Design of telecommunications networks

¶ … Telecommunications Network

In an effort to provide better care for its patients, arises the need to design a network able to support a new multi-location dental care practice. In this report, we will provide a clear set of requirements for the network solution, and then identify the information that is to be protected as well as their related security requirements. Also, we will identify the types of network components, devices and equipment that would be involved in meeting the needs of the stationary offices and all four mobile dentists, and then we will provide a network design diagram that shows an appropriate network configuration to meet the requirements. Finally, we will explain the benefits of the proposed network solution, and identify the risks and risk mitigation strategies associated with the proposed network solution.

With five dental offices currently operating, we need to design a network that will integrate databases of all 5 dental offices within the city into one database where all five offices' resources will be stored for organization wide access. Patients' data must be accessed as quickly as possible if requested as well as daily schedules. In a word, the new network must be able to provide high speed data transfer rate. Furthermore, the new design must include a remote access network that will enable mobile computing and a full organizational resource access to the four dentists that provide dental checkups to elderly patients in their homes, at the senior citizen centers, and to school children in the three inner-city elementary schools. Most importantly, the new network must protect patients' records and information.

With the network requirements outlined above, the dental offices must ensure that there are security protocols in place to protect their information assets. These assets include operational data, patients' records, and daily schedules. To accurately provide this data protection, information security procedures such as availability, authorization, authentication, confidentiality, and integrity must be implemented.

In order to satisfy the requirement of the new network, we must implement a Metropolitan Area Network, or MAN to provide interconnection between all five dental offices within the city. MAN is an appropriate choice for this type of connection because it provides high speed network connection, and also all five offices are located within the same geographic region, which is the main characteristic of MAN networks. MAN also provides real-time transaction backup systems (White, 2011), a utility that is indispensable for the dental care facilities because a loss in patients' records could delay the provision of dental care to patients. On the other hand, in order to provide remote computing and a secure resource access to the four mobile dentists, we must implement a VPN connection. With this connection, a VPN server must be installed on the network so in case the mobile dentists would like to connect to the intranet, their request will be sent to the VPN server which will then process the request. VPN connection is a data network connection that uses the public internet, but provides privacy through the use of tunneling protocol (White, 2011). VPN network also provides data encryption, an indispensable asset to help protect data integrity while the data is in transit.

The first advantage of a MAN connection is it will allow all dental offices in the metro area to have one network, so one data center where all of the organization's information resources including patients' records are stored for easy organization wide access. Also, a MAN network provides a network convergence because the majority of MAN network service providers also provide Internet access to its subscribers (DAUTI, 2007). MAN also provides low error rates and high data rate throughput and gives "ability to a user to dynamically allocate more bandwidth on demand" (White, 2011). The latter benefit is very important because it will allow for a scalable network in case of future expansions. For mobile dentists, VPN also offers great advantages. First of all, dentists who wish to access the organization's network can connect through the VPN, so resources will be available to remote users. Also, VPN will ensure a low cost of implementation since the ISP providing the service will provide the necessary hardware. VPN also helps to establish a secure connection because data sent through VPN is encrypted and cannot be intercepted and decrypted by a hacker. This capability of data encryption is very important in safeguarding the integrity and confidentiality of the patients' data in transit through the network.

Although the network solutions have the aforementioned advantages, they also have security risks if proper security criteria are not in place. In a more general term, MANs share many of the same security threats as LANs, but on a larger scale (Dr. Cole, 2007). Because the internet is provided by the ISP, risks and vulnerabilities encountered on the public internet makes MAN vulnerable to common internet threats such as Denial-of-Service attacks, Man-in-Middle attacks, worms, Trojan Horses, viruses, etc... With VPN, the risks include a potential of a hacker gaining access to intranet resources if the user is for example browsing other web sites other than the intranet resources. As would confirm Michael Stines of the Sans Institute, "VPN does not offer personal security features to the client, or protect it from outside attack from sources such as the Internet" (Stines, 2003). From the same source, the fact that most user PCs do not have strong security features, they are vulnerable to attacks such as password harvesting, infection by virus or worm, Distributed Denial of Service attack, which could then conceivably have adverse effects if introduced into the corporate network via VPN connection (Stines, 2003).