Week 6 assignment – network engineer

 

Introduction

In this three-part assignment, you will design a secure network infrastructure. The specific course learning outcome associated with this assignment is: 

  • Plan a deployment of software and/or hardware, including implementation and testing considerations.

Instructions

Part 1

Use Microsoft Visio or an open-source alternative to: 

  • Create a network infrastructure diagram, incorporating the  following devices needed for a secure corporate network, placed where  they will work, and citing specific, credible sources that support the  design. Note: A web search will provide multiple examples of network infrastructure diagrams.     
    • Web server.
    • FTP server.
    • VPN server.
    • Authentication server.
    • Anti-virus server (client-based and server-based).
    • Edge firewall.
    • Firewall.
    • Vulnerability scanner.
    • Intrusion detection system (IDS).
    • Web proxy.
    • Edge router.
    • Core router.
    • Switch.
    • Distribution router.

Note All client- and server-based devices work where a client is installed on a workstation,  which has bi-directional communication with a corresponding server. 

Part 2

Write a 6–10 page paper in which you: 

  • Determine the specific devices you will use in the network, including the following information for each device:     
    • Make or vendor’s name (for example, Microsoft, Redhat, Cisco, Juniper, Netgear, 3Com).
    • Model (for example, Windows 7, ASA 5500, Cisco 3500, Squid).
    • IP address assigned to all devices.
  • Determine the basic configuration of each network device, citing specific, credible sources that support the configuration.     
    • Research each of the devices you chose and provide a basic configuration you would use in your network.
    • Use IP addresses to describe your configuration.
    • Identify the operating system.
    • Highlight at least five security features and the administrative  controls incorporated into each device, including devices in the  network diagram.
    • Explain the impact that each of your configurations has on the security of the entire network.
  • Explain the elements that must be addressed for planning and  testing a network, citing specific, credible sources that support your  assertions and conclusions.     
    • Organizational requirements and expectations.
    • Budget.
    • Modularity for security and testing.
    • Naming conventions that facilitate layering and growth.
    • Determination of required network speed and data capacity.
    • Vendor support.
    • Determination of risk and redundancy.
    • Uptime requirements.
    • Continuous data monitoring for fault, failure, or security-induced changes.
    • Load balancing.
    • Testing for latency.
    • Bandwidth.
    • Throughput.
    • Specific software and tools.
  • Support your main points, assertions, arguments, or conclusions  with at least four specific and credible academic sources synthesized  into a coherent analysis of the evidence.     
    • Cite each source listed on your source page at least one time within your assignment.
    • For help with research, writing, and citation, access the library or review library guides.
    • This course requires the use of Strayer Writing Standards. For  assistance and information, please refer to the Strayer Writing  Standards link in the left-hand menu of your course. Check with your  professor for any additional instructions.
  • Write clearly and concisely in a manner that is  well-organized, grammatically correct, and free of spelling,  typographical, formatting, and/or punctuation errors.
Part 3

Use Microsoft Visio or an open-source alternative to: 

  • Update your initial diagram to create a final network diagram,  incorporating at least four-fifths of the devices needed for a secure corporate network and citing specific, credible sources that support the design. Be sure to include vendor information, model information, and  IP addresses. In addition, ensure that:     
    • VPN sessions (from a laptop) are only allowed to access the desktops in the IT department by IT department employees.
    • All VPN connections from the Internet cloud into the corporate network terminate at the VPN server.
    • Users from Engineering and Finance and Accounting cannot communicate.
    • Vulnerability scans occur daily, with all desktops scanned at least once per day.
Submission Requirements

All diagrams and charts you create for the assignment should be included in the paper.