c

c
c

c
c c

c

cccc

 !c!!" c# ! $c !$cc! $ !c

 " c"  $c ! c% c

! c&c c'()')(''c

c
 c

! !c

i c INTRODUCTION 0i

2 c
OLUTION:HARDWARE +
OFTWARE 03

LOGICAL AND LOGICAL TOPOLOGY OVERALL

3 c DETAILED
OLUTION ± TOPOLOGY,WHAT 05

CONNECTION FOR LOCAL PLU
REMOTE
ITE

4 c
UBNET
06

5 c
ECURITY I

UE
i0

6 c TYPE
OF LINK
i0

7 c IP ADDRE

E
ii

8 c VIRTUAL PRIVATE NETWORK(VPN) i2

9 c CONCLU
ION i3c

i0 cREFERENCE
i3

c
 c

!$ !c

Implement Network infrastructure for Maiden Choice Hospital(MCH) as per the

requirements This hospital has two branches so we communicate the other two sites from
head office through wireless We use the appropriate technology of wireless access point The
physicians share the data¶s from the server which is placed in Euston
quare In the
networking system however allows medical, support and practice staff at the Headquarters
(Euston
quare) to have access to and enter patient¶s data into the central database located at
the headquarters Whereas local medical staff can only enter data to and access data from
their local systems

According to the paramedics on emergency call should be able to connect to any of

the Centre¶s LAN¶s via a mobile connection from which there must be wireless technology
installed to cate

In this course work, I can use client±server model, client±server model is a

distributed application structure that partitions tasks or workloads between service requesters
called clients and the providers of a resource or service called servers,but both client and
server may exists in the same system Internet's main application protocols, such as HTTP,

MTP, Telnet, and DN
The client ± server model is sometimes reffered to as two-tier
Architecture
pecific types of clients and servers includeweb servers, ftp servers, application
servers, database servers, name servers, mail servers, file servers, print servers, and terminal
servers^ web browsers, email clients, and online chat clients In client ± server model has some
advantages and disadvantages

Advantages
oc Client±server architecture provides the following roles and responsibilities for
great ease of maintenance, ease of use and friendliness of the user interface
oc The data storage is centralized, data updates are to be distributed and applied
to each peer in the network, which is both time-consuming and error-prone, as
there can be thousands or even millions of peers

i
 Disadvantages

c In client±server, should a critical server fail, clients¶ requests cannot be fulfilled

In P2P networks, resources are usually distributed among many nodes Even if
one or more nodes depart and abandon a downloading file,
c for example, the remaining nodes should still have the data needed to complete
the download

In General, networking between these three sites are described here A
erver which is
located in Newham It is connected with wireless router and the wireless router routes
different networks Then the wireless router connected to wireless controller it connect with
other two sites In each floor of the hospital has one wireless access points it receives signals
from the wireless router Continue to that every access point connected with a switch It will
connect the entire pc in that floor
imilarly we do the same construction for every floor
o
now get communicated within building Now whoever present in the building they share the
resources which are available in server

Now we construct structure of networking with the similar structure Each other sites
have one wireless LAN controller, one wireless router, access points and client pc¶s as per
our requirements The wireless LAN controller has support i0 miles of coverage area so our
total surrounding miles is 28 miles so we placed 3 Wireless LAN controllers in every
building It covers the maximum range of area

Now describe about VPN connection In the headquarters we have place server from
the server we buy a internet connection from any I
P¶s (Internet
ervice Provider)

They giving one public ip are used for only accessing internet in your local area
connection we provide this internet connection for every patient¶s so we not give any
restriction to users The physicians who have privileged right them only access data¶s from
server using remote connection

c
2

c
H$$ cc&!$ c$ * $  !c

HARDWARE REQUIREMENT

The following hardware requirements are needed to build the networks are given below

Maiden Choice Hospital (MCH) c+ ,
c-,.cc"
/
0 c

NO U
ER
CLIENT
NAME IP NUMBER

0i Medical
taff 25
02
upport
taff 50

TOTAL U
ABLE IPs = 77

NO FLOOR U
ER CLIENT
NAME IP NUMBER

0i Ground floor- Terminals 50
Fourth Floor(five
Floors)

witches 05
Wireless (NAT configured into 05
routers)

ervers 0i
Cisco Router 0i
CCTV camera 05
CCTV Interface Card 05
D
L Modem 0i
IP Phone 05
 
c
c
cccccc c

Maiden Choice Hospital (MCH) c
ccc


 c

NO U
ER
CLIENT
NAME IP NUMBER

0i Medical
taff 30
02
upport
taff 80
c c c c c  
c
c
ccccc

ccccccccccccccccccccccc 

NO FLOOR U
ER CLIENT
NAME IP NUMBER
0i Ground floor- Terminals 90
Fourth Floor(five
Floors)

witches 06
Wireless (NAT configured into 05
routers)

ervers 05
Cisco Router 0i
IP CCTV camera 05
CCTV Interface Card 05
D
L Modem 0i
IP Phone 05
c c c c c c TOTAL U
ABLE IPs = i23

c c c c c c c c c c c cc

Maiden Choice Hospital (MCH) c ccc


 c

NO U
ER
CLIENT
NAME IP NUMBER

0i Medical
taff i5
02
upport
taff 20
c c c c c  
c
c
cccccc c

NO FLOOR U
ER CLIENT
NAME IP NUMBER

0i Ground floor- Terminals 60
Fourth Floor(five
Floors)
Wireless (NAT configured into routers) 05

ervers (Include NA
server) 05

Cisco Router 0i
IP CCTV camera 05
D
L Modem 0i
IP Phone 05
c c c c c c c

 
c
c
cccccc c c

4
&!$ c$ * $  !c

Operating
ystem: Windows
erver 2003 Enterprise Edition

Exchange
erver 2003 Enterprise Edition

Windows Xp Enterprise Edition

Monitoring Tool : It includes with
erver Functions

Other
oftware¶s : CCTV Camera Capturing
oftware,

Microsoft Office 2007 Enterprise Edition

Cisco IO
(Version depend upon series)

Antivirus

Firewall

 !$c$c

In this Network we have three sites, they are

i c Euston
quare

2 c Middlesex

3 c Newham

Here we see the logical diagram of entire network and how its work How they are
communicated from different sites From the below diagram we see clear structure of the
networking The remote client who need data¶s but they are in area coverage at that time the
administrator give authorized user name and password for the client
o they are taking their
remotely and share the data¶s whatever they required through the public path

We use a single server which it will have sufficient to run all those services They are
DN
, Mail, FTP, and Telnet In the DN
server, the pc¶s belongs to the server by adding it
into client of server
o the authorized users who were created in the server their only allow
accessing the computer Other than that person nobody get logon
o we use general terms in
this network The sites access network through wireless access points in every floorThe
entire logical network diagram are given below

5
 Figure No i Logical Diagram of Entire Network

#c$ cH  c

One of the major problems with supporting only a single subnet mask across a given
network number is that once the mask is selected, it locks the organization into a fixed
number of fixed-sized subnets For example, a Class B subnet that is masked with
255 255 252 0 yields additional 64 subnets with i024 hosts per subnet If you need i028
subnets with some as large as i000 hosts and some as small as 64 hosts you are out of luck

imilar to the IP space separation into A,B, and C classes VL
M permits organization to use
subnets with different number of hosts
o we use VL
M scheme for subnetting the given ip
address

6
At first we see the ip address scheme implemented in Euston
quare

Network ID i92 i68 2 0

tarting IP Address i92 i68 2 i

Ending IP Address i92 i68 2 63

Broadcast ID i92 i68 2 64

Figure No 2 Logical Diagram of Euston
quare(Headquarters)
ite

Here total number of IP¶s used 50 It was including ip address of the printer and CCTV
cameras We use ip address of the Wireless Router is used as a Gateway for whole network

Rest of the IPs we can use for further extension in near future

7
Next we see the ip address scheme for Newham
ite

Network ID i92 i68 2 65

tarting IP Address i92 i68 2 66

Ending IP Address i92 i68 2 i27

Broadcast ID i92 i68 2 i28

Figure No 3 Logical Network Diagram of Newham
ite

Here we used no of IP address is 60 It includes CCTV cameras We assign the IP addresses

range in DHCP settings in wireless router it distribute all those ip¶s to the pc¶s or other
communication device

Rest of the IPs we can use for further extension in near future

8
Now we see the ip scheme for Middlesex site

Network ID i92 i68 2 i29

tarting IP Address i92 i68 2 i30

Ending IP Address i92 i68 2 i9i

Broadcast ID i92 i68 2 i92

Figure No 4 Logical Network Diagram for Middlesex
ite

Here also we follow the same procedure as we follow in the above site

Rest of the IPs we can use for further extension in near future

c c c c c c c c c c c c c
  $!%c c

c c We uses the wireless Access Points and using wireless products so in wireless
access points there is some features only give for the security purpose We additionally
installed hardware firewall equipment or software firewall (checkpoint)

In Wireless access points have a encryption algorithm that is WEP (Wired

Equivalent Privacy) This is 48bit algorithm but it is not effective in avoid the attacks from
the hacker

Probably we using AD
(Active Directory
ervice) it has user¶s details in the
private network At that time we create some group policy for some kind of users

In practically we have some solutions for the problem, they are

i c Changing the default

ID (
ervice
et Identifier) into your own

2 c Utilize the VPN server it is used to filter outs incoming connections

3 c Utilize the static ip It is more difficult to implement in larger connection

4 c Place the access points before the firewall we should avoid unauthorized access

5 Better we install the software firewall to prevent the attacks It is also cheap in cost
We detect the attacks and monitor entire network
c6 ccc1'(cThe new security standard, 802 iii, which was sanctionedc

in June 2004, fixes all WEP weaknesses

7 The integration of applications like VoIP into the wireless domain [8] adds
complexity to the proposed security solutions It remains to be seen whether the proposed

olutions can cater to the different Qo
requirements of such applications
!%# c&c"c

The types of links that can be used between the three sites (Euston
quare, Middlesex,
and Newham) the main IP protocols present for each link For this use IP protocol we need to
buy static IP address from I
P After that we can configure VPN (Virtual Private Network) in
each router of the network of three sites

i0
 In our whole network must be present internet connection so we can ping or browse
all over the world wherever we stay and we can monitor from our internet capable mobile
phone as well Our engineers will configure UDP and TCP protocol in our entire network
For this issue we will use in our network TCP protocol

We use the POP3 protocol for mail servers This is configured by the administrator in
the server for that we use the exchange server The pop3 means Post Office Protocol It
describes how the post office get functioned same like that this protocol also functions This
protocol receives mail from the server and it stores all mails in locally We will see our
without online that is major advantage in pop3 protocol

#$2! c#c$  c

In my networks ,I can use wireles routers,so we can implement by networks using

connectionless Ipv4 protocol is used on packet-switched Link Layer networks (e g , Ethernet)
Here we using IPv4 because IPv6 is more costly compared to this If we want IPv6 means
later we will extend it with using both of them Most of the users use IPv4 and IPv6
simultaneously In router we were using the routing algorithms and route the public and
private IP Ipv4 uses 32 Bit addresses,cHowever, some are reserved for special purposes such
as private networks or multicast addresses It also reduces the number of addresses that can
be used to allocated for routing on the public Internet

2$! "c#$2! c !$+2#0c

In this coursework, the three sites are communicated each other The VPN connection
had brought from the Internet
ervice providers Actually we place a D
L modem in the
network diagram The server connected to internet through D
L modem of I
P The server
get configured and the everyone who enter into the coverage area The remote client or
physician or doctor of the hospital they want to share his data¶s with the server means its
difficult
o we bought a IP Address from the I
P provider The private IP addresses
communicate through the public IP address We use NAT (Network Address Translation) the
original IP address of the server or our network is not shown to the attacker The duplicate IP
address only shown to every user We implement NAT in either router or in server Both of
them give effective solution This one also under the security threads

ii
 If MCH management has willing to invest more money networking means They buy
VPN router then our engineers will setup VPN routers in the entire sites for securities reasons
through internet Every individually site we will use VPN by purchasing static external IP
from I
P company This IP is static and unique for using only for our sites to connect each
other Although its costly but for safely reason sometimes we are not think about cost We
will deployed each sites of inter connectivity to our whole network
uch as router at
Newham configured by VPN and Middlesex centre Follow this process we will connect
every site as per our diagram show which are above we will use VPN router and connect
each other as a safely and surely VPN router can also create FIREWALL which keep our
system safe free

The function of VPN is that to allow two computers or networks to tranfer data or
talk to each other over a transport media,this is not a secure manner Each point to indicate at
the end of the transport media (internet) is called a point of presence (POP) In our networks,I
can use the transport media is the internet In our networks, "Maiden choice Hospital¶¶, has
three branches Main branch in Euston square, Newham and Middlesex

The Management wants a networking setup so we can access any of the three network
locations at any time through the internet The management wants us data secure and some
of it is confidential Here ,the hospital are set up on networks i0 i x x, i0 2 x x, i0 3 x x, and
i0 4 x x Each of the three networks, when they need to send a data packet to one of the
other networks, will route its data packet to its respective router, A, B, or C For example if a
computer on the i0 i x x network in Newham needs to send a packet to a computer with
address i0 3 6 i on the network in Euston square at i0 3 x x, it will send its packet to its
router, A
ince the network number, i0 x x x, is reserved for private use, the packet can't be
sent going from computer A with i0 3 6 i as its intended address

This is because when the routers on the internet does not recognize this address as a
valid destination, so IP masquerading won't solve this problem since the computer on the
other end would have no way of knowing that a packet that it didn't send was a masqueraded
packet Tunneling is one of the technique used to solve this problem

i2
c
c
+0!  "c

Tunneling means that the complete IP packet to be sent from Euston square to Newham
must be encapsulated into another IP packet This new packet will have a legal internet IP
address Therefore, machine A will take the packet it needs to route (already it has destination
IP address) The tunneling and the security mechanisms are listed below The tunneling
protocols that can be used in VPN are listed below

wc L2F - Layer2 ,Forwarding at the link layer of the O
I model It has no encryption

wc PPTP - Point-to-Point Tunneling Protocol (RFC 2637) and L2TP - Layer2 Tunneling
Protocol (RFC 266i)works at the link layer No encryption or key management
included in specifications
wc IP
ec - Internet protocol security, developed by IETF, implemented at layer 3 it is a
collection of security measures that address data privacy, integrity, authentication, and
key management, in addition to tunneling Does not cover key management

" c

As per our course work,It is important to note that,We understand the various
types of classes and routers ,how to transfer data between the networks,what are the
techniques to needed to assign Ip addresses etc,I can use different techniques to find the
hackers and viruses and how to detect them

REFERENCE
:
In our course work,I can use the following links and reference books

i c Computer networking:A top down Approach Featuring the internet,Kurose,james F

and Ross,Addision Wesley [pp 420-600]
2 c Computer networks,Tanenbaum,Andrew
,Prentice Hall[pp 8i3-889]
3 c The Nielson Company (2009) Global Faces and Networked Places A Nielsen report
on
ocial Networking¶s New Global Footprint Availableat:http://www web-
strategist com/blog/2009/0i/ii/a-collection-of-soical-network-statsfor-2009/
[Accessed 3i august 2009]
4 c Kothari, C R , (2008), Research Methodology: Methods & Techniques, 2nd ed , New
Age, India-New Delhi, pp 83-ii4
i3
5 c Introduction to Data communications,Forouzan,Behrouz,McGraw Hill
6 c Data and computer communications,William stalings,Prentice Hall
7 c Internetworking with TCP/IP - Principles, Protocols and Architecture Douglas E
Comer I
BN 86-799i-i42-9
8 c Microsoft Windows
erver 2003 TCP/IP Protocols and
ervices Joseph G Davies
and Thomas F Lee I
BN 0-7356-i29i-9
9 c TCP/IP Protocol
uite (2nd ed ) Forouzan, Behrouz A (2003) McGraw-Hill
I
BN 0-07-246060-i
i0 cTCP/IP Network Administration ,Craig Hunt O'Reilly (i998) I
BN i-56592-322-7
ii cIP Fundamentals Maufer, Thomas A (i999), Prentice Hall I
BN 0-i3-975483-0
i2 cIan McLean Windows(R) 2000 TCP/IP Black Book I
BN i-576i0-687-X
i3 cNetwork Programming ,Ajit Mungale Pro NET i i I
BN i-59059-345-6
i4 cTCP/IP IllustratedThe Protocols ,W Richard
tevens I
BN 0-20i-63346-9
i5 c TCP/IP Illustrated, The Implementation W Richard
tevens and Gary R Wright
I
BN 0-20i-63354-X
i6 cTCP for Transactions, HTTP, NNTP, and the UNIX Domain Protocols W Richard

tevens TCP/IP Illustrated,I
BN 0-20i-63495-3
i7 cAndrew
Tanenbaum Computer Networks I
BN 0-i3-066i02-3
i8 c"The Design Philosophy of the DARPA Internet Protocols", Computer
Communications Review David D Clark, , pp i06±300

i4