Activity 3

Blueprint Network Design Plan for BlueScope's Melbourne and

Darwin Offices

Figure 1 Network Design Plan for BlueScope's Melbourne and Darwin Offices

The configuration of BlueScope's Darwin and Melbourne facilities is represented in the

network architecture diagram. The ground floor of the Melbourne office houses the customer
service area, the sales and marketing department (which has both wired and Wi-Fi
connectivity), the welcoming area, and the manufacturing and warehouse areas, which are
connected for operational stability. The second floor houses the HR and administration
divisions, both of which have cable Ethernet connections. The server room serves as the hub
for the network that connects the third-floor accounting and finance department with the IT
department. The welcoming, customer service, production, and warehouse areas on the
ground floor and the administrative, HR, accounting, and IT departments on the second floor
are exactly the same in the Darwin office, which is a reflection of this organization. A secure
connection between the branches is ensured by connecting the server rooms of both offices,
most likely using VPN or Inter VLAN routing. The network architecture prioritizes
traditional Ethernet connections for dependability in crucial operations, even while wireless
access points in customer service and sales divisions offer flexibility and mobility. This
infrastructure, which guarantees scalable, reliable, and potent connectivity among offices,
enables BlueScope's operations.

Feedback form
Feedback form responses
Feedback Summary for Network Architecture

Overall Contentment

According to the comments, the current network architecture for BlueScope's locations in
Darwin and Melbourne is well accepted. Sixty percent of respondents claim they are satisfied
at level five, while forty percent say they are at level four. This suggests that the network's
configuration largely meets the departments' needs. The absence of low scores of 1, 2, or 3
indicates that significant discontent is uncommon.
Experience with Wi-Fi

 20% are very user-friendly.

 40% are moderately user-friendly.
 20% are not user-friendly.
 20% are not applicable.

Reviews of Wi-Fi indicate a variable experience in a number of areas. Of those surveyed,

20% describe themselves as "Very User-Friendly," 40% as "Moderately User-Friendly," and
20% as "Not User-Friendly" or "Not Applicable" due to permission restrictions. This
discrepancy points to issues that require attention with Wi-Fi coverage and accessibility.

Issues Particular to a Department

 Sales & Marketing: Cloud resource access and presentations are impacted by
variations in Wi-Fi signal strength during periods of high usage. Recommendations
include enhancing Wi-Fi coverage and adjusting bandwidth allocation.

 IT Department: suggests installing a backup power source (such as a UPS) for server
reliability during outages and examining delays between the Darwin and Melbourne
offices during periods of high traffic.

 Factory Area: Examines network slowdowns caused by high demand. It is

recommended to assess the network's capacity to handle increasing traffic volumes
and establish a dedicated help line for prompt resolution of connection issues.

 HR Department: observes a little decrease in performance when numerous users

access the system at once. This could be resolved by increasing scalability to
accommodate an increasing number of users.

 Customer service reports that while Wi-Fi coverage is generally adequate, there are
occasional little lags during peak hours. Recommendations include prioritizing traffic
or increasing bandwidth allocation to ensure smooth operations.
Suggestions for Enhancement

Increase the number of access points and strategically position them to solve signal strength
problems for Wi-Fi coverage. To lessen performance problems during peak hours, increase
the bandwidth available to sites with high demand.

To make server rooms more resilient to power outages, install a backup power supply (UPS).
Assess the performance of the Melbourne to Darwin link on a regular basis to find and fix
latency problems.

Improve network architecture to increase capacity and scalability by managing heavier loads
and minimizing slowdowns during peak hours. Examine scalability alternatives to help
departments like HR handle increasing user counts.

Create a separate support line to handle network problems and have them resolved quickly.
This would improve overall operational performance by guaranteeing timely resolution of
connectivity issues and helping to minimize disruptions.

BlueScope's Network Maintenance Schedule

1. Network Performance Monitoring

Daily network performance data monitoring is the responsibility of the IT department. This is
to find and address problems like slow speeds or outages.

2. Firmware and software updates

The IT department is responsible for updating servers and network equipment with the
newest firmware and software, ensuring that security updates are installed and performance is
optimized. Once a month, this procedure takes place.

3. Backup Verification

This weekly event is the responsibility of the IT department. Its purpose is to ensure data
integrity by testing restore techniques and confirming that all data backups have been
successfully finished.
4. Examining Hardware

Physically inspect switches, routers, and other network hardware for signs of deterioration,
wear, or imminent failure. The IT department is in charge of this inspection, which is carried
out every three months.

5. Review of network setup:

 Accountable Party: IT Department; • Frequency: annually;

 In conclusion, review the current network configuration and adjust it to account for
changes in requirements or infrastructure.

The Security Team is in charge of carrying out security audits every six months. These audits'
goals are to find possible weaknesses and confirm that security procedures are being
followed.

7. Gathering User Input:

 Accountable Party: IT Department • Frequency: Bi-Annual • Description: Get user

feedback on network performance and issues they may be experiencing, then use that
information to make the necessary changes.

8. Documentation Updates

All network documentation must be updated by the IT department to reflect any

modifications to the hardware, procedures, or network design. Every year, this update is
made.
BlueScope has a comprehensive maintenance program in place across the entire organization
to guarantee the security, dependability, and peak performance of its network. The IT
Department regularly tests the network's performance to quickly fix problems like sluggish
speeds or outages, which greatly contributes to dependable and stable network operation.
Weekly backup tests can help ensure data integrity and prevent data loss by verifying
successful backups and evaluating restoration tactics.

Servers and network devices must have their firmware and software updated once a month to
maintain optimal performance. These upgrades are overseen by the IT Department to
guarantee that any security flaws are fixed and that system performance remains at its best.
By identifying wear and possible issues, hardware inspections of switches and routers once
every three months help to lower the likelihood of unscheduled outages.

The Security Team's twice-yearly security assessments serve to further highlight security. By
checking for vulnerabilities and making sure that all security regulations are being followed,
these audits improve the network's overall security posture. In order to preserve dependability
and efficiency, the IT Department also conducts yearly assessments of network
configurations to make sure the system adjusts to changes in business needs or infrastructure.

Furthermore, the yearly gathering of user input provides an insightful analysis of the
network's functionality as seen by its final users. The IT Department can therefore make the
necessary adjustments based on actual user experience. Lastly, in order to maintain the
company's technical records, the IT Department updates all network documentation once a
year to reflect any changes to network architecture, hardware, or operations. This extensive
maintenance program guarantees the stability, security, and effectiveness of BlueScope's
network infrastructure.
 BlueScope Melbourne branch network architecture using VLAN and
IP subnetting
Department VLAN Network Address Usable IP Range Subnet Mask

Factory VLAN 192.168.1.0/27 192.168.1.1 - 255.255.255.224

10 192.168.1.32

Administration VLAN 192.168.1.33/27 192.168.1.34 - 255.255.255.224

20 192.168.1.60

Warehouse VLAN 192.168.1.61/27 192.168.1.62 - 255.255.255.224

30 192.168.1.88

Sales & Marketing VLAN 192.168.1.89/27 192.168.1.90 - 255.255.255.224

40 192.168.1.111

Accounting & VLAN 192.168.1.112/27 192.168.1.113- 255.255.255.224

Finance 50 192.168.1.129

IT VLAN 192.168.1.130/29 192.168.1.131 - 255.255.255.248

60 192.168.1.138

HR VLAN 192.168.1.139/29 192.168.1.140 - 255.255.255.248

70 192.168.1.147

Reception VLAN 192.168.1.148/29 192.168.1.149 - 255.255.255.248

80 192.168.1.155

Director suits VLAN 192.168.1.160/29 192.168.1.161 - 255.255.255.248

90 192.168.1.167
Boardroom VLAN 192.168.1.168/29 192.168.1.169 - 255.255.255.248
100 192.168.1.175

Server room 192.168.10.0/24 255.255.255.0

Devices used to create the network

 Cisco 1941 Integrated Services Router

For business networks, the Cisco 1941 Integrated Services Router (ISR) provides mobility,
application services, and secured data. Two built-in 10/100/1000 Ethernet ports, two High-
speed WAN Interface Card (HWIC) slots, and an internal services module slot all improve its
usability. With Cisco's improved PoE and 802.3af standards, the router additionally offers
Power over Ethernet (PoE), guaranteeing dependable power transmission to linked devices.

One of the main functions of the router is its support for secure group communications.
Secure data flow is guaranteed by its built-in hardware-accelerated VPN encryption. The
router uses public key infrastructure (PKI) and AAA (Authentication, Authorization, and
Accounting) to provide robust user access control. Identity management is made possible by
this as well. To further thwart threats, the router also integrates cutting-edge security
capabilities including Cisco IOS Firewall, Zone-Based Firewall, and Cisco IOS Intrusion
Prevention System (IPS).
Based on Cisco's more than 25-year innovation record, the Cisco 1900 Series ISRs provide
with cutting-edge features including virtualization and rich media collaboration. These
routers are perfect for branch office deployments because they improve productivity and
network security while providing flexibility, scalability, and reduced operating costs.

 Server

In order to enable data interchange and storage, servers—which can be either physical or
virtual machines—are utilized for data processing and storage. These servers make it possible
to network software and hardware, including computers, so that data can be processed and
stored locally or retrieved from other systems. Transferring data to more powerful computers
was the primary function of servers in the past. However, their position has changed
throughout time, and they may now help with more complicated duties like hosting apps and
managing databases in addition to large-scale commercial systems. Virtual servers, which
provide scalable and adaptable solutions through the internet, have grown ubiquitous with the
rise of cloud computing, simplifying data and application access.

 PC
The PC, sometimes referred to as a desktop or single-user computer, is a low-cost,
multifunctional personal computer. Ed Roberts came up with the term when he introduced the
MITS Altair 8800. Microprocessor technology has made it possible for PC manufacturers to
fit the complete CPU onto a single chip. A keyboard, mouse, monitor, and system unit are
usually included. The majority of PCs can share peripherals like printers, hard disks,
scanners, and digital cameras because they are networked or online. Although Apple
Macintosh computers and other personal computers are often referred to as PCs, the term
"PC" is most frequently used to refer to IBM or IBM-compatible systems.

 Wireless Router

Wi-Fi is a brand name created by Interbrand for the inaugural member of the Wireless
Ethernet Compatibility Alliance in order to promote and ensure interoperability. Rather than
being an abbreviation or standard, it is the moniker for wireless communication. The IEEE
802.11 standard specifies the protocols for interacting with contemporary wireless devices,
including routers and access points.
  straight through cable

A straight through cable is a twisted pair connection used in local area networks to connect a
PC to a network hub, like a router. Also known as a patch cable, it serves as a substitute for
wireless connectivity. The wired pins on a straight-through cable match, and both ends use
the T568A or T568B wiring standard. The figure shows the T568B standard wiring for a
straight through cable.

 Crossover Cable
An Ethernet cable used directly between two pieces of computer equipment is called a
crossover cable. Unlike typical Ethernet connections, its internal wiring is inverted and
adheres to two distinct wiring standards: T568A on one end and T568B on the other. This
design enables the cable to directly connect two PCs or two network switches of the same
type without the need for a network hub or switch. Crossover cables, which facilitate data
transfer between machines by reversing the transmit and receive signals, are perfect for peer-
to-peer connections in networking.

Software used to create network

 Cisco packet tracer

Cisco Packet Tracer is a computer tool designed to help students understand the basics of
networking and become proficient in Cisco-specific technology. Although it integrates Cisco
products and other networking hardware, physical switches and routers are not replaced. In
the CCNA and CCENT courses, it is commonly used to demonstrate technical concepts and
networking systems. Students can do assignments alone or in groups. Engineers use Cisco
Packet Tracer to test protocols before releasing them and ensure that changes are deployed in
production networks as intended.

 Visio
Visio allows users to create diagrams using built-in shapes, objects, and stencils. Users can
import and create their own forms as well. Visio wants to make diagramming as user-friendly
as possible, and it seems to be moving in that direction.

This aids me in creating the network's blueprint.

A simulator is the Cisco Packet Tracer. The following distinguishes a simulator from an
emulator: A simulator creates an environment that mimics the parameters, variables, and
behaviors present in a software development environment. Every piece of hardware and
software used in the manufacturing environment of a genuine device is replicated in an
emulator.
Activity 4
Implemented network according to the network design

Change router name

Routing
Switch ports upping
IP adds to the router interfaces
Switch ports trunks
VTP domain and server switch mode

VTP client mode

Make VLAN’S
Ports assign to VLAN’S
Show VTP and VLAN status
DHCP Server configs
DNS service configuration
WIFI router configuration
Pcs’ testing

Test case
1. Test-01: Ping Test between PC1 and PC2

Expected Result

A fundamental network connection between PC1 and PC2 is ensured by a steady and low-
latency ping. This indicates that when the devices connect across the network, there might not
be any noticeable packet loss or delay. Additionally, it implies that all of the network's
hardware, including cables, switches, and routers, is operating correctly for this particular
connection. However, more testing—that is, testing of higher-level services or applications—
may be necessary to guarantee complete functionality.

1. Test-02: Traceroute from PC1 to Server1

Expected Result

If all hops show the right IP addresses when using a traceroute or another tool, the routing is
said to be properly configured. Data packets are therefore effectively moving throughout the
network, passing via each intermediary router in the order that is desired. Along the journey
from the source to the destination, each hop stands for a router or gateway; the existence of
exact IP addresses indicates that the network routes are set up properly, enabling error-free
packet forwarding over the network.

1. Test-03: VLAN Assignment Verification on Switch0

Expected Result
Make sure that no devices on different VLANs communicate with one another to confirm
VLAN isolation. This prevents any unintentional device contact between assigned VLANs by
ensuring that VLANs are appropriately divided and separated from one another.

1. Test-04: Check Default Gateway Configuration on PC1

Expected Result

In the event that PC1 is unable to connect to external networks, check the gateway IP's
configuration. This involves ensuring that PC1's gateway IP address is set up correctly and
that there is an appropriate connection between PC1 and the gateway, as any issues here
could prevent access to the outside network.

1. Test 05: Bandwidth Test between Switch and Router

Expected Result

Ascertain the bandwidth's actual value and confirm that it meets network traffic requirements.
This entails verifying via the network's throughput that it can manage the expected amount of
data and satisfies performance standards.
The testing findings unequivocally show how effectively the network configuration satisfies
both the design goals and user needs. Every outcome met expectations, proving that there are
no major problems with the network's operation. The network is frequently well-optimized to
satisfy present requirements, despite the possibility of performance improvement
opportunities. The favorable test results show that the system is operating as expected, with
reliable and adequate performance all around.

Provide suggestions for potential enhancements to systems that are connected to a network.

Several key developments could greatly improve BlueScope's networked systems, making
them more reliable, secure, and performance-oriented. These recommendations are meant to
improve security, increase operational efficiency, and make sure the network is ready to
support future technical demands and business expansion.

1. Implement Network Segmentation

Using Virtual Local Area Networks (VLANs) to split the network into smaller, more
manageable sections would be one of the most efficient changes. VLANs assist lower the
amount of broadcast traffic and improve overall network performance by separating many
departments or services, such as production, HR, and finance. By separating sensitive or vital
systems from the rest of the network, this segmentation also increases security. For instance,
systems that manage private payroll or HR data can be separated from the larger network
environment, lowering the possibility of data breaches or unauthorized access. By making it
more difficult for attackers to access network segments that are separated off, VLANs help
reduce the breadth of attacks.

2. Enhance Bandwidth Allocation and Traffic Management

Implementing Quality of Service (QoS) restrictions may be quite helpful in addressing

sporadic network slowdowns, particularly during peak hours. Examples of crucial
applications that can be given priority using QoS to guarantee they have adequate bandwidth
even during times of high traffic include VoIP, video conferencing, and ERP systems. This
lowers latency and enhances the user experience in general. A major improvement that will
boost the network's ability to manage growing traffic as the company expands would be
upgrading the network backbone from gigabit Ethernet to 10 gigabit Ethernet. Congestion
would be reduced, and the infrastructure would be protected from growing data demands in
the future.

3. Increase Wireless Network Capacity and Coverage

Upgrades must be made to the wireless network's infrastructure for sectors like sales and
customer service where flexibility and mobility are critical. Installing more wireless access
points (APs) and upgrading to Wi-Fi 6 technology would expand coverage, provide more
reliable connections, and increase capacity for contemporary applications. The expansion of
IoT devices and apps, which will need strong wireless networks to operate, makes this update
crucial as well. Improved coverage will improve user experience by increasing production
and reducing dropped connections.

4. Increase Operational Redundancy and Continuity

Redundancy must be included into the system to reduce the risk of network disruptions.
Redundant switches, routers, and firewalls with automatic failover procedures may offer
continuous service by offering fallback routes in the case of a hardware failure. Businesses
can further protect themselves from outages by integrating several internet service providers
(ISPs) into their network design. This is because traffic can be redirected via another ISP in
the event that one goes down. In addition to enhancing performance and lowering the chance
of an outage, ISP load balancing may aid in the effective distribution of traffic.

5. Implement Sophisticated Security Measures

To withstand new cybersecurity threats, the network's security posture must be improved.
Systems that can offer more advanced threat detection and prevention include intrusion
detection and prevention systems (IDPS), network access control (NAC), and next-generation
firewalls (NGFWs). Furthermore, these systems may automatically react to security
incidents, reducing risks immediately. Frequent security audits and penetration tests can
assist find vulnerabilities and make sure all security rules are current and functional.

6. Automate Ongoing Maintenance and Examination

Routine network administration activities like firmware upgrades, backup verifications, and
performance monitoring might be made much simpler with automation solutions. Predictive
analytics can be used to detect faults before they happen, and automation facilitates the
generation of real-time alerts when problems emerge. The IT staff's workload will be
reduced, and issues will be resolved more quickly and with less downtime. By enabling
remote configuration and monitoring, a centralized network management system would
improve the team's capacity to promptly and effectively detect and address network
problems.

7. Prepare for Future Technological Advancements

Prepare for developing technologies like 5G, IoT, and artificial intelligence (AI) integration if
you want the network to continue to be flexible for demands in the future. By making
investments in infrastructure that works with these technologies, the organization can stay
ahead of the curve and make sure the network can accommodate new ideas as they gain
traction. Creating a comprehensive implementation plan for these developments will help
BlueScope stay competitive and future-proof the network.

8. To offer scalability and flexibility, use cloud-based solutions.

More scalability and flexibility may be possible with cloud-based networking solutions
developed with Software-Defined Networking (SDN) and Network Functions Virtualization
(NFV). These technologies lower the costs of maintaining physical infrastructure while
enabling centralized control and dynamic resource distribution. By offering more dependable
backups and quicker service restoration in the case of a local disruption, cloud solutions can
improve disaster recovery capabilities.
BlueScope may greatly improve the security, reliability, and performance of its network
infrastructure by putting these recommended improvements into practice. These
improvements will give the network a solid basis for long-term performance and enable it to
adapt to shifting operational requirements, technological breakthroughs, and business
expansion.

Evaluating Network Deployment: Enhancing Design Choices and Implementation

Methods

Making sure that design decisions meet an organization's operational needs is mostly the
responsibility of network deployment evaluation. To maximize scalability, security, and
performance, it necessitates a thorough analysis of the installed infrastructure to pinpoint
areas for success as well as possible enhancements. It is crucial to approach the design
assessment and subsequent implementation methods rigorously in the context of
contemporary enterprises, where network connectivity serves as the foundation for
operations.

Evaluation of Design Choices

The design's ability to satisfy the particular requirements of the company determines how
successful it will be. In this instance, hybrid topologies like Multiprotocol Label Switching
(MPLS) and virtual private networks (VPN) were used to create a balance between scalability
and reliability. The hybrid topology offers strong departmental and branch-to-departmental
connection by combining mesh and star forms. While the mesh topology provides
redundancy and high availability between the Darwin and Melbourne offices, the star
topology guarantees scalability and ease of administration inside the department networks.
Following considerable deliberation, the chosen design has shown to be effective in offering
a dependable and expandable network infrastructure. For future scalability, one might take
into account possible developments like Software-Defined Networking (SDN). By providing
more flexibility in traffic management and dynamic rerouting in the event of network
disruptions or high demand, SDN could lessen the need for human intervention and enhance
real-time decision-making.

Security Enhancements

Security Enhancements From a security standpoint, the decision-making process might have
more clearly given priority to advanced security measures. More advanced defenses like
Network Access Control (NAC), Intrusion Detection and Prevention Systems (IDPS), and
Next-Generation Firewalls (NGFWs) are absent from the present network design, which is
packed with simple firewalls and access restrictions. Because they offer deep packet
inspection, real-time threat identification, and automated solutions to new problems, these
technologies are crucial in today's cybersecurity environment. The network's capacity to
recognize and stop any assaults will be greatly improved by integrating such technology.

Assessment of Implementation Techniques

Key application traffic was given priority using MPLS and VPN technologies, which
provided sufficient protection for inter-branch communication. MPLS was able to sustain
strong network performance across branches by reducing latency and boosting data
throughput. Nevertheless, more research indicates that combining MPLS with QoS systems
could improve traffic control. By giving managers the flexibility to prioritize different types
of data, QoS would allow for improved bandwidth optimization and guarantee that latency-
sensitive applications, including VoIP and ERP systems, take precedence over non-essential
traffic.

Adoption of VPNs guaranteed safe departmental communication, guarded against

unauthorized access, and preserved sensitive corporate information. However, with the
emergence of sophisticated cyberthreats, the current security plan needs to be updated. Next-
generation firewalls (NGFW) and intrusion detection and prevention systems (IDS/IPS) can
be used to improve network security through sophisticated threat detection and real-time
response mechanisms.

Ideas for Additional Enhancements

A thorough analysis of the network's design and operation identifies several areas that require
improvement. First, integrating cloud-based services can improve flexibility, enabling on-
demand expansion and enhancing data access for employees or faraway offices. Second, by
further separating vital departments like accounting and IT from possible attacks, network
segmentation would lower the network's total risk. Using analytics and monitoring
technologies such as Network Performance Monitoring and Diagnostics (NPMD) software,
which may provide a thorough understanding of traffic patterns and bottlenecks, can help
direct proactive network repair.

In the end, BlueScope's operational requirements are satisfied by the effective deployment of
the present network, which offers a stable, secure, and scalable infrastructure. However,
maintaining the network's effectiveness over the long run requires constant assessment and
implementation of new technology. The network may adjust to future business requirements
and industry advancements by considering improvements like SDN, QoS, NGFW, and cloud
integration, guaranteeing ongoing operational success.

Overall Evaluation

The strategic management of both present and future networking requirements is the driving
force behind BlueScope's network design and implementation plan for the growth of its
Darwin branch. The technique makes use of VLANs, sophisticated routing protocols, and
high-speed networking gear to guarantee scalability, security, redundancy, and performance
optimization. Network security and redundancy should be prioritized to protect critical data
and guarantee business continuity. Along with rigorous management and IT staff training, the
curriculum highlights the importance of striking a balance between creativity and
pragmatism. The cost implications of new technology should be taken into account to make
sure the investment meets BlueScope's financial objectives. User input, especially from the
Darwin branch, is the main source of improvements to the network design. Iterative network
optimization guarantees that the system is adaptable enough to satisfy changing user demands
and specifications. The network design and execution plan clearly meet BlueScope's present
needs and provide a solid basis for future technological growth and integration. BlueScope
assists in making sure that the network infrastructure remains a crucial component in
determining operational performance and competitiveness through network monitoring,
evaluation, and enhancement.