Your All-in-One AI-Powered Toolkit for Academic Success.

+13062052269

info@desklib.com

Available 24*7 on WhatsApp / Email

Company

Tools

Support

ICTNWK529 Installing and Managing Complex ICT Networks: A Comprehensive Guide

Verified

Added on 2023/04/26

AI Summary

The text outlines the content of a document titled "ICTNWK529 Install and Manage Complex ICT Networks." The document covers topics such as network design, hardware and software requirements, network security, and network configuration. It is divided into two parts: configuring Cisco routers for syslog, NTP, and SSH operations, and configuring a network for secure operation.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: ICTNWK529 INSTALL AND MANAGE COMPLEX ICT NETWORKS
ICTNWK529 Install and Manage Complex ICT Networks
Name of the Student
Name of the University
Author’s Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

1
ICTNWK529 INSTALL AND MANAGE COMPLEX ICT NETWORKS
Table of Contents
Design a Network.......................................................................................................................3
Introduction............................................................................................................................3
Scope......................................................................................................................................3
Requirement...........................................................................................................................3
Hardware Requirement..........................................................................................................4
Software Requirement............................................................................................................5
Network Security Requirements............................................................................................5
Network Topology Design for ABCx....................................................................................6
Conclusion..............................................................................................................................6
Part A: Configure Cisco Routers for Syslog, NTP, and SSH Operations..................................7
Task 1: Configure routers as NTP Clients.............................................................................7
Task 2: Configure routers to update the hardware clock using NTP.....................................7
Task 3: Configure routers to log messages to the syslog server............................................7
Task 4: Configure routers to timestamp log messages...........................................................8
Task 5: Configure log users...................................................................................................8
Task 6: Configure VTY lines to accept SSH connections only.............................................8
Task 7: Configure RSA key pair on SSH server....................................................................8
Task 8: Verification of SSH connectivity from PC client and router client..........................9
Part B: Configure a Network for Secure Operation.................................................................10
Task 1: Secure the routers with strong passwords, password encryption and a login banner
..............................................................................................................................................10

2
ICTNWK529 INSTALL AND MANAGE COMPLEX ICT NETWORKS
Task 2: Secure the console and VTY lines with passwords.................................................10
Task 3: Configure local AAA authentication.......................................................................10
Task 4: Configure SSH server..............................................................................................11
Task 5: Configure router for syslog.....................................................................................11
Task 6: Configure router for NTP........................................................................................11
Task 7: Secure the router against login attacks....................................................................11
Task 8: Configure CBAC and ZPF firewalls.......................................................................11
Task 9: Secure network switches.........................................................................................12
Install and Manage a Network.................................................................................................14
Bibliography.............................................................................................................................15

3
ICTNWK529 INSTALL AND MANAGE COMPLEX ICT NETWORKS
Design a Network
Introduction
The report is prepared for ABX for proposing a network solution for the company for
securely connect its two branches and enable secure transmission of data between the sites.
For the development of the network solution an analysis is made on the hardware and
software essential for the development of the network solution. The security that is needed by
the organization for transmitting the confidential data is analyzed and IPSec protocol is used
for the configuration of secure VPN tunnel between the remote sites. A topology design for
each of the sites is created and attached with the report and the diagrams are created by
evaluating the current framework of the building and number of departments in the site. An
Ip addressing plan is also created with the details of the interface of the network device for
the configuration of the network and enable the remote site to connect with the different parts
of the network using the network device interface.
Scope
The following are the scope identified for the development of VPN network and is given
below:
 To increase the scalability and performance of current network topology and create a
secure connection between the sites
 To eliminate the unpredictable performance of the internet which can result in
disruption and inconvenience among the users
 To identify the encryption technology and configure the network device based on the
protocol and technology according to the needs of the organization

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

4
ICTNWK529 INSTALL AND MANAGE COMPLEX ICT NETWORKS
Requirement
For the deployment of the virtual private network solution in ABX the HQ is given
the power to control its other two branches and the following requirement are met.
Tunneling – The tunnel is created for establishing and maintaining a logical
connection between the sites and the data packets are sent by encapsulating them over the
public network. The data packets are broken into small segments and sent across the tunnel
by encrypting them. At the destination network the packets are decrypted to get the original
data.
Encryption – This process is applied for encoding the data packets such that it cannot
be access by any third party users. The data packets are encrypted using the public key
encryption and since they are transmitted over the public network there is risk of data hijack
and man in the middle attacks. The encryption of the data packets eliminates the risk and
increases the security of the network.
Firewall – The router deployed in each of the site is needed to be configured with
Access control list such that the malicious and unauthenticated uses are restricted to access
the internal network of the organization. The VPN server is connected with firewall for
allowing only specific data packets to reach the network of the organization.
Hardware Requirement
The following are the network hardware device that are essential for the development of VPN
network:
Type Device Name
Router Cisco 1941 Series Router
Firewall Cisco ASA 5505 firewall
Server AAA Server

5
ICTNWK529 INSTALL AND MANAGE COMPLEX ICT NETWORKS
Software Requirement
A client VPN software is necessary that would make a secure remote connection with
the company’s network. The VPN tool allows the users of the network to establish a secure
and encrypted connection using the internet.
Network Security Requirements
The computer security and network security are essential for resisting from different
types of attacks and management of data traffic from different location. There are different
encryption algorithm that can be used for increasing the network security. Security policy and
practices should be followed for monitoring misuse and unauthroised access of the network.
Network authorization to access the data and authenticating information for the public and
private network is important. The users connected in the network should use authentication
for accessing the network and after the authentication the security policy is enforced with the
means of firewall. The service that are allowed to be accessed by the users is needed to be
managed. An IPS is needed to be deployed and for monitoring the network and auditing the
network and management of malicious data traffic in the network. The privacy is needed to
be maintained by encrypting the communication channel or the data packets sent between the
hosts connected in the network.
There are different vulnerability acting on the network and the attack may be of two
types such as active and passive attack. An AAA server is needed to be installed in the
network for handling the request of the users and management of the access of resources. The
server is used for interacting with the gateway router and the database directory where the
user information is stored. For communicating with the remote branch the router is needed to

6
ICTNWK529 INSTALL AND MANAGE COMPLEX ICT NETWORKS
be configured with IPSEC for creating VPN tunnel over the public network and increase the
network security. The internal and external security of the network is needed to be
maintained for securing the confidential information from internal or the external malicious
agents.
Network Topology Design for ABCx
Conclusion
From the above report it can be concluded that the development of the VPN network
solution for the legal and Accounting firm would help the organization to increase its
confidentiality and security. The VPN network would also incre4ase the scalability and
flexibility of the network by enabling the remote users to access the network resources
securely. The VPN configuration would also help the organization to reduce the
communication cost because it does not needs leased lines and can work using the public
network framework to send and receive data packets securely. The network topology diagram
for the individual sites are created for demonstration of the network device and cabling layout

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

7
ICTNWK529 INSTALL AND MANAGE COMPLEX ICT NETWORKS
that is needed to be followed for the development of the network framework. For the
development of the network design a research is done on different technology that can be
applied in the current framework for increasing the efficiency, performance and security of
the current network of the organization. The vendor sites are visited and the list of equipment
are documented that would be needed for the development of VPN network framework.
Part A: Configure Cisco Routers for Syslog, NTP, and SSH Operations
Task 1: Configure routers as NTP Clients
R1(config)# ntp server 192.168.1.5
R2(config)# ntp server 192.168.1.5
R3(config)# ntp server 192.168.1.5
Task 2: Configure routers to update the hardware clock using NTP
R1(config)# ntp update-calendar
R2(config)# ntp update-calendar
R3(config)# ntp update-calendar

8
ICTNWK529 INSTALL AND MANAGE COMPLEX ICT NETWORKS
Task 3: Configure routers to log messages to the syslog server
R1(config)# logging host 192.168.1.6
R2(config)# logging host 192.168.1.6
R3(config)# logging host 192.168.1.6
Task 4: Configure routers to timestamp log messages
R1(config)# service timestamps log datetime msec
R2(config)# service timestamps log datetime msec
R3(config)# service timestamps log datetime msec
Task 5: Configure log users
R3(config)# username SSHadmin privilege 15 secret ciscosshpa55
Task 6: Configure VTY lines to accept SSH connections only
R3(config)# line vty 0 4
R3(config-line)# login local
R3(config-line)# transport input ssh
Task 7: Configure RSA key pair on SSH server
R3(config)#ip domain-name ccnasecurity.com
R3(config)#crypto key generate rsa
The name for the keys will be: R3.ccnasecurity.com
Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys. Choosing a key modulus greater than 512 may take
a few minutes.

9
ICTNWK529 INSTALL AND MANAGE COMPLEX ICT NETWORKS
How many bits in the modulus [512]: 1024
% Generating 1024 bit RSA keys, keys will be non-exportable...[OK]
Task 8: Verification of SSH connectivity from PC client and router client

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

10
ICTNWK529 INSTALL AND MANAGE COMPLEX ICT NETWORKS
Part B: Configure a Network for Secure Operation
Task 1: Secure the routers with strong passwords, password encryption and a login
banner
security passwords min-length 10
enable secret ciscoenpa55
service password-encryption
login
exec-timeout 5
logging synchronous
banner motd "No Unauthorized Access!"
Task 2: Secure the console and VTY lines with passwords
line vty 0 4
exec-timeout 5
password ciscovtypa 55
login
login authentication default
Task 3: Configure local AAA authentication
username Admin01 secret Admin01pa55
aaa new-model
aaa authentication login default local none

11
ICTNWK529 INSTALL AND MANAGE COMPLEX ICT NETWORKS
Task 4: Configure SSH server
ip domain name ccnasecurity.com
line vty 0 4
login authentication default
transport input ssh
Task 5: Configure router for syslog
R1(config)#logging on
R1(config)#service timestamps log datetime msec
R1(config)#logging 192.168.1.6
Task 6: Configure router for NTP
ntp trusted-key 1
ntp server 192.168.1.5 key 1
ntp authentication-key 1 md5 ciscontppa55
ntp update-calendar
ntp authenticate
Task 7: Secure the router against login attacks
login on-failure log
Task 8: Configure CBAC and ZPF firewalls
ip access-list extended OUT-IN
deny ip any any
int s0/0/0

12
ICTNWK529 INSTALL AND MANAGE COMPLEX ICT NETWORKS
ip access-group OUT-IN
zone security IN-ZONE
zone security OUT-ZONE
access-list 101 permit ip 192.168.3.0 0.0.0.255 any
class-map type inspect IN-NET-CLASS-MAP
match access-group 101
zone-pair security IN-2-OUT-ZPAIR source IN-ZONE destination OUT-ZONE
service-policy type inspect IN-2-OUT-PMAP
int s0/0/1
zone-member security OUT-ZONE
int fa0/1
zone-member security IN-ZONE
Task 9: Secure network switches
line con 0
password ciscoconpa55
login
exec-timeout 5
logging synchronous
line vty 0 15
password ciscovtypa55

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

13
ICTNWK529 INSTALL AND MANAGE COMPLEX ICT NETWORKS
login
exec-timeout 5
int range fa0/2-4
sh
int r fa0/7-24
sh
int r gig1/1-2
sh
int fa0/6
switchport mode access
switchport port-security
switchport port-security mac-address sticky
spanning-tree portfast
spanning-tree bpduguard enable

14
ICTNWK529 INSTALL AND MANAGE COMPLEX ICT NETWORKS
Install and Manage a Network
The above network design is created in cisco packet tracer 7.1 for configuring it and testing
the connectivity between the client and remote site. The network is created after analyzing
the requirement and the current interoperability issues faced for the development of the
network solution. The network is created after checking the network interface and cables
required for establishing the secure connection. Class C address is used for the configuration
of the network interfaces and external and internal interface of the router is configured with
different domain for increasing the security of the network. The network is designed for the
identification of the security issues and vulnerability of the network and troubleshooting it for
the development of a secure network solution.

15
ICTNWK529 INSTALL AND MANAGE COMPLEX ICT NETWORKS
Bibliography
Beverly, R., Rohrer, J. and LaFever, B., 2016. Empirical Study of Router IPv6 Interface
Address Distributions.
CCM, (2016). Networking - 3-Tier Client/Server Architecture. [online] Available at:
http://ccm.net/contents/151-networking-3-tier-client-server-architecture [Accessed 29Oct.
2016].
Cisco, (2016). Catalyst 6500 Release 12.2SX Software Configuration Guide - VLANs [Cisco
Catalyst 6500 Series Switches]. [online] Available at:
http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/
guide/book/vlans.html [Accessed 29Oct. 2016].
Cisco, (2016). Layer 2 and Layer 3 Switch Evolution - The Internet Protocol Journal -
Volume 1, No. 2. [online] Available at:
http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_1-2/
switch_evolution.html [Accessed 30Oct. 2016].
Davies, J., 2012. Understanding ipv6. Pearson Education.
Gont, F. and Chown, T., 2016. Network Reconnaissance in IPv6 Networks (No. RFC 7707).
Paper, T. (2016). Enhanced Interior Gateway Routing Protocol. [online] Cisco. Available at:
http://www.cisco.com/c/en/us/support/docs/ip/enhanced-interior-gateway-routing-protocol-
eigrp/16406-eigrp-toc.html [Accessed 30Oct. 2016].
Rohrer, J., LaFever, B. and Beverly, R., 2016. Empirical Study of Router IPv6 Interface
Address Distributions.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

16
ICTNWK529 INSTALL AND MANAGE COMPLEX ICT NETWORKS
SearchNetworking, (2016). What is PPP (Point-to-Point Protocol)? [online] Available at:
http://searchnetworking.techtarget.com/definition/PPP [Accessed 2Nov. 2016].
SearchNetworking, (2016). What is TCP (Transmission Control Protocol)? [online]
Available at: http://searchnetworking.techtarget.com/definition/TCP [Accessed 4Nov. 2016].
SearchNetworking, (2016). What is Virtual LAN (VLAN)? [online] Available at:
http://searchnetworking.techtarget.com/definition/virtual-LAN [Accessed 5Nov. 2016].
SearchSecurity, (2016). What is Firewall? [online] Available at:
http://searchsecurity.techtarget.com/definition/firewall [Accessed 8Nov. 2016].
Techopedia.com, (2016). What is Network Redundancy? [online] Available at:
https://www.techopedia.com/definition/29305/network-redundancy [Accessed 12Nov. 2016].
Thubert, P., Watteyne, T., Palattella, M.R., Vilajosana, X. and Wang, Q., 2013, July. Ietf
6tsch: Combining ipv6 connectivity with industrial performance. In Innovative Mobile and
Internet Services in Ubiquitous Computing (IMIS), 2013 Seventh International Conference
on (pp. 541-546). IEEE.
Verizon.com, (2016). What is a Virus Guard and Why do I need it? | High Speed Internet |
Residential Support | Verizon. [online] Available at:
https://www.verizon.com/support/residential/internet/highspeed/troubleshooting/
connection+issues/questionsone/121054.htm [Accessed 15Nov. 2016].
Webopedia.com, (2016). What is Intrusion Detection System? [online] Webopedia. Available
at: http://www.webopedia.com/TERM/I/intrusion_detection_system.html [Accessed 15Nov.
2016].
Webopedia.com, (2016). What is Redundant? [online] Webopedia. Available at:
http://www.webopedia.com/TERM/R/redundant.html [Accessed 20Nov. 2016].

17
ICTNWK529 INSTALL AND MANAGE COMPLEX ICT NETWORKS
Webopedia.com, (2016). What is Three-Tier? [online] Webopedia. Available at:
http://www.webopedia.com/TERM/T/three_tier.html [Accessed 20Nov. 2016].

1 out of 18

+13062052269

info@desklib.com

ICTNWK529 Installing and Managing Complex ICT Networks: A Comprehensive Guide

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Related Documents

Network and Security Administrator Asignment

Secure Networks - Configure Basic Router Security

Network Topology

Network Infrastructure Component 2022 Report

Network Security Implementation

VPN Network Design for SME - Network and VPN Services