Download
1 / 27
270 likes | 355 Views
This project outlines user requirements for a robust network infrastructure supporting educational activities, including specific configurations and security measures for LANs, WAN, and servers, ensuring reliable connectivity and data protection. The design includes detailed IP addressing and naming conventions, as well as security protocols, ACLs, and network cabling plans. The goal is to create an efficient and secure network environment that meets the institution's evolving needs.
E N D
Desert View TCS By Charlene Cooley and Dan Austin
User Requirements • 7- to 10-year projected life • 100% WAN growth • 1,000% LAN growth • Speed • 1 Mbps for workstations • 100 Mbps for servers • Exclusively TCP/IP
User Requirements (cont.) • Frame Relay for WAN transport • 2 LANs per building • student/curriculum • administrative • Switched LAN infrastructure
User Requirements (cont.) • Classrooms • 24 workstations per classroom • 4 cable runs per classroom • switches located in lockable cabinets • File designation is enterprise or workgroup
User Requirements (cont.) • DNS & E-mail • master servers at district office • distributed DNS servers in each building • each building has a host for DNS & E-mail, and a directory of staff & students
Topology Requirements • Redundant paths between regional servers • Administrative server must be accessible to teachers and staff in each building • Library server must be available to entire network • Static IP for administrative hosts • DHCP for student/curriculum hosts
Security Requirements • General • no access from Internet to intranet • 2 physical LAN structures • double firewall • Access Control Lists • prevent access from student/curriculum network to administrative network (with certain exceptions)
NETWORKDESIGN EXAMPLES DESERT VIEW
WAN OVERVIEW DESERT VIEW
IP ADDRESSING SCHEME AND NAMING CONVENTION DESERT VIEW
IP Addressing Scheme for Desert View • Class B Address of 128.0.0.0/22 • 62 subnets • Administrative subnets • Curriculum subnets • WAN subnets • Internet subnet • DHCP Servers will hold curriculum addresses
Naming Convention • Administrators • building name/{office|classroom} number • Curriculum • building name/classroom number
Network Management • SNMP traps on network nodes • CSWI Resource Manager & Campus Network Management Software • District Office • master server collects information from regional hubs • Regional Hubs • will collect information from schools that are attached
DESERT VIEW SECURITY DESERT VIEW
ACLs • Standard ACL Applied to District Office Network (Incoming) • Standard ACL Applied to Administrative Networks (Incoming) • Extended ACL Applied to Classroom Network (Outgoing)
ACLsDistrict Office • Access-list 1 permit 128.0.24.0 0.0.3.255 • Access-list 1 permit 128.0.36.0 0.0.3.255 • Access-list 1 deny any any Apply to E0 • ip access-group 1 in
ACLsBuilding 1 • Access-list 2 permit 128.0.12.0 .0.0.3.255 • Access-list 2 permit 128.0.36.0 0.0.3.255 • Access-list 2 deny any any Apply to E1 • ip access-group 2 in
ACLsBuilding 1 (Con’t) • Access-list 101 permit tcp 128.0.20.0 0.0.3.255 eq smtp • Access-list 101 permit udp 128.0.20.0 0.0.3.255 eq DNS • Access-list 101 deny any any Apply to E0 • ip Access-group 101 out
ACLsBuilding 2 • Access-list 3 permit 128.0.12.0 .0.0.3.255 • Access-list 3 permit 128.0.24.0 0.0.3.255 • Access-list 3 deny any any Apply to E1 • ip access-group 3 in
ACLsBuilding 2 (Con’t) • Access-list 102 permit tcp 128.0.32.0 0.0.3.255 eq smtp • Access-list 102 permit udp 128.0.32.0 0.0.3.255 eq DNS • Access-list 102 deny any any Apply to E0 • ip Access-group 102 out
QUESTIONS? DESERT VIEW
