Cisco’s Threaded Case Study Desert View Andy Gall Ken Schroeder John Byers
SCHOOL PLAN Speed Security Growth Design a school network that will allow all connected workstations the ability to connect at a minimum of 1 Mbps. Security Design the network in such a manner that there is reliable security separating the curriculum & administrative systems. Growth Design the school network at a minimum of cost to the school but one that allows for future technologies to be added easily.
A B Desert View
Section Andrew Frank Section Brian Section Charlie Section Daniel Section Edward George
Cut Sheet IDF Sample Label
Desert View
Desert View
Desert View
Network Equipment Category 5 Plenum Cable Fiber Optic Cable (4 pair) Cisco Router Cisco Switches Cisco Hubs Equipment racks/cabinets Patch panels
Fiber Optic Cable Connecting two pairs from school MDF to every IDF (total 7 locations). Total length required: 8000 ft. Price quoted from DataComm 11/1/99. $630/1000 foot pack {Item DBC1832} $5040 for all Horizontal cross-connects
Category 5 Plenum Cable 31,050 ft. needed for all vertical CC Price quoted from DataComm 11/1/99 $550/2000 foot pack $8800 for entire project Cat 5 needs
Cisco Router Cisco 2600 Series Router Channelized T1/E1 for connection to Central Office 2 Fiber Modules for connection to LAN Gateway to Internet Estimated cost: $6,000
Cisco Switches Cisco 2924-xl-a, 24 port 10/100 BaseT 50 Classroom Switches Cisco ws-c-2924-xl-en, 22 port 10/100 Ethernet & 2 100BaseFX 7 IDF Switches Cisco 2912-mf 12 port 100BaseFx w/ 4port 100BaseT Module 2 MDF Switches
Cisco Hubs Cisco 1538 8 port 10/100BaseT 50 Classroom extension hubs
Rack Equipment Classroom Cabinets {x50} Locked cabinet w/ 32 port patch panel Panduit DP32588110B Intermediate Distribution Facilities {x7} Patch Panel--Panduit CD48BL or CD24BL Fiber Panel-- Panduit FAP6WST Media Rack--Panduit CMR19X47 Cable Management --WMPVSF20 & WMPFS
Desert View
Desert View
Network Project Cost $6,000 $5356 x 2 $2005 x 7 $1670 x 50 $500 x 50 Router MDF Switch IDF Switches Classroom Switches Hubs Fiber Cable Category 5 Cable Network Equipment $6,000 $5356 x 2 $2005 x 7 $1670 x 50 $500 x 50 $5,040 $8,800 $5,000 TOTAL: $158,092
Network Project Cost $6,000 $5356 x 2 $2005 x 7 $500 x 50 $5,040 Router MDF Switch IDF Switches Classroom 32 Port Hubs Fiber Cable Category 5 Cable Network Equipment $6,000 $5356 x 2 $2005 x 7 $500 x 50 $5,040 $8,800 $5,000 TOTAL: $74,587
Magic Internet Central Office 10.5.0.x 10.5.0.1 e0 10.6.0.1 Cisco 2600 10.7.0.1 fx0 fx1 Curriculum 10.7.0.x Administration 10.6.0.x
Specific IP addresses Teacher Workstations: 10.6.0.10-250 Teacher workstations, Servers, and Printers will be Static IP addresses. Teacher Workstations: 10.6.0.10-250 Network Printers: 10.7.0.100-150 Students will obtain an IP address from the DHCP server. Numbers will be in the range of 10.7.1.x to 10.7.5.x
Access List Logic Basic Premise; all workstations on 10.5.x.x and workstations on 10.6.x.x have access to devices located on the 10.7.x.x subnetwork. However, ONLY port 80 will be allowed OUT of any device located on the 10.7.x.x subnetwork. F.M. Internet 80
Access List In order for the curriculum and administrative portions of the network to remain segmented, an access list will be placed on the school router. The only data that can travel from the student computers to any other part of the network is HTTP. Access-list 105 permit IP 10.6.0.0 0.0.0.255 10.7.0.0 0.0.255.255 Access-list 105 deny IP 10.7.0.0 0.0.255.255 10.6.0.0 0.0.255.255 Access-list 105 permit TCP 10.7.0.0 0.0.255.255 any eq 80 Interface fx1 IP Access-group 105 in
VLAN In order to keep the students limited to only their specified address range, the need for a Virtual LAN has been created. The goal is to limit student activity on administrative locations, but still allow administrators to use student services. {I.E. Printers or Library Server} On every switch in the IDF’s, we will specify which ports are for VLAN1 (Administrative) and which ports are for VLAN2 (Curriculum).
Servers NAME IPX Name IP Address Administrative Server: DV_Admin 10.6.0.20 Curriculum Server: DV_App 10.7.0.10 Library Server: DV_Lib 10.7.0.30 Network Server: DV_Net 10.7.0.20 Note: The Network Server will be running the Cisco Server Suite 1000, allowing DHCP for student machines, e-mail storage, and other WAN activities.
SPEED With the system that we have designed, the Design a school network that will allow all connected workstations the ability to connect at a minimum of 1 Mbps. However, the TCS also requires that the LAN will grow at 1000% over the next 5 years. This breaks down to a minimum of 10 Mbps per workstation. With the system that we have designed, the network will perform at 100 Mbps to every teacher workstation and 90% of all student workstations.
Security Design the network in such a manner that there is reliable security separating the curriculum & administrative systems. With our network design, students can perform all their activities in their network. However, they cannot access information on the Administration server because of the VLAN. They cannot access information located at the Central office because of the restrictions in the Router’s Access List. They can reach the Internet through the Network Server’s DHCP’s functions and the permissions set in the Router’s Access List.
Growth Due to the fact that we are responsible for the performance of our network, we wanted to create the best possible performing network. With the layout of the IDF’s and classroom cabinets, upgrading the entire network could be modified by simply changing the Network components. However, by creating a switched network NOW, the need to upgrade the network has been postponed as this design will perform the tasks necessary for many years. We were also required to supply 24 student workstation ports. We have designed for a possible 30 workstation in each room. Design the school network at a minimum of cost to the school but one that allows for future technologies to be added easily.