WOW !! MUCH LOVE ! SO WORLD PEACE !
Fond bitcoin pour l'amélioration du site: 1memzGeKS7CB3ECNkzSn2qHwxU6NZoJ8o
  Dogecoin (tips/pourboires): DCLoo9Dd4qECqpMLurdgGnaoqbftj16Nvp


Home | Publier un mémoire | Une page au hasard

 > 

Design , implementation and management of secured lan

( Télécharger le fichier original )
par Eliud Ir. Eliud Aganze
Jomokenyatta university of agriculture and technology - B.sc information technology 2014
  

Disponible en mode multipage

Bitcoin is a swarm of cyber hornets serving the goddess of wisdom, feeding on the fire of truth, exponentially growing ever smarter, faster, and stronger behind a wall of encrypted energy

DESIGN, IMPLEMENTATION AND MANAGEMENT OF JKUAT KAREN SECURED LAN

AGANZE MURHABAZI ELIUD

JKC-BO1-0197/13M2

A Computer Systems Project Report Submitted in Partial Fulfillment of the Requirements for the Degree of Bachelor of Science in Information Technology

INFORMATION TECHNOLOGY DEPARTMENT

JOMO KENYATTA UNIVERSITY OF AGRICULTURE AND TECHNOLOGY

(c)SEMPTEMBER 2014

1.1. Declaration by the Candidate

This project, which is my original work, has not been presented for an academic award in any other University. No part of this project may be reproduced without prior written permission of the author and/or JKUAT.

_____________________________ _________________ ___________

Name of Candidate Signature Date

I.T and Computing Department

Jomo Kenyatta University of Agriculture and Technology (JKUAT)

Declaration by the Supervisor

This thesis has been submitted for examination with my approval as University Supervisor.

_____________________________ _________________ ___________

Name of Chief Supervisor Signature Date

Copyright

In presenting this project, I agree that Jomo Kenyatta University of Agriculture and Technology (JKUAT), Information and Technology (IT) Department, can photocopy it, and make the copies freely available only for scholarly purposes.

1. Abstract

This is a network based system on LAN security whose main aim is to upgrade the existing network, handle traffic, provide reliable, fast connection and available anytime and ensure security of users and the system.

Through this system, network will provide more services and good connection to reduce the current problem of non-reliability, non-availability and other problem.

The network devices are accessible remotely in a secure place away from the actual physical universitycampus where they are prone to various types of damages. From this remote location, network administrator is able to make configuration and they have been authenticated by the system and they have the required authorization.

Dedication

I hereby dedicate this report to my parent Mrs. Jean P. Muluka, my mother Josephine Munyeruka, all my brothers John HabaMungu, Issa Murhabazi, Destin Murhabazi,Vctor Bwanangela,Big Fidel,Patrick Blaise M and caracholini regular Monitor friends have guided and supported me throughout my education and for providing me with everything I need.

Acknowledgement

I hereby thank the staff at the JKUAT Karen Campus networking session (Nerve center) especially a Mr. Antony for the insight he gave me on how their current manual system works and other related document to the current network. He gave me a first-hand experience in the activities involved in the university and the processes carried out. I would also like to thank my lecturers for teaching me how to come up with meaningful solutions to problems we face, my fellow classmates for the constructive criticism, my parents for giving me a good education and sound advice, and most importantly God for the strength, wisdom and understanding He gave me to carry out this project.

Table of Contents

Copyright i

Abstract iii

Dedication iv

Acknowledgement v

List of figures x

List of tables x

List of Abbreviations x

CHAPTER ONE: INTRODUCTION 1

1.1. Project Overview 1

1.2 Organization structure of JKUAT Karen Campus 1

Figure 1.1: Organization structure of JKUAT Karen 1

1.3 Main objectives of project 1

1.4 General description of the project process 2

1.4.1 The statement of problem 2

1.4.2 Proposed solution 2

1.5 Project Schedule 3

CHAPTER TWO: METHODOLOGY 4

2.0 Methodology 4

2.1 Research Methodology 4

2.2 Research Questions 4

2.3 Purpose of the Research 4

2.4 Research Techniques/ methods used 4

2.5 Research Technique used 8

2.5 Project methodology 8

2.5.1 System Development Life Cycle approach Methodology 9

2.5.2 Top-Down Network Design Methodology 10

2.5.3 Plan, Design, Implement, Operate, and Optimize (PPDIOO) methodology 10

2.5 Project Requirement specification 13

2.5.1 Software requirement 13

2.5.2 Hardware requirement 13

CHAPTER THREE: LITERATURE REVIEW 15

3.1 Introduction 15

3.2 LAN (local area network) 15

3.2.1. Peer-to-Peer Networks 15

3.2.2 Server-Based Networks 16

3.3 LAN Design 16

3.4 LAN Installation 17

3.5 LAN Security 17

CHAPTER FOUR: SYSTEM ANALYSIS 18

4.1 Introduction 18

4.2 System analysis activities 18

4.2.0 The importance of system analysis: 18

4.3 Requirement analysis 19

4.3.0 Identification of LAN design requirement 19

4.3.1 Equipment features 19

4.3.2 Design Redundancy 19

4.4 Existing Network 19

4.4.1 Current Network equipment 19

4.4.2 Physical configuration state 19

4.4.3 Network design topology 21

4.4.4 Current network design problem 24

4.4.5. Network addressing Schema and Naming 25

4.4.6 System analysis of the current Network Management 27

4.4.7 Proposed system 32

4.4.7.0 Physical design 32

4.4.7.1Logical design 33

4.4.7.2 Proposed Management strategies 34

4.4.7.3 Proposed WAN 34

4.4.7.4 ProposedAddress schema 35

4.4.7.5 General Merits of proposed system 36

CHAPTER FIVE: NETWORK DESIGN 37

5.0. Definition 37

5.1. Design principals 37

5.2 logical network topology 38

5.2.1 Flat versus Hierarchical Topologies 39

5.3 Switching technologies 43

5.3.0 Spanning Tree Protocol (STP) 43

5.3.1 VLAN (Virtual Local Area Network) 44

5.3.2 Designing Models for Addressing and Numbering 45

5.3.3 Network security and management design 48

5.4.0 System design of Jkuat network management online 48

5.4.0.1 Introduction 48

5.4.0.2 UML Diagrams 50

5.4.0.2.1 Activity diagrams 53

5.4.0.2.2 Sequence diagrams 55

5.4.0.2.3 Class Diagrams 56

5.4.0.3 Database design 57

5.4.0.2 Database Schema Tables 61

5.4.0.3 Entity relationship diagram (ERD) 62

5.4.0.4 Interface design 64

5.4.1 Good interface design 64

CHAPTER SIX: SYSTEM TESTING AND IMPLEMENTATION 69

6.1 Coding 69

6.2 User Interface 69

6.3 System testing 76

6.2.1 Methods / Types of Testing 76

6.2.1.2 White Box Testing 77

6.2.2 The Testing Process 77

6.4 System implementation 80

6.4.1 System change over 80

6.4.1.2 Direct changeover 81

6.5 Changeover Technique Used 83

6.6 Chosen strategy 83

CHAPTER SEVEN: PROJECT APPRAISAL 84

7.1 Objectives met 84

7.2 Achievements 84

7.1.1 System Achievement 84

7.1.2 Personal Achievement 85

7.2 Limitations/ shortcomings encountered. 85

7.3 Conclusion 85

7.4 Recommendations 86

References 87

Appendix 88

1. Interview Questions 88

2. Source codes 89

2.1. Login. Php 89

2.2. Db.php 89

List of figures

No table of figures entries found.

List of tables

List of Abbreviations

Abbreviation

Meaning

MySQL

My-structured query language

CRUD

Create, Read, Update & Delete database operations

CSS

Cascaded Style Sheet

Db

Database

DBMS

Database Management System

ERD

Entity Relationship Diagram

HTML

Hyper Text Markup Language

JKUAT

Jomo Kenyatta University of Agriculture and Technology

OO

Object Oriented

OOSAD

Object Oriented System Analysis and Design

RDBMS

Relational Database Management System

SDLC

Software Development Life Cycle

SSAD

Structured Software Analysis and Design

UML

Unified Modeling Language

DHCP

Dynamic Host Configuration Protocol

VLSM

Variable Length Subnet Mask

IP

Internet Address

TELNET

Teletype Network

DNS

Domain Name Service

TCP

Transmission Control Protocol

ACL

Access List Control

CIDR

Classless InterDomain Routing

GUI

Graphical User Interface

LAN

Local Area Network

WAN

Wide Area Network

MAC

Media Access Control

QOS

Quality Of Service

TCP/IP

Transmission Control Protocol/Internet Address

VTP

Virtual Terminal Protocol

STP

Spanning Tree Protocol

RSTP

Rapid Spanning Tree Protocol

CHAPTER ONE: INTRODUCTION

1.1. Project Overview

This project is based on the JKUAT Karen Campus Network design and implementation secured

JKUAT is public educational institution which provide certificate, diploma, undergraduate courses and postgraduate. Locate along Bogani road. The existing network have faced challenge due to the growing number of student in the last 5 years where by internet users has grown as with poor network infrastructure and services provided , This has made the network slow, unavailable all the time, unreliable and difficult to manage.

1.2. 1.2 Organization structure of JKUAT Karen Campus

Figure 1.1: Organization structure of JKUAT Karen

1.3 Main objectives of project

Our major objective will to make a secure system that is able to perform the following system Functionalities:

· Increase speed of processing and response time.

· Design and implementation network security and Qos.

· IP Address management &provide redundancy link to avoid link failure.

· Provide flexibility to meet user requirement.

· Upgrading existence LAN and integration of voice in network.

· Once login with valid username and password in the network the administrator can perform assignment of Address, troubleshooting and configuration.

· To perform secure login and provide remote access to the network by using telnet.

1.4 General description of the project process

1.3. 1.4.1 The statement of problem

The current network is facing the following problem;

Ø No redundancy: large failure domain, device failure, no network segmentation and link failure also synchronization

Ø Accessibility and availability: the current network is not available all the time due to failure of device and link.

Ø Security: with the current system security is not implemented to protect users.

Ø Manageability: due to local based management of network. Network administrator and technician are required to move one location to another and troubleshooting is becoming.

Ø Flat Network Design : no scalability and large point of failure

1.4.2 Proposed solution

The proposal system will ensure availability, security, redundancy, manageability and better performance of application. Where the user will be divide in terms of VLAN and all access to services will be allowed by Access Control List, also reduce link failure and device failure by implementing routing protocol and lastly to integrate voice communication in form of IP telephone in addition we have to implement 2 routers to manage traffic. Our system proposal network will allow only network administrator to login from a remote location for configuration and troubleshooting using telnet particular switches.

These are service will be provided by this network;

ü Telnet

ü IP telephone

ü VLAN(virtual local area network)

ü Port Security

ü Rapid STP( rapid spanning tree)

ü HTTP

ü Routing Protocol

ü DHCP sever and Protocol to provide IP addresses to devices on campus. There have been no DHCP outages year to date, exceeding the SLA goal of 99.95% availability.

The expect output from this project is LAN and Wireless implementation in the campus

Buildings. User may connect to the network anywhere within the campus. LAN and Wireless

Networking for small area offers computer connectivity with no strings attached.

1.5 Project Schedule

Table 1.1: Project Schedule

CHAPTER TWO: METHODOLOGY

2.0 Methodology

Methodology is the systematic, theoretical analysis of the methods applied to a field of study, or the theoretical analysis of the body of methods and principles associated with a branch of knowledge.

2.1 Research Methodology

Research can be defined as the process of carrying out a diligent inquiry or critical examination of a given phenomenon-implies an exhaustive study, investigation or experimentation following some logical sequence.

Research is a process of arriving at effective solutions to problems through systematic collection, analysis and interpretation of data.

The main purpose of research is to discover answers to questions. Research methodology is the process followed in conducting the research.

2.2 Research Questions

Research questions are meant to guide your information gathering as you conduct your research. The research questions I used can be viewed in the appendix section.

1.4. 2.3 Purpose of the Research

The purpose of the research was to find out how the current systems function and to get a clear picture on the impact the proposed system would bring.

The research was also aimed at eliciting user challenges with the current system and what improvements they would like to see.

2.4 Research Techniques/ methods used

There are a variety of data collection and analysis techniques that I considered before selecting the most suitable method for this project. These techniques included:

a) Questionnaires

b) Interviews

c) Observation

d) Record Inspection / Document Review

e) Sampling

f) (a) Use of questionnaires

A questionnaire is a special document that allows the analyst to ask a number of standard questions set to be asked to a large number of people in order to gather information from them. It is used when:

· The system analyst is located at a considerably long distance from the respondent.

· There is a large number of respondents such that interviewing them will be limited by time.

· The questions to be asked are simple and straight forward and require direct answers

· It is used as a means to verify facts found using other methods.

Advantages of using questionnaires are:

· They provide a cheap means of gathering information / data from a large number of people.

· They encourage individuals to provide response without fear, intimidation or victimization.

· The respondents can complete the questionnaire at their own convenience with minimal or limited interruption of their work.

· Questions are presented consistently to all without bias.

Disadvantages of using questionnaires are:

· Response is often too slow since the respondents complete and return the form at their own convenience.

· They don't provide an opportunity for respondents to obtain clarification of questions which may appear vague or ambiguous.

· Does not provide an opportunity for the analyst to observe respondents' reactions.

· The design of the questionnaire requires an expert who may charge expensively and may not be economically when used for a small group of users.

· All forms may not be returned and also not all questions may be answered which leads to incomplete data for analysis.

Requirements for preparing a questionnaire include:

· Questions should be simple and clear

· The questions should be objectively oriented and one should avoid leading questions.

· The questions should be logically organized

· The form should be neat.

(b) Interviewing

This is a direct face-to-face conversation between the system analyst (the interviewer) and users (interviewees). He obtains answers to questions he asks the interviewee. He gets the interviewee's suggestions and recommendations that may assist during the design of the proposed system.

Interviews serve the following purposes:

· Acts as a method of fact-finding to gather facts about the existing system.

· Used for verifying facts gathered through other methods.

· Used for clarifying facts gathered through other methods.

· Used to get the user involved in the development of the new system.

Interviews are used in the following circumstances:

· When the respondents are few e.g. corporate managers

· When the respondents are physically available and accessible

· When the main emphasis of the system investigation is people

· When the analyst wishes to seek direct answers, opinions, suggestions and detailed information.

· When the analyst wishes to verify validity of facts collected through other techniques.

· When immediate response is required

Interviews have the following advantages:

· The analyst can frame questions differently to individuals depending on their levels of understanding. Thus it allows detailed facts to be gathered.

· The analyst can observe non-verbal communication from the respondents or interviewees.

· The response rate rends to be high

· Provides immediate response

· The analyst can get detailed facts from each respondent

Disadvantages of interviews are:

· Costly and time consuming when used on a large number of people

· Success highly depends on the analyst human relation skills, expertise and experience

· May not be practical due to location of respondent

· May make the respondents to feel that they are being summoned or grilled by analyst

· Interviews can fail due to:

- Ambiguous questions being asked

- Personal questions being asked

- Inadequate time allocation for the exercise

- Lack of earlier preparation by both parties

- When the analyst is biased on using technical jargon

(c) Observation

Observation is the most effective fact-finding technique but requires the analyst to participate in performance some activities carried out by the user. He may choose to watch them as they perform their activities and gather the facts intended.

This method is best used in the following circumstances:

· When the validity of facts gathered through other methods is questionable

· When complexity of certain aspects of a system prevent a clear explanation by the respondents or the user

· Used to confirm that the procedures specified in the manuals are being followed.

· When one needs to obtain first hand and reliable information

Guidelines when using the observation method include:

· There should be permission from concerned authorities before the exercise

· Gathered facts should be recorded

· Those to be observed should be notified and the purpose of the exercise explained

· The analyst should be objective and avoid personal option. He should have an open mind

· The analyst should also be record ordinary events

Advantages of observation method include:

· Data gathered is highly reliable thus the method can be used to verify facts collected through other methods

· The analyst can see what is being done clearly including the tasks which are difficult to explain clearly in writing or in words.

· Inaccuracy or inaccurately described tasks can easily be identified.

· It allows the analyst to easily compare gathered facts through other methods and what actually happened on the ground

· Relatively cheap compared to other methods

Disadvantages of observation are:

· People feel uncomfortable when being observed and behave abnormally thus influence the analyst's conclusions

· The exercise may take place at odd times inconveniencing those involved

· The analyst may observe exceptional activities, leaving some critical areas. His patience and expertise play a great role

· The tasks being observed may be interrupted and the analyst may gather wrong facts

(d) Record inspection / Document review

This method involves perusing through literature or documents to gain a better understanding about the existing system. Examples of documents that are perused include sales orders, job descriptions, existing systems documentation, management reports, procedure manuals, organized structure charts, trade journals etc.

This method is best used when:

· The analyst needs to have a quick overview of the existing system

· The information required cannot be obtained through any other techniques

Advantages of this method are:

· It is comparatively cheap compared to other techniques

· It is a faster methods of fact finding especially when documents to be considered are few

Disadvantages of this method are:

· Time consuming if the documents are many or if they are not within the same locality

· Unavailability of relevant documents makes this method unreliable

· Its success depends on the expertise of the analyst

· Most of the documents or information obtained may be outdated

(e) Sampling

Sampling is the systematic selection of representative elements of a population. The selected elements are examined closely and the results assumed to reveal useful information about the entire population.

This method is used when the target population:

· Is too large and it is impractical to study every element of the population

· Contains homogenous elements (elements with similar characteristics)

Advantages of sampling are:

· It reduces the cost e.g. by avoiding to examine every document or talking to everyone in the organization to gather facts

· It spends up fact finding process

· It improves effectiveness since one can concentrate on few people and fewer documents and get adequate accurate information

· May reduce biasness, if a representative sample is taken. All the elements of the population stand a chance of being selected.

Disadvantages include:

· The sample may not be representative enough which may lead to incorrect and bias conclusions.

· The expertise of the analyst is required since sampling involves a lot of mathematical computation

2.5 Research Technique used

The research method I decided to use was the interview approach. I prepared a list of questions to serve as my interview guide then visited Easy coach and conducted interviews with the relevant personnel.

I also used the observation technique to some extent to observe the rate of service in the company and also the actual process of capturing parcel data.

2.5 Project methodology

"Many network design tools and methodologies in use today resemble the "connect-the-dots" game that some of us played as children. These tools let you place Internetworking devices on a palette and connect them with local-area network (LAN) or wide-area network (WAN) media. The problem with this methodology is that it skips the steps of analyzing a customer's requirements and selecting devices and media based on those requirements". Priscilla Oppenheimer (2004) Good network design must recognize that a customer's requirements embody many business and technical goals including requirements for availability, scalability, affordability, security, and manageability. Many customers also want to specify a required level of network performance, often called a service level. To meet these needs, difficult network design choices and tradeoffs must be made when designing the logical network before any physical devices or media are selected.

1.5. 2.5.1 System Development Life Cycle approach Methodology

Based on Priscilla Oppenheimer (2004), network design is divided into some

Major phases. The phases that will be used in this project are:

Phase 1

Investigation

H

Phase 2

Analysis

Phase 3

Design

Phase 4

Simulation

Figure 2.2: System Development Life Cycle approach

Phase 1:Investigation

The investigation phase is the most important step in planning a project; this is to find out everything that will be involved with the project. During the investigation phase, it discovers that the need for the project such as what the user's need, doing a site survey. For the buildings and environment, number of user and everything.

Phase 2: Analysis

This analysis phase is step when committees are formed and committee members determine what needs to be done. Each committee should create a task list. For each task, write down the resources required and how long it will take to complete. This phase is to analyses all the details that have been gathered in an investigation phase. It will develop analysis strategy; determine the parameters and the requirement for the project. The analyses are about user, host, network and functional requirements

Phase 3: Design

This design phase decide the network architecture of the project. It also include overall system, interfaces, assumptions, nodes and as appropriate. This deliverables of this phase will be in logical design and physical design such as network design and diagrams ready to be turned over for development.

Phase 4: Simulation

In this phase the designs are mapped to the simulation tool. The configuration for simulation includes the network configuration management, hardware configuration management and the security of the project. The hardware and software are installing

1.6. 2.5.2 Top-Down Network Design Methodology

Top-down network design is a methodology for designing networks that begins at the upper layers of the OSI reference model before moving to the lower layers. It focuses on applications, sessions, and data transport before the selection of routers, switches, and media that operate at the lower layers. The top-down network design process includes exploring divisional and group structures to find the people for whom the network will provide services and from whom you should get valuable information to make the design succeed.

1.7. 2.5.3 Plan, Design, Implement, Operate, and Optimize (PPDIOO) methodology

The network design methodology presented in this section is derived from the Cisco Prepare, Plan,

Design, Implement, Operate, and Optimize (PPDIOO) methodology, which reflects a network's lifecycle. The following sections describe the PPDIOO phases and their relation to the network design methodology, and the benefits of the lifecycle approach to network design. Subsequent sections explain the design methodology in detail.

Figure 2.3. PPDIOO Network Lifecycle Influences Design

The following describes each PPDIOO phase:

Prepare phase: The Prepare phase involves establishing the organizational (business) requirements, developing a network strategy, and proposing a high-level conceptual architecture, identifying technologies that can best support the architecture. Financial justification for the network strategy is established by assessing the business case for the proposed architecture.

Plan phase: This phase involves identifying the network requirements, which are based on

the goals for the network, where the network will be installed, who will require which network services, and so forth. The Plan phase also involves assessing the sites where the network will be installed and any existing networks, and performing a gap analysis to determine if the existing system infrastructure, sites, and operational environment can support the proposed system. A project plan helps manage the tasks, responsibilities, critical milestones, and resources required to implement the changes to the network. The project plan should align with the scope, cost, and resource parameters established in the original business requirements. The output of this phase is a set of network requirements.

Design phase: The initial requirements determined in the Plan phase drive the network design specialists' activities. These specialists design the network according to those initial requirements, incorporating any additional data gathered during network analysis and network audit (when upgrading an existing network) and through discussion with managers and network users. The network design specification that is produced is a comprehensive detailed design that meets current business and technical requirements and incorporatesspecifications to support availability, reliability, security, scalability, and performance. This design specification provides the basis for the implementation activities.

Implement phase: Implementation and verification begins after the design has been approved. The network and any additional components are built according to the design specifications, with the goal of integrating devices without disrupting the existing network or creating points of vulnerability.

Operate phase: Operation is the final test of the design's appropriateness. The Operate phase involves maintaining network health through day-to-day operations, which might include maintaining high availability and reducing expenses. The fault detection and correction and performance monitoring that occur in daily operations provide initial data for the network lifecycle's Optimize phase.

Optimize phase: The Optimize phase is based on proactive network management, the goal of which is to identify and resolve issues before real problems arise and the organization is affected. Reactive fault detection and correction (troubleshooting) are necessary when proactive management cannot predict and mitigate the failures. In the PPDIOO process, the

Benefits of the Lifecycle Approach to Network Design

The network lifecycle approach provides many benefits, including the following:

lowering the total cost of network ownership:

1. Identifying and validating technology requirements

2. Planning for infrastructure changes and resource requirements

3. Developing a sound network design aligned with technical requirements and business goals

4. Accelerating successful implementation

5. Improving the efficiency of the network and of the staff supporting it

6. Reducing operating expenses by improving the efficiency of operation processesand tools

Increasing network availability:

1. Assessing the state of the network's security and its ability to support the proposed design

2. Specifying the correct set of hardware and software releases and keeping them operational and current

3. Producing a sound operational design and validating network operation

4. Staging and testing the proposed system before deployment

5. Improving staff skills

6. Proactively monitoring the system and assessing availability trends and alerts

7. Proactively identifying security breaches and defining remediation plans

improving business agility:

1. Establishing business requirements and technology strategies

2. Readying sites to support the system to be implemented

3. Integrating technical requirements and business goals into a detailed design and

4. demonstrating that the network is functioning as specified

5. Expertly installing, configuring, and integrating system components

6. Continually enhancing performance

Accelerating access to applications and services:

1. Assessing and improving operational preparedness to support current and plannednetwork technologies and services

2. Improving service-delivery efficiency and effectiveness by increasing availability,resource capacity, and performance

3. Improving the availability, reliability, stability of the network and the applications running on it

4. Managing and resolving problems affecting the system and keeping softwareapplications current

For this project we have decided to go with System Development Life Cycle approach Methodology

Because it is efficient.

2.5 Project Requirement specification

1.8. 2.5.1 Software requirement

ü Network Simulator: Cisco Packet Tracer version 6.0.1

ü Coding Interface: Cisco IOS command Line

ü Microsoft Office 2013

ü Microsoft Visio 2013

ü UML Diagrammer

ü Cisco Aspine

ü Wampserver 2.4

ü Programming language : PHP 5.4,Javascript,HTML,Ajax,JQuery

ü Database MySQL

1.9. 2.5.2 Hardware requirement

ü Laptop or Desktop

ü RAM 2 Gb and above

ü INTEL Duo core and AMD Processor

2.5.3 Operation System

ü Windows 7 and 8

CHAPTER THREE: LITERATURE REVIEW

1.10. 3.1 Introduction

This chapter will elaborate about the literature and finding from relevant articles or papers about the element that related to this project. The literature review is a body text that aims to review the critical points of current knowledge on particular topics (Sitiamanath Masor, 2007).For this project, related to networking area and more specifics to network design and data implementation of LAN. To continue the report for project "Design and Implementation of JKAUT LAN security ", literature review is important in order to study the basic about the subject of the project. Literature review is a process to search, collect, analyze and concluded all debates and issues raised in the work that been done in the past (Halina B Abdul, 2007). It also provide the examples, case studies and other relevant work that have done by other people in the past, it gives the chance to investigate areas and read the subject that user may not have thought about before. The literature review focuses on the various theory and basic network knowledge used in the project. Project methodology will discuss detail about type of methodology, techniques, hardware or software requirements and project planning to develop the project, so that the planning for the project proposed to meet project objectives, scopes and requirements.

3.2 LAN (local area network)

Cody L. Horton (1998). »In its simplest form, a LAN is a communications network that provides users of workstations with a transmission medium and a path for sharing local and remote computer resources» . A LAN consists of the network cable also called network media, protocols, and network interface cards (NIC), servers, workstations (clients), and other network devices. LANs are separated into two broad categories, peer-to-peer and server-based. The distinction between peer-to-peer and server-based networks is important because each category provides different capabilities.

1.11. 3.2.1. Peer-to-Peer Networks

Connection between similar device (computer to computer) for sharing information .Peer-to-peer networks are suitable for small organizations where the network will consist of 10 or fewer computers. A peer-to-peer network is workable in situations where network security is notimportant, and no centralized network administration is required. In a peer-to-peer network, all

Computers on the network can function as both clients and servers. In this type of network, each client can share resources with any computer on the network, and there is no centralized control over shared resources. The peer relationship means that no one computer has higher access priority or heightened responsibility to provide shared resources or network management.

Peer-to-peer networks are not capable of handling high volumes of network traffic, but in networks of 10 or fewer they provide an easy means of sharing data and resources. Each computer in the peer network has the responsibility of administering its own user database, which means that the users must have a password and user account on even' computer in the network. Peer-to-peer networks are less expensive and easier to install than server-based networks, but they also provide less functionality and are not very expandable. While it may appear that peer-to-peer networks are unworthy of consideration because of their limitations, keep in mind that peer-to-peer networks offer some powerful inducements particularly to smaller organizations and networks. Peer-to-peer networks are the easiest and least expensive types of networks to install. Most peer-to peer networks require only an operating system, such as Windows XP or Windows for Workgroups, network interface cards, and a common network medium. Once the computers are connected, users can immediately begin sharing information and resources. [Tittel, Hudson, 1998]

1.12. 3.2.2 Server-Based Networks

Server-based networks, also known as "client/server" networks, rely on special purpose computers

Called servers that provide centralized management, coordinate and support to other computers, and resources on the network. In a server-based network, dedicated servers are installed for the purpose of providing network services such as: user logons, maintaining the authorized user accounts database, storing files, providing resources and shared applications to users, and providing network security.

There are a number of reasons to implement a server-based network, including centralized control over network resources through the use of network security control over the network using the server's configuration and setup. Server-based networks are scalable and allow for future network growth and expansion. These networks are robust and can support a large number of users depending on how the server is configured. Server-based networks can be tailored to meet the needs of small or large organizations, and they can handle high volumes of network traffic. Server-based networks are much more powerful than peer-to-peer networks, but they are also more expensive than peer-to-peer networks. Additionally, server-based networks require more administration, more training, and higher levels of technical expertise to implement than required in peer-to-peer networks.A WAN provides connectivity between more than one LAN, and most WANs are a combination of LANs and other types of communications components connected by communication links called WAN links [MS PRESS, 1996].

1.13. 3.3 LAN Design

LAN technology has changed in the recent year with new technologies such as technologies as Layer 3 switching, LAN switching, and VLANs, building campus LANs is becoming more complex than in the past. Today, the following three technologies are required to build successful campus networks;

ü Token Ring switchingOffers the same functionality as Ethernet switching but uses Token Ring technology. You can use a Token Ring switch as either a transparent bridge or source-route bridge.

ü Copper Data Distributed Interface (CDDI)provides a single-attachment station (SAS) or dual-attachment station (DAS) to two Category 5 unshielded twisted-pair (UTP), 100 Mbps RJ-45 connectors.

ü Fiber Distributed Data Interface (FDDI)Provides an SAS or DAS connection to the FDDI

ü Backbone network using two multimode, media interface connector (MIC) fiber- optic connections.

"An office network consist of a Local Area Network (LAN) or group of LANs that all connected into one enterprise network. (Cisco Documentation, 2006).

3.4 LAN Installation

These are in term of ease of installation, total cost, reliability, performance and security as state from Mitchell (2007). The article said that wired LAN use Ethernet cables and network adapters. Although two computers can be directly wiredto each other using an Ethernet crossover cable or different devices can be connected using straight through cable, wired LAN generally also require centraldevices like hubs, switches, or routers to accommodate more computers. In term ofinstallation, wired LAN used an Ethernet cables. The cable must be run from eachcomputer to another computer or to the central device. It can be time-consuming anddifficult to run cables under the floor or through walls, especially when computers sit inDifferent rooms.

3.5 LAN Security

Without adequate protection or network security, many individuals, businesses, and governments are at risk of losing that asset. Network security is the process by which digital .Network security is the process by which digital information assets are protected, the goals security are to protect confidentiality, maintain integrity, and assure availability. (Salah Alabady, 2009)With the current increase number of LANs and personal computers security has become very critical issues when it comes to protect users, asserts and privacy of users.Security has one purpose, to protect assets. With the advent of personal computers, LANs, and the wide-open world of the Internet, the networks of today are more open.

CHAPTER FOUR: SYSTEM ANALYSIS

2. Introduction

A system analysis involves evaluation of the current system using the gathered facts or information. System analysis involves understanding and specifying in detail what the system will do. One should evaluate whether the current and projected user needs are being met. If not, he should give a recommendation of what is to be done. Analysis involves detailed assessment of the components of the existing system and the requirements of the system.

The objectives or aims of system analysis are:

Ø To determine information needs of an organization and the users of that information.

Ø Determination of the current activities of the system i.e. functions involved in conversation of inputs to outputs.

Ø Determination of the intended systems output.

Ø Determination of the resources required for the intended system.

Ø Determination of capabilities required in the system to meet information needs of the organization.

4.1 System analysis activities

i) Analysis of the organization environment. The analyst should evaluate in details information needs of the organization environment e.g. information needs of the consumers, suppliers, competitors, government departments etc.

ii) Analysis of the present system. The analyst should study the current system and identify its weaknesses and its strengths. He should establish the ability of current system in meeting the stated information needs. This guides a decision to be made on whether the existing system stands to be improved, changed or done away with altogether. Some aspects of the existing controls, files, user interaction, methods, procedures, functions and existing hardware and software.

iii) Requirement analysis - involves determination of user requirements e.g. tasks performed, output expected, proposed system development cycle and user goals.

The following are also determined:-

ü Maximum, minimum and average levels of activities.

ü Labor intensive tasks - the tasks that are manual and can easily computerized.

ü Activities or tasks that involve complex or repetitive computation.

ü Procedures that have become obsolete.

Once all the facts are analyzed and documented a formal report is written called statement of requirements.

4.1.0 The importance of system analysis:

i) It helps the analyst or system developer to gain understanding of the existing system.

ii) It allows the analyst or system developer to record existing system information in a standard form to aid design of a new system. It also facilitates understanding of the system by the user staff.

iii) Enables the analyst or developer to define existing system procedure into a logical model.

Helps the analyst to write or produce statement of requirements, which guides the development team throughout subsequent stages of the development life cycle.

4.2 Requirement analysis

2.1. 4.3.0 Identification of LAN design requirement

ü High speed connectivity to access layer switch

ü Scalability(support data, voice and video)

ü Availability(24x7)

ü Manageability(VLAN, Telnet)

ü Security(implementation of VLAN,ACL, Port security)

ü High speed redundant links between switches on LAN and the access layer devices

ü Identification of available hardware for LAN

2.2. 4.3.1 Equipment features

ü 3X1841 Routers (Main, Admin, Academic)

ü 12XSwitches (Admin, Directors, library, academic, lab_201, lab_203, ACE,LB_2,LB_3)

ü Server( DNS,DHCP)

ü 4XWireless router (Academic, Library,Law,Server1)

ü IP telephone

4.3.2 Design Redundancy

ü Use of multiple layer 2 link to increase available bandwidth.

ü Design that incorporate redundancy by using layer 3 switches.

ü Implementation of routing protocol.

4.4 Existing Network

4.4.1 Current Network equipment

In the current network we have the following devices with serve the campus:

ü 2 HP Switches in the sever room

ü 1 HP switch in library

ü 1 PH switch in law school

ü 3 Linksys (Cisco) WRT300N wireless router (AC-AP)

4.4.2 Physical configuration state

Under physical we have the following;

ü Locate in 6 building (LB, Academics, BLD, ACE, Library and Directors office).

ü LAN cable in both offices is CAT6 Ethernet.

ü Flat network without redundancy.

ü The current network is inadequate for growth.

ü 1 configured VLAN management.

ü Addressing and Naming are inconstancy and poorly.

ü 25 PCs connected via wireless router (AC-AP) in library

The figure bellow shows the physical configuration state

Figure 4.1: JKUAT Karen network building

Figure 4.2: physical network building

Note: connect cable used in the current network are;

1. Between switch to switch we have UTP cable (crossover cable)

2. Between core switch and normal switches we have Fiber optic cable.

Physical network design involves the selection of LAN and WAN technologies for campus and enterprise network designs. Physical Network Design,» is to give you information about the scalability, performance, affordability, and manageability characteristics of typical options, to help you make the right selections for your particular customer. The cabling that connects buildings is exposed to more physical hazards than the cabling within buildings. Fig 4 shows how different switches connect from different building to the core switch.

4.4.3 Network design topology

The definition of the word topology states than an item's topology defines its physicalappearance. In many ways a LAN's topology is the same, it is representative of the LAN's physical appearance It is determined by how transmission channels are used to connect networkdevices. Typically, it refers to how the LAN is physically set up and the cabling strategy beingused. It is acknowledged that topology is the foundation of a LAN.

It should be pointed out that within the context of LANs, the word topology takes on a dualmeaning. Both aspects are important to how the LAN will function.

1. First, topology refers to the physical appearance of the LAN. This is known as thephysical topology.

2. The second aspect refers to how the LAN functions. This logical topology is determined by how the messages are transmitted from device to device.

There are three fundamental topologies, star, bus and ring. From these three, a number of hybrid topologies have developed, including tree, star-wired ring, clustered star and hierarchical star.

2.3. 4.4.3.1 Star topology

In a star topology, the hub or switch is placed in the logical center of the network. The remaining network devices are connected to this central hub like the points on a star.

2.4. 4.4.3.2 Bus topology

A bus topology is a linear configuration. It places all of the network devices on one length of cable, similar to stops on a city bus route. The hubs, server, stations and peripheral devices all use the same continuous length of transmission channel.

2.5. 4.4.3.3 Ring topology

A ring topology places all of the network devices in a circle. It uses one transmission channel to connect all devices. Each device is connected to the next one. The last device is connected to the first closing the circle.

2.6. 4.4.3.4 Flat Network

In a flat network all connecting devices are on the same level

Table of advantages and disadvantages

 

Star

Bus

Ring

Advantages

ü fault easy to locate and isolate

ü central management

ü Adaptable to environment changes

ü Easy to expand and add devices

No reliance on central device

Disadvantages

Single point of failure

Lack of central control

Single point of failure

Device can be added only when the network is inoperative

Table 4.1. Comparison between network topologies

Figure 4.3. Flat network

2.7. 4.4.3.5 Hierarchical network

In a hierarchical design all connecting devices are still on the same level, but these are interconnected at a level above it

Figure 4.4. Hierarchical design

In the traditional Cisco network design model there are three basic levels

1. Access: Where switching is the primary activity.

2. Distribution: Where routing occurs.

3. Core: Which forms a backbone for connecting the distribution level segments of large networks.

Due to significant benefits of hierarchical design over flat design which including

Ø The network is easy to scale

Ø The problem domain can be more easily isolated

Ø It creates logical interconnection points where protocols changes can occur Failure in

Table comparison between hierarchical and flat network design

 

Flat Network

Hierarchical Network

Advantages

Uses for small network and statics

Large and enterprise network

 

Single collision domain

large

 
 

Scalable, manageable

Limitations

Limited number of stations

unlimited

 

Single point of failure

no

 

Broadcast domain layer 3 switches and router

Have 3 layers;

Access. Distribution and core

Table 4.2. Comparisons between hierarchical and flat network design

Note: We have decided to choose this model which will be adequate for our network to make it efficient compare to the current network which use flat network design

2.8. 4.4.4 Currentnetwork design problem

Figure 4.5. Current network design

The red circle represents the problem of the current network design, with no interconnection between devices there is high probability of failure. For example if we take the link between core switch and director's switch, in case there is a failure or a problem between core and director all other switches cannot access service. There are issue of single point of failure in each sub network.

2.9. 4.4.4.1 Logical configuration state

Figure 4.6. Current logical design

2.10. 4.4.5. Network addressing Schema and Naming

A structured model for addressing means that addresses are meaningful, hierarchical, and planned. IP addresses that include a prefix and host part are structured. Assigning an IP network number to an enterprise network, then subnetting the network number and subnetting the subnets, is a structured (hierarchical) model for IP addressing.

Figure 4.7: Addressing schema

4.4.5.1 Auditing the existing Network

It is a process of acquiring information about network. Considering the existing information of users provide up to day information .it can be gather from existing management software.

Types of routers

ü Avaya

ü Cisco wireless routers

ü Network services provided by the current system(Dhcp, Wi-Fi,DNS)

2.11. 4.4.5.2 Existing network Management

a. Difficult to troubleshoot and maintenance because it required to shut down the network and required physical presence and there is no remote assistance.

b. No help desk, support was provided by calling technician physically using

IP telephone which needed physical and it consumes time to be assisted.

.

c. Limited number of IP address in some location due to the problem of VLANs. Some VLANs was assigned less IP address and other location of the network there is no VLANs at all. This problem makes hard to connect to the network or access to service is not available to all user everywhere.

4.4.6 System analysis of the current Network Management

4.4.6.1 How the current network is managed

a. In case there is a problem encounter by the user the need to call the IT technician

b. 1st assessment is physically, the IT technician go to the site/location/building where the problem was reported.

c. The technician checks the problem and provide solution immediately if possible, if not the problem will be solved after a particular time.

d. All types of assistance is physical which required times

4.4.6.2 Flowchart of the current network management

In case there is a problem encounter by the user the need to call the IT technician

e. 1st assessment is physically, the IT technician go to the site/location/building where the problem was reported.

Figure 4.8: flowchart diagram of existing system

4.4.6.3 Weakness of the current system

ü There is no reference of the previous problem occurred in the past.

ü Though the manual system, it takes a considerably long time to move from one building to another for solving network issue.

ü Slow response time which result in inefficiency and ineffectiveness of flowof daily activities.

ü Technician keeps on repeating the same task for common for common problem

ü There is no permanent help desk service to deal with daily problem and queries of user/client.

4.4.6.4 Proposed Solution to the current system problem:

ü The new system allows user/client to post their problem and queries.

ü The system help user to check their problem solution online without help desk assistance

ü User can request for online assistance

ü It will save time and resources

ü It allows to generate a report weekly report of user queries

ü This system allows the network administrator and technician to track down the problem based on the location of request.

ü The queriestracking will first of all computerize the process of managing the client/user's problem and queries.

ü The administration will be in a position to store client/user queriesonline and track them from any location.

ü Through the use of a database each problem/query will be uniquely identified hence there will be no problem of problem sharing the same Ids and the process of retrieving patient files will be faster.

ü Since the system is online, the administrator have access to querieshistory from any location provided that there is internet connectivity and that they have the appropriate login credentials.

Figure 4.9. Flowchart of the proposed system

Figure 4.10. Activity diagram of the proposed system

4.4.6.5 Analysis of network traffic

This stage involve the verification of set of application protocol used in the network and determination the application traffic pattern. For our network I used the Wireshark Network Analyzerv.1.106 to capture and analyses the traffic. The figure below shows the network traffic associated with protocol.

Figure 4.11: network traffic and protocols

Figure4.12: Jkuat karen network traffic and protocols

Fig 10 and 11 show the traffic within the network by providing source and destination IP address during the transmission of package and protocols which have been used.

4.4.6.6 Strength of the current network:

· Good quality wiring.

· Reusability of existing equipment e.g. switches. etc.

· Physical security to access critical location.

· Adequate space for data center.

4.4.6.7 Weakness of the current network:

The current network has the following weakness:

· No redundancy whereby we have large failure domain, link failure and device failure.

· No state full firewall the existing firewall can perform filtering

· Poor maintenance of network infrastructures.

· Manageability of network, in case of problem the technician or network administration need to be physical to the campus, which is losses of time and resources.

· Switch synchronization issue , in case there is a problem with electricity the network take time synchronize so that the use can access

· Limited scalability: the network users grow rapidly than expected, which affect the network users and required to upgrade to support future users.

· There is only one VLAN in the current network, we need to create more VLANs.

· Manage end point to protect network by verify id.

4.4.7 Proposed system

2.12. 4.4.7.0 Physical design

Figure4.13. Proposed physical design

Under the proposed physical design we have address the aspect of network topology design, where by in new physical we have the aspect of hierarchical design to avoid link and device failure and solve the problem of redundancy.

The merit of this new physical design are;

ü Allow expansion.

ü Allow redundancy.

ü Reduce failure.

ü Increase accessibility and reliability.

ü It uses hybrid topology.

4.4.7.1 Logical design

Figure 4.14. Proposed logical design

The merits of the new proposed logical design Ares;

ü Make the network scalable

ü Availability

ü Reduce large domain failure.

ü Create link and devices redundancy by adding 3 router to ensure if one fails 2 will keep running and serve.

ü Allow integration of voice and video in one network.

ü Reduce broadcast domain.

4.4.7.1 Proposed security strategies

The new system has the following security features;

a. Port shutdown or port security, which blocks any attempt of port sniffing.

b. Implementation of VLAN virtual local area network, this segment network into sub network. Which will separate user in the network. The purpose is to deny access students or unauthorized staff to access critical information like database of marks and finance.

c. Secured wireless access point (WAP) and deploy wireless round the campus.

2.13. 4.4.7.2Proposed Management strategies

The merit of this system under management are following;

f. Easy troubleshoot and maintenance without affecting the work crucial tasks.

g. Implement a web based system for dealing with day to day problem by just fill a form and send to people who are in charge of network. This will save of moving one building to another and will improve the time of response and improve management.

h. With the implementation of Telnet service, which allow authorized technician or administrator to access the network remotely and perform necessary task required. Any access using telnet must be secured which will request username and password before operating.

i. Implementation of DHCP server for better management of IP address and automatic getting IP address without enter it manually.

2.14. 4.4.7.3 Proposed WAN

Figure 4.15. Proposed WAN

Merit of proposed WAN are;

ü Filter unwanted package based on access control list;

ü Reduce broadcast domain.

ü Support redundancy.

ü Coordinate and route all the traffic across the network.

ü Support growth.

ü All these is to ensure the network meet user requirement at least 80%

2.15. 4.4.7.4 Proposed Address schema

Subnet network

Point to point link

VLAN

Switches

Main or Backbone

10.20.0.253/24

10.20.0.1/24

Se0/1/1

Se 0/1/0

NO

NO

 
 
 
 

Administrator 192.168.60.0/24

192.168.60.13/30

Se0/1/1

Se 0/1/0

 
 
 
 

Staff 192.168.60.64/27

 
 
 

Student 192.168.60.16/25

192.168.60.67/29

 
 

Lecture 192.168.60.32/28

192.168.60.66/29

 
 

Admin 192.168.60.96/28

192.168.60.101/29

 
 
 
 

Academic 192.168.70.0/24

192.168.70.9/30

Se 0/1/0

Se 0/1/1

 
 
 
 

Student 192.168.70.32/25

 
 
 

Staff 192.168.70.64/27

 
 
 

Admin 192.168.70.96/28

 
 
 

Lectures 192.168.70.16/28

 

DNS

192.168.50.34/27

 
 
 
 
 
 

Table 4.1: Address Schema

4.4.7.5 General Merits of proposed system

The major objective of the JKUAT LAN's security is to:

i. Increase the efficiency of the network

ii. Improve network speed and bandwidth.

iii. Improve management.

iv. Secure user privacy and network infrastructures

v. Assure availability 24x7.

vi. Reduce link failure by making the network redundant.

vii. Reduce the time involved in generation reports.

viii. Good management of IP address and support scalability.

CHAPTER FIVE: NETWORK DESIGN

2.16. 5.0. Definition

Dictionaries generally define design as planning how to create something, or the actual plans themselves. However, when you think of designing something, whether it is a product, an addition to a house, or a network, you likely contemplate a broader use of the word design.

2.17. 5.1. Design principals

Cisco has developed the Plan-Design-Implement-Operate-Optimize (PDIOO) network life cycle to describe the multiple phases through which a network passes. This life cycle phases are briefly described as follows:

ü Plan phase: The detailed network requirements are identified, and the existing network is reviewed.

ü Design phase: The network is designed according to the initial requirements and additional data gathered during analysis of the existing network. The design is refined with the client.

ü Implement phase: The network is built according to the approved design.

ü Operate phase: The network is operational and is being monitored. This phase is the ultimate test of the design.

ü Optimize phase: During this phase, issues are detected and corrected, either before problems arise or, if no problems are found, after a failure has occurred. Redesign might be required if too many problems exist.

ü Retirement phase: Although not part of the PDIOO acronym, this phase is necessary when part of the network is outdated or is no longer required.

Figure 5.1: illustration of PDIOO

Network design should include the following tasks,

· Determine requirements

· Analyze the existing network, if one exists

· Prepare the preliminary design

· Complete the final design development

· Deploy the network

· Monitor, and redesign if necessary

· Maintain documentation (as a part of all the other tasks)

Figure 5.2: illustrate the tasks

Note: The Campus LAN Design addresses four primary wired LAN requirements shared by organizations, including the need to:


· Offer reliable access to organization resources


· Minimize time required to absorb technology investments


· Provide a productive and consistent user experience


· Reduce operation costs

2.18. 5.2 logical network topology

Designing a network topology is the first step in the logical design phase of the top down network design methodology. To meet a customer's goals for scalability and adaptability, it is important to architect a logical topology before selecting physical products or technologies. During the topology design phase, you identify networks and interconnection points, the size and scope of networks, and the types of internetworking devices that will be required, but not the actual devices.

Figure 5.3: JKUAT LAN logical design

2.19. 5.2.1 Flat versus Hierarchical Topologies

2.20. 5.2.1.0 Flat network topology

A flat networktopology is adequate for small networks. With a flat network design, there is no hierarchy. Each network device has essentially the same job, and the network is not divided into layers or modules. A flat network topology is easy to design and implement, and it is easy to maintain, as long as the network stays small. When the network grows, however, a flat network is undesirable. The lack of hierarchy makes troubleshooting difficult. Rather than being able to concentrate troubleshooting efforts in just one area of the network, you might need to inspect the entire network. Although mesh networks feature good reliability, they have many disadvantages if they are not designed carefully.

Figure 5.4: Flat network design

All the devices are on the same level, computers and switches.

2.20.1.1. 5.2.1.1 Hierarchical Design Model

The hierarchical design model is used to break the design up into modular groups or layers. Breaking the design up into layers allows each layer to focus on specific functions, which simplifies the design and provides simplified deployment and management.

Modularity in network design allows you to create design elements that can be replicated throughout the network. Replication provides an easy way to scale the network as well as a consistent deployment method. In flat or meshed network architectures, changes tend to affect a large number of systems. Hierarchical design helps constrain operational changes to a subset of the network, which makes it easy to manage as well as improve resiliency. Modular structuring of the network into small, easy-to-understand elements also facilitates resiliency via improved fault isolation.

A hierarchical design includes the following three layers:

i. Access layer: Provides workgroup/user access to the network.

ii. Distribution layer: Aggregates access layers and provides connectivity to services.

iii. Core layer: Provides connection between distribution layers for large LAN environments.

Figure 5.5: Hierarchical design for JKUAT Karen Campus

i. Access Layer

The access layer is the point at which user-controlled and user-accessible devices are connected to the network. The access layer provides both wired and wireless connectivity and contains features and services that ensure security and resiliency for the entire network.

Device Connectivity

The access layer provides high-speed user-controlled and user-accessible device connectivity. Once expensive options, high-speed access technologies like Gigabit Ethernet and 802.11n wireless are now standard configurations on end-user devices.

Figure 5.6: device connectivity of JKUAT LAN Campus

1. Switches used in access layer

i. School of law, labs, academic, nerve center switch

ii. Library, finance admission switch

2. Wireless access pint Linksys

3. IP telephone

4. Printers

5. Servers

6. Desk and laptop

ii. Distribution Layer

The distribution layer serves many important services for the LAN. The primary function is to serve as an aggregation point for multiple access layer switches in a given location or campus. In a network where connectivity needs to traverse the LAN end-to-end, whether between different access layer devices or from an access layer device to the WAN, the distribution layer facilitates this connectivity.

Figure 5.7: distribution layer JKUAT LAN Campus

Scalability

In any network where multiple access layer devices exist at a location to serve end-user connectivity, it becomes impractical to interconnect each access switch as the access layer grows beyond two or three switches. The distribution layer provides a logical point to summarize addressing and to create a boundary for protocols and features necessary for the access layer operation. Another benefit of the distribution layer boundary is that it creates fault domains that serve to contain failures or network changes to those parts of the network directly affected.

iii. Core Layer

In a large LAN environment there often arises a need to have multiple distribution layer switches. One reason for this is that when access layer switches are located in multiple geographically dispersed buildings, you cansave costly fiber-optic runs between buildings by locating a distribution layer switch in each of those buildings. As networks grow beyond three distribution layers in a single location, organizations should use a core layer to optimize the design. Another reason to use multiple distribution layer switches is when the number of access layer switches connecting to a single distribution layer exceeds the performance goals of the network designer. In a modular and scalable design, you can collocate distribution layers for data center, WAN connectivity, or Internet Edge services.

In environments where multiple distribution layer switches exist in close proximity and where fiber optics provide the ability for high-speed interconnect, a core layer reduces the network complexity, as shown in the following two figures.

Figure 5.8: JKUAT LAN core layer

5.3 Switching technologies

Campus network design topologies should meet a customer's goals for availability and performance by featuring small bandwidth domains, small broadcast domains, redundancy, mirrored servers, and multiple ways for a workstation to reach a router for off-net communications.

2.21. 5.3.0Spanning Tree Protocol (STP)

An open standard protocol, documented in IEEE 802.1D, used in a switched environment to create a loop-free logical topology and logical tree with no redundancy.

ü Potential loop detection and port blocking

ü Redundancy without switching loops

ü To prevent switching loops, STP:

1. Forces certain interfaces into a standby or blocked state

2. Leaves other interfaces in a forwarding state

3. Reconfigures the network by activating the appropriate standby path, if the forwarding path becomes unavailable

Due to the weakness of STP which are;

a. Passively waited for the network to converge before it transitioned a port into the forwarding state.

b. To achieve quick convergence, a network administrator had to carefully tune the conservative default values for the Maximum Age and Forward Delay timers, which put the stability of the network at stake.

The implementation of more reliable STP called RSTP (Rapid STP) introduced In 2004, the IEEE incorporated its 802.1w standard, «Rapid Reconfiguration of Spanning

Tree,» into the IEEE 802.1D standard. The goal of the 802.1w committee was to standardize

an improved mode of switch operation that reduces the time STP takes to converge to a least-cost spanning tree and to restore service after link failures. Which solved all the of normal STP with the following solution;

7. Can actively confirm that a port can safely transition to the forwarding state without having to rely on any timer configuration.

8. To achieve convergence or convergence in a few hundred milliseconds.

9. There is now a synchronization mechanism that takes place between RSTP-compliant bridges so that they actively build the topology as quickly as possible.

Figure5.9: Spanning tree illustration in Switching

5.3.1 VLAN (Virtual Local Area Network)

A virtual LAN (VLAN)is an emulation of a standard LAN that allows data transfer to take place without the traditional physical restraints placed on a network. A VLAN is a set of LAN devices that belong to an administrative group. Group membership is based on configuration parameters and administrative policies rather than physical location. Members of a VLAN communicate with each other as if they were on the same wire or hub, when they might be located on different physical LAN segments. Members of a VLAN communicate with members in a different VLAN as if they were on different LAN segments, even when they are located in the same switch. Because VLANs are based onlogical instead of physical connections, they are extremely flexible.

Figure 5.10: illustration of VLANs in JKUAT Karen's LAN

Switches have been configured to recognize VLAN student, VLAN lectures, VLAN staff, VLAN technician and VLAN admin, they can exchange frames across the interconnection link, and the recipient switch can determine the VLAN into which those frames should be sent by examining the VLAN tag. The link between the two switches is sometimes called a trunk linkor simply atrunk.Trunk links allow the network designer to stitch together VLANs that span multiple switches.

Figure 5.11: trunk port between switches

2.22. 5.3.2Designing Models for Addressing and Numbering

A structuredaddressing means that addresses are meaningful, hierarchical, and planned. IP addresses that include a prefix and host part are structured. Assigning an IP network number to a campus network, then subnetting the network number and subnetting the subnets, is a structured (hierarchical) model for IP addressing.

A clearly documented structured model for addressing facilitates management and troubleshooting. Structure makes it easier to understand network maps, operate network management software, and recognize devices in protocol analyzer traces and reports. Structured addresses also facilitate network optimization and security because

2.23. 5.3.2.0 Static and Dynamic Addressing for End Systems

Dynamic addressing reduces the configuration tasks required to connect end systems to an internetwork. Dynamic addressing also supports users who change and automation of station or LAN. DHCPprotocol have minimize configuration tasks for IP end system .In our network we are using both static and dynamic addressing IP. Static addresses are used for servers, routers, switches,and printers.

Comparison between static versus dynamic addressing include the following:

ü The number of end systems devices: When there are more than 30 systems, dynamic addressingis usually preferable.

ü Renumbering:If it is likely you will need to renumber systems in the future andthere are many end systems, dynamic address assignment is the better choice.Renumbering for public addresses will become necessary if a new ISP is selected. Inaddition, you might plan to renumber because the current plan is not well structuredor will run out of numbers soon.

ü High availability: Statically assigned IP addresses are available anytime. Dynamicallyassigned IP addresses have to be acquired from a server first. If the server fails, anaddress cannot be acquired. To avoid this problem, you can deploy redundant DHCPservers or use static addresses.

ü Security:With dynamic address assignment, in most cases, any device that connectsto the network can acquire a valid address. This imposes some security risk.

ü Address tracking: If a management requires that addresses betracked, static addressing might be easier to implement than dynamic addressing.

ü Additional parameters: If end systems need information beyond an address, dynamicaddressing is useful because a server can provide additional parameters to clientsalong with the address. For example, a DHCP server provides a subnet mask, a default gateway,

2.24. 5.3.2.1 Hierarchical Routing

Hierarchical routing means that knowledge of the network topology and configuration is localized. No single router needs to understand how to get to each other network segment.

Hierarchical routing requires that a network administrator assign addresses in a hierarchical fashion. IP addressing and routing have been somewhat hierarchical for a long time, but in recent years, as the Internet and enterprise intranets have grown, it has become necessary to add more hierarchy.

Identifies a block of host numbers and is used for routing to that block. Traditional routing, also known as classful routing, does not transmit any information about the prefix length. With classful routing, hosts and routers calculate the prefix length by looking at the first few bits of an address to determine its class.

Classless routing protocols, on the other hand, transmit a prefix length with an IP address. This allows classless routing protocols to group networks into one entry and use the prefix length to specify which networks are grouped. Classless routing protocols also accept any arbitrary prefix length, rather than only accepting lengths of 8, 16, or 24, which the classful system dictated.

2.25. 5.3.2.2 IP address subnetting

2.26. 5.3.2.2.0 VLANS

Table 5.1: VLAN table

VLAN Number

Name

VLAN 100

Student

VLAN 200

Lectures

VLAN 300

Staff

VLAN 400

Technician

2.27. 5.3.2.2.1 VLANS IP address

Table 5.2: VLAN IP address

VLAN Name

IP address

Subnet Mask

192.168.60.0/24

Student

192.168.60.128/25

255.255.255.128

Lectures

192.168.60.16/28

255.255.255.240

Staff

192.168.60.32/28

255.255.255.240

Technician

192.168.60.48/28

255.255.255.240

Vlans

192.168.60.64/28

255.255.255.240

192.168.70.0/24

 

Student

192.168.70.128/25

255.255.255.128

Lectures

192.168.70.16/28

255.255.255.240

Staff

192.168.70.32/28

255.255.255.240

Technician

192.168.70.48/28

255.255.255.240

Vlans

192.168.70.64/28

255.255.255.240

 

2.28. 5.3.2.2.3 Point to pint IP address

This is apply on WAN between 2 or more router connecting different LANS

Table 5.3: point to point router IP address

Router name

IP address

Subnet mark

 

Interfaces

 

Administration

192.168.60.5/30 s0/0/1

192.168.60.6/30 s0/1/0

255.255.255.252

Academic

192.168.70.5/30 s0/0/1

192.168.70.6/30 s0/1/0

255.255.255.252

Main

10.20.0.1/24 s0/0/1

10.20.0.2/24 s0/1/0

255.255.0.0

2.29. 5.3.1.2.4 DNS and DHCP server IP address

Table 5.4: DNS and DHCP IP address

DNS server

192.168.60.34

255.255.255.240

DHCP server

192.168.60.33

255.255.255.240

2.30. 5.3.3 Network security and management design

Network security involved the implementation of the following services;

ü Port shut down: this service allow to shut unused port of the switch, the purpose is block any sniffing by unauthorized users.

ü Implementation of switch and router authentication and identification which allows only authorized user to access, make changes and make configuration at remote location or locally.

ü Implementation of access list control to assign privilege to authorized uses to access and perform task according to privilege assigned.

Management design involve the following services;

ü Creation of web based application to deal with request of users and provide them solution.

ü Implementation of secured telnet of all switches in network to allow easy troubleshooting and maintenance.

2.31. 5.4.0 System design of Jkuat network management online

2.32. 5.4.0.1 Introduction

System Design is a process of designing how the intended system will look like once it becomes operational. It is meant to produce a design specification for the new system.

In system design, I specified in detail how the parts of the system would be implemented.

I used the Object Oriented Analysis and Design (OOAD) approach. This is because it provides a way of thinking about a problem using real world concepts instead of using adhoc function concepts.

The major benefits of using OOAD are:

i) It promotes better understanding of user requirements.

ii) It leads to cleaner designs.

iii) There is design flexibility.

iv) Decomposition of the system is consistent.

v) Software can be reused.

vi) It facilitates easy maintenance.

vii) There is implementation flexibility

The object oriented (OO) methodology has 3 elements namely; notation, process and Tools.

a) Notation

This is a collection of graphical symbols for expressing the model of the system.

The Unified Modeling Language (UML) provides a very robust set of notation which grows from analysis to design.

The UML is mainly a collection of graphical notations that methods use to express the designs.

The UML is also used for visualizing, specifying, constructing, and documenting the artifacts of a software system.

The advantages of UML are that:

i) It captures the business processes.

ii) It enhances communication and ensures the right communication.

iii) It has the capability to capture the logical architecture independent of the implementation language.

iv) It enables reuse of design.

The UML refers to things like classes, components, relationships, packages, etc.

b) Process / Method

A process is an extensive set of guidelines that addresses the technical and organizational aspects of software development focusing on requirements, analysis and design.

Process basically encapsulates the activities leading to the orderly construction of a system model.

c) Tools.

A tool is automated support for every stage of the SDLC.

It helps the designer in creating designs much more quickly.

Tools support validations like consistency checking, completeness checking and constraint checking.

Tools also help in code generation, reverse engineering, round trip engineering, conversion from SSAD to OOAD, quick documentation, etc.

The tools used included UMLDiagrammer, White star UML and Microsoft Visio 2013.

Models Object Oriented Development

There are 4 + 1 views of the OO model. These views are:

o The process view

o Deployment View

o Logical View

o Dynamic View +

o Use Case View

For each dimension, a number of diagrams are defined that denote a view of the system's model.

The use case is central since its contents drive the development of other views.

5.4.0.2 UML Diagrams

The following UML diagrams were used in the design of the Patient Records Tracking System.

i) Use case diagrams

ii) Behavioral diagrams: Activity diagrams.

iii) Interaction diagrams: Sequence diagrams

iv) Class diagram

2.33. 5.4.0.2.0 Use case diagrams

Figure 5.12: use case diagram of administrator

Figure 5.13: use case diagram of jkuat network mngt system online

Figure 5.14: use case diagram of administrator

5.4.0.2.1 Activity diagrams

Figure 5.15: activity diagram of jkuat network mngt system online

Figure 5.16: activity diagram of administrator

5.4.0.2.2 Sequence diagrams

Figure 5.17: sequence diagram for administrator

Figure 5.17: sequence diagram for user

5.4.0.2.3 Class Diagrams

Figure 5.18: class diagram of jkuat network mngt system online

5.4.0.3 Database design

Database design is the process of producing a detailed data model of a database. It contains all the needed logical and physical design choices and physical storage parameters needed to generate a design in data definition language, which can then be used to create a database. It can also be used to describe many different parts of the design of an overall database system.

The process of doing database design generally consists of a number of steps which will be carried out by the database designer. Usually, the designer must:

· Determine the relationships between the different data elements.

· Superimpose a logical structure upon the data on the basis of these relationships.

5.4.0.3.0 Design process

The following are the steps to be followed during database design:

i). Determine the purpose of the database - This helps prepare for the remaining steps.

ii). Find and organize the information required - Gather all of the types of information to record in the database, such as product name and order number.

iii). Divide the information into tables - Divide information items into major entities or subjects, such as problem. Each subject then becomes a table.

iv). Turn information items into columns - Decide what information needs to be stored in each table. Each item becomes a field, and is displayed as a column in the table. For example, an Admin table might include fields such as user name and password.

v). Specify primary keys - Choose each table's primary key. The primary key is a column, or a set of columns, that is used to uniquely identify each row. An example might be user ID or Problem ID.

vi). Set up the table relationships - Look at each table and decide how the data in one table is related to the data in other tables. Add fields to tables or create new tables to clarify the relationships, as necessary.

vii). Refine the design - Analyze the design for errors. Create tables and add a few records of sample data. Check if results come from the tables as expected. Make adjustments to the design, as needed.

viii). Apply the normalization rules - Apply the data normalization rules to see if tables are structured correctly. Make adjustments to the tables

The person who is doing the design of a database is a person with expertise in the area of database design, rather than expertise in the domain from which the data to be stored is drawn e.g. financial information, biological information etc. Therefore the data to be stored in the database must be determined in cooperation with a person who does have expertise in that domain, and who is aware of what data must be stored within the system.

This process is one which is generally considered part of requirement analysis, and requires skill on the part of the database designer to elicit the needed information from those with the domain knowledge.

2.34. 5.4.0.3.1 Normalization

Database normalization is the process of efficiently organizing data in the DB. It can also be described as the accuraterepresentation of data, relationships and constraints.Normalization is a systematic way of ensuring that a database structure is suitable for general-purpose querying and free of certain undesirable characteristics--insertion, update, and deletion anomalies--that could lead to a loss of integrity. The main goals of normalization are to:

i) Eliminate redundant data in a DB.

ii) Ensure data dependencies make sense.

Figure 5.19: current form used to manage network

2.35. 5.4.0.3.3 Process of normalization

These are the steps taken from the unnormalized form (UNF) to the normalized form. UNF is the table that contains one or more repeating forms. The steps are: Table problem

Employee_id

problem description

Full Name

Department

Building

Date of problem

Type of problem

Status

 
 

Employee ID

Department

Building

Date of solution

Solution

Solved by

Type of problem

status

1. First normal form (1NF)

The first normal form (1NF) involves the removal of repeating groups. The question remains, "What is a repeating group?" example of repeating groups: Employee ID(JKC-FIN-0100) ,Full-name(Adam Juma) status(Unsolved), Department(Finance, Academic), Building(LAB, Academic), Type of problem(No connection, Connectivity), solution(solved),solved by, and type of problem For a given problem , one or more solution and one or more solution can exist. For each repeating group you encounter, the repeating group is moved to a separate table. In this case, you end up with two new tables that store the contact and category data. The following outlines the new structure and entities:

1) Problem : Problem ID(primary key) ,Type of problem , problem description ,Date of problem and Status

2) Employee: Employee ID(primary key), Full Name, Department, Building

3) Solution: Solution ID (primary key), Date of solution, solution, Solved by, Status

4) Report: Report ID(primary key) ,Solution ID , Employee ID, Date of report

The problem table is a parent to the problem id and Solution tables. The two relationships are one to many. In other words, each problem can have one or more solution and can be associated with one or more categories.

2. Second normal form(2NF)

Second normal form (2NF) is the second step in normalizing a database. 2NF builds on the first normal form (1NF). A 1NF table is in 2NF form if and only if all of its non-prime attributes are functionally dependent on the whole of every candidate key.

2NF is achieved by removing partial dependencies: the functionally dependent attributes are removed from the relation by placing them in a new relation along with a copy of their determinant.

Identification of attribute

Problem (Problem ID, Date of problem, problem description, Date of problem and Status)

Employee (Employee ID, Full Name, Department and Building)

Solution (Solution ID, Date of solution, solution, Solved by and Status)

Report (Report ID, Solution ID, Employee ID, and Date of report)

Functional dependency:

Employee ID Full Name, Department and Building

Solution ID Solution, Date of solution, status and solved by

Report ID Employee ID, Solution ID, Problem ID, Department and Building

Problem ID Type of problem, problem description, Date of problem and Status

Figure5.20: full dependency

Partial dependency

Solution ID, Employee ID Problem ID, Type of problem, problem description, Status, Solved by

Problem ID Type of problem, problem description, Date of problem

Employee ID, problem ID building, department, type of problem

3. Third normal form(3NF)

Third normal form (3NF) is the third step in normalizing a database and it builds on the first and second normal forms, 1NF and 2NF. 3NF states that all column reference in referenced data that are not dependent on the primary key should be removed. Another way of putting this is that only foreign key columns should be used to reference another table, and no other columns from the parent table should exist

Problem table: Problem ID (primary key), Type of problem, problem description, Date of problem and Status

Employee table: Employee ID (primary key), Full Name, Department, Building

Solution table: Solution ID (primary key), Date of solution, solution, Solved by, Status

Report table: Report ID (primary key),Solution ID, Employee ID, Date of report

5.4.0.2 Database Schema Tables

Table Problem

Name

Date type

Null

Problem ID

Integer(12)

not null

Type of problem

Varchar(255)

not null

Date of problem

Time stamp

not null

problemdesc

Varchar(255)

Not null

status

Varchar(20)

not null

Table solution

Name

Date type

Null

Solution ID

Integer(12)

not null

solution

Varchar(255)

not null

Date of solution

Time stamp

not null

status

Varchar(20)

not null

Solved by

Varchar(25)

not null

Table employee

Name

Date type

Null

Employee ID

Integer(12)

not null

Full name

Varchar(255)

not null

Department

Varchar(25)

not null

Building

Varchar(20)

not null

Table report

Name

Date type

Null

Report ID

Integer(12)

not null

Employee ID

Integer(12)

not null

Problem ID

Integer(12)

not null

Solution ID

Integer(12)

not null

Date of report

Timestamp

not null

Table comment

Name

Date type

Null

comment ID

Integer(12)

not null

Full name

Varchar(255)

not null

Date

timestamp

not null

message

Varchar(20)

not null

Table user

Name

Date type

Null

ID

Integer(12)

not null

username

Varchar(255)

not null

password

Varchar(255)

not null

5.4.0.3 Entity relationship diagram (ERD)

An Entity Relationship Diagram (ERD) is a diagram that shows how tables in a database are linked together and how they interact with each other in the database. It can be described as a graphical representation of the data requirements for a database.

There are 5 major parts to an ERD:

a) Entity

An entity represents a person, place, or thing that you want to track in a database. E.g. in this system, a customer, admin are entities. The entity becomes a table in the database.

Each occurrence of the entity is an «Entity Instance». This is becomes a record or a «row» in the table. E.g. a single name is an instance of the entity -tbl_problem.

b) Attribute

An attribute describes various characteristics about an individual entity. They tell us more about an entity. The characteristics become the «columns» in the table. E.g. each problem has an Id and a problem type.

c) Primary Key

A primary is an attribute of group of attributes that uniquely identifies an instance of the entity.

d) Relationship

A relationship describes how one or more entities interact with each other. A verb is often used to describe the relationship. E.g. a problem has a unique problem ID.

Relationships can be between two instances of entities or more. Other times you don't even need an instance for a relationship to occur. Relationships are explained through cardinality.

e) Cardinality

Cardinality is the count of instances that are allowed or are necessary between entity relationships E.g. A client can have zero, one or multiple problem, but each problem can only belong to one solution. One of the ways to represent cardinality in an ERD is by use of Crow's Foot Notation.

There are four different ways to represent cardinality using Crow's foot Notation.

· One-Mandatory means that you must have at least one and only one instance.

· Many-Mandatory means that you must have at least one instance but you can have several instances.

· One-Optional means that you don't have to have an instance but if you do, you can only have one.

· Many-Optional means that you don't have to have an instance but if you do, there isn't a limit as to how many instances you can have.

Figure 5.21: ERD diagram

5.4.0.4 Interface design

Interface design is the design of websites, computers, appliances, machines, mobile communication devices, and software applications with the focus on the user's experience and interaction. The goal of user interface design is to make the user's interaction as simple and efficient as possible oftenreferred to as user-centered design.

5.4.1 Good interface design

A good interface design stems from knowing your users, including understanding their goals, skills, preferences, and tendencies. The following should be considered when designing the interface:

· Keep the interface simple. The best interfaces are almost invisible to the user. They avoid unnecessary elements and are clear in the language they use on labels and in messaging.

· Create consistency and use common User Interface elements.By using common elements in your UI, users feel more comfortable and are able to get things done more quickly.  It is also important to create patterns in language, layout and design throughout the site to help facilitate efficiency. Once a user learns how to do something, they should be able to transfer that skill to other parts of the site.

· Be purposeful in page layout.  Consider the spatial relationships between items on the page and structure the page based on importance. Careful placement of items can help draw attention to the most important pieces of information and can aid scanning and readability.

· Strategically use color and texture. You can direct attention toward or redirect attention away from items using color, light, contrast, and texture to your advantage.

· Use typography to create hierarchy and clarity. Carefully consider how you use typeface. Different sizes, fonts, and arrangement of the text to help increase scan ability, legibility and readability.

· Make sure that the system communicates what's happening.  Always inform your users of location, actions, changes in state, or errors. The use of various UI elements to communicate status and, if necessary, next steps can reduce frustration for your user.

Figure 5.22: interface design

Figure 5.23. Home page

Figure 5.24. Login Page

Figure 5.26. Problem

Figure 5.27. Solution and comment

Figure 5.28: FAQ

CHAPTER SIX: SYSTEM TESTING AND IMPLEMENTATION

6.1 Coding

Coding / Programming is the process of translating system specifications prepared during design stage into a full operational system (program code (solution).

This was done using:

· PHP

· JavaScript

· Wampserver

· Dreamweaver.

· MySQL.

· Ajax

· Packet tracer simulation

· Cisco ios command

6.2 User Interface

The following are some screenshots of the online courier management system.

Login Page

Figure 6.0: login form

Figure 6.1: home Page

Figure 6.2: solution form

Figure 6.3: problem Page Screenshot.

Figure 6.4: view problem

Figure 6.5: Employee page.

Figure 6.6: Network Schema

Figure 6.7: Student computer DHCP

Figure 6.8: Lecture computer DHCP

Figure 6.9: Show interface route from Director Switch

Figure 6.10: Access control list Director Router


Figure 6.11: Access control list and login

Figure 6.12: Telnet and ping IP address

Figure 6.13: Spanning tree configuration

Figure 6.14: Ping IP address

.

6.3 System testing

System testing is the exhaustive and thorough process that determines whether the system produces the desired results under known conditions.

Test data must be carefully prepared, results reviewed and corrections made in the system.

To ensure testing is clear and comprehensive a systematic test plan must be employed.

The development team and users prepare Test plan with details on how tests will be carried out. It must detail: -Expected inputs, Expected outputs, Expected error reactions, Expected communications, Expected termination, etc.

6.2.1 Methods / Types of Testing

6.2.1.1 Functional testing

This is a software testing technique whereby the internal workings of the item being tested are not known by the tester. For example, in a black box test on software design the tester only knows the inputs and what the expected outcomes should be and not how the program arrives at those outputs. The tester does not ever examine the programming code and does not need any further knowledge of the program other than its specifications.

Advantages of functional testing


· The test is unbiased because the designer and the tester are independent of each other.


· The tester does not need knowledge of any specific programming languages.


· The test is done from the point of view of the user, not the designer.


· Test cases can be designed as soon as the specifications are complete.

Disadvantages of functional testing


· The test can be redundant if the software designer has already run a test case.


· The test cases are difficult to design.


· Testing every possible input stream is unrealistic because it would take an inordinate amount of time; therefore, many program paths will go untested.

6.2.1.2 White Box Testing

Also known as glass box, structural, clear box and open box testing.

It is a software testing technique whereby explicit knowledge of the internal workings of the item being tested is used to select the test data.

Unlike black box testing, white box testing uses specific knowledge of programming code to examine outputs. The test is accurate only if the tester knows what the program is supposed to do. He or she can then see if the program diverges from its intended goal.

White box testing does not account for errors caused by omission, and all visible code must also be readable.

6.2.2 The Testing Process

The most widely used testing process consists of 5 stages:

i) Unit testing

ii) Module testing

iii) Sub-system testing

iv) System testing

v) Acceptance (alpha) testing.

i) Unit Testing

Unit testing is where individual components are tested independently to ensure they operate correctly.

ii) Module Testing

A module is a collection of dependent components e.g. an object class, an abstract data type or collection of procedures and functions. Module testing is where related components (modules) are tested without other system modules.

iii) Sub-System Testing

Sub-systems are integrated to make up a system. Sub-system testing aims at finding errors of unanticipated interactions between sub-systems and system components. Sub-system testing also aims at validating that the system meets the functional and non-functional components.

iv) Acceptance Testing (Alpha Testing)

Acceptance testing is also known as alpha testing or last testing.

In this case the system is tested with real data (from client) and not simulated test data.

Acceptance testing:

Ø Reveals errors and omissions in systems requirements definition.

Ø Test whether the system meets the users' needs or if the system performance is acceptable.

Acceptance testing is carried out till users /clients agree it's an acceptable implementation of the system.

NB: Beta Testing

Beta testing approach is used for software to be marketed. It involves delivering it to a number of potential customers who agree to use it and report problems to the developers. After this feedback, it is modified and released again for another beta testing or general use.

6.2.2.1 Test Data

Test

Action

Expected

Result

Login Test

User attempts to login.

The user should be redirected to the Admin page after a successful login attempt

Login successful and the user redirected to the Admin Page.

Security Test

User browses the website pages.

A user should be able to view only the pages that he/she is authorized to view.

User has access to authorized pages and denied access to unauthorized pages.

Information

Management Test

Admin performs CRUD database operations.

The admin should be able to perform the CRUD database operations.

Records successfully viewed, updated and deleted.

File problem

File detail to the database containing problem details

The user should be able to send the records of the parcel from the database.

Data successfully added.

Logout test

User tries to logout of the system.

A user should be able to successfully logout.

User successfully logs out of the system.

Ping

Technician ping the device before telnet

Technician knows the IP address of the device

Device respond ping

telnet

Technician tries to login to remote device

Technician should be able to access the device by providing correct credential

Successful login

DHCP

Students and lectures try to get IP address automatically once connect cable or access Wi-Fi

User are supposed to get IP address and access his VLANS

Automatic get IP address

Access routers and switches

Technician tries to access a device

Provide correct password

For global, privilege and configuration mode

Access authorized

Table 6.1: Test Data

6.2.2.2 Tests Justification

Unit Testing

Unit testing was conducted to ensure that the individual system components were functioning correctly as required.

Module Testing

This was conducted to ensure that the individual system modules could operate independently without relying on the tracking system.

Sub-System Testing

This was conducted to validate that the system met the functional and non-functional requirements.

Acceptance Testing (Alpha Testing)

This was conducted to review any errors or omissions in the systems requirements definition.

White box testing

Test cases were derived that:

· Guaranteed that all the independent parts within the modules had been exercised at least once.

· Exercised all the logical decisions on their true and false states.

· Exercised internal data structure to ensure their validity.

Black box Testing

Sets of inputs were derived that fully exercised all the functional requirements of the system.

It tried to find errors in the following categories:

· Incorrect or missing functions.

· Interface errors.

· Errors in data structures or external database access.

· Performance errors.

· Initialization and termination errors.

6.4 System implementation

After thorough testing by the programmers, the system is then implemented into the working environment, replacing the original system.

6.4.1 System change over

System changeover is the process of putting the new information system online and retiring the old system. There are four strategies that can be used to do this:

(i) Parallel running

(ii) Direct changeover

(iii) Pilot running

(iv) Phased changeover

6.4.1.1 Parallel running

The old system and the new system are run together for a period of time. The old system is stopped only when it is certain that the new system is running correctly.

With this strategy, the old and the new system are both used alongside each other, both being able to operate independently. If all goes well, the old system is stopped and new system carries on as the only system.

Advantages:

i) If there are initial problems with the new system then the old one can still be used.

ii) Both systems can easily be compared.

iii) Easy to train staff by letting they learn new skills on the parallel system.

iv) Easy to evaluate because the new and old systems are both running.

Disadvantages:

i) Expensive - both systems are being run as fully operating versions so both are doing the same job.  This may mean duplication of staff and hardware.

ii) Risky - there is a greater chance of confusion or errors if the two different systems are being run side-by-side.

6.4.1.2 Direct changeover

The old system is stopped and the following day the new system is used. This could be disastrous if there are errors in the new system.

With this strategy, the changeover is done in one operation, completely replacing the old system in one go.  This usually takes place on a set date, often after a break in production or a holiday period so that time can be used to get the hardware and software for the new system installed without causing too much disruption.

Advantages:

i) The most rapid of all the strategies, provided it works.

ii) Less risk of confusion between old and new systems.

Disadvantages:

i) Most stressful for the users - the old system has gone so there is no going back if they have difficulties.

ii) Most difficult to train staff on as the new system was not in place to learn before the changeover.

iii) Most stressful for the developers - all the data and files from the old system will have to be converted ready for use on the new one.

iv) Most risky - if the new system does not work properly then there is nothing to fall back on.

6.4.1.3 Pilot running

The new system could be tried by part of the company such as one branch.

If all goes well, then the rest of the company can change to the new system

With this strategy, the new system replaces the old one in one operation but only on a small scale.  For example it might be tried out in one branch of the company or in one location.  If successful then the pilot is extended until it eventually replaces the old system completely.

Advantages:

i) Easy to control, the pilot can be halted at any time.

ii) Easy to evaluate because the new and old systems are both running.

iii) Low risk, if a small-scale pilot fails then not too much has been lost.

iv) Easy to train staff by letting them learn new skills on the pilot system.

Disadvantages:

i) It can be slow to get a pilot to completely replace the old system.

ii) A pilot may not show up problems that a full-scale implementation would. This is because a system can work well as a small-scale pilot but has difficulties when it is scaled up to a full operating system with more realistic volumes of data to be processed.

6.4.1.4 Phased changeover

With this strategy, the new system is brought in in stages (phases).  If each phase is successful then the next phase is started, eventually leading to the final phase when the new system fully replaces the old one.

Advantages:

i) Very structured, each phase can be fully evaluated before moving onto the next one.

ii) Lower risk, a well-planned and controlled introduction of the new system.

iii) Easy to train staff by letting them to learn new skills on each phase as it is introduced.

Disadvantages:

i) Slower than direct implementation.

ii) Although each phase is easy to evaluate, you have to wait until all the phases are complete before you can evaluate the whole change over.

6.5 Changeover Technique Used

After thorough evaluation and scrutiny, the changeover technique that I decided to use was the parallel running technique. This is because:

· It allows for ease of implementation.

· End users are more likely to respond positively and offer less resistance to the new system.

· If there are initial problems with the new system then the old one can still be used as the problems are getting fixed.

· It is easy to train staff by letting them learn new skills on the parallel system.

· It is easy to evaluate because the new and old systems are both running.

6.6 Chosen strategy

This the type of implementation used our new network system since there is another system running currently. The 2 system will run together

This the type of implementation used our network management system since there was not help desk system. It will take over the manual system.

CHAPTER SEVEN: PROJECT APPRAISAL

7.1 Objectives met

The JKUAT Network Management System Online was able to meet all its objectives. That include:

· A secure working DMBS for sending problem detail.

· A successfully designed universal database for parcel records data sharing.

· A system that would queries problem and solution information by a clients, department and building from anywhere

· It also satisfied client problem.

· The different modules worked as specified in the requirements specification section.

The design, implementation and management of JKUAT secured LAN was able to meet all its objectives. That include:

· A secure administrator login access.

· Perform secured Telnet requesting accurate credential.

· Allow student, lectures and staff to get dynamic IP address using DHCP

· Successful implementation of VLANs and access list control.

· Allow redundant link between networks in case of failure.

· It also satisfied client problem.

7.2 Achievements

Achievements included System and Personal achievements.

7.1.1 System Achievement

The system met all the specified functional requirements. That include:

· The system is able to solve problem encounter by client and allow client to post problem

· Information are saved in a database that can be remotely accessed by authorized personnel.

· The system also provides security to the consignment records.

· The network provides security to access switches and routers

· Better IP address management by using DHCP

· Secured network remote access using telnet

· Secured VLANs access by implementing ACL

7.1.2 Personal Achievement

· This project enabled me to apply most of the concepts I have learnt.

· I was also able to learn new programming languages function in PHP e.g. PDO and MySQL and this helped me to grow as a programmer.

· I was also able to gain experience in using many software e.g. Dreamweaver, UML diagrammed, AJAX, java script, Microsoft Visio and Wampserver.

· I was able to learn networking and it configuration and this helped me to grow as a network designer and analyst.

· I gained experience in using network simulation software e.g. packet tracer, cisco ios command line.

7.2 Limitations/ shortcomings encountered.

The following limitations were encountered during the system development:

· It took a lot of time to learn again network configuration and design

· Shortage of devices during implementation

· A lot of errors were encountered during the development of the system.

· A lot of errors and misconfiguration were encountered during the development of the system and the network.

· There were financial constraints encounters during the development of the system.

· There were technical support constraints encounters during the development of the system.

· At times, there was no internet connectivity and therefore one could not seek help from the online community or conduct research.

3. Conclusion

All in all, the jkuat network management online and design, implementation and management of jkuat secure LAN were a success since it met all its objectives and it satisfied the user specifications and client need.

The system is also in line with the Kenyan Vision 2030 of incorporating Information Technology in our workplaces.

It also shows how different technologies (PHP (PDO)&MySQL (MySQLi), WAMP sever and Cisco Packet Tracer) can be integrated to create good user applications which help reduce the cost of operations.

7.3 Recommendations

i). The network management database should be backed up at different servers to allow redundancy of the records.

ii). The network should have more be backed up servers to allow redundancy in the network.

iii). A scanning module should be added to allow scanning of old records to be added in the database.

iv). The university requires to add more access point to facilitate availability of the network

v). The network should be able to extend to accommodate growing number of students and application hosted in.

vi). The system should also be extended to capture

References

1. Geoff Haviland(2009),Designing High-Performance Campus Intranets with Multilayer Switching

2. Amal Fahad(2011),A Wireless Intranet for Baghdad University

3. Yusuf Bhaiji (2008),CCIE Professional Development Series Network Security Technologies and Solutions

4. Kenneth D. Stewart III and Aubrey Adams(2008)Designing and Supporting Computer Networks CCNA Discovery Learning Guide

5. Diane Teare(2008),Authorized Self-Study Guide Designing for Cisco Internetwork Solutions (DESGN), Second Edition

6. Eric Vyncke(2010),LAN Switch Security What Hackers Know About Your Switches

7. Priscilla Oppenheimer(2011),Top-Down Network Design, Third Edition

8. Cody L. Horton(1998), K-12 LOCAL AREA NETWORK (LAN) DESIGN GUIDE

9. Yue Pan,Jeffery Chung and ZiYue Zhang(2012),ENSC 427 Communication Networks Analysis of Performance of VoIP Over various scenarios OPNET 14.0

10. E.E.J. Vonk(2005),Design and implementation of a hotspot network: independent of Wi-Fi service providers

11. Geoff Haviland(2013,)Designing High-Performance Campus Intranets with Multilayer Switching

12. Mardav Wala(2006),Designing a LAN for Campus Layout

13. Tamirat Atsemegiorgis (2013), Building a Secure Local Area Networking

14. Diane Teare (2008,)Authorized Self-Study Guide Designing for Cisco Internetwork Solutions (DESGN) Second Edition

15. Improving Contact Center Demonstrations at Cisco Systems

16. Appendix

1. Interview Questions

Interviewee name: .......................................... Interviewer: ..................................................................

Date: .....................................................

Time: .................................................................

Place: ...........................................................................................................................................................

Subject: ........................................................................................................................................................

Time

Allocation

Interviewer

Question or objective

Interviewee

Response

1 to 2 min

Open the interview:

-Introduce myself

-Thank interviewee for their valuable time

State the purpose of the interview

 

10 min

Question 1

How does the current system operate?

Follow -up

 

5 min

What are the challenges encountered with the current system?

Follow-up

 

5 min

What Changes would you like to see?

Follow-up

 

2 min

Who is authorized to access the records?

Follow-up

 

2 min

Thank the interviewee for their time and cooperation.

Leave.

 

Table 3: Interview Questions

4. Source codes

4.1. Login. Php

<?php

include("includes/header.php");

?>

<div id="content">

<section>

<h1>Please login with your credentials</h1>

<span class='required'>*</span>This is a required field

<form action='validate_login.php' method="POST">

<label for="usernname">Username:</label>

<input name="username" class="username" required size=30 placeholder='Masterpro' type="text"/> *

</br></br>

<label for="password">Password:</label>

<input name="password" class="password" required size=30 type="password"/> *

</br>

<input type="submit" value="Login" name="submit"/>

</form>

</section>

</div>

<hr>

<footer>

Copyright, JKUAT 2014 KENYA. All rights reserved.

</footer>

</body>

</html>

4.2. Db.php

<?php

/* Database config */

$db_host= 'localhost';

$db_user= 'root';

$db_pass= '';

$db_database = 'network';

/* End config */

$db = new PDO('mysql:host='.$db_host.';dbname='.$db_database, $db_user, $db_pass);

$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

?>






Bitcoin is a swarm of cyber hornets serving the goddess of wisdom, feeding on the fire of truth, exponentially growing ever smarter, faster, and stronger behind a wall of encrypted energy








"Ceux qui vivent sont ceux qui luttent"   Victor Hugo