Network Design

LAN vs WAN
A LAN (Local Area Network) is a network located on one site, where all the computers are
geographically close to each other.
A WAN (Wide Area Network) is a network that is spread across multiple sites sometimes
geographically remote to one another. A WAN consists of several LANs connected together,
often using third party equipment and cables. (e.g. BT lines in the UK or AT&T lines in the
US)
The Internet is an example of WAN.
A router is needed to connect a LAN to a WAN (or to the Internet).

Star Topology
A network topology defines the layout of a network. It describes how different
components/nodes of a network are connected together. One of the most frequent
topology used in a LAN is the star topology where all computers and other devices are all
connected to a central node: either a hub or a switch.

Both a hub or a switch have the same purposes: to connect multiple computers or devices in
a star topology.
A hub is not as efficient as a switch and would often have less ethernet ports (e.g. typically 4
or 8 ports)

A switch being more efficient than a hub could have a larger number of devices connected
(e.g. up to 28 Ethernet ports).

To build a larger network, it is possible to combine multiple star networks using a central
switch. This create a “switch-star” topology:
There are other types of topologies which are not based on the star topology. (e.g. bus
topology, ring topology, full and partial mesh topologies).

Full Mesh Topology

Partial Mesh Topology

Router
A router is needed to connect a LAN to a WAN (or to the Internet). A router scans data
packets and redirects them towards the LAN or towards other routers depending on their
origin and their destination.

Switches and Hubs

A switch is a network component used to connect multiple devices together in a star
topology. A switch would have a number of Ethernet ports (typically between 8 and 28
ports) to connect to other devices such as workstations and servers, WAPs, other hubs or
switches or to a firewall or a router.

A switch is more efficient than a hub as it can redirect traffic towards the device it is aimed
at. Switches can hence be used on larger networks where hubs would be inefficient. (e.g.
school network, hospital network, etc).
A hub is a network component used to connect multiple devices together in a star topology.
A hub would have a number of Ethernet ports (typically between 5 and 8 ports) to connect
to other devices such as workstations and servers, WAPs, other hubs or switches or to a
firewall or a router.
A hub is not as efficient as a switch and hence should only be used on a small network. (e.g.
home network).

Wireless Access Point (WAP)

A Wireless Access Point (WAP) is a network component used to connect multiple devices
together without using wires. A WAP could hence be described as being a wireless hub. It
provides WiFi access to a network.
Most WAPs have a fairly small coverage area (10 to 30 meters) hence several WAPs may be
required to cover a large building.

Devices equipped with a wireless Network Interface Card (NIC) can connect to a WAP.
Wireless data can easily be intercepted by potential hackers hence the need to encrypt
wireless transmissions and to set a network key to restrict access to a wireless network
(WiFi).
Firewall
A firewall is a network component that usually “sits” just after the main router. It scans all
incoming traffic to identify/block and report potential security threats coming from
“outside” (e.g. the Internet) before they can reach the rest of the Local Area Network. A
firewall is a necessary precaution to minimise the risk of hackers illegally accessing a
network.

NIC Cards
To connect a workstation to a LAN, the workstation needs to be equipped with a Network
Interface Card (NIC). The NIC card will have a wired connection (e.g. Ethernet port) and/or
a wireless connection to connect wirelessly to a WAP (Wireless Access Point).

Ethernet Cables
Networking cables are used to connect one network device to other network devices or to
connect two or more computers to share printers, scanners etc.
The most widely used network cables are Ethernet Cables of different categories (Cat3,
Cat5, Cat6, etc). These are fairly cheap, strong and can support a bandwidth of either 10
Mbps, 100 Mbps, 1000 Mbps (1 Gbps) or even 10Gbps.
Other types of cables that can be used on a network include coaxial cables(10 Mbps)
and optic fibre cables (10 Gbps).

Client Server Networks

A computer on a network is called a workstation. Two types of networks can be setup:
 Peer-to-peer networks
 Client-server networks

Peer-to-peer networks
In a peer-to-peer network, all computers are sharing files and other resources between each
other without the use of a central server. This makes it easy to setup the network as there is
no need to acquire and setup expensive servers. However, this can be difficult to manage as
maintenance and computer upgrades (including security patches, virus protection) have to
be performed on each single computer instead of being done centrally. This is the main
reason why peer-to-peer networks are considered as less secure than client-server
networks.
Client-Server networks
In a client-server network, end-users access the network by logging on a client
computer/workstation. Other computers called servers (often with higher specifications) are
also connected to the network and provide a dedicated and centralised service to all the
workstations. There are different types of servers as described below. On a small network, a
single server can have multiple purposes (e.g. web server and e-mail server or a proxy and a
cache server).
File server: A server with large storage capacity used to store all the files from all the
network users as well as from shared network areas.
E-Mail server: A server that manages all e-mail accounts and transfers
(sending/receiving) of e-mails for all network users.
Backup server: A server with large storage capacity used to store backups (copies) of files
and data from other servers/workstations. Should the live data be corrupted or deleted,
backed up data can be recovered from the backup server.
Print server: A server that manage all print requests from network users, manage print
queues and end-user print credits.
Application server: A server that has all the applications and software upgrades files so that
they can be centrally managed and centrally applied to all workstations that connect to the
applications server to receive and install the latest upgrades when relevant. On occasion
applications can also run directly from an application server, reducing the need to install
these on each workstation of the network.
Multimedia server: A server with large storage capacity used to store all multimedia
content (video clips, audio files, etc.).
Web server: A server used to host a website or internal webpages. The server contains all
the necessary files (web pages, graphics, etc.) and processes all web requests from web
users.
Cache server: A server that temporary stores recently accessed data/files so that they can
be retrieved from the cache server at a faster rate.
Proxy server: A proxy server functions as an intermediary between a client and a server.
It can be used to monitor access to the Internet and apply necessary restrictions
and filters to allow or block access to specific websites (e.g. educational filters).
DNS server: A server on the Internet used to lookup domain names to retrieve their
matching IP addresses. These are necessary as end-users prefer to type web addresses or e-
mail addresses using domain names such as www.101computing.net as these are easier to
remember than IP addresses. The domain name servers will convert/lookup such domain
names to find their matching IP addresses needed to connect to the relevant servers.

VPN
On occasions, a company may need its employees to access its network remotely (e.g. for
employees working from home or on a business trip).
To do so, employees will connect to the company LAN using their own Internet connection.
They will then authenticate to access to the company network as if they were on site and
hence have access to the company’s private network.
To enable remote access to its network via the Internet, which is a public network, the
company has to set up and configure a VPN (Virtual Private Network). This will also mean
that all the communications between the remote user and the company network will have
to be encrypted and the remote users will have to authenticate (e.g. enter their username
and password) to gain access to the VPN, so that only authorised users can do so.