IT273 Networking Concepts


Case Study: The First National University (FNU)


The First National University (FNU) is a major public higher education institution. It was the first higher education institution in the country to launch distance education and more recently online programs. Apart from its main Campus, the University has operations in five (5) regional campuses (RCs) and ten (10) metropolitan campuses (MCs). At present, FNU provides diverse range of undergraduate and postgraduate programs as well as Vocational and Educational Training (VET) and short professional programs. More than 45,000 students are currently studying various levels of programs at FNU as on-campus students. Additionally, around 15,000 students are currently studying at FNU under the online and distance education programs.

FNU has three (3) major facilities to support its information technology services, namely, Headquarters, Operations (Data Centre) and Backup. The Headquarters facility is located in the main Campus. The Operations facility is located 50Kms from the Headquarters in a warehouse the University owns near an industrial area. The Operations facility houses the back-office technical functions, the Data Centre, and the IT staff. The Backup facility is located in the country area about 1000km from the headquarters. FNU uses the Backup facility as a warm-site facility that can be operational within minutes in the event the Operations facility fails.

Apart from the main campus, all regional and metropolitan campuses are very similar in terms of size, staff, and technologies. Their IT infrastructure uses relatively old and complex technologies. FNU still uses a number of protocols to enable campus communication to the main server farm located at the Operations.

Each campus is connected to the university backbone through old Multiservice Platform Routers for flexible LAN and WAN configurations, easy upgrades, and the handling of various protocols at the internet and transport layers. The router enables the campus to communicate with different FNU campuses located in different sites.

To support the day-to-day learning and teaching activities, academics and administrative staff at FNU also deals with a dozen (12) of external partners including hospitals, research centres, vendor support, and technology partners in many different ways, non-necessarily compatible each other.

At FNU the current network has consistency, performance, and reliability problems owing to a growth in enrolments and recent operations expansion. The IT department has been informed about an increase in student and faculty complaints. Particularly, faculties and academic staff claim that owing to network problems, they cannot efficiently submit grades, maintain contact with colleagues at other campuses, keep up with research, and conduct their daily tasks. Similarly, students say they have submitted student work late due to network problems. Assignments submission has been problematic since the introduction of the online submission approach. Students complain that late submissions have impacted their grades badly. Despite the complaints about the network, faculty, academic staff, and students use of the network has almost tripled in the last three few years

Another issue at FNU is that there are no BYOD and Work-at-home (WAT) policies. This has become a focus of contention between the IT department, staff and students. The IT department is concerned about a number of rogue wireless ad-hoc access points often placed by students within the campus premises. The vast majority of staff, faculty and students agree that there is a need of implementing secure wireless and remote access including the WAT and BYOD policies. The evidence is overwhelming on the need to rethink the way network services are provided at FNU.

The senior management at FNU has identified a number of key business factors that need immediate attention:

  1. Enrolment for both on-campus and distance education is to increase 50% in the next three
  2. Improve faculty efficiency and allow academic staff to participate in more research projects with colleagues at othercampuses and partner universities
  3. Improve student support efficiency and eliminate problems with assignment online
  4. As part of the BYOD policy, allow students, staff and visitors to the University to access the campus network and the Internet wirelessly using their mobile devices including notebooks, smartphones, and
  5. As part of the WAT, allow students and staff to remotely access the campus network from
  6. Secure the campus networks from

In response to the senior management call, the IT department at FNU developed a list of technical goals that should be implemented as soon as possible:

  1. Redesign the current network including provision for wireless
  2. Overhaul the IP addressing
  3. Increase the bandwidth of the Internet connection to support new applications and the expanded use of current
  4. Provide a secure, private wireless network for students, staff and visitors to access the campus network and the
  5. Provide a network that offers a response time of less than a second for interactive applications.
  6. Provide a network that is available approximately 99.9 percent of the time and offers an MTBF (mean-time-between-failure) of 6000 hours and an MTTR (mean-time-to- repair) of less than 90 minutes.
  7. Provide security to protect the Internet connection and internal network from
  8. Provide a network that can scale to support future expanded usage of multimedia applications including online
  9. Automate the majority of the network tasks and services including plug and play, network configuration, network management, troubleshooting, network monitoring, resource sharing, load balancing, updates, and data backups.


Part 1: Network Redesign

The redesign should be justified in terms of scalability, availability, network performance, security, manageability, usability, adaptability, and affordability. To do this, you need to make a number of assumptions. For example, assume that a great number of University services operate 24/7. Other services are to operate from 6:00am to 8:00pm Monday to Friday. Other aspects to consider are user’s behaviour, type of applications and services, bandwidth requirements, and the like. Make sure you discuss this further with your team mates, mentor, and teacher.

Specifically, for this redesign take into account the following:

  1. Traffic generated by the hosts:  clients, servers, and backup
  2. Appropriateness of WAN links to support current traffic and forecast
  3. Appropriateness of wired LANs and Wireless LANs to support future
  4. VLAN configuration.
  5. Network devices including routers and switches at each site (wired andwireless); and the respective network protocols and quality of service
  6. IP address allocation of each network and main network
  7. Sub-netting to separate traffic.
  8. Firewallspositioning and 
  9. Proxy
  10. DMZ
  11. Firewalls Access Control
  12. Network diagram (logical and physical topologies).

You are advised to use the network redesign template posted in the Moodle site to ensure you address all required items.

Part 2: Security Technology Implementation

As part of the security technology implementation, and in line with the recommended controls mentioned above in the network security plan (item 9), you are required to document, implement, and test at least five (5) recommended controls. The following are some suggestions of security technologies you could implement:

  1. Data backup and recovery technology including the procedures for backup and recovery. Note that there are NASs at the campuses to back up the data generated locally, however the vast majority of data is backed up to the File Servers in each campus and ultimately to the Operations facility through the WAN. You need to provide the strategy of the backup, technical details, specifications and functionalities of the recommended backup
  2. A proper authentication system that takes care of highly secured roles and permissions to access, share, download, upload files and folders. This should include authentication for wireless and mobile services as well (according to WAT and BYOD policies). You need to provide the complete details of the recommended technology including the product and vendor
  3. Services like File, Web (and secure Web), Mail (and secure Mail including spam email prevention), DHCP, DNS, Domain Controllers. For example, you may suggest Apache HTTT Server as the Web server software. If that is the case, then you must describe the full configuration of the Apache HTTP Server and the application architecture used to include the load balancer, replica web server, and data server (if you opt for a three-tier architecture for example). Again, you need to provide details of the software vendor and recommended hardware to run the
  4. Hardening of servers described mentioned in section 3. All the services need to be hardened with products as recommended in the network security
  5. Network security including DMZs, Firewalls, Intrusion Detection and Prevention Systems (IDSs andIPSs).

Security technologies 1 to 5 mentioned above are suggestions only. Discuss with your mentor and teacher any other options of your interest.

Get a 10 % discount on an order above $ 100
Use the following coupon code :
Open chat
Hello, you can now chat with our live agent via WhatsApp +1 (347) 428-6774
Our professional nursing writers will work on your paper from scratch.
We guarantee a plagiarism-free custom-written nursing paper.