This review is an individual assignment which is intended to allow you to demonstrate your understanding of Firewalls an

[answerhappygod]

This review is an individual assignment which is intended to
allow you to demonstrate your understanding of Firewalls and its
practical application such as in network
segmentation towards the technical perspective to
Computer and Information Security. It is also aimed at inducingyour
ability to critically apply theoretical understanding to the
practicaldomain. Your submission should be detailedenough and
purely from a practicalview point. This assignment would also
require your previous understanding of the application of VLANs,
Leased lines, IP Addressing, Routers and Routing protocols.
Consider the scenario below and answer the tasks that follow.
Youmay choose to discuss your thoughts with other peopleto
ensure that you have understood them properly, but you may
not collaborate with other people to prepare the detail
of your submission and its drafting. You may not share, with any
other student, any text, graphics, or data files that form part of
your assignment.
Scenario
A small businessenterprise, named "Got 2 Get", located in a city
has two offices - a corporate office (termed as location 1 or L1)
that houses the Corporate team and the Sales and Marketing team and
an Operations office (termed as location 2 or L2) that housesthe
other teamsincluding the IT team. The two offices L1 and L2 are
connected via a point-to-point leased line. The Internetaccess is
via a routerat L2.
At L1, the network has two internalsegments one each for the
corporate and Sales &Marketing teams. At L2, there are four
internal segments, one each for three teams including the IT team
and one firewalled exclusive segment for hosting the organisation's
web server. There are now plans to open a third officewithin the
same city at a different location, L3, to expand to provide online
sales and customer support. L3 will connect to L2 via a leased
link. L3 will have an internal network containing three segments,
one each for the online sales team, customer support team, and the
web & database serversfor online sales.The network segmentfor
online saleswill be firewalled. L3 will have a link to the
Internetfor online sales.
Following setting up L3, the business plans to acquire a
warehouse location L4, physically adjoining L3 for inventory and
stocks, which are now handled by a third-party company. It is
planned that L4 will have a video surveillance network that is
connected via the network and monitored by a team in L3. The video
logging of the surveillance feed is done on servers at location
L2.
You are a network security design consultant who is expected to
advise them on the design aspects of the network.You should
reviewand advise on the following aspects of the design so that
theirbusiness requirements are met. Their business requirements
are:
24x7 online business access and availability
24x7 customer service access
24x7 video surveillance, notifications, and alarms for L4 The
technical aspects to consider for design decisions are:
Bandwidth requirement estimates for the leased connections
between L2 & L1 and L2 &L3
Each team is in a separatenetwork segment of the internalnetwork
at their location
Secure the Internal networkfrom external traffic
Redundant networkresources (devices & links) to ensure 24x7
availability
Interconnection between L3 and L4
Service Level Agreements (SLA) with Internetproviders
The details of the individual team sizes at each locationis
listed below. Each member of a team has a computing device that is
used to access the organisation's network. The members of the
warehouse team will be provided with tablets to enable them to be
mobile.
Location
Connected to
Team Name
Team Size
L1
L2
Corporate
5
Sales &Marketing
7
L2
L1, L3, Internet
IT Team
3
Other threeTeams
6 + 6 +12
L3
L2, L4, Internet
Online Sales
5
Customer Support
6
L4
L3
Warehouse
5
You are expected to provide a report style document whose
content must answer the specific questions mentioned as tasks
below.
Task 3 (up to 25 marks)
The IP addressing of the network uses Class C private addresses
for the network segments of L1, L2, and L3. L1 and L2 share
one class C address. The internal network interfaces of
the routers at L3 and L4 when commissioned
will share another class C address.
a. List the IP addresses and their subnets for each location and
for the router interfaces. Use
atable to list the IP subnets, the associated subnetmask (or CIDR) and the useable addressrange for
each subnet. The columns of the table must be titled "Class C IP
address", "Location",
"IP subnetwith mask/CIDR", "IP address range (x.x.x.y to x.x.x.z)", "Number of hosts addresses
in the range". IP subnets that are not utilised must be listed
and marked as "Unused" in the location column.
b. In the subnets
you created, what is the percentage utilisation of the address space? Calculate this
using the equation (% utilisation = (host addresses used in the
subnet / host addresses in the subnet) * 100).
c. If the utilisation of address space is less than 50% per subnet,it implies that the subnetsizes can be reduced. Thereis a total of 55 hosts (including L4) and the router interfaces. Use a
single class C address and provide subnets for all network segments
and calculate the address utilisation percentage.
Use the table format mentioned in (3a).