Part 2:
Mr. Khoza runs a small business in Midrand, Gauteng. His business has been steadily growing since
its inception in February 2019 in spite of the ill-effects of the COVID-19 lockdowns as well as the
ripple effects of the economic issues and financial markets such as rising fuel prices and inflation.
He, Mr. Khoza, has asked you to design a secure network for his small business. Additionally, he
would like you to design and build a cost-effective network for his business.
The current setup is such that every PC and laptop user uses a 3G dongle to connect to the Internet.
When users need to print, they either copy the work that needs to be printed to USB flash drives
or email their work to any one of the five users whose PCs are attached to a printer – all printers
connect via USB cables.
The new network, according to Mr. Khoza, should cater to at least thirty devices, fifteen desktops
(PCs), seven laptops including Mr. Khoza’s laptop, two servers and four BYOD devices. Additionally,
Mr. Khoza wants to allow visitors such as customers and suppliers to connect mobile devices to get
Internet connectivity. All users with PCs and laptops should still be able to print.
The premises where Mr. Khoza runs his business has six offices (rooms). All the rooms are located
on the same floor. Mr. Khoza has an office and does not share office space. There are two open�plan offices, the first open-plan office houses seven desktops and the remainder of the PCs are
housed in the second open-plan office. Two laptop users share an office while the other three
laptop users share a separate office. A small storeroom has been selected for use as a server room.
Read the scenario below and answer the question that follows. Note that the scenario below is an
extension of the scenario presented in Part 2. When answering the POE question ensure that you
keep in mind the scenario in Part 2.
Mr. Khoza is looking at opening two new offices within twelve months, one in Roodepoort and
the other in Pretoria North. The two branches will be launched at the same time. The
Roodepoort branch is expected to launch with ten computer users. The Pretoria North branch is
expected to kick off with 25 users.
With all the work completed in Part 2 and additions to this Part, you are required to write
a network proposal for Mr. Khoza’s network. The network solution for Mr. Khoza must
enable all offices to connect, work remotely, communicate and share information.
Ensure that you address the following in this part:
A. A description full network solution is provided.
B. The updated LAN and WAN diagrams.
C. The solution must clearly indicate the main considerations, including, scalability,
security, server redundancy, etc. are provided.
D. The solution must indicate how the connectivity of offices and routing will be
achieved.
E. A brief justification for the need for the devices in your solution as well as brief
justifications for all protocols involved in your solution.
F. The details of the QoS involved.
The proposal must be presented in a well-structured and well-formatted report. The
structure of your report must be professional and must include an introduction, the main
body, and a conclusion. The main body of your report must use headings and paragraphs
to structure the report.
Network Proposal for Mr. Khoza's Small Business
A. Description of Full Network Solution:
Based on the requirements and additions to Mr. Khoza's small business, the proposed network solution includes the following components:
1. Local Area Network (LAN): The LAN will consist of wired and wireless connections to accommodate all devices, including PCs, laptops, servers, and BYOD devices. The LAN will be segmented into different VLANs to enhance security and improve network performance.
2. Wide Area Network (WAN): The WAN will provide connectivity between the main office in Midrand and the two new branches in Roodepoort and Pretoria North. The WAN will utilize secure VPN tunnels to ensure secure data transmission between the branches and the main office.
3. Servers: Two servers will be deployed in the small storeroom/server room. These servers will provide essential services such as file sharing, email, and central database management. The servers will be configured with redundant power supplies and RAID storage for improved reliability and data redundancy.
4. Network Security: The network will be secured using a firewall solution to protect the network from external threats. Access control lists (ACLs) and VLAN segmentation will be implemented to restrict unauthorized access between different segments of the LAN.
5. Wireless Access Points (APs): Wireless APs will be installed strategically throughout the premises to provide reliable and secure wireless connectivity for both employees and visitors. The APs will be configured with enterprise-level security features such as WPA2-Enterprise and 802.1x authentication.
6. Network Switches: Managed switches with PoE capabilities will be deployed to connect and power the various devices in each office. These switches will support VLANs, QoS, and link aggregation to ensure high network performance and scalability.
B. Updated LAN and WAN Diagrams:
[Include updated LAN and WAN diagrams here]
C. Main Considerations:
1. Scalability: The network solution is designed to accommodate future expansion with the addition of two new branches. The network infrastructure allows for easy integration and connectivity of new offices.
2. Security: The network design incorporates multiple layers of security, including firewall protection, ACLs, VLAN segmentation, and encryption technologies. This ensures the confidentiality, integrity, and availability of sensitive business data.
3. Server Redundancy: The deployment of two servers with redundant power supplies and RAID storage provides server redundancy. In case one server fails, the other server will seamlessly take over to avoid any disruption to business operations and data loss.
4. Connectivity and Routing: The connectivity between offices will be achieved through secure VPN tunnels that utilize the existing internet connection. Each office will have a VPN concentrator to establish and manage the VPN connections. Routing between offices will be handled by routers that support dynamic routing protocols.
D. Connectivity of Offices and Routing:
Each office, including the main office in Midrand and the branches in Roodepoort and Pretoria North, will have a dedicated router to handle routing between the offices. These routers will establish secure VPN tunnels over the internet to connect the offices together.
E. Justification for Devices and Protocols:
1. Servers: Servers are essential for providing centralized services such as file sharing, email, and database management. They ensure data availability, improved collaboration, and efficient resource utilization.
2. VPN Tunnels: VPN tunnels provide secure and encrypted connections between offices over the internet. This ensures the privacy and integrity of data transmitted between offices.
3. Firewalls: Firewalls protect the network from external threats by monitoring and controlling network traffic. They provide an additional layer of security by filtering unwanted traffic and blocking malicious activities.
4. VLANs: VLAN segmentation ensures network security and improved network performance by separating different types of traffic onto separate virtual networks.
5. QoS: Quality of Service (QoS) ensures the prioritization of network traffic based on specific requirements. It helps to maintain network performance and ensures that critical services, such as voice and video conferencing, receive adequate bandwidth and low latency.
F. QoS Details:
QoS will be implemented to prioritize network traffic based on specific requirements. Different traffic types such as voice and video conferencing will be given higher priority to ensure smooth and uninterrupted communication. QoS policies will be configured on network switches and routers to manage bandwidth allocation and minimize latency.
In conclusion, the proposed network solution for Mr. Khoza's small business includes a resilient and secure infrastructure that allows for future expansion and supports remote work and communication. The solution incorporates various devices, protocols, and quality of service mechanisms to address Mr. Khoza's requirements and provide a cost-effective network solution.