Proposition of the final LAN infrastructure

Proposition of the final LAN infrastructure

The organization that you choose to use for this project is the Marine Corps. Because

of the large volume that is carried out differently among all the different units, there are
many different moving parts so I will focus on a section S-6 Inside a smaller unit. This

unit will contain approximately 500 people, and 15 of these persons will be responsible
for establishing the network. This will be to include satellites, routers, switches, and all

peripherals. This unit is responsible for the ability to quickly deploy the communications

department to any part of the world and begin to pull data over a 5-hour period. Will

be This Is the key when the unit's main unit arrives, and there are already data

connections ready to pull.

 The three-tier hierarchical design model is made up of cisco From basic

distribution and access. When we quickly look at the chart, we see that the basic layer

of this grid begins at SCR RTR And ends when a link POP RTR . The next layer is our

distribution layer, which is one key POP RTR And switches that contain all road

summaries and address addresses including VLAN On our keys that are running Layer

3 Traffic VAN Router On their own without the need for a router. Finally, the access

layer is all end-users and network resources such as server farm.

After careful considerations and adding IPsec To our network, we can

successfully implement and upgrade your wireless network infrastructure. The back

side of the networks will receive from SCR RTR to me POP RTR 192.168.0.33 / 26 As

devices IP Their instant traffic from ISPs will be placed on firewalls, routers and

switches. After the traffic has been left a protocol POP RTR And make its way around

our network, it will move through point-to-point links within the network 192.168.1.128 /
25. All servers will be placed on a network VLAN From 192.168.3.33 / 27 to separate

server traffic on the adapter to be grantedQoS Higher than traffic VLAN Of the user who

will be on a separate VLAN using 192.168.3.65 / 28 which will give IP Up to 62 users to

connect to either via Wi-Fi Or using solid wire in the grid. As we move more towards

the network, we will see that our first wireless access point is present in the primary and
supplied key and setup on VLAN the user. The virtual gateway will be 192.168.3.65 /
28 users IP VLAN For the user.

In this case, we have implemented and updated our network to an extensive

network ( WAN ). In this scenario, we created a separate site located across the world

and talking to the main satellite site. This other network is still part of the main network,

it's simply on the other side of the world and that's why our network is now a
network WAN . We have kept everything as it was before where the router is
used SCR BGP To talk to your Internet service provider ( ISP ) And data flow from our
provider. From there, each router includes a router SCR On networks EIGRP With all

directly related subnets that are configured inEIGRP So that routers quickly pass routing

table information between each other. From our basic 3 layer adapter, we have a

cable Ethernet Which connects to a satellite communication device center that simply

transfers data to the other location. Each router is configured to end

with OSPF And EIGRP From LANTheir own. This will allow the main site to send the

secondary site the routing tables learned from EIGRPTo the secondary site across a

path OSPF . This means that the main site and the secondary site will have

them EIGRP ASN Different. Give us OSPF The concept of an area allows us to

segment different sites. This works because the router has an independent system that
connects one or more of the following ASAnd exchange paths between them.

For our security deployment plan, we have implemented networks VLAN Within

our network to divide the traffic in our network. We can see that it will be

configured VLAN2 On all ports that have connected user computers. In addition to

composition VLAN2 On all user computers if that user has a phone IP , The port will

also be configured with VLAN Voice dialing so that the phone IP Its dragging IP From

Etisalat Manager Cisco . Servers will also have their own VLAN to rid them of

all Unnecessary visits also, and we will also have VLANs for management our servers

will use for things like ESXi And vMotions And iSCSIAnd other traffic management

protocols. In our network we have a router running multiple access control lists and will

block all visits that our ISP has requested us to block. From our scan prompt, our traffic
begins to go to the firewall and IPS Which will monitor traffic and identify

attempts DDOS It is immediately prohibited. From here our traffic is moved

towards POP RTR Usually traffic is to our servers where many of our services are

running. Things like DNS On our Domain Controller that all computers use to
resolve IPOriented Web page names. Also we will run the server McAfee Which will
deploy proxies to all user computers that will be configured to shut down certain ports

and protocols. In general, the computer is locked before anything bad happens, either
accidentally or accidentally. I have always found it extremely important to keep our

keys and routers up to date with the latest firmware to prevent them from being
compromised. The easiest way to help protect our system is to keep our employees

and users informed about how hackers try to control our system and tell them to alert
the IT team if try to One access to their computer. From here, we must create a risk

analysis of our network. This means that we will consider where to put our devices and

easy access to these devices in addition to the survey of our network to determine what
and what risks. Our last step could be to appoint one or two people to support and

implement a security policy that is often our information security officers and probably

only one network administrator to make sure that all other managers will stay within
their ethical limits and do the right thing

After careful considerations and adding IPsec To our network, we have

successfully implemented and upgraded the wireless infrastructure. Our background

network remained as it is with router sifting, firewall, and pop router, in addition to the
primary conversion key. Keeping our servers and storage in our network is also the

best idea, so all server-side services such as DNS searches are done faster via Link
1 gig Or 10gig Without any possible interruption in frequencies Wi-Fi we've

got. Through our basic adapter, we have a wired wireless access point in the

adapter Core Our own. Our main access point has a 2.4 GHz channel set to 1. We

then have two access points connected to a main access point via the 5 GHz back
channel for connections AP to me AP . These two access bands have a 2.4 GHz

channel set to 11 that will not interfere with each other because of their position. This

will allow anyone to be able to cross these areas without losing the signal to the
network. The back side of the networks will receive from SCR RTR to me POP RTR
192.168.0.33 / 26 As devices IP Their instant traffic from ISPs will be placed on

firewalls, routers and switches. After the traffic has been left a protocol POP RTR And

make its way around our network, it will move through point-to-point links within the
network 192.168.1.128 / 25. All servers will be placed on a network VLAN From

192.168.3.33 / 27 to separate server traffic on the adapter to be granted QoS Higher

than traffic VLAN Of the user who will be on a separate VLAN using 192.168.3.65 / 28

which will give IP Up to 62 users to connect to either via Wi-Fi Or using solid wire in the

grid. As we move more towards the network, we will see that our first wireless access

point is present in the primary and supplied key and setup on VLAN the user. The

virtual gateway will be 192.168.3.65 / 28 users IP VLAN For the user. Some will

be The wireless standards that will be in my network are 802.11 n / ac Speeds of 2.4

GHz and 5 GHz. The access points will use a channel 5 GHz As a back channel for

each access point you will provide fast transfer rates between access points. A 2.4

GHz channel will be set up to be separated so that there is no channel interference for
users. This will all happen by using Wi-Fi internet access Dual-band . We also

have to make sure there is no chance for a man in the middle attack, so we'll encrypt all
packets on the network. We also need to make sure that Our users They do not

connect unauthorized devices to our network which means we will use 802.1 X Which

will provide support for central user identification, authentication, dynamic key
management and accounting