Infrastructure and Security

Project Deliverable 4: Infrastructure and Security

Section 1: Infrastructure Document

1. Infrastructure Document

a. Design of a logical and physical topographical network layout

Logical Topological Network

The selection of a suitable logical network topology for a reputed organization is essential for the overall business benefit of the organization. As stated by Agrawal (2017), the logical topological network is defined as the theoretical arrangement of physical devices of an organization and the subsequent data transfer between them. The present organization includes the contribution of different devices that consists of Workstations, Computers, Printers, Servers, Routers, and Gateways. As illustrated by Bao & Deng (2017), the devices of the organization are connected using suitable logical network topology. The selection of logical topologies includes Bus, Mesh, Star, Ring, and Hybrid. The selection of a suitable logical topology for the present organization is based on a subsequent discussion about details of logical network topologies.

Bus Topology

The requirements of this topological structure indicate the connection of multiple devices to a single cable connection.

Ring Topology

This network methodology indicates presence of an inherent connection between multiple devices that resembles the ring structure.

Design Selection of Suitable Topology

The previous discussion illustrates the suitability of applying Mesh Topology for effective designing of organizational networks. The logical topology of Mesh Network ensures establishment of reliable connections between the devices present within the organization.

Physical Topological Network

The devices included in the organizational network need to be arranged in a suitable network structure to aide smooth transmission of data from sender to receiver. As observed by Al-hashimi et al. (2018), the perspective of physical relates to practical application of the network that has been theoretically finalized by network experts hired by company leaders. The selection of suitable physical topology networks for the present device network of an organization depends on a subsequent discussion on various topological networks. [Referred to Appendix 1]

Mesh Topology

The provisions of this topology indicate presence of an underlying connection between multiple devices of the organization.

Star Topology

The connection establishment of multiple devices to Single Hub using an intermediate cable is termed as Star Topology.

Hybrid Topology

The Hybrid Topological structure relates to establishment of a single connection between multiple network topologies including Star, Bus, Mesh, and Ring.

Design Selection of Suitable Topology

The preceding discussion about various network topologies reveals the capability of Hybrid Topology to handle the overall requirements of organizational networks. Moreover, the effective design of present network requires the selection of suitable security architectures that ensures safe and secure data transmission from source to origin. As commented by Almuhammadi & Alsaleh (2017), the selection of appropriate network topology indicates a dependency on device right invocation patterns for employees. The device right invocation indicates granting of rights to individuals working for the organization.

The effective location of organizational devices is essential to ensure safe data transmission between sender and receiver. Moreover, the devices possessing crucial information about company secrets that needs to be protected by additional security mechanisms. Furthermore, an organization is divided into intermediate departments that ensure smooth functionality of operation management department of the company. This indicates the designing of a separate network for each department using Mesh Topology and thereby integrating them together using Hybrid Topology.

b. Illustration of Possible Placement Servers

The designing of effective network for an organization depends on the selection of suitable locations for placing devices included in the network. Access grant rights power the devices of the network. As opined by Grusho, Timonina & Shorgin (2017), the access grant rights relate to read-only and write-only. The read-only right relates to access rights that limit a user from altering the concerned data content. Jouini & Rabai (2016) stated that the access right of Read-Only access is presented to lower-level employees of the organizations. On the contrary, the Write-only access rights indicate the right of alteration presented to the user. This access right is reserved for higher-level employees of the organization to ensure safety benefit of the company. Moreover, the presence of essential information having secretive nature needs to be edited by company owners and thereby can be updated by company owners in the Server.

The servers are used for storage purpose of input data within the organizational boundary. According to Ishak et al. (2016), the data content stored within reliable servers requires the application of encryption algorithms to ensure safe disposal of confidential data. In this regard, the present organization requires the deployment of three Servers for each of two departments to store data in a secured environment. The first server is reserved to store confidential company secrets and therefore connected to an external firewall. Moreover, the relevant access right for this server is stipulated at Read-Only for higher-level employees and Read and Write Only for Company Owners. Furthermore, this system is disconnected from the internet to maintain the secrecy of company data. Rajesh (2018) opined that connection of a device containing crucial information to the internet presents potential scope for data theft for external hackers deployed by rival company owners. The second and third servers are interconnected between each other. Additionally, this server needs to be connected to the internet to ensure smooth functioning of the two departments. Moreover, the Printers are placed at strategic locations within the network to ensure easy accessibility of employees working for the organization.

The strategic placement of two Routers for each of the two networks ensures free flowing of internet connectivity within the physical boundary of the organization. The Switch is placed in the middle of the two networks for easy connectivity of the topologies. The Bridge connection has been installed for optional flow of information from source to destination. Internet Access Points within the organizational boundary are derived from reliable sources for the benefit of employees serving in organization. Grusho, Timonina & Shorgin (2017) stated that successful access to internet is possible after effective user authentication using suitable credentials of a username and unique password. Additionally, this user authentication credentials are related to prior allotment of Username by the relevant security employed by the company. [Referred to Appendix 2]

c. Rationale

Logical networks can be regarded as the virtual representation of the network which might appear towards the user through a separate as well as a single entity. In order to operate all of the computer systems of an organization, a proper network diagram needs to be done (Govindan, Fattahi & Keyvanshokooh, 2017). With the help of proper network availability, users can access information from other devices easily as well as uninterruptedly.

In the scenario of the organization, it can be seen that a physical and logical topological layout of planned network needs to be done in order to connect all of the systems properly. However, the issue is that proper security and data integrity of the network needs to be maintained which is quite essential for the planned network. However, due to lack of training of the workers and lack of knowledge of the hirer codes regarding network security, it is hard to maintain data security while designing the network in the company. In addition, it can be seen that the workers do not have proper knowledge regarding password protection and file encryption. For this reason, it can be assumed that hackers may hack the important data regarding customers as well as workers, which is harmful for the company’s growth (Park et al. 2017). The protocols and software of the network need to be tailored properly so that it can meet the needs of employees and computers. In the context of the organization, without proper network expertise, a versatile solution of network cannot be achieved which might degrade the efficiency.

Lack of skills of the workers, network engineer and hierarchies of the company are the main causes of the issues in network topology design (Zhang, 2018). Due to their poor performances, data integrity and data security cannot be achieved properly.

In case, these issues would not be resolved, it can be assumed that the reputation of the company might be hampered, which is not expected. In addition, in case these issues would not be mitigated, data security might not be maintained by which the hackers may hack other important information regarding the organization. This study can shed light on the ideal security policies and software design of the topology network by which the data security, integrity and authentication would be maintained properly. With the help of the findings of the research study, the issues in the network diagram would be eliminated permanently.

d. Security Policy

A comprehensive security policy can help an organization to protect their important company information from unwanted malware as well as spyware. The company needs to introduce a comprehensive and ideal security policy by which the interface of the hackers can be prohibited (Finn & Wright, 2016). In this way, the organization can save the customers’, contractors’, suppliers’ and workers’ information safely. The market reputation and overall efficiency of the organization would be enhanced thereafter.

i. Application of CIA

CIA security emphasizes on confidentiality, integrity, and availability of information in a business organization.

Figure 1: CIA Triad

(Source: Safa et al. 2019)

CIA can be regarded as a venerable and well-known model in order to develop security policies in the problematic areas of a firm (Safa, Von Solms & Futcher, 2016). In addition, all of the necessary solutions can be provided through CIA within the area of IS (information security).


In recent days, it is crucial to protect private and sensitive information from any type of unauthorized access. At the time of doing network configuration in the organization, the designers need to introduce encryption codes to the files so that it would be protected from malware (Safa et al. 2019). There are certain types of techniques that can be adapted by this organization in order to introduce infertility which bare password protection, UNIX file permission, access control volume, and lists. In addition, proper antivirus software can be installed in the system in order to oppose spyware, malware and Daniel o attack.


Data integrity emphasizes on overall accuracy, consistency, and completeness of the information throughout the life cycle. The organization needs to ensure that important company information would be unchanged from any type of third party for unauthorized access through the life cycle (Safa, Von Solms & Futcher, 2016). The hierarchies of the company need to focus on the overall equality of the three factors of CIA-(confidentiality, integrity, and availability). These three components of data security need to be implemented equally in the network design of the company.


Final component of the CIA triad can be regarded as data availability which indicates all the time availability of the information in the organization. The authority of the organization needs to ensure that information would be available all the time despite the facts like power cut, power outages or hardware failures (Safa et al. 2019). In addition, it needs to be ensured that employees can retrieve the information of the customers as well as organization promptly without delay. Therefore, as an important component of data availability, information needs to be easily accessible by the employees of the company.

ii. Ethical Aspects

Employee behavior

The employees of the organization need to be provided proper training so that they can gain adequate information regarding encryption, password protection and data authentication (Finn & Wright, 2016). In addition, the employees need to obey ethical aspects of data security and must not share their official laptop/SIM cards with anyone. Proper passwords need to be provided by them while stirring any important company information into a file.


The authority of the organization must not share all of the valuable company information with the contractors (Safa, Von Solms & Futcher, 2016). In addition, at the time of signing contracts, soft copies of the contract need to be stored safely. The management of the company needs to communicate with the contractors only via email in order to ensure data security.

Password usage

Alphanumeric passwords need to be provided by the employees of the organization while dealing with the files (Finn & Wright, 2016). The password must not be shared with other colleagues or family members in order to resist data hacking. Easily accessible passwords that may contain birth date; anniversary date or nickname must not be used in the passwords.

Access to the networked resources as well as information

User authentication needs to be introduced in this organization so that only authentic users can access the company files. Biometric passwords and facial recognition can be implemented in the company so that the valuable company information cannot be accessed by every person in the company.

Reference List


Bao, F., & Deng, R. H. (2017). Information security practice and experience. Berlin/Heidelberg: Springer.

Zhang, D. (2018). Big data security and privacy protection. In 8th International Conference on Management and Computer Science (ICMCS 2018). Paris: Atlantis Press.


Agrawal, V. (2017). A Comparative Study on Information Security Risk Analysis Methods. JCP, 12(1), 57-67.

Al-hashimi, M., Othman, M., Sulaiman, H., & Zaidan, A. A. (2018). Information Security Governance Frameworks in Cloud Computing an Overview. Journal of Advanced Computer Science and Technology Research, 8(2), 67-81.

Almuhammadi, S., & Alsaleh, M. (2017). Information security maturity model for NIST cyber security framework. Computer Science & Information Technology (CS & IT), 7(3), 51-62.

Finn, R. L., & Wright, D. (2016). Privacy, data protection and ethics for civil drone practice: A survey of industry, regulators and civil society organisations. Computer Law & Security Review32(4), 577-586.

Govindan, K., Fattahi, M., & Keyvanshokooh, E. (2017). Supply chain network design under uncertainty: A comprehensive review and future research directions. European Journal of Operational Research263(1), 108-141.

Grusho, A. A., Timonina, E. E., & Shorgin, S. (2017). Modelling For Ensuring Information Security Of The Distributed Information Systems. In ECMS (pp. 656-660).

Ishak, K. K., Noor Afiza, M. R., Lokman, A. M., & Toshiyuki, K. (2016). Kansei Information Security Assessment (KISA): Characterizing Trust as Stimuli for User Emotional Assessment in Information Security. Indian Journal of Science and Technology, 9, 1.

Jouini, M., & Rabai, L. B. A. (2016, January). Comparative Study of Information Security Risk Assessment Models for Cloud Computing systems. In ANT/SEIT (pp. 1084-1089).

Park, P., Ergen, S. C., Fischione, C., Lu, C., & Johansson, K. H. (2017). Wireless network design for control systems: A survey. IEEE Communications Surveys & Tutorials20(2), 978-1013.

Rajesh, M. (2018). A signature based information security system for vitality proficient information accumulation in wireless sensor systems. International Journal of Pure and Applied Mathematics, 118(9), 367-387.

Safa, N. S., Maple, C., Furnell, S., Azad, M. A., Perera, C., Dabbagh, M., & Sookhak, M. (2019). Deterrence and prevention-based model to mitigate information security insider threats in organisations. Future Generation Computer Systems97, 587-597.

Safa, N. S., Von Solms, R., & Futcher, L. (2016). Human aspects of information security in organisations. Computer Fraud & Security2016(2), 15-18.


Appendix 1: Layout Diagram

(Source: Created by Learner)

Appendix 2: Illustration

Infrastructure and Security

(Source: Created by Learner)