BN305 Virtual Private Network And Medium Enterprise

BN305 Virtual Private Network And Medium Enterprise

BN305 Virtual Private Network And Medium Enterprise

Question:

Purpose of the assessment (with ULO Mapping)

This assignment assesses the following Unit Learning Outcomes; students should be able to demonstrate their achievements in them.

Describe architectural VPN design for small, medium and large businesses and corporations
Report on the health of the existing VPN architecture, solution, data, application, and technology
Discuss the appropriate security design and solutions for varieties of organisations
Report on the current and future state of the management of VPN infrastructure and its technologies
Interpret a roadmap process to transform the VPN architecture to support long-term organisations’ goals
Implement a process to support the administration and the management of VPN

Answer:

Introduction:

This report has been mainly associated with discussing the creation of a medium-sized enterprise for the purpose of connecting each and every department of an organization so as to improve the current capacity of the organization so as to accommodate the future growth. The report documents all the technologies which can be applied so as to develop the new solution. The report also consists of the scope as well as the limitations of the network along with the requirements like the software and the hardware which are to be used for the purpose of developing the network. Besides this, the logical design along with the physical design and the network topologies has also been developed along with an IP address which has been created for each of the department [1]. The security measures are deployed so as to increase eth security of the network and to implement the VPN service so as to allow the users in getting themselves connected to the resources in the network.

Scopes And Limitations:

The major scopes which have identified so as to develop the project include the following:

  • The existing network that the organization is having is to be integrated with the new devices and the equipment which are to be used so as to reduce the network cost
  • The network services along with the routing devices are to be configured in accordance with the requirements of the organization.
  • The existing servers are to be upgraded along with the enabling of the virtualization of the servers so as to handle the increased number of requests by the users [2].
  • Installation of the wireless access points so as to secure the network from any kind of unauthorized access.
  • The redundancy of the network is to be increased so as to remove the failover points and for increasing the availability of the network resources.

Some of the major limitations of the project include the following:

  • The range of compatibility of the newly installed network devices with the existing networking devices
  • Getting the budget and finance approved by the organization which has been assigned for the new proposed solution.
  • High-security threats are to be eliminated along with the removal of the flaws that exist in the system which in turn would be helping in increasing the work quality.
  • There should exist efficient skills and knowledge in the network administrator so as to configure the network devices in accordance with the organizational needs [3].

Requirements:

Below are some of the requirements of the new network which is to be developed and this network requirements includes the product requirements, service requirements, network requirements, security requirements and lastly the hardware requirements.

  • Creation of the proposed network should be done in accordance with the quality standards for each of the devices that are to be used in the new network
  • In order to reduce the response time which, the system would be having it is essential to divide the traffics of the intranet and the internet. Besides this, it would also be helping in showing the ease of managing the processes [4].
  • In order to secure the servers from any kind of unauthorized physical access, it is essential to store them in a separate locked room.
  • In order to balance the loads in the network and for handling the number of requests at a time it is essential to apply the concept of virtualization.
  • It is essential to make sure that the existing network is being covered along with being extended so as to include the current components of the network in the process of developing the new network solution.
  • An addressing plan is to be created which should be proper and would be associated with the allocation of the IP address to different VLAN along with differentiating the numerous subnets so as to save the space for the address [5].
  • The server is to be configured with the DHCP so as t allocate the IP address for the PC that is to be connected to the network in an automatic way.
  • A firewall is to be installed at the entry as well as at the exit point of the network so as to help in securing the network traffic as well as for securing the network from any kind of unauthorized access.
  • The communication channels are to be encrypted so as to secure the network from the various kind of attacks.
  • Encryption along with passwords are to be used for the wireless access points so as to reduce the risks related to unauthorized or illegal access.
  • Proper cabling is to be used so as to connect the devices which are installed in various locations of the network.

Solution Design

The process of developing the new network solution would be requiring various kind of network topologies which have been selected. Firstly, the ring network has been used so as to connect the nodes existing in the finance departments. Secondly, the star topology has been used for the purpose of connecting the rest of the nodes [6]. The switch which has been used would be acting as the central point of communication of the network. In order to install the other components of the network like the servers, routers, data centers, and core switches, the administrative building has been used. The network also consists of an installed firewall which would be associated with allowing the access only to the authorized users so as to get connected to the core resources of the network.

D. IP Addressing

Major Network: 172.39.28.0/22

IP addresses that are Available in the major network: 1022

No. of IP addresses that are needed: 500

IP addresses which are Available in allocated subnets: 696

Almost 69% of available major network address space is used

About 72% of subnetted network address space is used

Subnet Name Needed Size Allocated Size Address Mask Dec Mask Assignable Range Broadcast
Administrative network 50 62 172.39.30.128 /26 255.255.255.192 172.39.30.129 – 172.39.30.190 172.39.30.191
Finance Network 100 126 172.39.30.0 /25 255.255.255.128 172.39.30.1 – 172.39.30.126 172.39.30.127
Sales Network 200 254 172.39.28.0 /24 255.255.255.0 172.39.28.1 – 172.39.28.254 172.39.28.255
Dispatch Network 150 254 172.39.29.0 /24 255.255.255.0 172.39.29.1 – 172.39.29.254 172.39.29.255

 

BN305 Virtual Private Network And Medium Enterprise