Introduction
In this three-part assignment, you will design a secure network infrastructure.
The specific course learning outcome associated with this assignment is:
Plan a deployment of software and/or hardware, including implementation and testing considerations.
Instructions
Part 1
Use Microsoft Visio or an open-source alternative to:
Create a network infrastructure diagram, incorporating the following
devices needed for a secure corporate network, placed where they will
work, and citing specific, credible sources that support the design. Note: A web search will provide multiple examples of network infrastructure diagrams.
Web server.
FTP server.
VPN server.
Authentication server.
Anti-virus server (client-based and server-based).
Edge firewall.
Firewall.
Vulnerability scanner.
Intrusion detection system (IDS).
Web proxy.
Edge router.
Core router.
Switch.
Distribution router.
Note: All client-and server-based devices work where
a client is installed on a workstation, which has bi-directional
communication with a corresponding server.
Part 2
Write a 6-10 page paper in which you:
Determine the specific devices you will use in the network, including the following information for each device:
Make or vendor’s name (for example, Microsoft, Redhat, Cisco, Juniper, Netgear, 3Com).
Model (for example, Windows 7, ASA 5500, Cisco 3500, Squid).
IP address assigned to all devices.
Determine the basic configuration of each network device, citing specific, credible sources that support the configuration.
Research each of the devices you chose and provide a basic configuration you would use in your network.
Use IP addresses to describe your configuration.
Identify the operating system.
Highlight at least five security features and the administrative
controls incorporated into each device, including devices in the network
diagram.
Explain the impact that each of your configurations has on the security of the entire network.
Explain the elements that must be addressed for planning and testing
a network, citing specific, credible sources that support your
assertions and conclusions.
Organizational requirements and expectations.
Budget.
Modularity for security and testing.
Naming conventions that facilitate layering and growth.
Determination of required network speed and data capacity.
Vendor support.
Determination of risk and redundancy.
Uptime requirements.
Continuous data monitoring for fault, failure, or security-induced changes.
Load balancing.
Testing for latency.
Bandwidth.
Throughput.
Specific software and tools.
Support your main points, assertions, arguments, or conclusions with
at least four specific and credible academic sources synthesized into a
coherent analysis of the evidence.
Cite each source listed on your source page at least one time within your assignment.
For help with research, writing, and citation, access the library or review library guides.
This course requires the use of Strayer Writing Standards (SWS). The
library is your home for SWS assistance, including citations and
formatting. Please refer to the Library site for all supports. Check with your professor for any additional instructions.
Part 3
Use Microsoft Visio or an open-source alternative to:
Update your initial diagram to create a final network diagram,
incorporating at least four-fifths of the devices needed for a secure
corporate network and citing specific, credible sources that support the
design. Be sure to include vendor information, model information, and
IP addresses. In addition, ensure that:
VPN sessions (from a laptop) are only allowed to access the desktops in the IT department by IT department employees.
All VPN connections from the Internet cloud into the corporate network terminate at the VPN server.
Users from Engineering and Finance and Accounting cannot communicate.
Vulnerability scans occur daily, with all desktops scanned at least once per day.
Submission Requirements
All diagrams and charts you create for the assignment should be included in the paper.