CT020-3.

5-3-DCCS

GROUP

ASSIGNMENT

GROUP ASSIGNMENT
DESIGN OF CORPORATE COMMUNICATION SYSTEMS
(CT020-3.5-3-DCCS)

NAME

: TULASINATAN A/L MUTHUALAGU

(TP026049)
DINESH A/L THULASIDASS
(TP027442)
INTAKE CODE
LECTURER

: UC3F1504IT (ISS-FC)
: MR. REZA ADINEHNIA

PROJECT TITLE

: PARSTECH INC COMPANY

DATE COMPLETED

: 3TH AUGUST 2015

Page | 1

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

TABLE OF CONTENTS
ACKNOWLEDGEMENT............................................................................................ 5
GANTT CHART........................................................................................................ 6
EXECUTIVE SUMMARY............................................................................................ 7
ASSUMPTIONS........................................................................................................ 8
1.0 NETWORK DESIGN (TULASINATAN MUTHUALAGU TP026049)..........................9
1.1 Requirement Gathering................................................................................ 9
1.1.1 Network Requirements...........................................................................9
1.2 Network Architecture.................................................................................. 12
1.3 Analysis of the Existing Network................................................................13
1.3.1 Estimated Traffic Volumes....................................................................13
1.3.2 Network Design Constraints.................................................................13
1.4 Logical Design............................................................................................ 14
1.4.1 Logical Network Diagram.....................................................................14
1.4.2 IP Addressing Strategy.........................................................................19
1.4.3 Demilitarized Zone (DMZ)....................................................................22
1.4.4 Virtual LAN (VLAN)................................................................................ 23
1.5 Physical Design........................................................................................... 25
1.5.1 Physical Network Diagram....................................................................25
1.5.2 Virtual Private Network (VPN)...............................................................26
1.5.3 WAN Technology...................................................................................28
1.6 Server......................................................................................................... 30
1.6.1 Directory Service Server.......................................................................30
1.6.2 Domain Name System (DNS)................................................................30
1.6.3 Dynamic Host Configuration Protocol (DHCP).......................................31
1.6.4 Database Server...................................................................................31
1.6.5 Application Server................................................................................31
1.7 Corporate Communications........................................................................32
1.7.1 Logon Procedure...................................................................................32
1.7.2 Remote connection (Remote access VPN)...........................................33
1.8 Network Topology....................................................................................... 34
1.8.1 Network Topology Chosen....................................................................37
Page | 2

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

1.9 Transmission Media.................................................................................... 38

1.9.1 Unshielded Twisted Pair (UTP)..............................................................38
1.9.2 Fiber Optics.......................................................................................... 40
1.9.3 Data communications equipment (DCE)..............................................41
2.0 HARDWARE, SOFTWARE AND DESKTOP REQUIREMENTS...............................42
(TULASINATAN A/L MUTHUALAGU (TP026049).....................................................42
2.1 HARDWARE................................................................................................. 42
2.1.1 Workstation.......................................................................................... 42
2.1.2 Server................................................................................................... 43
2.1.3 VPN Firewall router...............................................................................45
2.1.4 Internal Router..................................................................................... 46
2.1.5 Wireless Router.................................................................................... 47
2.1.6 Category 5e Cable (CAT5E)..................................................................48
2.1.7 Switch................................................................................................... 49
2.2 SOFTWARE AND OPERATING SYSTEM.........................................................50
2.2.1 Server Software.................................................................................... 50
2.2.2 Antivirus............................................................................................... 51
2.2.3 Operating System.................................................................................52
REFERENCING...................................................................................................... 53
MARKING SCHEME............................................................................................... 56
Workload Matrix................................................................................................... 57

Page | 3

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT
Figure
Figure
Figure
Figure
Figure
Figure
Figure
Figure
Figure
Figure
Figure
Figure
Figure
Figure
Figure
Figure
Figure
Figure
Figure
Figure
Figure
Figure
Figure
Figure
Figure
Figure
Figure
Figure
Figure
Figure
Figure
Figure

1: Project Gantt chart.................................................................................. 6

2 : Overall Logical Network Diagram of ParsTech Inc Company.................15
3 : Logical Network Design of ParsTech's Central Office.........................15
4 : Logical Network Design of ParsTech's Branch Office 1.......................16
5 : Logical Network Design of ParsTech's Branch Office 2.......................17
6 : Logical Network Design of ParsTech's Branch Office 3.......................17
7 : Logical Network Design of ParsTech's Branch Office 4.......................18
8 : Logical Network Design of ParsTech's Branch Office..........................18
9 : Sample Demilitarized Zone (DMZ).......................................................22
10 : Sample virtual local area network (VLAN)..........................................23
11 : Figure : Physical Network Diagram of ParsTech Company..................25
12 :Sample diagram of a Site to Site VPN.................................................26
12 :Sample diagram of a Site Remote Access VPN....................................27
13 :Sample diagram of a WAN Technology with DSL Topology..................29
14 :Sample diagram of how SSH protocol works.......................................32
15 :Sample diagram of Remote-access VPN..............................................33
16: Sample diagram of Bus Network Topology..........................................34
17: Sample diagram of Star Network Topology.........................................36
18 : Star Network in ParsTech Central Office.............................................37
19 : Category 5e cable.............................................................................. 38
20 : Fiber optic cable................................................................................. 40
21 : DCE cable........................................................................................... 41
22 : Dell Precision Tower 5810 workstation...............................................42
23 : PowerEdge R430 Rack Server............................................................44
24 : Netgear SRX5308 VPN Firewall router................................................45
25 : Mikrotik RB/1100AHX2 Routerboard Router OS Level 6.....................46
26 : Asus RT-AC66U dual-band wireless-AC1750.......................................47
27 : Cat5e Bulk 1000ft Ethernet Cable White............................................48
28 : TP-Link JetStream 48-Port 10/100Mbps+ 4-Port Gigabit L2................49
29 : Microsoft Windows Server Enterprise 2008........................................50
30 : Kaspersky Endpoint Security for Business..........................................51
31 : Windows 8.1 Enterprise 64bit............................................................52

Page | 4

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

ACKNOWLEDGEMENT
We would like to express my deepest appreciation to all those who provided us the possibility
to complete this assignment. A special gratitude we give to our Lecturer Mr. Reza Adinehnia,
whose contribution in stimulating suggestions and encouragement helped us to coordinate our
assignment especially for teaching us this module in such a way that we were able to learn
this highly technical module very easily.
Besides that, we also would like to take this opportunity to express a deep sense of
gratitude to my college Asia Pacific University for allowing us to use and provide
necessary information regarding the project that we have been working on.
Finally, an honorable mention goes to our family and friends for their understandings and
supports us in completing this assignment. Without helps of the particular that mentioned
above, we could face many difficulties while doing this. Thank You.

Sincerely,
TULASINATAN A/L MUTHUALAGU (TP026049)
DINESH A/L THULASIDASS (TP027442)

Page | 5

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

GANTT CHART

Figure 1: Project Gantt chart

Figure 1 shows the Gantt chart activities displayed against time which is most useful to
complete the project at the right time. On the left of the chart is a list of the activities and
along the top is a suitable time scale. Each activity is represented by a bar, the position and
length of the bar reflects the start date, duration and end date of the activity.

Page | 6

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

EXECUTIVE SUMMARY
ParsTech Inc. was established in 2004 intending to fill in the market need in different IT
solutions for a professional, customer-focused computer company. The company emphasizes
services in troubleshooting and maintenance. After a few years they are on the brink of
penetrating a lucrative market in a rapidly growing its services nationally. It established
several branches across the country and trained IT technicians and specialist implanted in
every branch.
Due to the organization growing and number of customers grew, several issues has
been taken into consideration, such as increasing the number of employees and Quality of
Service, customer satisfaction, complicated administrative tasks and also organization cost
expenses which became a serious problem for the company.
Telecommunication Company have rented their high speed leased lines to the
branches in order to provide central management and also communication facilities. In this
way all financial tasks like billing, payrolls, etc. as well as administrative jobs could be
handled from the central branch.
This documentation will be discuss about how the network architecture, hardware and
software also the network security need to be apply in the organization. This design is
actually an enhancement for reduce the cost which is not required manpower and enable the
client's business in the most cost effective way.

Page | 7

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

ASSUMPTIONS

The design process of this project is categorized into two sections which are corporate
network and remote connection between technicians inside the company and clients

machine that need be troubleshooting.

The proposed design should be addressed with the hardware and software from the

benefits of the current technology.

The proposed design will reduce the number of branches to 5 and establishing it in 5

various cities over the country.

The replacement of existing technology will assist to lease the line or reduced the

costs.
The server will be located at the central branch considering the risk of security issues
and cannot be placed in any part of country. However there are certain tasks can be

accessed or used in shared or distributed manner.

The networks have to be managed remotely.
The proposed design is permit the use of the wireless mobile computing.
Appliance of security for the connections and the application must be place in the
proposed design.

1.0

NETWORK

DESIGN

(TULASINATAN

MUTHUALAGU

TP026049)

1.1 Requirement Gathering

Page | 8

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

The important part of network design process is requirements gathering. Understanding well
a network is essential in delivering its critical to its success. This provides details on how to
set up a network and this is the reference for the foremost requirements of the network design
of the ParsTech Inc Company.
1.1.1 Network Requirements
I.

LAN Functions

The branches of ParsTech Inc Company confess the potential the sharing of
resources, data transfer and e-mail, improve the reliability and easy distributed
processing.

The sharing of resources, including the hardware resource sharing, file

sharing, and software inventory data sharing. Users can share a network
system software and application software.

Data transfer and e-mail, Data and network file transfer is an important
feature of modern LANs which is not only transmits files, data,
information, but also can send voice, images.

Improve the reliability of the computer system. LAN computers can

back each other, avoiding the stand-alone system without backup failure
may occur when system failures. This will be greatly improving the
reliability and the security of the system.

Easy to distributed processing, by using a network technology can have

more than one computer connected to a Server through a certain
algorithm, the larger global issues points to a different computer to
complete.

II.

Physical Topologies
A physical topology is how they are actually interconnected with wires and cable in
the network design. Based on the company requirement the physical topology has to
be design is star topology which every node on the network connects to a central hub.
Star topology will offer a dynamic network design in supporting the future network
Page | 9

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

traffic. It also helps to apply the existing LAN technology in ParsTech Inc Company
which purpose in reducing cost to the new network.

III.

Performance
To examine the performance of network system in sense of usability, the network
design should improve and satisfy the client's request. The present online services of
ParsTech are troubleshooting and maintaining the operations by the IT technicians.
From the factor, the proposed network system should provide their services with an
excellent performance.

IV.

Networking software

The proposed network system should be considered with the use of current
application server of ParsTech Inc Company. The current application software also
required to be intentionally used by staffs in the sub-offices. It will be useful in
reducing the cost of the new network.

V.

Security

Developing security strategies is necessary in protecting all parts of network design.

The security of application server and security of connections between central office,
branch offices and users are the major things which have to be considered in this part.
In order to pursue the security issues, application server should be placed at
ParsTechs central office. The new network must concern about the general task and
applications to be run only by the authorized staffs from other branches.

VI.

Economy and cost control

Page | 10

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

The new system of ParsTech will decrease the quantity of branches to 5 and setting up
it in 5 various cities over the nation. Each and every services of the new network have
to be online so technicians can do troubleshooting online in order to decrease the
expenses of transportation and labor.
VII.

Metropolitan area network (MAN) / WAN options

The new network outline of WAN technology should comprise of two major
processes which is corporate network and remote connections among the companys
technicians and customers machines which need troubleshooting. Current leased line
should be recovers with the lower expense secured WAN technology in order to
connect central office to branch workplaces. Wireless mobile computing is allowed to
be utilized in new network system which is managed and monitored only by the
authorized staffs.

1.2 Network Architecture

Network Architecture is about how the network works and functions. It describes how
different network components communicate with each other and the conventions used as a
Page | 11

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

part of new network. It is used to classify all the network layers step-by-step in logical form
by describing each step in detail. An extraordinary company surely has well plan network
architecture to their organization networking and communication backbone. Most of the
organizations need their architecture to be dependable and secured connection between their
branches and focal offices. The Network design is prescribed to be working for 24 hours to
make sure that data do not get access when the information transmitting.The new network
design should be comprise of the current technologies alongside the new technologies and
help to decrease the cost to the new network.Besides, the new design will support to sort out
certain issues such as customer satisfaction, expanding the number of employees, quality of
service, complicated administrative task and more.

1.3 Analysis of the Existing Network

In this part, the present network design of ParsTech Company is analyzed. The existing
network infrastructure of ParsTech Company consolidates a focal office and few branch
offices in different cities that are connected through the leased lines. The numbers of branch
Page | 12

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

offices have to be decreased to 5. Additionally, the current leased lines must be supplanted
which are less expensive and secured WAN technologies. Moreover, implementation of
remote access will be reduce the workload of technicians and expenses cost of the company.
This new network design is develop for increase the security of the network because the
existing network is less secure and could misuse by hackers or unauthorized personnel.

1.3.1 Estimated Traffic Volumes

Estimation of network traffic is an imperative consideration when outlining a network plan.
Traffic volumes of the network in the company is rely on upon the number of active
workstations in every branch office, number of clients, sorts of data that is being transmitted
from every workstation. The number of active workstation for the ParsTech Company is
nearly 140 workstations. This sort of companies using remote desktop with the normal
quality of 5Mbps for upstream and downstream for the branch and 20Mbps to 50Mbps
upstream and downstream for the central office.
1.3.2 Network Design Constraints
The Network design constraints phase is where a list of factors that should to be considered in
expansive terms. One of the main constraints on this project is time. The network designer
team will be given a duration of time to accomplish the network system design. There will be
many stages to be finished and this will be the most difficult part in the network system
design. Additionally, there are some existing devices and network equipments are remaining
which can be used to design ParsTech's new network. This is due to some of the existing
devices which are suitable for the revamp in the new system and also it will be diminishes the
expense for the new network system design.

1.4 Logical Design

Logical network design relies upon on the requests of the clients of the network. The most
fundamental issues that logical network design will address are what the clients are doing on

Page | 13

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

the network and how the applications will use the network in the prompt and faraway of
future.

1.4.1 Logical Network Diagram

Logical Network Diagrams conceptualize the PC and connection between networks logical
structure. They are utilized by IT experts and corporate IT divisions, network and system
administrators to visually document the topology of computer and networks. The planned
logical network diagram of the ParsTech Inc comprehensively shows the connectivity and
relationship among the devices located in central office, 5 branch offices and remote accesses
such as remote clients or remote staffs of the ParsTech Company. The design shows the
central office located in a place and the 5 branches from different cities are connected across
the nation. The topology has been chosen for this network is star topology which provides a
productive network design. The entire ParsTech Companys network infrastructure is based
on Virtual Private Network (VPN) and DSL WAN technology to give broadband connections
around the network. Moreover, there are two types of VPN have been executed in the this
network which are site to site VPN and remote access VPN. Site to site VPN has been
utilized to link all five branches of this ParsTech Company to the central office and the
remote access VPN to make companys technician able to access into client's machines in
around the world for troubleshooting and maintenance services. The new network will offer
the general task and applications to be only accessible by the authorized staffs from other
branches. Besides, the new system has included the existing system technologies in the aim
of reducing the cost for the new network system design. The new network designs have been
included beneath.

Page | 14

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

Figure 2 : Overall Logical Network Diagram of ParsTech Inc Company

Figure 2 shows the overall ParsTech Inc company network design. This network is include 1
central office and 5 branches which are remotely connected via (SSH). Other than that, VPN
has empowers the client to get to the organization network anyplace.

Figure 3 : Logical Network Design of ParsTech's Central Office

Figure 3 above, shows the internal network of ParsTech's central office. There are 5 server in
the network which are Application server, Database server, VPN server, and Directory
Page | 15

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

Service server, DHCP server and DNS server. Every server is associated with the server
switch and the server switch unites with the multilayer switch. Besides, multilayer switch can
be reduce the cost usage additional router in the network. It also can be usable for the future
network design planning. The application firewall was placed between the main router and
DMZ to protect the network from the malicious activities.

Figure 4 : Logical Network Design of ParsTech's Branch Office 1

All the 5 branches are implemented with same network architecture. All the branches network
works through WAN Internet technology to sent and receive data from the central office.
Each of the branches have 3 floors which connected through multilayer switch and also each
branch have their own firewall to protect the network from malicious activities.

Page | 16

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

Figure 5 : Logical Network Design of ParsTech's Branch Office 2

Figure 6 : Logical Network Design of ParsTech's Branch Office 3

Page | 17

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

Figure 7 : Logical Network Design of ParsTech's Branch Office 4

Figure 8 : Logical Network Design of ParsTech's Branch Office

Page | 18

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

1.4.2 IP Addressing Strategy

The ParsTech Company has a central office and lessened branch offices to 5. As indicated by
network design there are 6 local area networks (LAN) are situated across the nation. Every
branch is comprised of a separate firewall, internal router, hub switch and DSL modem. A
Demilitarized Zone (DMZ) is also build as portal in central office to protect the servers. A
class B IP as a valid IP will be assigned for the gateway (DMZ) in order to be open from
other site to site VPNs and also remote access VPN for the user and network administrator.
The further IP will be allotted from C class IPs as invalid or local IPs to produce local area
network and intranet. The diagrams below illustrate and describe how the IP addresses
assigned for each branch office.
Central Office
Network ID : 129.100.2.0
Subnet Mask : 255.255.255.0
Usable IP Address : 254
Broadcast Address : 129.100.2.254
Firewall : 230.0.10.1/24
Server Router : 230.0.11.1/24
HQ Router : 230.0.12.1/24
Branch 1
Network ID : 129.100.3.0
Subnet Mask : 255.255.255.0
Usable IP Address : 254
Broadcast Address : 129.100.3.254
Firewall : 230.0.20.1/24
Server Router : 230.0.21.1/24
HQ Router : 230.0.22.1/24

Page | 19

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

Branch 2
Network ID : 129.100.4.0
Subnet Mask : 255.255.255.0
Usable IP Address : 254
Broadcast Address : 129.100.4.254
Firewall : 230.0.30.1/24
Server Router : 230.0.31.1/24
HQ Router : 230.0.32.1/24

Branch 3
Network ID : 129.100.5.0
Subnet Mask : 255.255.255.0
Usable IP Address : 254
Broadcast Address : 129.100.5.254
Firewall : 230.0.40.1/24
Server Router : 230.0.41.1/24
HQ Router : 230.0.42.1/24

Page | 20

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

Branch 4
Network ID : 129.100.6.0
Subnet Mask : 255.255.255.0
Usable IP Address : 254
Broadcast Address : 129.100.6.254
Firewall : 230.0.50.1/24
Server Router : 230.0.51.1/24
HQ Router : 230.0.52.1/24

Branch 5
Network ID : 129.100.7.0
Subnet Mask : 255.255.255.0
Usable IP Address : 254
Broadcast Address : 129.100.7.254
Firewall : 230.0.60.1/24
Server Router : 230.0.61.1/24
HQ Router : 230.0.62.1/24

Page | 21

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

1.4.3 Demilitarized Zone (DMZ)

DMZ (demilitarized zone) is a physical or logical sub-network that isolates an internal local
area network (LAN) from other depended networks, more often the Internet. External-facing
servers, resources and services are situated in the DMZ so they are accessible from the
Internet but the rest of the internal LAN remains inaccessible. This gives an additional layer
of security to the LAN as it limits the potential of hackers to directly get to internal servers
and information via the Internet (Rouse, 2015). The following diagram shows DMZ position
in a sample network.

Figure 9 : Sample Demilitarized Zone (DMZ)

Source :
http://etutorials.org/Networking/Router+firewall+security/Part+I+Security+Overv
iew+and+Firewalls/Chapter+2.+Introduction+to+Firewalls/Firewall+Design/

Advantages of Demilitarized Zone (DMZ) (Syngress, 2003)

Inexpensive, fairly simple configuration, low maintenance.

Lower cost than more robust alternatives.
Firewall provides protection to both internal network and bastion host, constraining

some of potential breach possibilities of an unprotected bastion host.

Allow for establishment of multiple service-providing hosts in the DMZ; shields
bastion hosts in DMZ from both networks, permits much more granular control of
assets and access: removes single point of failure and attack.

1.4.4 Virtual LAN (VLAN)

Page | 22

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

A virtual local area network (VLAN) is a logical group of workstations, servers and network
devices that seem to be on the same LAN despite their geographical distribution. A VLAN
allows a network of computers and clients to communicate in a simulated environment as
though they exist in a single LAN and are sharing a single broadcast and multicast domain.
VLANs are actualized to accomplish scalability, security and ease of network management
and can rapidly adjust to change in network requirements and relocation of workstations and
server nodes. Higher-end switches permit the functionality and implementation of VLANs.
The purpose of executing a VLAN is to enhance the performance of a network or apply
proper security features. (Janssen, techopedia, 2012). The following demonstrates two
broadcast domain in two switches and two broadcasting domain in a single switch as Virtual
LAN (VLAN)

Figure 10 : Sample virtual local area network (VLAN)

Source :
http://alliedtelesis.com/manuals/AWPLUSV224CLIa1/port_based_VLANs_overview.html

Advantages of Virtual LAN (VLAN)

Page | 23

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

There many reasons that network designer use VLANs. There are some of advantages of
utilizing VLAN in ParsTech Companys network:

VLANs empower logical grouping of end-stations that are physically scattered on a

network. At the point when clients on a VLAN move to another physical location yet
keep on performing the same job function, the end-stations of those clients do not
need to be reconfigured. So also, if users change their job functions, they require not
physically move: changing the VLAN participation of the end-stations to that of the
new group makes the clients end-stations local to the assets of the new team (netapp,
2013).

VLANs decrease the necessary to have routers deployed on a network to contain

broadcast traffic. Flooding of a packet is limited to the switch ports that fit with a
VLAN (netapp, 2013).

Confinement of broadcast domains on a network essentially diminishes traffic. By

keeping the broadcast domains, end-stations on a VLAN are restricted from listening
to or receiving broadcasts not expected for them. Besides, if a router is not connected
between the VLANs, the end-stations of a VLAN cannot communicate with the endstations of the other VLANs (netapp, 2013).

Page | 24

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

1.5 Physical Design

1.5.1 Physical Network Diagram
The physical design is a geographical representation of a system showing the system's
internal and external entities, and the streams of information into and out of these entities.
The physical design network diagram of the ParsTech Company expose WAN technology,
Servers, network devices and transmission media which to be apply in the network and
represents the connection between one another. The central office connected with the branch
offices by using VPN technology through broadband access DSL technology. The following
diagram illustrates the physical network design in the system.
There are five servers are intended to be situated in central office. The application and
database servers are existing servers in ParsTech Inc Company. DHCP server, DNS server,
Directory service server must be purchased by the ParsTech. Each and every servers are
detached in the secured zone called DMZ which can expand the security of network, database
and clients information. A firewall is situated between DMZ internal router. This will detect
and prevent intruders penetrate to the ParsTech's network. Besides, VLAN configuration have
been used between machines in central office by switches to data transmission.

Figure 11 : Figure : Physical Network Diagram of ParsTech Company

Page | 25

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

1.5.2 Virtual Private Network (VPN)

A Virtual Private Network (VPN) is a process which used to figure the security and protection
to private and open networks, for example, service provider backbone network or internet.
VPNs are usually used by organization to ensure their private data and information. The VPN
sorts that have been develop for the ParsTech Company is to apply internet as a network
infrastructure for the purpose of diminishing the cost of networking.
According to the ParsTech Company, there are two types of VPN technology have been used
which are site to site VPN and Remote access VPN. The site to site VPN has intended to link
central office to branch offices and Remote access VPN has designed to allow the companys
technicians able to connect to clients machines for troubleshooting and maintenance purpose.

Corporate Network by Site to site VPN

Site-to-site VPN connections empower organizations to have routed
connections between separate offices or with different organizations over
an open network while serving to maintain secured communications. A
routed VPN connection across the Internet logically works as a dedicated
WAN link. When networks are connected by the Internet, as shown in the
following figure, a router forwards packets to another router across a VPN
connection. To the routers, the VPN connection operates as a data-link
layer link (technet, 2003). The following diagram shows a site to site VPN.

Figure 12 :Sample diagram of a Site to Site VPN

Source : http://www.besecurenetworks.com/server.html

Page | 26

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

Remote Connections by Remote Access VPN

Remote access VPN connections allow clients working at home or on the road to access a
server on a private network using the infrastructure provided by a public network, for instant,
internet. From the users viewpoint, the VPN is a point-to-point connection between the
computer (the VPN client) and an organizations server. The exact infrastructure of the
mutual or public network is insignificant because it seems logically as if the information is
sent over a dedicated private link (technet, 2003).The following diagram shows the
Remote Access VPN.

Figure 12 :Sample diagram of a Site Remote Access VPN

Source : http://www.besecurenetworks.com/server.html
Advantages of VPN:
I.

Enhanced security. When you connect to the network through a VPN, the data is
kept secured and encrypted. In this way the information is away from hackers eyes
(ibvpn, 2010).

II.

Remote control. In the event of a company, the great advantage of having a VPN is
that the information can be accessed remotely even from home or from any other
place. Thats why a VPN can increase productivity within a company (ibvpn, 2010).

Page | 27

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

III.

Share files. A VPN service can be used if you have a group that needs to share files
for a long period of time (ibvpn, 2010).

IV.

Online anonymity. Through a VPN you can browse the web in complete anonymity.
Compared to hide IP software or web proxies, the advantage of a VPN service is that
it allows you to access both web applications and websites in complete anonymity
(ibvpn, 2010).

V.

Unblock websites & bypass filters. VPNs are great for accessing blocked websites
or for bypassing Internet filters. This is why there is an increased number of VPN
services used in countries where Internet censorship is applied (ibvpn, 2010).

VI.

Change IP address. If you need an IP address from another country, then a VPN can
provide you this (ibvpn, 2010).

VII.

Better performance. Bandwidth and efficiency of the network can be generally

increased once a VPN solution is implemented (ibvpn, 2010).

VIII.

Reduce costs. Once a VPN network is created, the maintenance cost is very low.
More than that, if you opt for a service provider, the network setup and surveillance is
no more a concern (ibvpn, 2010).

1.5.3 WAN Technology

A wide area network (WAN) is a system that exists over a large-scale geographical area. A
WAN connects different smaller networks, including local area networks (LAN) and metro
area networks (MAN). This guarantees that computers and clients in one area can
communicate with computers and users in different areas. WAN implementation can be
possible either with assistance of the public network or a private network (Janssen, 2012).
A WAN connects more than one LAN and is used for larger geographical areas. Computers
connected to a wide-area network are frequently connected through public networks, for
example the telephone system. They can also be connected through leased lines or satellites
(Beal, 2013). A WAN works in a similar manner to a LAN yet the difference is LAN can
work on a larger scale. Commonly, TCP/IP is the protocol used for a WAN in combination
with devices such as routers, switches, firewalls and modems (Janssen, 2012).
Page | 28

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

Figure 13 :Sample diagram of a WAN Technology with DSL Topology

Source : http://www.ciscopress.com/articles/article.asp?p=2202411&seqNum=8

1.6 Server
Page | 29

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

A server is a computer that serves data to different computers. These computers, called
clients, can connect to a server through either a local area network (LAN) or a wide area
network (WAN), such as the Internet (Christensson, 2005).
There are several different types of servers, including Web servers, mail servers, and file
servers. A web server serves Web pages to computers that connect to it. It also can parse
scripting languages such as PHP, ASP, and JSP. A mail server stores users' e-mail accounts
and sends and receives e-mail messages. Case in point, when you send an e-mail to a friend,
the message is sent by a mail server which uses SMTP protocol. A file server is a computer
that stores files that can be accessed by other computers. File servers are often used within
local networks and frequently require a secret key or some kind of authentication to get
connected (Christensson, 2005).
1.6.1 Directory Service Server
A network service can identify all resources on a network and make them available to users
and applications. Resources include e-mail addresses, computers, and peripheral devices like
printers. Preferably, the directory service must make the physical network topology and
protocols transparent so that a user on a network can get into any resource without knowing
where or how it is physically connected. There are various directory services that are utilized
widely. The most important two includes LDAP, which is for e-mail addresses, and Netware
Directory Service (NDS), which is for Novell Netware networks.
1.6.2 Domain Name System (DNS)
An Internet service that interprets domain names into IP addresses. Since domain names are
alphabetic, they're easier to remember. The Internet however, is really based on IP addresses.
Every time you use a domain name, a DNS service must translate the name into the
corresponding IP address (Beal, 2013).

1.6.3 Dynamic Host Configuration Protocol (DHCP)

Page | 30

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

DHCP is a protocol for assigning dynamic IP addresses to devices on a network. A device can
have a different IP address every time it connects to the network during dynamic addressing.
In a few network system, the device's IP address can even change while it is still connected.
DHCP additionally support a blend of static and dynamic IP addresses (Beal, 2013).
1.6.4 Database Server
Database server is the term used to allude back-end system of a database application using
client/server architecture. The back-end system, sometimes called a database server, performs
tasks such as data analysis, storage, data manipulation, archiving, and other non-user specific
tasks.
1.6.5 Application Server
An application server is a program that handles all application operations between users and
an organization's backend business applications or databases. An application server is
frequently used for complex transaction-based applications. To support high-end needs, an
application server needs to have built-in redundancy, monitor for high-availability, highperformance distributed application services and support for complex database access (Beal,
2013).

1.7 Corporate Communications

Page | 31

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

1.7.1 Logon Procedure

In the new network design, we chose Secure Shell Protocol (SSH) as a logon technique for
employees to sign into another computer over a network, to execute commands in a remote
machine, and to move documents from one machine to another. It gives solid verification and
secure communications over frail channels. SSH shields a network from attacks such as IP
spoofing, IP source routing, and DNS spoofing. An attacker who has figured out to take over
a network can only compel SSH to disconnect. The employee cannot play back the traffic or
hijack the connection when encryptions empowered (Beal, 2013).

Figure 14 :Sample diagram of how SSH protocol works

Source : https://www.vandyke.com/solutions/ssh_overview/ssh_overview.pdf

1.7.2 Remote connection (Remote access VPN)

As indicated by the new network design, we have outlined Remote access VPN to provide
companys technicians ready to connect to clients machines in purpose for troubleshooting
Page | 32

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

and maintenance to accomplish the secure remote connection between the client machines. In
a Remote-access VPNs, individual hosts or users, such as telecommuters, mobile users, and
extranet consumers, are able to access a company network safely over the Internet. Each host
typically has VPN client software loaded or uses an online-based client. A remote-access
VPN host or client typically has VPN client software. Whenever the host tries to send any
information, the VPN client software exemplifies and encodes the information before sending
it over the Internet to the VPN gateway at the edge of the targeted network. On receipt, the
VPN gateway handles the data in the same path as it would handle data from a site-to-site
VPN (orbitcomputersolution, 2013).

Figure 15 :Sample diagram of Remote-access VPN

Source : http://www.orbit-computer-solutions.com/Remote-access-VPNs.php

1.8 Network Topology

Network topology is the way different components of a network (like nodes, links,
peripherals, etc) are organized. Network topologies define the layout, virtual shape or
structure of network, physically as well as logically. The way in which various systems and
Page | 33

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

nodes are connected and communicate with one another is recognized by topology of the
network. Topology can be physical or logical (Beal, 2013). A physical topology of a network
is all about the configuration of cables, computers, and other peripherals, while the logical
topology focuses refer to the pattern of data transfer between network nodes. The physical
and network topologies can be classified into five fundamental model such as bus, star, ring,
tree and mesh topology.
Bus Topology

Figure 16: Sample diagram of Bus Network Topology

Source: https://www.edrawsoft.com/Network-Topologies.php
All the devices/nodes are connected sequentially to the same backbone or transmission line.
This is a simple, low-cost topology, but its single point of failure presents a risk.

Advantages of a Linear Bus Topology (edrawsoft, 2012)

Easy to connect a computer or peripheral to a linear bus.

Requires less cable length than a star topology.

Disadvantages of a Linear Bus Topology (edrawsoft, 2012)

Page | 34

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

Entire network shuts down if there is a break in the main cable.

Terminators are required at both ends of the backbone cable.
Difficult to identify the problem if the entire network shuts down.
Not meant to be used as a stand-alone solution in a large building.

Star Topology

Page | 35

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

Figure 17: Sample diagram of Star Network Topology

Source: https://www.edrawsoft.com/Network-Topologies.php
All the nodes in the network are connected to a central device such like hub or switch via
cables. Failure of individual nodes or cables does not create downtime in the network but the
failure of a central device can. This topology is the most preferred and popular model.
Advantages of a Star Topology (edrawsoft, 2012)

Easy to install and wire.

No disruptions to the network then connecting or removing devices.

Easy to detect faults and to remove parts.

Disadvantages of a Star Topology (edrawsoft, 2012)

Requires more cable length than a linear topology.

If the hub or concentrator fails, nodes attached are disabled.

More expensive than linear bus topologies because of the cost of the concentrators.
The protocols used with star configurations are usually Ethernet. Token Ring uses a similar
topology, called the star-wired ring.

1.8.1 Network Topology Chosen

Page | 36

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

Star Topology
The current network topology of the ParsTech Inc Company is of star topology which is
appropriate and perfect with new designed network infrastructure of the company.
Consequently, in lessening the cost of networking, the main existing star topology will
continue but IP addressing and VLAN configuration will be upgraded.

Figure 18 : Star Network in ParsTech Central Office

Based on the network diagram above, the topology have been selected for this network is star
topology which will provide a productive network design between the central branch and five
other branches. As should be obvious there, all the branches are connected to the router and
WAN connection. Next the switch is regularly used at the central branch, servers, and also to
the computer in the network. The reason of using this topology as part network design is,
before a remote customer has separated, the other remote customer will be not influenced.
They are still available to connect the switches and keep up the procedure as for the most
part. In addition, this star topology is easy to repair and easy to troubleshoot the errors and
evacuate the parts. Despite the fact that this topology is exorbitant to apply, it delivers an
excellence performance to the client in the each branches.

1.9 Transmission Media

Page | 37

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

Transmission media is express kind of physical system used to bring a communication signal
starting with one framework then onto the next. The stability and the speed of the network
will be relies upon on picking the proper cables for the new network and it's likewise must be
backing up for future improvement. High capacity bandwidth cabling will be additional cost
for the organization. In this manner, the cables selected should be adequate for the new
network design to perform ideally and must provide inexpensive cost for the network. The
transmission media includes twisted-pair cable, coaxial cable and fiber optic cable.
1.9.1 Unshielded Twisted Pair (UTP)
Unshielded twisted pair is a well known sort of cable that comprises of two unshielded wires
twisted around one another. Because of its minimal effort, UTP cabling is used broadly for
local-area networks (LANs) and telephone connections. UTP cabling does not offer as high
bandwidth or as great security from interference as coaxial or fiber optic cables, yet it is less
lavish and less demanding to work with. The proposed cable for ParsTech's new network is
Category 5e cable (Cat 5e) which is suitable for Ethernet. Cat5e cable provides performance
of up to 100MHz and its suitable for 10BASE-T, 100BASE-TX (Fast Ethernet), and
1000BASE-T (Gigabit Ethernet). This will provide services for a long term usage and most of
the company used to install it in workstation. Cat 5e is cheapest UTP cable which is easy to
install and maintain. (Nicholson, 2013).

Figure 19 : Category 5e cable

Source : http://www.redco.com/Redco-CAT5E-SHIELDED.html
Characteristics of UTP

Page | 38

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

low cost

easy to install

High speed capacity

High attenuation

Effective to EMI

100 meter limit

Advantages of UTP

Easy installation

Capable of high speed for LAN

Low cost

Disadvantages of UTP

Short distance due to attenuation

Page | 39

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

1.9.2 Fiber Optics

Fiber optic cable uses electrical signals to transmit data. It uses light and the light only moves
in one direction. If for two way communication to take place, a second connection must be
made between the two devices. It is a two stands of cable where each stand is in charge for
one direction of communication. A laser at one device sends pulse of light through this cable
to other device. These pulses translated into 1s and 0s at the flip side. In the focal point
of fiber cable is a glass stand or core. The light from the laser that travels through this glass to
the next device around the internal core is a reflective material known as Cladding. No light
escapes the glass core because of this reflective cladding. Fiber optic cable has bandwidth
more than 2 Gbps (hubpages, 2010).

Figure 20 : Fiber optic cable

Source : http://mathscinotes.com/2014/08/cost-of-optical-fiber-versus-kite-string/

Characteristics Of Fiber Optic Cable

Expensive

Very hard to install

Capable of extremely high speed

Extremely low attenuation

Page | 40

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

No Electromagnetic interference (EMI)

Advantages Of Fiber Optic Cable

Fast

Low attenuation

No Electromagnetic interference (EMI)

Disadvantages Fiber Optic Cable

Very costly

Hard to install

1.9.3 Data communications equipment (DCE)

Data communications equipment (DCE) refers to computer hardware devices used to set up,
keep up and terminate communication network sessions between a data source and its
destination. DCE is connected to the data terminal equipment (DTE) and data transmission
circuit (DTC) to change over transmission signals. However, when you talk as far as DCE, it
turns into an input signal. This because the specification was written from the point of view
of the DTE end of the link.

Page | 41

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

Figure 21 : DCE cable

Source : http://media.cablesandkits.com/p/CAB-232FCc.jpg

2.0
HARDWARE,
REQUIREMENTS

SOFTWARE

AND

DESKTOP

(TULASINATAN A/L MUTHUALAGU (TP026049)

2.1 HARDWARE
As a network consultant team, we need pick a right hardware close by to address clients
needs is a basic element regarding the matter of improving working environment
productivity. If your workers arent equipped with the right tools to carry out their
employments, office efficiency will affect as a result.
2.1.1 Workstation

The network consultant chosen Dell Precision Tower 5810 workstation for the new network.
This workstation PC is suitable for long-term work with some of huge datasets. This
organization has a central office and 5 branches. All out workstations required in this
organization are 140 workstations, which will be 40 workstations in the central office and 20
workstations for each branches in the company. All workstations will be finished with
Wireless keyboard and mouse and 26' inch LED Monitor.

Dell Precision Tower 5810 workstation specification

Page | 42

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

Figure 22 : Dell Precision Tower 5810 workstation

Source : http://www.dell.com/my/business/p/precision-t5810-workstation/pd
Components
Processor
RAM
Hard Disk Drive
Operation System

Specification
Intel Xeon Processor E5-1620 v3 (4C, 3.5GHz, 10M, 140W)
16GB (4x4GB) 2133MHz DDR4 RDIMM ECC
256GB 2.5" Serial-ATA Solid State Drive
Windows 7 Professional (64Bit Windows 8.1 License, Media)- English,

Monitor
Price

French, German, Dutch, Italian

Dell UltraSharp 24 PremierColor Monitor
$ 1,799 (dellus, 2015) (approximately RM 6,881)

2.1.2 Server
The ParsTech Inc network are implemented with 5 server which that include the Dynamic Host
Configuration Protocol (DHCP), Database Server, Domain Name System (DNS), Directory Service
Server and Application Server. Besides, the DMZ server is also are implemented in the organization.
In spite of the fact, these types of the server is already applied in the company, however it is expected
to overhaul the server due to the quantity of the workers and the client of organization is developing
and expanding. So that, Upgrading the server rack is required and can build the execution of the
server, so can deal with more the clients of organization.

The allocation of the Rack mount servers is as following:

Dynamic Host
(DHCP)
Database Server

Servers
Configuration

Protocol

No of rack mount server

1
2
Page | 43

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

Domain Name System (DNS)

Directory Service Server
Application Server
DMZ server

1
1
2
1

Figure 23 : PowerEdge R430 Rack Server

Source : http://www.dell.com/us/business/p/poweredge-r430/pd?~ck=anav

Components
Processor

Specifications
Intel Xeon processor E5-2600 v3 product family with 2 Processor

Memory Slots
Price
Operating System

sockets.
12 DIMM slots
$ 1489 (dellus, 2015) (approximately RM 5,695)
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Novell SUSE Linux Enterprise Server
Red Hat Enterprise Linux
VMware ESX

Page | 44

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

2.1.3 VPN Firewall router

Netgear SRX5308 VPN Firewall router will be utilized in the ParsTech new network. It is an
elite security switch for joining a coordinated VPN server and client and powerful security
highlights. The Netgear SRX5308 VPN Firewall router can be the better solution for reducing
the cost. This router definitely will increase the security level of the ParsTech new network.
Overall 6 routers are required to be implemented in the new network.

Figure 24 : Netgear SRX5308 VPN Firewall router

Source : http://www.netgear.com/business/products/security/SRX5308.aspx#tab-techspecs

Specification of Netgear SRX5308 VPN Firewall router (Netgear, 2015):

4 Gigabit WAN ports with 4 Gigabit LAN ports, load-balancing and failover across quad

WAN ports
Business-class Stateful Packet Inspection Firewall prevents unwanted access to your

network
125 dedicated IPSec VPN tunnels, 75 SSL VPN tunnels for secure remote access
924Mbps LAN-to-WAN throughput, 200000 concurrent sessions
Prioritize traffic with Quality of Service (QoS) and WAN Traffic Metering

Price : $231.49 (amazon,2015) (approximately RM 885)

2.1.4 Internal Router

Page | 45

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

As the internal router for ParsTech Inc Company, Mikrotik RB/1100AHX2 Routerboard
Router OS Level 6 will be used. Outer. It is good router whereby the device perform in 1U
aluminium rack mount Gigabit Ethernet router. Apart from that, this device enables switch
reset and temperature sensor. ParsTech Inc needed 6 Pcs of this device for central office and
their 5 branches.

Figure 25 : Mikrotik RB/1100AHX2 Routerboard Router OS Level 6

Source : http://routerboard.com/RB1100AHx2

The following are the specifications (Routerboard, 2015):

CPU : PowerPC P2020 dual core 1066MHz network CPU with IPsec accelerator
Memory : SODIMM DDR Slot, 2GB installed (RouterOS will use only up to 1.5GB)
Ethernet : Thirteen(13) 10/100/1000 Mbit/s Gigabit Ethernet with Auto-MDI/X
Includes switch to enable Ethernet bypass mode in two ports
Expansion: Reset switch, beeper, voltage and temperature sensors

Price : $329.00 (amazon,2015) (approximately RM 1258)

2.1.5 Wireless Router

As the wireless router for the ParsTech's central office and branches offices, Asus RT-AC66U
dual-band wireless-AC1750 is selected. This wireless router offers some key features which

Page | 46

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

will be needed in ParsTech Inc. This router definitely will provide good performance and
adequate wireless coverage.

Figure 26 : Asus RT-AC66U dual-band wireless-AC1750

Source : https://www.asus.com/us/Networking/RTAC66U/overview/

The following are the specifications (Asus, 2015)

5th generation 802.11ac chipset gives you concurrent dual-band 2.4GHz/5GHz for up

to super-fast 1.75Gbps
Gigabit Ethernet ports for the fastest, most reliable internet performance
AiRadar optimizes wireless coverage with detachable high-powered antennas
Enjoy the ASUSWRT dashboard UI for 3 steps easy setup, signal monitoring, and

network application control

File sharing, printer sharing, and 3G sharing via two multi-functional built-in USB
ports

Price : $142.88 (amazon,2015) (approximately RM 546)

2.1.6 Category 5e Cable (CAT5E)

The proposed cable for ParsTech's new network is Category 5e cable (Cat 5e) which is
suitable for Ethernet. Cat5e cable provides performance of up to 100MHz and its suitable for
10BASE-T, 100BASE-TX (Fast Ethernet), and 1000BASE-T (Gigabit Ethernet). This will
provide services for a long term usage and most of the company used to install it in
Page | 47

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

workstation. Cat 5e is cheapest UTP cable which is easy to install and maintain. (Nicholson,
2013). Cat5e cable chosen for the ParsTech new network is Cat5e Bulk 1000ft Ethernet Cable
White.

Figure 27 : Cat5e Bulk 1000ft Ethernet Cable White.

Source : http://www.amazon.com/Cat5e-1000ft-Ethernet-Cable-White/dp/B004PL082U

The following are the specifications (Signal, 2015)

Cat5e 4 Solid UTP Unshielded Twisted Pair

Conductor: 24AWG CCA - Copper Clad Aluminium
Fluke test up to 350MHz
Certified Transfer Rate: 10/100/1000 Mbps
Length: 1,000 feet (305 meters)

Price : $38.05 (amazon,2015) (approximately RM 145)

2.1.7 Switch
Network switch is a hardware device that joins multiple PCs together inside of one local area
network (LAN). High-performance network switches are broadly used as a part of corporate
networks and data centers. Through information sharing and resource allocation, network
switches save ParsTech's expenses and increase employee productivity. As the network
switch of ParsTech Inc, TP-Link JetStream 48-Port 10/100Mbps+ 4-Port Gigabit L2
Managed Switch will be used in the new network. In this switch, every port has possibility to
Page | 48

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

select between gigabit Ethernet, Fast Ethernet and standard Ethernet. It can help monitor
vitality consequently, which is can naturally shuts down ports for the ports not meeting
expectations. ParsTech Inc will be use 3 switches for the central office and 3 switches for
each branch offices.

Figure 28 : TP-Link JetStream 48-Port 10/100Mbps+ 4-Port Gigabit L2 Source

: http://www.tp-link.com/lk/products/details/cat-39_TL-SL3452.html#overview

The following are the specifications (tp-link, 2015)

P-MAC-Port-VID Binding, ACL, Port Security, DoS Defend, Storm control, DHCP

Snooping, 802.1X Authentication and Radius provide you robust security strategies
L2/L3/L4 QoS and IGMP snooping optimize voice and video application
WEB/CLI managed modes, SNMP, RMON bring abundant management features

Price : $306.42 (amazon,2015) (approximately RM 1172)

2.2 SOFTWARE AND OPERATING SYSTEM

2.2.1 Server Software
The new network of ParsTech have installed windows Server 2008 Enterprise edition,
because windows Server 2008 Enterprise Edition gives more prominent useful functionality
and scalability than the Standard Edition. Similarly as with Standard Edition, just a 64-bit
version is available. Upgrades incorporate backing for upwards of 8 processors and up to
2TB of RAM. Extra components of the Enterprise edition include support for clusters of up to
8 nodes and Active Directory Federated Services (AD FS) (techotopia, 2013). Additionally,
Page | 49

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

ParsTech Inc. have adaptability where the clients can use from alternate client and
information in central storage of organization and their applications from anyplace.

Figure 29 : Microsoft Windows Server Enterprise 2008

Source : http://www.amazon.com/Microsoft-Windows-Server-EnterpriseVersion/dp/B0011F193A

Price : $2,874.95 (amazon,2015) (approximately RM 10996)

2.2.2 Antivirus
The new network of ParsTech have installed Kaspersky Endpoint Security for Business Core
antivirus for the security. By using this antivirus the management can protect the client
workstations and the critical servers of ParsTech Inc from attackers. The Kaspersky's
Endpoint Security gives top-notch malware detection and is less demanding to send than
competing products. The Security Center reassure gives great centralised management
facilities and offers quality reporting and alerting features (Millman, 2015).

Page | 50

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

Figure 30 : Kaspersky Endpoint Security for Business

Source : http://www.totalavsecurity.com/Kaspersky-KL4867AANDR-p/kl4867aandr.htm

Supported devices (Millman, 2015):

PCs
Windows XP Home/Professional (32bit) SP3, Professional (64bit) SP2, Vista SP1, 7 SP1, 8,
8.1.
Servers
Windows Server 2008 R2/Standard SP1, SBS 2008 SP2, SBS 2011 Essentials, SBS 2011
Standard SP1 ,Windows Server 2012 R2/Foundation/Essentials/Standard.

Price : $49.73 (totalavsecurity,2015) (approximately RM 190)

2.2.3 Operating System

Page | 51

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

The existing network of ParsTech is already using Windows 7 ultimate 64bit. In order to
upgrade for a better choice for the new network Windows 8.1 Enterprise 64bit have been
installed. Windows 8.1 Enterprise 64bit offers many improvements for Windows users as a
whole, such as a better Windows Store experience, built-in apps and enhanced
personalization options compare to Windows 8.0 (businessnewsdaily, 2013). ParsTech use for
their client systems.

Figure 31 : Windows 8.1 Enterprise 64bit

Source : http://voucherstore.net/Windows-8.1-Enterprise

The following are the minimum requirements (voucherstore, 2015)

Processor: 1 gigahertz (GHz) or faster

RAM: 1 gigabyte (GB) (32-bit) or 2 GB (64-bit)
Hard disk space: 16 GB (32-bit) or 20 GB (64-bit)
Graphics card: Microsoft DirectX 9 graphics device with WDDM driver

Price : $49.99 (voucherstore.net,2015) (approximately RM 191)

REFERENCING
Beal, V. (2013, june 6). webopedia. Retrieved 2015, from webopedia:
http://www.webopedia.com/TERM/A/application_server.html

Page | 52

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

Christensson, P. (2005, february 23). Retrieved 2015, from pc.net:

http://pc.net/helpcenter/answers/purpose_of_a_server
Danen, V. (2001). techrepublic. Retrieved 2015, from techrepublic:
http://www.techrepublic.com/article/lock-it-down-implementing-a-dmz/1061732/
dellus. (2015, may 15). Retrieved 2015, from dellus:
http://www.dell.com/us/business/p/precision-t5810-workstation/pd?
oc=cup5810w7pssd&model_id=precision-t5810-workstation
edrawsoft. (2012, june 06). Retrieved 2015, from edrawsoft:
https://www.edrawsoft.com/Network-Topologies.php
hubpages. (2010, january 9). Retrieved july 6, 2015, from
http://ninjacraze.hubpages.com/hub/Data-Communication
ibvpn. (2010, February 24). ibvpn. Retrieved 7 28, 2015, from invisible browsing vpn:
http://www.ibvpn.com/2010/02/8-advantages-of-using-vpn/
informatics. (2012, october 28). Retrieved july 11, 2015, from informatics:
http://www.informatics.buzdo.com/extras/tcp-ip-3.htm
Janssen, C. (2012, may 6). Retrieved 2015, from
http://www.techopedia.com/definition/5409/wide-area-network-wan
Janssen, C. (2012). techopedia. Retrieved from techopedia:
http://www.techopedia.com/definition/4804/virtual-local-area-network-vlan
Kayne, R. (2015, july 16). wisegeek. Retrieved 2015, from wisegeek:
http://www.wisegeek.org/what-is-a-web-server.htm
Lewis, M. (2006). Comparing, Designing, and Deploying VPNs (illustrated ed.). Adobe
Press.
Mitchell, B. (2013, june 16). Retrieved 2015, from compnetworking:
http://compnetworking.about.com/od/basicnetworkingconcepts/g/network_servers.htm
netapp. (2013, may). Retrieved from netapp:
https://library.netapp.com/ecmdocs/ECMP1196907/html/GUID-C9DA920B-F414-40178DD1-D77D7FD3CC8C.html
Netgear. (2015, march 21). amazon. Retrieved july 28, 2015, from amazon:
http://www.amazon.com/NETGEAR-ProSAFE-SRX5308-Firewall-SRX5308100NAS/dp/B003HF8SL8
Nicholson, M. (2013, april 21). streetdirectory. Retrieved 2015, from streetdirectory:
http://www.streetdirectory.com/travel_guide/116195/networking/cat5e_for_high_speed_netw
orks.html

Page | 53

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

Odom, W. (2004). CCNA INTRO Exam Certification Guide: CCNA Self-study (illustrated
ed.). Cisco Press.
orbitcomputersolution. (2013, may 16). Retrieved 2015, from orbitcomputersolution:
http://www.orbit-computer-solutions.com/Remote-access-VPNs.php
Rouse, M. (2015, june). searchsecurity. Retrieved from searchsecurity:
http://searchsecurity.techtarget.com/definition/DMZ
Routerboard. (2015, april 11). Retrieved July 28, 2015, from Routerboard:
http://routerboard.com/RB1100AHx2
Syngress. (2003). Building DMZs For Enterprise Networks. Syngress.
Syngress. (2003). Building DMZs For Enterprise Networks (1st ed.). Syngress.
technet. (2003, March 28). Retrieved 2015, from technet: https://technet.microsoft.com/enus/library/cc739294(v=ws.10).aspx
vicomsoft. (2013, june 13). Retrieved 2015, from vicomsoft:
http://www.vicomsoft.com/learning-center/email-and-email-servers/
Amazon.com, (2015). Amazon.com: Cat5e Bulk 1000ft Ethernet Cable White: Electronics.
[online] Available at: http://www.amazon.com/Cat5e-1000ft-Ethernet-CableWhite/dp/B004PL082U [Accessed 3 Aug. 2015].
Amazon.com, (2015). Amazon.com: Microsoft Windows Server Enterprise 2008 25 Client
[Old Version]. [online] Available at: http://www.amazon.com/Microsoft-WindowsServer-Enterprise-Version/dp/B0011F193A [Accessed 3 Aug. 2015].
Asus.com, (2015). RT-AC66U - Overview. [online] Available at:
https://www.asus.com/us/Networking/RTAC66U/overview/ [Accessed 3 Aug. 2015].
Netgear.com, (2015). VPN Firewalls - SRX5308 | Security | Business | NETGEAR. [online]
Available at: http://www.netgear.com/business/products/security/SRX5308.aspx#tabtechspecs [Accessed 3 Aug. 2015].
node, K. (2015). Kaspersky KL4867AANDR. [online] www.totalavsecurity.com. Available at:
http://www.totalavsecurity.com/Kaspersky-KL4867AANDR-p/kl4867aandr.htm
[Accessed 3 Aug. 2015].
Routerboard.com, (2015). RouterBoard.com : RB1100AHx2. [online] Available at:
http://routerboard.com/RB1100AHx2 [Accessed 3 Aug. 2015].

Page | 54

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

Server, P. (2015). PowerEdge R430 Rack Server. [online] Dell. Available at:
http://www.dell.com/us/business/p/poweredge-r430/pd?~ck=anav [Accessed 3 Aug.
2015].
Tp-link.com, (2015). JetStream 48-Port 10/100Mbps + 4-Port Gigabit L2 Managed Switch
TL-SL3452 - Welcome to TP-LINK. [online] Available at: http://www.tplink.com/lk/products/details/cat-39_TL-SL3452.html#overview [Accessed 3 Aug.
2015].
Voucherstore.net, (2015). Windows 8.1 Enterprise - retail license -. [online] Available at:
http://voucherstore.net/Windows-8.1-Enterprise [Accessed 3 Aug. 2015].
Workstation, D. (2015). Dell Precision Tower 5810 Workstation. [online] Dell. Available at:
http://www.dell.com/my/business/p/precision-t5810-workstation/pd [Accessed 3 Aug.
2015].

MARKING SCHEME
Students Name

TULASINATAN A/L
MUTHUALGU (TP026049)

DINESH A/L
THULASIDASS
(TP027442)

Group Components (A)

Overall design (5)
Current trends & best

Page | 55

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT
practices (5)

Executive summary (5)

Coherence & integration
(10)
Referencing (5)
Total Marks (Group
Component)

Individual Components
(B)
Technical accuracy (25)
Critical analysis &
justification
(20)
Research & completeness
(10)
Presentation (15)
Total Marks (Individual
Component)

TULASINATAN A/L
MUTHUALGU (TP026049)

DINESH A/L
THULASIDASS
(TP027442)

Group Components (A)

Individual Components
(B)

Overall Marks (A + B)

Workload Matrix

Tasks

TULASINATAN
A/L
MUTHUALAGU
(TP026049)

Group
Members
DINESH A/L
THULASIDASS
(TP027442)

Page | 56

CT020-3.5-3-DCCS

GROUP

ASSIGNMENT

Executive
Summary

100

Assumption

100

Section 1

100

Section 2

33

Section 3

67

100

Page | 57