Semester 4 / Computer Networks /Network Design

Network Design

4 min read Updated Mon May 04 2026 09:51:20 GMT+0000 (Coordinated Universal Time)
Open in ChatGPT Open in Claude

The process of planning and structuring communication infrastructure. Driven by business goals, security requirements, and traffic behaviour.

2 major phases:

  • design considerations
  • design strategies

Design Considerations

Business Needs

Network design must match (and not exceed) business goals.

  • Deliver enhanced service to customers.
  • Determine placement of resources — what to provide and where.
  • Evaluate competitive advantage and Return-On-Investment (ROI).

Future Growth

Design must anticipate expansion. Designing a network takes a huge amount of time. Each network design must withstand a fair amount of time and be ready for expansion.

  • Applications, services, servers.
  • General office networks; wireless hot-spots.
  • Island-wide coverage; use of third-party/public providers.
  • Adoption of new technologies.
  • Extranet connections (to subsidiaries, collaborating parties).
  • Business diversification.

Cost

Networking equipment vary a lot in cost. Must be kept high enough to satisfy business needs and future growth and low enough to be affordable. Must be justified by added business value.

Existing Infrastructure

Cost constraints replacement decisions. If a certain hardware is replaced with something else, instead of throwing away the old one, it could be restructured and used somewhere else.

Internet & Intranet Requirements

How the intranet (internal private network) and the internet are connected.

2 options:

  • Separate internet per branch
    Reliable. Higher availability. No single point of failure.
  • Internet through head office
    The whole intranet becomes controllable from head office. If the head office’s internet gateway is down, the whole intranet becomes isolated from the internet.

Also includes how the intranet is controlled and how policies are applied.

Security vs. Accessibility

How the users of the organization authenticate; what access policies are applied, to which services and to which users.

Appropriate Network Architecture

Most of the organizations does not require top-notch networking equipment. Appropriate network architecture must be chosen based on traffic loads, server workloads and application types.

The networking equipment becomes outdated in ~3 years. Cables last longer. If structured cabling is done, the networking equipment can be replaced easily.

Design Strategies

Function (Application) Based Design

Aka. business-IT alignment based design.

Align IT infrastructure to business applications and data.

Key layers:

  • Business drivers → business apps & data → servers → storage.
  • IT environment includes: data centre, security, systems management, disaster recovery, IT organization and processes.

Security Based Design

Addresses threats at multiple levels.

Threat types:

  • Physical threats.
  • Network-based threats.

Access policies:

  • Limited access (imposed) — proxies, NAT. Also mitigates IP address depletion.
  • Privileged access — VPNs; user/role-based access (directors, managers, third parties).

Critical node protection:

  • Server farms, VLANs.
  • Firewalls, IDS (Intrusion Detection Systems), IDP (Intrusion Detection and Prevention).

Application-level communications:

  • Multi-tier architectures.
  • Mail relays, DNS servers, AAA servers.
  • Applications lacking SSL or cryptography support → isolate → additional subnets and firewall interfaces.

Topology (Technology/Protocol) Based Design

Network type selection based on constraints.

  • Covers: LANs, WLANs, WANs.
  • Factors: speed differences, technology differences, budgetary constraints, environmental constraints.

Extended networks:

  • VPNs and tunnels — security over WANs; LAN extension.
  • PPTP — Point-to-Point Tunnelling Protocol.
  • L2TP — Layer 2 Tunnelling Protocol.

Traffic Based Design

Network behaviour under load.

  • Queuing — priority traffic handling; congestion avoidance.
  • Application delay tolerance — must be assessed per application.
  • Switching — wire-speed switching requirements.
  • Load balancing — distributes traffic; depends on server capability.
  • Redundant paths — reliability and availability.
  • QoS — latency, throughput parameters.
  • Medium trade-offs — satellite vs. fibre optics.

Summary

  • Four design strategies: function-based, security-based, topology-based, traffic-based.
  • Security design operates at physical, network, access policy, node, and application levels.
  • Topology design selects technology (LAN/WAN/WLAN) based on speed, budget, and environment; VPNs extend networks securely.
  • Traffic design addresses QoS, queuing, redundancy, and load balancing.
  • Structured cabling reduces long-term management cost.
  • Architecture should match current need — avoid over-provisioning for uncertain future scale.