My proposal for your network will include hardware by Cisco, the leading manufacturer when it comes to networking equipment. My goal is to follow the Cisco 3 layer Hierarchical Model. This model of building a network gives better network performance with greater management, allows for scalability for future growth, and helps keep the network reliable by having redundancy for times when equipment needs to be serviced or goes down. This method also keeps the overall costs of building the network low. There are three layers involved called the core, the distribution, and the access layers. The top or first layer is the core layer and is used to move traffic at very high speeds and is considered the backbone of the network. It is also the layer …show more content…
I would highly recommend the use of NAT. I would like to use private IP addresses on the network because they cannot connect to the internet. Private IP addressing is used to keep everything contained within a network. This adds another layer of security as these are not routable over the internet. This will be a problem, though, if a host needs to use the internet to connect to outside sources. NAT is a way for private IP address that are within a network to be translated into public IP addresses so that they can be routed out onto the internet. It is a protocol that runs on a router that is connected directly to the internet. The router acts as a middleman in this case, allowing an entire private network to use a single ISP (internet service provider) line to connect to the public internet. It translates private IP addresses to routable public IP addresses before sending it out to the internet. It also takes a public IP address that comes in and changes it to the private IP address, sending it where it needs to go. Because you are connected to a single line, I will be using overload NAT with PAT (Port Address Translation). It translates many inside address to a single public IP address using the hosts port number (Network Address Translation (NAT) …show more content…
A VLAN (Virtual Local Area Network) is a virtual network of devices that can only communicate with other members of the same VLAN. They are helpful in grouping hosts together and help in implementing security on the network. There are four areas that will be on VLAN’s in the network. Sales will be on VLAN 10, engineering will be on VLAN 20, accounting will be on VLAN 30, and the executive offices will be on VLAN 40. They will still be able to communicate with other areas when needed by sending the packet through the routers on the distribution layer. An example is VLAN 40 and the local DNS server, while on the same switch, cannot communicate with each other. The packet will go up to the router in the distribution layer, then back down to the switch to reach its destination. To keep the sales department from being able to access the accounting department, an ACL (Access Control List) will be used. To make it simple to understand, I will use a named extended ACL. The name of this ACL will be no sales. An extended ACL will block any IP addresses from sales being passed to accounting. This will be put on the outgoing port on the router on the distribution layer before it is sent to the switch on the access layer. Any IP address of 172.16.1.x will be dropped from the
The webserver will be placed in a protected area, called a Demilitarized Zone (DMZ), outside the corporate network. The DMZ will be protected by a hardened firewall server called a Bastion server. The Bastion server’s services are limited and the configuration is changed to make the server
Setting up the network basis is necessary to the success of this project. A Client/Server network is needed to implement through a TCP/IP protocol. Each plant will function as Local Area Network linked together as a Wide Area Network. All the users with the access will have the ability to exchange information instantly. This configuration will generate the best and secured settings to create and direct the information to the users.
The increasing use of NAT comes from a number of factors. The major factor is that there is a world shortage of IP addresses. As the Internet has grown, assigning perfectly good network addresses to private networks came to be seen as a waste. Under the Network Address Translation (NAT) standard, certain IP addresses were set aside for reuse by private networks. In addition to reducing the number of IPv4 addresses needed, NAT also provides a layer of obscurity for the private network, because all hosts outside of the private network observe communication through the one shared IP address. NAT is not the same thing as a firewall or a proxy server, but it does contribute to security. NAT also succeeds in the ease and flexibility of network administration. It can divide a large network into several smaller ones by exposing only one IP address to the outside, which means that computers can be added, removed, or have their addresses changed without impacting external networks. Other benefits include Protocol-level protection, Automatic client computer configuration control, and Packet level filtering and routing.
Roberts, Richard M. "Network Secrurity." Networking Fundamentals. 2nd ed. Tinley Park, IL: Goodheart-Willcox, 2005. 599-639. Print.
In conclusion, a local area network is made up of computers and a myriad of devices, such as routers, servers, switches, and firewalls. In order for it to connect to the Internet, a router must be installed. Servers provide special functions such as printing, file sharing, etc. Switches connect the computers together from different parts of the network. Firewalls prevent unauthorized access. There are a host of other devices that may be used as well. These devices are hubs, gateways, repeaters, wireless access points,
This proposal is for a small office that will have users who are connected by Wi-Fi or cable. The network will include devices and resources that is shared among all the users. The network will need to have security measures in place to protect the entire network and keep the wireless access secure and available only to employees of the company.
Site to site VPN's extend the wide area network in the sense that they provide large scale encryption between multiple sites such as remote offices and central offices, and also over the internet. There are two main types of site to site virtual private networks, internet and extranet (HowStuffWorks.com). Intranet based VPN's are used for connecting one or more remote locations to the existing LAN, while an extranet based systems connect one or more different companies to the existing LAN to create a shared environment or partnership.
Local Area Networks also called LANs have been a major player in industrialization of computers. In the past 20 or so years the worlds industry has be invaded with new computer technology. It has made such an impact on the way we do business that it has become essential with an ever-growing need for improvement. LANs give an employer the ability to share information between computers with a simple relatively inexpensive system of network cards and software. It also lets the user or users share hardware such as Printers and scanners. The speed of access between the computers is lighting fast because the data has a short distance to cover. In most cases a LAN only occupies one or a group of buildings located next to each other. For larger area need there are several other types of networks such as the Internet.
ABSTRACT : This paper describes the basic threats to the network security and the basic issues of interest in designing a secure network. it describes the important aspects of network security. A secure network is one which is free of unauthorized entries and hackers. INTRODUCTION
...vantage of the overall network design and implement usable subnets with virtual local area networks. Use encryption and encapsulation to secure communications of public segments to enable extranets and cross-Internet company traffic. Use items such as intrusion detection systems and firewalls to keep unauthorized users out and monitor activity. Taken together, these pieces can make a secure network that is efficient, manageable, and effective.
Exploring The Internet The Internet is like a network of networks where any computer can link up to information stored within it. It is accessed by a telecommunications line and a modulator-demodulator (MODEM). It is brought to your computer screen by converting analogue telephone signals into digital computer signals. There are many advantages and disadvantages on the Internet.
Term Paper: The History of the Internet The Internet began like most things in our society, that is to say that the government started it. The Internet started out as an experimental military network in the 1960s. Doug Engelbart prototypes an "Online System" (NLS) which does hypertext browsing, editing, email, and so on. The Internet is a worldwide broadcasting resource used for distributing information and a source for interaction between people on their computers. In 1973, the U.S. Defense Advanced Research Projects Agency (DARPA) initiated a research program to investigate techniques and technologies for interlinking packet networks of various kinds.
Network management planning and security planning involves identifying the best and most appropriate systems and hardware that the firm can use to better manage network and plan security systems. Therefore, the management required me to examine the best software and hardware systems in the market place that the company can adopt to enable it to manage the network and security. The management required me to advice on the implementation procedure of various plans that are going to be adopted. My responsibility also involved finding out or predicting the impact of the plan on the future operations. They required me to evaluate the challenges the company might face while adopting the changes in the network management plan and security plans.
...departments makes it easier to keep a more secure network. Third ACL Layer is focus on allowing and denying access between hosts on networks. ACLs are written on both routers and firewalls. The key on creating strong ACLs is to concentrate on both ingress and egress ACLs.
So you believe Al Gore created the Internet? Well that’s not possible, because I did. Yes, it’s true, a few years ago I was sitting in my basement with nothing to do and suddenly the idea came to me: why not create an inter-connected network of networks that will allow users to send mail instantly, download copyrighted songs, and order pizza, all from the comfort of their own living room? OK, so maybe I didn’t exactly invent the Internet, but neither did Al Gore.