0

Alright guy's! I wonder if anyone can help? Im trying to reseearch idea's for my final year project at university and I haven't got a clue! My degree is in Information Systems and I am also doing a CCNA course. Anyone got any idea's how I could incorporate this into a project?

Cheers,

Darren

6
Contributors
5
Replies
13
Views
13 Years
Discussion Span
Last Post by prosanjit143
0

Sure Darren,

How 'bout this. Engineer a secure network design with an internal LAN of say 100 users, that all need Internet access through a shared T1.

The situation:
The network has one Exchange server, 1 FTP server, 2 Citrix servers, 1 SQL server along with a Voice over IP PBX switch and video camera feed. The Exchange server must be available for both Internal mapi access by Outlook clients and external pop3 and web client access for outside sales staff. Budget does not allow for more than one mail server. One Citrix server must be available for outside access and must be able to access the internal MSSQL and a variety of other application servers. There is currently one Cisco 2600 Router in place with one serial port for the T1 and 2 ethernet ports. Someone has already implemented a poorly designed security policy with the Exchange, FTP, one Citrix, the PBX and camera on a DMZ and to give internal access to the LAN, the Exchange and Citrix each have dual NICs which connect directly to both the DMZ and the internal LAN. Vicious hackers have invaded the Exchange server and passed viruses throughout the internal network via the second NIC. You have been given permission to adjust the pieces as you see fit, but you cannot change or limit the user's access to these resources. You must design a router and network configuration that is reasonably secure with an eye toward adding a PIX firewall at a later time. This is a working network (sort of), so you cannot start fresh. You must make changes and limit downtime to arrive at your goal. Create a proposed router configuration with access lists to limit traffic. Explain your design and the steps you will take, in logical order, to achieve it. If you decide to allow traffic between the DMZ and LAN then show what protocols will need to be allowed to cross from the DMZ and why and how you limit the threat. Keeping in mind that absolute security is not possible with these parameters, you will suggest a more secure solution involving a firewall and an additional Exchange server so describe a secondary design involving these pieces so your customer can budget. Describe what they will achieve and why. But for now, you must stop the bleeding! And don't even think about spending any money.
This is a real world problem I recently dealt with, and not an uncommon type of thing. If you understand MS applications and servers, the problems are obvious. Enjoy! ;)

-1

Bentkey's project (Secure Network Design) is ideal since it incorporates various technologies like PBX, LAN, FTP, VPN, SIP, etc.

Votes + Comments
you do know you are replying to a SIX year old thread?
0

Hi guy's! anyone can help me? Im trying to idea's for my final year project at university and I haven't got a clue! My degree is in BSC in CSE and I am also doing a CCNA course. Anyone got any idea's how I could incorporate this into a project? anyone can help?
please send idea's.
prosanjit143@gmail.com

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.