ROYAL PALM NETWORK PROJECT John Healy Tom Jamieson
Published byModified over 5 years ago
Presentation on theme: "ROYAL PALM NETWORK PROJECT John Healy Tom Jamieson"— Presentation transcript:
1 ROYAL PALM NETWORK PROJECT John Healy Tom Jamieson Threaded Case StudyROYAL PALM NETWORK PROJECTJohn Healy Tom Jamieson
2 Contents Design Goals WAN Design Logical and Physical LAN Design MDF Equipment DetailsIDF Equipment DetailsEquipment CriteriaIP AddressingClassroom LayoutWiring SchemeSecurityVLANSAccess Control ListsConclusions
3 Design GoalsTo implement an enterprise-wide network for the Washington schools district which will include Local Area Networks (LANs) at each site and a Wide Area Network (WAN) to provide data connectivity between all school sites.All workstations will need Internet access.Functionality is to continue for 7-10 yrs.
4 Design Goals Design considerations will include: A minimum of 100x (times) growth in the LAN throughput.2x (times) growth in the WAN core throughput.10x (times) growth in the District Internet Connection throughput.Only two OSI layer 3&4 protocols will be allowed to be implemented in this network, they are TCP/IP and Novell IPX.
5 Design GoalsTwo LAN segments will be implemented in each school and the District Office.Cat 5 cable will supply Ethernet speeds at 10base-T, 100base-TX and 100Base-FX. Each room will require support for up to 24 workstations.The minimum requirement for initial implementation design will be 1.0 Mbps to any host computer in the network and 100 Mbps to any server host in the network.
10 MDF Equipment Details PIX Firewall 2 x 24 Port Patchbays 3600 Router 2 x G SwitchesAdministrative ServerFile ServerUninterruptible Power SupplyApplication ServerMail Server
11 IDF Equipment Details IDF 7 11 ROOMS 44 PORTS 2 x 2924XL SWITCH IDF 8 EACH IDF ALSO CONTAINS:1 x 24 or 2x 24 port patchbays as per requirement.Equipment will be housed in a lockable cabinet with a fan tray installed for heat regulation purposes.
13 Equipment Criteria Cisco 3600 Router Modular Design Analogue and Digital Voice ServicesSerial Networking CapabilityMixed WAN Services
14 Equipment Criteria Cisco 3550 Switch (MDF) Stackable Design IP Routing Advanced Quality of ServiceBandwidth FlexibilitySecurity Access Control ListsVLAN Capability
15 Equipment Criteria Cisco 2900XL Series Switch (IDF) Modular Design Integrates Seamlessly with Cisco 3550 SwitchAdvanced Quality of ServiceBandwidth FlexibilityPolices traffic flows using access control parameters (ACPs)VLAN Capability
16 Equipment Criteria Cisco 112T FastHub Compatible with 10Mbps and 100Mbps connectionsAutosensing FeatureInternal BridgingFull integration with 2900XL series switches
17 Equipment Requirements PRODUCTAMOUNTPIX Firewall1Cisco 3600 RouterCisco 3550 Switch2Cisco 2900XL Switch10 x 2924XL Switches2 x 2912XL Switches112T FastHub189
18 Wiring SchemeCabling will be run via the existing data cable ducts connecting buildings and within buildings where supplied. Wiring will also be installed in ceiling spaces and wall cavities.All cabling to comply with local building codes.Cabling from the MDF to all IDFs will be Multimode Fibre pairsCabling from IDFs to classroom hubs will be Cat5
19 Wiring Scheme MDF to IDF Wiring type will be 1Gb Multimode Fibre pairs.Fibre was chosen for the following reasons:Max speedDistance requiredScalabilityResistance to EMF
20 Wiring Scheme IDF to Classrooms Wiring type will be CAT 5 cable. Max distance is 100mCAT 5 was chosen for:Efficiency and reliabilityCost
21 Typical Classroom Layout Wall Plate3 x 12 Port Hubs
24 Security Security Implementation: A double firewall will be utilised The network will be segmented into two LAN infrastructures. One designated ‘Curriculum’ (for student use), and the other ‘Administrative’ (for teacher and administration use).Each LAN will have its own file server.Access Control Lists will prohibit traffic from the Curriculum LAN entering the Administrative LANA strict password policy will be put in place and rigourously implemented
26 Access Control Lists The purpose of Access Control Lists are: To reinforce network securityTo provide basic traffic filtering capabilitiesLimit access to groups of computers or individual workstations.
27 Access Control ListsACLs provide security to the networks connected to the router by testing traffic against conditions contained in the ACL.If the conditions are true:The individual packets are sent to their destination from the router interface defined in the ACL configuration.If conditions are not trueThe packet is discarded.
28 Access Control ListsThe students will be denied access to the Administration interface of the router with the ACL.Students will only be allowed to access Curriculum, , and the Internet within the LAN and at the district office.Students will be denied access to the Administration segment of the LAN and Wan networks.Administration will have full access to all segments within the LAN and district office.
29 Conclusions Will be easy to implement and maintain Places a strong emphasis on securityBuilds in scalabilityProtects from future obsolescence by utilising modular hardwareExceed current requirements