Network Engineer

 

Introduction

In this three-part assignment, you will design a secure network infrastructure.

The specific course learning outcome associated with this assignment is:

• Plan a deployment of software and/or hardware, including implementation and testing considerations.

Instructions

Part 1

Use Microsoft Visio or an open-source alternative to:

• Create a network infrastructure diagram, incorporating the following devices needed for a secure corporate network, placed where they will work, and citing specific, credible sources that support the design. Note: A web search will provide multiple examples of network infrastructure diagrams.
  • Web server.
  • FTP server.
  • VPN server.
  • Authentication server.
  • Anti-virus server (client-based and server-based).
  • Edge firewall.
  • Firewall.
  • Vulnerability scanner.
  • Intrusion detection system (IDS).
  • Web proxy.
  • Edge router.
  • Core router.
  • Switch.
  • Distribution router.

Note: All client-and server-based devices work where a client is installed on a workstation, which has bi-directional communication with a corresponding server.

Part 2

Write a 6-10 page paper in which you:

• Determine the specific devices you will use in the network, including the following information for each device:
  • Make or vendor's name (for example, Microsoft, Redhat, Cisco, Juniper, Netgear, 3Com).
  • Model (for example, Windows 7, ASA 5500, Cisco 3500, Squid).
  • IP address assigned to all devices.
• Determine the basic configuration of each network device, citing specific, credible sources that support the configuration.
  • Research each of the devices you chose and provide a basic configuration you would use in your network.
  • Use IP addresses to describe your configuration.
  • Identify the operating system.
  • Highlight at least five security features and the administrative controls incorporated into each device, including devices in the network diagram.
  • Explain the impact that each of your configurations has on the security of the entire network.
• Explain the elements that must be addressed for planning and testing a network, citing specific, credible sources that support your assertions and conclusions.
  • Organizational requirements and expectations.
  • Budget.
  • Modularity for security and testing.
  • Naming conventions that facilitate layering and growth.
  • Determination of required network speed and data capacity.
  • Vendor support.
  • Determination of risk and redundancy.
  • Uptime requirements.
  • Continuous data monitoring for fault, failure, or security-induced changes.
  • Load balancing.
  • Testing for latency.
  • Bandwidth.
  • Throughput.
  • Specific software and tools.
• Support your main points, assertions, arguments, or conclusions with at least four specific and credible academic sources synthesized into a coherent analysis of the evidence.
  • Cite each source listed on your source page at least one time within your assignment.
  • For help with research, writing, and citation, access the library or review library guides.

Part 3

Use Microsoft Visio or an open-source alternative to:

• Update your initial diagram to create a final network diagram, incorporating at least four-fifths of the devices needed for a secure corporate network and citing specific, credible sources that support the design. Be sure to include vendor information, model information, and IP addresses. In addition, ensure that:
  • VPN sessions (from a laptop) are only allowed to access the desktops in the IT department by IT department employees.
  • All VPN connections from the Internet cloud into the corporate network terminate at the VPN server.
  • Users from Engineering and Finance and Accounting cannot communicate.
  • Vulnerability scans occur daily, with all desktops scanned at least once per day.

Submission Requirements

All diagrams and charts you create for the assignment should be included in the paper.