Hardware In Use On The Jv Network example essay topic

3,633 words
Executive Summary Jacks Valley Training Complex (JVTC) is a unique facility that covers 2,000 acres of United States Air Force Academy land, located in Colorado Springs, Colorado. JVTC has several training courses that include an Obstacle Course, Leadership Reaction Course, Confidence Course, Assault Course, and Self Aide and Buddy Care area. These courses are used year round by over 76 military and civilian organizations for munitions training, expanding leadership skills, promoting teamwork opportunities and building confidence. Jacks Valley Training Complex is also home of the Global Engagement summer program. The cadets stationed at the Air Force Academy learn Air Force Expeditionary Force (AFE) training concepts through this program.

The AEF training includes a mini airstrip for the cadets to practice parachuting. Over 1,200 customers a year utilize this training facility and annually this number is growing. This massive influx of new customers is causing concerns with the scheduling process. We at LITS Consulting recognize your concerns and have researched and developed a scheduler that will reduce man-hours, centrally locate the scheduling process, and proved training for the scheduler and manuals for the customer.

This new scheduling process will be available through the JVTC web site and will allow for a paperless automated scheduling process. The features will include: on line registration, double booking prevention through date authentication, and flexibility to schedule multiple events at one time. Number of Concurrent Users At this time, 20,000 individuals a year utilize Jack Valley Courses. We have 50 users who are in charge of scheduling the Valley for these organizational needs. The customers set up reservations for an organization of twenty to a hundred people. These fifty customers are the point of contact for the Jack's Valley Scheduler.

They are the people who answer what dates, times, equipment, and courses their organization needs. Jack's Valley's new network will support these points of contact by adding XP software and wireless cards to their Dell laptops. This will allow the customer to connect Jacks Valley from a laptop at their desk with ease and efficiency. Medium and Distance Upon final assessment of our client's current network configuration and future needs, S 4 has determined that a wireless network configuration for the Jacks Valley (JV) area is both necessary and advantageous. The need for a wireless configuration at JV is due in large part to the mobile nature of their business. Because JV is an outdoor training facility with only a few permanent buildings, users of the network need a solution that will allow them to do work in and / or around their central office site.

Users rarely remain stationary at one point for long durations of time and thus, use laptops as their primary pc. Disconnecting and reconnecting hard-wired LAN connections from a laptop is rather cumbersome and results in less work efficiency, so hardwiring the facilities is not a valid option. Wireless pc cards in the laptops and access points at three main buildings and one central facility will provide an RF medium that will work well with the client's current hardware and provide the mobility needed now and in the future. The layout of the Jacks Valley facility is such that "line of site" wireless technologies will not work. JV's topography is very similar to what an outdoor paint ball facility looks like. There are a handful of buildings's epa rated by great distances with large pine trees, boulders, and other objects blocking the line of site between buildings.

Because of the distances and adverse visual conditions, we will be forced to hardware the three facilities to one central facility via CAT 5 cable. Due to the fact that the cable will need to be laid underground, and this can be a costly endeavor, we will not be hardwiring the three other facilities together. Redundancy will be provided in the form of replacement access points located at each site. If by chance there is an issue with the wire (i.e. a wire cut takes place) users can simply move to another facility and reestablish connectivity there. Device Connectivity The JV network will be comprised of three types of hardware and two types of medium. SMC Networks, an industry leader in networking hardware for the last thirty years, will provide the hardware in use on the JV network.

The mediums the network will be comprised of are wireless RF, running on the new 80211 a standard, and shielded CAT 5 cable. The network device connectivity will divided into two categories based on the medium in use. First, Hard wire CAT 5 will provide connectivity between the central network router and the four access points, three of which will reside at separate facilities. Second, wireless RF will provide the connectivity between the pc cards, within the laptops, and at the access points located at the four sites. The network router will be an SMC barricade eight-port router that can support up to two hundred and fifty three users and has DHCP, VPN, encryption, and remote administration capabilities built into the hardware. The four wireless access points will connect to this router and will be able to support up to sixty-four simultaneous connections each.

Each user will be connected to the facility's access point via a removable pc card bus card using the new 0211 a standard. Speed The wireless network at JV will provided more than ample speed for all users. In the past, a major issue with wireless technology has been the reduction in speed it caused on a network. At best, most wireless technologies capped out at the 12 Mbps range.

However, with the new 80211 a standard wireless, devices can support up to 72 Mbps, almost seven times as faster than the old 80211 b standard. This increase in speed makes wireless RF a much more plausible networking solution. In addition, because the new standard operates on the 5 GHz level, and most other wireless technologies like cordless phones operate on the 2.4 GHz level, interference is no longer an issue. All other hardware devices and mediums in use on the network can operate up to the 100 Mbps level; so again, speed will not be an issue.

Connectivity with Other Networks The Backbone for the JV network will be provided by an already existent and functioning fiber connection between USAFANet and the central JV connection facility, where JV network router will be located. Expandability The technology of tomorrow is wireless networking and by implementing it at Jack's Valley we are ahead of the times. Whenever cutting edge technology is used it puts that network ahead of the curve for expandability. At this time we support 50 laptops through out the valley.

The new construction planned for the valley will include more buildings and users in a few years. This network will easily be able to support the influx of customers and the only added expense will be upgrading the users laptops with wireless cards and XP software. Vendor Support To implement the wireless LAN at Jacks valley some careful consideration of hardware and software has been done. One of the main companies that S 4 will be using is SMC. After researching a few different options SMC stood out above the others in cost, vendor support and reliability.

The main hardware purchases will be a eight port broadband router that supports VPN / IPSec and wireless pc cards for the laptop. These products will be purchased through COMPUSA and comes with a one-year money back warranty. SMC also has a customer support contract that can be purchased for a minimal fee. This covers third level support for the wireless network regarding their products. The first line of defense will be the network administrator at the USAFA but this support contract will be for any questions they are unable to answer. (SMC 2755) regarding the SMC products.

The main software component that will have to purchase is the O / S XP by Microsoft. This software will be installed on all of the Dell laptops used by Jacks Valley Customers. This O / S allows VPN / IPSec to function and incorporates the wireless pc technology. Microsoft also offers different vender support options. They offer a online website that helps troubleshoot questions and problems with their software. This can be accessed as soon as you register your purchased products.

They also have helpdesk call in support for a yearly fee. We opted to not go with this support due to the USAFA having two MCSE certified network engineers for troubleshooting. If they cannot answer the question they can still call the Microsoft number and pay a charge by the phone call. Financial Windows XP is sold in license packages. Microsoft has two packages available that would accommodate us, a 30 pack and a 3 pack. For Jack's valley we would need 1 x 30 pack + 7 x 3 packs to allow for 51 users.

The price of an OEM license utilizing this formula would be $7,824 plus the price of the software which would be approximately $5000. The representative that I spoke with did not break this down any further for me and he did say that this is not an exact quote, although I thought it was good enough for our purposes. There is also an academic break on licenses which I think Jack's Valley would qualify for. All cost would be about 25% of the normal cost. There is also a software assurance program that is available. The way licenses used to work is that once you bought the license you would receive the upgrades for free.

Effective 7/31/02 that will change. If you want the upgrades you will have to purchase the Software Assurance Package. This package will send you all of the upgrades for 2 years at no charge. The Software Assurance Package cost about half of the price of the licenses and will have to be renewed biannually. I also checked on a Microsoft Windows Server.

The server would cost about $700 however I did not get any of the technical info on it. The cost of a VPN SmartTrust package would be $2099.99 for 50 users. There would be no additional charges for this package and updates would be sent regularly. Type / Number of Workstations / Printers The type of workstations members will use are standard Dell Inspiron 8100. The units are intended to serve as stand-alone units while the cadets are not in the JVTC. The units are ordered before the cadets arrive to USAFA and are given to them shortly after basic training.

The systems are comparably equipped to standard desktop units in storage, video capacity, and network connectivity. The type of printers we would need would be standard network printers that could handle a workgroup load. The Hewlett-Packard 8000 series is the USAFANet standard and would work fine in the JVTC. These units cost about $2,000 each and are basically plug and play.

Our requirements are for three printers. Manageability A network consultant will monitor all network activity using a variety of tools, applications, and devices. When one or more user-determined thresholds are exceeded alerts will be generated. Upon receiving these alerts, the network consultant will react by executing one, several, or a group of actions, including operator notification, event logging, system shutdown, and automatic attempts at system repair. ISO Network Management Model The ISO has contributed a great deal to network standardization. Its network management model is the primary means for understanding the major functions of network management systems.

This model consists of five conceptual areas, as discussed in the next sections. Performance Management The goal of performance management is to measure and make available various aspects of network performance so that inter-network performance can be maintained at an acceptable level. Configuration Management The goal of configuration management is to monitor network and system configuration information so that the effects on network operation of various versions of hardware and software elements can be tracked and managed. Accounting Management The goal of accounting management is to measure network utilization parameters so that individual or group uses on the network can be regulated appropriately. Such regulation minimizes network problems (because network resources can be apportioned based on resource capacities) and maximizes the fairness of network access across all users. Fault Management The goal of fault management is to detect, log, notify users of, and (to the extent possible) automatically fix network problems to keep the network running effectively.

Security Management The goal of security management is to control access to network resources according to local guidelines so that the network cannot be sabotaged (intentionally or unintentionally) and sensitive information cannot be accessed by those without appropriate authorization. Applications Operating System Microsoft Windows XP Professional (Windows XP) is designed for business of all sizes. It is an Operating System (OS) that unifies the Microsoft range with all the desktop versions now built on the NT/2000 code base. There is no special synergy between windows XP and Microsoft Office XP, which works fine with Windows 2000.

One of the most interesting improvements to XP, especially to LITS, is the remote desktop, a standard XP feature that utilizes technology from Microsoft Terminal Server to enable users to access their computer over any connection, for example locations other than Jack's Valley. This access allows you to run applications remotely, although this feature can be disabled if there are any security concerns. Windows XP can also easily use modems in mobile phones vial infrared. There is also built in support for wireless networking using the 802.11 standard.

Windows XP has the ability to synchronize network files with off line copies and can now be encrypted. For web browsing XP has Internet Explorer 6.0 and a built in firewall. The firewall is simple and will need another application for increased security. Windows XP has strong multi-media features with RW CD, DVD Video, MP 3 Audio files and MED videos. Windows XP supports dual encrypt able file systems, offline folders and remote desktops. It is designed for reliability, security, high performance and ease of use, all of which are beneficial to the environment of Jack's Valley.

The cost of Windows XP is $299.99 for a single user. VPN Client for SmartTrust VPN (Virtual Private Network) Client for SmartTrust (VPN) is a choice product to provide a secure method of exchanging confidential data and network resources. Internet-based remote access presents challenges in protecting the confidentiality and integrity of essential business information as it travels over the public Internet. A VPN is an umbrella term that refers to all the technologies enabling secure communications over the Internet. VPN uses tunnels between two gateways to protect private data as it travels. VPN SmartTrust utilizes IPSec (Internet Protocol Security) protocol suite to provide security services at the network level.

An IPSec tunnel through the Internet protects all data traffic passing through, regardless of the application. IPSec technology is based on modem cryptographic technologies, making possible very strong data authentication and privacy guarantees. As a standard, IPSec is supported by a number of VPN vendors to allow interoperability. VPN SmartTrust is not a complete solution with out Internet Access Security for local networks. An effective VPN solution is built on a security platform that includes a firewall and support for other security services such as network anti-virus.

SmartTrust VPN is compatible with other VPN gateways based on IPSec standard, such as Checkpoint Firewall-1, Cisco Pix, and Nortel Con tivity. Wireless Security There are several security issues to be considered when implementing a wireless network. Sensitive data must remain safe. Users must have confidence in the system. Threat Wireless networks have become one of the most interesting targets for hackers today. Hackers who drive around with an appropriately configured wireless network client to locate and access, or LAN-jack, wireless networks are referred to as war drivers.

War drivers use programs such as Net Stumbler to obtain a wealth of detail from LAN-jacked transmissions. Cracker tools like Air Snort and WEP Crack can begin decoding traffic in mere minutes. The threat is real and significant, particularly around military and government installations. Although it will also take a wireless bridge from the same manufacturer as the one used in the transmission, this is a threat that must be considered. The devices used by end users can be a risk to network security. Hardware and software vulnerabilities include poor concealment of passwords and easy lockout bypass.

They can be easily lost or stolen. Viruses and cross-system attacks and exploits are common among wireless LANs where users are allowed to load personal software. As always, uneducated or unconcerned users also pose a huge threat to any type of network security. The 802.11 b standard used for wireless LANs includes a provision for encryption called WEP (Wired Equivalent Privacy). The security world recently announced a security breach in WEP which allowed the encryption protocol associated with 802.11 b. with its current implementation of static keys to be broken. It is common practice to implement a wireless solution and not use any encryption at all.

This is asking for someone to have a great deal of fun at your networks expense. Wireless LANs usually share unlicensed frequencies with other devices, including consumer-based Bluetooth devices, cordless phones, and baby monitors - which can, and do, interfere with each other. It is also easy to interfere with wireless communications. A simple jamming transmitter can make communications impossible. For example, consistently hammering an AP with access requests, whether successful or not, will eventually exhaust its available radio frequency spectrum and knock it off the network. Other wireless services in the same frequency range can reduce the range and usable bandwidth of WLAN technology.

"Bluetooth" technology, used to communicate between handsets and other information appliances, is one of many technologies today that use the same radio frequency as WLAN devices. These intentional, or unintentional, denial-of-service (DoS) attacks can render WLAN devices unusable. In the hands of a determined hacker, a rogue AP can be a valuable asset in the attempted compromise of network resources. The principal threat is installing an AP into a network after gaining unauthorized access to a building. The user typically gains access to the building by "tailgating" behind a user with a valid access badge or by obtaining a guest badge for some other reason. Because APs are relatively small and can be purchased at many electronics outlets worldwide, it is easy for the hacker not only to obtain the AP but also to install it discreetly.

Attaching the AP to the underside of a conference-room table and plugging into the live network allows the hacker to break into a network from the relative security of his car in the parking lot. Meeting the threats Strong authentication technology and procedures must be enforced. Procedures must include provisions for short-term temporary users as well as permanent party users. Guests should only have access when they are visiting. A SmartTrust Virtual Private Network solution is probably the best way to thwart intrusions on wireless transmissions. SmartTrust uses embedded PKI to allow digital signing, authentication, and non-repudiation services.

Some benefits of SmartTrust are increased security through smart cards and / or mobile handsets, cost savings and cheaper communication costs, simplified network management and secure user log-on, and flexible and scalable implementations. Issuing PKI certificates in a wireless environment is basically the same as in a wired network. SmartTrust Certificate Manager uses the Subscriber Identity Module (SIM) card to provide security. The SIM stores the keys needed to initiate digital signatures and allows the laptop to become a Personal Trusted Device capable of handling secure transactions. Since wireless PCs are almost always on, recommend employing personal firewalls on each unit to thwart local data from as many known attacks as possible. We must ensure there is no way for the wireless devices to connect to the wired network inside the firewall as a "rogue" device.

If this is possible, you loose control of your security architecture. Install software to analyze user activities and system activity logs. Doing so enables the organization to detect suspicious activity before a full-blown break-in occurs. Provide sufficient training to end-users. Especially be sure that users are aware of the dangers of not logging off their computers.

Such dangers include the ability of a third-party to sit at an "open" computer and assume the user's identity. The unauthorized person has all the rights and privileges of the logged in user. Any suspicious activity will be traced back to the user's login, not to the unauthorized person. A radio frequency spectrum analysis should be performed to ensure the radio frequencies being used by currently existing systems do not interfere with the proposed WLAN.

Bibliography

Stamper, D.A. (1999) Business data communications (5th ed.
New York: Addition-Wesley. (2002) web retrieved on February 3, 2002 from the World Wide Web.