Chapter one Goal and motivation statement

Chapter one

Goal and motivation statement:
Introduction:

The modern educational system, in one way or another, aims to train students’ ability to work with information. It is no coincidence that the prior areas of development of education pay big attention to information processing skills, which later will become the pillar of the professional activity of graduates in the information society, a necessary component of information culture In such circumstances, students will acquire the knowledge necessary to express themselves creatively, learn how to evaluate the accuracy of information, develop critical thinking and distinguish information and knowledge. Local networks are common in the field of education. The majority of schools and education institutes have PCs linked to a LAN network. At the same time, modern technologies allow you to connect computers that are located in multiple continents, and not just in the same room or building. Many educational institutes have branches in multiple countries, with PCs connecting to local area networks. In addition, local networks can connect computers from different colleges or universities.
Through the Internet, each student can get public access to educational materials that can be given in the shape of simple textbooks (e-text), as well as complex interactive systems, computer models of virtual learning environments, etc. The number of users and sources of information on the Internet is continuously increasing. Furthermore, there is a constant quality in the improvement of telecommunication services. Because of this, not only companies and organizations operating in the economic sector and other fields have high-quality access to the Internet, but also educational institutions.
Many systems are prone to a number of risks that can take full control of crucial resources (e-mail systems, network equipment management and others). Crucial risks are usually come because of the uses of out-to-date versions of applications and operating system. Studies have shown that modern business networks are rather vulnerable to attacks by internal and external intruders. The ability to access the critical resources of most of the systems examined leads to the conclusion on the need to improve information security measures, in particular in the field of password policies, web application protection, periodic security updates and protection of privileged account. For early detection of security deficiencies, the system administrator must regularly perform, security analyzes, including penetration tests. http://www.conceptdraw.com. (2018). Campus Area Networks (CAN). Computer and Network Examples. Online Available at: http://www.conceptdraw.com/How-To-Guide/campus-area-networks Accessed 22 May 2018.
Project proposal overview:
Campus Area Network (CAN) is a computer network that provides wireless Internet or LAN access for users located in two or more buildings in the limited geographic area, or in the open space surrounding these buildings. The area University network is usually regulated on the campus of a university or a university {Look at the Diagram A} but the same type of design and design can be applied for other purposes, for enterprises, office buildings, military bases, and complexes. Public places like supermarkets, entertainment centres, etc. Another form of the thunderstorm can exist during some special events such as rallies, music festivals. The area network of the elementary campus can also arise spontaneously, due to the extension distance the radio signals of the access points, which are not limited by the walls of the buildings. It also makes sense to have additional access points for larger and more complex CANs, located in specially chosen places to cater to customers. http://www.conceptdraw.com. (2018). Campus Area Networks (CAN). Computer and Network Examples | Home area networks (HAN). Computer and Network Examples | Metropolitan area networks (MAN). Computer and Network Examples | Campus Area Networks. online Available at: https://goo.gl/2Vmg95 Accessed 22 May 2018.
{Diagram A}

Network goals description:
Oman International University’s network as it launches on its early stage and while the University’s budget is not sufficient, it is reasonably consists of four branches in Bahrain, Qatar and Kuwait besides the main campus, which is located in Sultanate of Oman.
On the other hand, The University’s network must be complete, including information about the campus’s administrative office and other integrated systems of business information management for most teachers and students to provide a network environment for teaching and Advanced Search platform work.
The campus network covers the entire campus, and network design follows the following basic principles of ?ve:
Reliability and high-performance networks must be reliable, including network-level reliability such as routing, switching aggregation, redundant coupling and load balancing. The network must have a Su?cient performance to meet the needs of the business.
System scalability and scalability to be scalable and scalable, with business growth and application level, the data network and information flow will grow exponentially, the need for good network scalability, and can continue Improve with the development of technology. The equipment must be used in accordance with international standards of systems and products to ensure that the system has a long vitality and scalability to meet the future requirements of the system upgrade.
Easy management, easy maintenance as the campus’s backbone network system is large, rich and complex usage, network management system need has good manageability, network management system with control, error detection and Isolation, filter settings and other functions to facilitate the management of the system and maintain. At the same time, as much as possible to choose a high level of integration, the module can be a common product for easy management and maintenance. Here we use the equipment are Cisco switch, ?rewalls.

Security, the confidentiality of the network system must have good security. As the backbone campus for multiple Intranet users to provide interconnection and support to a variety of companies that require flexible and effective security control, but also must support the virtual private network to provide the security of various options of levels. In the design of the system, not only consider the full exchange of informative resources, but also pay attention to the protection and isolation of information, so that the system should be different for different applications and the environment of various network communications, take several di?erent measures, including system security mechanisms, access to the control authority data. To the secondary construction of the campus network, can through subnets and VLAN switches to achieve network security.
Using structured shapes and modular design with ? and complete, to meet the system and di?erent reference needs of users to adapt to changing needs. Meet the goals and functions of the system as a goal, to ensure that the overall design of the program is reasonable to meet the needs of users while maintaining the use of system maintenance as well as the future system of Secondary development and transplantation. Design and Scheme of Network System. (2018). ebook EnPress. Available at:http://file:///C:/Users/infofix/AppData/Local/Packages/Microsoft.MicrosoftEdge_8wekyb3d8bbwe/TempState/Downloads/292-1238-1-PB.pdf Accessed 22 May 2018.

Chapter Two
Literature study

The best appropriate methodology that we are going to use for Literature study is through applying a survey of campus issues.
Terena.org published a survey study done by the National Research and Education Networks (NREN) of the some interesting issues on CAN networks, the results shows as fallows.

Low bandwidth to the NREN:
In the survey, the available bandwidth between the institutions and their NRENs shows a very broad spectrum, ranging from 2 MB/s to 10 GB/s. These figures are not easy to interpret. The low bandwidth can often be suitable for small institutions with few end users. However, a significant number of medium-sized institutions also have a low bandwidth for their NRENs; It seems that this is mainly two to its obligation to use an intermediate network to connect with the NRENs.
In an attempt to make meaningful Cross-institutional, the average bandwidth available to the computer has been calculated. The results range from 8 KB/s to 100 MB/s for the equipment. This has a large bandwidth difference, and it is not easy to explain how an institution that provides 10-50 KB/s for computers can cope with this situation. It is not possible to draw clear conclusions from the survey, but it is clear that end users with a reduced bandwidth cannot take advantage of the full range of network services.

Satisfaction with low-bandwidth:
Connections of the institutions that participated in the survey, 25% reported that they had a relatively low bandwidth between their campuses and the NRESs, i.e. less than 34 MB/s. Some of them were small institutions with few students, but some were not, with more than 5,000 students enrolled. One would expect that larger institutions would be less content with the bandwidth available to their user community. Surprisingly, however, 81% of respondents felt that the bandwidth for the NRENs per user was sufficient.
It is likely that many end users, particularly those of Class A, do not directly access external services, but through proxy servers, cache servers, central mail servers, and so on. This way you can cope, many thousands of Class A users in low-bandwidth connections. However, it is very important to properly manage these servers.
It was not able to investigate more deeply because these institutions seem to be satisfied with their low bandwidth. This can be an important object for further studies. One possible explanation is that the expectations of the user community in these institutions are unusually low and that these users are only content with basic network services.

High bandwidth at NRENs but little use of network services:

The serious reporting of campus subjects, the serious study of researchers ‘ investigations and the latest edition of the annual Compendium of national Research and L networks for Educating in Europe indicates that the low-bandwidth problems identified in the serene study are now resolved to a large extent. Today, many institutions have adequate bandwidth (or better than the right one) to meet the current needs of their user communities. The phenomenon of network bottlenecks – on both campus and elsewhere – is now rare.

Performance of the main campus network:
In general, there have been great improvements over the last few years in campus network infrastructure. However, there are still isolated pockets where there is adequate bandwidth; this may be for a number of reasons, including obsolete equipment, construction problems, fragmented institutional management, geographic remoteness, and lack of funding for networking.

Progressing to improvements:
The survey shows that the institutions are offloading Gigabit networks on their campuses. However, their availability is limited. About 5% of the institutions can provide 90% of its end users with a Gigabit connection. This will not be a major problem for most users in Class A. However, there will be serious repercussions if this distribution is uniform and only 5% of class B and class C users have access to Gigabit networks.
One of the recommendations in {Table 1} indicates that a high percentage of new end-point equipment must provide Gigabit serial connections. There may be a slight additional cost to purchase these switches today, but labor costs for installation and their management will be similar to those of lower grade equipment, and investment will now be depreciated later as the DEM Increases is more bandwidth. It is also strongly recommended that institutions with an obsolete wiring plan be reinstated as soon as possible.
{Table 1}

Network backbone performance on campus
In general, there have been great improvements over the last few years in campus network infrastructure. However, there are still isolated pockets where there is adequate bandwidth; this may be for a number of reasons, including obsolete equipment, construction problems, fragmented institutional management, geographic remoteness, and lack of funding for networking.

Inter-Campus connectivity within institutions responses
To the survey, indicate that some institutions have difficulty connecting remote campuses. Interconnection links seem to work at unacceptable data rates. The survey shows that only 25% of the response institutions have an internal connectivity of more than 1.2 GB/s, while 35% of the institutions participating in the survey have connectivity to their NRENs of more than 1.2 GB/s. There may be several reasons for this Disparity in connection speed. It could be that there is a big difference in the size of the different campuses and that the smaller ones deserve lower connectivity rates. It could also be that the growth rate of external connectivity has exceeded that of the internal network. Another reason for the low-bandwidth between campuses might be the obligation to use regional networks in cases where remote campuses are a certain distance from the main site. It is also possible that the costs of telecommunications for better connectivity are prohibitively expensive.
Report on Campus Issues – Terena. (2008). ebook Available at: https://www.terena.org/publications/files/EARNEST-Campus-Report.pdf Accessed 22 May 2018.

Chapter Three
Requirements ; Analysis

Equipment Details:

CISCO Equipment have been used for entire University Network. The Equipment used are enlisted below:
1. CISCO 2911 Routers (CORE Layer)
2. CISCO 3560 Multi-Layer Switches. (Distribution Layer)
3. CISCO ASA (Internet-ASA)
4. Storage Devices. (Primary ; Network Attached File”NAS”)
5. CISCO 2960 Layer2 Switches. (Access Layer)
6. CISCO Access Points.

CISCO 2911 Routers
The Cisco 2911 Integrated Services Router (ISR) provides very secured data, voice, video and application service. Key elements include:
• Three Integrated 10/100/1000 Ethernet ports (RJ-45 only)
• One Slot Service Module
• Four high-speed WAN interface card slots in relief
• Two built-in digital processor slot (DSP)
• One slot Internal Service module for application service
• Fully integrated power distribution to modules that support 802.3 af power over Ethernet (Poe) and Cisco Enhanced PoE
Security
Accelerated VPN encryption of embedded hardware for secure connectivity and integrated collaborative communication threat control via Cisco iOS Firewall, firewall based on Cisco IOS zone, Cisco IOS IPS and Cisco IOS content filtering
Identity management through authentication, authorization and accounting (AAA) and public key Infrastructure
Voice
• High density voice DSP module, optimized to support voice and video data
• VoiceXML Browser Services certified by standard
• Cisco Unified Border Elements Features
• Cisco Unity Express Secretarial Support
• Support for Cisco Communications Manager Express and remote Survivor site telephone
Services, P., Routers, B., Products, E. and Routers, C. (2018). Cisco 2911 Integrated Services Router. online Cisco. Available at: https://goo.gl/efKGSg Accessed 22 May 2018.

CISCO 3560 Multi-Layer Switches
The Cisco Catalyst 3560 Series is an Enterprise class fixed configuration switch line that includes IEEE 802.3 AF and Cisco Prestandard Power over Ethernet (PoE) features in Fast Ethernet and Gigabit Ethernet configurations. Cisco Catalyst 3560 is an ideal Layer switch for small Enterprise LAN Access or Branch Office environments, combining 10/100/1000 and PoE configurations for maximum production and investment protection. Enabling the distribution of new applications such as IP telephony, wireless access, video surveillance, building management systems and remote kiosks. Customers can implement smart network wide services, such as Advanced Service Quality (QoS), speed limitation, access control lists (ACLs), multicast management, and high-performance IP routing, while maintaining the simplicity of Traditional LAN switching. Available for the Cisco Catalyst 3560 series for free, Cisco Network Wizard is a centralized management application that simplifies the operation of Cisco Wireless switch, router and Access Point. Cisco Network Assistant provides configuration wizards that greatly simplify the deployment of converged networks and Smart network services.
Cisco Catalyst 3560 is part of a broader and more scalable family of Cisco Catalyst switches that includes Cisco Catalyst 3560-and series switches, Cisco Catalyst 3750 and 3750-and switch series with Cisco StackWise ™ technology and the Cisco Catalyst 4500 and switches Modular Catalyst 6500. Along with Cisco IOS ® software, the entire family offers industry-leading availability, integrated security, optimized delivery, and manageability.
Services, P., Access, C., Products, E., Switches, C. and Sheets, D. (2018). Cisco Catalyst 3560 Series Switches Data Sheet. online Cisco. Available at: https://goo.gl/4uKNHm Accessed 22 May 2018.

CISCO ASA
Cisco adaptative Security Application (ASA) software is that the basic OS for the Cisco ASA family. Provides Enterprise-class firewall capabilities for ASA devices in an array of kind factors — standalone devices, blades, and virtual devices — for any distributed network atmosphere. ASA software additionally integrates with different vital security technologies to supply complete solutions that meet the evolving security requirements.
Among its advantages, Cisco ASA software:
Provides integrated options of IPS, VPN, and unified Communications
Enables organizations to make capability and improve performance through multiple-node, superior clump and multiple sites
Offers high availableness for high-resilience applications
Provides collaboration between physical and virtual devices
Meets the distinctive requirements of the network and also the information Centre.
Provides context awareness with Cisco TrustSec security cluster tags and identity-based firewall technology
Facilitates dynamic routing and site-to-site VPN in any context
Cisco ASA software system additionally supports new-generation crypto graphical standards, as well as Suite B crypto graphical formula sets. It additionally integrates with the Cisco Cloud net security resolution to supply foremost web-based threat protection.
Services, P. (2018). Cisco Adaptive Security Appliance (ASA) Software. online Cisco. Available at: https://goo.gl/wXC4sE Accessed 22 May 2018.

Storage Devices:
Storage devices are one of the main components of any computer device. Virtually store all the data and applications on a computer, except for the hardware firmware. They are available in different formats depending on the type of device below. For example, a standard computer has several storage devices that include RAM, cache, and hard drive, as well as having possibly optical drives and externally connected USB drives.
There are two different types of storage devices:
Primary storage devices, typically smaller, are designed to temporarily maintain data and are internal to the computer. They have the fastest data access speed, and include RAM memory and cache.
Secondary storage devices typically have a large storage capacity and store the data permanently. They can be internal or external to the computer, and include hard drives, optical disk drives and USB storage devices.
Techopedia.com. (2018). What is a Storage Device? – Definition from Techopedia. online Available at: https://goo.gl/isjVSS Accessed 22 May 2018.

Network-Attached storage (NAS)
Network-Attached storage (NAS) is a kind of dedicated file memory device that gives local space Network (LAN) nodes with file based shared storage on a regular LAN connecting.
NAS devices, that do not commonly have a keyboard or displaying, are configured and managed with a browser-based utility. Every NAS resides on the local area network as a separate network node and has its own information processing address.
A major advantage of NAS is its ability to supply multiple users over the network with access to identical files. Before NAS, corporations generally had a whole bunch or maybe thousands of distinct file servers that had to be configured and maintained individually. Today, once additional storage capability is required; NAS devices will merely be equipped with larger disks or clusters to give scaling and scaling. Several NAS vendors work with cloud storage suppliers to supply customers with an extra level of redundancy for file backup.
SearchStorage. (2018). What is network-attached storage (NAS)? – Definition from WhatIs.com. online Available at: https://goo.gl/dVy9n4 Accessed 22 May 2018.

CISCO 2960 Layer2 Switches:
Features:

Simple
Automate the installation of Zero-Touch distribution software system. Automatically configures the ports supported the device sort. Proactively diagnose and correct hardware and software issues with Cisco intelligent call Home.

Smart
Consume less energy with the switch suspension mode. Decrease the traffic interruption because of the redundancy of the management arrange through the Flex Stack-Plus switches. Gain visibility and management of applications with the flow light to prioritise applications.

Highly secured
The 2960-X uses 802.1 X for port-based network access management. Modify scalable and dynamic role-based access management with Cisco TRUSTSEC technology. Protection against IPv6 address thievery and malicious attacks with IPv6 initial Hop security.
Services, P. and Access, C. (2018). Cisco Catalyst 2960-X Series Switch. online Cisco. Available at: https://goo.gl/xsF7pp Accessed 22 May 2018.

CISCO Access Points
Wireless access points (APS or WAP) are network devices that enable wireless Wi-Fi devices to link to a wired network. They create wireless local area network networks (WLANs). An access point acts as a central transmitter and wireless radio wave receiver. The most stream of APS supports Wi-Fi and is most typically utilized in households, to support public web hotspots and in business networks to accommodate the proliferation of wireless mobile devices currently in use. The access point may be embedded within the wired router or it can be a standalone device.
Lifewire. (2018). Understanding Wireless Access Points. online Available at: https://goo.gl/5m5pg5 Accessed 22 May 2018.

Some of exciting ACs from Cisco:

CISCO Access Points. (2018). image Available at: https://goo.gl/u7aVn1 Accessed 22 May 2018.

Summary and project schedule:

In modern education system students, teacher, and administration heavily use the network technology, and in order to improve the quality of the service, the network has to be in place with compliant with it all contents.
Campus Area Network (CAN) Project schedule can be well planned and easy to follow if took in timely manner, and divided into different stages to build some flexibility to allow the things that are not planned to be handled.

After completing the campus network, the following functions will be achieved:
• Computer teaching, including multimedia teaching and Learning from distance.
• Network downloading, Mailbox log-ins, online chat, etc.
• Electronic mail system: mainly with peer exchanges, technical cooperation, academic exchanges and other activities.
• FTP file transferring: The main use of FTP service to obtain important scientific and technical information and technical documents.
• Internet Service: Branches can create their own web, use external Web pages for University’s notifications, and provide various types of advice information, use of internal Web pages to administer, such as issuing a warning to collect Students ‘opinions.
• Library Access system for information technology consultation, computer research, computer reading and so on;

Project schedule plan:
• The project is planned to be reviewed by my supervisor Mrs. Farah in Bi-Weekly basis during the summer semester to discuss about the project’s improvement, and the implementation.
• I have scheduled the implementation of our project to be ready at the next semester where we will use all of the network requirements and the tools through Packet Tracer.