Survey
* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project
Download District Office, Service Center and Shaw Butte Elementary LAN
Document related concepts
no text concepts found
Transcript
Washington School District Computer Network System Threaded Case Study Jim, Jeff, Pete, Adam, Chris 100X LAN Growth 2X WAN Growth 1.0 Mbps to any host computer 100 Mbps to any server TCP/IP will be implemented 3 Regional Hubs: District Office, Service Center and Shaw Butte Elementary LAN Design Goals Initial Throughput to Network Hosts – The minimum requirement for initial implementation design will be 1.0 Mbps to any host computer Initial Throughput to Network Servers – Each Regional Hub connected via 4 T-1 Data Lines Each connected site connected to its corresponding Regional Hub with T-1 Data Line Minimum requirement of 100 Mbps to any server host Fast WAN Core Network – Three Regional Hubs LAN Design Goals Internet Connectivity – Frame Relay T1 Data Line Non-Dedicated Connectivity – ISDN WAN connectivity for the Community School Access Summary District Office Network will use a double firewall Design All Internet traffic into District’s private network is refused Two Internal networks created: Administrative & Curriculum All traffic from Curriculum LAN is prohibited on the Administrative LAN Access Summary E-Mail and DNS allowed unlimited access to District’s private network All computers in the District allowed full access to Internet ADDRESSING & NETWORK MANAGEMENT Administrative Network – All computers on the Administrative Network will have static addresses Curriculum Network – All computers on the Curriculum Network will use DHCP to obtain network addresses Master Network Management Host – Located at District Office Washington Cutsheet/Overview IP ADDRESSING CLASS C INTERNAL Location Administration Networks Curriculum Networks District office/ Data Center 192.168.0.0 192.168.50.0 192.168.51.0 Desert View 192.168.1.0 192.168.52.0 192.168.53.0 Sunnyslope 192.168.2.0 192.168.54.0 192.168.55.0 Mountain View 192.168..3.0 192.168.56.0 192.168.57.0 Road Runner 192.168.4.0 192.168.58.0 192.168.59.0 Washington 192.168.5.0 192.168.60.0 192.168.61.0 Lake View 192.168.6.0 192.168.62.0 192.168.63.0 John Jacobs 192.168.7.0 192.168.64.0 192.168.65.0 Iron Wood 192.168.8.0 192.168.66.0 192.168.67.0 Desert Foothills 192.168.9.0 192.168.68.0 192.168.69.0 Chaparral 192.168.10.0 192.168.70.0 192.168.71.0 Cholla 192.168.11.0 192.168.72.0 192.168.73.0 IP ADDRESSING CLASS C INTERNAL (CONTINUED) Location Service Center Administration Networks 192.168.12.0 Sunset 192.168.13.0 Acacia 192.168.14.0 Mountian Sky 192.168.15.0 Tumbleweed 192.168.16.0 Sweetwater 192.168.17.0 Sunburst 192.168.18.0 Sahuaro 192.168.19.0 Blue Sky 192.168.20.0 Moon Mountain 192.168.21.0 Lookout Mountain 192.168.22.0 Abraham Lincoln 192.168.23.0 Curriculum Networks 192.168.74.0 192.168.75.0 192.168.76.0 192.168.77.0 192.168.78.0 192.168.79.0 192.168.80.0 192.168.81.0 192.168.82.0 192.168.83.0 192.168.84.0 192.168.85.0 192.168.86.0 192.168.87.0 192.168.88.0 192.168.89.0 192.168.90.0 192.168.91.0 192.168.92.0 192.168.93.0 192.168.94.0 192.168.95.0 192.168.96.0 192.168.97.0 IP ADDRESSING CLASS C INTERNAL (CONTINUED) Location Administration Networks Curriculum Networks Shaw Butte/ Regional Hub 192.168.24.0 192.168.98.0 192.168.99.0 Richard E. Miller 192.168.25.0 192.168.100.0 192.168.101.0 Royal Palm 192.168.26.0 192.168.102.0 192.168.103.0 Alta Vista 192.168.27.0 192.168.104.0 192.168.105.0 Catus Wren 192.168.28.0 192.168.106.0 192.168.107.0 Manzanita 192.168.29.0 192.168.108.0 192.168.109.0 Maryland 192.168.30.0 192.168.110.0 192.168.111.0 Ocotillo 192.168.31.0 192.168.112.0 192.168.113.0 Orangewood 192.168.32.0 192.168.114.0 192.168.115.0 Palo Verde 192.168.33.0 192.168.116.0 192.168.117.0 Arroyo 192.168.34.0 192.168.118.0 192.168.119.0 Community Schools 192.168.35.0 192.168.120.0 Printers Spares 192.168.245.0-192.168.255.0 192.168.36.0-192.168.49.0 192.168.121.0-192.168.244.0 ROYAL PALM Host IP Address Curriculum File Server Administration File Server Dns/Email Server Application Server Spare Server Address Router Interfaces Spare Interface Address Administration Host Address Curriculum host add. Net 1 Curriculum host add. Net 2 192.168.102.1 192.168.26.1 192.168.26.2 192.168.26.3 192.168.26.4 - 192.168.26.15 192.168.26.16 - 192.168.26.30 192.168.26.31 - 192.168.26.49 192.168.26.50 - 192.168.26.254 192.168.102.2 - 192.168.102.254 192.168.103.1 - 192.168.103.254 SUNSET Host IP Address Curriculum File Server Administration File Server Dns/Email Server Application Server Spare Server Address Router Interfaces Spare Interface Address Administration Host Address Curriculum host add. Net 1 Curriculum host add. Net 2 192.168.76.1 192.168.13.1 192.168.13.2 192.168.13.3 192.168.13.4 - 192.168.13.15 192.168.13.16 - 192.168.13.30 192.168.13.31 - 192.168.13.49 192.168.13.50 - 192.168.13.254 192.168.76.2 - 192.168.76.254 192.168.77.1 - 192.168.77.254 SUNNYSLOPE Host IP Address Curriculum File Server Administration File Server Dns/Email Server Application Server Spare Server Address Router Interfaces Spare Interface Address Administration Host Address Curriculum host add. Net 1 Curriculum host add. Net 2 192.168.54.1 192.168.2.1 192.168.2.2 192.168.2.3 192.168.2.4 - 192.168.2.15 192.168.2.16 - 192.168.2.30 192.168.2.31 - 192.168.2.49 192.168.2.50 - 192.168.2.254 192.168.54.2 - 192.168.54.254 192.168.55.1 - 192.168.55.254 Security Order Secure ID Card with Badge Number, Department and Name User given PIN by Information Services Dial into Network Through Firewall After Using Secure ID# off Card with PIN Need 2 items for outside dial-in access: PIN (Personal ID Number) plus something unique that the user must possess at the time of attempted entry--secure pin pad token that generates random one-time only access codes. Internal Routing District Office will maintain user passwords, routers & Lan Switches District Office will be the only point of contact between external routing and the internal networks Password checking policy will be implemented with Password Policy Enforcer software Non-compliant passwords will be rejected and the user will be prompted to enter a new password. Such software requires that users choose compliant passwords. Outside Access Allow everyone DNS access to your DNS server, 192.168.13.2 (192.168.26.2, 192.168.2.2, 192.168.02) (config)# access-list 107 permit UDP any 192.168.13.2 eq DNS Do not allow students to use FTP to the Internet (config)#access-list 107 deny tcp 192.168.50.0 0.0.70.255 any eq FTP Allow Internet access (config)#access-list 107 permit IP any any IP is required to reach the Internet. Internet Router Allow established connections back to users. Any user on the Internet can connect to the mail server and to the Web server. Public(config)#access-list 103 permit tcp any any established Public(config)#access-list 103 permit tcp any any eq www Public(config)#access-list 103 permit tcp any any eq 25 (e-mail) Public(config)#access-list 103 permit tcp any any eq 53 (DNS) Public(config)#access-list 103 deny ip any any Public(config)#int s0 Public(config-if)# ip access-group 103 in District Office Allow everyone Web access to the web server, 192.168.0.4 District(config)#access-list 105 permit tcp any to 192.168.0.4 eq HTTP Permit E-Mail & Directory services; permit Internet access; deny student access to Administrative network District(config)#access-list 105 permit tcp any 192.168.0.0 0.0.0.255 eq 25 District(config)#access-list 105 permit tcp any 192.168.0.0 0.0.0.255 eq 53 District(config)#access-list 105 permit IP 192.168.0.0 0.0.0.255 any District(config)#access-list 105 deny tcp 192.168.50.0 0.0.70.255 192.168.0.0 0.0.0.255 District(config)#access-list 105 deny ip any any (explicit deny all) District(config)#int e0 District(config-if)#ip access-group 105 out Sunny Slope Permit E-mail and DNS traffic and deny Student access Sunny(config)#access-list 103 permit tcp any 192.168.2.0 0.0.0.255 eq 25 (E-mail) Sunny(config)#access-list 103 permit tcp any 192.168.2.0 0.0.0.255 eq 53 (DNS) Sunny(config)#access-list 103 deny tcp 192.168.50.0 0.0.70.255 192.168.26.0 0.0.0.255 Sunny(config)#access-list 103 deny ip any any (implicit deny all) Sunny(config)#int e0 Sunny(config-if)#ip access-group 103 out Royal Palm Permit E-mail and DNS traffic and deny Student access Royal(config)#access-list 101 permit tcp any 192.168.26.0 0.0.0.255 eq 25 (E-mail) Royal(config)#access-list 101 permit tcp any 192.168.26.0 0.0.0.255 eq 53 (DNS) Royal(config)#access-list 101 deny tcp 192.168.50.0 0.0.70.255 192.168.26.0 0.0.0.255 Royal(config)#access-list 101 deny ip any any (implicit deny all) Royal(config)#int e0 Royal(config-if)#ip access-group 101 out Sunset Permit E-mail and DNS traffic and deny Student access Sunset(config)#access-list 102 permit tcp any 192.168.13.0 0.0.0.255 eq 25 (E-mail) Sunset(config)#access-list 102 permit tcp any 192.168.13.0 0.0.0.255 eq 53 (DNS) Sunset(config)#access-list 102 deny tcp 192.168.50.0 0.0.70.255 192.168.13.0 0.0.0.255 Sunset(config)#access-list 102 deny ip any any (implicit deny all) Sunnset(config)#int e0 Sunset(config-if)#ip access-group 103 out TOTAL COST ROYAL PALMS Device Router Switch Hubs Cabinets Racks Servers Multimode Fiber Cat 5 UTP Description Cisco3662 DC#1 Blackbox total switch 6 mmfiber Dual speed 10/100 stackable hubs Elite series wallmount cabinets 72" rack w/patch panel gateway 8450r servers synergy datacom supply hawking tech. Per 1000ft Number of Price Total Cost 1 $36,200.00 $36,200.00 32 $1,950.00 $62,400.00 288 $649.99 $187,197.12 72 $600.00 $43,200.00 16 $200.00 $3,200.00 4 $6,338.00 $25,352.00 18000 $0.29 $5,220.00 5 $56.63 $283.15 Total for School $363,052.27 TOTAL COST SUNSET Device Router Switch Hubs Cabinets Racks Servers Multimode Fiber Cat 5 UTP Description Cisco3662 DC#1 Blackbox total switch 6 mmfiber Dual speed 10/100 stackable hubs Elite series wallmount cabinets 72" rack w/patch panel gateway 8450r servers synergy datacom supply hawking tech. Per 1000ft Number of Price Total Cost 1 $36,200.00 $36,200.00 14 $1,950.00 $27,300.00 200 $649.99 $129,998.00 50 $600.00 $30,000.00 7 $200.00 $1,400.00 4 $6,338.00 $25,352.00 5000 $0.29 $1,450.00 2 $56.63 $113.26 Total for School $251,813.26 TOTAL COST SUNNYSLOPE Device Router Switch Hubs Cabinets Racks Servers Multimode Fiber Cat 5 UTP Description Cisco3662 DC#1 Blackbox total switch 6 mmfiber Dual speed 10/100 stackable hubs Elite series wallmount cabinets 72" rack w/patch panel gateway 8450r servers synergy datacom supply hawking tech. Per 1000ft Number of Price Total Cost 1 $36,200.00 $36,200.00 36 $1,950.00 $70,200.00 216 $649.99 $140,397.84 54 $600.00 $32,400.00 18 $200.00 $3,600.00 4 $6,338.00 $25,352.00 12000 $0.29 $3,480.00 3 $56.63 $169.89 Total for School $311,799.73 DISTRICT OFFICE/ DATA CENTER Number Device Description of Price Total Cost Router cisco 7600 1 $236,300.00 $236,300.00 Switch Blackbox total switch 6 mmfiber 7 $1,950.00 $13,650.00 Cabinets Elite series wallmount cabinets 10 $600.00 $6,000.00 Hubs Dual speed 10/100 stackable hubs 50 $649.99 $32,499.50 Racks 72" rack w/patch panel 1 $200.00 $200.00 Servers gateway 8450r servers 4 $6,338.00 $25,352.00 Multimode Fiber synergy datacom supply 500 $0.29 $145.00 Cat 5 UTP hawking tech. Per 1000ft 1 $56.63 $56.63 REGIONAL DATA CENTERS Device Router Switch Hubs Cabinets Racks Servers Multimode Fiber Cat 5 UTP Security Number Description of Price Total Cost cisco 6400 3 $129,500.00 $388,500.00 Blackbox total switch 6 mmfiber 2 $1,950.00 $3,900.00 Dual speed 10/100 stackable hubs 24 $649.99 $15,599.76 Elite series wallmount cabinets 20 $600.00 $12,000.00 72" rack w/patch panel 3 $200.00 $600.00 gateway 8450r servers 3 $6,338.00 $19,014.00 synergy datacom supply 500 $0.29 $145.00 hawking tech. Per 1000ft 1 $56.63 $56.63 Password policy Enforcer 1 $5,300.00 $5,300.00 Average Cost Per School $308,888.42 Cost for School District $10,952,636.38 Educational Discount $4,381,054.55 Total Cost $6,571,581.83
Related documents