JaySexton_IT302_IP5

Running head: COMPUTER NETWORKS AND COMMUNICATIONS 1

IT302-1401A-01:

Computer Networks and Communications

Phase 4 Individual Project

Jay T Sexton

February 3, 2013

Portions of this assignment had previously been submitted during IT245 Introduction to Network Management on 26 December 2013 with Mohammed Majid.

COMPUTER NETWORKS AND COMMUNICATIONS 2

History Log of Changes(Add Rows as Needed)

No. Date ofChange

Phase/Section

Changed(ex:

Section 2)

Para-graph(s) Changed

Type of Change(s)(typos, grammar, sentence structure,

info added/deleted, etc.)

1. 1/19/2014 Title Page Running Head added to Document IAW APA proper format

2. 1/19/201 Section 1 Third Paragraph

Restructured the wording for the content, Added the words phone lines use the

3. 1/19/2014Section 2

First paragraph

Provide Tactical Operation Center for the Acronym TOC also ended that sentence after voice communications also removed the word and the seventh sentence

4. 1/19/2014 Section 2 Third paragraph

Gave justification for Security not an issue for the military classified networks and phone systems.

5. 1/19/2014 Section 3 Beginning of section

Fixed gap caused by the table of contents additions, corrected Cap letters to lower case and reworked the sentence structure of the second, third, and fourth sentences in the second paragraph. Also added an s to the word phones in the very last sentence of the section

6. 1/26/2014 Section 4 First paragraph

Used san but replaced with storage area network device

7. 1/26/2014 Section 5 Repurposed note

Placed the repurposed note in the heading as per instructor notes on each weeks task list.

8. 1/26/2014 Section 5 Diagram 2 In the descriptive sentence replaced the word “is” with the word “are”.

9. 2/3/2014 Section 6 Paragraph 2 Spelled out the acronym “san” to storage area network10. 2/3/2014 Section 6 Paragraph 2 Re-wrote the complete seventh sentence to flow better11. 2/3/2014 Section 6 Paragraph 2 In the 12th sentences changed the word application to

applications. Added the s to make it plural12. 2/3/2014 Section 6 Paragraph 3 Added a semi-colon behind the word cost to break the

sentence up13. 2/08/2014 Section 8 Paragraph 2 Changed the word switches to switch14. 2/08/2014 Section 8 Paragraph 2 Re wrote the 4th sentence15. 2/08/2014 Section 9 Paragraph 1 Change the word too in the second sentence16. 2/08/2014 Section 9 Paragraph 1 Changed the word client to control in 4th sentence17. 2/08/2014 Section 9 Paragraph 1 Changed the word board to a plural word18. 2/08/2014 Section 9 Paragraph 1 Changed the word applications to a application19. 2/08/2014 Section 9 Paragraph 2 Reworded the first sentence to say security is important20. 2/08/2014 Section 9 Paragraph 3 Changed word client to control21. 2/08/2014 Section 9 Paragraph 4 Changed the bullet about password to smart card


Table of Contents

Section 1: Introduction of the Organization and its Background.............................................4

Section 2: Current Setup and Issues............................................................................................6

Section 3: Project Goals for the Organization............................................................................8

Section 4: Recommendations and Description of the New Network Infrastructure.............10 Hardware Recommendations ………………………………………………………………….8 Software Recommendations………………………………………………………………….10 Maintenance…………………………………………………………………………………..12

Section 5: Relevant Diagrams and Images................................................................................14

Section 6: Advantages and Disadvantages of the New Network Infrastructure....................17

Section 7: Productivity Impact...................................................................................................20

Section 8: Network Upgrade Issues............................................................................................23Major Upgrade Issues Prevention Steps..................................................................................22Factors that Affect Bandwidth.................................................................................................23Network Issues that Affect Users............................................................................................25Telephony and Voice Communications Upgrade effects on the Organization.......................25Organizational Upgrade Changes............................................................................................26Network Upgrade Major Issues...............................................................................................26

Section 9: Security Concerns for the New Network.................................................................27Major Security Concerns of Network Upgrades.....................................................................27Security Prioritization and Justification...................................................................................28Minor Security Concerns.........................................................................................................29Major Steps to Minimize Security Concern Impacts...............................................................30

Section 10: Supporting Newer Technologies.............................................................................32Network Support of new Technologies...................................................................................31Possible Long-term Issues.......................................................................................................32Major or Minor Issues.............................................................................................................33

Section 11: Maintenance of the New Solution .........................................................................35New Infrastructure Support.....................................................................................................34Necessary Support Elements...................................................................................................36New Infrastructure Upgrades Timelines..................................................................................36Unforeseen Maintenance Circumstances.................................................................................37

Section 12: PowerPoint Presentation .......................................................................................39


Section 13: Network+ Prep Toolkit...........................................................................................40

References.....................................................................................................................................44


Section 1: Introduction of the Organization and its Background

The organization that will be presented as the business of support for this plan is a

government military unit called 3rd Infantry Division. The reason this organization was chosen is

because it is the unit that the Tactical Mission Command team currently provides information

technology support to, of which I am currently the Project Manager. 3rd Infantry Division was

formed in “Camp Green, North Carolina on November 21, 1917” (Stewart, 2013) and still

provides military support to conflicts around the world today. 3rd Infantry Division has three

total separate networks and telecommunications setups, one unclassified and two that are

classified.

The total numbers that use the telecommunication network is “20,035 soldiers and 4,087

civilian employees” (About, 2014). Every soldier and civilian that supports 3rd Infantry Division

must have access to the network and some form of telecommunication system to conduct daily

operations. Each user has, at the minimum, access to telephone and unclassified network

communications. 3rd Infantry Division is broken down into the following groups: Division Staff,

1st Brigade 3ID, 2nd Brigade 3ID, 3rd Brigade 3ID, 4th Brigade 3ID, 3rd Sustainment Brigade, 3rd

Cavalry Aviation Brigade, Garrison Command, and Forces Command Units.

3rd Infantry Division currently works with commercial phones and Radio Frequency

phones, which are Harris Corporation FM radios, inside most office spaces and in every vehicle.

During a recent meeting with all high ranking officials, the decision was made to upgrade the

current RF communications to the newer Cisco Voice over Internet Protocol (VoIP) Phones. The

general requirements for wanting this telecommunication upgrade were: Current Line phones are


outdated, phone lines use the same network architecture for voice communications, Cisco IP

phones are smaller plus easier to transport and setup, and Cisco IP phones use automated call

managers.


Section 2: Current Setup and Issues

3rd Infantry Division still currently uses Army issued Telephone Assembly (TA) phones

in both office and deployable tactical operations center. This requires the unit to transport

switchboard systems and relay boxes in order to operate all current phones. The use of Radio

Frequency relays to bring current vehicle radio operations into the Tactical Operation Center

(TOC). This is accomplished by parking certain vehicles next to the TOC, to cable both speaker

boxes and receiver handsets into the tent, so the user can have voice communications. Further,

sometimes the Harris radio is ground mounted to a power supply and portable antenna. The

phones currently used are Voice Terminal “TA -954/TT” (Bunkerofdoom, N.d.). The user picks

up the receiver which contacts the switchboard operator, who connects call to an outside port

allowing the user of the TA-954/TT to connect to the outside phone service.

The Army has its own Satellite equipment called a Joint Network Node (JNN). It is a

trailer mounted satellite disc and primary router, firewall, Intrusion Detection System, and an

Intrusion Prevention System. This equipment connects to the network operation center, where

the Enterprise servers are kept. The servers are connected by a series of topologies down to each

client workstation. With all this new equipment the unit feels that the network architecture is

robust enough to handle the newer Cisco 7942G and 7965G IP Phones.

The current telephone system is outdated and still requires a great amount of resources to

transport and operate. This puts a large impact on the unit with having to have additional storage

containers to deploy this equipment and it also requires a 24 hour switchboard operator to ensure

its operation. RF Communications are still the top used vehicle telecommunication equipment; it

is used as the backup to the current and any newer system that will be put into operation. RF


Communications are very reliable but the organization wants to use it only as a backup to

whatever phone system they have. The labor intensity to get RF Communications from the

vehicle to the tent and then the loss of that vehicle during communication operations is the

impact for that technique. Security is not an issue within the military classified networks and

phone system. The justification is that this network is a closed network, managed by the

Pentagon’s Network Information Assurance department and the Federal Bureau of Investigation

telecommunication center at Langley Facility. Only Local security policies, permissions, and

procedures are managed at the unit level during network operations. Security is a big issue for

the unclassified network and telecommunication systems because they are very vulnerable to

attacks, hackers, and cyber spies listening and watching to gather any type of information.


Section 3: Project Goals for the Organization

After a Senior Staff call on January 12, 2014, it was the unanimous decision to set goals for

the accomplishment of this telecommunication upgrade plan. These goals will be the guidelines

to follow when completing this current upgrade requirement. The following are the top priority

goals for this plan: Replace all TA-954/TT phones with Cisco 7942G and Cisco 7965G IP

phones, replace switchboards with automated call managers, and interconnect IP phones into

current network architecture.

Completing these goals will have a significant positive impact on how the organization will

operate. This will provide lighter and easily manageable voice over internet phone systems

which use the same network backbone as the standard network architecture. The military users

will no longer have to deal with heavy primitive voice terminals and black copper wire coils.

There will no longer be requirements for large manually operated switchboards which require a

24 hour switchboard equipment operator. Cisco phones and new automated digital call managers

will be easier to transport. The redesign of the network architecture will use less Cat5 cabling for

both the Cisco IP phone and the Client workstation. Every goal change will benefit the 3rd

Infantry Division by reducing hardware equipment footprint, the cost in shipping additional

storage containers during deployments, the amount of labor it will take to manage the

communication system, and will bring 3ID voice communications into the future.

This newer telecommunication network will allow each user or group of users to use the IP

addresses to transmit voice communications through the network architecture just like the

computers use to transmit data. This technique will reduce the amount of telecommunication

equipment. Cisco phones have a greater number of features and functions than the previous


phones: LCD White light and LCD Color display, Call ID, Call Waiting, Call Forwarding,

Speakerphones, ADA compatibility, Multichannel transmission, and encryption for secure phone

transmissions. The use of these newer IP phones will make in-garrison and deployable tactical

operations work smoothly.


Section 4: Recommendations and Description of the New Network Infrastructure

Since the initial meeting with the 3rd Infantry Division staff concerning upgrades, a close

look at their current network infrastructure was completed. In accordance with today’s standards,

most of their hardware, software, and maintenance programs have already reached the end of

their current life cycle and need to be replaced. Upon further review, it was found that not all

hardware will have to be replaced. The current printers, switches, routers, firewalls, intrusion

detection systems, and intrusion prevention systems are the top of the line and the newest

equipment. This hardware does not need to be considered for replacement. It is, however,

recommended that the storage area network devices, server blades, universal power supplies,

laptops, and current phone systems be replaced because they are out-of-date.

Hardware Recommendations

The hardware recommendations for 3rd Infantry Division’s upgrade is to replace their

servers with the Dell 1130 (Dart Frog) 1U rugged servers because they are made for severe

environments and are easily placed in transit cases for deploying. The justification for choosing

the Dell 1130 1U is because it has undergone “various temperature, shock, vibration and altitude

tests, above and beyond the standard Data Center certifications. Certified by an accredited test

facility, the 1130 is MIL-STD-810G shock and vibration tested, MIL-STD-901D shock

compliance, and MIL-STD-810G altitude tested” (Needham, 2013). The cost per server blade is

$9,685.00 each and 3ID will need a quantity of sixteen which is a total of cost of $154,960.00.

Included in the overall cost is the warranty, and support contract for a six year life cycle. The

NetApps FAS2240 is a unified storage device that has 374 terabytes of storage capacity.

Justification for using this storage device is that it has a flexible configuration that “delivers a


complete high-performance, fault-tolerant storage system with up to 24 SAS drives in a 2U

chassis” (Miller, 2011). It operates in severe environments, both hot and cold. It is the most

sought after storage device on the market today. The NetApps each cost $7459.00. 3ID will

need eight FAS2240 at a cost of $59, 672.00. The Cisco 7942G and 7965G IP phones have white

and color LCD displays and the menu is configured for ring tones, contacts, call waiting, call

forwarding, speakerphone, and conferencing. These two IP phones use IP addresses to connect

directly into the network by Cat5 cables. They are lightweight and operate off 120 volt power.

Using theses IP phones will improve telecommunication because they use the IPv4network

architecture to send voice transmission across the network. The costs of these phones are

$780.00 dollars each. 3ID will need 3,500 IP phones so the total cost will be $2,730,000.00. The

APC is a universal power supply that “protects connected loads from surges, spikes, lightning,

and other power disturbances” (APC, n. d.). It is has swappable batteries, should any battery

become faulty. It provides a 120/280 volt output for one hour of operation after an acute power

failure. This device is deployed and operates in any severe environment, from local or generator

power supplies. The justification for this hardware is that it has the longest battery life on the

market. The costs of these UPS are $4200.00 and the organization will need eight for a total cost

of $33,600.00. Lastly, it is recommended to upgrade all current client systems with the Dell

Precision M6600 laptop. It is 64 bit capable and has a powerful Intel i7 core, with NVIDIA

discrete graphics adapter and 4 gigabyte (GB) upgradeable to 32GB of DDR3 memory. It has a

dual drive bay but comes with one 1.6 terabyte hard drive. It has both wireless and wired local

area network connection capabilities. The Dell M6600 “connects to virtually all your peripherals

with a bevy of ports, including USB 3.0, USB 2.0, DisplayPort™, VGA, HDMI™ and


eSATA™” (Dell, 2014). The cost of the Dell M6600 is $2,300.00 each with a five year gold

warranty. 3ID will need 4,000 systems so the total cost is $9,200,000.00.

Software Recommendations

The requirements for software upgrade are VMware vSphere 5.1, Microsoft Windows

server 2008 R2, and Windows 7 64 bit operating systems applications. 3ID currently has the

newest software applications of MacAfee Antivirus, Windows server 2008 standard, SQL 2008,

SharePoint 2010, Exchange 2010, Microsoft Office 365, Adobe Connect, Adobe reader, Java

7.1, Dot framework 5.0, Microsoft Silverlight, and many other applications. The Department of

the Army and the United States government made it a requirement to change all servers to

Windows server 2008 R2 and Windows 7 by October 1, 2014. This upgrade will require a

multitude of end-user licenses for the servers but the clients will come with their end-user

licenses through the purchase of the new model systems. The cost of the Windows server 2008

R2 with 100 licenses will be $26,000.00. With the purchase of a blanket contract, Microsoft will

provide online, phone, and on-site assessment and technical support from Microsoft for period of

five years.

Maintenance

Maintenance will be provided by on-site department of defense civilian contractors who

will be certified by all hardware and software vendors to perform all hardware and software

maintenance requirements. Maintenance will include installation of hardware and software,

configuration setup of software applications, testing and troubleshooting, quarterly updates, and

version patching of any and all software. This maintenance support will also provide server and

client network and applications training. This maintenance team is embedded with 3rd Infantry


Division. They will provide 24 hour on-site support and deploy in support of the U.S. Army to

far regions of the world. This team will fix all hardware issues and diagnose any hardware

failures. The maintenance team will help the organization get any failed hardware back to the

proper repair facility. The support maintenance team will act as the liaison between the Army

organization and all vendors to acquire updates, patches, upgrades, new version software and

hardware to ensure the military soldiers will not be bothered with this requirement. Additional

recommendations are to upgrade all hardware and software applications at the end of each five

year warranty period. It is recommended that in 3-5 years the organization complete an

assessment of the hardware to keep up with changing technologies.


Section 5: Relevant Diagrams and Images TBD

The following network architecture and design diagrams are the recommended layout to bring

the 3rd Infantry Division into the next decade.

Diagram 1: Server suite and connections to the outside network


The next two diagrams are the same network but was so large it had to be broken apart.

Diagram 2: Part one of the organizations Tactical Operations Center Layout.


Diagram 3: Part two of the organizations Tactical Operations Center Layout.


Section 6: Advantages and Disadvantages of the New Network Infrastructure

In the performance of the current upgrade plan, two important topics to consider are

advantages and disadvantages for accomplishing this upgrade. There are many reasons to

upgrade any network infrastructure, but 3rd Infantry Division decided to upgrade to improve their

voice over internet protocol capabilities. In making the decision to change out their archived

telephony systems, the organization decided to change to the newer Cisco 7942G and 7965G IP

phones. In accomplishing this task it was also determined to upgrade the current network

architecture as well.

The advantages of this upgrade are how easy it is to disconnect each hardware device for

deployment to locations anywhere in the world. The ability to rapidly reconnect the hardware

provides a seamless network and communication capability. One example is the IP phones are

small and easily packed for shipment and can be reconnected for use with no additional

administrative requirements. Reduced cost is another advantage. Buying newer hardware will

eliminate technical support and hardware replacements cost as well as reduce administrative

labor requirements. An example would be that new hardware should not have any breakdowns or

failures that would require troubleshooting and maintenance. An increased storage capacity with

the newer storage area network devices will increase storage space from 4.2 terabyte to 7.6

terabytes which will provide more hard drive space to use as a shared drive. Faster data access is

another advantage. The example of this is to have both “voice and data services on the same

network which will provide faster access to stored data” (rydoggg, 2014). Efficiency is another

advantage. Combining both the network architecture and the telephony communications system

together will allow for better management of multiple protocols from a single administrative

interface. Security can be controlled at one central location to ensure users have access to files


and applications they need to accomplish their work. Additional advantages are centrally

managed software and resources, sharing of printers and document scanners, file access from any

workstation, and IP phone contact directories from any IP phone.

The disadvantage for this upgrade is cost; to bring the organization to the current level of

proficiency will require the purchase of newer hardware, software, support contracts, licenses,

and additional admin application tools to maintain the infrastructure. Network integrity will

reduce quality of service. An example would be network failures, packet losses, latencies,

network attacks, and data delays because of bandwidths, ports and protocol issues. The most

important disadvantage would be that there is now a single point of failure for both the data and

VoIP network. A single point of failure is “a location in an application, system or process where

a catastrophe effects that application, system, or process causing it to crash”(rydoggg, 2014). An

example would be a power, router, or switch failure that crashes the network architecture. This

would cause the whole network to be down until repaired. The last disadvantage would be

maintenance. Any failure could be extremely time consuming in troubleshooting or replacing

any hardware or reinstalling and configuring the setup steps for all software. Security can also be

a disadvantage: hacking, attacks, and viruses could cause data to be stolen and halt telephony

systems.


Section 7: Productivity Impact

The 3rd Infantry Division’s upgrade plan for telephony communications and network

infrastructure will help improve productivity in the way 3ID will operate. Accomplishing this

upgrade will improve three major areas: connectivity, capacity, and reliability. The most

important area that will increase productivity is connectivity. Purchasing the newer Cisco IP

phones and adding them to the network will completely do away with the old switchboards,

receivers, coaxial cabling and TA954/TT phones and bring both data and voice communications

to a single network. This reduces the footprint of heavy, bulky telephone hardware. This will

place the voice over the one gigabyte network bandwidth and allow the voice to travel over

satellite as the data already does. Upgrading to the new hardware and software will “provide

increased reliability, faster connection speeds and enhanced information security”(wfu, n.d.).

The next area is reliability. What is network reliability? “Reliability is an attribute of any

software, hardware, or a network that operates in accordance with it specifications” (Rouse,

2005). Since the IP phones and most of the server hardware will be replaced with newer server

blades, storage devices, routers, switches, twisted pair Cat5e cabling, and newer workstation

clients, the network and telephony infrastructure will be more reliable. There should be less

downtime from possible hardware, software, and power failures. The uptime of the system

should be 98 percent of the time. There is no network that has a 99.9 percent uptime, because

weekly or bi-weekly maintenance should be part of every organization’s administrative

management plan. Having new equipment will reduce the maintenance time and present a higher

percent of operation time. Downtime hurts every organization because it will stop operations,

planning, sales, and support for both telephony communications and network operations.


The last area is capacity. It is the measurement of storage size, transfer of data across the

network (bandwidth), performance of hardware devices (memory and processors), and

application characteristics. Capacity is also one feature of how data is transferred through the

OSI reference model. In this upgrade we are talking about all three. The increase in storage

capacity will allow the organization the ability to have more virtual machines on their virtual

server infrastructure as well as having more space for a shared drive for every section to have at

least 32 megabytes of storage space. Since the transmission size will increase from 100T based

router to 1 Gigabyte routers and switches, more data can be processed through the OSI or

TCP/IP reference models allowing for larger data packets to be transmitted across the network.

With the 1 Gigabyte data paths the use of IP Phones over the network will have no issues and

operate in accordance with the IP Phones specifications. Applications can also operate faster

with newer processor speeds and larger memory capacities. Every new capacity mentioned will

allow 3rd Infantry Division to conduct operations rapidly and effectively.

This upgrade plan will allow for enterprise expansion and growth. The servers, san

storage devices, laptops, and IP Phones stay compatible for the needs of 3ID for at least 5 years

at which time, in this current plan, lays out the need for additional upgrade review. This plan for

the upgrade infrastructure allows for growth. This growth will come in the form of fixes, patches,

application updates, as well as hardware replacements as the hardware reaches it five year life

cycle end date. This plan will provide 3ID with the most robust network architecture and

telephony system. The increase capacity of the data transfer rate will work well as data travels

through the OSI and TCP/IP reference models. The transmission capacity will have no issue

processing data or messages while converting the data to frames, segments, and packets n order

to physical transmit it from one end point to the next. Everyone knows the military developed the


TCP/IP model because the Army always simplifies the way they conduct business but the

military still uses both the OSI and TCP/IP model. Why would 3ID use both? Simply because

both models are a standard way of organizing protocols used to transfer different data and

message types.


Section 8: Network Upgrade Issues

When an organization performs an upgrade to their network, one major topic that should

be considered and assessed is what network upgrade issues could occur. During the development

of the 3rd Infantry Division’s upgrade plan, several factors were discussed. 3ID looked at five

possible major issues. They also looked at the effects on bandwidth, how users could possibly be

harmed, and how the upgrade would affect both telephony and voice communications. Finally,

they looked at the major steps to prevent any possible network issues.

Network Upgrade Major Issues

The major issues that the organization felt could affect them during the network upgrade

were: the operating system and firmware versions, router and switch configurations, hardware

equipment failures, group policies and DNS resolutions, and finally closed or inactive ports. An

example of operating system and firmware version changes would be changing from Microsoft

Windows Server 2003 to Microsoft Windows Server 2008 R2. The differences with setting up

and configuring the active directory, organizational units, and group policies will not be the same

procedures as what is already known. Most administrators that work with Windows 2003 for a

long time will be used to that version’s setup and configurations. Once they upgrade to a newer

version operating system there could be newer changes in the setup and configuration menu that

will have to be learned to ensure proper use of the newer software. Current clients are 32 bit

operating systems and the newer equipment is 64 bit operating systems. The setup and operation

of the upgrade version could cause interface issues that will need to get worked out.


When a router or switch gets upgraded or changed, the configuration of each device has

to be manually loaded, setting up ports and port addresses to a specific platform to be locked to

one port. Access client lists and firewalls have to be setup to ensure message and data traffic will

pass through the network. Password and authentication also has to be setup so that every device

that connects to a port will function correctly. If the routers and switches are not configured

properly then the network will not work. Hardware equipment failures happen anytime even with

new equipment. Since digital devices are so high tech they can acquire issues just from power

connections or improper setup and configurations. Group policies and DNS resolutions are

another issue. Even though the administrator can migrate most policies down from one version

to the next, they may not function the same way because of newer functions in the upgrade

operating system. Further, changing from the Windows 2003 to the Windows 2008 R2 operating

systems will require new DNS connection configurations in the Domain Server DNS because the

root hint in the newer version is set for commercial network connections, which is not reachable

in the military network. The last network upgrade issues are closed or unreachable ports. Not the

ports on the router or switches, but the protocol ports that are within the operating systems and

firmware applications. In most newly installed systems most of the data and message ports are

open and ready for use but any third party firmware traffic ports may not be configured for use.

Here the administrator will have to manually activate them.

Factors that Affect Bandwidth

Bandwidth is “the transmission capacity and speed of data transfers used by a device or

system” (Dictionary, 2014). There are factors that affect the quality of service of that bandwidth.

Some are caused by hardware functions, some by outside sources, but most are caused by the

client user. Upstream and downstream data transfers cause issues across a network because there


is an “unequal management of data throughput rates” (Copper, 1999). Downstream channels are

allocated more bandwidth then upstream channels simply because most users conduct more

downloads then upload of data. This unequal bandwidth causes transfer issues when the user is

both downloading and uploading data. Internet usage is another factor. An example of this is

when a user has multiple web sites open for viewing, running numerous applications that are

transferring data or accomplishing downloads and uploads. This uses up the bandwidth capacity

by affecting the speed of the network and effects the transaction per second, which is another

factor that affects bandwidth. A transaction per second is “a computer application or hardware

capacity which denotes the total of transactions completed per second” (Janssen, 2010). Imagine

thousands of users doing the same thing on a single network. Denial of Service Attacks causes

interruption of network services causing every user to be deprived of network resources. The

following are common forms of denial service attacks:

Buffer Overflow Attacks

SYN Attacks

Smurf Attacks

Viruses

Physical infrastructure Attacks

The last factor that affects the bandwidth is called background downloads and uploads.

These are the same as the upstream and downstream data transfers, except these data transfers

happen in the background. Many applications have settings that automatically check for updates

online and when an update is found the application will start a download without the user

knowing.


Network Issues that Affect Users

Anytime a network infrastructure is upgraded there always seems to be users that are

affected severely. How are users affected? User accounts are disabled or completely deleted.

Their access authentications have to be changed or reset, meaning they might get a totally new

user account and password. The change of user access will cause file, directory, or remote access

permissions to be lost causing the administrator to reset user permissions in specific applications.

The last way that upgrades affect users is a total loss of stored data.

Telephony and Voice Communications Upgrade effects on the Organization

The organizations telephony and voice communications should improve upon the

completion of the upgrade. That is the expected result, but there are factors that have to be

considered. Communications can be affected by the loss of network connectivity due to power

outages or bandwidth issues. These systems are also affected by slower or halted data transfers.

Routers and switches configurations will have to be upgraded to add the IP addresses of the

telephony and voice communication equipment since the organization is now using voice over

the internet phones on the network. Heavy traffic causes priorities to be set for data transfers.

These priority assignments can slow or halt operations of telephony and voice communications

across the network. Firewall configurations also can affect data transfers. Firewalls can cause

only one way traffic, which is where you might be able to speak to someone but cannot hear

them across the Telephony or voice communications. These upgrades will require training for

both administrators and system operators. Each will need to learn how to setup, configure and

use the telephony and voice communication systems. Last is the loss of accounts either by being

disabled or deleted.


Organizational Upgrade Changes

The organization upgrade changed the bandwidth capacity from 100T bits per second to 1

Gigabyte per second. It changed the size of the storage area network devices providing up to 7.2

terabytes of data storage. Training became a requirement due to the change for both network

operations and the new telephony and voice communications systems. Last and most important

will be new active directory group policies and user account permission levels will have to be set

to use with the current security program

Major Upgrade Issues Prevention Steps

When any organization considers accomplishing a network, telephony, and voicing

communication upgrade they should develop an upgrade plan. In this plan it is important to set

an upgrade timeline as well as upgrades steps. These will help to prevent any upgrade issue that

could crop up during the upgrade. The following are the major steps to follow to prevent possible

upgrade issues:

Pre-stage data snapshots or backups

Use non-peak times for upgrade to reduce operation down time

Conduct new hardware test on network

Use both older and newer network equipment until upgrade is complete

Perform new software training classes

Perform Quality of service checks throughout upgrade

Section 9: Security Concerns for the New Network

When an organization upgrades any network or adds additional functionalities, like

telephony and voice communications, to the network infrastructure, it is important to establish or


upgrade the security of the network. The security manager and the system administrators need to

work hand in hand to update security policies and procedures and ensure these get trained to all

operators in the organizations. Outside attacks, viruses, Trojans, worms, malware, and spyware

are the reason for a security plan and management program. The security measures that will be

put into place will be firewall’s, intrusion detection systems, intrusion prevention systems, router

access control list, viruses scanning software, port scanners, packet sniffers, also software and

hardware authentication. The authentication process will involve a smart card reader as the user

login and a six to eight digit number as the password. These “smart cards will have circuit boards

on them that will hold detailed information to authenticate a specific user” (Marcoe, 1999). This

process will eliminate the changing of passwords every 90 days. The cost of these security

measures will be in the thousands of dollars and will require software licenses for each type of

application but will provide the best security possible for the new upgraded network, telephony

and voice communications network infrastructure.

Major Security Concerns of Network Upgrades

Once an organization implements their upgrades to their network infrastructure, security

should be the most important consideration. There are many network vulnerabilities and risks

that the organization has to be aware of. Some of these vulnerabilities are Denial, SYN,

Overflow buffer, man-in-the-middle, and Smurf attacks. Others are phishing, whaling, viruses,

worms, and Trojans. Each of these can cause data to become corrupt or unreliable and the

confidentiality and integrity will be damaged. To recover from these is costly in both man hours

and network downtime. Use of intrusion detection and prevention systems help secure the

network by detecting possible attacks, eavesdropping, and spoofing of data transmissions.

Firewalls placed in the Demilitarized zone of a network, activated on the servers and setup on the


clients, help in stopping denial of service and man-in-the-middle attacks. These help security

receipt and transfer of data across the network. Access client list updates in the routes, which are

labor intensive to manage, help prevent compromised Key and sniffer attacks. Account

Authentication and authorization require the administration of admin and user accounts. This

type of security prevents password-based and application-layer attacks.

Security Prioritization and Justification

When using a client to server network connection, as well as the telephony and voice

communications over the network, it is important to have the security manager and the system

administrator work together to ensure all security measures are implemented and executed during

daily network operations. These security concerns are prioritized using the flow of the Open

Interconnection System (OSI) reference model process procedures. The following is a list of

security concerns prioritized with justifications:

System administration and user account access helps protect the use of both hardware

devices and software applications. This helps prevent unauthorized access by outsiders or

other users.

Activation of firewalls at the outer limits of the network and on both servers and client

systems help protect data transmission at every level of the infrastructure against possible

network attacks, snooping, or eavesdropping.

Ensuring that the Access control list on each router is updated and operational allows for

better traffic flow of data. The importance of this ACL is that if a message or data comes

in and the packet header does not match the ACL, then the data transfer is denied.


Using intrusion detection and prevention systems helps to monitor, detect, and prevent

attacks while providing recorded types of security vulnerabilities.

Establishment of information assurance policies and procedures help operators and users

to know the security measures and requirements in the performance of their job and helps

them to understand how to ensure prevention of security vulnerabilities and risk.

Minor Security Concerns

3rd Infantry Division’s minor security concerns are wireless access points. Since wireless

access routers are not allowed to be used on government networks there is no concern about this

specific network device. Facility access is a minor concern since most of the servers are in secure

facilities; if anyone does not retain a 3ID access badge then they will never gain access to any

facility. Piggybacking is prevented by magnetic badges and a two door security entry system

where you enter in the first door and biometrics is used to allow access to the inner door.

Malware, viruses, worms, Trojans, and spyware are a minor concern for 3ID because the group

access policies have de-activated all USB ports and have made the DVDs as read only. This

prevents any use of outside computer storage devices.

Major Steps to Minimize Security Concern Impacts

The organization has measures put into place to lessen the security concerns during daily

operations. These measures ensure security at each operational level from the user to the system

administrator. The following are the major steps to minimize the impact of the unit’s security

concerns:

Network security scans (MacAfee scanner at all levels, network and port

scanners)


Network auditing (Monitor for large packets and latencies)

Use of smart cards eliminates use of username and password which improves

authentication procedures

USB and DVD drives lock down (prevents unauthorized malware, viruses,

worms, Trojans, and other types of code initiated attack)

Intrusion detection and prevention system devices (in network demilitarized zone)

“Security concerns for the organization will refer to any and all measures to safeguard

computers, user access, accuracy and reliability of data records, and operational efficiency”

(Wold & Shriver, 1997).


Section 10: Supporting Newer Technologies

3rd Infantry Division’s new network, telephony, and voice communications infrastructure

will be top of the line in network architectures upon completion of this upgrade plan. The

infrastructure will have all new network hardware devices with the most up-to-date operating

system and application software coupled with the newest telephony voice over internet protocol

communications. Any time newer technologies are introduced, one question is always asked.

That question is: how will the new infrastructure support the newer technologies? The results

will astound you.

Network Support of new Technologies

In reaching the goals of the upgrade, the new network architecture will provide better

client to server connectivity which will provide faster data processing, larger storage capacity,

and digital voice over internet phone calls all on the same network architecture. The data and

voice communications will transmit over a one gigabyte bandwidth network that will provide the

faster transfer rates while maintaining “reliable critical connections and provide greater efficient

throughput of data and voice communications” (Rasmussen, 2011) on any network today.

Upgrading the network architecture with new firewalls, intrusion detection system, and intrusion

prevention systems will provide a more secure network by checking all data and voice

transmissions allowing all transmission packets to be processed and sent faster. Having newer

server blades with the appropriate call managing application will allow automated call

processing without any switchboards or connection operators. Upgrading the storage area

network devices will provide greater storage capacity for all data and voice communication

databases such as menu configurations, contact list, wave files and any saved messaging. New

routers and switches will allow direct IP assignments, to additional hardware, providing each


computer and IP phone with its own network port and name entry in the access control list for

identification. Every upgrade goal discussed, will allow enhancements over all tactical

operations and improve telephony voice communications throughout the whole organization.

Possible Long-term Issues

When looking at new technologies, a major factor to consider is what long term issues

could new technology cause to a network infrastructure. As the organization grows, there

becomes a need for more IP phones to be added to the network. A large number of IP phones

along with data processes will cause the network connectivity to eventually degrade. This

degrade can cause what is called “hiccups that are coupled with network services that affect call

and network quality, latency, jitters, packet loss” (Valdos & Roos, 1998) and recycling of

network connections. For example, the IP phones will drop connections routinely causing the IP

phones to drop connections and have to rejoin the network. This can cause the call manager

servers to crash, if the issue becomes long term, causing not only the voice communications to

halt but could also affect the overall network bandwidth slowing or halting all data and voice

traffic. Another long term issue would be technology outdating. What is meant here is current

digital hardware technology becomes outdated within the first year it was made. Companies are

always building faster and newer reliable network equipment daily, so as soon as it comes out on

the market it is already becoming last year’s technology. Finally, other long-term effects will be

revising all access control list, organizational units, group policies, Domain Name System (DNS)

lookups and suffixes, also static IP addresses assignment.


Major or Minor Issues

None of the log-term issues concerning new technologies on a new infrastructure are

major issues overall. Each issue mentioned is a minor issue. None will completely halt the

network infrastructure but will cause routine maintenance until each issue is updated and will

require administrative management time to work out and overcome issues in the overall network.


Section 11: Maintenance of the New Solution

Maintenance is the most important factor of managing a network infrastructure.

Maintenance plans and schedules must be developed to ensure all servers, network components,

communication devices, printers, plotters, scanners, and software applications are kept in an

operational state. Why should anyone conduct maintenance on a network? Most networks run

constantly so maintenance of the physical hardware, software fixes, patches, and updates have to

be scheduled far enough in advance so that another service interruption (ASI) request can be

submitted and approved prior to conducting maintenance.

New Infrastructure Support

3rd Infantry Division’s maintenance plan is managed and performed by the Tactical

Mission Command field support team. This team is a civilian contractor team hired to manage all

administrative and security requirements for the organization’s three networks. This team

performs four types of maintenance: preventive, service, troubleshooting, and disaster recovery.

Preventive maintenance is exactly how it sounds. During this maintenance all hardware is

physically inspected for damage and proper connection. This includes looking at the servers,

cabling, network devices, routers, switches, and client workstations. During this phase each

component will be thoroughly cleaned both inside and out for dust, sand, and dirt. The hardware,

power cords, Cat5 cabling, screens, keyboards, and mice will be cleaned. Preventive

maintenance should also include scanning for spyware and virus on each operating system.

Delete unnecessary files, browser histories, website cookies, and unwanted applications. Finally

perform system cleanup and “defragmenting of the operating system to optimize the operating

structure” (Campbell, 2014) to speed up operations, then perform complete backups of the

operating system


Service maintenance is conducted while the system is operational. During this

maintenance, the operating system logs are checked for errors, patches out of date, and

malfunctions that could cause issues in the operation of the network. Router and switch ports are

checked to ensure connection lights are on and blinking. Phones are checked to ensure all

contacts list and wave files are still accessible. Firewalls are checked to ensure they are

functioning properly. IDS and IPS records are checked to see if any attacks have occurred and

clients are periodically checked to ensure all appropriate applications are functioning properly

and virus free. During this phase of maintenance the administrator will use command line tools

such as NSlookup, Netstats, Ipconfig, Tracert (trace routes) as well as ping to perform tests on

the network. “Command line tools are used to perform maintenance, configuration, and

diagnostic tasks on the network from the command line interface of an operating system”

(TechTarget, 2006).

Troubleshooting maintenance is conducted after a user or administrator notices

connectivity issues, hardware malfunctions, software malfunctions, and power failures.

Troubleshooting maintenance is necessary to prevent catastrophic failure or outages. Basically,

troubleshooting maintenance is conducted to fix possible major network failures from happening.

Here the technician will use third party applications like Server Center Operations Manager

(SCOM) to check all functioning areas of the network for possible failures. Once a possible

failure has been identified, then proper maintenance procedures are performed to correct and fix

network infrastructure issues.

Disaster Recovery maintenance is conducted when there has been a total power outage,

hardware failure, software crash or Denial of service, Man-in the middle and buffer overflow

attack. Here the maintenance involves a complete stoppage of the network until all repairs have


been completed. This maintenance is not the preferred maintenance that is why the first three are

very important. During this maintenance, power sources will require outside electrical support to

re-establish power connections. Hardware failures will require a complete replacement of the

nonoperational hardware device causing long downtimes and operations stoppage. Software

crashes normally require a complete restart of the operating system or a restoring operating

system from a full back up or snapshot of the operating system. This can be resolved fairly

quickly if none of the backups and snapshots are corrupted. Network attacks can be fixed rapidly

but the effect is long term to resolve and eliminate from the network. This maintenance requires

a complete look at all access control list, IDS and IPS records to find and fix.

Necessary Support Elements

A maintenance plan and schedule are two of the most important elements for network

support. The maintenance plan lays out how preventative service, troubleshooting, and disaster

recovery maintenance will happen and what the procedures to follow for each phase. This plan

also has a timeline schedule that has to be followed for each phase of maintenance. Both of these

are only guidelines to follow and it is understood that time schedules will vary depending on the

seriousness of the situation. In this plan is the vendors support obligations, description of

telephone and online vendor support, warranty and replacement policies and procedures for

hardware and software maintenance issues. It also lays out the policies and support procedures

for the onsite support team. It discusses the chain of command for maintenance support and the

procedures for each level of maintenance previously discussed.


New Infrastructure Upgrades Timelines

When are upgrades necessary? Upgrades become a requirement whenever there is a

hardware failure, software patch, security update, application update or a new software version

distributed by the vendor. An upgrade can be required if the organization chooses to add new

network devices to the infrastructure to improve connectivity and handle higher message traffic.

Finally, upgrades should be considered at the end of all warranties because at that time the

equipment of the network has met its life cycle expectancy. This normally should be every 3 - 5

years or when the organization feels it necessary to upgrade.

Unforeseen Maintenance Circumstances

The biggest unforeseen circumstance that would have to be considered in the long-term

maintenance plan could be the vendor going out of business, software updates not being

received, or any onsite maintenance support contract could end by customer’s choice. When you

plan a long term maintenance plan, ensure all aspects mentioned here are laid out and discussed

and backup support and alternate vendors can continue to support the organizations maintenance

plan.


Section 12: PowerPoint Presentation


Section 13: Network+ Prep Toolkit

Week 1

Local Area Network (LAN) -- An intranet network like for a business, an office or department.

Wide Area Network (WAN) -- A group of networks that are connected in a large internetwork

Bus Topology – a trunk cable with host attached

Ring Topology – Neighbor host formed as a ring

Star Topology – formed with a switch as center of network to connect all host

Mesh Topology – Is a network where every host connects to all the other host directly or

indirectly using point to point connections.

Ethernet – wired network used in LANs using Cat 5 or Cat 6 cabling.

Wireless network that uses radio waves mostly found in homes and small businesses

No questions presented a problem answered all correctly

Week 2

Network adapter – responsible for changing binary data into a format sent across the network.

MAC address – special hexadecimal identifier found in the ROM of the Network adapter

Bridge – device that connects multiple media segments on the same subnet, also filters traffic

based on MAC addresses in the frame.


Switch – a multiport bridge that performs filtering by MAC addresses and has additional

features.

Topology – A physical bus, logical bus. a physical star, logical bus. or a physical star, logical star

Ethernet.

Straight-Through – is a CAT 5 cable with the same colors on each end setup the same way.

Missed question 14 on section 4.2.5 which asked me what cable type was used on a 100baseTX

fiber optic connection the answer was 1000baseSX I believe

Week 3

Dynamic Host Configuration Protocol (DHCP) a server that is configured to pass out IP address

and other IP configuration information to client host.

Routing Information Protocol (RIP) routing protocol used for routing within an autonomous

system

Dual Stack both the IPv4 and IPv6 protocol stacks run concurrently on a host.

Tunneling pushes a IPv6 packet within an IPv4 packet, allowing IPv6 hosts or sites to communicate over the IPv4 infrastructure.

SSID a wireless the network name

Missed questions

What is the default mask for the IP address 203.111.3.3

255.255.0.0

255.255.255.0


255.0.0.0

255.255.255.255

You are designing a wireless network for a client. Your Client needs the network to support a data rate of at least 54 Mbps. In addition, the client already has a wireless telephone system installed that operates AT 2.4 Ghz.

Which 802.11 standard will work best in this situation?

802.11b

802.11c

802.11a

802.11g

802.11d

Week 4

Demilitarized Zone (DMZ) is a subnet that is between the private network and an untrusted

Internet.

TCP/IP protocol stacks uses port numbers to control which protocol will be used for incoming

traffic to be directed to.

Authentication types: Type 1 Something you know,Type 2 Something you have and Type 3

Something you are.

Hypertext Transfer Protocol (HTTP) Secure a secure form of HTTP that uses SSL to encrypt

data.


Simple Network Management Protocol (SNMP) a protocol designed for managing complex

networks that lets network hosts exchange configuration and status information

Remote desktop is a utility that displays a graphical user interface to a remote device.


Week 5

Ping verifies that TCP/IP is installed and working ensuring that system can communicate with

itself.

Static IP manually assigned IP address where DHCP is off and DHCP server will not be shown

Arp displays the IP to MAC address mapping table

Netstat will show active connections

Broadcast storm lot of broadcasted traffic that stops network communications

Wireless switch located on a laptop turns the wireless capability on and off for that system



References

About.com. (2014). Fort Stewart, Georgia, Retrieved 12 January 2014 from

http://usmilitary.about.com/od/armybaseprofiles/ss/stewart_3.htm

APC.com. (n. d.). Smart-UPS, Retrieved 19 January 2014 from

http://www.apc.com/products/resource/include/techspec_index.cfm?

base_sku=SUA5000R5TXFMR&total_watts=50&tab=features

Bunkerofdoom.com. (n.d.). USA Military Phones, Retrieved 12 January 2014 from

http://www.bunkerofdoom.com/mil/telephone/milphones1.html

Campbell University. (2014). Preventive Maintenance, Retrieved 09 February 2014 from

http://www.campbell.edu/student-services/computing-services/student-helpdesk/

preventative-maintenance/

Copper, Stephen. (1999). Internet Speeds: Downstream Vs. Upstream, Retrieved 2 February

2014 from http://www.ehow.com/info_8610913_internet-speeds-downstream-vs-

upstream.html

Dell.com. (2014). Dell Precision M6600 Mobile Workstation, Retrieved 19 January 2014 from

http://www.dell.com/us/business/p/precision-m6600/pd

Dictionary.com. (2014). Bandwidth, Retrieved 2 February 2014 from

http://dictionary.reference.com/browse/bandwidth

Janssen, Cory. (2010). Transaction Per Second, Retrieved 2 February 2014 from

http://www.techopedia.com/definition/25081/transaction-per-second


Marcoe, Mike. (1999). Authentication Types, Retrieved 2 February 2014 from

http://www.ehow.com/about_5589963_authentication-types.html

Miller, Steven. (2011). FAS2240: An Inside Look, Retrieved 19 January 2014 from

http://www.netapp.com/us/communities/tech-ontap/tot-fas2240-inside-look-1111.aspx

Needham, Samantha. (2013). Now Available: Dell 1130 – 1U Rugged Server, Retrieved 19

January 2014 from http://en.community.dell.com/dell-blogs/direct2dell/b/direct2dell/

archive/2013/05/22/now-available-dell-1130-1u-rugged-server.aspx

Rasmussen, Sven. (2011). Strengthening your core with network infrastructure upgrades,

Retrieved 09 February 2014 from

http://www.networkworld.com/columnists/2011/030711-network-infrastructure-

upgrades.html

Rouse, Margaret. (2005). Reliability, Retrieved 26 January 2014 from

http://whatis.techtarget.com/definition/reliability

Rydoggg. (2014). Advantages/Disadvantages for Businesses implementing Network

Convergence Systems, Retrieved 26 January 2014 from

http://www.studymode.com/essays/Advantages-Disadvantages-For-Businesses-

Implementing-Network-Convergence-928256.html

Shriver, Robert & Wold, Greggery. 91997). Risk Analysis Techniques, Retrieved 2 February

2014 from http://www.drj.com/new2dr/w3_030.htm

Stewart.army.mil. (2013). Third Infantry Division, Retrieved 12 January 2014 from

http://www.stewart.army.mil/units/history.asp


TechTarget.com. (2006). Windows 7 command-line tools and programs, Retrieved 09 February

2014 from http://searchitchannel.techtarget.com/feature/Windows-7-command-line-tools-

and-programs

Vales, Robert & Roos, Dave. (1998). How VoIP Works, Retrieved 09 February 2014 from

http://computer.howstuffworks.com/ip-telephony5.htm

Wake Forest University. (n.d.). Network Connectivity, Retrieved 26 January 2014 from

http://help.wfu.edu/public/network/network-connectivity

Documents

JaySexton_IT302_IP5