Project for Information Security Course: Designing The Topology part 2

16.10.2018 22:32

Before we’re starting to actually even do anything, I have been thinking about the network’s core structure. I want to separate every department, but is it necessary to give every segment it’s own router? It seems to be costly, a lot of work to configure and maintain. What if we just put two layer 3 switches in middle of everything?

So our new core would look something like this. Both L3switches has Gigabit connections between each other and between L2switches. Edge router will be connected to ISP with serial WAN connection.

Much less configuring and maintenance. Keeping it simple.

Having two connections between every core device we can provide load balancing. There will not be a bottleneck and there will be an alternative path if one fails. There is only 2 routing Ethernet ports in Routers in Packet Tracer, so we cannot connect redundant connections between L3switches and the edge router.

Below is updated picture of the topology with updated addresses.

About our Research team’s VLAN and WLAN segment. Because our primary stress is not to implement a difficult and complex topology, but to focus on the security aspect, we are going to work on those lastly if we have enough time. Our next goal is to connect each device with each other and to the “Internet” with their static or dynamic IP address. After working DHCP server and Internet simulation, we are going to focus on getting some security such as NAT, ACLs and getting known with Cisco ASA-device.

Leave a Reply

Your email address will not be published.