Proposition of the final LAN infrastructure

advertisement
Proposition of the final LAN infrastructure
Proposition of the final LAN infrastructure
The organization that you choose to use for this project is the Marine Corps. Because
of the large volume that is carried out differently among all the different units, there are
many different moving parts so I will focus on a section S-6 Inside a smaller unit. This
unit will contain approximately 500 people, and 15 of these persons will be responsible
for establishing the network. This will be to include satellites, routers, switches, and all
peripherals. This unit is responsible for the ability to quickly deploy the communications
department to any part of the world and begin to pull data over a 5-hour period. Will
be This Is the key when the unit's main unit arrives, and there are already data
connections ready to pull.
The three-tier hierarchical design model is made up of cisco From basic
distribution and access. When we quickly look at the chart, we see that the basic layer
of this grid begins at SCR RTR And ends when a link POP RTR . The next layer is our
distribution layer, which is one key POP RTR And switches that contain all road
summaries and address addresses including VLAN On our keys that are running Layer
3 Traffic VAN Router On their own without the need for a router. Finally, the access
layer is all end-users and network resources such as server farm.
After careful considerations and adding IPsec To our network, we can
successfully implement and upgrade your wireless network infrastructure. The back
side of the networks will receive from SCR RTR to me POP RTR 192.168.0.33 / 26 As
devices IP Their instant traffic from ISPs will be placed on firewalls, routers and
switches. After the traffic has been left a protocol POP RTR And make its way around
our network, it will move through point-to-point links within the network 192.168.1.128 /
25. All servers will be placed on a network VLAN From 192.168.3.33 / 27 to separate
server traffic on the adapter to be grantedQoS Higher than traffic VLAN Of the user who
will be on a separate VLAN using 192.168.3.65 / 28 which will give IP Up to 62 users to
connect to either via Wi-Fi Or using solid wire in the grid. As we move more towards
the network, we will see that our first wireless access point is present in the primary and
supplied key and setup on VLAN the user. The virtual gateway will be 192.168.3.65 /
28 users IP VLAN For the user.
In this case, we have implemented and updated our network to an extensive
network ( WAN ). In this scenario, we created a separate site located across the world
and talking to the main satellite site. This other network is still part of the main network,
it's simply on the other side of the world and that's why our network is now a
network WAN . We have kept everything as it was before where the router is
used SCR BGP To talk to your Internet service provider ( ISP ) And data flow from our
provider. From there, each router includes a router SCR On networks EIGRP With all
directly related subnets that are configured inEIGRP So that routers quickly pass routing
table information between each other. From our basic 3 layer adapter, we have a
cable Ethernet Which connects to a satellite communication device center that simply
transfers data to the other location. Each router is configured to end
with OSPF And EIGRP From LANTheir own. This will allow the main site to send the
secondary site the routing tables learned from EIGRPTo the secondary site across a
path OSPF . This means that the main site and the secondary site will have
them EIGRP ASN Different. Give us OSPF The concept of an area allows us to
segment different sites. This works because the router has an independent system that
connects one or more of the following ASAnd exchange paths between them.
For our security deployment plan, we have implemented networks VLAN Within
our network to divide the traffic in our network. We can see that it will be
configured VLAN2 On all ports that have connected user computers. In addition to
composition VLAN2 On all user computers if that user has a phone IP , The port will
also be configured with VLAN Voice dialing so that the phone IP Its dragging IP From
Etisalat Manager Cisco . Servers will also have their own VLAN to rid them of
all Unnecessary visits also, and we will also have VLANs for management our servers
will use for things like ESXi And vMotions And iSCSIAnd other traffic management
protocols. In our network we have a router running multiple access control lists and will
block all visits that our ISP has requested us to block. From our scan prompt, our traffic
begins to go to the firewall and IPS Which will monitor traffic and identify
attempts DDOS It is immediately prohibited. From here our traffic is moved
towards POP RTR Usually traffic is to our servers where many of our services are
running. Things like DNS On our Domain Controller that all computers use to
resolve IPOriented Web page names. Also we will run the server McAfee Which will
deploy proxies to all user computers that will be configured to shut down certain ports
and protocols. In general, the computer is locked before anything bad happens, either
accidentally or accidentally. I have always found it extremely important to keep our
keys and routers up to date with the latest firmware to prevent them from being
compromised. The easiest way to help protect our system is to keep our employees
and users informed about how hackers try to control our system and tell them to alert
the IT team if try to One access to their computer. From here, we must create a risk
analysis of our network. This means that we will consider where to put our devices and
easy access to these devices in addition to the survey of our network to determine what
and what risks. Our last step could be to appoint one or two people to support and
implement a security policy that is often our information security officers and probably
only one network administrator to make sure that all other managers will stay within
their ethical limits and do the right thing
After careful considerations and adding IPsec To our network, we have
successfully implemented and upgraded the wireless infrastructure. Our background
network remained as it is with router sifting, firewall, and pop router, in addition to the
primary conversion key. Keeping our servers and storage in our network is also the
best idea, so all server-side services such as DNS searches are done faster via Link
1 gig Or 10gig Without any possible interruption in frequencies Wi-Fi we've
got. Through our basic adapter, we have a wired wireless access point in the
adapter Core Our own. Our main access point has a 2.4 GHz channel set to 1. We
then have two access points connected to a main access point via the 5 GHz back
channel for connections AP to me AP . These two access bands have a 2.4 GHz
channel set to 11 that will not interfere with each other because of their position. This
will allow anyone to be able to cross these areas without losing the signal to the
network. The back side of the networks will receive from SCR RTR to me POP RTR
192.168.0.33 / 26 As devices IP Their instant traffic from ISPs will be placed on
firewalls, routers and switches. After the traffic has been left a protocol POP RTR And
make its way around our network, it will move through point-to-point links within the
network 192.168.1.128 / 25. All servers will be placed on a network VLAN From
192.168.3.33 / 27 to separate server traffic on the adapter to be granted QoS Higher
than traffic VLAN Of the user who will be on a separate VLAN using 192.168.3.65 / 28
which will give IP Up to 62 users to connect to either via Wi-Fi Or using solid wire in the
grid. As we move more towards the network, we will see that our first wireless access
point is present in the primary and supplied key and setup on VLAN the user. The
virtual gateway will be 192.168.3.65 / 28 users IP VLAN For the user. Some will
be The wireless standards that will be in my network are 802.11 n / ac Speeds of 2.4
GHz and 5 GHz. The access points will use a channel 5 GHz As a back channel for
each access point you will provide fast transfer rates between access points. A 2.4
GHz channel will be set up to be separated so that there is no channel interference for
users. This will all happen by using Wi-Fi internet access Dual-band . We also
have to make sure there is no chance for a man in the middle attack, so we'll encrypt all
packets on the network. We also need to make sure that Our users They do not
connect unauthorized devices to our network which means we will use 802.1 X Which
will provide support for central user identification, authentication, dynamic key
management and accounting
Download