Artifacts
SOHO Network Design
The SOHO network design within will provide wired and wireless network connectivity for the existing 18 workstations in a way that isolates the internal network from security threats such as hackers and viruses.
Network Intrusion Detection Systems will be placed before every connection to a switch. The wireless access point, printers and all Servers and will be assigned static IP addresses. The workstations will be assigned DHCP addresses, and routers with firewalls will be placed on each side of the DMZ (demilitarized zone). The wired and wireless access points will be protected from unauthorized use by application layer firewalls access control lists and port authorization. All computers will be accessed only by username and password.
Inventory
Name Address Purpose Special Features
Router 1 192.168.0.20 access to internet for entire network Network layer firewall (stateless)
Router 2 192.168.0.21 access to network for internal network Application layer firewall
NIDS 1 192.168.0.22 Network Intrusion Detection/Protection
NIDS 2 192.168.0.23 Network Intrusion Detection/Protection
NIDS 3 192.168.0.24 Network Intrusion Detection/Protection
Switch 1 Create VLAN for DMZ
Switch 2 Route Mail and Web servers
Switch 3 Route internal Network Port authentication
Mail Server 192.168.0.1 filters email
Web Server 192.168.0.2 content filtering
WAP 192.168.0.3 Wireless Access Point
DHCP Server 192.168.0.4 assign IP addresses
DatabaseServer 192.168.0.5 data analysis/storage
Proxy Server 192.168.0.6 access control/ caching /security
Netwrk Printer 1 192.168.0.7 printing/ scanning/ faxing
Netwrk Printer 2 192.168.0.8 printing/ scanning/ faxing
Workstations1-18 DHCP assigned 1-4 exec/ 5-18 personnel
SQL Tables