Information Technology

Description

Week 6 Assignment – Network Engineer Introduction In this three-part assignment, you will design a secure network infrastructure. The specific course learning outcome associated with this assignment is: Plan a deployment of software and/or hardware, including implementation and testing considerations. Instructions Part 1 Use Microsoft Visio or an open-source alternative to: Create a network infrastructure diagram, incorporating the following devices needed for a secure corporate network, placed where they will work, and citing specific, credible sources that support the design. Note: A web search will provide multiple examples of network infrastructure diagrams. Web server. FTP server. VPN server. Authentication server. Anti-virus server (client-based and server-based). Edge firewall. Firewall. Vulnerability scanner. Intrusion detection system (IDS). Web proxy. Edge router. Core router. Switch. Distribution router. Note: All client- and server-based devices work where a client is installed on a workstation, which has bi-directional communication with a corresponding server. Part 2 Write a 6–10 page paper in which you: Determine the specific devices you will use in the network, including the following information for each device: Make or vendor’s name (for example, Microsoft, Redhat, Cisco, Juniper, Netgear, 3Com). Model (for example, Windows 7, ASA 5500, Cisco 3500, Squid). IP address assigned to all devices. Determine the basic configuration of each network device, citing specific, credible sources that support the configuration. Research each of the devices you chose and provide a basic configuration you would use in your network. Use IP addresses to describe your configuration. Identify the operating system. Highlight at least five security features and the administrative controls incorporated into each device, including devices in the network diagram. Explain the impact that each of your configurations has on the security of the entire network. Explain the elements that must be addressed for planning and testing a network, citing specific, credible sources that support your assertions and conclusions. Organizational requirements and expectations. Budget. Modularity for security and testing. Naming conventions that facilitate layering and growth. Determination of required network speed and data capacity. Vendor support. Determination of risk and redundancy. Uptime requirements. Continuous data monitoring for fault, failure, or security-induced changes. Load balancing. Testing for latency. Bandwidth. Throughput. Specific software and tools. Support your main points, assertions, arguments, or conclusions with at least four specific and credible academic sources synthesized into a coherent analysis of the evidence. Cite each source listed on your source page at least one time within your assignment. For help with research, writing, and citation, access the library or review library guides. This course requires the use of Strayer Writing Standards. For assistance and information, please refer to the Strayer Writing Standards link in the left-hand menu of your course. Check with your professor for any additional instructions. Write clearly and concisely in a manner that is well-organized, grammatically correct, and free of spelling, typographical, formatting, and/or punctuation errors. Part 3 Use Microsoft Visio or an open-source alternative to: Update your initial diagram to create a final network diagram, incorporating at least four-fifths of the devices needed for a secure corporate network and citing specific, credible sources that support the design. Be sure to include vendor information, model information, and IP addresses. In addition, ensure that: VPN sessions (from a laptop) are only allowed to access the desktops in the IT department by IT department employees. All VPN connections from the Internet cloud into the corporate network terminate at the VPN server. Users from Engineering and Finance and Accounting cannot communicate. Vulnerability scans occur daily, with all desktops scanned at least once per day.