Working as a network engineer in an IT company

Full Answer Section

Proposed Network Design

Network Topology:

Opens in a new window www.itjones.com

network topology diagram showing the following components:

1. Core Layer:
   • Core Switch: Connects all network segments and servers.
2. Distribution Layer:
   • Department Switches: One switch for each department (HR/Finance, Sales, Admin).
3. Access Layer:
   • Workstation Switches: Connect workstations within each department.
   • Wireless Access Point: Provides wireless access for the Admin department.

Network Segmentation:

• VLANs: Utilize VLANs to logically separate each department into its own broadcast domain. This prevents unauthorized access between departments.
• Firewall: Implement a firewall to control network traffic and protect against external threats.

Server Configuration:

• Web Server: Configure the web server to host the university's website and other web-based applications.
• Email Server: Set up the email server to provide email services to all users.
• DNS Server: Configure the DNS server to resolve domain names to IP addresses.
• File Server: Implement file sharing protocols (e.g., SMB, NFS) to allow authorized users to access shared files.

Security Considerations:

• Firewall Rules: Configure firewall rules to allow only necessary traffic between departments and the internet.
• Access Control Lists (ACLs): Use ACLs to restrict access to specific network resources based on IP address, port number, or other criteria.
• Strong Password Policies: Enforce strong password policies to protect user accounts.
• Regular Security Audits: Conduct regular security audits to identify and address vulnerabilities.
• Intrusion Detection Systems (IDS): Deploy IDS to monitor network traffic for suspicious activity.
• Wireless Security: Implement strong wireless security measures, such as WPA3 encryption and MAC address filtering.

Implementation Steps

1. Network Hardware Installation: Install network devices (switches, routers, access points, servers) and connect them according to the network topology.
2. VLAN Configuration: Configure VLANs on switches to separate departments and prioritize traffic.
3. Server Configuration: Install and configure servers with appropriate operating systems and applications.
4. Firewall Configuration: Configure firewall rules to control network traffic and protect against unauthorized access.
5. Wireless Network Setup: Install and configure wireless access points, ensuring strong security measures.
6. User Access Control: Implement user authentication and authorization mechanisms to control access to network resources.
7. Network Monitoring and Management: Set up network monitoring tools to monitor network performance and troubleshoot issues.

By following these guidelines, Lincoln University College can establish a secure, reliable, and efficient network infrastructure that meets the needs of all departments.

Sample Answer

Designing a Secure Network Infrastructure for Lincoln University College

Understanding the Requirements

Based on the given information, we need to design a network that:

• Segregates departments (HR/Finance, Sales, Admin) into separate network segments.
• Shares specific servers (web, email, DNS, and file server) across all departments.
• Provides wireless access for the Admin department.
• Ensures security and prevents unauthorized access between departments.