Slide 1Assignment 2: Enterprise Network and System Design 10 Local Workgroups/VLANs InternetSwitchStack1Server blockfor InternetHQ-GWServer blockfor...

1 answer below »
quote


Slide 1 Assignment 2: Enterprise Network and System Design 10 Local Workgroups/ VLANs Internet Switch Stack1 Server block for Internet HQ-GW Server block for Partner Firewall BR2 HQ-PR Partner1 BR1 Mobile users Switch Stack2 Server block for Intranet Switch Stack3 Switch Stack4 (10.1.1.0/24) 192.168.1.0/30 Draft Design Task A (Task A _Answer Table) Task B HQ (Campus network three tier model design) redesign not the above diagram but the separate picture file provided into a three-tier model design Task C and D (Layered defenses, Server Farm and Services high availability) Answer Table Task E (Internet Edge Block policy) Answer Table 1 Assignment 2 major tasks: IP Address Scheme design. Major network number: 172.2X.0.0/16 for private domain. 198.96.84.0/22 for public domain. (X=Last digit of your student ID) 10 Local User VLANs: each VLAN has MAX. 200 hosts Intranet Servers: 100 servers Internet Servers: 85 servers extranet Servers: 10 servers HQ Internet access: 20 public IP addresses BR1 Internet access: 10 public IP addresses, LAN: 20 users (BR2 Internet access: dynamic, 1 public IP address, LAN 10 users) Enterprise blocks (Server block, User block, Internet Edge block, Remote Access Block, Management Block, etc.). HQ Campus network three tier model design. Security Protect options (layered defenses). Server Farm and Services high availability. Internet Edge Block policies. My student id ends with 0 so in this case X = 0 2 Rubric: Each Task counts 4 points as the following. Participation/Submission: 1 point Explanation of your design: 1 point Accuracy of Design Specification: 2 points Sheet1 Assignment 2 IP address Scheme Design 172.20.0.0/16 for private domain 198.96.84.0/22 for public domain NetworkNetwork IDSubnet MaskGateway IP addressNotes Private Address: Public Address: Server block for Intranet Server block for Internet VLANs Server block for Partner Task C Assignment 2 Task C Security Protect options (layered defenses). NameTech. SpecificationsDescription of Security ProtectionNotes STP Protection1. BPDU Guard 2. Root Guard (put interfaces into untrust mode)1. Prevent one Swicth port from receiving and trusting BPDU messages. 2. Prevent one Switch port from trusting new Root Bridge's superior BPDUs. In case of either case, the port is set in ErrDisable state Enable it on the switch ports that are facing to open environment. Task D Assignment 2 Task D Service High Availability NameTech. SpecificationsDescription of HANotes Internet Multihoming1. Failover (in case one ISP connection is down) 2. Load Balancing (Utilize multiple routes to forward packets from and to Internet) Connecting to Two ISPs to avoide the single point failureThere are four Internet Multihoming options for design consideration. Task E Assignment 2 Task E Edge System Policies NameTech. SpecificationsDescription of the polocyNotes NAT for Internet Access1. Static NAT or PAT for Internet Servers Access 2. Dynamic PAT for clients1. Static NAT or PAT for Internet Servers Access (helping Internet users to address the services) 2. Dynamic PAT (helping HQ local users to access Internet)NAT polices makes Internet accessible for local clients, also helps to prevent servers IP Traceability from Internet hackers and attackers.
Answered 11 days AfterNov 17, 2022

Answer To: Slide 1Assignment 2: Enterprise Network and System Design 10 Local Workgroups/VLANs...

Aditi answered on Nov 18 2022
47 Votes
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here