Semester 4 / Computer Networks /Network Design

Network Design

4 min read Last updated Sat Jun 06 2026 07:03:21 GMT+0000 (Coordinated Universal Time)
Open in ChatGPT Open in Claude

The process of planning and structuring communication infrastructure. Driven by business goals, security requirements, and traffic behaviour.

2 major phases:

  • design considerations
  • design strategies

Design Considerations

Business Needs

Network design must match (and not exceed) business goals.

  • Deliver enhanced service to customers.
  • Determine placement of resources — what to provide and where.
  • Evaluate competitive advantage and Return-On-Investment (ROI).

Future Growth

Design must anticipate expansion. Designing a network takes a huge amount of time. Each network design must withstand a fair amount of time and be ready for expansion.

  • Applications, services, servers.
  • General office networks; wireless hot-spots.
  • Island-wide coverage; use of third-party/public providers.
  • Adoption of new technologies.
  • Extranet connections (to subsidiaries, collaborating parties).
  • Business diversification.

Cost

Networking equipment vary a lot in cost. Must be kept high enough to satisfy business needs and future growth and low enough to be affordable. Must be justified by added business value.

Existing Infrastructure

Cost constraints replacement decisions. If a certain hardware is replaced with something else, instead of throwing away the old one, it could be restructured and used somewhere else.

Internet & Intranet Requirements

How the intranet (internal private network) and the internet are connected.

2 options:

  • Separate internet per branch
    Reliable. Higher availability. No single point of failure.
  • Internet through head office
    The whole intranet becomes controllable from head office. If the head office’s internet gateway is down, the whole intranet becomes isolated from the internet.

Also includes how the intranet is controlled and how policies are applied.

Security vs. Accessibility

How the users of the organization authenticate; what access policies are applied, to which services and to which users.

Appropriate Network Architecture

Most of the organizations does not require top-notch networking equipment. Appropriate network architecture must be chosen based on traffic loads, server workloads and application types.

The networking equipment becomes outdated in ~3 years. Cables last longer. If structured cabling is done, the networking equipment can be replaced easily.

Design Strategies

Function-Based Design

Also called business-IT alignment-based design.

Aligns IT infrastructure to business applications and data.

Key layers:

  • Business drivers → business apps & data → servers → storage.
  • IT environment: data centre, security, systems management, disaster recovery, IT organization and processes.

Different organization types require different network forms, driven by their application and data profiles.

Security-Based Design

Addresses threats at multiple levels.

Threat types:

  • Physical.
  • Network-based.

Access policies:

  • Limited access (imposed)
    Proxies, NAT. Also mitigates IP address depletion.
  • Privileged access
    VPNs; user/role-based access (directors, managers, third parties).

Critical node protection:

  • Server farms, VLANs.
  • Firewalls, IDS (Intrusion Detection Systems), IDP (Intrusion Detection and Prevention).

Application-level communications:

  • Multi-tier architectures.
  • Mail relays, DNS servers, AAA servers.
  • Applications lacking SSL or cryptography support: isolate with additional subnets and firewall interfaces.

High-Security Zone

A network segment isolated to protect the most sensitive resources.

Typical residents:

  • Databases with confidential data.
  • Authentication and AAA servers.
  • Financial and billing systems.

Characteristics:

  • Sits behind one or more dedicated firewall tiers, beyond the DMZ.
  • Default-deny policy: only explicitly whitelisted traffic is permitted inbound.
  • Stricter logging and auditing than the general intranet.
  • Accessed only by other internal zones with a proven need.

Topology-Based Design

Network type selection based on constraints.

Technologies covered:

  • LAN
    High-speed, short-range. Ethernet, Wi-Fi.
  • WLAN
    Wireless extension of LAN; hot-spots, office coverage.
  • WAN
    Long-range, lower speed, higher latency. Leased lines, MPLS, public internet.

Selection factors:

  • Speed requirements.
  • Technology availability.
  • Budgetary constraints.
  • Environmental constraints (physical layout, interference).

Extended networks:

  • VPNs and tunnels
    Security over WANs; LAN extension.
  • PPTP
    Point-to-Point Tunnelling Protocol.
  • L2TP
    Layer 2 Tunnelling Protocol.

Traffic-Based Design

Network behaviour under load.

  • Queuing
    Priority traffic handling; congestion avoidance.
  • Application delay tolerance
    Must be assessed per application.
  • Switching
    Wire-speed switching requirements.
  • Load balancing
    Distributes traffic; depends on server capability.
  • Redundant paths
    Reliability and availability.
  • QoS
    Latency, throughput parameters.
  • Medium trade-offs
    Satellite vs. fibre optics.
Was this helpful?
PreviousNon TCP/IP Wireless Protoc...
NextNetwork Management