IST 6480 – Network Planning – 2020 Fall
Final Project
The object of the exercise will be to develop a comprehensive network plan for an organization. For example, you are to develop the user ids, groups, equipment information and firewall configurations. You will need to create a map, and detailed equipment configurations to document your network.
Company Name: Acme Anvils and Supplies Incorporated
Users: Wyl E Coyote – President / Owner
Accounting: – Elmer Fudd – Mgr Marketing – Daffy Duck – Mgr
Wilma Flintstone – Supervisor Bugs Bunny – Supervisor
Allison Rexford – Senior Acct Rex Allison – Analyst
Mister Slate – Acct Fred Flintstone – Sales
Betty Rubble – Acct Roster Cogburn – Sales
Bam Bam Rubble – Technician Donald Duck- Sales
Daisy Duck – Technician Mickey Mouse – Intern
Production: Wanda Andrews – Mgr Transport – Tommy Lasorda – Mgr
Suely Smith – Supervisor Steve Garvey – Supervisor
Eddie Griffith – Lead Jesse Owens – Driver
Jason Wright – Technician Ron Cey – Driver
Jonny Quest – Technician Sandy Koufax – Driver
Marilyn Jones – Technician Duke Snider – Warehouse
Scobby Do – Intern
Design: Tom Brady – Mgr
Derrick Carr – Analyst
Jeff Goff – Analyst
Phillip Rivers – Intern
Employee Union – everyone but managers
Management – Owner + Managers
Bowling League – Drivers
Contacts: Please create 2 contacts
Contacts are outside emails that can be used by internal users
Minnie Mouse – ADP rep Minnie.mouse@adp.com
Cruella DeVille – In House Counsel – deville@shysterlaw.com
Three Locations: HQ – San Bernardino – Accounting / Marketing
2 floors in a typical office building
Production – Rialto
Warehouse – Rialto
Production is physically next to Warehouse
Please refer to the building floorplan
IP Addresses given by Internet Provider:
• Internet access:
• 210.35.24.32 / 30 bits (San Bernardino) Gateway 210.35.24.1
• 200.23.32.100 / 32 bits (Rialto) Gateway 200.23.32.1
• Remote Access:
• 210.35.24.100 (San Bernardino) Gateway 210.35.24.1
• 200.23.32.105 / 32 bits (Rialto) Gateway 200.23.32.1
You will need to create a network diagram with appropriate equipment. You will need to propose equipment settings and vendor models (vendors and model numbers for suggested equipment). For example, you will need create an IP scheme and assign IP addresses to all equipment. You can add any equipment that you deem necessary. You will need to list all user ID’s and equipment descriptions and addresses. You will need to create policies for the remote access and firewall equipment. You will also need to list shared directories on servers and which users have access to which locations.
• In house application / file server in each location. Windows 2016
• In house email server – Exchange 2015 – one location
• In house web server on DMZ (Windows 2016)
• In house VDI server for remote users
• Everyone has remote access to email
• Connection between locations for data and video conferencing
• Network Printers / Copiers
• 3 – San Bernardino– One in Accounting, one in Marketing, one in Design
• 3 – Rialto– 2 in Production, 1 in Transport
• Specialized Computer Controlled Manufacturing equipment
• 1 3D printer
• 2 Computer controlled Manufacturing machines
• Wifi in each location
• Implement a SAN solution
• Implement a VPN connection to a finance system provider
• Implement a remote connection to a HVAC contractor – the HVAC system has a web interface – will need a guest or hvac user ID
• A UPS Device with environmental control monitor with IP addresses in each physical location
• Network time device
• Identify which are physical servers and which are virtual servers
• Provide appropriate equipment for conference room
Employment Rules:
• Everyone has access to the Internet
• Everyone has access to the Intranet
• Everyone is blocked from Facebook, etc
• Everyone is blocked from gambling or inappropriate sites
• Allowed to GamblingRentals.com, ESPN.com
• Interns only have email access – no access to files
• Remote access
• Marketing has access to Marketing server
• Management has access to all servers
Create both email and security groups as you see necessary to include at a minimum:
• Department, Supervisors, Union, Executive Team
• Remote access for supervisors and marketing staff
You will need to create access policies for the Firewall. Websense is the default web filter built into the firewall. Examples could include:
• Employee groups
• Public access to server
• Wifi access for guests
You need to provide a remote access solution. You need to create policies for which users can access devices. You also have to create policies to show what equipment is accessible. (who can see which devices)
You can assume that the Firewalls are sophisticated enough to include VPN capabilities. You will need to define what speed your Internet access will be at each location.
You need to list any requirements or equipment that you have or will need for backups.
You need to include a backup schedule
You will need to include 5 group policy object (GPO) objectives
To include not allowing usb drives for all departments for marketing
List which OU would you put each GPO on.
Deliverables (at a minimum):
• The document needs to be professional
• You need to provide a network map.
• IP Addresses for all equipment
• If you use DHCP, describe what uses DHCP what doesn’t and why?, IP Ranges
• What is providing DHCP for AP’s?
• List and define network equipment: Cisco, HP, model xxx
• Include VLANS for data and voice
• User ID’s
• User ID and passwords – what are your default passwords for new users?
• Distribution or Email Groups
• Security groups
• Password rules
• What applications are on what servers?
• Which servers are physical and which are virtual?
• What are the network shares?
• What are the remote access rules?
• Policies or rules can be listed in tables for all equipment
• Firewall
• SSL – remote access solution
• Wifi
• Internet Access – filtering
• Server and directory access
Dates:
The network map is due on Week 12 for an initial review. The final map is turned in at the end of the last week.
The final network map and supporting information is due on the last week.
Suggested format:
It needs to look like a real proposal or documentation. The following list is given to get you started it is not all inclusive:
• Cover page
• Executive Summary
• Sections
• Network diagram
• Infrastructure Information
• Network – switches, access points, DHCP, internet speeds
• SAN
• Workstations
• Firewall – Configurations
• SSL – Configurations
• Specialty equipment
• Applications
• Servers, names, shares
• Users
• Individual users
• Groups
• Active Directory Information
• GPO’s