Network Design & Troubleshooting: ALM Network Access Restrictions
VerifiedAdded on 2022/10/10
|20
|3559
|11
Report
AI Summary
This report provides a detailed solution for implementing a secure and segmented network for alm.co.uk. It begins by outlining the network requirements, including the number of devices per department, access restrictions, server configurations, and subnet classifications. The report then presents a network design created using Cisco Packet Tracer 6.2, explaining the three-layered hierarchical model (core, distribution, and access layers). Subnetting is thoroughly discussed, with a table detailing subnet sizes, network addresses, CIDR notation, subnet masks, and IP address ranges for each department, servers, and the wireless network. VLAN implementation is demonstrated, showing how VLANs are configured for inter-VLAN routing. Access Control Lists (ACLs) are implemented to restrict inter-departmental access, with specific ACL commands provided. The report includes validation tests to confirm that the implemented network meets the specified requirements, such as blocking inter-departmental ping messages while allowing access to servers and the wireless network. Finally, the report discusses IP addressing protocols and concludes with key takeaways.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
Network Implementation and Access Restrictions
Name of the Student
Name of the University
Author Note
Network Implementation and Access Restrictions
Name of the Student
Name of the University
Author Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
Summary
As of present day, segmentation of networks and internally securing of these network
segments play a significant role in preventing networks from getting compromised by threats
of hackers, and other cyber security attacks. The report proposes a network for alm.co.uk
where such segmentation are created and appropriate security measures for these segments
are put in place. First the report summarizes the requirements of ALM network where the
number of devices for each segment, the access restrictions, and the kinds of servers installed,
and the specific subnet classifications are mentioned. Then the report provides the network
design which has been drawn and configured in Cisco Packet Tracer 6.2 after which the
network design and architecture gets explained in detail. Next the IP addressing and the
subnet classifications of the network is provided in tabular format and discussed thereafter
with respect to the subnets for each segment. Then the implementation of the VLANs is
shown, and the report discusses how the VLANs get implemented to ensure the inter VLAN
routing works. Thereafter the report talks about the access control list extended commands
for prohibiting the departments from accessing one another. All restrictions available through
ACL commands is shown as well as how the departments are restricted. Next the report
provides the tests and validations to check whether the network proposed meets the
requirements of AML. Then after discussing the IP addressing protocol the report ends with
concluding notes.
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
Summary
As of present day, segmentation of networks and internally securing of these network
segments play a significant role in preventing networks from getting compromised by threats
of hackers, and other cyber security attacks. The report proposes a network for alm.co.uk
where such segmentation are created and appropriate security measures for these segments
are put in place. First the report summarizes the requirements of ALM network where the
number of devices for each segment, the access restrictions, and the kinds of servers installed,
and the specific subnet classifications are mentioned. Then the report provides the network
design which has been drawn and configured in Cisco Packet Tracer 6.2 after which the
network design and architecture gets explained in detail. Next the IP addressing and the
subnet classifications of the network is provided in tabular format and discussed thereafter
with respect to the subnets for each segment. Then the implementation of the VLANs is
shown, and the report discusses how the VLANs get implemented to ensure the inter VLAN
routing works. Thereafter the report talks about the access control list extended commands
for prohibiting the departments from accessing one another. All restrictions available through
ACL commands is shown as well as how the departments are restricted. Next the report
provides the tests and validations to check whether the network proposed meets the
requirements of AML. Then after discussing the IP addressing protocol the report ends with
concluding notes.
2
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
Table of Contents
Introduction................................................................................................................................3
Requirements..............................................................................................................................3
Solution......................................................................................................................................4
Network Design.....................................................................................................................4
Subnetting of the network......................................................................................................5
VLAN Implementation..........................................................................................................8
VLAN Access Restrictions using Access Control List..........................................................9
Validation and Tests.............................................................................................................11
Protocols for connecting devices.........................................................................................14
Conclusion................................................................................................................................15
References................................................................................................................................16
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
Table of Contents
Introduction................................................................................................................................3
Requirements..............................................................................................................................3
Solution......................................................................................................................................4
Network Design.....................................................................................................................4
Subnetting of the network......................................................................................................5
VLAN Implementation..........................................................................................................8
VLAN Access Restrictions using Access Control List..........................................................9
Validation and Tests.............................................................................................................11
Protocols for connecting devices.........................................................................................14
Conclusion................................................................................................................................15
References................................................................................................................................16
3
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
Introduction
The following report highlights the importance of segmentation of networks and
internally securing of these network segments play a significant role in preventing networks
from getting compromised by threats of hackers, and other cyber security attacks. The report
aims to propose a network for alm.co.uk where such segmentation are created and
appropriate security measures for these segments are put in place. The report begins by
summarizing the requirements of ALM network where the number of devices for each
segment, the access restrictions, and the kinds of servers installed, and the specific subnet
classifications are mentioned. Then the report provides the network design which has been
drawn and configured in Cisco Packet Tracer 6.2 after which the network design and
architecture gets explained in detail. Next the IP addressing and the subnet classifications of
the network is provided in tabular format and discussed thereafter with respect to the subnets
for each segment. Then the implementation of the VLANs is shown, and the report discusses
how the VLANs get implemented to ensure the inter VLAN routing works. Thereafter the
report talks about the access control list extended commands for prohibiting the departments
from accessing one another. All restrictions available through ACL commands is shown as
well as how the departments are restricted. Next the report provides the tests and validations
to check whether the network proposed meets the requirements of AML. Then after
discussing the IP addressing protocol the report ends with concluding notes.
Requirements
The small network of the company alm.co.uk is to consist of four different LAN
configurations for four different departments along with LAN configuration for the servers
and the wireless network.
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
Introduction
The following report highlights the importance of segmentation of networks and
internally securing of these network segments play a significant role in preventing networks
from getting compromised by threats of hackers, and other cyber security attacks. The report
aims to propose a network for alm.co.uk where such segmentation are created and
appropriate security measures for these segments are put in place. The report begins by
summarizing the requirements of ALM network where the number of devices for each
segment, the access restrictions, and the kinds of servers installed, and the specific subnet
classifications are mentioned. Then the report provides the network design which has been
drawn and configured in Cisco Packet Tracer 6.2 after which the network design and
architecture gets explained in detail. Next the IP addressing and the subnet classifications of
the network is provided in tabular format and discussed thereafter with respect to the subnets
for each segment. Then the implementation of the VLANs is shown, and the report discusses
how the VLANs get implemented to ensure the inter VLAN routing works. Thereafter the
report talks about the access control list extended commands for prohibiting the departments
from accessing one another. All restrictions available through ACL commands is shown as
well as how the departments are restricted. Next the report provides the tests and validations
to check whether the network proposed meets the requirements of AML. Then after
discussing the IP addressing protocol the report ends with concluding notes.
Requirements
The small network of the company alm.co.uk is to consist of four different LAN
configurations for four different departments along with LAN configuration for the servers
and the wireless network.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
The LAN configuration of the servers include individual servers for DNS, email, web and
File sharing purposes.
Each and every server needs to have access with the individual workstations of users of all
the four departments.
Subnet classification of ALM network needs to be made as per the count of workstations,
printers, servers the different departments.
ALM’s network is to have wireless network support for the various smartphones and laptops
belonging to users of all departments.
This network then needs to be segmented so that network access to and from the devices of
the four departments as also other LAN configurations of the network can be better controlled
and managed with specified access rules.
Each department must be blocked from accessing systems of other three departments via
security restrictions implemented internally.
The number of workstations and printers which exist in the four separate departments can be
given by 48 PCs as well as 1 printer for Dept. 1, 18 workstations along with 1 printer for
Dept. 2, 11 workstations and 1 printer for Dept. 3 and upto 68 workstations as also 1 printer
for the Dept. 4.
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
The LAN configuration of the servers include individual servers for DNS, email, web and
File sharing purposes.
Each and every server needs to have access with the individual workstations of users of all
the four departments.
Subnet classification of ALM network needs to be made as per the count of workstations,
printers, servers the different departments.
ALM’s network is to have wireless network support for the various smartphones and laptops
belonging to users of all departments.
This network then needs to be segmented so that network access to and from the devices of
the four departments as also other LAN configurations of the network can be better controlled
and managed with specified access rules.
Each department must be blocked from accessing systems of other three departments via
security restrictions implemented internally.
The number of workstations and printers which exist in the four separate departments can be
given by 48 PCs as well as 1 printer for Dept. 1, 18 workstations along with 1 printer for
Dept. 2, 11 workstations and 1 printer for Dept. 3 and upto 68 workstations as also 1 printer
for the Dept. 4.
5
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
Solution
Network Design
Figure 1: Network Design Diagram of alm.co.uk
This figure shows how the design of the small network of alm.co.uk can turn out to
be. It is clear from this network diagram, that the network is built upon the three layered
hierarchical networking model involving a core, distribution and access layers and follows
the top down approach. At the top the main router of the company constitutes the core layer
of the network. This is the router where the various configurations like subnet classification,
DHCP, inter VLAN routing for the entire network are implemented. Next, the routed network
is supplied to the multilayer switch that constitutes the distribution layer. This multilayer
switch is responsible for distributing the network access to the switches of the various
departments as well as all the LAN configurations including that of the servers and the
wireless network. The connection to these specific switches are provided through the
respective VLANs. The lower layer switches which are responsible for connecting the
individual devices constitute the access layer thus completing the three layer networking
model. There are six such lower layer switches, four of which serve the four different
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
Solution
Network Design
Figure 1: Network Design Diagram of alm.co.uk
This figure shows how the design of the small network of alm.co.uk can turn out to
be. It is clear from this network diagram, that the network is built upon the three layered
hierarchical networking model involving a core, distribution and access layers and follows
the top down approach. At the top the main router of the company constitutes the core layer
of the network. This is the router where the various configurations like subnet classification,
DHCP, inter VLAN routing for the entire network are implemented. Next, the routed network
is supplied to the multilayer switch that constitutes the distribution layer. This multilayer
switch is responsible for distributing the network access to the switches of the various
departments as well as all the LAN configurations including that of the servers and the
wireless network. The connection to these specific switches are provided through the
respective VLANs. The lower layer switches which are responsible for connecting the
individual devices constitute the access layer thus completing the three layer networking
model. There are six such lower layer switches, four of which serve the four different
6
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
departments of alm.co.uk whereas the other two switches form the LAN configurations of the
servers as well as the wireless network. There are four servers installed in the network. These
are for the web server, the mail server, the DNS server and the file sharing server. While the
network is segmented by implementing VLANs for each LAN configuration, access to and
from the various departments is managed through the access control list extended commands.
Subnetting of the network
Sub
net
Nam
es
Sub
net
Size
Alloc
ated
subne
t size
Subnet
Network
Address
Subnet
CIDR
Subnet
Mask
IP
Address
Ranges
for
Subnet
Subnet
Broadcast
Address
Dept
. 1
49 62
192.168.
168.0
/26
255.255.2
55.192
192.168.1
68.1 -
192.168.1
68.62
192.168.1
68.63
Dept
. 2
19 30
192.168.
169.0
/27
255.255.2
55.224
192.168.1
69.1 -
192.168.1
69.30
192.168.1
69.31
Dept
. 3
12 14
192.168.
170.0
/28
255.255.2
55.240
192.168.1
70.1 -
192.168.1
70.14
192.168.1
70.15
Dept
. 4
69 126 192.168.
171.0
/25 255.255.2
5.128
192.168.1
71.1 -
192.168.1
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
departments of alm.co.uk whereas the other two switches form the LAN configurations of the
servers as well as the wireless network. There are four servers installed in the network. These
are for the web server, the mail server, the DNS server and the file sharing server. While the
network is segmented by implementing VLANs for each LAN configuration, access to and
from the various departments is managed through the access control list extended commands.
Subnetting of the network
Sub
net
Nam
es
Sub
net
Size
Alloc
ated
subne
t size
Subnet
Network
Address
Subnet
CIDR
Subnet
Mask
IP
Address
Ranges
for
Subnet
Subnet
Broadcast
Address
Dept
. 1
49 62
192.168.
168.0
/26
255.255.2
55.192
192.168.1
68.1 -
192.168.1
68.62
192.168.1
68.63
Dept
. 2
19 30
192.168.
169.0
/27
255.255.2
55.224
192.168.1
69.1 -
192.168.1
69.30
192.168.1
69.31
Dept
. 3
12 14
192.168.
170.0
/28
255.255.2
55.240
192.168.1
70.1 -
192.168.1
70.14
192.168.1
70.15
Dept
. 4
69 126 192.168.
171.0
/25 255.255.2
5.128
192.168.1
71.1 -
192.168.1
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
192.168.1
71.126
71.127
Serve
r
LAN
4 6
192.168.
172.0
29
255.255.2
55.248
192.168.1
72.1 -
192.168.1
72.6
192.168.1
72.7
Wirel
ess
Netw
ork
LAN
250 254
10.11.12.
0
/24
255.255.2
55.0
10.11.12.1
-
10.11.12.2
54
10.11.12.2
55
The table provided above presents the different subnets that have been calculated for
six different subnets based on the private network 192.168.X.0/24. Here X is the varying part
of the network for each of the five subnets – four for different departments and one for the
servers. This is because the access routes are configured through inter VLAN routing and
each segment has their own specific VLAN. Both the servers and the wireless network should
be accessible by devices of the four departments. Since the wireless network is to provide
wireless connectivity to multiple devices of users of all departments, a full subnet is allocated
for this segment. The wireless network uses the private network 10.11.12.0/24. Therefore, the
subnet network addresses for the different departments happen to be 192.168.168.0 for Dept.
1, 192.168.169.0 for Dept. 2, 192.168.170.0 for Dept. 3, 192.168.171.0 for Dept. 4,
192.168.172.0 for servers and 10.11.12.0 for the wireless network. Subnet masks of these
different subnets can be given by 255.255.255.192 for Dept. 1, 255.255.255.224 for Dept. 2,
255.255.255.240 for Dept. 3, 255.255.255.128 Dept. 4, 255.255.255.248 for the servers, and
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
192.168.1
71.126
71.127
Serve
r
LAN
4 6
192.168.
172.0
29
255.255.2
55.248
192.168.1
72.1 -
192.168.1
72.6
192.168.1
72.7
Wirel
ess
Netw
ork
LAN
250 254
10.11.12.
0
/24
255.255.2
55.0
10.11.12.1
-
10.11.12.2
54
10.11.12.2
55
The table provided above presents the different subnets that have been calculated for
six different subnets based on the private network 192.168.X.0/24. Here X is the varying part
of the network for each of the five subnets – four for different departments and one for the
servers. This is because the access routes are configured through inter VLAN routing and
each segment has their own specific VLAN. Both the servers and the wireless network should
be accessible by devices of the four departments. Since the wireless network is to provide
wireless connectivity to multiple devices of users of all departments, a full subnet is allocated
for this segment. The wireless network uses the private network 10.11.12.0/24. Therefore, the
subnet network addresses for the different departments happen to be 192.168.168.0 for Dept.
1, 192.168.169.0 for Dept. 2, 192.168.170.0 for Dept. 3, 192.168.171.0 for Dept. 4,
192.168.172.0 for servers and 10.11.12.0 for the wireless network. Subnet masks of these
different subnets can be given by 255.255.255.192 for Dept. 1, 255.255.255.224 for Dept. 2,
255.255.255.240 for Dept. 3, 255.255.255.128 Dept. 4, 255.255.255.248 for the servers, and
8
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
255.255.255.0 for the wireless network and the specific CIDR notations for these subnets are
26, 27, 28, 25, 29 and 24 respectively denoted in the form ‘/24’. This just means that the IP
addressing mechanism being used for subnetting of the ALM network is CIDR or Classless
Inter Domain Routing. Use of CIDR based addressing is beneficial against traditional classful
IP addressing method as the change of subnet masks result in smaller variations in address
spaces available for the subnets. This helps prevent wastage of IP address space which is
highly noticeable when using classful IP addressing. The CIDR based subnetting can greatly
help companies in saving cost of acquiring and implementing their network.
VLAN Implementation
Screenshot 1: VLANs created for ALM network
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
255.255.255.0 for the wireless network and the specific CIDR notations for these subnets are
26, 27, 28, 25, 29 and 24 respectively denoted in the form ‘/24’. This just means that the IP
addressing mechanism being used for subnetting of the ALM network is CIDR or Classless
Inter Domain Routing. Use of CIDR based addressing is beneficial against traditional classful
IP addressing method as the change of subnet masks result in smaller variations in address
spaces available for the subnets. This helps prevent wastage of IP address space which is
highly noticeable when using classful IP addressing. The CIDR based subnetting can greatly
help companies in saving cost of acquiring and implementing their network.
VLAN Implementation
Screenshot 1: VLANs created for ALM network
9
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
The screenshot above shows the number of VLANs that have been created for the network
along with VLAN 1 which is present by default. All these VLANs are added in the multilayer
switch which connects with the router as well as with other lower layer switches through the
various interfaces in trunk mode. The IP subnetting for the different VLAN segments along
with the automatic IP allocation of devices in these departments are configured in the main
router as the DHCP pools created are mapped with the respective VLANs. This enables the
devices of one VLAN like the workstations and printers access other devices of a different
VLAN like the different servers as well as the smartphones connected through the wireless
network. The lower layer switches connect the individual devices through their specific
VLANs via interfaces in access mode. This means the devices within each department can
communicate with one another. The different VLANs created in the network according to
their numbers are 12 for wireless, 168 for Dept. 1, 169 for Dept. 2, 170 for Dept. 3, 171 for
Dept. 4 and 172 for the servers.
VLAN Access Restrictions using Access Control List
The list of CLI commands of Access control list extended are those which are utilized
for blocking communication access privileges of different network segments from the other
network segments. The ACL commands help impose different forms of network restrictions
on a given network which can include denying access to the HTTP server or denying any
ping based communication like echo reply or echo request. The following screenshot shows
these functionalities of ACL commands.
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
The screenshot above shows the number of VLANs that have been created for the network
along with VLAN 1 which is present by default. All these VLANs are added in the multilayer
switch which connects with the router as well as with other lower layer switches through the
various interfaces in trunk mode. The IP subnetting for the different VLAN segments along
with the automatic IP allocation of devices in these departments are configured in the main
router as the DHCP pools created are mapped with the respective VLANs. This enables the
devices of one VLAN like the workstations and printers access other devices of a different
VLAN like the different servers as well as the smartphones connected through the wireless
network. The lower layer switches connect the individual devices through their specific
VLANs via interfaces in access mode. This means the devices within each department can
communicate with one another. The different VLANs created in the network according to
their numbers are 12 for wireless, 168 for Dept. 1, 169 for Dept. 2, 170 for Dept. 3, 171 for
Dept. 4 and 172 for the servers.
VLAN Access Restrictions using Access Control List
The list of CLI commands of Access control list extended are those which are utilized
for blocking communication access privileges of different network segments from the other
network segments. The ACL commands help impose different forms of network restrictions
on a given network which can include denying access to the HTTP server or denying any
ping based communication like echo reply or echo request. The following screenshot shows
these functionalities of ACL commands.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
Screenshot 2: ACL command access restictions
For blocking the four departments from accessing or communicating with one another
it must be seen that the devices of these network segments are not able to ping devices of the
other network segments. To accomplish this the access list deny ICMP echo command is
used. The screenshot below shows how ICMP echo message from one department to rest of
the three departments can be blocked by specifying the respective host networks. The
screenshot presents the one for host network 192.168.168.0. In the same manner the
communication privileges of the other departments are blocked from sending and receiving
ping messages with the rest of the segments.
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
Screenshot 2: ACL command access restictions
For blocking the four departments from accessing or communicating with one another
it must be seen that the devices of these network segments are not able to ping devices of the
other network segments. To accomplish this the access list deny ICMP echo command is
used. The screenshot below shows how ICMP echo message from one department to rest of
the three departments can be blocked by specifying the respective host networks. The
screenshot presents the one for host network 192.168.168.0. In the same manner the
communication privileges of the other departments are blocked from sending and receiving
ping messages with the rest of the segments.
11
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
Screenshot 3: ACL commands for restricting host 192.168.168.0
Validation and Tests
For checking whether this proposed network is appropriate for the company
alm.co.uk, it is required to check if indeed the requirements for the network specified earlier
is being fulfilled by the network. This is why validation checks are performed to check
whether the different network segment are actually prohibited from sending or receiving ping
messages from one another, whether the devices of the different departments are able to send
or receive ping messages from the server or if the devices can access the smartphones
accessing the wireless network.
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
Screenshot 3: ACL commands for restricting host 192.168.168.0
Validation and Tests
For checking whether this proposed network is appropriate for the company
alm.co.uk, it is required to check if indeed the requirements for the network specified earlier
is being fulfilled by the network. This is why validation checks are performed to check
whether the different network segment are actually prohibited from sending or receiving ping
messages from one another, whether the devices of the different departments are able to send
or receive ping messages from the server or if the devices can access the smartphones
accessing the wireless network.
12
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
Screenshot 4: Dept. 1 unable to ping other departments
Screenshot 5: Dept. 2 unable to ping other departments
Screenshot 6: Dept. 3 unable to ping other departments
Screenshot 7: Dept. 4 unable to ping other departments
From these four screenshots it can be seen that devices of each of the four
departments are successfully blocked from sending ping messages to the devices of other
departments. These tests thus validate that the network meets the meets the requirement of
the four departments not being able to access devices of each other.
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
Screenshot 4: Dept. 1 unable to ping other departments
Screenshot 5: Dept. 2 unable to ping other departments
Screenshot 6: Dept. 3 unable to ping other departments
Screenshot 7: Dept. 4 unable to ping other departments
From these four screenshots it can be seen that devices of each of the four
departments are successfully blocked from sending ping messages to the devices of other
departments. These tests thus validate that the network meets the meets the requirement of
the four departments not being able to access devices of each other.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
13
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
Screenshot 8: Dept. 1 able to ping all four servers
Screenshot 9: Dept. 2 able to ping all four servers
Screenshot 10: Dept. 3 able to ping all four servers
Screenshot 11: Dept. 4 able to ping all four servers
Screenshot 12: Devices of wireless network able to ping all four servers
From these five screenshots it can be seen that devices of all the four departments are
able to access all the four different servers namely the web, the mail, the DNS and the file
sharing servers. The devices connected to the wireless network, that is the smartphones are
also able to ping these four servers. Hence, the tests prove that the network meets the
requirements of having the four servers made accessible to all users of all the four
departments.
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
Screenshot 8: Dept. 1 able to ping all four servers
Screenshot 9: Dept. 2 able to ping all four servers
Screenshot 10: Dept. 3 able to ping all four servers
Screenshot 11: Dept. 4 able to ping all four servers
Screenshot 12: Devices of wireless network able to ping all four servers
From these five screenshots it can be seen that devices of all the four departments are
able to access all the four different servers namely the web, the mail, the DNS and the file
sharing servers. The devices connected to the wireless network, that is the smartphones are
also able to ping these four servers. Hence, the tests prove that the network meets the
requirements of having the four servers made accessible to all users of all the four
departments.
14
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
This means the security rules and restrictions in the network of alm.co.uk has been
properly implemented through internal security measures like using ACL extended
commands in the respective VLAN sub interfaces.
Protocols for connecting devices
The DHCP protocol has been used for automatically assigning IP addresses to the
devices of the respective VLANs. The four departments are responsible for hosting close to
150 devices. The wireless network is serving almost 254 devices. These along with the
servers account for a large bunch of systems which is why it becomes very difficult for the
network administrators to manually assign IP addresses to these devices. Since the DHCP
protocol automatically select the right IP for a given system, this heavy burden from the
shoulders of the network admins can be reduced. Thus DHCP makes the network
administrators available to conduct more critical tasks like monitoring the network and
preventing intrusions.
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
This means the security rules and restrictions in the network of alm.co.uk has been
properly implemented through internal security measures like using ACL extended
commands in the respective VLAN sub interfaces.
Protocols for connecting devices
The DHCP protocol has been used for automatically assigning IP addresses to the
devices of the respective VLANs. The four departments are responsible for hosting close to
150 devices. The wireless network is serving almost 254 devices. These along with the
servers account for a large bunch of systems which is why it becomes very difficult for the
network administrators to manually assign IP addresses to these devices. Since the DHCP
protocol automatically select the right IP for a given system, this heavy burden from the
shoulders of the network admins can be reduced. Thus DHCP makes the network
administrators available to conduct more critical tasks like monitoring the network and
preventing intrusions.
15
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
Screenshot 13: Successful DHCP configuration for wireless devices
This screenshot above validates that the smartphones and other devices utilizing the
wireless network are able to get their IP addresses assigned automatically through successful
DHCP requests. This is not limited to the wireless devices alone. Devices of all the network
segments have their IP addresses allocated similarly using the DHCP protocol.
Conclusion
To conclude the above report succeeds in highlighting the importance of segmentation
of networks and internally securing of these network segments play a significant role in
preventing networks from getting compromised by threats of hackers, and other cyber
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
Screenshot 13: Successful DHCP configuration for wireless devices
This screenshot above validates that the smartphones and other devices utilizing the
wireless network are able to get their IP addresses assigned automatically through successful
DHCP requests. This is not limited to the wireless devices alone. Devices of all the network
segments have their IP addresses allocated similarly using the DHCP protocol.
Conclusion
To conclude the above report succeeds in highlighting the importance of segmentation
of networks and internally securing of these network segments play a significant role in
preventing networks from getting compromised by threats of hackers, and other cyber
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
16
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
security attacks. The report aims to propose a network for alm.co.uk where such
segmentation are created and appropriate security measures for these segments are put in
place. The report begins by summarizing the requirements of ALM network where the
number of devices for each segment, the access restrictions, and the kinds of servers installed,
and the specific subnet classifications are mentioned. Then the report provides the network
design which has been drawn and configured in Cisco Packet Tracer 6.2 after which the
network design and architecture gets explained in detail. Next the IP addressing and the
subnet classifications of the network is provided in tabular format and discussed thereafter
with respect to the subnets for each segment. Then the implementation of the VLANs is
shown, and the report discusses how the VLANs get implemented to ensure the inter VLAN
routing works. Thereafter the report talks about the access control list extended commands
for prohibiting the departments from accessing one another. All restrictions available through
ACL commands is shown as well as how the departments are restricted. Next the report
provides the tests and validations to check whether the network proposed meets the
requirements of AML. Then the report ends after discussing the automatic IP addressing
protocol using DHCP.
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
security attacks. The report aims to propose a network for alm.co.uk where such
segmentation are created and appropriate security measures for these segments are put in
place. The report begins by summarizing the requirements of ALM network where the
number of devices for each segment, the access restrictions, and the kinds of servers installed,
and the specific subnet classifications are mentioned. Then the report provides the network
design which has been drawn and configured in Cisco Packet Tracer 6.2 after which the
network design and architecture gets explained in detail. Next the IP addressing and the
subnet classifications of the network is provided in tabular format and discussed thereafter
with respect to the subnets for each segment. Then the implementation of the VLANs is
shown, and the report discusses how the VLANs get implemented to ensure the inter VLAN
routing works. Thereafter the report talks about the access control list extended commands
for prohibiting the departments from accessing one another. All restrictions available through
ACL commands is shown as well as how the departments are restricted. Next the report
provides the tests and validations to check whether the network proposed meets the
requirements of AML. Then the report ends after discussing the automatic IP addressing
protocol using DHCP.
17
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
Bibliography
Ashraf, Z. and Yousaf, M., 2016. SECURE INTER-VLAN IPv6 ROUTING:
IMPLEMENTATION & EVALUATION. Science International, 28(3).
Čabarkapa, D., 2015. Application of Cisco Packet Tracer 6.2 in teaching of advanced
computer networks. INFORMATION TECHNOLOGY AND DEVELOPMENT OF
EDUCATION ITRO 2015, p.153.
Chamberlin, J., Hussey, J., Klimkowski, B., Moody, W. and Morrell, C., 2017, September.
The Impact of Virtualized Technology on Undergraduate Computer Networking Education.
In Proceedings of the 18th Annual Conference on Information Technology Education (pp.
109-114). ACM.
Garrison, W.C., Shull, A., Myers, S. and Lee, A.J., 2016, May. On the practicality of
cryptographically enforcing dynamic access control policies in the cloud. In 2016 IEEE
Symposium on Security and Privacy (SP) (pp. 819-838). IEEE.
Han, X., Fu, Y., Jiang, J. and Wang, C., 2015. A deadlock-free subnetting mechanism for
high performance broadcasting in NoC. IEICE Electronics Express, 12(19), pp.20150688-
20150688.
Jenkins, H., Moran, D. and Hester, E., 2018. Architecting DHCP and the Internet Using Top.
International Journal of Software Systems Research and Methodology, 1(1).
Kelley, M., Grimes, K., Martin, P. and Reynolds, H., 2018. On the Deployment of DHCP.
Journal of Computer Science and Software Engineering, 9(4).
Koerner, M. and Kao, O., 2016. MAC Based Dynamic VLAN Tagging with OpenFlow for
WLAN Access Networks. Procedia Computer Science, 94, pp.497-501.
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
Bibliography
Ashraf, Z. and Yousaf, M., 2016. SECURE INTER-VLAN IPv6 ROUTING:
IMPLEMENTATION & EVALUATION. Science International, 28(3).
Čabarkapa, D., 2015. Application of Cisco Packet Tracer 6.2 in teaching of advanced
computer networks. INFORMATION TECHNOLOGY AND DEVELOPMENT OF
EDUCATION ITRO 2015, p.153.
Chamberlin, J., Hussey, J., Klimkowski, B., Moody, W. and Morrell, C., 2017, September.
The Impact of Virtualized Technology on Undergraduate Computer Networking Education.
In Proceedings of the 18th Annual Conference on Information Technology Education (pp.
109-114). ACM.
Garrison, W.C., Shull, A., Myers, S. and Lee, A.J., 2016, May. On the practicality of
cryptographically enforcing dynamic access control policies in the cloud. In 2016 IEEE
Symposium on Security and Privacy (SP) (pp. 819-838). IEEE.
Han, X., Fu, Y., Jiang, J. and Wang, C., 2015. A deadlock-free subnetting mechanism for
high performance broadcasting in NoC. IEICE Electronics Express, 12(19), pp.20150688-
20150688.
Jenkins, H., Moran, D. and Hester, E., 2018. Architecting DHCP and the Internet Using Top.
International Journal of Software Systems Research and Methodology, 1(1).
Kelley, M., Grimes, K., Martin, P. and Reynolds, H., 2018. On the Deployment of DHCP.
Journal of Computer Science and Software Engineering, 9(4).
Koerner, M. and Kao, O., 2016. MAC Based Dynamic VLAN Tagging with OpenFlow for
WLAN Access Networks. Procedia Computer Science, 94, pp.497-501.
18
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
Laing, R., Smith, S., Sixtus, J. and Hardy, J., 2019. Deconstructing DHCP Using Zobo.
International Journal of Software Systems Research and Methodology, 3(1).
Laing, R., Smith, S., Sixtus, J. and Hardy, J., 2019. Deconstructing DHCP Using Zobo.
International Journal of Software Systems Research and Methodology, 3(1).
Liu, X., Holden, B. and Wu, D., 2017, July. Automated synthesis of access control lists. In
2017 International Conference on Software Security and Assurance (ICSSA) (pp. 104-109).
IEEE.
Nguyen, V.G. and Kim, Y.H., 2016. SDN-Based Enterprise and Campus Networks: A Case
of VLAN Management. Journal of Information Processing Systems, 12(3).
Odi, A.C., Nwogbaga, N.E. and Chukwuka, N.O., 2015. The Proposed Roles of VLAN and
Inter-VLAN Routing in Effective Distribution of Network Services in Ebonyi State
University. International Journal of Science and Research, (7), pp.2608-2615.
Othman, M.Z., 2015. Peperiksaan Akhir Semester 1 Sesi 2015/2016-Computer networking
(MTN3023).
Ranathunga, D., Roughan, M., Nguyen, H., Kernick, P. and Falkner, N., 2016. Case studies
of scada firewall configurations and the implications for best practices. IEEE Transactions
on Network and Service Management, 13(4), pp.871-884.
Rentschler, M., Trsek, H. and Dürkop, L., 2016, July. OPC UA extension for IP auto-
configuration in cyber-physical systems. In 2016 IEEE 14th International Conference on
Industrial Informatics (INDIN) (pp. 26-31). IEEE.
Sari, L.M.I., Hatta, P., Wihidayat, E.S. and Xiao, F.E.N.G., 2018. A comparison between the
Use of Cisco packet tracer and graphical network simulator 3 as learning media on students’
achievement. Jurnal Pendidikan Teknologi dan Kejuruan, 24(1), pp.132-136.
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
Laing, R., Smith, S., Sixtus, J. and Hardy, J., 2019. Deconstructing DHCP Using Zobo.
International Journal of Software Systems Research and Methodology, 3(1).
Laing, R., Smith, S., Sixtus, J. and Hardy, J., 2019. Deconstructing DHCP Using Zobo.
International Journal of Software Systems Research and Methodology, 3(1).
Liu, X., Holden, B. and Wu, D., 2017, July. Automated synthesis of access control lists. In
2017 International Conference on Software Security and Assurance (ICSSA) (pp. 104-109).
IEEE.
Nguyen, V.G. and Kim, Y.H., 2016. SDN-Based Enterprise and Campus Networks: A Case
of VLAN Management. Journal of Information Processing Systems, 12(3).
Odi, A.C., Nwogbaga, N.E. and Chukwuka, N.O., 2015. The Proposed Roles of VLAN and
Inter-VLAN Routing in Effective Distribution of Network Services in Ebonyi State
University. International Journal of Science and Research, (7), pp.2608-2615.
Othman, M.Z., 2015. Peperiksaan Akhir Semester 1 Sesi 2015/2016-Computer networking
(MTN3023).
Ranathunga, D., Roughan, M., Nguyen, H., Kernick, P. and Falkner, N., 2016. Case studies
of scada firewall configurations and the implications for best practices. IEEE Transactions
on Network and Service Management, 13(4), pp.871-884.
Rentschler, M., Trsek, H. and Dürkop, L., 2016, July. OPC UA extension for IP auto-
configuration in cyber-physical systems. In 2016 IEEE 14th International Conference on
Industrial Informatics (INDIN) (pp. 26-31). IEEE.
Sari, L.M.I., Hatta, P., Wihidayat, E.S. and Xiao, F.E.N.G., 2018. A comparison between the
Use of Cisco packet tracer and graphical network simulator 3 as learning media on students’
achievement. Jurnal Pendidikan Teknologi dan Kejuruan, 24(1), pp.132-136.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
19
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
Singh, D.A.K., 2015. Internet Protocol (IP) Address–Subnetting and Supernetting. Int. J.
Emerg. Trends Technol. Comput. Sci, 4, pp.87-90.
Singh, D.A.K., 2015. Internet Protocol (IP) Address–Subnetting and Supernetting. Int. J.
Emerg. Trends Technol. Comput. Sci, 4, pp.87-90.
Smith, G., Reynolds, D. and McPherson, J., 2018. A Methodology for the Evaluation of
DHCP. Software engineering and CS Journal, 3(1).
NETWORK IMPLEMENTATION AND ACCESS RESTRICTIONS
Singh, D.A.K., 2015. Internet Protocol (IP) Address–Subnetting and Supernetting. Int. J.
Emerg. Trends Technol. Comput. Sci, 4, pp.87-90.
Singh, D.A.K., 2015. Internet Protocol (IP) Address–Subnetting and Supernetting. Int. J.
Emerg. Trends Technol. Comput. Sci, 4, pp.87-90.
Smith, G., Reynolds, D. and McPherson, J., 2018. A Methodology for the Evaluation of
DHCP. Software engineering and CS Journal, 3(1).
1 out of 20
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.