Syntax Literate: Jurnal Ilmiah Indonesia p�ISSN:
2541-0849
e-ISSN:
2548-1398
Vol.
7, No. 4, April 2022
ANALYSIS AND DESIGN WIRELESS NETWORK AND SECURITY BASED ON FIREWALL IN PIT MINING
AREA PT ABC
Yanto Setiawan, Agustiawan Sembiring, Muhammad Arif, Wihdayati
Computer Science Bina
Nusantara, Jakarta, Indonesia
Email: [email protected], [email protected], [email protected], [email protected]
Abstract
The 4.0 Industrial revolution has entered the
mining industry. One of them is the application of big data technology in PT
ABC, a coal mining contractor in Indonesia. To support the project's
performance, an extensive internet connection covering certain areas, including
pit areas, is needed. However, there are areas outside the GSM or Wi-Fi service
in PT ABC District XYZ. To solve the issue, proper planning and analysis of
Wi-Fi network coverage development and firewall-based wireless security are
needed to support the operational of big data technology in the company's
internal system. The planning and development of this network coverage and
wireless security use the Network Development Life Cycle (NDLC) method. This
method is useful to continue the improvement on wireless network in PT XYZ. The
benefit of the NDLC method is that when someday an alteration is needed on the
network, life cycle data has been recorded in the NDLC method. The result of
this study is a design that can fix or cover the deficiency of the existing
network condition. The design is in the form of Access Point placement design
and access network settings using wireless security.
Keywords: Wireless network; wireless security;
firewall; NDLC; access point
Introduction
Various countries in the world, one of which is Indonesia,
has entered the Era Revolution of Industry 4.0. In general, Industry 4.0
describes the growing trend towards automation and data exchange in technology
and processes in the manufacturing industry (Hermann, Pentek, & Otto, 2016);
(Landherr, Schneider, & Bauernhansl, 2016);
(Lasi, Fettke, Kemper, Feld, & Hoffmann, 2014).
These trends include the Internet of Things (IoT), Industrial Internet of
Things (IoT), cyber-physical systems (CPS), artificial intelligence (AI), smart
factories, cloud computing systems, and so on. In addition to technology, the
development of Big Data is also starting to affect our lives today (Suherman, Wijoyo, & Indrawan, 2020).
The use of the internet using wireless connectivity is an
important part of the process of sending and receiving data between devices.
Today's internet connection has become part of the needs of every individual,
one of which is the use of Wi-Fi (Wireless Fidelity). Wi-Fi is one of the technologies
of WLAN (Wireless Local Area Network), which is commonly found in industrial
sector. Wi-Fi Usageaccess to the internet continues
to increase along with the increasing use of smartphones.
Wireless Local Area Network (WLAN) is a development of Local
Area Network (LAN) (Jaringan Wireless et al., 2014).
In WLAN no longer used cables for the process of sending and receiving data
between devices. Thus, the network is easier to build without designing paths
for cabling. In addition, the construction of WLAN is also relatively cheaper
because there is no need for connecting cables between devices. Currently, WLAN
has two frequencies used, namely at 2.4 GHz and 5 GHz.
One of the important parts of a Wi-Fi device is the Access
Point (AP). Access point is interpreted as a device that can transmit signals
to and from the receiver. These devices are very easy to find in the market at
an affordable price. However, the device access point also sometimes gives
problems, for example Improper placement of access points makes some location
points into areas that get a bad Wi-Fi signal and may also not get a signal at
all or known as the blankspot area.
The industrial revolution 4.0 has also entered the world of
the mining industry. One of them is the use of big data technology in one of
the coal mining contractor companies in Indonesia, namely PT ABC. To support
the smooth running of the project, an internet connection is needed that covers
certain areas, especially in the pit area. However, the actual conditions in the
work environment at PT ABC District XYZ still have several location areas that
are not covered by GSM or Wi-Fi networks at all. This will certainly disrupt
the smooth operation of big data in the company's
internal.
Therefore, the authors are interested in analyzing the
planning for the development of Wi-Fi network coverage and wireless security in
the blank spot area in the PT ABC pit District XYZ so that it can help the
smooth operation of the use of big data technology in the company's
internal.
Research
Methods
This qualitative research was conducted in four blank spot
areas in the PT ABC District XYZ pit using the Network Development Life Cycle
development method. The method consists of six stages, including:
1.
Analysis
Stage is carried out by
analysis to obtain overall information regarding the development that will be
carried out to suit user needs. The following is an overview of the initial
topology of the development of Wi-Fi access in the corporate environment.
Figure
1
Initial
Topology of Development
The wireless coverage development
method used in this research is point-to-multipoint wireless coverage. This is
because it is more cost-effective, reduces frequency interference, and is
suitable for implementation in the development of PT ABC's wireless pit area
coverage, District XYZ.
For the method of restricting user
access, the method used is Firewall Packet Filtering. This type of method is
used to filter data packets based on the specified address and options. The
method is designed to control the flow of packets based on the origin,
destination, port, and type of packet information contained in each packet.
2.
Design
The following is the
design for the development of wireless network coverage and the design of
wireless security proposed in this study.
Figure
2
Wireless
Topology and Wireless Security Development Plan
In the design of the
development of wireless coverage, there is the installation of one point in the
main office tower area as a Base Station, which will later reach the four location
points.
While in the design of
wireless security based on firewalls, there is a plan in bandwidth usage which
are differentiated in each of the different department�s user groups.
3.
Simulation Prototype
In this study, a
simulation was carried out using the InfiPlanner application
which is then carried out several simulation tests to determine the required
height in the placement of the Access Point repeater points to cover the
required areas that have been described previously.
Meanwhile, for the simulation
in the design of wireless security, this research was carried out directly with
the configuration of the FortiGate device which was then tested directly using
a gadget or laptop.
4.
Implementation
This stage will take
longer than the previous stage. In implementation Network Engineer implements
everything that has been planned and previously designed.
Implementation is a very
decisive stage of the success/failure of the project to be built and it is at
this stage that Teamwork will be tested in the field to solve technical and
non-technical problems.
5.
Monitoring
After the implementation
of the monitoring stage is an important stage, so that the computer and
communication network can run according to the wishes and initial goals of the user in
the early stages of analysis, it is necessary to carry out monitoring
activities. In this study, the monitoring tools used are the monitoring tools,
the dude mikrotik and cacti.
6.
Management
Management or regulation,
one of which is of particular concern is the issue of policy, policies need to
be made to make/manage so that the system that has been built and runs well can
last a long time and the element of reliability is maintained. The policy will
depend on the management level policy and the company's business strategy,
which should support the company's business strategy as much as possible.
Results and
Discussion
A. Implementation
1.
Wireless Coverage Development
Design
From the results of
determining the height with a simulation using the InfiPlanner
tools needed for the installation of an access point to reach the location, the
highest point is found in 4 areas, which is 39 meters. The following is the
throughput of each connected station.
Figure
3
Throughput
Results of All Stations in the Pit Area
2.
Wireless Security
Development Design
Firewall-based wireless
security configuration is done by using a FortiGate device. The role of
FortiGate devices in limiting access rights is to restrict users from accessing
websites and mobile applications.
Figure
4
Configure
Application Control
Figure
5
Example
of Wireless Web Filter Configuration
Figure
6
Configuring
Rules and Policies for Wi-Fi Access
After all the
configuration is done, the ethernet interface on the previously configured
FortiGate is directly connected to the company's core switch which we then give
access to the new VLAN. In this case, we set it to VLAN 35 and VLAN 40. This is
the VLAN that we will use later for Wi-Fi access all devices in the office area
and mining area.
3.
Results of Monitoring
Dashboard Design
a)
The dude mikrotik
The dude mikrotik is a built-in tool for mikrotik
products that is used as monitoring network development of wireless coverage.
To activate this feature, it is necessary to install this tool on two sides,
namely on the server side (from the router board) and on the client side
(client computer). Here's what the monitoring tools look like: the dude mikrotik after all repeater devices in the mine area has
been added to the dashboard.
Figure
7
Display
of the Dude Device Monitoring Dashboard
b)
Cacti
In contrast to Dude Mikrotik, cacti are quite install
on one of the computers that will be used as a server based on the Ubuntu
operating system. To enable cacti, need to install the required packages like
apache2 as a web server and MySQL as database server.
Figure
8
WAN
1 Monitoring Graph Configuration on Cacti
Figure
9
WAN
2 Monitoring Graph Configuration on Cacti
c)
Unifi Controller
Unifi controller is the
default software from Ubiquiti products that are used to manage and monitor a
large number of unifi access point devices. Because
in this study the access point used is an unifi
device, so we need to install and configure this controller.
Figure
10
Adding
an UniFi Access Point Device to the Controller
Figure
11
SSID
Configuration on UniFi Controller
B. Testing
and Evaluation
1. Result of the Speed test
Internet access
In this step, internet
access testing will be carried out by connecting to a Wi-Fi network access with
the PMob SSID. Here is the results ratio test try
internet access with using speedtest in each area
where the repeater has been installed.
Table
1
Speedtest Test
Results at Pit Locations
|
Location |
Test |
Results |
|
|
Download |
Upload |
||
|
CD pit |
Speedtest |
4.26 |
3.97 |
|
East CH Pit |
Speedtest |
4.66 |
2.77 |
|
West CH Pit |
Speedtest |
3.32 |
2.43 |
|
CM pit |
Speedtest |
3.98 |
3.62 |
Speed test
comparison in each area for Internet access has been met. In this case, it can
be proven by the speed test results obtained in each area that have met the
needs. Where in need to carry out big data processing transactions, a minimum
bandwidth of 1 Mbps is required.
In addition,
from the test results above, when referring to the Tiphon standard which has
been discussed in the previous chapter, it can be described according to the
following table:
Table 2
Speedtest
Results Evaluation Table
|
Category |
CD pit |
East CH Pit |
West CH Pit |
CM pit |
|
Jitter |
18 ms |
35 ms |
17 ms |
33 ms |
|
Loss Packet |
3.9% |
3.1% |
3.3 % |
5.7% |
Loss Packet 3.9% 3.1% 3.3 % 5.7%
From these
results, if converted into standard Tiphon QoS Parameters, the results of the
speed test carried outfall into the medium category for Jitter and good for the
Packet Loss category.
2. Results
of Testing Wireless Security
At this
stage, testing the configured wireless security configuration is carried out by
accessing some websites that are allowed and not permitted in need. Here are
the test results by accessing several applications that are in the firewall
policy rule the one in the block.
Figure 12
Test Results Try Accessing YouTube Pages
Figure 13
Test Results Try Accessing Facebook Page
The
display above indicates that wireless security is running well where users
cannot access the website. The next test is to access several websites that are
allowed by the firewall.
Figure 14
Test Results Try Accessing WhatsApp Page
Figure 15
Test Results for Access to Company Pages
In the
display above the WhatsApp website can be accessed by the user. The rules and
policies that we have previously set are running well.
3. Results
of Testing Wireless Security
At this
testing stage, bandwidth utilization testing will be carried out after the
development wireless coverage and firewall-based wireless security.
Figure 16
Astinet Traffic After Implementing Packet Filtering
In the graph
above, it can be seen that the bandwidth utilization performance is stable even
though it occasionally approaches over-capacity bandwidth. This will affect
maintaining the stability of internet access.
Conclusion
Based
on the results development that has been carried out, it can be concluded that:
1) with the method of developing point-to-multipoint wireless network coverage,
there is an expansion of coverage wireless is about 25% of the previous
condition wherefrom the results of the Q o S standard parameters of Tiphon all pit locations in the development design have
obtained Wi-Fi coverage with the Jitter category it is in the medium-scale and
for the packet loss category it is in the good scale with the addition of the
following devices: a) basestation, addition of infinet Wireless R5000-Smnb/5.300.2x63.2x16 device - InfiMAN 2x2 on the station side in the tower office area at
the height of 39 meters to reach all locations of wireless coverage
development. b) station, in addition by using the device Infinet
Wireless R5000-Smn/5.300.2x63.2x19 as a station at 4 pit locations. c) access
Point Wi-Fi, Wi-Fi signal transmitters, UniFi Access
Point devices are added in 4 locations that can be monitored directly from the
office area. 2) with the development method of wireless security packet
filtering on FortiGate devices, it helps in maintaining the stability of
bandwidth utilization where the average bandwidth utilization is still at 50% -
70% of the existing bandwidth capacity.
Hermann, M., Pentek, T., & Otto, B.
(2016). Design principles for Industrie 4.0 scenarios (Vol. 2016). IEEE
Computer Society. Google Scholar
Landherr, Martin, Schneider, Ulrich, &
Bauernhansl, Thomas. (2016). The Application Center Industrie
4.0-Industry-driven manufacturing, research and development. Procedia Cirp,
57, 26�31. Google Scholar
Lasi, Heiner, Fettke, Peter, Kemper, Hans
Georg, Feld, Thomas, & Hoffmann, Michael. (2014). Industry 4.0. Business
& Information Systems Engineering, 6(4), 239�242. Google Scholar
Suherman, Musnaini, Wijoyo, Hadion, &
Indrawan, Irjus. (2020). Industry 4.0 Vs Society 5.0. Cv. Pena Persada. Google Scholar
|
Copyright holder: Yanto Setiawan, Agustiawan
Sembiring, Muhammad Arif,
Wihdayati (2022) |
|
First publication right: Syntax Literate: Jurnal Ilmiah
Indonesia |
|
This article is licensed
under: |