Move everyone into a private network space in the 10.18.0.0/16 address space with the below VLANs

INSTRUCTIONS TO CANDIDATES

ANSWER ALL QUESTIONS

1) Get rid of the flat network - currently everyone in the organization has a public IP address from the organization's 208.12.13.0/24 net block

2) Move everyone into a private network space in the 10.18.0.0/16 address space with the below VLANs

1. a) Sales - 100 endpoints

2. b) Marketing - 20 endpoints

3. c) Management - 25 endpoints

4. d) Admin staff - 200 endpoints

5. e) Telephony - 150 endpoints

6. f) Printers and fax machines - 25 endpoints

7. g) internet-accessible servers - 3 endpoints

8. h) Remote access gateways -

2 endpoints The network security team will handle the setup of the firewall and proxy, but you must break the network into 3 zones - the secure internal OSPF area, the DMZ OSPF area and the BGP AS for external network connectivity.

All the above VLANs except (g) and (h) will reside in the internal zone - (g) and (h) will be in the DMZ. Provide a block network diagram showing the new network layout. Split the 10.18.0.0/16 network appropriately for the VLANs.

Make sure you have network addresses available for the network gear that is required to make this new network operational. Also provide IP addresses for the firewalls that will separate each of the zones. The firewalls will need two addresses per firewall - one for each of the zones the bring together. Your original Design:

Question: Based on your original design, Redesign a flat network with the following rules:

All you have to do is add the two new groups and answer the questions below: You are expected to add access for two groups with appropriate security into the new network: 1) Risk management and Internal Audit (a single group) need full access to all systems on the network to be able to track all activity for risk management ad compliance checking purposes. However, their systems should be out of reach from anyone not in that group.

2) HR will operate fully remote - but need the ability to connect to guest wireless when they come in to the office space(s) and be able to use the office phones and printers (phones are all VoIP and hence the laptop needs to be able to link to the phone over the network). What modifications/additions/enhancements are required to accommodate this? IF the network diagram will change, update the submitted diagram appropriately. Also, explain any additional controls (firewall rules, proxy configuration, IDS/IPS configuration or others) required to accomplish this enhancement securely.

 

Attachments:

Expert's Answer

707 Times Downloaded

Related Questions

. Introgramming & Unix Fall 2018, CRN 44882, Oakland University Homework Assignment 6 - Using Arrays and Functions in C

DescriptionIn this final assignment, the students will demonstrate their ability to apply two ma

. The standard path finding involves finding the (shortest) path from an origin to a destination, typically on a map. This is an

Path finding involves finding a path from A to B. Typically we want the path to have certain properties,such as being the shortest or to avoid going t

. Develop a program to emulate a purchase transaction at a retail store. This program will have two classes, a LineItem class and a Transaction class. The LineItem class will represent an individual

Develop a program to emulate a purchase transaction at a retail store. Thisprogram will have two classes, a LineItem class and a Transaction class. Th

. SeaPort Project series For this set of projects for the course, we wish to simulate some of the aspects of a number of Sea Ports. Here are the classes and their instance variables we wish to define:

1 Project 1 Introduction - the SeaPort Project series For this set of projects for the course, we wish to simulate some of the aspects of a number of

. Project 2 Introduction - the SeaPort Project series For this set of projects for the course, we wish to simulate some of the aspects of a number of Sea Ports. Here are the classes and their instance variables we wish to define:

1 Project 2 Introduction - the SeaPort Project series For this set of projects for the course, we wish to simulate some of the aspects of a number of