3 WAN OverviewThere will be three Regional hubs established with each schools site assigned to go through one of the three hubs. At each Regional hub will be a high-power router. All Internet traffic will be switched to the District Office router for outside contact through a Frame Relay WAN using PVC (always connected).We will use 4 T1 lines – one between each of the Regional hubs and then one Frame Relay.
4 LAN OverviewLAN – Between and within buildings at each school site, running 2 LAN segments -*One for Teachers and Staff members with Admin Server*One for Students.
5 LAN Wiring Scheme Requirements Multi-Mode Fiber – 100 Base FX, Fast Ethernet, which has a distance maximum of 400 M.- We will be using for vertical cross-connect.- We will be using a dedicated T1 WAN link to provide Point-to-Point to go between each school’s POP and the Regional hubs.
6 LAN Wiring Scheme Cont’d CAT 5 UTP, 100 Base TX, which has a distance of 100 M.- We will be using for horizontal cross-connect.- We will be using the EIA/TIA-568-B cabling lengths. (3m, 90m, and 6m).- All wiring will be terminated in lockable cabinet containing all terminations, will also include decorative wire and proper conduits or sleeved cores.
7 LAN Wiring Scheme EndEach room will accommodate up to 24 student workstations and 1 teacher workstation.Each IDF and MDF will be a secured lockable closet with key code entrance.Wiring hub and patch panel may be mounted to wall.
9 District Supplied Servers and Functions Enterprise servers:* DNS server at MDF to translate hostname to IP Address for web access available to everyone.* Server also at MDF to send and store all messages with complete directory of staff members and students at that location.Administrative Server at MDF for administrative database – Student tracking, attendance, grading, etc., for teachers and staff only.
10 District Supplied Servers and Functions (Cont) * Library Server at MDF available to all users. TCP/IP.Workgroup servers:* Application Server all computer applications such as word processing and spread sheet software.* Backup Server for nightly backup of data within each school’s IDF.* DHCP to obtain IP address, located at each respective school.
11 IP Addressing (overall) Network NumberSubnet Mask254 Subnets65534 Hosts per Subnetover 16.6M host addresses supported
13 Future Growth IP Range 10.200.0.0 - 10.254.0.0 27 additional schools (or additional network growth) supported w/2 subnets for each schoolis wire address subnet (n/a)is broadcast address subnet (n/a)
14 SecurityFor external threats – Internet connectivity will utilize a double firewall implementation (DMZ) at the Data Center with all exposed Internet applications being on a public backbone network. Therefore, all connections initiated from Internet into the Washington Elementary School District will be denied. We are using a two-layer Hierarchical model so that the students and teachers will not cross, causing information to be passed between the two LANs.
15 Security (cont)2We are setting up that our model will have in two physical LAN segments be installed at each of the schools and the District Office. One LAN designated for administrative and one LAN for students. Each computer will be divided in appropriate categories and then placed on the appropriate LAN segment.
16 Security (cont)3* We will utilize Access Control Lists (ACLs) on the routers, all traffic from within the administrative LAN will not allow traffic from the curriculum LAN. ACL exceptions can be made upon individual review. The District Office will control all ACLs.* Applications such as and Directory Services will flow freely between LAN segments.
17 Security (End)* We will set up user ID and passwords for security into the network. We will use First Initial and last name for the User ID. We will use last four digits of Social Security to set up passwords. The user will be required to change his/her password upon first sign-on. Password will require at least 6 digits, not more than 10. Request to change password 30 days, with no repeats.* All computers will have access to the World Wide Web – Internet via the District Office/Data Center. This will be monitored.
18 Internet Connectivity The Internet Connectivity for the Washington School District will be provided through the District Office/Data Center via a T1- Data circuit (Frame Relay). Both staff and students will obtain their internet connection from the workstation, through the LAN switch, IDF, MDF, checked by both security measures (backbone and ACL) and out through the District Office Router to the Internet.