Presentation on theme: "Accounting & Financial Services Corporation Accounting & Financial Services Network Design By Michael J. Smith Nov. 14, 2011."— Presentation transcript:
Accounting & Financial Services Corporation Accounting & Financial Services Network Design By Michael J. Smith Nov. 14, 2011
Network Objectives Security. Prevent unauthorized access. Speed. Bandwidth must meet demand. Reliability. Contain redundancy. Scalability. Sustain scalability without the need to rebuild entire network.
Design Assumptions AFS does not have a network. Departments reside on a separate floors. AFS does not share buildings with any other businesses. AFS wants to use MS Windows & Office. 100Base-TX for LANs and 1000Base-FX for the WAN will suffice. The network design must only ensure that it is logically secure.
Network Needs Accommodate file sharing, including text files, graphic- heavy files, and database information. Accommodate 1,600 users across seven locations. Accommodate web-based applications. Prevent authorized access.
AFS Network Design One wide-area-network connecting all the offices to AFS headquarters using a star architecture. A backbone network that will connect all the LANs in each branch office to the WAN. Several department local-area- networks that will connect workstations in departments together. AFS Network will not be meshed to save money.
AFS Wide-Area-Network Each location has a router. Each location is connected to AFS HQ using 1GbE over fiber cables. (1000Base-FX). Each location has a media converter. All Internet traffic is routed to AFS HQ to limit entry points. The Dublin office contains redundancy, should the connection to AFS HQ experience problems. Both AFS HQ and Dublin have firewalls and anomaly detection systems. Each location has a L3 switch.
AFS Backbone Network 100Base-TX over Cat 5e will be used in the AFS BN. Each AFS location needs one L2 switch for each department LAN and one for the DMZ. Each location needs one L3 switch to connect core layer to distribution layer. The BN will not contain any security beyond the DMZ, as security will be handled by the anomaly detector and firewall at HQ.
IP Addressing IP addresses were assigned consistently across branch offices. – Should allow technicians to identify servers by IP address. For example: A server with IP 220.127.116.11 is located in Burbank, CA. – The “8” in “84” tells us it is in Burbank because it falls in the range 18.104.22.168 – 22.214.171.124. – The “4” in “84” tells us that the server belongs to the Customer Service department because it falls in the range 126.96.36.199 – 188.8.131.52. – The “10” tells us that it is a file server because all branch office file servers end in 10.
IP Addresses Cont’d. LocationIP Addresses Fairfax HQ Executive Dept. IT Department Acct. & Fin Dept. HR Department Sales & Mktg. Dept. Cust. Svc. Dept. Legal Department 184.108.40.206/20 220.127.116.11/24 18.104.22.168/24 22.214.171.124/24 126.96.36.199/24 188.8.131.52/24 184.108.40.206/24 150.15.2820/24 Dublin Accounting Dept. Finance Dept. HR Department Sales & Mktg. Dept. Cust. Svc. Dept. 220.127.116.11/20 18.104.22.168/24 22.214.171.124/24 126.96.36.199/24 188.8.131.52/24 184.108.40.206/24 Greensboro Accounting Dept. Finance Dept. HR Department Sales & Mktg. Dept. Cust. Svc. Dept. 220.127.116.11/20 18.104.22.168/24 22.214.171.124/24 126.96.36.199/24 188.8.131.52/24 184.108.40.206/24