Download Present State of Network

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
Document related concepts
no text concepts found
Transcript 
Washington
School
District
Project
Present State of Network
T1
T1
4-T1
Desert View
T1
Service Center
Data Center
4-T1
4-T1
4-T1
Shaw Butte
T1
Initial Assumptions:
• 1 Mbps Hosts
• 100 Mbps Servers
Acacia
General Requirements:
• Functional =7-10 Years
• 100X Growth in LAN
• 2X Growth in WAN
R. E. Miller
• 10X Growth in
Internet Connectivity
Protocols Allowed = TCP/IP and IPX
Present State of Network
Number of Users:
Region Hub 1: One District Office/Data Center
[75(A)+11[250(C) + 75(A)]=3650 connections
Region Hub 2: One Service Center
[75(A)+11[250(C) + 75(A)]=3650 connections
Region Hub 3: Shaw Butte
[11[250(C) + 75(A)]=3575 connections
Total = 10875 connections
Each Class Room is 24 Student + 1 Teacher
= 25 connections Per Class rooms
With 250/25=10 Class rooms Need Wiring
Wan Connections
To Meet Requirements:
• 2X WAN Core DS3
• 10X Internet DS3
DS3
Data Center
DS3
DS3
DS3
DS3
Service Center
DS3
Shaw Butte
DS3
Desert View
DS2
DS2
DS2
R. E. Miller
Acacia
• Frame Relay with
Backup PVC’s
Local Area Network & Wiring Scheme
R. E. Miller
Local Area Network & Wiring Scheme
Local Area Network & Wiring Scheme
• Gigabit Switches Available
for backbone From Switch to
Switch
• MDF 5500 Chassis Router
• Extra - We have decided to
put in a WIC Card for
integrating the PBX to create a
uniform dial Plan ability ( 4
Digit Dialing)
• (100X) Growth in LAN
Criteria has been met
District Supplied Servers and Functions
6 Services Per School & District Offices
• DNS
• DHCP
• SNMP
• Administrative
• Library
• Application
At District only
• TFTP server
• Larger Scale servers
Enterprise Class Servers
• DNS, DHCP, E-Mail
• Application
• Library Server
Workgroup Class Servers
• SNMP, HP-Open view
• Administration
• TFTP
Each Server will have its own backup service
District Supplied Servers and Functions
Firew all
Web Server
DNS
EMAIL
DS3
Data Center
DS3
DS3
DS3
DS3
Service Center
DS3
Shaw Butte
TFTP
Monitoring Tools
DS3
Desert View
DS2
DS2
Acacia
DS2
Application
DNS
DHCP
EMail
Library Serv er
R. E. Miller
HP Open view
SNMP
Monitoring Tools
Administration
Security
USER ID and PASSWORD POLICY
1. USER ID
·
First six digits of last name, First
initial of first name, number
·
(SmithJ1, SmithJ2, JohnsoM1)
2. PASSWORD
·
Maximum Password Age – 30 days
·
Minimum Password Age – 30 days
·
Minimum Password Length – 8
characters
·
Password Uniqueness – 12
·
Account Lockout
IGRP
•stable routing in very large or complex networks. (No
routing loops)
•fast response to changes in network topology
•low overhead
•splitting traffic among several parallel routes taking into
account error rates and level of traffic on different paths
Addressing and Management
Using Class B Addressing
3 Subnets
• Router gateway
• Administrative
• Curriculum
2 Subnets Unused
Borrowing 8-bits will
allow for up to 254
usable with subnet
masks of
255.255.255.0
Static addressing for
Administrative Subnet
Curriculum addressing will
be provided by VLAN and
DHCP
Administrativ e
Curriculum
Addressing and Management
School Gateway
Host Range
Broadcast
Subnet Mask VLAN
Desert view
160.10.0.1
160.10.1.1
160.10.2.1
160.10.0.2-160.10.0.254
160.10.1.2-160.10.1.254
160.10.2.2-160.10.2.254
160.10.0.255
160.10.1.255
160.10.2.255
255.255.255.0
255.255.255.0
255.255.255.0
Admin
Student
160.10.5.1
160.10.6.1
160.10.7.1
160.10.5.2-160.10.5.254
160.10.6.2-160.10.6.254
160.10.7.2-160.10.7.254
160.10.5.255
160.10.6.255
160.10.7.255
255.255.255.0
255.255.255.0
255.255.255.0
Admin
Student
160.10.10.1
160.10.11.1
160.10.12.1
160.10.10.2-160.10.10.254
160.10.11.2-160.10.11.254
160.10.12.2-160.10.12.254
160.10.10.255
160.10.11.255
160.10.12.255
255.255.255.0
255.255.255.0
255.255.255.0
Admin
Student
Acacia
REMiller
Security
ACL
Data Center ACL's:
Data Center2 (config)#access-list 101 permit tcp 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255 established
Data Center2 (config) # interface SO
Data Center2 (config-if)# ip access-group 101 out
R.E.Miller ACL's:
R.E.Miller(config)#access-list 103 permit tcp any 160.10.2.2 0.0.0.0 eq 25
R.E.Miller(config)#access-list 103 permit tcp any 160.10.2.2 0.0.0.0 eq 53
R.E.Miller(config)#access-list 103 deny ip 160.10.1.0 0.0.0.255 160.10.2.0 0.0.0.255
R.E.Miller(config)#access-list 103 permit ip any any
R.E.Miller(config)# interface E1
R.E.Miller(config-if)# ip access-group 103 out
R.E.Miller(config)#access-list 105 deny tcp 160.10.1.0 0.0.0.255 any eq 21
R.E.Miller(config)#access-list 105 deny tcp 160.10.1.0 0.0.0.255 any eq 23
R.E.Miller(config)#access-list 105 permit ip any any
R.E.Miller(config)# interface E0
R.E.Miller(config-if)# ip access-group 105 in
Firewall
Block
intrusion with
firewall and
intrusion
detection
software
Firewall Router
Outside Web Service
Email
DNS
Ditrict Router
Also utilizing
ACL list
IDF Switches
Catalyst 3548 XL Enterprise Edition WSC3548-XL-EN $4,995
Gigabit uplinks
Multimode fiber
Stackable
VLAN Support
MDF Routers and Switches
1 WAN Connection
108 Fast Ethernet
Connections
9 Multimode Fiber
connections
Total List cost $85,465
District MDF Routers and Switches
3 Wan Connections
108 Fast Ethernet
Connections
Total List Cost $72,460
Firewall Router
Cisco 7120
Cisco PIX Firewall Software with Intrusion Detection
Total List Cost $41,000
Total Cost
30
3
3
1
IDF Switches
MDF Switches
District MDF Switches
Firewall Router
Total List Cost
* Discount of 40%
Total Parts Cost
$149,850
$256,395
$217,380
$ 41,000
$627,725
*.6
$376,635
Labor is $50 per port run
$ 56,250
Setup of IDF’s and MDF’s $210,000
Servers and Software
$740,000
Total Project Cost
$1,382,615
Related documents