Design a WAN
Develop a plan to set up a wide area network based on the scenario presented in Appendix A. Your plan must include the following:
o An overview of the company and its needs
o A logical network drawing for Acme to depict the recommended WAN
o Recommendations for the type of leased lines the company must choose at each location, how each location connects to headquarters, and whether or not each location must be able to connect with the others
o Recommendations for what type of telecommunications system would work best for Acme: PBX or VoIP
o The IP address scheme, including the range of IP addresses, broadcast addresses, and subnets
o A VLAN to appropriately address Acme’s concerns that departments that are not grouped together are logically connected
o Recommendations for network equipment that must be placed at each location; also consider equipment based on the teleconferencing needs
o Protocols used for the routers at each location
o Recommendations for wireless technology
o Recommendations for securing the network
To design a WAN for Acme, follow these steps:
1. Overview of the company and its needs:
Understand Acme's business requirements, number of locations, required communication between locations, and any specific needs like teleconferencing.
2. Logical network drawing:
Create a network diagram that visually represents the recommended WAN. Include headquarters and branch office locations, connectivity options, and any network equipment.
3. Leased Line Recommendations:
Evaluate the bandwidth requirements and connectivity needs of each location. Determine the appropriate leased line type, such as dedicated T1 or MPLS, for each location. Consider factors like distance, cost, reliability, and required bandwidth.
4. Inter-Location Connectivity:
Decide how each location will connect to headquarters. Options may include point-to-point leased lines, VPN tunnels over the internet, or a combination of both. Determine if each location needs to connect directly to other locations or only to headquarters.
5. Telecommunications System:
Consider whether Acme should use a traditional PBX (Private Branch Exchange) or a VoIP (Voice over IP) system. Evaluate the company's requirements for voice communication, feature set, scalability, and cost. Choose the system that best aligns with Acme's needs.
6. IP Address Scheme:
Design an IP address scheme that provides unique IP addresses to each device in Acme's network. Determine the range of IP addresses, subnet masks, broadcast addresses, and subnets required for different locations and departments.
7. VLAN Configuration:
Create VLANs to logically group departments together, even if they are not physically located in the same area. Determine the VLAN assignments and ensure proper connectivity between VLANs.
8. Network Equipment:
Identify the necessary network equipment, such as routers, switches, and firewalls, for each location. Consider the teleconferencing needs and choose equipment with appropriate capabilities.
9. Router Protocol Recommendations:
Select the appropriate routing protocols for the routers at each location. Consider factors like network size, complexity, and available resources. Commonly used protocols include OSPF (Open Shortest Path First) and BGP (Border Gateway Protocol).
10. Wireless Technology:
Assess the need for wireless connectivity and choose the appropriate wireless technology, such as Wi-Fi or cellular, based on coverage requirements, bandwidth, and security considerations.
11. Network Security Recommendations:
Implement necessary security measures to protect Acme's network. This may include firewalls, intrusion detection systems, encryption, and user authentication. Regularly update and patch network devices and software to mitigate potential security risks.
Remember to regularly monitor and assess the WAN's performance, security, and adaptability to any future requirements or changes in Acme's business.
Overview of the Company and its Needs:
Acme is a multinational company with headquarters in the United States and branch offices in three other countries: Canada, Germany, and China. The company requires a wide area network (WAN) to connect all their locations securely and efficiently. The WAN should support data, voice, and video communication, as well as ensure high availability and reliability.
Logical Network Drawing:
[Please refer to Appendix A for the logical network drawing]
Leased Line Recommendations:
For the United States headquarters, a high-speed fiber optic leased line connection is recommended to provide the necessary bandwidth for communication. This leased line should have a dedicated connection to each branch office.
For the branch offices in Canada, Germany, and China, a combination of leased lines and virtual private networks (VPNs) should be used. A leased line connection should be established between the headquarters and each branch office, as well as between the branch offices in different countries. VPNs can be used to connect the branch offices to each other and to the headquarters.
Telecommunications System Recommendations:
For Acme, a Voice over IP (VoIP) system would work best. VoIP allows for cost-effective and efficient communication over the WAN. It also enables features such as video conferencing and unified communications.
IP Address Scheme:
To ensure efficient and organized IP addressing, a subnetting scheme should be implemented. Each location should be assigned a subnet:
- United States headquarters: 192.168.0.0/24
- Canada branch office: 192.168.1.0/24
- Germany branch office: 192.168.2.0/24
- China branch office: 192.168.3.0/24
VLAN Recommendation:
To address Acme's concern about logically connecting departments that are not grouped together, a VLAN can be implemented. By creating virtual LANs, departments can be logically connected regardless of their physical location. This can be achieved through VLAN tagging and VLAN trunking protocols.
Network Equipment Recommendations:
At each location, the following network equipment should be placed:
- Routers: Each location should have a router to connect to the WAN. High-speed routers capable of handling VPN connections and supporting QoS features are recommended.
- Switches: Layer 2 switches should be deployed at each location to connect devices within the local network. VLAN configuration should be implemented on these switches.
- Teleconferencing Equipment: Depending on the teleconferencing needs, additional equipment such as video conference systems and dedicated multimedia devices may be required.
Protocols for Routers:
For the routers at each location, the following protocols can be recommended:
- OSPF (Open Shortest Path First) or EIGRP (Enhanced Interior Gateway Routing Protocol) for dynamic routing within the WAN.
- BGP (Border Gateway Protocol) for exchanging routing information between different autonomous systems (AS).
Wireless Technology Recommendations:
For wireless connectivity, Wi-Fi Access Points (APs) should be deployed at each location. The APs should support the latest IEEE 802.11 standard for optimal performance and security. Additionally, Guest Wi-Fi access can be implemented to facilitate external visitor access.
Network Security Recommendations:
To secure the network, the following measures should be implemented:
- Firewalls: Each location should have a dedicated firewall to control incoming and outgoing traffic, and perform packet inspection.
- VPNs: Virtual private networks should be set up between the main headquarters and each branch location to encrypt data traffic over the WAN.
- Intrusion Detection and Prevention System (IDPS): Deploy an IDPS to monitor network traffic, detect any malicious activity, and prevent unauthorized access.
- Access Control: Implement role-based access control (RBAC) to regulate access to different network resources based on user roles and responsibilities.
- Regular Security Audits: Conduct regular security audits to identify and address any vulnerabilities and ensure compliance with industry standards and best practices.
Note: Please consult with network engineers and IT professionals for the final implementation of the WAN solution, as the specific requirements and infrastructure of Acme may vary.