EXPLANATION FOR THE CHOICES IN THE PRO1ECT

Security requirement:
Eor each branch, PCs oI a department must be separated Irom the PCs oI other
departments.
Solution:
Due to divided PCs at departments, VLAN can be used to create diIIerent
ways to PCs oI each department and branch.
Erom the requirement above, we need to design a network so that 2 PCs in
diIIerent departments oI the same branch cannot 'ping each other.
Moreover, it means that 2 PCs which are in the same branch but locate in
diIIerent VLAN cannot 'ping each other.
Connection requirement:
Creating the routes and server www.mycom.com located at branch 1 as well as internet.
Solution: In this case, Virtual Private Network (VPN) is useIul.
Robustness requirement:
The network must be robust enough so that equipment or a link down does not cause a
great impact on the operation oI the whole network.
Solution:
We realized that Ior PCs` links to the department`s switches, the distances
are oIten not so big that we can easily discover the position oI the trouble
Ior maintenance. That is the reason why back up routes Ior these links are
not necessary.
On the other hand, links Irom the departments to the internet are so long
that would take so much time Ior positioning the trouble and maintenance.
Eor that reason, we have to make the back up routes so that iI the branch
router is broken down PCs can connect to the web server via the
neighboring branch router.
However, when building the back up routes, it can occur the 'loop
problem. In this case, Spanning Tree Protocol (STP) is useIul.
Particular tools:
Erom the recommended solution above, we have our particular tools to make the project
successIully:
- DHCP: automatically assign IP.
- VPN: With VPN`s tunneling characteristic, it ensure all the PCs in the network can
connect to the Web Server in branch 1.
- VLAN: Regular PCs in the same department to be in the same VLAN. Erom the
problem statement:
PC
Branch Department
1 2 Marketing Einance Human Resource
diamond1, ruby1,
marble1, pearl1
X VLAN10
diamond2, ruby2,
marble2, pearl2
X VLAN10
gold1, silver1, bronze1 X VLAN20
gold2, silver2, bronze2 X VLAN20
man1, woman1, child1,
heart1, arm1
X VLAN30
man2, woman2, child2,
heart2, arm2
X VLAN30
- Access Control List: Give permission Ior PCs in the same VLAN can 'ping each
other no matter what branch they are locating in. Or denying IP address so that the PCs in
diIIerent VLAN cannot 'ping each other.
- DNS Server: Due to 6 beneIits oI the DNS Server, we use it to build the website
www.mycom.com
1.Capable oI providing security:
Companies that make use oI DNS server are able to protect the company related
data Irom being accessed by unwanted people.
2.Errors are automatically checked:
Each DNS server is associated with soItware that is capable oI automatically
detecting errors. Whenever the users update their DNS server this soItware
checks Ior the possible errors, which are then reported to the users. This helps
users to avoid a DNS Iailure on their own account.
3.Ease oI using:
Every DNS server, account and domains can be managed through a secured and
easy-to-use web-based interIace, wherein the customers just need to login and
can easily manage domains. All that is required is a computer with a web
browser and an Internet connection.
4.Elexibility oI use:
DNS servers are quite Ilexible to use. A single DNS server is capable oI
managing multiple Internet sub domains and domains.
5.Consistent to use:
Organizations can keep a constant naming structure both Ior external and
internal Internet resources.
6.Easy to maintain:
It is extremely easy to maintain the DNS servers. This is because oI easy-to-use
control DNS soItware, known as SaIeDNS. It is a protected web-based interIace
that enables the users to be the masters oI their domains.
- Spanning Tree Protocol:
The Spanning Tree Protocol is a network protocol that ensures a loop-Iree
topology Ior any bridged Ethernet local area network. The basic Iunction oI STP is
to prevent bridge loops and the broadcast radiation that results Irom them.
Spanning tree also allows a network design to include spare (redundant) links to
provide automatic backup paths iI an active link Iails, without the danger oI bridge
loops, or the need Ior manual enabling/disabling oI these backup links.
Eor example: Erom the Iigure above, when PC diamond1 want to connect to the internet,
its data packet will go through switch A, then switch C and router Branch1R1.
However, iI the link between switch A and switch C is down, the data packet Irom PC
diamond1 will Iollow the back-up route via switch A then switch B then switch C and
then Router Branch1R1. In normal working condition, in order not to make the
'looping phenomenon, Spanning Tree Protocol will have the blocked port that make the
data Iollows just in only one direction.