Presentation is loading. Please wait.

Presentation is loading. Please wait.

6.1 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 6: Designing.

Published byViolet Jackson Modified over 8 years ago

Similar presentations

Presentation on theme: "6.1 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 6: Designing."— Presentation transcript:

1 6.1 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 6: Designing the Network Infrastructure Goals  Design an IP addressing scheme  Design the internal routing model  Design the Internet connectivity model

2 6.2 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 6: Designing the Network Infrastructure  IP addressing scheme  One of most important aspects of network design  Influenced by several factors  Use of public or private IP addresses  Number of physical locations  Number of hosts per physical location  Total number of hosts in all locations  Estimated broadcast traffic at each physical location  IP summarization Designing an IP Addressing Scheme (Skill 1)

3 6.3 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 6: Designing the Network Infrastructure  Public IP addressing  Requires lease of a block of valid public IP addresses capable of supporting all hosts on internal network  Advantages  Direct access to Internet for all internal hosts  Reduced complexity  Disadvantages  Cost  Possible reduction of security Designing an IP Addressing Scheme (2) (Skill 1)

4 6.4 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 6: Designing the Network Infrastructure  Private IP addressing  Can use any valid private IP address block  Advantages  Does not need a block of public IP addresses  Direct Internet access is not available to client (increases security and makes firewall configuration easier)  Disadvantage  Must use Network Address Translation (NAT) device to connect clients to Internet Designing an IP Addressing Scheme (3) (Skill 1)

5 6.5 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 6: Designing the Network Infrastructure  Number of physical locations provides a base from which to figure the number of subnets required  Number of hosts per physical location and total number of hosts in entire network  Number of hosts not equivalent to number of users  Hosts also include workstations, servers, router ports, managed network devices, SMNP-enabled devices, and network printers  Total number of hosts helps you determine the number of private network addresses required  Number of hosts per physical location helps determine how many subnets are needed in that physical location Designing an IP Addressing Scheme (4) (Skill 1)

6 6.6 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 6: Designing the Network Infrastructure Figure 6-1 Calculating a base number of required subnets (Skill 1)

7 6.7 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 6: Designing the Network Infrastructure Figure 6-2 Summarization example (Skill 1)

8 6.8 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 6: Designing the Network Infrastructure  Designing internal routing model  Major component of network design  Major steps  Designing the topology  Specifying the routing protocol configuration Designing the Internal Routing Model (Skill 2)

9 6.9 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 6: Designing the Network Infrastructure  Designing the topology  Primarily concerned with meeting certain goals of the organization  Reliability  Redundancy  Performance Designing the Internal Routing Model (2) (Skill 2)

10 6.10 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 6: Designing the Network Infrastructure  Specifying the routing protocol configuration  Each routing protocol has its own idiosyncrasies  Supported protocols  Routing Information Protocol (RIP)  Open Shortest Path First (OSPF) protocol Designing the Internal Routing Model (3) (Skill 2)

11 6.11 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 6: Designing the Network Infrastructure  Routing Information Protocol (RIP)  Simple, easy to enable and configure, but not very secure or efficient  Improving efficiency  Modifying default timers  Enabling Silent RIP on all interfaces that do not contain other RIP routers (keeps RIP from advertising to systems on that subnet)  Defining neighbors (disables RIP broadcasting, sends updates by unicast which is more efficient, and improves security) Designing the Internal Routing Model (4) (Skill 2)

12 6.12 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 6: Designing the Network Infrastructure  Open Shortest Path First (OSPF) protocol  More efficient  Routing design is more important and complex than with RIP  Primary component: area designations, used to reduce processor and memory use on router  Keep OSPF areas limited to under 100 routers, or significantly less if area is very active (links unstable, SPF computations common, many paths in network) Designing the Internal Routing Model (5) (Skill 2)

13 6.13 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 6: Designing the Network Infrastructure Figure 6-4 A large network in a single OSPF area (Skill 2)

14 6.14 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 6: Designing the Network Infrastructure  Designing an Internet connectivity model  Primary concerns  Access method  Security  Access methods  Direct connectivity model  Network address translation (NAT) model Designing the Internet Connectivity Model (Skill 3)

15 6.15 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 6: Designing the Network Infrastructure  Direct connectivity model  Uses a public IP address for all hosts allowed Internet access  Advantages  Reduced packet manipulation, which can improve perceived performance  Internal hosts can easily publish resources to external clients (can also be a disadvantage)  Disadvantage: Firewall configuration much more critical and time consuming Designing the Internet Connectivity Model (2) (Skill 3)

16 6.16 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 6: Designing the Network Infrastructure  Network address translation (NAT) model  Uses a private IP address for all internal hosts and a NAT device to translate the private IP addresses into public IP addresses for Internet access  Advantages  General increase in basic security  Includes optimization characteristics that can improve perceived speed of access  Disadvantages  Slight decrease in performance  Higher cost Designing the Internet Connectivity Model (3) (Skill 3)

17 6.17 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 6: Designing the Network Infrastructure  Methods of firewall deployment  Single firewall, no DMZ  Single firewall, with DMZ  Dual firewall, with DMZ Designing the Internet Connectivity Model (4) (Skill 3)

18 6.18 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 6: Designing the Network Infrastructure  Single firewall, no DMZ  Advantage  Requires fewer firewall ports  Disadvantages  Requires significant firewall configuration if you have publicly accessible servers  May impact internal production network Designing the Internet Connectivity Model (5) (Skill 3)

19 6.19 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 6: Designing the Network Infrastructure Figure 6-6 A single firewall design with no DMZ (Skill 3)

20 6.20 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 6: Designing the Network Infrastructure  Single firewall, with DMZ  Preferable to single firewall without DMZ if you have publicly accessible servers  Segregates traffic to external resources  Advantages  Provides for slightly enhanced security  Does not impact internal network  Minimal cost; fairly easy to configure  Disadvantages  Relies on single firewall (easier to hack) Designing the Internet Connectivity Model (6) (Skill 3)

21 6.21 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 6: Designing the Network Infrastructure Figure 6-7 A single firewall design with a DMZ (Skill 3)

22 6.22 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 6: Designing the Network Infrastructure  Dual firewall, with DMZ  Advantages  Provides two points of security  Using products from two different vendors makes it more difficult for an unauthorized user to hack  Disadvantages  Most expensive of three methods  Requires higher level of administrative overhead Designing the Internet Connectivity Model (7) (Skill 3)

23 6.23 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 6: Designing the Network Infrastructure Figure 6-8 A dual firewall design with a DMZ (Skill 3)

Download ppt "6.1 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 6: Designing."

Similar presentations

RIP V1 W.lilakiatsakun.

RIP V1 W.lilakiatsakun.
Guide to Network Defense and Countermeasures Second Edition

Guide to Network Defense and Countermeasures Second Edition
1.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.

1.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 Routing Working at a Small-to-Medium Business or ISP – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 Routing Working at a Small-to-Medium Business or ISP – Chapter 6.
CCNA 2 v3.1 Module 6.

CCNA 2 v3.1 Module 6.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
1.1 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 1: Examining.

1.1 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 1: Examining.
Routing and Routing Protocols

Routing and Routing Protocols
CCNA Guide to Cisco Networking Fundamentals Fourth Edition Chapter 9 Network Services.

CCNA Guide to Cisco Networking Fundamentals Fourth Edition Chapter 9 Network Services.
Wireless Security Focus on Encryption Steps to secure a Wi-Fi Network.

Wireless Security Focus on Encryption Steps to secure a Wi-Fi Network.
Institute of Technology Sligo - Dept of Computing Chapter 11 Layer 3 Protocols Paul Flynn.

Institute of Technology Sligo - Dept of Computing Chapter 11 Layer 3 Protocols Paul Flynn.
Lecture Week 3 Introduction to Dynamic Routing Protocol Routing Protocols and Concepts.

Lecture Week 3 Introduction to Dynamic Routing Protocol Routing Protocols and Concepts.
Chapter 11: Dial-Up Connectivity in Remote Access Designs

Chapter 11: Dial-Up Connectivity in Remote Access Designs
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 10: Remote Access.

70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 10: Remote Access.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 9 Network Policy and Access Services in Windows Server 2008.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 9 Network Policy and Access Services in Windows Server 2008.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Network Addressing Networking for Home and Small Businesses – Chapter.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Network Addressing Networking for Home and Small Businesses – Chapter.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Network Addressing Networking for Home and Small Businesses – Chapter.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Network Addressing Networking for Home and Small Businesses – Chapter.
CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.

CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.
– Chapter 4 – Secure Routing

– Chapter 4 – Secure Routing
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Network Addressing Networking for Home and Small Businesses – Chapter 5.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Network Addressing Networking for Home and Small Businesses – Chapter 5.

Similar presentations

Ads by Google