Wachemo University

College of Engineering and Technology

Department of Software Engineering
Project for fulfillment of Data Communication and Computer Networks course B.Sc. In Software Engineering
Project title:WCU DATA CENTER Group name
Name Id
1-Daniel Abebe 1501647
2-Angellina mellese 1500

AdvisorMSc.
Mesay Aschalew
Dec 23, 2024 GC
Hosanna, Ethiopia
 TABLE OF CONTENTS

1:Executive Summary ..................................... ...... .1

1.1 A high-level overview of the network design project. . . . . . . . . . . . . . . . . . ..1
1.2 Briefly describe the purpose, scope, and objectives. . . . . . . . . . . . . . . . . .. . . .1
1.3 Highlight key outcomes and deliverables. . . . . . . . . . . . . . . . . . . . . . . . . . . . .1
2:Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . 2
2.1 Purpose of the Project: Why is the network design being developed? . . . .. . . . . . . . . . .2
2.2 Scope: Define the boundaries of the project (e.g., departments, locations) . . . . . . . . . . . 2
2.3 Objectives: . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . 3
2.3.1 Improve connectivity. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . 3
2.3.2 Ensure scalability, security, and performance. . . . . . . . . . . . . . . . . . . . . . . . .. . ..3
2.3.3 Cost efficiency. . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . .3
2.4 Overview of the Enterprise: Description of the enterprise (size, industry, locations). . . .. . . . . . . . .. .
. . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
3:Requirements Analysis . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. .4
 3.1 Business Requirements: . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . 4
3.2 Technical Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
3.3 Constraints: . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
4:Network Design Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

4.1Design Goals: . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . 5
4.2 Methodology: . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . .5
5:. Logical Network Design . .. . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . .. . .6
5.1 Topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .… . .6
5.2 Addressing Scheme: . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . 6
5.3 Protocols: . . .. . . . . . . . . . . . .. . .. . . .. . .. .. . . . . . . . . . . . . . . . . . . . . .7
5.4 Services: . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . 7
5.5Security Features: . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8
6:Physical Network Design . . .. . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
6.1 Hardware Components: . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . .8
6.2 Wiring and Cabling: . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9
 6.3 Data Centers and Racks: . . . . . . . . . . . . . . . . . . . . . .. . . . . . .. . . . . . . . . ... .10
6.3 Network Devices Placement: . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . .10
7: Implementation Plan . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
8:Performance Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. 12
9:Security Plan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13
10:Cost Analysis . . . . . . . .. . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . .. .14
11:. Risk Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . 15
12:Future Scalability Plan . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . .. . .16
13:Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
14:References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
1:Executive Summary
1.1 A high-level overview of the network design project.

This document outlines the network design project for WCU University, aiming to create a robust,
secure, and scalabl network infrastructure to support the university's evolving needs. The project
encompasses all aspects of network planning, from logical topology and addressing schemes to
physical implementation and ongoing maintenance.
1.2 Briefly describe the purpose, scope, and objectives.
Purpose:
 To address the limitations of the existing network infrastructure.
 To provide a modern, high-performance network that supports the university's academic, research, and administrative functions
effectively.
 To enhance the student and faculty experience by providing reliable and secure network access.

Scope:
 The project will encompass all network infrastructure within the university, including:

o Campus-wide wired and wireless networks.

o Data centers and server rooms.
o Network devices such as routers, switches, and firewalls.
o Voice over IP (VoIP) systems.
 o Network security measures.

Objectives:
 Improve Connectivity:

o Increase network speed and reliability across the campus.

o Provide seamless wireless connectivity throughout the campus.
o Enhance network availability and minimize downtime.

 Ensure Scalability, Security, and Performance:

o Design a network that can accommodate future growth in network traffic and users.
o Implement robust security measures to protect the network from cyber threats.
o Optimize network performance to ensure smooth data flow for all applications.
 Cost Efficiency:

o Select cost-effective hardware and software solutions.

o Optimize network operations to minimize ongoing maintenance costs.

1.3 Highlight key outcomes and deliverables.

 A comprehensive network design document outlining the logical and physical network architecture.
 Detailed implementation plans, including timelines, budgets, and resource allocation.
 A robust security plan to mitigate cyber threats.
 A plan for ongoing network monitoring and maintenance.
 A report on the expected benefits of the new network, including improved performance, enhanced security, and reduced operational
costs.
  2: Introduction
Effective design and deployment of network infrastructure is essential to the effective operation of numerous
institutions, including universities, in today’s fast-expanding digital landscape. Strong and scalable network design
is essential as universities become more and more reliant on technology for communication, research, and
administrative procedures. In an effort to fulfill this need,the project uses Cisco Packet Tracer simulations to give
an in-depth analysis of the Three-TierHierarchical Network Model as it is used in the context of a university
network. That means core layer ,distribution layer and Access layer
A: Purpose of the Project
The network design for WCU Data Center is being developed to address the
following goals:
 Improve connectivity: The current network infrastructure is outdated and lacks sufficient bandwidth, leading to slow internet speeds
and frequent connectivity issues. The new network will provide faster and more reliable internet access for students, faculty, and staff.
 Ensure scalability, security, and performance: The university is experiencing rapid growth in enrollment and staff, and the network
needs to be designed to accommodate this growth. The new network will also be more secure, with enhanced security measures to
protect against cyber attacks.
 Cost efficiency: The new network will be designed to be more cost-effective than the current infrastructure, both in terms of initial
investment and ongoing maintenance costs.

B:Scope of the Project

The project will encompass the entire campus network, including:
 Wired network: All Ethernet switches, routers, and cables
  Wireless network: All Wi-Fi access points and controllers
 Server infrastructure: All servers and storage devices
 Telephony system: All phone systems and equipment

C:Objectives
The specific objectives of the project are as follows:
 Increase network capacity: The new network will be able to support a larger number of users and devices.
 Improve network performance: The new network will provide faster internet speeds and lower latency.
 Enhance network security: The new network will include a variety of security measures to protect against cyber attack .
 Reduce network costs: The new network will be more cost-effective than the current infrastructure.
 D: Overview of the Enterprise

Wachemo University is a public university located in Hossana, Ethiopia. It has a student population
of over 13,000 and a staff of over 1,000. The university offers a variety of undergraduate and
graduate programs in the arts, sciences, and business.
The university is currently located in a main campus building and Durame campus , but it is
planning to expand to a new campus in the near future. The new campus will include several new
buildings, as well as a new network infrastructure.
Location of University: Hossana, Ethiopia

3: Requirements Analysis
Requirements Analysis for Wachemo University Data
Center
Business Requirements:
 Connectivity for employees:
o Reliable and high-speed wired and wireless network access for all faculty, staff, and students.
o Consistent connectivity across all campus locations.
 Support for remote work:

o Secure and reliable access to university resources (e.g., email, files, applications) from remote locations.
o Support for various remote work tools and collaboration platforms.

 Enterprise applications:

o Robust infrastructure to support critical enterprise applications:

 Student Information System (SIS)

 Learning Management System (LMS)
 Research databases
 Financial systems (ERP)
 Human resources systems (HR)
 Communication and collaboration tools

Technical Requirements:
 Bandwidth and throughput:
 o Sufficient bandwidth to accommodate peak usage times and bandwidth-intensive applications.
o High throughput to ensure smooth data transfer and application performance.

 Latency and reliability:

o Low latency for real-time applications (e.g., video conferencing, online learning).
o High reliability to minimize downtime and ensure business continuity.

 Network security:

o Robust security measures to protect sensitive data and systems:

 Firewalls
 Intrusion Detection/Prevention Systems (IDS/IPS)
 Virtual Private Networks (VPNs)
 Encryption
 Multi-factor authentication
 Regular security audits and vulnerability assessments

Constraints:
 Budget:

o Limited budget for infrastructure, equipment, and ongoing maintenance.

o Cost-effective solutions are crucial.

 Timeframe:

o Project must be completed within a specific time frame to meet operational and academic deadlines.
  Legacy systems compatibility:

o Existing systems and applications must be integrated with the new data center infrastructure.
o Potential need for system upgrades or replacements to ensure compatibility.

4: Network Design Overview

Network Design Overview for Wachemo University
Design Goals:
 Scalability: The network must be able to accommodate future growth in user demand, data volumes, and applications.
 Reliability: The network must be highly reliable to minimize downtime and ensure business continuity.
 Cost-efficiency: The network design should be cost-effective, considering both initial investment and ongoing maintenance costs.
 Security: The network must be designed with robust security measures to protect sensitive data and systems from cyber threats.

Methodology:
A modular approach will be adopted for the network design. This approach involves breaking
down the network into smaller, manageable modules, each with its own specific functions and
responsibilities. This modular design offers several advantages:
 Scalability: New modules can be easily added or removed as needed to accommodate changes in user demand or application
requirements.
 Fault isolation: If a module fails, it can be isolated and replaced without affecting the entire network.
 Flexibility: The modular design allows for greater flexibility in adapting to future changes and technological advancements.
.5. Logical Network Design
5.1 Topology
Chosen Topology: Star Topology.


o Rationale:
 Centralized control: A central hub (e.g., a switch) connects all devices.
 Easy to manage and troubleshoot: Issues are typically isolated to individual devices or the central hub.
 Cost-effective for initial setup.


Network Diagram:
o [Include a visual representation of the star topology. This could be a simple diagram showing devices connected to a central
switch.]

5.2 Addressing Scheme

IP Address Plan: Currently, IPv4 is used. However, the university plans to transition to IPv6 in
the future to accommodate the growing number of devices and users.
o Current (IPv4):

 Define a suitable IP address range for the university network.

 Implement a clear subnetting scheme to efficiently allocate IP addresses to different departments, buildings, and network
segments.
 o Future (IPv6):
 Plan for an IPv6 addressing scheme that provides ample address space for future growth.
 Consider dual-stacking (IPv4 and IPv6) during the transition period.

Subnetting and VLANs

Utilize VLANs to segment the network into broadcast domains, improving security and network
performance.
o Create separate VLANs for different departments, user groups, and network services (e.g., voice, data, guest).

5.3 Protocols
 Routing Protocols:

o Consider using a dynamic routing protocol like OSPF or EIGRP for inter-VLAN routing and to optimize traffic flow within the
network.
o

6. Physical Network Design

6.1 Hardware Components
 Switches:
o Cisco Catalyst series switches (e.g., Catalyst 3850X, Catalyst 9300) for high performance, scalability, and advanced features.
 Routers:
 o Cisco ISR (Integrated Services Routers) or ASR (Aggregation Services Routers) for routing between VLANs, connecting to the
internet, and providing Quality of Service (QoS) features.

 Servers:

o Choose servers based on specific requirements (e.g., file servers, application servers, database servers). Consider virtualization
technologies for improved resource utilization.

 Access Points:

o Cisco Meraki or Cisco Catalyst access points for high-performance Wi-Fi coverage throughout the campus, including indoor and
outdoor areas.

6.2 Wiring and Cabling

 Type: Fiber optic cabling is used for interconnecting buildings and for high-speed links within the data center.

o Justification: Fiber optic provides high bandwidth, long distances, and immunity to electromagnetic interference.

 Cabling Plan:

o A detailed cabling plan will be developed, including:

 Class A Location (Computer Lab):

 High-density cabling infrastructure to support a large number of workstations.
 Consider using a combination of copper cabling (e.g., Cat6a) for workstations and fiber optic for high-bandwidth
connections to servers.
 Class B Location (Building Entrances):
  Fiber optic connections to connect to the main building backbone.
 Consider using wireless access points to provide Wi-Fi coverage in common areas.

 Class C Location (Agriculture):

 Fiber optic connections to connect remote locations to the main campus network.
 Consider using wireless mesh networks to extend coverage in areas with limited wired connectivity.

 Cabling Infrastructure:

o Implement a structured cabling system with clear labeling and documentation for easy maintenance.

6.3 Data Centers and Racks

 Layout:

o Design a well-ventilated and secure data center with proper power distribution and cooling systems.
o Utilize raised floors for efficient cable management.

 Equipment:

o Install high-density racks to accommodate servers, switches, and other network equipment.
o Implement redundant power supplies and cooling systems to ensure high availability.

6.4 Network Devices Placement

 Diagrams:

o Create detailed diagrams showing the placement of network devices (switches, routers, firewalls) within each building and in the
data center.
 o Consider factors such as proximity to users, network traffic flow, and ease of maintenance when determining device placement.

 Transport Protocols:

o TCP (Transmission Control Protocol) for reliable, connection-oriented communication (e.g., file transfers, web browsing).
o UDP (User Datagram Protocol) for time-sensitive applications and applications where reliability is less critical (e.g., streaming
media, voice over IP).

5.4 Services
 DHCP: Implement a DHCP server to automatically assign IP addresses to devices on the network, simplifying network administration.
 DNS:

o Utilize existing DNS servers (9 servers) to resolve domain names to IP addresses, enabling easy access to network resources.
o Consider implementing a DNS server for internal use to improve name resolution speed and security.

 NAT:

o Deploy Network Address Translation (NAT) to conserve IP addresses and enhance network security by hiding internal IP addresses
from the public internet.

5.5 Security Features

 Firewalls:

o Implement firewalls at key network points (e.g., perimeter, between VLANs) to control network traffic and prevent unauthorized
access.

 VPNs:
 o Deploy VPNs (Virtual Private Networks) to enable secure remote access for authorized users.

 IDS/IPS:

o Implement Intrusion Detection/Prevention Systems (IDS/IPS) to monitor network traffic for malicious activity and proactively
block attacks.

7. Implementation Plan
7.1 Deployment Strategy
 Phased Approach:
o Pilot Testing:
 Implement the new network infrastructure in a limited area, such as a single building or department.
 Thoroughly test the network's performance, stability, and security in this controlled environment.
o Incremental Rollout:

 Gradually expand the new network to other parts of the campus, ensuring a smooth transition and minimizing disruptions.
 Prioritize critical areas, such as academic buildings and administrative offices.

o Final Cut-over:

 Once all phases have been successfully completed and tested, decommission the old network and fully transition to the
new infrastructure.

7.2 Resource Allocation

  Team Roles and Responsibilities:
o Project Manager: Oversees the entire project, manages timelines, and coordinates with stakeholders.
o Network Engineers: Design, configure, and implement network devices.
o Cabling Technicians: Install and test network cabling infrastructure.
o System Administrators: Configure servers and network services.
o Security Specialists: Implement security measures and conduct security assessments.
 Required Tools and Software:

o Network monitoring and management tools (e.g., Cisco Prime Infrastructure, Wireshark)
o Cabling certification tools
o Project management software (e.g., Microsoft Project, Jira)
o Documentation software

7.3 Timeline
 Gantt Chart or Milestone Plan:

o Create a detailed project schedule, outlining key milestones, dependencies, and timelines for each phase of the implementation.
o Consider factors such as equipment delivery, installation time, testing periods, and potential delays.

8:Performance Analysis
Tools Used:
 Cisco Packet Tracer
Metrics Evaluated:
 Latency: The time delay experienced by data packets as they travel across the network.
 Bandwidth: The maximum amount of data that can be transmitted over a network connection within a given time.
 Throughput: The actual amount of data successfully transmitted over the network within a given time.
 Packet Loss: The percentage of data packets that fail to reach their destination due to issues like congestion or errors.

Results:
1. Latency:
 Graph:

o [Include a graph showing latency measurements for different network nodes or traffic flows. X-axis: Time/Data Transfer; Y-axis:
Latency (ms)]

 Analysis:

o Analyze the latency values. Identify any significant delays and their potential causes (e.g., long distances, congested links,
inefficient routing).

2. Bandwidth:
 Graph:

o [Include a graph showing bandwidth utilization for different network links. X-axis: Time/Data Transfer; Y-axis: Bandwidth
Utilization (Mbps)]

 Analysis:
 o Analyze bandwidth utilization across the network. Identify any bottlenecks where bandwidth is saturated or underutilized.

3. Throughput:
 Graph:
o [Include a graph showing throughput for different traffic flows. X-axis: Time/Data Transfer; Y-axis: Throughput (Mbps)]
 Analysis:Analyze throughput values. Compare them to expected bandwidth values to identify any performance limitations.

 4. Packet Loss:
 Graph:

o [Include a graph showing packet loss rates for different network links or traffic flows. X-axis: Time/Data Transfer; Y-axis: Packet
Loss Rate (%)]

 Analysis:

o Analyze packet loss rates. Identify any links or devices experiencing high packet loss and investigate the root causes.

5. Summary Table:

Metric Value Analysis

Average Latency [Value] ms [Analysis]
Maximum Latency [Value] ms [Analysis]
Minimum Latency [Value] ms [Analysis]
Average Bandwidth [Value] [Analysis]
Utilization Mbps
Maximum Bandwidth [Value]
[Analysis]
Utilization Mbps
[Value]
Average Throughput [Analysis]
Mbps

9:Wachemo University Data Center Security Plan

Security Plan for Wachemo University Data Center Projec

▎ Security Policies
Access Control Policies:
1. User Authentication: All users must authenticate through multi-
factor authentication (MFA) to access sensitive systems and data.
2. Role-Based Access Control (RBAC): Access permissions will be
granted based on user roles, ensuring that individuals only have
access to the information necessary for their job functions.
3. Regular Access Reviews: Access rights will be reviewed quarterly to
ensure compliance and adjust permissions as necessary.
4. Visitor Access: External visitors must be escorted at all times and
must sign in and out of the facility.
Data Protection Measures:
1. Data Encryption: All sensitive data stored in the data center will be
encrypted both at rest and in transit using industry-standard
encryption protocols (e.g., AES-256).
2. Data Classification: Data will be classified according to sensitivity
levels (e.g., public, internal, confidential) to determine appropriate
handling procedures.
3. Incident Response Plan: A formal incident response plan will be
established to address data breaches or security incidents promptly.
▎Technologies
VPNs:
• A Virtual Private Network (VPN) will be implemented to secure
remote access to the data center, ensuring that all data transmitted
over the network is encrypted.
Firewalls:
• Next-generation firewalls will be deployed to monitor and control
incoming and outgoing network traffic based on predetermined
security rules, providing a barrier between trusted internal networks
and untrusted external networks.
Anti-Virus Solutions:
• Comprehensive anti-virus and anti-malware solutions will be installed
on all servers and endpoints within the data center, with regular
updates to protect against emerging threats.
▎ Backup and Recovery
Backup Frequency and Storage Locations:
1. Backup Frequency: Data backups will occur daily for critical systems
and weekly for less critical systems. Incremental backups will be
performed every 12 hours.
2. Storage Locations: Backups will be stored in multiple locations,
including:
• On-site storage devices that are secure and monitored.
• Off-site cloud storage solutions to ensure data redundancy and
availability in case of local disasters.
 Disaster Recovery Plans:
• A comprehensive disaster recovery plan will be developed, detailing
steps for data recovery in the event of a catastrophic failure. This plan
will include:
• Identification of critical systems and data.
• Defined recovery time objectives (RTO) and recovery point
objectives (RPO).
• Regular testing of the disaster recovery plan to ensure
effectiveness and team readiness.
▎ Compliance
Industry Standards:
• The data center will adhere to relevant industry standards to ensure
compliance with legal and regulatory requirements, including:
• GDPR (General Data Protection Regulation): Implementing measures
for data protection and privacy for individuals within the European
Union and the European Economic Area.
 • ISO 27001: Establishing an Information Security Management
System (ISMS) to manage sensitive company information
systematically and securely.
• HIPAA (Health Insurance Portability and Accountability Act): If
applicable, ensuring that all measures are taken to protect sensitive
health information.
This security plan aims to protect Wachemo University's data assets
while ensuring compliance with industry standards and regulations.
Regular reviews and updates will be conducted to adapt to evolving
security threats and compliance requirements.
▎ 10:Cost Analysis for Wachemo University Data Center Project

▎Budget Breakdown

1. Hardware Costs:

• Servers:

• Quantity: 9 servers

• Cost per server: 50000ETB

• Total:4500000ETB

• Networking Equipment:

• Routers, switches, and firewalls: $20,000

• Backup Solutions:
 • On-site backup devices: $10,000

• Off-site cloud storage setup: $5,000

• Physical Security Systems:

• Surveillance cameras and access control systems: $15,000

• Total Hardware Costs: $130,000

2. Software Licenses:

• Operating Systems (e.g., Windows Server): $10,000 (for licenses across all servers)

• Virtualization Software (e.g., VMware or Hyper-V): $15,000

• Database Management Systems: $8,000

• Security Software (Anti-virus, Firewalls): $5,000

• Backup and Recovery Software: $7,000

• Total Software Costs: $45,000

3. Maintenance and Operational Costs:

• Annual Maintenance Contracts (Hardware): $10,000

• Software Subscription Renewals: $8,000/year

• Power and Cooling Costs: $12,000/year

• Staff Salaries for IT Personnel (2 staff members): 120,000ETB/year

• Miscellaneous Operational Costs (supplies, training, etc.): 5,0000ETB/year

• Total Annual Operational Costs: $155,000

While the initial investment in the data center project at Wachemo University presents a negative ROI in the first year due to high setup costs, the long-term projections
indicate substantial benefits that will lead to significant net savings over a five-year period. The estimated cumulative savings highlight the potential for the data center
to become a valuable asset for the university's operations and strategic goals.