enhance network security, Access Control Lists (ACLs) were
evaluated and selected as a crucial feature. ACLs would be applied to define clear rules
for which devices and users can communicate with each other, limiting access based on
role and location.
 Cross-location Communication: The network required selective communication across
locations. This was addressed by carefully configuring routing rules that allow team
leaders, audit teams, and management to communicate while restricting regular team
members from accessing resources outside their designated areas.
 Security Measures: The placement of the Security Engineer in the network, with control
over certain communication flows, was evaluated for its potential to add another layer of
network monitoring and protection. The Security Engineer is responsible for monitoring

10
network traffic and ensuring that sensitive communications (e.g., between audit,
management, and special committee) remain secure.

2.2. Design Constraints


While developing the network design, several constraints had to be taken into consideration:
 Limited Network Segmentation Resources: While the use of VLANs and ACLs was
critical, there were limitations to how many VLANs and ACL rules could be implemented
without over-complicating the network. Keeping the network manageable was key.
 Cross-location Communication Complexity: Setting up communication rules between
multiple teams in different locations had to be carefully considered. Misconfigurations
could result in unintended communication paths, so it was necessary to balance
complexity with functionality.
 DHCP and Relay Agent Limitations: Implementing DHCP across multiple locations
required careful planning of the relay agent, as DHCP servers are generally centralized.
The relay agents needed to function effectively without causing delays or failures in IP
address allocation.
 Hardware Constraints: The number of routers, switches, and other network devices
available in the Packet Tracer simulation also posed limitations. While ensuring
scalability and expansion, the network had to be designed within the scope of available
resources.
 Security and Access Constraints: Security had to be implemented at various levels, from
basic VLAN isolation to more complex ACLs. However, implementing too many layers
of security could slow down network traffic and complicate troubleshooting.

2.3. Design Flow

The design flow for the project was structured as follows:


 Requirement Gathering and Initial Design: The initial phase involved understanding
the client’s needs and translating them into network design requirements. Key areas of
concern included IP address management, team segmentation, security, and inter-location
communication.

11
 VLAN Design and Setup: VLANs were designed to segment teams based on both role
and location. Each VLAN was created to isolate traffic between Marketing, IT, Finance,
Audit, Management, and the Special Committee. VLANs were configured on switches to
ensure data privacy and efficiency.
 Router and DHCP Setup: Routers were configured to handle inter-location traffic, while
the DHCP server and relay agents were set up to ensure that IP addresses were
dynamically assigned to devices in the network. Each location's network was assigned a
different subnet.
 ACL Configuration: ACLs were applied to routers to control which devices could
communicate across VLANs. Specific rules were written to allow or deny traffic based
on source and destination IPs, ensuring that communication between team members and
team leaders followed the guidelines.
 Routing Between Locations: Static routes were configured to handle traffic between the
three locations. These routes ensured that each location could access the resources it
needed without interfering with the others.
 Testing and Optimization: The network was rigorously tested using Packet Tracer’s
simulation features. Devices were tested for correct IP address assignment,
communication between VLANs, and adherence to ACL rules. Any issues found were
addressed, and the network was optimized for performance.

2.4. Design selection

After comparing various design alternatives, the following selections were made:
 VLAN for Segmentation: The use of VLANs was chosen for traffic segmentation due to
its efficiency and flexibility in separating network traffic without requiring additional
physical infrastructure.
 DHCP and DHCP Relay: For ease of IP management, DHCP was selected along with
DHCP relay agents to distribute IP addresses across different locations without requiring
a DHCP server at every site.
 ACLs for Security: ACLs were preferred over simpler firewall rules due to their ability
to granularly control communication between specific devices based on both IP address

12
and protocol. This ensured that team members, team leaders, and critical departments had
their communication securely regulated.
 Static Routing for Inter-location Traffic: Static routing was selected for its simplicity
and minimal overhead in the context of a small network. This method ensures predictable
and secure communication paths between locations without the need for complex
dynamic routing protocols.

2.5. Implementation plan/methodology


The implementation of the network design followed a structured and iterative approach:
Step 1: Network Topology Setup
The physical topology was created in Cisco Packet Tracer, including switches, routers, and
end devices such as PCs and servers. The layout was designed to reflect real-world office
infrastructure, with devices logically separated by VLANs.
Step 2: VLAN and DHCP Configuration
VLANs were configured on the switches, and the DHCP server was set up to assign IP
addresses dynamically. The DHCP relay agent was implemented at the second location to
extend IP allocation services.
Step 3: ACL Setup
ACLs were configured on routers to enforce communication rules, limiting cross-team
communication and allowing only designated users (team leaders, audit, management, etc.)
to communicate across VLANs and locations.
Step 4: Routing Setup
Static routes were implemented on the routers to manage traffic between the three office
locations. Each location was assigned a distinct subnet, ensuring clear traffic separation.
Step 5: Security Configuration
Special attention was given to configuring the network for the Security Engineer and the
Special Committee, who had selective access to the network’s most critical parts.
Step 6: Testing and Validation
A thorough testing phase was conducted to validate IP address assignment, VLAN
separation, ACL functionality, and routing correctness. Packet Tracer’s simulation tools
were used to ping devices, trace routes, and analyze traffic flows.

13
CHAPTER 3.

RESULTS ANALYSIS AND VALIDATION

3.1. Implementation of solution


The network solution was implemented using Cisco Packet Tracer to simulate and configure
the office network across three locations. The primary tasks involved VLAN segmentation,
DHCP configuration, static routing, and access control using ACLs.
 VLAN Configuration:
Each team (Marketing, IT, Finance, Audit, and Management) was assigned a dedicated
VLAN. This segmentation allowed team members to communicate within their own
VLAN while restricting access to other teams, ensuring internal communication control.
The Security Engineer and Special Committee were also assigned separate VLANs to
handle secure communication with higher-privilege departments.
 DHCP and IP Allocation:
DHCP was configured at Location 1 to automate the assignment of IP addresses,
reducing manual network management. A DHCP relay agent was implemented in
Location 2, allowing devices in that location to receive IP addresses dynamically from
the DHCP server in Location 1. Static IP addresses were reserved for critical devices
like routers and switches.
 Routing and Communication Rules:
Static routes were implemented to manage inter-location traffic, allowing authorized
communication between teams and team leaders across locations. Team leaders were
configured to communicate with each other and high-level departments like Audit and
Management, while regular team members were restricted to their own VLAN.
 Access Control Lists (ACLs):
ACLs were applied to routers to enforce strict communication boundaries. These rules
ensured that only specific teams and departments, such as the Audit and Management
teams, could communicate across locations, while regular team members had limited
access. The Security Engineer was given access to monitor critical communications
across the network.

14
 Testing and Validation:
Once the configurations were complete, thorough testing was conducted to ensure the
correct assignment of IP addresses, proper VLAN isolation, and effective ACL
enforcement. Routing between locations and communication restrictions were validated
to confirm that all devices behaved according to the specified network design.

15
CHAPTER 4.

CONCLUSION AND FUTURE WORK

4.1. Conclusion
This project successfully implemented a multi-location office network using Cisco Packet
Tracer, meeting the client’s needs for secure and efficient communication. By configuring
VLANs, DHCP, static routing, and Access Control Lists (ACLs), the network achieved a
clear separation of communication channels between different teams and locations. The
expected outcome was to ensure that team members could only communicate within their
own VLANs, while team leaders, the Audit and Management teams, and the Security
Engineer were granted elevated access across the network.

The project’s successful implementation of a multi-location office network in Cisco Packet


Tracer demonstrated a strong alignment with the client’s requirements for security,
scalability, and streamlined communication. By configuring VLANs, the network structure
achieved efficient segmentation, isolating departments to enhance both security and traffic
management. This isolation allowed each team to operate independently within its own
VLAN, preventing unauthorized cross-departmental access. Additionally, the use of DHCP
ensured efficient IP address allocation, reducing manual configuration errors, while static
routing provided a stable and predictable network path across locations. Implementing
Access Control Lists (ACLs) added another layer of security by controlling access
permissions, ensuring that only designated users, such as team leaders, Audit and
Management teams, and the Security Engineer, had elevated network privileges to cross
VLANs as necessary. This design allowed the network to not only be secure but also highly
organized and adaptable to future expansions. Overall, the project successfully met the
expected outcome, establishing a robust network infrastructure that supports secure, role-
based access while facilitating smooth and efficient communication across multiple office
locations.

During testing, the system performed as expected in most cases, with correct IP allocation
through DHCP and dynamic traffic control via ACLs. The VLANs successfully isolated

16
traffic within teams, ensuring data privacy and efficient communication flow. However, there
were slight deviations in the expected results during ACL configuration, where some ACL
rules initially blocked communication for authorized users. These issues were resolved by
adjusting the ACL rules to ensure that the necessary traffic was allowed while still enforcing
security boundaries. The deviation was primarily caused by minor misconfigurations in the
access control logic, which were corrected during troubleshooting.

Overall, the network design proved effective, aligning with the objectives of maintaining
security, managing traffic, and allowing selective communication between teams, leaders,
and departments.

4.2. Future work

Future work for this multi-location office network project could involve several enhancements
to improve scalability, security, and performance, as well as to support potential growth and
evolving business needs. One area of focus could be integrating dynamic routing protocols,
such as OSPF or EIGRP, to improve routing efficiency and adapt to network changes without
requiring manual configuration. This would be especially beneficial if the organization
anticipates adding more locations or expanding existing office infrastructure. Additionally,
implementing Network Address Translation (NAT) and transitioning to IPv6 could prepare the
network for increased demand on IP addresses, especially if remote access or public-facing
services are needed.

Another key area for future work could be upgrading security mechanisms. Introducing
advanced firewalls, Intrusion Detection and Prevention Systems (IDPS), and regular
vulnerability assessments would strengthen the network against evolving cyber threats.
Integrating network monitoring and management tools, such as SNMP and NetFlow, could
provide real-time insights into network health and traffic patterns, enabling proactive
management and troubleshooting.

Moreover, implementing a centralized Network Access Control (NAC) system would enhance
authentication and enforce security policies across all locations, allowing the IT team to
manage user access dynamically. Regular training for IT staff and periodic security audits
could also support the network’s ongoing security and functionality. Finally, designing and
testing a disaster recovery and backup plan would ensure business continuity, making the
network resilient to potential failures or disruptions. These future improvements would help
the network stay aligned with organizational growth while enhancing efficiency, security, and
maintainability.

As with any network design, there are opportunities for further improvement and extension

17
of the solution. Some potential areas for future work include:
 Scaling the Network: As the company expands, the network may need to support more
locations and users. Implementing dynamic routing protocols like OSPF (Open Shortest
Path First) or EIGRP (Enhanced Interior Gateway Routing Protocol) could be considered
to handle more complex routing requirements as the network grows.
 Redundancy and Failover: To enhance the reliability of the network, introducing
redundancy and failover mechanisms such as additional routers or backup DHCP servers
could ensure continued network operation in case of device failures. Implementing a
Spanning Tree Protocol (STP) on switches can also prevent network loops and improve
resiliency.
 Security Enhancements: Further security measures could be integrated, such as
firewalls, Intrusion Detection Systems (IDS), or Intrusion Prevention Systems (IPS) to
detect and block potential threats. Additionally, implementing 802.1X port-based network
access control could strengthen device authentication and limit unauthorized access.
 Network Monitoring and Management: Introducing network monitoring tools like
SNMP (Simple Network Management Protocol) or NetFlow would allow for real-time
performance tracking and more detailed traffic analysis. This would help in optimizing
the network and quickly identifying potential issues.
 Advanced QoS (Quality of Service): Future improvements could focus on implementing
Quality of Service (QoS) policies to prioritize critical traffic, such as management or voice
communication, ensuring that high-priority traffic is given preference over regular data
traffic.
These enhancements would further improve the scalability, security, and performance of the
network, allowing it to adapt to future organizational needs and emerging network challenges.

18
REFRENCES

Here are some general references that may support the concepts discussed in the network setup
and future work recommendations. These resources cover network design, VLANs, DHCP,
routing, ACLs, security, and network management. For a formal project report, you may
consider referencing specific Cisco documentation, networking textbooks, or industry articles.

1. https://www.netacad.com/courses/packet-tracer

2. https://datatracker.ietf.org/doc/html/rfc1918

3. https://www.cisco.com/c/en/us/support/docs/lan-switching/vlan/

4. Bever, N. (2021). The Complete Guide to Network Monitoring

5. Lammle, T. (2016). CCNA Routing and Switching Study Guide (7th ed.). Sybex.

6. Thomas, T. M. II, & Stoddard, D. (2011). Network Security First-Step. Cisco Press.

7. Sanders, C. (2017). Practical Packet Analysis: Using Wireshark to Solve Real-World Network
Problems (3rd ed.). No Starch Press.

8. IEEE Computer Society. (2018). IEEE Standard for Local and Metropolitan Area Networks--
Bridges and Bridged Networks. IEEE Std 802.1Q-2018.

9. Cisco Networking Academy. (n.d.). Introduction to Cybersecurity. Retrieved from


https://www.netacad.com/courses/security/introduction-cybersecurity

10. Limoncelli, T., Hogan, C., & Chalup, S. (2016). The Practice of System and Network
Administration (3rd ed.). Addison-Wesley.

19

You might also like