Network Analysis and Architecture Evaluation for SNHUEnergy, Inc.

Executive Summary

This report provides a comprehensive analysis of the current network architecture of SNHUEnergy, Inc., focusing on data traffic flows, applications impacted, and recommendations for future network improvements. Our findings indicate that the existing network architecture is strained due to increasing data traffic and the organization’s expansion plans, leading to potential performance and security issues. We recommend implementing a more robust network design that includes segmented VLANs, upgraded routing capabilities, enhanced security protocols, and modern network management tools to support the organization’s growth while ensuring optimal performance and security.

Current Network Architecture

High-Level Assumptions

The current network architecture at SNHUEnergy, Inc. consists of a traditional three-tier model comprising Core, Distribution, and Access layers. The organization relies on multiple applications, including ERP systems, customer relationship management (CRM), and internal communication tools like email and VoIP.

Network Applications

The critical applications in use include:

– Enterprise Resource Planning (ERP) Systems
– Customer Relationship Management (CRM) Software
– Email services
– Voice over IP (VoIP) communication tools
– Data storage solutions

OSI Model Explanation

The current network design can be understood through the OSI model:

– Layer 1 (Physical Layer): Includes cables, switches, and routers that provide connectivity.
– Layer 2 (Data Link Layer): Switches operate here, managing data frames between devices.
– Layer 3 (Network Layer): Routers facilitate data packet forwarding across different networks.
– Layer 4 (Transport Layer): Ensures reliable transmission of data via TCP/UDP protocols.
– Layer 5 (Session Layer): Manages sessions for applications like VoIP.
– Layer 6 (Presentation Layer): Data formatting for application use.
– Layer 7 (Application Layer): Interfaces directly with user applications.

Current Network Diagram

Current Network Diagram

Physical Network Devices

Key physical devices in use include:

– Routers: Direct traffic between different networks and manage data packets.
– Switches: Connect devices within a local area network (LAN) and manage data flow.
– Firewalls: Provide security by filtering incoming and outgoing traffic.
– Access Points: Enable wireless connectivity for mobile devices.

Traffic Patterns

Critical traffic patterns include:

– High volume of data transfers from ERP systems during peak business hours.
– VoIP traffic across different offices leading to increased latency.
– Frequent access to the CRM system leading to bandwidth congestion.

Performance Issues

Without enhancements, the current network may experience:

– Increased latency in applications due to high traffic loads.
– Slower response times in critical applications like ERP and CRM, affecting productivity.

Security Issues

Potential security vulnerabilities include:

– Lack of segmentation leading to risks of lateral movement by malicious actors.
– Outdated firewall policies that may not adequately filter modern threats.

Future Network Architecture

Future Communication Needs

The organization anticipates significant growth, requiring enhanced performance, increased bandwidth, and improved security protocols. Future needs include scalable cloud services, remote access capabilities, and advanced collaboration tools.

Recommended Network Architecture

We propose a hybrid architecture that incorporates:

– Segmented VLANs: To isolate critical applications and improve security.
– Load Balancers: To distribute traffic evenly across servers ensuring high availability.
– Advanced Firewalls: For improved threat detection and response capabilities.

Future Network Diagram

Future Network Diagram

Planning and Security

Mitigation Strategies

To mitigate performance and security issues:

1. Implement Quality of Service (QoS): Prioritize critical application traffic to enhance performance.
2. Deploy Intrusion Detection Systems (IDS): Monitor network traffic for suspicious activity.

Recommended Network Management Tool

We recommend implementing SolarWinds Network Performance Monitor, which provides real-time monitoring, performance analytics, and alerts. This tool will help in identifying bottlenecks and optimizing network performance.

Security Device Recommendations

Recommended security devices include:

– Next-Generation Firewalls (NGFWs): To provide deeper inspection of traffic and enforce security policies.
– Intrusion Prevention Systems (IPS): To actively block potential threats based on identified patterns.

Changes to Existing Devices

Existing routers and switches may require firmware updates or configuration changes to support new security devices. Compatibility checks and integration procedures should be established to ensure smooth deployment.

Implementation Challenges

Challenges may include:

– Resistance to change from staff members accustomed to existing systems.
– Potential downtime during migration to the new architecture.
To mitigate these challenges, we recommend a phased implementation plan with adequate training sessions for staff.

Overall Risk Assessment

Failing to maintain up-to-date security services increases the risk of data breaches, financial losses, and reputational damage. Continuous investment in security measures is essential to protect organizational assets and sustain operational integrity.

Conclusion

The current network architecture at SNHUEnergy, Inc. needs significant enhancements to support future growth effectively. By adopting a modernized approach that emphasizes performance optimization, security enhancement, and proactive management strategies, the organization can better position itself to meet its strategic goals while safeguarding its digital assets.