MN610 Virtual Private Networks For High Level Design
Questions:
1. Develop architectural VPN designs for small, medium and large businesses and corporations
2. Report on the health of the existing VPN architecture, solution, data, application, and technology
3. Investigate and justify the appropriate design and solution for different organisations
4. Analyse and report on the current and future state of the management of VPN infrastructure and its technologies
5.. Define a roadmap process to transform the VPN architecture to support long-term organisational goals
6. Implement a process to support the administration and the management of VPN
Answer:
Introduction
Communication is very vital in any business. After the invention of public data telecommunication and internet, communication has become efficient and cost-effective. Nevertheless, it has become a challenge to communicate via the internet while keeping security a top priority. Most are the times when an organization top secret and sensitive information is stolen. This has brought out the implementation of VPN services. VPN has enabled lots of companies to maintain reliable, fast, and secure communication when communicating via the internet. Other advantages of VPN are improved internet security, extended geographic connectivity, cost savings and scalability [1]. This document is a proposal to improve the SME network.
Purpose
rong>
This document is solely to investigate, design and to develop a suitable VPN network for SME types of business. This will be done by proposing a suitable VPN service for the users. A solution design will also be provided.
Scope and limitations
This network proposal design a VPN service for two offices located in different locations; site to site, one in Sydney and another one in Melbourne. The proposal will also show how a client can connect to one office remotely using VPN technology; i.e. client to site VPN. Users at any location must have access to the internet and they should not be routed via the VPN. The two types of VPN for SME proposed in this document are Site to Site VPN and Remote Access type of VPN.
Assumptions
When designing this proposal cost will not be considered as it is assumed that any SME can cater to any device or technology required to accomplish the project goals
Requirements
The SME business should have appliances such as routers and VPN server. The organization should be connected to the internet. All the two offices i.e. in Melbourne and Sydney should be interconnected using the VPN technology. The VPN server ought to be a hardware and must have a tamper-proof box. Remote management is mandatory. The tunneling protocol ought to utilize IPSec with ICSA certification [2].
Solution design
Logical design
one above one end of the VPN tunnel is a single user while the other one is Melbourne site. Typically, a user will use a laptop which must have a VPN software so as to dial the local internet access number which must be provided by an Internet Service Provider. The user then connects via the internet back to the SME network.
Site to site VPN technology connects Melbourne site to Sydney site as shown in figure two which is over the internet. All the traffic that is passing between the toe sites is usually protected by authentication and encryption so as to ensure that each and every packet is protected from eavesdropping. Each and every site must have a local connection to the public network or the internet [3]
Physical design
Physical design of SME network. The figure is a physical layout of a basic representation of the main pillars which will enable an SME business to connect through any ISP provider of their choice. The design also delivers the ability to commission an IP network which conveys private network services over public infrastructure at a very competitive rate in comparison with other VPN dimensions like SSL [4].
Elements utilized in the final physical design
The best Router that SME business can utilize is a Linksys LRT224 Dual. The router is specifically designed to enable communications and connections in the two VPN servers. It also enables core packet routing within a VPN environment. The VPN server, on the other hand, enables the delivery and hosting of VPN services. The server is a combination of software and hardware technologies which clients with the private or secure network. The server has more physical and logical communication ports [5].
Network topologies
There are various network topologies that different organization utilizes to manage their VPN technology. For SME business, this document would recommend the use of managed network VPN technology. Managed VPN technology is a type pf topology which is used by service providers with an intention of managing customer-premises routers [6]. Specifically, this document would recommend the user of Peer-to-peer VPN model. One of the reasons as to why organizations need to use managed VPN topology is to take advantage of ISP manpower capabilities as most of SME business do not have that manpower to manage VPN technology. In addition, managed VPN topology have a high-speed network connectivity, manageable, and is reliable. Lastly, this type of topology has added advantaged such as IP telephony, e-commerce and video conferencing that an SME can utilize [7].
IP addressing
An IP addressing scheme identifies every user machine in the network. The following IP address can be used in an SME business.
|
Hostname |
Internal IP address/24 |
External IP address |
Default Gateway |
Maximum Number of hosts |
|
Melbourne |
192.168.1.1 |
10.10.10.201 |
10.10.10.200 |
254 |
|
Sydney |
192.168.2.1 |
10.10.10.202 |
10.10.10.200 |
254 |
Security features and policies
Security policies in a VPN network allow IP to pass between two or more interfaces. A policy-based VPN requires an IPSec type of security policy. In here the SME business has to specify the interface to the private network example, the interface to the VPN tunnel and to the remote peer. An IPsec security policy in an SME business will enable the reception and transmission of the encrypted packets. It also selects the VPN tunnel and specifies the permitted direction of VPN traffic. Lastly, it allows traffic to be initiated from the remote site [8].
Redundancy and failover plans
As highlighted before an SME business need to utilize managed VPN topology. To avoid link fail an SME business need to have more than one ISP. Example if one managed router fails from one ISP the SME business can switch over to the other ISP router. In addition to this, an organization needs to have more than two backup VPN server in case one fails the organization can then switch to another one.
VPN service implementation
VPN service implementation needs a phased approach where the SME business fist assesses it needs by auditing its existing network infrastructure and its security policies. A design is then made which ought to be based on requirements, testing is then done, training and the project management is done to ensure completion of the project.
References
|
[1] |
D. L. Clark, "IT manager's guide to virtual private networks," Virtual Private Networks, vol. 2, no. 1, pp. 334-378, 2009. |
|
[2] |
M. S. J. D. &. Y. M. Pegrum, "U.S. Patent No. 6,516,417.," Virtual Private Networks, vol. 3, no. 1, pp. 45-67, 2010. |
|
[3] |
I. Pepelnjak and J. Guichard, "MPLS and VPN architectures by Ivan Pepelnjak," Virtual Networks, vol. II, no. 3, pp. 47-59, 2015. |
|
[4] |
D. R. Kosiur, "Building and managing virtual private networks," Virtual Private Networks, vol. III, no. 2, pp. 67-90, 2011. |
|
[5] |
A. Elahi and M. Elahi, "Data, network, and Internet communications technology," Virtual Networks, vol. III, no. 2, pp. 45-78, 2996. |
|
[6] |
D. Bigger, CompTIA Network+ 2014 : VPN Topologies, Oxford: New Hampshire, 2014. |
|
[7] |
C. Scott, M. Erwin and P. Wolfe, "Virtual private networks," Communications and Networks, vol. II, no. 2, pp. 46-90, 2007. |
|
[8] |
A. G. Mason, "Cisco secure virtual private networks," Virtual Private Networks, vol. III, no. 2, p. 35, 2010. |
Buy MN610 Virtual Private Networks For High Level Design Answers Online
Talk to our expert to get the help with MN610 Virtual Private Networks For High Level Design Answers to complete your assessment on time and boost your grades now
The main aim/motive of the management assignment help services is to get connect with a greater number of students, and effectively help, and support them in getting completing their assignments the students also get find this a wonderful opportunity where they could effectively learn more about their topics, as the experts also have the best team members with them in which all the members effectively support each other to get complete their diploma assignments. They complete the assessments of the students in an appropriate manner and deliver them back to the students before the due date of the assignment so that the students could timely submit this, and can score higher marks. The experts of the assignment help services at urgenthomework.com are so much skilled, capable, talented, and experienced in their field of programming homework help writing assignments, so, for this, they can effectively write the best economics assignment help services.
