ITNE1001 Network Architecture Report 2 Sample

ITNE1001 Network Architecture Report 2

Assignment Description

You are a Network and security engineer for the XYZ Consulting Corporation, which is a leading network designer and security provider for small-scale offices. As the Network and security engineer you are required to perform the following tasks.

Task 1: Propose a network design forsmall scale office (Ex: Businesstype, departments, building plan). You are free to assume the name of the office and number of staff.

➢ Purpose of the Project

➢ Network overview (ex: connecting PCs, subnetworks, servers or wi-fi networks)

• Explain briefly about the device used.

➢ Requirements of the project including network diagram

• Draw and explain the proposed network diagram.

• Design a network using packet tracer. Configure routers, switches, and end devices you have used. Test your network by pinging end devices across different departments.

➢ What are the common attacks plaguing your network? How to prevent from attacking your network?

➢ Critically analyse possible security issues in your network and suggest some prevention techniques.

Task 2: Use Wireshark to Capture, Filter and Inspect Packets

➢ Install Wireshark and start a sample capture using your wireless interface. Save your capture file on the desktop with name_studentID.pcap (Example: jack_451245.pcap), and close Wireshark. Provide a screenshot in your report.

➢ Open your name_studentID.pcap capture file in Wireshark and check how many packets you captured in total.

➢ Which pane displaysinformation about packet details and explain what information’s are available?

➢ Which pane displays information in the HEX and ASCII form for each packet you've captured? Explain

Submission Guidelines:

The report should have a consistent, professional, and well-organized appearance.

1. This assessment item requires you to work in a group of 4 students.

2. The word limit of the report is 2500 words.

3. Your report should include the following:

➢ The cover page must identify all group member details, including student names and the
ID numbers, course details, and the assignment details.

➢ The assignment must use 12-point font size and at least single line spacing with
appropriate section headings.

➢ In-text referencing in IEEE style must be cited in the text of the report and listed appropriately at the end of a reference list.

4. The report must be submitted in a soft (electronic) copy as a Microsoft Word document on theLMS in Turnitin Dropbox. Assignments submitted on the LMS will only be accepted.

5. The late penalty applies on late submission, 10% per day would be deducted.

6. The assignments will go through Turnitin, and plagiarism penalty will be applied.

Solution

1. Task 1: Network design for small organization

This project's major goal is to provide an efficient and secure network design that is especially adapted to the demands of a small-scale workplace. In today's linked world, small businesses demand networks that allow for seamless communication, data sharing, and collaboration among their employees while also providing maximum security against cyber threats [1].

This project aims to achieve the following objectives:

• Create a network blueprint that accommodates the office's name and staff requirements.

• Design a network layout that reflects the building's structure and the various departments within.

• Provide an in-depth explanation of the networking devices that will be employed in the design.

1.1 Network Overview

In this section, we will delve into the specific details of the proposed network for the small-scale office, beginning with the office's name and staffing details, followed by a description of the building layout and its various departments. Subsequently, we will explain the key networking devices that will constitute the backbone of this network.

1.1.1 Office Name and Staffing Details

Office Name: The small-scale office under consideration for this network design proposal is named "TechSolutions Inc." TechSolutions Inc. is a dynamic and forward-thinking technology consulting firm located in the heart of the city. It prides itself on its innovative solutions and dedicated staff.
Staffing Details: TechSolutions Inc. currently employs 25 staff members, including consultants, support staff, and administrative personnel. The office is divided into four main departments (Marketing, IT, Admin and HR), each with its own specific functions and responsibilities.

1.2 Hardware Requirements

To facilitate efficient communication, data sharing, and secure connectivity within TechSolutions Inc., a range of networking devices will be employed. Here, we will provide a brief explanation of these devices:

Table 1 List of Hardware Components

These critical networking equipment, which are properly integrated and configured inside the network, allow TechSolutions Inc. to meet its goals of efficient communication, secure data exchange, and dependable internet access. The next sections of this proposal will look at the settings and security measures that support the operation of these devices and the overall success of the network for MBA assignment expert.

1.3 Proposed Network Diagram

The Router is the key hub responsible for connecting the workplace to the outside world via the Service Provider Cloud, which provides a DSL connection to the internet. The router acts as a gateway, routing traffic between the internal network and the internet. It uses the DHCP service to dynamically issue IP addresses to devices within the workplace, simplifying network addressing. The Switch, which is located next to the router, is an important component for local network administration. It is critical in ensuring that devices in the same VLAN can interact successfully. It improves security and performance by segmenting network traffic. Additionally, the switch supports Quality of Service (QoS) to prioritize voice and data traffic, guaranteeing a smooth operation for VoIP phones and data services.

Figure 1 Proposed Network Diagram

The Wireless Access Point (WAP) increases the network's reach by enabling workers and guests to safely connect their mobile devices. Access to the wireless network, on the other hand, is protected by a WEP key password, guaranteeing that only authorised users may connect to and access the internet via the WAP. Individual workplaces are outfitted with PCs, which serve as the principal end-user devices across the business. These PCs are adaptable, with both wired and wireless network ports for communication. They are optimised for multitasking and productivity since they have current CPUs and plenty of RAM.

The HR and ADMIN departments will use the VoIP phones to develop internal voice communication. These phones are set up to contact each other directly, allowing for more efficient communication inside and between departments. Network-connected Printers are strategically placed to service all employees, making printing and document management easier. This function improves overall workplace efficiency by streamlining workflow. Finally, the network includes a centralised File Server that can be accessed from any device on the network. Users must authenticate using a username and password before transmitting or receiving files to maintain data security. This single repository promotes staff cooperation by facilitating efficient data exchange and storage.

1.4 Design of Network Using Packet Tracer

Designing a network using Packet Tracer allows us to create a virtual representation of a real-world network, complete with routers, switches, end devices, and various networking technologies.

Figure 2 Design of network using packet tracer

Configuration details are given in following table.

Table 2 Configuration details

1.4.1 Network Testing

We ran multiple ping test to ensure that PCs within the same department and across departments were connected. The ping results reveal minimal packet loss and very short round-trip durations, suggesting that the connection to the default gateway is working properly. This is a good indicator for the connection of the local network. As a result, all computers in various vlans may ping each other and connect to the internet.

Figure 3 Result of Ping Connectivity Test

Similarly, we have tested pc connection with smartphone and printers, it shows no packet loss.

Figure 4 pc connection with smartphone and printers

We tested the VOIP phone by dialing from ADMIN (Phone Number: 0022) to HR (Phone Number: 0011), it also connected.

Figure 5 VOIP phone testing

2. Common Network Attack and Prevention

Several prevalent network attacks might possibly endanger network security and sensitive data confidentiality in the proposed network design for TechSolutions Inc. To protect the network's and its resources' integrity and availability, a complete set of preventative measures and best practises must be implemented.

Unauthorized Access and Data Theft: Unauthorised network access and consequent theft of critical data pose serious security problems. To counter such assaults, strong access control systems should be implemented. This involves enforcing strong password regulations, utilising multi-factor authentication (MFA), and limiting access to important systems and data to only authorised individuals [3]. Reviewing and modifying access permissions on a regular basis, as well as conducting user audits, may assist guarantee that no unauthorised people have access to vital resources.

Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacks: DoS and DDoS attacks can cause network outages by overloading network resources with traffic. It is critical to build firewalls and intrusion detection/prevention systems (IDS/IPS) that can filter and identify malicious traffic patterns to mitigate the impact of these attacks. Furthermore, content delivery networks (CDNs) and load balancers can aid in traffic distribution, lessening the impact of DoS assaults [5]. Regular network traffic monitoring and a well-defined incident response strategy can help limit the consequences of these assaults.

Malware and Ransomware: Malware and ransomware attacks are extremely dangerous to network security. To prevent these sorts of attacks, it's critical to keep all network equipment, including routers, switches, servers, and end-user devices, patched and updated [6]. Network segmentation may also be a useful approach for segregating departments and restricting attacker lateral movement if one section is compromised [7]. Furthermore, deploying strong antivirus and antimalware solutions, together with staff education about the dangers of downloading questionable files or clicking on links, may dramatically lower the likelihood of infection.

Phishing Attacks: Phishing attacks frequently target employees via fake emails or websites in order to obtain critical information. To combat these attacks, businesses should implement and enforce security rules that instruct staff on how to identify and report phishing attempts. Regular training programmes may assist staff in identifying phishing emails, preventing them from falling prey to these social engineering attempts.

Network Eavesdropping: Network eavesdropping is the practise of attackers intercepting and monitoring network communication in order to collect sensitive data. Encrypting data in transit and at rest is critical for protecting against this sort of attack. HTTPS and VPN (Virtual Private Networks) protocols can provide secure communication channels that avoid eavesdropping. Furthermore, keeping detailed logs of network activity and conducting frequent security audits might aid in the detection of suspicious or unauthorised access attempts.

3. Possible security issues and Prevention

In the proposed network design for TechSolutions Inc., there are several potential security issues that need critical analysis to ensure a robust and secure network environment. Here's an evaluation of these security issues and corresponding prevention techniques:

1. Unauthorized Access:

• Issue: Unauthorized individuals gaining access to the network can lead to data breaches and unauthorized use of resources.

• Prevention: Implement strong authentication mechanisms, like MFA, and enforce strict access controls. Regularly review and update user access permissions. Conduct user awareness training to educate employees about the importance of secure login practices.

2. Insider Threats:

• Issue: Internal employees or contractors may misuse their access privileges to steal data or disrupt network operations.

• Prevention: Implement user activity monitoring, conduct periodic security audits, and enforce the principle of least privilege (PoLP) to limit access to necessary resources. Establish an insider threat detection program to identify unusual behavior.

3. Vulnerable Endpoints:

• Issue: Unpatched or outdated software on endpoints can be exploited by malware or ransomware.

• Prevention: Enforce a regular patch management process to keep all devices up to date. Use endpoint protection solutions, such as antivirus and anti-malware software, to detect and prevent threats.

5. Weak Network Segmentation:

• Issue: Inadequate network segmentation can allow lateral movement for attackers who gain access to one part of the network.

• Prevention: Implement proper network segmentation, using VLANs and firewall rules, to isolate departments and limit the attack surface.

6. Inadequate Network Monitoring:

• Issue: Lack of real-time network monitoring can result in delayed detection of security incidents.

• Prevention: Deploy intrusion detection systems (IDS) and intrusion prevention systems (IPS) to monitor network traffic and detect suspicious activities promptly. Set up centralized logging and employ SIEM (Security Information and Event Management) tools for comprehensive monitoring.

3.1 Summary

This project focuses on developing an efficient and secure network adapted to the demands of a small-scale organisation. The goals include developing a network plan, constructing a layout, and describing networking components. Routers, switches, wireless access points, PCs, VoIP phones, printers, and a file server are all part of the planned network. Packet Tracer is useful for visualising network settings. Network testing establishes connectivity, and preventive methods for typical network threats such as unauthorised access, DoS/DDoS, malware, ransomware, phishing, and eavesdropping are covered. Potential security vulnerabilities, such as unauthorised access, insider threats, susceptible endpoints, poor network segmentation, and insufficient monitoring, are identified, and preventative techniques are provided to guarantee TechSolutions Inc. has a strong and secure network environment.

4 Task 2: Wireshark to Capture, Filter and Inspect Packets

Wireshark has been installed and run. The packets recorded for Wi-Fi are shown in the image below. A total of 452 packets have been collected.

The centre pane of Wireshark, known as the ""Packet Details" window (in Figure: Red Box), provides detailed information about recorded packets. This information comprises the packet number, timestamp, source and destination addresses, protocol, packet length, a brief description of the packet, and a full analysis of its content, which includes headers and payload. This pane is critical for analysing and troubleshooting network traffic, allowing you to study device interactions and effectively identify network issues.

Figure 6 WireShark Interface

Wireshark's "Packet Bytes" window (shown in Figure: GreenBox) displays packet data in both HEX (hexadecimal) and ASCII formats for each intercepted packet. The raw binary data of the chosen packet may be examined in this window, with one column displaying the data in hexadecimal (HEX) format and the other column displaying the equivalent ASCII characters. This dual perspective is critical for network analysis because it allows you to study packet content at both a low-level, byte-by-byte (HEX) and a human-readable (ASCII) level, aiding protocol comprehension, troubleshooting, and data integrity verification.

4.1 Summary Task 2

Wireshark was successfully installed and utilised to capture Wi-Fi packets in Task 2, resulting in the gathering of 452 packets. Wireshark's "Packet Details" window provides detailed information about these captured packets, such as packet number, timestamp, source and destination addresses, protocol, packet length, and packet description, allowing for in-depth network traffic analysis and issue identification. Furthermore, Wireshark's "Packet Bytes" pane displays packet data in both HEX and ASCII forms, giving network analysts a dual perspective.

5 Reference

[1] O. Vermesan and P. Friess, Internet of Things: Converging Technologies for Smart Environments and Integrated Ecosystems. River Publishers, 2013.

[2] C. Kim, M. Caesar, and J. Rexford, “Floodless in seattle,” ACM SIGCOMM Computer Communication Review, vol. 38, no. 4, pp. 3–14, Oct. 2008, doi: https://doi.org/10.1145/1402946.1402961.

[3] B. Wu, J. Chen, J. Wu, and M. Cardei, “A Survey of Attacks and Countermeasures in Mobile Ad Hoc Networks,” Wireless Network Security, pp. 103–135, 2007, doi: https://doi.org/10.1007/978-0-387-33112-6_5.

[4] R. Trost, Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century. Pearson Education, 2009.

[5] M. Wang et al., “An Overview of Cloud Based Content Delivery Networks: Research Dimensions and State-of-the-Art,” Transactions on Large-Scale Data- and Knowledge-Centered Systems XX, pp. 131–158, 2015, doi: https://doi.org/10.1007/978-3-662-46703-9_6.

[6] A. Tandon and A. Nayyar, “A Comprehensive Survey on Ransomware Attack: A Growing Havoc Cyberthreat,” Data Management, Analytics and Innovation, vol. 839, pp. 403–420, Sep. 2018, doi: https://doi.org/10.1007/978-981-13-1274-8_31.

[7] S. Rose, O. Borchert, S. Mitchell, and S. Connelly, “Zero Trust Architecture,” Zero Trust Architecture, vol. 800–207, Aug. 2020, doi: https://doi.org/10.6028/nist.sp.800-207.