1

Phase2NetworkDesignproject

2

Phase1NetworkDesignproject

The requirement is given as below:

University looking for Consultation Company to design the network for Indiana Campus.

The Campus has Internet connection with one ISP.

You have four programs' departments; Engineering, Nursing, IT, and Finance; in addition

to the staffing and the management departments.

Network Diagram

When designing the diagram, some core considerations are scalability and security. To

achieve these goals, it’s recommended to use VLAN segmentation(Basan, 2024).

The graph is created with draw.io.

The diagram has three layers: core layer, distribution layer, and access layer. This

pattern is recommended for large networks(Cisco, 2020). The internet connection is provided by

3

ISP. For security, we should configure a firewall for all the traffic going from the public network to

the internal network, before being handled by the router. Once the traffic reaches the router, it

routes the traffic to corresponding core switches. For simplicity, I only put a single icon to

represent the core switch.

Next, the traffic goes through the distribution layer, implemented by distribution switches

to reach each individual department. Each department has its own access switches that connect

the traffic to the end devices like computers and phones.

Each department is a VLAN segmentation, which has its own subnet, so that each

department can be logically independent from each other.

IP address distribution

Since the college can quickly expand into more departments in future, I think using class

A IP addresses is safer, because it can support the largest number of IP addresses. To

accommodate at least 6 departments, we need to have at least 8 subnets, which is calculated

as 2^(11-8). Hence, if we use 10.0.0.0/11 IP addresses. The block size is 2^(32-11)=2097152,

which means each department has 2097152 addresses, 2097152 - 2 =2097150 addresses

available to use.

the subnet for each department can be configured as:

Engineering: 10.0.0.0/11

Nursing: 10.32.0.0/11

IT: 10.64.0.0/11

Finance: 10.96.0.0/11

Staffing: 10.128.0.0/11

Management: 10.160.0.0/11

VLAN names and related IP subnets

4

VLANname:network ID, range.

Engineering: 10.0.0.0/11, with a range of 10.0.0.1 to 10.31.255.254

Nursing: 10.32.0.0/11, with a range of 10.32.0.1 to 10.63.255.254

IT: 10.64.0.0/11, with a range of 10.64.0.1 to 10.95.255.254

Finance:10.96.0.0/11, with a range of 10.96.0.1 to 10.127.255.254

Staffing: 10.128.0.0/11, with a range of 10.128.0.1 to 10.159.255.254

Management: 10.160.0.0/11, with a range of 10.160.0.1 to 10.191.255.254

Network devices needed

Recommended by public ranking such as (Best network firewalls reviews 2024 | gartner peer

insights), cisco((Campus wired network design options - router-switch.com)), and Netmode,

below are some example devices to use.

1. Firewall:

model: FortiGate 90G Next Generation Firewall (NGFW)

pricing: ~1200

specifications: 8GigabitEthernet(GE)RJ45ports;2flexible10GigabitEthernet(10GE)

RJ45/SFP+sharedmediaports;intrusionprevention,webfiltering,andapplicationcontrol

2. Router

model: Cisco ISR4331-V/K9

pricing: ~4000

specifications: 100Mbps-300Mbps system throughput, 3 WAN/LAN ports, 2 SFP ports,

multi-Core CPU

3. Switches

a. core switch

5

model: Cisco C6807-XL Catalyst 6800 Series Switch Chassis

pricing: ~5000

specifications: 880 Gbps per slot; Rack-mountable 10U; Modular design, redundant hot

swappable fans

b. distribution switch

model: Cisco Catalyst 6807-XL Series Switches with Supervisor Engine 6T

pricing: ~ 1500

specifications: 440 Gbps per slot; optimized for high-density 10 Gigabit Ethernet and

capable of supporting 40 Gigabit Ethernet; N+1 power supply redundancy

c. access switch

model: Cisco Catalyst 3850 WS-C3850-12S Switches

pricing: ~350

specifications: 176 Gbps on 48-port Gigabit Ethernet model; 1000 SVI; forwarding rate

50.5 Mpps

4. WAP

model: Cisco Catalyst 9120AXI-B Wireless Access Point

pricing: ~1000

specifications: 4x4FlexibleDualRadiowith5GHzand2.4GHzortwo5GHzconfiguration,

upto5.38Gbpsdatarate

5. Cables

a. Ethernet Cables: Cat6a

model: Cat6a, length depending on need

pricing: ~40

specifications: 10-Gigabit up to 100m.

6

b. SMF OS2

model: SMF, length depending on need

pricing: ~130 for 500m

specifications: up to 10km at 1310nm wavelength, or up to 40km at 1550nm wavelength.

6. IP Phone

model: Cisco IP Phone 8841

pricing: ~400

specifications: I/O 2x RJ45 Gigabit Ethernet, voice codecs G.711a, G.722, G.729a,

Internet Low Bitrate Codec (iLBC), Internet Speech Audio Codec (iSAC)

Network Servers and Applications needed

1. DNS Server

2. DHCP Server - It’s best practice to configure DHCP Snooping to prevent rogue

DHCP, which acts as a firewall between hosts and trusted DHCP servers.

3. Authentication Server - for students/faculty authentication, authorization, and

accounting (AAA). It’s recommended to deploy redundant authentication servers

to avoid single point failure(Cisco, 2020).

4. There should also be file servers for students and faculties to access storage

files; web servers to access LMS such as moodle and student portal.

For all of the above, for college, I think it’s more cost-efficient and scalable to leverage cloud

services like AWS instead of maintaining its own on-premise devices.

7

For software, colleges should usually employ an enterprise resource planning system(ERP),

that covers everything from academics to students’ finance management to the HR department.

According to Best education ERP software(Research, 2023), some popular ERP systems

include Camu, Teachm, and Ellucian.

References

1. Basan,M.(2024,September13).Vlans:EffectivenetworksegmentationforSecurity.

eSecurityPlanet.https://www.esecurityplanet.com/networks/what-is-a-vlan/

2. BesteducationERPsoftwarein2023|research.com.(n.d.-a).

https://research.com/software/best-education-erp-software

3. Bestnetworkfirewallsreviews2024|gartnerpeerinsights.(n.d.-b).

https://www.gartner.com/reviews/market/network-firewalls

4. Campuswirednetworkdesignoptions-router-switch.com.(n.d.-c).

https://www.router-switch.com/solution/campus-wired-network-design-options.html

5. Designzone-campusLANandWirelessLanSolutionDesignGuide.Cisco.(2024,August

7).

https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Campus/cisco-campus-lan-wla

n-design-guide.html

8