Network Infrastructure Design Diagram Assignment | Homework for You
Kamehameha Institute is an organization that provides educational offerings to non-traditional students.
The organization has different offerings depending on the group:
Kamehameha Branded – This offering focuses on the general public and provides services directly to its student.
Co-Branded – This offering provides the same services as the Kamehameha Branded; however, they are resold by a third party and labeled as “…. Kamehameha Strong”
White Label – While the service offering is the same, these services are labeled solely with the third parties’ information.
Due to the security and regulatory requirements as well as the concern of corporate espionage, many security concerns must be addressed.
You have been tasked to design a network infrastructure for three facilities located in Honolulu, Hilo, and Lihue. The design is to be based on the following:
There is a constant connection between the three locations, carrying at least 75 Mbps of data.
Each facility has three floors, rectangular with dimensions of 250 feet by 400 feet.
There need to be 150 network connections on the first and second floor of each building. The data center in each building is located on the third floor and requires 75 network connections. Additionally, the Honolulu location will require additional network connections for failover.
The primary data center is located at the Hilo location.
A failover data center is located at the Lihue facility.
Protection from intrusions should be detailed.
The primary web servers (including primary application and primary database servers) are located at the Lihue location.
Redundant database servers are located at the Hilo location.
All servers must have redundancy.
A plan to verify security and failover measures will be required.
THIS WAS THE FEEDBACK FOR RESUBMISSION:
There was a second part to this assignment that makes up 2 of the 5 grading elements and that’s what really set your grade back. There is also some more detail that you can add into your topology to make it a better solution. Let me know if you have any questions about your resubmission.
1.1.3: Present ideas in a clear, logical order appropriate to the task.: In this element, I’m evaluating the overall presentation of your network topology diagram. Putting myself in the shoes of a client receiving this diagram, I’m trying to answer the question “Does this diagram explain visually my network topology?”
This is a good start, you’ve got a lot of the bones here that make up a good network diagram proposal. For full credit, I’m looking for the devil in the details with your proposal. When I look at a topology I should see each networking device that you intend to use and then some solid information on those networking devices like the hardware models, the port density provided, and anything else that the customer is specifically looking for in their requirements. Rework this adding in that meticulous detail and you’ll be in a good place.
2.2.2: Evaluate sources of information on a topic for relevance and credibility.: In this element, I’m looking to see that you have met the client’s expectation of having three floors at each location and that floors one and two each support 150 connections. I’m looking to see that floor three is clearly identified as the data center for each location and contains 75 connections.
You’ve done a great job breaking out each site and cleanly labeling them but think about how the customer is going to be looking at the diagram. They are wanting to see that you’ve taken the time to accurately describe their network so for full credit here you’ll want to be sure that each of the three floors is represented. Couple of different ways you could do that visually or with text but right now it’s hard to know for sure which elements support which floor. The customer also has really specific port density requirements that they have given you so you’ll want to be sure that the devices you are recommending meet those requirements. Do you want to go with a single modular switch or does a more traditional tiered campus network make since at each site. Knowing that the third floor is a datacenter how should that play into what you are recommending? Take some time to go over the LabSim sections on network design and maybe do some independent research on campus network design to get a good idea of how you might want to approach this. In your resubmission be sure that I can see each floor of each location and that the port density is easy to see and understand.
10.1.1: Identify the problem to be solved.: In this element I’m looking to see that you have accommodated the client’s unique design requests for each site in the topology.
1. Honolulu should include a primary datacenter.
2. Hilo should include production database servers.
3. Lihue should have failover infrastructure with additional connections.
It looks like you are representing a majority of these specific requirements but it could be a little more obvious in your topology drawing. Think about if you needed to present this in your very first meeting with the customer and all you are able to go off of is this diagram. When the customer asks: “Where are the enterprise web servers at in your solution?” you’ll want to be able to point to a specific object in Honolulu per their requirements. Finding the right amount of detail in these topology diagrams takes some practice but at a minimum, you want to be sure that if a customer has taken the time to describe it as a requirements that you show it on the diagram. You’ve done well identifying the Lihue failover site and it’s fine to represent it as a separate location but specifically look into how you want to represent your databases in Hilo and web servers in Honolulu.
10.1.2: Gather project requirements to meet stakeholder needs.: In this grading element, I want to see that the client’s requirement of 75 Mbps throughput to the internet is met. I am also looking to see how well defined the WAN solutions are in your proposed topology.
You’ve got a good platform to build on in your resubmission for this section because you’ve got your WAN links identified. For full credit, you know that the customer has given you a requirement that the internet connections should be a minimum of 75Mbps bandwidth so you’ll want to be sure that you chose a technology that supports this bandwidth and mark the specific bandwidth you are recommending on the topology diagram. You also know that the customer wants failover in Lihue so you’ll have some amount of replication traffic. As a network engineer, you don’t need to implement replication but when a customer has these kinds of requirements it should be an indicator that you need to somehow provide for a secure WAN technology. You can do secure WAN in one of two ways through IPSEC tunnels or through private WAN technologies. Do a little exploration on WAN technologies and revise your solution to account for these requirements it’s completely fine to purpose both a public internet WAN and a private WAN going to different areas of the network.
10.1.3: Define the specifications of required technologies.: In this element, I’m looking to see that you have corresponding network address information for all areas of your proposed topology. At a minimum, you should account for Management, the Production Endpoints, the Server Assets, and WAN/VPN/Internet.
I think you might have missed completing or attaching this part of the assignment. You should include a subnet chart that details the addresses you want to use in your solution. Take a look at the assignment instructions for an example. Let me know if you have any questions on this.
13.1.1: Create documentation appropriate to the stakeholder.: In this element, I’m reviewing your addressing scheme to ensure that it is technically accurate and that you have provided the correct ID, range, mask, CIDR, and broadcast for each subnet. I’m also reviewing your solution for how reasonable it is to ensure that you haven’t over or under-allocated addresses.
Same as the above element it looks like you left this part out of your submission. Let me know if you need any help or have any questions.
13.2.1: Evaluate vendor recommendations in the context of organization requirements.: In this element, I’m evaluating the redundancy, failover provisions, and security provided by your solution. As the customer has requested that failover be provided to Lihue and general redundancy of critical assets I’m aiming to identify that through your diagram. The topology diagram should include a firewall, an intrusion prevention system, and VLAN segregation of critical assets. Internet-facing assets should be in a DMZ to minimize the risks to internal clients.
You have a firewall object at each location which is a great start. Most importantly here I’m looking for DMZ and VLAN configurations to be shown visually on your topology. How do you want to isolate your end-users at layer two with VLANs? You know based on the requirements that the customer has a data center and user population at each location so a single VLAN is out of the question but put some thought into how you want to break everything apart at layer two. For the DMZ I’m looking to understand how internet-facing assets in the datacenter (like the Honolulu web servers) are situated behind your firewall. Within your campus design, I’m interested to see how you build out redundancy between your networking devices. This starts by showing how these devices interconnect and then work to eliminate single points of failure. Think about your client and their mission. Having a desktop go offline from failure isn’t a big deal but a whole floor or a whole building is probably unacceptable. Where can you build redundancy into your campus with additional links or devices to maintain a reasonable state of redundancy?
I used Draw.io for my diagram. Let me know what type of file you want me to upload, for now, I just did .pdf.