Write My Paper Button

WhatsApp Widget
Skip to content

Comprehensive Network Design for ShopEase Enterprises: Ensuring Seamless Connectivity and Secure Communication

Comprehensive Network Design for ShopEase Enterprises: Ensuring Seamless Connectivity and Secure Communication

Introduction

The purpose of this project is to make a robust and safe computer network for ShopEase Enterprises, which is a retail business that is active and expanding to a new source. Data synchronization between the new branch and the main store is required and the network must supply seamless connectivity between the two. The main store is contained in a sales floor with PoS terminals, an inventory management area, and an administrative office, for the new branch this layout of devices is similar, but less. Both locations will be connected over a WAN link, and a VPN will be implemented to secure traffic from the two sites. Cisco Packet Tracer is used to simulate and test the design to assure that all devices and connection all work smoothly and securely.

Challenges

When designing a network for ShopEase Enterprises, there are considerable challenges to be addressed. The first hurdle is finding a nice IP addressing scheme. The devices need to work across two physical locations: the network needs to be able to support them without causing IP conflicts, with room to expand at some point in the future. To accomplish this we need a structured way of subnetting, breaking up devices by how they work and this allows you to organize, and do things a more streamlined way. At the request of the analysts, IPsec technology and large scale address sharing methods can improve IP management and security, [1].

The second problem to solve is how to secure communication over the WAN link. In particular, its essential that sensitive data such as sales and inventory is protected inside the connection between the main store and the new branch. An extra layer of security via VPN will be implemented in order to encrypt traffic on the WAN link. In this step complexity is introduced as routers have to be configured correctly with encryption protocols like AES and IPsec to keep the data safe in transmission.

The third challenge is that both stores must have stable, fast inter site connectivity for real time data synchronization between them. If your system is unstable or network latency is a problem, you could lose data, or simply not receive it on time, which can be detrimental to inventory management and sales tracking. Optimal network operation should rely on reliable and high bandwidth WAN connections and planning for redundancy in case of failures.

Project Hardware Requirements

Essential hardware for both locations is figured for the network design for ShopEase Enterprises. 6 PoS terminals and 3 workstations for inventory at the main store are connected to a Cisco 2960 switch and traffic is directed to a Cisco 2911 router for WAN and internet access. Invoicing also has a network printer included as in the structure of the network printer. They are 4 workstations, 2 servers on sales and inventory management on the first floor. The new branch has 4 Cisco PoS terminals, 1 workstation, connected through a Cisco 2960 switch and Cisco 2911 router to a local server. The new branch has the same setup as before to make this scalable and reliable, as with the enterprise level VPN recommendations [2].

Network Design in Packet Tracer

To make sure ShopEase Enterprises network worked properly and was connected to another location, I implemented and simulated Cisco Packet Tracer. The main stores network topology consists of two main components: including a first floor for administrative tasks and server operations and a ground floor PoS terminal and inventory workstation network. There are two types of devices, all of which are connected to a Cisco 2960 switch which forwards data onto a Cisco 2911 router for internet access and WAN connectivity. There is also a network printer for printing invoices.

In the Figure 1, we depict the new branchs topology, and it consists of a Cisco 2960 switch connecting PoS terminals, workstation and a local server. Internet access and then a secure connection through to the main store to the WAN link on a Cisco 2911 router. A WAN link is used to connect the main store to the branch and a site to site VPN is placed over the connection to secure data transmissions made by the data to the site between the branch and main store. To secure sensitive sales and inventory data while traveling across networks, the VPN encrypts this with AES encryption using IPsec.

Figure 1: Network Design in Packet Tracer

All devices can communicate with each other unimpeded and secured. When it comes to a topology diagram, that clearly shows what devices are arranged how and how theyre connected together, so that the network is properly sorted and logically organized.

7. IP Addressing Scheme

The communication of the devices in the main store and the new branch can be divided efficiency by the scheme of addressing the IP of ShopEase Enterprises. For both locations, a Class C IP range is used and selected device groups receive different subnets. For the PoS terminals, 192.168.10.0/24 subnet for the 192.168.20.0/24 subnet for workstations and the 192.168.30.0 /24 subnet for servers. However, this means that we’ve separated out subnets so that each device group has its own independent network, making it easy to manage and troubleshoot networks.

A similar structure is used at the new branch. PoS terminals take the 192.168.40.0/24 subnet and the workstation and local server are on the 192.168.50.0/24 subnet. The link between the routers from both stores is done over a WAN subnet in 10.0.0.0/30 range. With this, the subnetting strategy allows the traffic to be routed efficiently with no IP conflicts, and space for future expansion in the event of others adding more devices to the network.

Security Approaches

The network design for the ShopEase Enterprises is very important security. A number of protections have been taken to guard the network against unauthorised access and data transmission. Such studies include network security of complex critical systems like healthcare and retail where the use of firewalls at internet access points on main store and new branch substantially curtails inbound and outbound traffic thereby significantly reducing possibility of external cyber threats [3]. Configured on these firewalls, the legitimate traffic is allowed and suspicious and unauthorized accesses to fire are blocked.

A VPN is also configured across the WAN link between the main store and the new branch for the protection of communication between the main store and the branch. Like in SCADA systems, which need to ensure operating in safe industrial processes, the VPN uses IPsec with AES encryption, and thus provides robust data protection in transmission [4]. Protecting sensitive sales and inventory data as it travels across the public internet is increasingly important. The combination of firewalls and VPNs will keep both stores safe from cyber threats and keep their communication safe as well.

Limitations

he ShopEase Enterprises network design satisfies the needs of the current company but has some limitations to be observed. Theres also a limitation in future hardware constraints. This has a special usability when the company grows, more devices may need to be added to the network and therefore you may need more switches, routers, servers, Tthis could also complicate the network and lead to more manageability and maintenance.

A second limitation is the bandwidth of the WAN link between the main store and the new branch. If more data is synchronized between the two locations, the WAN link may start to be a bottleneck, which will affect the performance on the network.

Conclusion

In conclusion, the design of the network for ShopEase Enterprises has met the desires of the shop: easy connection, safe communication, between the main store and the new branch. The network is able to provide real time data synchronization supported by efficient IP addressing scheme, robust hardware components and strong security measures such as firewalls and VPNs, with sensitive information securely provided to any remote node. Being scalable and flexible creates a future expansion path for the design since the company grows, keeping ShopEase Enterprises connected and secured.

References

ADDIN ZOTERO_BIBL {“uncited”:[],”omitted”:[],”custom”:[]} CSL_BIBLIOGRAPHY [1]S. Zander and D. Murray, Share or Not: Investigating the Presence of Large-Scale Address Sharing in the Internet, in 2017 IEEE 42nd Conference on Local Computer Networks (LCN), Oct. 2017, pp. 243251. doi: 10.1109/LCN.2017.85.

[2]Z. Wu, Y. Zhang, and M. Xiao, Topology Design of VPN Based on Communication Performance and Server Load, in 2019 International Conference on Communications, Information System and Computer Engineering (CISCE), Jul. 2019, pp. 130135. doi: 10.1109/CISCE.2019.00037.

[3]T. A. Wani, A. Mendoza, K. Gray, and F. Smolenaers, Status of bring-your-own-device (BYOD) security practices in Australian hospitals A national survey, Health Policy and Technology, vol. 11, no. 3, p. 100627, Sep. 2022, doi: 10.1016/j.hlpt.2022.100627.

[4]Y. Cherdantseva et al., A review of cyber security risk assessment methods for SCADA systems, Computers & Security, vol. 56, pp. 127, Feb. 2016, doi: 10.1016/j.cose.2015.09.009.

Figma Prototype Screenshots

Figma link = https://www.figma.com/proto/hz6IapZoxWiEXBfoETCuj3/Twitter-UI%2FUX-Design?node-id=0-3&t=b0hLWCrR2eMusuBi-1