Module code: 7COM1029
Module title: Network Systems Administration
Assignment title: Secure Network Designs, Implementation,and Administration
Group or individual: Individual
This Assignment assesses the following module Learning Outcomes (from Definitive Module Document):
LO1: Have a knowledge and understanding of the issues involved in the design, realization /administration, and management of a networked computing environment.
LO2: Be able to design, install and support a local area network based on established user requirements.
7COM1029 Secure Network Designs,Implementation And Administration Assignment-Hertfordshire University UK.

Assignment Brief:
This coursework is worth 70% of the overall mark for the module. Some parts of the coursework will require research beyond the material discussed in the course. This is intended and is part of the assessment. See the attachment for further information. The deadline is 06.05.2021 by electronic submission via Canvas.

Please see the table underneath for the expected structure of the report and the breakdown of the mark allocation.
Please include appropriate references and a bibliography. You are expected to use appropriate peer-reviewed sources for supporting your arguments, and an appropriate referencing style as per the University regulations.

Submission Requirements:
This is assignment is to be submitted and marked anonymously. Students should ONLY use their student ID number to identify themselves on their work. Work submitted via Canvas for anonymous marking will automatically have an anonymity number allocated to it.

When you are ready to submit your CW1, you will be required to submit the following:

• Technical reports in pdf format
• A zipped folder containing the files of the implemented network.
• A short video demo showing the tests performed on the implemented networks in Task 2
• A video demo showing the network administrative tasks carried out from Task 3

The name of the files submitted should have your student registration number as part of the name

Assignment task Description:
You are a newly employed graduate engineer working for an IT Network Support & Services Company. You have been are presented with the following challenge: A businesswoman wants you to design, install, test and support two secure computer networks for her primary and secondary business sites. The secondary business site is located 25 miles away from the main premises and she wants you to also prepare the network design and carry out the installation on a later date. The office buildings for the primary and secondary site were newly purchased and it will require fully functioning secure networks to run her business. The floor plans can be seen in the images below:

Figure 1: The floor plan of the primary business site:

Figure 2: The floor plan of the secondary business site:

To proceed with the given assignment, your line manager wants you to carry out three main tasks.

Task 1: Network Designs
Your line manager wants you to provide detailed network designs for the primary and secondary business sites of the company using the provided office floor plans as a guide. The customer has provided the following specifications for the network.

Network Specifications: Primary business site

• Office 1 should be used as the Communication Room (comms room)
• There should be at least 15 workstations which must include one for the reception and conference room respectively.
• Three of the workstations should be running Linux OS i.e. Debian & Ubuntu LTS versions.
• In the comms room, there is a need for at least one hardware firewall to be connected to the border router and the main router should serve as the DHCP server.
• The network must have a DNS server, FTP server, and at least two 24-port switches.
• Most core network devices should be in the comms room. They will need racks. It is expected that most of the networking infrastructure should be stored in the same room unless in exceptional cases.
• The LAN must be 100% redundant in the case of a single point failure. Redundancy is critical. In the case that one of the circuits fails the other one must be up and able to warn for backup.
• There must be a Backup server and Print server.
• You are expected to choose your network devices sensibly i.e., a carrier-class router should not be used when you only need an enterprise-class router.
• You must consider scalability for future network expansion.
• Your network must have four VLANs which should be named Management, IT Support,Human Resources, and Sales Team.
• The workstations required for each VLAN are as follows: Management (3), IT support (3) Human Resources (3), and Sales Team (6).
• VLAN Routing must be enabled to ensure that workstations in the different departments can communicate with each other.
• Your network must have at least one Layer 3 switch, to ensure devices that are on the same subnet or virtual LAN connect at lightning speeds.
• The main server required for network administration must be Linux-based (i.e., Debian or Ubuntu OS).
• The main router must have an access control list enabled to block the following UDP & TCP ports: MS RPC (135), Syslog (514), IRC – TCP ports 6660-6669, and SNMP (161 -162).
• You must also provide a brief description of the network devices or software needed. For example, Server OS or VM technologies.
• There is a 10G SFP+ transceiver connection that will need to be connected to an ISP provider router. This connection comes to the comms room from the ISP’s building.

Network Specifications: Secondary business site

• The secondary business site is a bit smaller than the main site with only five rooms.
• One of the rooms should be a comms room with at least one hardware firewall to be connected to the border router. This border router must be able to communicate with the border router of their main office premises via their respective ISPs or using a VPN.
• The comms room should have the main router which can serve as a DHCP server and at least one 24-port switch. Note: The main router serving as a DHCP server is not a compulsory requirement for this site. The workstations IP configuration can be configured manually if you want that option, however, testing must show that all devices can communicate with each other.
• The main router must have an access control list enabled to block the following ports: TFTP (69) & NETBIOS/IP 137 – 139.
• Most devices should be in the comms room and the LAN must also be 100% redundant.
• Each office and the reception area are equipped with 1 desktop PC and all PCs can connect to a Print Server.
• The PCs in the secondary site should be able to communicate with PCs on the main site.

Task 2: Network Implementation and Testing
Your line manager wants you to implement the network design on a virtual platform to test some of the required network services and functionalities before you can carry out the physical network installations. You are expected to implement and test the proposed network using an Open-Source network simulator or emulator such as Cisco packet tracer, GNS3, Boson NetSim, VIRL, VIRL, CORE, etc.

Furthermore, you are expected to create comprehensive test and evaluation plans of the network designs and implemented services. This should be in tabular format.

Task 3: Required Network Administrative tasks
Your manager wants you to implement and execute the following administrative tasks on the networks implemented on the virtual platform. This is to ensure that the same tasks can be carried out when the physical network installation is carried out. You are also expected to carry out some further administrative tasks on the Linux server that is designative for administrative purposes only. To ensure you can perform the required administrative tasks, you are expected to first execute the tasks on a Linux
server installed on a VM Ware Player or Virtual Box.

7COM1029 Secure Network Designs,Implementation And Administration Assignment-Hertfordshire University UK.

The required administrative tasks for this section are as follows:

• The main router should be configured as the DHCP server as advised earlier and you must ensure that the IP addresses for the main router, DNS server, Linux Server, FTP server, Backup server, Print server are all excluded from the address pool.
• All work stations should be enabled to dynamically request IP from the DHCP server when they are switched on.
• Configure SSH on the main router and test these functionalities.
• Ensure all workstations can ping each other and other core network devices i.e., main router.
• All workstations must be able to connect to the internet.
• Create 15 network users and assign network administrative duties to two of the users. Note: this must be done on the Linux Server.
• Ensure that all users have an initial password which they will change when they first login in.
• Create two user groups (primary and secondary). The two network administrations should be in the primary group while the rest of the users should be placed in the secondary group.
• Aside from the network administrator accounts, create two other privileged accounts that give members the ability to run commands as root.

What is required from you
Task 1: Network Designs

• You must prepare two detailed network diagrams for the primary and secondary business sites illustrating your solutions. A simplified third network diagram showing the combination of the two sites will be required.
• You can use the floor plan as a template although you must demonstrate connectivity between different rooms in your design.
• Ideally, you should use Microsoft’s Visio or any other drawing software.
• You must search, select, and briefly evaluate the real network hardware chosen for your network designs backed up by appropriate references.
• You should use legends as part of your designs with a full description of your cabling and network devices.
• There are several ways that you can prepare a network diagram and advice will be provided. The goal is to be able to communicate your design efficiently in a professional manner.
• You need to use appropriate referencing (IEEE or Harvard) for the devices you propose. Various websites sell this type of equipment and there are also the main manufacturers that list their products and specifications.
• Many companies manufacture network products. You can choose any other manufacturer like Cisco,Huawei, Juniper, Ciena, etc

Task 2: Network Implementations and Testing

• You must implement the primary and secondary network designs on a network simulator such as a Cisco Packet tracer) or a network emulator (i.e. GNS3). However, it will be advisable to use the Cisco Packet Tracer 7.3.1 as you have already been practising with this in some of our lab sessions.
• You must produce a detailed test and evaluation plan of the implemented networks, and the results of the testing carried out must be added to the test result section/column in form of screenshots.
• You are also required to produce a short video demo showing some test results of the implemented network functionalities and network services.

Task 3: Network Administrative tasks

• You must provide the detailed configuration for the DHCP server for the primary business site.
• You must provide the detailed configuration of the access control list enabled on the main router.
• The detailed SSH configuration for the main router.
• Screenshot evidence of the Linux server administrative tasks i.e.
  o The 15 network users including the two network administrators.
  o The usernames of the users and passwords.
  o The two groups (primary and secondary group) showing the list of users.
  o The privileged accounts showing members that can run commands as root.
• You must provide a video demo showing all the network administrative tasks being executed. Note: You can use an application that will record your screen while you are carrying out Task 3.

You can use the following format for Task 1 – 3 of the coursework (optional):
Task 1: Network Designs
Section 1. The 3 diagrams
Section 2. Design Description. Justification of how your design fulfills the specifications. For example, redundancy, scalability, security features, cabling, etc.
Section 3. Network hardware including the brief evaluation and/or reflection on your selection of the network hardware backed up by appropriate references (IEEE or Harvard).

Task 2: Implemented Networks on Simulator or Emulator
Section 1. Screen grabs of the implemented networks
Section 2. A comprehensive test plan in tabular format which must include screen grabs of the result of testing and evaluations carried out.
Section 3. Conclusion

Note: The short demo video showing some test results of the implemented network functionalities and network services should be saved in mp 4 format. You must submit this video with the trace files of the implemented
network. Failure to do this will lead to a zero score in this section.

Task 3: Network Administration tasks

• Section 1: The detailed configuration for the DHCP server (You can show the code in a logical manner).
• Section 2: The detailed configuration of the access control list enabled on the main router.
• Section 3: The detailed SSH configuration for the main router.
• Section 4: Screen grabs of the Linux server administrative tasks.

Note: The video demo showing all the network administrative tasks being executed in task 3 should be saved in mp 4 format.

7COM1029 Secure Network Designs,Implementation And Administration Assignment-Hertfordshire University UK.

Further clarifications:
This coursework requires a lot of critical thinking. View this task not just as an assessment activity but as a chance to critically evaluate and reflect on networking technologies and enhance your knowledge interacting with your tutor. The submitted evidence for this task must be your work – plagiarism will be penalised. Please refer to the table below for the marking criteria.

7COM1029 Secure Network Designs,Implementation And Administration Assignment-Hertfordshire University UK.

ORDER This 7COM1029 Secure Network Designs Implementation And Administration Assignment NOW And Get Instant Discount