SlideShare a Scribd company logo

Design and Simulation of Secure Network for University Campus

I
ijtsrd

The document discusses the design and simulation of a secure network for a university campus, focusing on issues like poor network design and security attacks. It presents solutions such as VLANs, port security, and access control lists, implemented and tested using simulation software. The results demonstrate improved network management and security, ensuring that only authorized devices have access and that network traffic is efficiently controlled.

Education
1 of 5
Download to read offline
1
2
Most read
3
4
Most read
5
International Journal of Trend in Scientific Research and Development (IJTSRD) Volume 3 Issue 5, August 2019 Available Online: www.ijtsrd.com e-ISSN: 2456 – 6470 @ IJTSRD | Unique Paper ID – IJTSRD26568 | Volume – 3 | Issue – 5 | July - August 2019 Page 1023 Design and Simulation of Secure Network for University Campus Mon Mon Aye1, Zar Chi Soe2 1Lecturer, Department of Electronic Engineering, Pyay Technological University, bago, Myanmar 2Lecturer, Department of Electronic Engineering, Technological University, Hinthata Myanmar How to cite this paper: Mon Mon Aye | Zar Chi Soe "Design and Simulation of Secure Network for University Campus" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456- 6470, Volume-3 | Issue-5, August 2019, pp.1023-1027, https://doi.org/10.31142/ijtsrd26568 Copyright © 2019 by author(s) and International Journalof Trendin Scientific Research and Development Journal. This is an Open Access article distributed under the terms of the Creative CommonsAttribution License (CC BY 4.0) (http://creativecommons.org/licenses/by /4.0) ABSTRACT Today’s wireless network has come to stay as an essential tool of communication in education sector. These sectors have started deploying computers to perform their daily work such as studying and learning and access resources from their network. This technology has enabled to learn much faster and more conveniently.Therearesomeproblemsstillfacedbythe users such as poor network design by having large broadcast within the network and various security attacks. These problems can be solved by implementing VLAN (Virtual Local Area Network), PS (Port Security in switches) and ACL (Access Control List). They have been simulated in packet tracer 6.3 software. KEYWORDS: Education sector, Virtual Local Area Network, Port security, Access Control List I. INTRODUCTION Network security is the process that information assets are protected [1]. Education sector network is set of virtual local area networks (VLAN), which are virtual divided for increasing the performance of network and increases campus network management with security. ACL is a setofcommandsgrouped together to filter the traffic that enters and leaves the interface. A. Virtual Local Area Network VLAN is a logical partition of a layer 2 network. Multiple partitions can be created allowing for multiple VLANs to co-exist. Each VLAN is a broadcast domain, usually with its own IP network. This technology is used to segment a complex network into smaller networks for better manageability, improved performance and security. Implementing VLAN for any network will achieve the following benefits: Easily relocate PCs on LAN (Local Area Network) Easily modify configuration Easily add or remove hosts to or from the LAN Easily control network traffic between the LAN Improve network security Reduce the cost Easily manage the network administrations [6]. B. Port Security Port security limits the number of valid Media Access Control (MAC) addresses allowed on a port. The MAC addresses of legitimate devices are allowed access, while other MAC addresses are denied. Any additional attempts to connect by unknown MAC addresses generate a security violation. Follow these guidelines when port security configures: A secure port cannot be a trunk port. A secure port cannot be a destination port for Switch Port Analyzer. A secure port cannot belong to an Ether Channel port- channel interface. A secure port and static MAC address configuration are mutually exclusive. C. Access Control List ACLs are basically a set of commands, grouped together bya number or name that is used to filter traffic entering or leaving an interface. It is a table that tells a computer operating system which gives access rights foreach usertoa particular system object. ACL can be used to prevent some packets flow through the network. Implementing ACL will achieve the following: Prevent unwanted traffic in the network Protect critical devices existing in the network Prevent users from using systems [6]. II. VLAN IMPLEMENTATION The requirements for new design are Cisco layer 2 switches and layer three devices to carry out the new setup. The organization need to purchase the managed switch which supports the VLAN interface. VLAN should be membership by using port number. All ports or interfaces in the switch are considered in one VLAN and one broadcast domain. The solution for this problem is by configuring VLAN in the switches and to put some ports into one broadcast domain and some into another broadcast within thesameswitch. So, this will segment hosts into smaller LAN to reduce overhead caused to each device. Administrator has created VLAN for each department then enabled the communication between IJTSRD26568
International Journal of Trend in Scientific Research and Development (IJTSRD) @ www.ijtsrd.com eISSN: 2456-6470 @ IJTSRD | Unique Paper ID – IJTSRD26568 | Volume – 3 | Issue – 5 | July - August 2019 Page 1024 them by using layer three devices. Each switch can carry more than one VLAN as shown in Fig. 1. This networkdesign has a total number of eight VLANs. The hosts in the same VLAN are able to communicate with each other but hosts from different VLANs are not. To achieve full connectivity, the router is connected. The router had one of its interface connected to the main switch and the other to the switch connected server firm representing DNS and Web. Each of them has its default gateway. Each VLAN can assign to each department according to the organization requirements shown in Table 1. Figure1. Implementation of VLAN Table1. Assigning Switch Port to VLANs III. VLAN CONFIGURATION First of all, four VLANs are created on main switch and named. Fig. 2 shows commands for VLAN. In thissectionwill be configured in access mode to all the interfaces of the switches that are connected to end devices such as computers and will be allowed the access of a single VLAN per interface. Fig. 3 shows the switch port command. Figure2. Creating VLAN in Main Switch Figure3. Assigning Ports in Main Switch After all configuration of the networkdesign is complete, itis time to test all network connections are alreadysuccessfully connected by typing ping the destination IP address in the Command Prompt window. Figure4. Testing for Same VLAN If after pinging, it says Reply from destination IP address then the network has been successfully connected. Toverify, the computers that are in the same VLAN have communication. A ping test will be done. Fig. 4 is the result for same VLAN from PC1 to PC2 in the VLAN 6.
International Journal of Trend in Scientific Research and Development (IJTSRD) @ www.ijtsrd.com eISSN: 2456-6470 @ IJTSRD | Unique Paper ID – IJTSRD26568 | Volume – 3 | Issue – 5 | July - August 2019 Page 1025 Figure5. Testing for Different VLANs Figure6. Testing for Inter VLANs Fig. 5 is the result that test in different VLANs which is from VLAN 6 to VLAN 7. Fig. 6 is the result of the inter VLAN from Civil Department to EC Department. It is the testing from VLAN 2 to VLAN 3. IV. PS IMPLEMENTATION AND TESTING All switches can be secured by not allowing other devices to connect to the ports already in use. If unauthorized PC or laptops try to connect with the switch, datawillbegotten the unauthorized PC or laptops. To prevent this condition, all interfaces of all switches can be configured the port security commands. After configuration, the switch associates that port with the device’s MAC address and anyother device will be denied. When unauthorized PC or laptop connects, the port will be turn off. Fig. 7 illustrates commands for port security. The fourth command actually indicates that only one device is allowed to be connected to that specific port and the third command indicates the allowed device. The switch associates that port with the device’s MAC-address. After configuration of the port security, Fig. 8 is the result that the unauthorized PC or laptop cannot connect to the switch. Figure7. Configuration Port Security Figure8. Testing for Port Security V. ACL IMPLEMENTATION AND TESTING To control and secure the network, the access control list was configure. Access lists have to configure the router that connected the web server. In access list configuration, two basic steps require to be accomplished. The first step is to create an access list definition and the second step is to apply the access list to an interface. In the router, accesslists was created, then configure the router’s interfaceconnected to the Web server. Fig. 9 is the creating the accesslist andthe applying the access list to an interface Ethernet 1/0.
International Journal of Trend in Scientific Research and Development (IJTSRD) @ www.ijtsrd.com eISSN: 2456-6470 @ IJTSRD | Unique Paper ID – IJTSRD26568 | Volume – 3 | Issue – 5 | July - August 2019 Page 1026 Figure9. Creating and Applying Access List Each server must be responsible foronlyonejob. DNSserver is responsible for resolving a name to an IP address. Web server is only responsible for http services. Fig. 10 is the configuration of the DNS Server. Fig. 11 is the configuration of the web server. Figure10. DNS Server Configuration Figure11. Web Server Configuration Fig. 12 and Fig. 13 are results that PC0 (VLAN2) pingtheweb server before and after configuration of the access control list. Figure12. Testing Result for Before Configuration of ACL Figure13. Testing Result for After Configuration of ACL VI. CONCLUSION Network architecture and its security are important any organization. VLANs are also used as a means of providing WAN (Wide Area Network) and MAN (Metropolitan Area Network) services. Access Control List has been used to enforce better security and to filter unwanted packets. ACKNOWLEDGEMENT I would wish to acknowledge the many colleagues at Pyay Technological University who have contributed to the passing this research paper. REFERENCES [1] Kim J., Lee K., Lee C., “Design and Implementation of Integrated Security Engine for Secure Networking”, In Proceedings International Conference on Advnaced Communication Technology, 2004. [2] Computer Networks, 4th Edition Tanenbaum, A. S. Prentice Hall 2004. [3] A. Velte and T. Velte. “Cisco: A Beginner’s Guide”, McGraw-Hill Inc. 3rd edition, 2004.
International Journal of Trend in Scientific Research and Development (IJTSRD) @ www.ijtsrd.com eISSN: 2456-6470 @ IJTSRD | Unique Paper ID – IJTSRD26568 | Volume – 3 | Issue – 5 | July - August 2019 Page 1027 [4] Alabady S., “Design and Implementation of a Network Security Model using Static VLAN and AAA Server”, In Proceedings International Conference on Information & Communication Technologies: from Theory to Applications, ICTTA, 2008. [5] Computer and Network Technology:Proceedingsofthe International Conference on ICCNT 2009: Zhou, Jianhong Mahadevan, Venkatesh, World Scientific Publishing Co. [6] CCNA Security Study Guide: Exam 640-553, Boyles, Tim, Sybex. [7] Abubucker Samsudeen Shaffi, “Effective Implementation of VLAN and ACL in Local Area Network” In Proceedings JITBM & ARF, 2012. [8] Cisco Systems Inc. http://www.cisco.com [9] Sharat Kaushik, Anita Tomar, Poonam, “AccessControl List Implementation in a Private Network”, International Journal of Information & Computation Technology, Vol. 4, No. 14, 2014, pp. 1361-1366.

More Related Content

PDF
IRJET - Implementation of Network Security and Traffic Filtering using Access...
IRJET Journal
 
PDF
ccna 1 v5.0 itn practice final exam answers
Đồng Quốc Vương
 
DOCX
Ccna 1 practice final exam answer v5
friv4schoolgames
 
PDF
Ccna 1 4
Vahdet Shehu
 
PDF
Ccna 4 Chapter 8 V4.0 Answers
ccna4discovery
 
PDF
Executive presentation3
MIDAUTEL
 
DOCX
Ch6 ccna exploration 3 lan switching and wireless
kratos2424
 
DOC
Ccna 3 chapter 7 v4.0 answers 2011
Dân Chơi
 
IRJET - Implementation of Network Security and Traffic Filtering using Access...
IRJET Journal
 
ccna 1 v5.0 itn practice final exam answers
Đồng Quốc Vương
 
Ccna 1 practice final exam answer v5
friv4schoolgames
 
Ccna 1 4
Vahdet Shehu
 
Ccna 4 Chapter 8 V4.0 Answers
ccna4discovery
 
Executive presentation3
MIDAUTEL
 
Ch6 ccna exploration 3 lan switching and wireless
kratos2424
 
Ccna 3 chapter 7 v4.0 answers 2011
Dân Chơi
 

What's hot (19)

PDF
200-125-ccna-v3
Ibby Nuj
 
TXT
Chapter 7 exam
reiryuzaki
 
PDF
Wireless security
Salma Elhag
 
PDF
FINAL PAPER FN311 INTERNET SERVICES
Amira Dolce Farhana
 
PDF
CCNA Quick Notes
Eng. Emad Al-Atoum
 
PDF
Ccna1 v6.0 pretest exam answers 2018
Download Mipdfcom
 
PDF
CCNA 1 v6.0 Final Exam Answers Option B 2018
Download Mipdfcom
 
PDF
De-Authentication attack on wireless network 802.11i using Kali Linux
IRJET Journal
 
PPT
CCNA Icnd110 s04l02
computerlenguyen
 
PDF
Cisco discovery d homesb module 7 - v.4 in english.
igede tirtanata
 
PDF
IRJET- Secured LAN Network Topology of a Small Office with Redundancy
IRJET Journal
 
PPT
CCNA Icnd110 s04l04
computerlenguyen
 
PPT
CCNA Icnd110 s04l03
computerlenguyen
 
PPT
CCNA Icnd110 s02l08
computerlenguyen
 
PPT
CCNA Chapter1
Mohammed Ali
 
PDF
NetSim Technology Library- Internetworks
Vishal Sharma
 
PPTX
CCNA 1 Routing and Switching v5.0 Chapter 6
Nil Menon
 
PDF
Brk 135 t-ccna_switching
parthasn83
 
PPTX
Set review 1
Ankita Mandekar
 
200-125-ccna-v3
Ibby Nuj
 
Chapter 7 exam
reiryuzaki
 
Wireless security
Salma Elhag
 
FINAL PAPER FN311 INTERNET SERVICES
Amira Dolce Farhana
 
CCNA Quick Notes
Eng. Emad Al-Atoum
 
Ccna1 v6.0 pretest exam answers 2018
Download Mipdfcom
 
CCNA 1 v6.0 Final Exam Answers Option B 2018
Download Mipdfcom
 
De-Authentication attack on wireless network 802.11i using Kali Linux
IRJET Journal
 
CCNA Icnd110 s04l02
computerlenguyen
 
Cisco discovery d homesb module 7 - v.4 in english.
igede tirtanata
 
IRJET- Secured LAN Network Topology of a Small Office with Redundancy
IRJET Journal
 
CCNA Icnd110 s04l04
computerlenguyen
 
CCNA Icnd110 s04l03
computerlenguyen
 
CCNA Icnd110 s02l08
computerlenguyen
 
CCNA Chapter1
Mohammed Ali
 
NetSim Technology Library- Internetworks
Vishal Sharma
 
CCNA 1 Routing and Switching v5.0 Chapter 6
Nil Menon
 
Brk 135 t-ccna_switching
parthasn83
 
Set review 1
Ankita Mandekar
 
Ad

Similar to Design and Simulation of Secure Network for University Campus (20)

PDF
Design and Implementation of Network Security using Inter-VLAN-Routing and DHCP
Associate Professor in VSB Coimbatore
 
PDF
Network Monitoring in the age of the Cloud
Augusto Ciuffoletti
 
PDF
manual on networking cabling with pratical guide
NuhuSamaila
 
PDF
CCNA-lab-Manual.pdf
DrPreethiD1
 
PPTX
Inter vlan routing plus configuration
Mohammedseleim
 
PDF
Examen1ccna3v5.0
Juan Carlos Banegas
 
PPTX
Vlans and inter vlan routing
Mohammedseleim
 
PDF
IRJET - Implementation of Firewall in a Cooperate Environment
IRJET Journal
 
DOC
Banking and ATM networking reports
Shakib Ansaar
 
PDF
International Journal of Engineering Research and Development
IJERD Editor
 
PPTX
Encor chapter 1_packet forwarding
merhatsidikmelke
 
PDF
A Review of Cybersecurity in Power Substations
IRJET Journal
 
PPTX
Presentation on ccna
Rahul Kumar
 
PPTX
Presentation on ccna
Rahul Kumar
 
PDF
Final project report
RaziaSultanaHimu
 
PDF
Cisco Packet Tracer- SRWE_Module_4_Inter_VLAN.pdf
syujatkj5
 
PDF
Configuring lifa for remote communication using web architecture
Vatsal N Shah
 
PPT
Vlan configuration in medium sized network
Arnold Derrick Kinney
 
PDF
Experimental Analysis of Small Internetwork using OPNET 9.1
International Journal of Engineering Inventions www.ijeijournal.com
 
PDF
SDN: A New Approach to Networking Technology
IRJET Journal
 
Design and Implementation of Network Security using Inter-VLAN-Routing and DHCP
Associate Professor in VSB Coimbatore
 
Network Monitoring in the age of the Cloud
Augusto Ciuffoletti
 
manual on networking cabling with pratical guide
NuhuSamaila
 
CCNA-lab-Manual.pdf
DrPreethiD1
 
Inter vlan routing plus configuration
Mohammedseleim
 
Examen1ccna3v5.0
Juan Carlos Banegas
 
Vlans and inter vlan routing
Mohammedseleim
 
IRJET - Implementation of Firewall in a Cooperate Environment
IRJET Journal
 
Banking and ATM networking reports
Shakib Ansaar
 
International Journal of Engineering Research and Development
IJERD Editor
 
Encor chapter 1_packet forwarding
merhatsidikmelke
 
A Review of Cybersecurity in Power Substations
IRJET Journal
 
Presentation on ccna
Rahul Kumar
 
Presentation on ccna
Rahul Kumar
 
Final project report
RaziaSultanaHimu
 
Cisco Packet Tracer- SRWE_Module_4_Inter_VLAN.pdf
syujatkj5
 
Configuring lifa for remote communication using web architecture
Vatsal N Shah
 
Vlan configuration in medium sized network
Arnold Derrick Kinney
 
Experimental Analysis of Small Internetwork using OPNET 9.1
International Journal of Engineering Inventions www.ijeijournal.com
 
SDN: A New Approach to Networking Technology
IRJET Journal
 
Ad

More from ijtsrd (20)

PDF
A Study of School Dropout in Rural Districts of Darjeeling and Its Causes
ijtsrd
 
PDF
Pre extension Demonstration and Evaluation of Soybean Technologies in Fedis D...
ijtsrd
 
PDF
Pre extension Demonstration and Evaluation of Potato Technologies in Selected...
ijtsrd
 
PDF
Pre extension Demonstration and Evaluation of Animal Drawn Potato Digger in S...
ijtsrd
 
PDF
Pre extension Demonstration and Evaluation of Drought Tolerant and Early Matu...
ijtsrd
 
PDF
Pre extension Demonstration and Evaluation of Double Cropping Practice Legume...
ijtsrd
 
PDF
Pre extension Demonstration and Evaluation of Common Bean Technology in Low L...
ijtsrd
 
PDF
Enhancing Image Quality in Compression and Fading Channels A Wavelet Based Ap...
ijtsrd
 
PDF
Manpower Training and Employee Performance in Mellienium Ltdawka, Anambra State
ijtsrd
 
PDF
A Statistical Analysis on the Growth Rate of Selected Sectors of Nigerian Eco...
ijtsrd
 
PDF
Automatic Accident Detection and Emergency Alert System using IoT
ijtsrd
 
PDF
Corporate Social Responsibility Dimensions and Corporate Image of Selected Up...
ijtsrd
 
PDF
The Role of Media in Tribal Health and Educational Progress of Odisha
ijtsrd
 
PDF
Advancements and Future Trends in Advanced Quantum Algorithms A Prompt Scienc...
ijtsrd
 
PDF
A Study on Seismic Analysis of High Rise Building with Mass Irregularities, T...
ijtsrd
 
PDF
Descriptive Study to Assess the Knowledge of B.Sc. Interns Regarding Biomedic...
ijtsrd
 
PDF
Performance of Grid Connected Solar PV Power Plant at Clear Sky Day
ijtsrd
 
PDF
Vitiligo Treated Homoeopathically A Case Report
ijtsrd
 
PDF
Vitiligo Treated Homoeopathically A Case Report
ijtsrd
 
PDF
Uterine Fibroids Homoeopathic Perspectives
ijtsrd
 
A Study of School Dropout in Rural Districts of Darjeeling and Its Causes
ijtsrd
 
Pre extension Demonstration and Evaluation of Soybean Technologies in Fedis D...
ijtsrd
 
Pre extension Demonstration and Evaluation of Potato Technologies in Selected...
ijtsrd
 
Pre extension Demonstration and Evaluation of Animal Drawn Potato Digger in S...
ijtsrd
 
Pre extension Demonstration and Evaluation of Drought Tolerant and Early Matu...
ijtsrd
 
Pre extension Demonstration and Evaluation of Double Cropping Practice Legume...
ijtsrd
 
Pre extension Demonstration and Evaluation of Common Bean Technology in Low L...
ijtsrd
 
Enhancing Image Quality in Compression and Fading Channels A Wavelet Based Ap...
ijtsrd
 
Manpower Training and Employee Performance in Mellienium Ltdawka, Anambra State
ijtsrd
 
A Statistical Analysis on the Growth Rate of Selected Sectors of Nigerian Eco...
ijtsrd
 
Automatic Accident Detection and Emergency Alert System using IoT
ijtsrd
 
Corporate Social Responsibility Dimensions and Corporate Image of Selected Up...
ijtsrd
 
The Role of Media in Tribal Health and Educational Progress of Odisha
ijtsrd
 
Advancements and Future Trends in Advanced Quantum Algorithms A Prompt Scienc...
ijtsrd
 
A Study on Seismic Analysis of High Rise Building with Mass Irregularities, T...
ijtsrd
 
Descriptive Study to Assess the Knowledge of B.Sc. Interns Regarding Biomedic...
ijtsrd
 
Performance of Grid Connected Solar PV Power Plant at Clear Sky Day
ijtsrd
 
Vitiligo Treated Homoeopathically A Case Report
ijtsrd
 
Vitiligo Treated Homoeopathically A Case Report
ijtsrd
 
Uterine Fibroids Homoeopathic Perspectives
ijtsrd
 

Recently uploaded (20)

PPTX
PPT- ENG7_QUARTER1_LESSON1_WEEK1. IMAGERY -DESCRIPTIONS pptx.pptx
KMDee
 
PPTX
Cell Structure & Organelles in detailed.
DHANASHREESIVAKUMAR
 
PDF
Module 4: Burden of Disease Tutorial Slides S2 2025
Jonathan Hallett
 
PDF
STATICS OF THE RIGID BODIES Hibbelers.pdf
pascualasturiaskaye4
 
PDF
ANTIBIOTICS.pptx.pdf………………… xxxxxxxxxxxxx
HakHe
 
PDF
A systematic review of self-coping strategies used by university students to ...
CleeveMoralde1
 
PPTX
Final Presentation General Medicine 03-08-2024.pptx
ZaheerAhmad228692
 
PDF
FourierSeries-QuestionsWithAnswers(Part-A).pdf
Raji Murugan
 
PDF
RMMM.pdf make it easy to upload and study
sajedul2
 
PDF
O5-L3 Freight Transport Ops (International) V1.pdf
labyankof
 
PDF
Black Hat USA 2025 - Micro ICS Summit - ICS/OT Threat Landscape
Chris Sistrunk
 
PPTX
Introduction-to-Literarature-and-Literary-Studies-week-Prelim-coverage.pptx
EricaRamos80
 
PDF
Computing-Curriculum for Schools in Ghana
abigailanane203
 
PPTX
Institutional Correction lecture only . . .
limvtheghins
 
PDF
Complications of Minimal Access Surgery at WLH
mohitsuren827
 
PDF
OBE - B.A.(HON'S) IN INTERIOR ARCHITECTURE -Ar.MOHIUDDIN.pdf
ArchitectAFMMohiuddi
 
PDF
102 student loan defaulters named and shamed – Is someone you know on the list?
Kweku Zurek
 
PDF
Chinmaya Tiranga quiz Grand Finale.pdf
Nitin Suresh
 
PDF
GENETICS IN BIOLOGY IN SECONDARY LEVEL FORM 3
ElishamichaelSamwel
 
PDF
VCE English Exam - Section C Student Revision Booklet
jpinnuck
 
PPT- ENG7_QUARTER1_LESSON1_WEEK1. IMAGERY -DESCRIPTIONS pptx.pptx
KMDee
 
Cell Structure & Organelles in detailed.
DHANASHREESIVAKUMAR
 
Module 4: Burden of Disease Tutorial Slides S2 2025
Jonathan Hallett
 
STATICS OF THE RIGID BODIES Hibbelers.pdf
pascualasturiaskaye4
 
ANTIBIOTICS.pptx.pdf………………… xxxxxxxxxxxxx
HakHe
 
A systematic review of self-coping strategies used by university students to ...
CleeveMoralde1
 
Final Presentation General Medicine 03-08-2024.pptx
ZaheerAhmad228692
 
FourierSeries-QuestionsWithAnswers(Part-A).pdf
Raji Murugan
 
RMMM.pdf make it easy to upload and study
sajedul2
 
O5-L3 Freight Transport Ops (International) V1.pdf
labyankof
 
Black Hat USA 2025 - Micro ICS Summit - ICS/OT Threat Landscape
Chris Sistrunk
 
Introduction-to-Literarature-and-Literary-Studies-week-Prelim-coverage.pptx
EricaRamos80
 
Computing-Curriculum for Schools in Ghana
abigailanane203
 
Institutional Correction lecture only . . .
limvtheghins
 
Complications of Minimal Access Surgery at WLH
mohitsuren827
 
OBE - B.A.(HON'S) IN INTERIOR ARCHITECTURE -Ar.MOHIUDDIN.pdf
ArchitectAFMMohiuddi
 
102 student loan defaulters named and shamed – Is someone you know on the list?
Kweku Zurek
 
Chinmaya Tiranga quiz Grand Finale.pdf
Nitin Suresh
 
GENETICS IN BIOLOGY IN SECONDARY LEVEL FORM 3
ElishamichaelSamwel
 
VCE English Exam - Section C Student Revision Booklet
jpinnuck
 

Design and Simulation of Secure Network for University Campus

  • 1. International Journal of Trend in Scientific Research and Development (IJTSRD) Volume 3 Issue 5, August 2019 Available Online: www.ijtsrd.com e-ISSN: 2456 – 6470 @ IJTSRD | Unique Paper ID – IJTSRD26568 | Volume – 3 | Issue – 5 | July - August 2019 Page 1023 Design and Simulation of Secure Network for University Campus Mon Mon Aye1, Zar Chi Soe2 1Lecturer, Department of Electronic Engineering, Pyay Technological University, bago, Myanmar 2Lecturer, Department of Electronic Engineering, Technological University, Hinthata Myanmar How to cite this paper: Mon Mon Aye | Zar Chi Soe "Design and Simulation of Secure Network for University Campus" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456- 6470, Volume-3 | Issue-5, August 2019, pp.1023-1027, https://doi.org/10.31142/ijtsrd26568 Copyright © 2019 by author(s) and International Journalof Trendin Scientific Research and Development Journal. This is an Open Access article distributed under the terms of the Creative CommonsAttribution License (CC BY 4.0) (http://creativecommons.org/licenses/by /4.0) ABSTRACT Today’s wireless network has come to stay as an essential tool of communication in education sector. These sectors have started deploying computers to perform their daily work such as studying and learning and access resources from their network. This technology has enabled to learn much faster and more conveniently.Therearesomeproblemsstillfacedbythe users such as poor network design by having large broadcast within the network and various security attacks. These problems can be solved by implementing VLAN (Virtual Local Area Network), PS (Port Security in switches) and ACL (Access Control List). They have been simulated in packet tracer 6.3 software. KEYWORDS: Education sector, Virtual Local Area Network, Port security, Access Control List I. INTRODUCTION Network security is the process that information assets are protected [1]. Education sector network is set of virtual local area networks (VLAN), which are virtual divided for increasing the performance of network and increases campus network management with security. ACL is a setofcommandsgrouped together to filter the traffic that enters and leaves the interface. A. Virtual Local Area Network VLAN is a logical partition of a layer 2 network. Multiple partitions can be created allowing for multiple VLANs to co-exist. Each VLAN is a broadcast domain, usually with its own IP network. This technology is used to segment a complex network into smaller networks for better manageability, improved performance and security. Implementing VLAN for any network will achieve the following benefits: Easily relocate PCs on LAN (Local Area Network) Easily modify configuration Easily add or remove hosts to or from the LAN Easily control network traffic between the LAN Improve network security Reduce the cost Easily manage the network administrations [6]. B. Port Security Port security limits the number of valid Media Access Control (MAC) addresses allowed on a port. The MAC addresses of legitimate devices are allowed access, while other MAC addresses are denied. Any additional attempts to connect by unknown MAC addresses generate a security violation. Follow these guidelines when port security configures: A secure port cannot be a trunk port. A secure port cannot be a destination port for Switch Port Analyzer. A secure port cannot belong to an Ether Channel port- channel interface. A secure port and static MAC address configuration are mutually exclusive. C. Access Control List ACLs are basically a set of commands, grouped together bya number or name that is used to filter traffic entering or leaving an interface. It is a table that tells a computer operating system which gives access rights foreach usertoa particular system object. ACL can be used to prevent some packets flow through the network. Implementing ACL will achieve the following: Prevent unwanted traffic in the network Protect critical devices existing in the network Prevent users from using systems [6]. II. VLAN IMPLEMENTATION The requirements for new design are Cisco layer 2 switches and layer three devices to carry out the new setup. The organization need to purchase the managed switch which supports the VLAN interface. VLAN should be membership by using port number. All ports or interfaces in the switch are considered in one VLAN and one broadcast domain. The solution for this problem is by configuring VLAN in the switches and to put some ports into one broadcast domain and some into another broadcast within thesameswitch. So, this will segment hosts into smaller LAN to reduce overhead caused to each device. Administrator has created VLAN for each department then enabled the communication between IJTSRD26568
  • 2. International Journal of Trend in Scientific Research and Development (IJTSRD) @ www.ijtsrd.com eISSN: 2456-6470 @ IJTSRD | Unique Paper ID – IJTSRD26568 | Volume – 3 | Issue – 5 | July - August 2019 Page 1024 them by using layer three devices. Each switch can carry more than one VLAN as shown in Fig. 1. This networkdesign has a total number of eight VLANs. The hosts in the same VLAN are able to communicate with each other but hosts from different VLANs are not. To achieve full connectivity, the router is connected. The router had one of its interface connected to the main switch and the other to the switch connected server firm representing DNS and Web. Each of them has its default gateway. Each VLAN can assign to each department according to the organization requirements shown in Table 1. Figure1. Implementation of VLAN Table1. Assigning Switch Port to VLANs III. VLAN CONFIGURATION First of all, four VLANs are created on main switch and named. Fig. 2 shows commands for VLAN. In thissectionwill be configured in access mode to all the interfaces of the switches that are connected to end devices such as computers and will be allowed the access of a single VLAN per interface. Fig. 3 shows the switch port command. Figure2. Creating VLAN in Main Switch Figure3. Assigning Ports in Main Switch After all configuration of the networkdesign is complete, itis time to test all network connections are alreadysuccessfully connected by typing ping the destination IP address in the Command Prompt window. Figure4. Testing for Same VLAN If after pinging, it says Reply from destination IP address then the network has been successfully connected. Toverify, the computers that are in the same VLAN have communication. A ping test will be done. Fig. 4 is the result for same VLAN from PC1 to PC2 in the VLAN 6.
  • 3. International Journal of Trend in Scientific Research and Development (IJTSRD) @ www.ijtsrd.com eISSN: 2456-6470 @ IJTSRD | Unique Paper ID – IJTSRD26568 | Volume – 3 | Issue – 5 | July - August 2019 Page 1025 Figure5. Testing for Different VLANs Figure6. Testing for Inter VLANs Fig. 5 is the result that test in different VLANs which is from VLAN 6 to VLAN 7. Fig. 6 is the result of the inter VLAN from Civil Department to EC Department. It is the testing from VLAN 2 to VLAN 3. IV. PS IMPLEMENTATION AND TESTING All switches can be secured by not allowing other devices to connect to the ports already in use. If unauthorized PC or laptops try to connect with the switch, datawillbegotten the unauthorized PC or laptops. To prevent this condition, all interfaces of all switches can be configured the port security commands. After configuration, the switch associates that port with the device’s MAC address and anyother device will be denied. When unauthorized PC or laptop connects, the port will be turn off. Fig. 7 illustrates commands for port security. The fourth command actually indicates that only one device is allowed to be connected to that specific port and the third command indicates the allowed device. The switch associates that port with the device’s MAC-address. After configuration of the port security, Fig. 8 is the result that the unauthorized PC or laptop cannot connect to the switch. Figure7. Configuration Port Security Figure8. Testing for Port Security V. ACL IMPLEMENTATION AND TESTING To control and secure the network, the access control list was configure. Access lists have to configure the router that connected the web server. In access list configuration, two basic steps require to be accomplished. The first step is to create an access list definition and the second step is to apply the access list to an interface. In the router, accesslists was created, then configure the router’s interfaceconnected to the Web server. Fig. 9 is the creating the accesslist andthe applying the access list to an interface Ethernet 1/0.
  • 4. International Journal of Trend in Scientific Research and Development (IJTSRD) @ www.ijtsrd.com eISSN: 2456-6470 @ IJTSRD | Unique Paper ID – IJTSRD26568 | Volume – 3 | Issue – 5 | July - August 2019 Page 1026 Figure9. Creating and Applying Access List Each server must be responsible foronlyonejob. DNSserver is responsible for resolving a name to an IP address. Web server is only responsible for http services. Fig. 10 is the configuration of the DNS Server. Fig. 11 is the configuration of the web server. Figure10. DNS Server Configuration Figure11. Web Server Configuration Fig. 12 and Fig. 13 are results that PC0 (VLAN2) pingtheweb server before and after configuration of the access control list. Figure12. Testing Result for Before Configuration of ACL Figure13. Testing Result for After Configuration of ACL VI. CONCLUSION Network architecture and its security are important any organization. VLANs are also used as a means of providing WAN (Wide Area Network) and MAN (Metropolitan Area Network) services. Access Control List has been used to enforce better security and to filter unwanted packets. ACKNOWLEDGEMENT I would wish to acknowledge the many colleagues at Pyay Technological University who have contributed to the passing this research paper. REFERENCES [1] Kim J., Lee K., Lee C., “Design and Implementation of Integrated Security Engine for Secure Networking”, In Proceedings International Conference on Advnaced Communication Technology, 2004. [2] Computer Networks, 4th Edition Tanenbaum, A. S. Prentice Hall 2004. [3] A. Velte and T. Velte. “Cisco: A Beginner’s Guide”, McGraw-Hill Inc. 3rd edition, 2004.
  • 5. International Journal of Trend in Scientific Research and Development (IJTSRD) @ www.ijtsrd.com eISSN: 2456-6470 @ IJTSRD | Unique Paper ID – IJTSRD26568 | Volume – 3 | Issue – 5 | July - August 2019 Page 1027 [4] Alabady S., “Design and Implementation of a Network Security Model using Static VLAN and AAA Server”, In Proceedings International Conference on Information & Communication Technologies: from Theory to Applications, ICTTA, 2008. [5] Computer and Network Technology:Proceedingsofthe International Conference on ICCNT 2009: Zhou, Jianhong Mahadevan, Venkatesh, World Scientific Publishing Co. [6] CCNA Security Study Guide: Exam 640-553, Boyles, Tim, Sybex. [7] Abubucker Samsudeen Shaffi, “Effective Implementation of VLAN and ACL in Local Area Network” In Proceedings JITBM & ARF, 2012. [8] Cisco Systems Inc. http://www.cisco.com [9] Sharat Kaushik, Anita Tomar, Poonam, “AccessControl List Implementation in a Private Network”, International Journal of Information & Computation Technology, Vol. 4, No. 14, 2014, pp. 1361-1366.