THREADED CASE STUDY OF R.E. MILLER SCHOOL

1
THREADED CASE STUDYOF R.E. MILLER
SCHOOL BY SHAMI AND BRYAN
2
LAN User Requirements

• Two Local Area Network (LAN) segments will be put
  in R.E. Miller. One LAN will be for student and
  the other will be for administration.
• The LAN will be based on Ethernet LAN switching.
  The transport speeds will be Ethernet 10BASE-T,
  100BASE- TX, and 100BASE-FX.
• Cabling
• Horizontal cabling is Category 6 Unshielded
  Twisted Pair (CAT6 UTP).
• Vertical (Backbone) cabling is 1000BASE-FX or
  multimode fiber optic.
• The minimum requirement will be 1.0 Mbps to any
  host computer in the network and 100 Mbps to any
  server host in the network. Only two OSI layer
  34 protocols will be allowed to be put in this
  network, they are TCP/IP and Novell IPX.
• Each of the classroom must be support 24
  workstations and be supplied with 4 CAT 5 UTP(CAT
  6 in our case) cable runs for data, one run
  terminated at the teacher's workstation. A single
  location in each room will be used as the wiring
  point of presence (POP) for that room. It will
  have of a cabinet containing all cable
  terminations and electronic components i.e. data
  hubs and switches.

3

• Servers implementation includes
• DNS/E-MAIL SERVER The school host will be the
  local post office box and will store all e-mail
  messages. The update DNS process will flow from
  the individual school server to the Hub server
  and to the district server.
• ADMINISTRATIVE SERVER R.E. Miller will contain
  an Administration server which will house the
  student tracking, attendance, grading and other
  administration functions. This server will be
  running TCP/IP as its OSI layer 34 protocols and
  will only be made available to teachers and
  staff.
• LIBRARY SERVER R.E. Miller is implementing an
  automated library information and retrieval
  system, which will house an online library for
  curricular research purposes. This server will be
  running TCP/IP as its OSI layer 34 protocols and
  will made available to anyone at the school site.
  
• APPLICATION SERVER All computer applications
  will be housed in a central server at each school
  location. As applications such as Word
  processing, Excel, PowerPoint , etc are requested
  by users these applications will be retrieved
  from the application server. This server will use
  TCP/IP as its OSI layer 34 protocols and will be
  made available to anyone at the school site.

4
Logical Topology
All nodes from hubs are x24 (students) All
computer nodes off the north and south switches
are single (instructor computers) Node from hub
in Media Building is x24 Hub in North Building is
x16 Hub in South Building is x13


See slide 2 for North and South
topology Switches in North and South building are
equal to 4 switches staked
5
Logical Topologies of North and South Buildings

• Both switches equal 4 switches stacked
• Router is coming form Multi-purpose room

6
Logical Topology of Multi-Purpose and Media Room
Node from hub in Media Building is x24
7
Physical Topology
Pink is Fiber Red is Cat-6
8
Physical Topology of Multi-Purpose and Media Room
Pink is Fiber Red is Cat-6
9
Physical Topology of South and North Building
Pink is Fiber Red is Cat-6
To MDF
10
MDF Closet
11
South IDF Closet
The closet is an 84 Full size lockable cabinet.
12
North IDF Closet
The closet is an 84 Full size lockable cabinet.
13
Individual Classroom Closets
The individual classroom will house a 24in
fully lockable cabinet. The cabinet will contain
3 12 port 10/100 Ethernet Hubs.
14
The Washington School District has obtained a
class B address . The class B address obtained
is 155.20.0.0. Under the current user
requirements, we know that there will be a
maximum of 250 computers in each school for
student/curriculum usage and 75 computers in each
school for teacher/administration usage. The
network will be subnetted into 126 subnets for
expandability. These subnets are obtained by
borrowing 7 bits from the network address. The
remaining 9 bits will be used for the hosts. Each
of the 128 subnets will support a maximum of 510
hosts. Our school has been given three subnets to
work with.
Subnet Information
15
IP Addressing
16
Routing Protocol

• We will be implementing IGRP as our routing
  protocol.  Interior
• Gateway Routing Protocol (IGRP) uses a
  combination of metrics,
• such as  network delay, bandwidth, reliability,
  and load.  IGRP is
• used within an autonomous system, which is under
  a common
• administration. Below is the configuration that
  needs to be done
• on R.E. Millers router.
• Routerconfig terminal
• Router(config)router igrp 10
• Router(config-router)network 155.20.100.216

17
Backbone

• Phase One - Backbone
• The first phase of the network implementation
  involved running fiber drops to two buildings. We
  located the MDF in the multi-purpose building,
  due to the fact it is centrally located between
  the north and south buildings. In the north and
  south buildings we have put an IDF to service the
  users in those buildings plus the portables
  nearest the IDFs. The chart below will show you
  the lengths of fiber needed for the job. Please
  see cut sheet for fiber prices.

All runs are measured in feet
18
Cat-6 Cable Lengths
Phase Two Cat-6 Cabling The second phase of
the network implementation involved running Cat-6
drops to all other buildings. Even though Cat-6
is not a standard as of now, however it will be
in the future. Cat-6 can support Gigabit
Ethernet. This cable will comply with
TIA/EIA-568-A and TIA/EIA standards. Cat-6
cabling will allow greater scalability for the
future.
All runs are measured in feet
19
Cat-6 Cable Lengths
20
Cat-6 Cable Lengths
All runs are measured in feet
21
Cat-6 Cable Lengths
All runs are measured in feet
22

Cat-6 Cable Lengths
All runs are measured in feet
23
Total Run
All runs are measured in feet
24
Security

• Security is an issue that is of utmost
  importance. Protecting your data and information
  will be accomplished in three different ways.

• Fire Walls Router or access server, or several
  routers or access servers, designated as a buffer
  between any connected public networks and a
  private network. A firewall router uses access
  lists and other methods to ensure the security of
  the private network.
• V-LANs Virtual LAN. Group of devices on a LAN
  that are configured (using management software)
  so that they can communicate as if they were
  attached to the same wire, when in fact they are
  located on a number of different LAN segments.
  Because VLANs are based on logical instead of
  physical connections, they are extremely
  flexible.
• ACLs Access Control Lists are lists of
  instructions you apply to a router's interface.
  These lists tell the router what kinds of packets
  to accept and what kinds of packets to deny.
  Acceptance and denial can be based on certain
  specifications, such as source address,
  destination address, and port number.

25
Firewall

• The Cisco PIX 525 Firewall is part of the
  world-leading Cisco PIX Firewall series,
  providing today's networking customers with
  unmatched security, reliability, and performance.
• The Cisco PIX 525 Firewall enables secure private
  communications over the Internet or any IP
  network. It integrates key features of
  VPNstunneling, data encryption, security, and
  firewallingto provide a secure, scalable
  platform to better and more cost-effectively
  accommodate remote-access, remote-office, and
  extranet connectivity using public data services.
  
• Adaptive Security AlgorithmProvides stateful
  security for all TCP/IP sessions to protect
  sensitive, private resources

26
VLAN

• The switches will be configured for three VLANs
• VLAN1 - for students
• VLAN2 - for administration
• VLAN3 - for the Enterprise servers (DNS, e-Mail,
  WWW)
• Each port of the switches will be statically
  assigned to one VLAN and routers will provide
  connectivity between the VLANs, using ACLs
  according to the security guidelines to protect
  against unauthorized access.

27
Access Control Lists
Router(config) access-list 101 permit TCP any eq
25 Router(config) access-list 101 permit UDP any
eq 53 Router(config) access-list 101 permit TCP
any eq 80 Router(config) access-list 1 permit
155.20.100.0 0.0.255.255 Router(config)
access-list 1 deny any Router(config-if)
interface ethernet 0 Router(config-if) ip
access-group 1 out Router(config-if) end
E0
E1
Firewall (ACL)
Admin Switch
Student Switch
28
(No Transcript)