You are on page 1of 85

NETWORK DESIGN PROJECT

SUNNYSLOPE ELEMENTARY SCHOOL


RADD NETWORKING, INC.

RANDY CROCKETT - ASH RAND - DIRK FRETZ - DANIEL CURTIS

Table of Contents
ACKNOWLEDGEMENTS.................................................................................................1 PRESENTATION OVERVIEW..........................................................................................2 WASHINGTON ELEMENTARY SCHOOL DISTRICT WIDE AREA NETWORK............4 WASHINGTON ELEMENTARY SCHOOL DISTRICT IP ADDRESSES................................................................................................................7 DISTRICT & SCHOOL HARDWARE & SOFTWARE..........................................................................................12 SUNNYSLOPE ELEMENTARY......................................................................................23 CAMPUS WIRING LAYOUT...........................................................................................23 WAN/LAN SECURITY ....................................................................................................34 ADDITIONAL NETWORK PROJECT FACTORS..........................................................43 PILOT NETWORK...........................................................................................................56 APPENDIX A DISTRICT & SCHOOL COMPUTERS..................................................................................................................60 APPENDIX B ROUTER & SWITCH CONFIGURATIONS........................................................................................................74 BIBLIOGRAPHY.............................................................................................................79

WESD Network Design Project Proposal

RADD Networking, Inc.

Acknowledgements
Professor Gulledge
Guidance Throughout the Semester

Professor Sherwood Professor Bruyn


Insight into Linux Program

Technical Writing and Public Speech

Cisco Networking Academy


Training Materials Provided

DeVry University

Equipment & Resources to Display Pilot Network

-1-

WESD Network Design Project Proposal

RADD Networking, Inc.

Presentation Overview
Sunnyslope Elementary Stats WAN Design IP Addressing Hardware/Software LAN Design Security & Network Management Additional Network Project Factors Summary

-2-

WESD Network Design Project Proposal

RADD Networking, Inc.

1. RFP Requirements
1.1 Sunnyslope Elementary Stats/User Counts
Sunnyslope Elementary is a Pre-K through 6th Grade School that has a current enrollment of 845 students. The Washington Elementary School District (WESD) RFP calls for 250 Curriculum computers and 75 Administration computers. Layer 1 wiring run needs per room are the following: must accommodate up to 25 computers, 3 runs for up to 24 Curriculum computers, 1 run for the Administration computer.

1.2 WAN Design


The WESD WAN will be a two-layer hierarchical model with three regional hubs: District Office/Data Center, Service Center, Shaw Butte Elementary School. Internet access is to be provided by the District Office/Data Center via a Frame Relay WAN link.

1.3 IP Addressing
An IP addressing scheme must be created for all hosts, servers, and network interconnection devices. The addresses can be Class A, B, or C with the appropriate subnetting. Administrative computers will have static addresses and the Curriculum computers will use Dynamic Host Configuration Protocol (DHCP).

1.4 Hardware/Software
Hardware and software must provide optimal communication and security throughout the network. The devices must also meet the user count requirements and allow for redundancy.

1.5 LAN Design


The LAN must support at least Ethernet 10BaseT, 100BaseTX, and 100BaseFX speeds. An MDF and multiple IDFs must be established at the school. The LAN must have two segments: Curriculum and Administration.

1.6 Security & Network Management


A dual firewall implementation must be established at the core level for all Internet exposed applications residing on the public backbone. The Administration network will be able to access the Curriculum network, but the Curriculum network must not be permitted to access the Administration network. This can be accomplished through the use of ACLs and/or VLANs. A security policy must be in place and anti-virus software must be addressed.

1.7 Additional Network Factors


A contingency plan must be created and the network must be tested to prove it will be adequate. A Gantt chart is required to illustrate how the plan will be implemented. The overall cost of the network must be submitted in the proposal.

1.8 Summary
The team must demonstrate a pilot network to prove its skills and present its proposal before a technical committee in Power Point form. -3-

Washington Elementary School District Wide Area Network


11 Schools / Hub

3 Regional Hubs

33 Schools Total

2.

WESD Network Design Project Proposal

RADD Networking, Inc.

3. The WESD WAN


The WESD WAN will consist of three regional hubs. Each hub will connect to 11 schools. There are a total of 33 schools in the Washington Elementary School District. Internet access will come from the District Office/Data Center across T1 lines out to its 11 schools and to the other two hubs. WAN Implementation

The District Office/Data Center has 8 T1s coming in from the other two hubs. It also has 11 T1s coming in from the schools (one T1 from each school) and one T1 for Internet connectivity. It must handle a total of 20 T1 lines. The Sunnyslope C.O. and Greenway C.O. hubs must support a total of 19 T1 lines (8-from the other hubs and 11-from their schools).

-5-

WESD Network Design Project Proposal

RADD Networking, Inc.

3.1 Internet Connectivity

The Internet will come in on a T1 Frame Relay line through our Pix 535 firewall to gain access to the Ethernet PSTN Public Backbone. The Public Backbone will consist of a Master DNS server, a Master E-mail server, and an Apache Web server. The router at the District Office/Data Center will have ACLs and an Intrusion Detection System running on it to filter out any unwanted incoming Internet traffic. The area between the router and firewall is considered the Demilitarized Zone. WESD will have an Intranet Services Backbone that will consist of a Backup server, Proxy/Cache/Content server for content filtering, Database server, E-mail server, Library server, DNS server, and PDC/Virus server. Each of the schools will gain Internet access through their individual hubs. Sunnyslope Elementary is linked to the District Office/Data Center. Another interesting note is that the Community School (which is in a remote location) will have Internet access via Integrated Services Digital Network (ISDN), because it only requires part-time connectivity to the district.

-6-

Washington Elementary School District IP Addresses


Address Class 1 Octet Bit Pattern
st

1st Octet Decimal Range 8-bits/Octet 27 20 1-126

Network & Host ID Default N=Networ Subnet Mask k H= Host

Number of Networks 126 = (27 2)

Hosts per Network 16,777,214 = (224 2) N.8.8.8 H = 24-bits 65,534 = (216 2) N.N.8.8 H = 16-bits 254 = (28 2) N.N.N.8 H = 8-bits

0 = 27 0|0000001-0|1111110 128-191

N.H.H.H

255.0.0.0

N = 0| 7-bits 7.H.H.H = 7 bits 16,382 = (214 2)

10 = 27 26 10|000000-10|111111 192-223

N.N.H.H

255.255.0.0

N = 10| 6-bits.8-bits 6.8.H.H = 14 bits 2,097,150 = (221 2)

110 = 27 26 25 110|00000-110|11111

N.N.N.H

255.255.255. 0

N = 110| 5-bits.8-bits.8-bits 5.8.8.H = 21 bits

WESD Network Design Project Proposal

RADD Networking, Inc.

4. IP Addressing Scheme
We have chosen to use a Class-A private address for WESDs IP addressing. This will allow WESD to be unseen by the outside world. Each school will require at least 5 network addresses that will be subnetted to provide plenty of room for growth. We will borrow 8 bits from the host section of the address to create a total of 254 subnets with 65,534 hosts per subnet.
Class A Private Address Range = 10.0.0.0 10.255.255.255 WESD Primary Network Address = 10.0.0.0 = N.H.H.H 24 Host bits = 224 = (16,777,216 Hosts) Less 2 (Network # & Network BC Address) = 16,777,214 Hosts 8 bits borrowed from Primary Network Address to make Subnetwork Addresses N.H.H.H N.SN.H.H 8 Subnetwork bits 28 = 256 Subnetworks Less 2 (Network # & Network BC Address) = 254 Subnetworks Subnetwork Address Range = 10.1.0.0 10.254.0.0/16 (255.255.0.0) 16 Host bits per Subnetwork 216 = 65,536 hosts Less 2 (Subnetwork # & Subnetwork BC Address) = 65,534 Hosts 33 Schools & 3 Hubs = 36 Locations needing network addresses 254 possible Subnetworks / 36 locations = 7 Subnetworks per location

4.1 IP Addressing Scheme Summarized

Class A Private Address 8 Borrowed Bits 254 Subnets 65,534 Hosts Per Subnet Subnet Mask 255.255.0.0 WESD Network IP Address 10.0.0.0 Added Security Due to Private Address -8-

WESD Network Design Project Proposal

RADD Networking, Inc.

Ability to Support Up to 7 Subnets / School

-9-

WESD Network Design Project Proposal

RADD Networking, Inc.

4.2 IP Addresses for Hubs & Schools


As the charts below indicate, we have allocated 5 subnets for each school and have included the available IP host address ranges.
Phoenix N.W. C.O. Phoenix N.W. C.O. Data Center - Service Center Data Center - Service Center Desert Slope Desert Slope Sunnyslope Sunnyslope Mountain View Mountain View Road Runner Road Runner Washington Washington Lake View Lake View John Jacobs John Jacobs Iron Wood Iron Wood Desert Foothills Desert Foothills Chaparral Chaparral Cholla Cholla
Sunnyslope C.O. Sunnyslope C.O. Shaw Butte School Shaw Butte School Richard E. Miller Richard E. Miller Royal Palm Royal Palm Alta Vista Alta Vista Cactus Wren Cactus Wren Manzanita Manzanita Maryland Maryland Ocotillo Ocotillo Orangewood Orangewood Palo Verde Palo Verde Arroyo Arroyo * Community School * Community School Greenway C.O. Greenway C.O. Service Center Service Center Sunset Sunset Acacia Acacia Mountain Sky Mountain Sky Tumbleweed Tumbleweed Sweetwater Sweetwater Sunburst Sunburst Sahuaro Sahuaro Blue Sky Blue Sky Moon Mountain Moon Mountain Lookout Mountain Lookout Mountain Abraham Lincoln Abraham Lincoln

Subnet # Subnet # 1-5 1-5 6 - 10 6 - 10 11 - 15 11 - 15 16 - 20 16 - 20 21 - 25 21 - 25 26 - 30 26 - 30 31 - 35 31 - 35 36 - 40 36 - 40 41 - 45 41 - 45 46 - 50 46 - 50 51 - 55 51 - 55 56 - 60 56 - 60

Subnet Addresses Subnet Addresses 10.1.0.0 - 10.5.0.0/16 10.1.0.0 - 10.5.0.0/16 10.6.0.0 - 10.10.0.0/16 10.6.0.0 - 10.10.0.0/16 10.11.0.0 - 10.15.0.0/16 10.11.0.0 - 10.15.0.0/16 10.16.0.0 - 10.20.0.0/16 10.16.0.0 - 10.20.0.0/16 10.21.0.0 - 10.25.0.0/16 10.21.0.0 - 10.25.0.0/16 10.26.0.0 - 10.30.0.0/16 10.26.0.0 - 10.30.0.0/16 10.31.0.0 - 10.35.0.0/16 10.31.0.0 - 10.35.0.0/16 10.36.0.0 - 10.40.0.0/16 10.36.0.0 - 10.40.0.0/16 10.41.0.0 - 10.45.0.0/16 10.41.0.0 - 10.45.0.0/16 10.46.0.0 - 10.50.0.0/16 10.46.0.0 - 10.50.0.0/16 10.51.0.0 - 10.55.0.0/16 10.51.0.0 - 10.55.0.0/16 10.56.0.0 - 10.60.0.0/16 10.56.0.0 - 10.60.0.0/16

Subnet # Subnet Addresses Subnet # Subnet Addresses 61 - 65 10.61.0.0 - 10.65.0.0/16 61 - 65 10.61.0.0 - 10.65.0.0/16 66 - 70 10.66.0.0 - 10.70.0.0/16 66 - 70 10.66.0.0 - 10.70.0.0/16 71 - 75 10.71.0.0 - 10.75.0.0/16 71 - 75 10.71.0.0 - 10.75.0.0/16 76 - 80 10.76.0.0 - 10.80.0.0/16 76 - 80 10.76.0.0 - 10.80.0.0/16 81 - 85 10.81.0.0 - 10.85.0.0/16 81 - 85 10.81.0.0 - 10.85.0.0/16 86 - 90 10.86.0.0 - 10.90.0.0/16 86 - 90 10.86.0.0 - 10.90.0.0/16 91 - 95 10.91.0.0 - 10.95.0.0/16 91 - 95 10.91.0.0 - 10.95.0.0/16 96 - 100 10.96.0.0 - 10.100.0.0/16 96 - 100 10.96.0.0 - 10.100.0.0/16 101 - 105 10.101.0.0 - 10.105.0.0/16 101 - 105 10.101.0.0 - 10.105.0.0/16 106 - 110 10.106.0.0 - 10.110.0.0/16 106 - 110 10.106.0.0 - 10.110.0.0/16 111 - 115 10.111.0.0 - 10.115.0.0/16 111 - 115 10.111.0.0 - 10.115.0.0/16 116 - 120 10.116.0.0 - 10.120.0.0/16 116 - 120 10.116.0.0 - 10.120.0.0/16 Subnet # Subnet Addresses Subnet # Subnet Addresses 121 - 125 10.121.0.0 - 10.125.0.0/16 121 - 125 10.121.0.0 - 10.125.0.0/16 126 - 130 10.126.0.0 - 10.130.0.0/16 126 - 130 10.126.0.0 - 10.130.0.0/16 131 - 135 10.131.0.0 - 10.135.0.0/16 131 - 135 10.131.0.0 - 10.135.0.0/16 136 - 140 10.136.0.0 - 10.140.0.0/16 136 - 140 10.136.0.0 - 10.140.0.0/16 141 - 145 10.141.0.0 - 10.145.0.0/16 141 - 145 10.141.0.0 - 10.145.0.0/16 146 - 150 10.146.0.0 - 10.150.0.0/16 146 - 150 10.146.0.0 - 10.150.0.0/16 151 - 155 10.151.0.0 - 10.155.0.0/16 151 - 155 10.151.0.0 - 10.155.0.0/16 156 - 160 10.156.0.0 - 10.160.0.0/16 156 - 160 10.156.0.0 - 10.160.0.0/16 161 - 165 10.161.0.0 - 10.165.0.0/16 161 - 165 10.161.0.0 - 10.165.0.0/16 166 - 170 10.166.0.0 - 10.170.0.0/16 166 - 170 10.166.0.0 - 10.170.0.0/16 171 - 175 10.171.0.0 - 10.175.0.0/16 171 - 175 10.171.0.0 - 10.175.0.0/16 176 - 180 10.176.0.0 - 10.180.0.0/16 176 - 180 10.176.0.0 - 10.180.0.0/16

- 10 -

WESD Network Design Project Proposal

RADD Networking, Inc.

4.3 Sunnyslope Network IP Addresses


At Sunnyslope Elementary, we have designated the 10.6.0.0 subnet for the Curriculum network, the 10.7.0.0 subnet for the Administration network, and the 10.8.0.0 subnet for the cluster heartbeat. The networks security will be increased by adding ACLs and VLANs, which will be covered in upcoming sections of this document. Each IP address for the Curriculum will be assigned dynamically through the use of a Dynamic Host Configuration Protocol (DHCP) server. Since the students will not always be using the same computer, DHCP allows for ease of mobility. The Administrative addresses will be assigned statically due to the fact that their computers are stationary. By assigning the admin IP address statically, we can cut down on overhead for the router.

4.4 Sunnyslope Network IP Addresses Summarized


Curriculum, Admin, and Cluster Heartbeat separated by Subnets, VLANs, & ACLs. Sunnyslope Subnet Range Curriculum Subnet Administration Subnet Cluster Heartbeat subnet Curriculum Addresses Administrative Addresses Cluster Heartbeat Address 10.6.0.0 10.10.0.0 10.6.0.0 10.7.0.0 10.8.0.0 DHCP Static Static

- 11 -

District & School Hardware & Software

WESD Network Design Project Proposal

RADD Networking, Inc.

5. Why Choose RADD?


RADD Networking hasnt designed an ordinary network for you. Instead, we have chosen hardware and software to create a very robust, advanced, highly scaleable and available network environment. This is what makes RADD Networking, Inc. the company of choice for all your network implementation needs.

5.1 WAN Internet Security


We will be creating a dual firewall implementation, which will establish a demilitarized zone (DMZ) to allow traffic to access our public servers, but it block the external traffic from entering our private network. Our firewall of choice is the Cisco PIX 535. This firewall performs many important functions. It is an Enterprise-Class security firewall. It has 1.7 Gbps of firewall throughput and allows for 500,000 simultaneous sessions. This high simultaneous session number is important because Internet Explorer tends to open multiple sessions per web page. Not only will the PIX 535 firewall handle all inbound traffic for our public servers, it will also handle all outbound traffic for faculty and students at all schools and regional hubs. Other specs include: 1-GHz Intel Pentium III Processor, 512MB or 1GB of SDRAM, 16 MB of Flash memory, 256 KB level 2 at 1-GHz, two 64-bit/66MHz PCIs, and one 32-bit/33-MHz PCI.

Cisco PIX 535

Enterprise-Class Security 1.7 Gbps Firewall Throughput 500,000 Simultaneous Sessions Internet Explorer can have multiple sessions open per web page

1-GHz Intel Pentium III Processor 512 MB or 1 GB of SDRAM 16 MB Flash memory 256 KB level 2 at 1-GHz System buses: Two 64-bit, 66 MHz PCI, one 32-bit, 33-MHz PCI

- 13 -

WESD Network Design Project Proposal

RADD Networking, Inc.

5.2 Switches
5.2.1 Cisco Catalyst 3750G-12S At Sunnyslope Elementary, weve chosen to use a Cisco Catalyst 3750G-12S switch for the LAN backbone. This will connect all of the IDFs to the MDFs via fiber optic cable. The 3750 switch contains enterprise-class intelligent services. It will support ACLs, VLANs, and it operates at both layers 2 and 3. It allows for full dynamic IP routing, has a 32-Gbps high-speed stacking bus, and will support voice over IP.

Cisco Catalyst 3750G-12S 12 Gigabit Ethernet SFP Ports

5.2.2 Cisco Catalyst 2950G-24TS-E We will place at least one Cisco Catalyst 2950G-24TS switch to support old 10Megabit and newer 1-Gigabit devices at the access layer. We feel that it is a wise decision to run Gigabit to the workstation. Current technology trends are leaning towards a Gigabit workstation standard. As technology improves and hardware can support true Gigabit throughput, Sunnyslope Elementary will not need to purchase any new switches, which will save thousands of dollars. The 2970 switch provides 24 Ethernet 10/100/1000 M-bps ports and four SPF-based Gigabit Ethernet ports. We chose the 4-port SPF model for its ability to provide expandability and allow for future growth. The 2970 will also support ACLs, VLANs, and operate at both layers 2 and 3. Voice over IP is another feature of this switch.

Cisco Catalyst 2970G-24TS-E 24 Ethernet 10/100/1000 ports and 4 (SFP)

- 14 -

WESD Network Design Project Proposal

RADD Networking, Inc.

- 15 -

WESD Network Design Project Proposal

RADD Networking, Inc.

5.3 Routers (Layer 3)


5.3.1 Cisco Catalyst 6506 The Cisco Catalyst 6506 is an enterprise level switch that will perform all of the WAN Layer 3 routing needs. It will also include our district level switching capabilities for high-end district level services. The 6506 switch is a premier modular multilayer switch that delivers secure converged services at the core layer. It is a key component of the dual firewall implementation, blocking any incoming connections from the Internet and incorporates the Intrusion Detection System (IDS). It will support the 20 T-1 lines as required by the RFP and allow for future growth.

Cisco Catalyst 6506

5.3.2 LAN Router After considering Sunnyslope Elementarys WAN needs, we chose the Cisco 2621XM router. The layer 3 switches will perform all of the local routing, leaving only WAN traffic and Internet traffic to traverse the router, which is currently limited to 1.45-Mbps. The 2621 router performs at 30-Mbps and contains 32 to 128 MB of DRAM. It also has 16 to 48 MB of flash memory. There are two FastEthernet ports to allow LAN connectivity. It will include a T1 interface port for WAN connectivity.

Cisco 2621XM

- 16 -

WESD Network Design Project Proposal

RADD Networking, Inc.

- 17 -

WESD Network Design Project Proposal

RADD Networking, Inc.

6. Servers
For security reasons and cost savings, we will be using a large amount of Linux based servers. Linux is a free Operating System and very few viruses are written to run on Linux. It is also easy to maintain with highly secure remote administration software such as SSH. For detailed server specifications refer to Appendix A.

6.1 Workgroup Servers

Dell PowerEdge 2650

Up to 2 Intel Xeon Processors Processor Speeds: 2GHz to 3.06GHz

Processor Features NetBurst Micro-Architecture Hyper-Threading Technology

256MB 12GB 200MHz DDR SDRAM Hard Drive Bays for 5 X 1 Hot-Plug SCSI Drives

D District Services T TFTP F File Server P Print Server D DNS Server Database Cluster servers (3) s Application Cluster Server (3)

School Services
F File Server P Print Server D DNS Server S Security Server (PDC) Application S Server (7) Cluster

T TFTP Email S Server Cash S Server Virus Server S

- 18 -

WESD Network Design Project Proposal

RADD Networking, Inc.

6.2 Enterprise Servers

Dell PowerEdge 6650

Up to 4 Intel Xeon Processors Processor Speeds: 2, 2.5, & 2.8 GHz

Processor Features NetBurst Micro-Architecture Hyper-Threading Technology

512MB 32GB 200MHz DDR SDRAM Up to 2MB Built-in L3 Cache Hard Drive Bays for 5 X 1 Hot-Plug SCSI Drives

D District Servers

B Backup Virus Server

W Web (Site) Server Security Server (PDC) (PDC) (DB) (DB)

E Email Server Library Server

- 19 -

WESD Network Design Project Proposal

RADD Networking, Inc.

7. Proxy/Cache/Content Filtering
To protect the faculty and students from inappropriate Internet content, increase productivity, reduce legal liability, and conserve WAN bandwidth, we will be using a Proxy/Cache/Content Filtering server at each school. This server will be running Red Hat Linux as the Operating System, Squid as the Proxy server and Websense as the content filtering software. This server will conserve network bandwidth by storing the users Internet content and by delivering it to other users requesting the same information. This will eliminate redundant Internet requests from traversing the WAN and the Internet.

7.1 Red Hat Linux


Server Operating System Secondary DNS

7.2 Squid
Proxy Server Software Conserve Bandwidth

7.3 Websense Enterprise V5


Filters Inappropriate Content

- 20 -

WESD Network Design Project Proposal

RADD Networking, Inc.

8. Cluster Servers
We recommend using a cluster server environment to provide terminal and data base services to the users. These clusters of servers will give the appearance of single systems to the students and faculty. The servers will communicate with each other through a CAT5e Gigabit Ethernet connection called a heartbeat. These heartbeats will be completely isolated from the rest of the network by separate subnets and separate VLANs. These connections allow computers to use failover and load balancing, which is not possible with a stand-alone computer.

8.1 High Availability & Load Balancing


These clusters are designed to avoid a single point-of-failure. Applications can be distributed over more than one computer, achieving a degree of parallelism and failure recovery, and providing more availability.

8.2 Scalability
This clustered server environment is highly scalable because it is easy to increase its computing power by adding more processors or servers to the cluster.

8.3 Ease of Administration


This cluster will appear as a single-system to end users and the network, while providing a single point-of-control to administrators, making it easier to manage. It also allows network administrators to perform maintenance during normal working hours, eliminating evening and weekend work.

8.4 Inexpensive Hardware


In a clustered environment, less expensive servers can be purchased due to its redundancy and load balancing.

- 21 -

WESD Network Design Project Proposal

RADD Networking, Inc.

9. Terminal Servers
There are many advantages to implementing Windows 2003 terminal services. These advantages include high availability of information, greater ease of administration, less expensive workstation hardware requirements, and Linux Operating Systems at the workstation level.

9.1 High Availability of Information


The faculty and students can log in from anywhere on the network and have access to their personal files and settings.

9.2 Ease of Administration


The network administrator can log in to an open session to fix a problem or show the user how to correct the problem in the event of its reoccurrence.

9.3 Inexpensive Workstation Hardware


The terminal server handles all processing of information and applications. The only work remaining for the workstation is the processing of keystrokes and mouse clicks.

9.4 Linux Workstations


Using rdesktop on a Linux workstation, to connect to a Windows 2003 terminal server, Sunnyslope Elementary can cut costs by not having to purchase Windows operating systems for the workstations.

- 22 -

Sunnyslope Elementary Campus Wiring Layout

WESD Network Design Project Proposal

RADD Networking, Inc.

10. Sunnyslope Campus Network/Wiring Diagram


In order to get an idea as to where the MDFs and IDFs for Sunnyslope Elementary were to be located, several rough campus diagrams were used as a reference. This diagram contained the locations of the various buildings, the classrooms within them, as well as other locations of importance such as the administrative offices and the POP. Also on this diagram was a legend giving the desired media termination points, ceiling conditions and heights, and information concerning an existing media conduit system that runs through out most of the school. From this diagram, we created a Microsoft Visio replica in order to have a more accurate means of judging the amount of distance between MDFs and IDFs and IDFs and individual classrooms. These distances are important because the CAT5e cable being used between the IDF and the classroom workstations has a maximum distance capability of 100 meters = 328 ft. The multi-mode fiber optic cable being used between the MDF and the IDFs has a maximum distance capability of 220 meters = 722 ft.

- 24 -

WESD Network Design Project Proposal

RADD Networking, Inc.

- 25 -

WESD Network Design Project Proposal

RADD Networking, Inc.

10.1 Sunnyslope Campus Cutsheet


After several revisions, all of the rough campus diagrams were consolidated into a master campus cutsheet. The campus has been divided into seven color coded regions with corresponding labels to the left of the diagram. Each label gives information as to the number of rooms in a region, the number of CAT5e cable drops per room, and the total number of drops per region. The label that is the exception to the others is the one in the upper left corner of the cutsheet listing the number of IDFs and the sole MDF.

The additions to the cutsheet legend include indicators for the CAT5e cable from the IDFs to the classrooms, the multi-mode fiber optic cable from the MDF to the IDFs, and the single drop locations in the administrative offices of Sunnyslope Elementary. Also on the legend are the locations of cluster server placements. Each color coded region has a corresponding cluster server to provide workgroup services to that location. Based on the scale of the cutsheet:

- 26 -

WESD Network Design Project Proposal 100 m = 4.86 in. 100 m / 4.86 in. = 20.62 m / in.

RADD Networking, Inc. 1 in. = 20.62 m

- 27 -

WESD Network Design Project Proposal

RADD Networking, Inc.

10.2 Distributed Computing


By using the Cisco Systems switching technology that we are advocating, it will be possible to provide Gigabit LAN speeds to the access layer. The benefits of this network speed can be augmented through the implementation of a Terminal Server Cluster environment. Using the Dell PowerEdge 2650 servers, and Microsofts Windows 2003 Server operating system, a distributed computing environment can be created throughout the school. The benefit of a distributed computing environment is that it conserves bandwidth and system resources per location serviced by a cluster server.

Figure 1 - Cisco 1000BASE-T SFP (CAT5e)

With a distributed computing environment via Terminal Server Clusters, teachers and students can have campus wide network access. However, this does not mean teachers and students can establish multiple network sessions. In the event that a teacher or student establishes a network session in one part of the school, and then tries to establish another network session in a different part of the school, the newly accessed cluster server for that region will verify if the requested session is new or already established. 1. A teacher or student initially logged 2. The teacher or student tries to onto a workstation serviced by a cluster establish another network session on a server in IDF1. workstation serviced by a cluster server in IDF4.

3. The cluster server in IDF4 asks the Master Cluster Server in the MDF if there is a session already open for the teacher or student. Is there a session already open for this person? If No, a new network session is established on a workstation serviced by the cluster server in IDF4. If Yes, the requested session is rerouted to the cluster server in the IDF that originally initiated the network session. In this case, the cluster server that initiated the original network session would be the cluster server in IDF1.

As mentioned earlier, a distributed computing environment via Terminal Server Clusters can conserve bandwidth and system resources per region serviced by a cluster server. The conservation of bandwidth and system resources occurs when a cluster server redirects a second request for network access back to the cluster

- 28 -

WESD Network Design Project Proposal

RADD Networking, Inc.

server that fulfilled the first request. Therefore, the redirecting cluster server ensures that bandwidth and system resources are preserved for its region of service and not wasted by providing them to existing sessions established by other IDF cluster servers.

- 29 -

WESD Network Design Project Proposal

RADD Networking, Inc.

10.3 Cable Measurement Method


By using the scale of the cutsheet: 100 m = 4.86 in. 100 m / 4.86 in. = 20.62 m / in. 1 in. = 20.62 m

and clicking on the various lengths of CAT5e and multi-mode fiber in Microsoft Visio, the CAT5e and multi-mode fiber quantities for wiring the IDFs to the workstations and the MDF to the IDFs were determined.

- 30 -

WESD Network Design Project Proposal

RADD Networking, Inc.

10.4 CAT5e Cable Measurements


After converting the inch measurements to meter measurements in Microsoft Excel, the amount of CAT5e cable for each location in a region is then added up to determine the estimated total amount of CAT5e cable for that region.
Blue Locations (1 - 5) Location 1 Location 2 Location 3 Location 4 Location 5 Green Locations (1 - 3) Location 1 Location 2 Location 3 Copper Locations (1 - 10) Location 1 Location 2 Location 3 Location 4 Location 5 Location 6 Location 7 Location 8 Location 9 Location 10 IDF1 to Drop Point (in.) 0.90 1.36 1.80 2.24 2.68 IDF2 to Drop Point (in.) 3.06 0.25 1.39 IDF3 to Drop Point (in.) 3.23 2.78 1.94 1.48 1.06 0.62 0.20 0.48 1.15 1.35 MDF to Drop Point (in.) 0.54 0.85 1.82 1.42 2.25 0.85 0.84 1.51 IDF1 to Drop Point (m) 19 28 37 46 55 IDF2 to Drop Point (m) 63 5 29 IDF3 to Drop Point (m) 67 57 40 31 22 13 4 10 24 28 MDF to Drop Point (m) 11 17 38 29 46 17 17 31 Cable Amount for 4 Drops / Room (m) 75 112 149 185 221 Cable Amount for 4 Drops / Room (m) 252 20 115 Cable Amount for 4 Drops / Room (m) 266 229 160 122 88 51 16 39 95 112 Cable Amount for Single / Multiple Drops (m) 11 17 38 146 139 35 69 124 Estimated Total CAT5e UTP (m)

741

Estimated Total CAT5e UTP (m) 387

Estimated Total CAT5e UTP (m)

1,179

Purple Locations (1 - 21) Principal (S) Assistant Principal (S) Nurse (S) Secretaries (5 Drops) Servers (9 Drops) Network Printers (2 Drops) Location 1 (4 Drops) Location 2 (4 Drops)

Estimated Total CAT5e UTP (m)

580

- 31 -

WESD Network Design Project Proposal


IDF4 to Drop Point (in.) 1.93 1.48 1.05 0.62 0.19 0.48 1.14 IDF5 to Drop Point (in.) 1.93 1.36 0.82 0.36 0.20 0.63 1.06 IDF6 to Drop Point (in.) 2.43 1.85 1.94 0.86 0.44 0.30 0.70 2.08 2.67 3.07 3.26 IDF4 to Drop Point (m) 40 31 22 13 4 10 23 IDF5 to Drop Point (m) 40 28 17 8 4 13 22 IDF6 to Drop Point (m) 50 38 40 18 9 6 15 43 55 63 67

RADD Networking, Inc.


Cable Amount for 4 Drops / Room (m) 159 122 87 51 16 40 94 Cable Amount for 4 Drops / Room (m) 159 112 67 30 16 52 88 Cable Amount for 4 Drops / Room (m) 200 153 160 71 36 25 58 171 220 253 269 Estimated Total CAT5e UTP (m)

Fuchsia Locations (1 - 7) Location 1 Location 2 Location 3 Location 4 Location 5 Location 6 Location 7 Red Locations (1 - 7) Location 1 Location 2 Location 3 Location 4 Location 5 Location 6 Location 7 Teal Locations (1 - 11) Location 1 Location 2 Location 3 Location 4 Location 5 Location 6 Location 7 Location 8 Location 9 Location 10 Location 11

568

Estimated Total CAT5e UTP (m)

525

Estimated Total CAT5e UTP (m)

1,617

Estimated Total CAT5e UTP (m)

5,597

Altogether, Sunnyslope elementary will need 5,597 meters of CAT5e cable. Of course, these are approximations, and we generally extrapolate our cable estimations by 20% more cable, which comes to 6,716 meters. The reason for this cable increase is due to possible unforeseen cable run obstacles. Additional cable also comes in handy for future network connections, be they workstations, printers, or other network devices.

- 32 -

WESD Network Design Project Proposal

RADD Networking, Inc.

10.5 Multi-Mode Fiber Optic Cable Measurements


Determining the amount of fiber optic cable to be run between IDFs and the MDF was the easier of the two media measurements. For the most part, MDF to IDF fiber runs are singular cable runs through the existing media conduit system. The type of fiber to be used between the MDFs Cisco Catalyst 3750G-12S-E switch and each IDFs Cisco Catalyst WS-C2970G-24TS-E switch will be 1000BASE-SX. It has a 62.5 micron core size, a modal bandwidth of 160 MHz/km, and a maximum cable distance of 220 meters. This grade of fiber uses Ciscos 1000BASE-SX SFP modules (Small Form-Factor Pluggable).

Figure 2 - Cisco 1000BASE-SX, 1000BASE-LX/LH, and 1000BASE-ZX SFPs


Blue IDF1 Location 1 Green IDF2 Location 2 Copper IDF3 Location 3 Fuchsia IDF4 Location 4 Red IDF5 Location 5 Teal IDF6 Location 6 MDF to IDF1 (in.) 6.86 MDF to IDF2 (in.) 7.66 MDF to IDF3 (in.) 4.57 MDF to IDF4 (in.) 3.51 MDF to IDF5 (in.) 5.47 MDF to IDF6 (in.) 7.37 MDF to IDF1 (m) 142 MDF to IDF2 (m) 158 MDF to IDF3 (m) 94 MDF to IDF4 (m) 72 MDF to IDF5 (m) 113 MDF to IDF6 (m) 152 Estimated Total 1000BASE-SX Fiber (m) 142 Estimated Total 1000BASE-SX Fiber (m) 158 Estimated Total 1000BASE-SX Fiber (m) 94 Estimated Total 1000BASE-SX Fiber (m) 72 Estimated Total 1000BASE-SX Fiber (m) 113 Estimated Total 1000BASE-SX Fiber (m) 152 731

Estimated Total Fiber 1000Base-SX (m)

- 33 -

WAN/LAN Security

WESD Network Design Project Proposal

RADD Networking, Inc.

11. Security Measures & Network Management


Recently, there have been many security breaches throughout the world. These infringements have caused enormous problems to each networks integrity and functionality. We plan to prevent such intrusions from occurring in our WAN and LAN design. To accomplish this task, weve divided security and network management into seven different categories: external security, operational security, surveillance, passwords, auditing, access rights, and viruses.

11.1 External Security


We will lock all MDFs, IDFs, and cabinets. The Network Administrator will hold all of the keys and take responsibility for any entry into the closets and cabinets. This will help deter any unauthorized physical access to the equipment. We will install a device on the doors of each closet and cabinet that will transmit a wireless signal to a pager should a door be opened. The network administrator carrying this pager will know immediately which closet or cabinet is being opened, so that security can be sent to the appropriate location. Figure 3 - Lever Networking equipment will be Handle Lock kept in closets where the temperature can be easily controlled. We advise against closets with windows, because windows can let in sunshine, which can increase the temperature of the closet. This could strain the capacity of any existing air conditioning equipment, and as the temperature rises, the life expectancy of computer circuits decreases. Also, external windows can increase the probability of vandalism. To prevent electrical damage to the networking equipment, we will be using high-quality surge protectors on all devices that require electrical current. Figure 4 APC NetShelter VX Enclosures

11.2 Operational Security


Operational security will involve limiting who can use the system and when they can use the system. Employees who do not normally come in contact with sensitive data areas will not have access to sensitive data. For example, students will

- 35 -

WESD Network Design Project Proposal

RADD Networking, Inc.

not be able to access any teacher or administration files and teachers will not be able to access administration information. The network administrator at the school will break the school into information access groups, decide who is in each group, and determine what access rights each group has.

- 36 -

WESD Network Design Project Proposal

RADD Networking, Inc.

It is also possible to limit access to a system by the time of day or the day of the week. In our network, we have decided to lockout network access nightly and on weekends. Additionally, we will limit remote access to the system during certain times of the day or week.

11.3 Surveillance
Many network administrators feel that surveillance is a good deterrent to computer vandalism and theft. The proper placement of video cameras in key locations cam both deter criminals and be used to identify criminals in the event of vandalism or theft. Figure 5 - 'Hawkeye Weve chosen the Hawk-Eye recessed Recessed Dome Camera dome camera because it can rotate up to 360 and has a tilt angle of +/- 90. 3" in Diameter Ceiling or Wall Mounted We will be using IP based video on this Panasonic 1/3" CCD camera so that administrators at the district 420 Lines of Resolution (0.1 office and at the school can monitor whats lux) going on. 3.6 mm Wide Angle Lens 360 with a +/- 90 Tilt Angle Using another form of surveillance called intrusion detection, we will be able to electronically monitor data flow and system requests into and out of the system. If any unusual activity is noticed, protective action can be taken immediately.

11.4 Passwords and ID Systems


Every system that stores sensitive or confidential data requires an authorized user to enter a password, personal identification number (PIN), or some other form of ID before gaining access to the system. Typically, this password or ID is something either remembered by the user or a physical feature of a user, such as a fingerprint. Although passwords are the most common form of identification, they are also one of the weakest. Often passwords become known or misplaced and fall into the wrong hands. Occasionally, a password is written on paper, and the paper is discovered by the wrong people. More often, though, the password is too simple, and someone guesses it. With our network, we will be taking several precautions concerning the creating and changing of passwords. The passwords will be changed every 90 days, they

- 37 -

WESD Network Design Project Proposal

RADD Networking, Inc.

will be at least eight characters in length, and they will alpha/numeric with at least one uppercase letter.

- 38 -

WESD Network Design Project Proposal

RADD Networking, Inc.

11.5 Auditing
Computer auditing is often a good deterrent to crime and is useful in apprehending a criminal after a crime has occurred. Auditing involves installing a software program that monitors every transaction within a system. Each transaction is recorded in an electronic log along with the date, time, and owner of the transaction. If an inappropriate transaction is suspected, the electronic log can be scanned to retrieve the appropriate information. We will be implementing auditing software at Sunnyslope Elementary and at the District level to monitor every transaction, including the date, time, and owner of each transaction. The price paid to purchase, install, and support an audit program will be well worth it when the program helps catch a person performing unauthorized transactions.

11.6 Access Rights


Often in computer networks, resources are not supposed to be shared, or they should be shared only by a select group. These resources include files, tapes, printers, and other peripheral devices. If resource sharing is to be restricted, then a user or network administrator should set the appropriate access rights for a particular resource. Access rights have two basic parameters: Who and How. The Who parameter lists who has access to the resource. Some examples of who are the owner, a select group of users, and the entire user population. The How parameter specifies how a user may access the resource. Examples of how include read, write, edit, execute, append, and print. A user may create a file and allow all users to access the file but only with read access rights. The network administrator at Sunnyslope will assign access rights to all users. An example of this is how teachers will have total access rights to student grades, but the students will only have read access rights to their grades.

- 39 -

WESD Network Design Project Proposal

RADD Networking, Inc.

11.7 Guarding Against Viruses


Computer viruses are small programs that alter the way a computer operates without the users knowing, often causing many types of problems. Viruses delete and corrupt data and program files or alter operating system components, so that computer operation is impaired or even halted. Some common types of viruses include: Macro Macro viruses are often found in spreadsheets, databases, and wordprocessing documents. A macro virus hides within an applications macro and is activated when the macro is executed. Boot sector A boot sector virus is usually stored on a floppy disk and inserted into the computer during the boot sequence. Polymorphic virus These viruses are difficult to locate because they mutate with every infection. File infector File infector viruses infect a piece of executable code such as an .exe or .com file, which in turn infects the host computer. Worms Worms are programs that copy themselves from one system to another over a network without human assistance. They will often slow down the computer by causing it to execute so many operations that it will not be able to perform its normal duties. We will be implementing Symantec software that will include signature-based scanning, terminate-and-stay-resident monitoring, and multi-level generic scanning. Signature-based scanning looks for a unique pattern of virus. These patterns are found by searching catalog listings, which can be updated from the Internet. Terminate-and-stay-resident monitoring runs in the background while an application that a user is executing runs in the foreground. It can provide real-time monitoring of disk drives and files, intelligent analysis of virus-like behavior, and polymorphic virus detection. Multi-level generic scanning includes intelligent checksum analysis and expert system virus analysis. Intelligent checksum analysis calculates and applies a checksum at the beginning of a files lifetime and later after it has existed a while. Expert system virus analysis involves a series of proprietary algorithms that performs millions of tests of the software and examines the flow of program code and other software functions.

- 40 -

WESD Network Design Project Proposal

RADD Networking, Inc.

12. ACLs, VLANs, & Security


This is a diagram of some of the security features well be implementing into the network. Well use VLANs to communicate logically between networks and ACLs to deny anyone on the curriculum network access to the administration network. As an added security feature, the curriculum and admin networks will be on

separate subnets.

12.1 Security Policy


A well-designed security policy will make the jobs of the network support staff much clearer. They will know what the network users can and cannot access and where they can and cannot go. A well-designed security policy will make enforcement more straightforward, and it will allow the staff to react properly to specific security requests. The security policy will also give the users a better AN EXAMPLE OF OUR NETWORK SECURITY POLICY: Network Administrators Will:
Endeavor to Protect the Networks & Systems for Which They are Responsible

Network Users Will:


Abide by Appropriate Use of Information Technology Policy of the School District Abide by Departmental Policies Governing Connection to Departmental Networks

- 41 -

WESD Network Design Project Proposal

RADD Networking, Inc.

understanding of what they can and cannot do. Hopefully this understanding will allow the school to maintain security in an increasingly less secure world.

- 42 -

Additional Network Project Factors

WESD Network Design Project Proposal

RADD Networking, Inc.

13. Cost Breakdown


Each of the components that will be needed for the network implementation has been researched and priced. Below is a listing of recommended products, models, unit prices, number items to be purchased, and the total price for the quantity purchased. Not only are the major hardware pieces listed such as servers, routers, and switches, but also the supporting equipment and materials such as rack mounts, UPSs, raceways, keystones, and keystone jacks.
Product Cisco Catalyst 3750G-12S-E Switch 10/100/1000 - 12 SFP ports Cisco Catalyst 2970G-24TS-E Switch 10/100/1000 - 4 SFP ports Cisco 1000BASE-SX Fiber Optic SFP Cisco Catalyst 6506 Switch Chassis Cisco Catalyst 6000 Supervisor Cisco Catalyst 6500 Series Intrusion Detection System Cisco 8 PORT Multi-channel T1/E1 Cisco 1000BASE-T Gigabit Interface Converter Cisco 2621XM Router 2-FE / 1WIC WESD District: 1 Security (PDC) / Virus / TFTP / Backup Server WESD District: 1 Web (Site) / Email / DNS Server 1 Proxy / Cache / Content Filtering Server 1 Library / Database Server WESD District: Application Clusters WESD District: Database Cluster servers WESD District: 1 File / Print Server 1 Security Server (PDC) / TFTP 1 Virus Server Sunnyslope: 7 Application Cluster Servers Sunnyslope: 1 Cache / DNS / Email Server Sunnyslope: 1 File / Print Server 1 Security Server (PDC) / TFTP 1 Virus Server StarTech KVM Monitor/keyboard/mouse switch - 16 port(s) KVM cables Dell PowerVault 122T Autoloader Model WS-C3750G-12S-E WS-C2970G-24TS-E GLC-SX-MM WS-C6506 WS-X6K-S1A-MSFC2 Unit Price No. $8,796.37 1 Total $8,796.37

$3,700.86 16 $59,213.76 $399.20 12 $4,790.40 $4,790.00 1 $4,790.00 $4,500.00 1 $4,500.00

WS-SVC-IDS2-BUN-K9 $22,472.00 1 $22,472.00 PA-MC-8TE1+ WS-X6408-GBIC 2621XM Dell PowerEdge 6650 $9,338.90 $5,430.00 $3,845.00 3 1 1 28016.7 $5,430.00 $3,845.00

$13,414.04 1 $13,414.04

Dell PowerEdge 6650 Dell PowerEdge 2650 Dell PowerEdge 2650 Dell PowerEdge 2650

$12,757.04 3 $38,271.12 $4,645.85 $4,555.85 $5,831.15 3 $13,937.55 3 $13,667.55 3 $17,493.45 0 0

Dell PowerEdge 2650 Dell PowerEdge 2650

$4,645.85 $5,174.15

7 $32,520.95 1 $5,174.15

Dell PowerEdge 6650

$5,831.15

3 $17,493.45

CAB1631D N/A PowerVault 122T

$602.99

$1,205.98

$11.99 32 $383.68 $8,956.00 1 $8,956.00

- 44 -

WESD Network Design Project Proposal

RADD Networking, Inc.

- 45 -

WESD Network Design Project Proposal

RADD Networking, Inc.

APC NetShelter WX Wall-Mount Enclosure 13U Vented Door Black APC NetShelter VX 42U Enclosure w/Sides Black APC Basic Rack-mount Power Distribution Unit [Hor/Vert; Input: NEMA L5-30P; Output: (10) NEMA 5-20R] APC Fixed Shelf 50lbs (22.7kg) Black APC Cable Management Hoop Kit (Qty 6) APC Cable Containment Brackets APC Roof Fan Tray (120 Vac) Black APC 2U Patch Cord Organizer APC ProtectNet 1 Port Ethernet/Token Ring Surge Protector APC 4-POST RACKMOUNT RAILS APC Smart-UPS 1000VA USB & Serial RM 1U 120V Cables to Go - Keystone Surface Mount Box 12-Port Ivory Belkin Keystone Jack for 4PAIR CAT5e 110 568A/568B Blue Belkin Raceway 1 3/4" Ivory 6 ft Long 6 Per Box Belkin Raceway 1 3/4" End Cap Ivory 4 Per Bag Belkin Raceway 1 3/4" Joint Cover Ivory 4 Per Bag Cables To Go - CAT5e 1000FT 350 MHz Bulk Cable Plenum Solid Gray Belkin CAT5e 250FT 350 MHz Bulk Cable Plenum Solid Gray Belkin Multimode Duplex Fiber Plenum 1000' Bulk cable Belkin Multimode Duplex Fiber Plenum 250' Bulk cable Belkin Velcro Cable Ties 8" - 100 black Hawking Technologies 100 RJ45 Connectors and Color Boots APC Cable Ladder 12" (30cm) with Bracket Kit Digital Doorlocks - Heavy Duty Lever Handle Lock Hawk-Eye Recessed Dome Camera with Panasonic 1/3" CCD APC Enclosure Alarm Switch Kit APC Environmental Monitoring Card with Temp/Humidity Probes Microsoft 2003 Client Terminal Services Software Client Access License Microsoft 2003 Terminal Server Software Client Access License Websense Enterprise v5 One-Year Subscription for 500 users Symantec AntiVirus Corporate Edition

AR100HD AR2100BLK AP9560 AR8105BLK AR8113 AR8116BLK AR8210BLK AR8427A PNET1 SU032A SUA1000RM1U # 03848 CIN85EBL F4D483 F4D485 F4D488 #27342 #27343

$449.00 $1,539.00 $210.00 $49.00 $44.00 $39.00 $359.00 $44.00 $40.00 $99.00 $599.00 $6.99 $2.83 $51.99 $3.99 $7.99 $184.85 $49.38

7 3 10 21 10 12 10 10 10 10 10 112 1400 65 65 65 26 1 3 1 3 10 60 8 10 10 10 325 325 1 25

$3,143.00 $4,617.00 $2,100.00 $1,029.00 $440.00 $468.00 $3,590.00 $440.00 $400.00 $990.00 $5,990.00 $782.88 $3,962.00 $3,379.35 $259.35 $519.35 $4,806.10 $49.38 $2,458.80 $299.36 $160.77 $59.90 $11,640.00 $1,960.00 $899.50 $840.00 $2,000.00 $9,425.00 $25,675.00 $7,870.00 $973.00

A7F1102-1000-P $819.60 A7F1102-350-P 90124-BLK-100 PN200C AR8165ABLK #1150 Item #2428 AP9513 AP9612TH N/A N/A N/A N/A $299.36 $53.59 $5.99 $194.00 $245.00 $89.95 $84.00 $200.00 $29.00 $79.00 $7,870.00 $37.80

- 46 -

WESD Network Design Project Proposal


Licensed w/ $28 Media Pack

RADD Networking, Inc.

Total $424,150.55

- 47 -

WESD Network Design Project Proposal

RADD Networking, Inc.

13.1 Network Connectivity Testing Plan


Because networking is not a perfect endeavor, its not uncommon to have to troubleshoot elements of the network incrementally as it is being built and as a whole when it is completed. In order to troubleshoot the network effectively while its being built and when it is completed, we will use the OSI model as our guide in order to determine the sole or multiple roots of a problem. Given the OSI models tier design, troubleshooting can be approached on a level-by-level basis. The process of elimination will fall along these lines for the first three OSI levels: Layer 1 Error Checklist

Broken cables Disconnected cables Cables connected to the wrong ports Intermittent cable connections Cables incorrectly terminated Wrong cables used Cross-connects Rollovers Straight-through cables Transceiver problems DCE cable problems DTE cable problems Devices powered off

Layer 2 Error Checklist Improperly configured serial interfaces Improperly configured Ethernet interfaces Wrong clock rate settings on serial interfaces Wrong encapsulation set on serial interfaces Faulty NIC Layer 3 Error Checklist Wrong routing protocol enabled Incorrect network/IP addresses Incorrect subnet masks Incorrect interface addresses Incorrect DNS-to-IP bindings Wrong autonomous system number for IGRP

Standard command line tools that will be used to troubleshoot host level problems are: ping Check connectivity between host and other network devices tracert Check path to other network devices IPconfig See if host properly detects configurations assigned to it

Standard Cisco IOS command line tools that will be used to troubleshoot router level problems are: ping Check connectivity between router and other network devices traceroute - Check path to other network devices show arp Show the IP/MAC address used show ip route Shows a routers routing table show interface Shows existing interface configurations and if admin up or down show run Shows existing overall all configurations

- 48 -

WESD Network Design Project Proposal

RADD Networking, Inc.

Of course, our troubleshooting efforts will be complimented with the proper degree of documentation in order fix problems quickly and efficiently.

- 49 -

WESD Network Design Project Proposal

RADD Networking, Inc.

13.2 Network Contingency Plan


Power is something that the entire network components are going to need, but dirty or intermittent power wont do. Surges and spikes can damage your expensive hardware investment. Sags and brownouts, especially during the Phoenixs summer and monsoon season, can compromise your network data transfer and backups. The solution to this problem comes in the form of the APC Smart-UPS 1000VA.

APC Smart-UPS 1000VA


Automatic Self Test Automatic Voltage Regulation (AVR) Building wiring fault indicator Built-in SmartSlot Hot Swap Batteries Intelligent Battery Management Line-interactive Load Meter Network-grade line conditioning Overload Indicator Rack Mount Replace Battery Indicator Sine-wave output Software Status Indicator LED's USB Connectivity User Replaceable batteries Wide input voltage range

On average, the APC Smart-UPS 1000VA has a typical backup time at half load of 14.5 minutes (320 Watts). Its typical backup time at full load is 5.4 minutes (640 Watts). Its energy surge protection rating is 480 joules. This is the UPS that we recommend to protect your switches, routers, and servers at both the school and district level. As for backing up important daily business and academic data, we recommend the Dell PowerVault 122T. With this device, incremental backups on all files that have been created or modified since the last full backup will be done nightly at the school and transmitted to the district office. Full backups of all hard drive files will be done on weekends at the school and sent to the district office.

Dell PowerVault 122T


Autoloading of up to 8 data Drive Cartridge Capacity cartridges o Uncompressed: Maximum Storage Capacity 100GB o Uncompressed: 800 GB o Compressed: 200GB o Compressed: 1.6 TB Recommended Environment - 50 -

WESD Network Design Project Proposal Transfer Rate and Backup Rate o Uncompressed Maximums 15MB/s, 900MB/min, 54GB/hr o Compressed Maximums 30MB/s, 1800MB/min, 108GB/hr o

RADD Networking, Inc. High end departmental and enterprise servers o Rack dense servers that require external tape backup solutions

- 51 -

WESD Network Design Project Proposal

RADD Networking, Inc.

13.3 Throughput Testing Plan


In order to make sure the LAN and WAN are operating properly performance-wise, we will have to establish a baseline for both networks when they are brought up and operational. To do this, we will be using Flukes Optiview Network Integrated Analyzer. This device is a multifaceted network analyzer. The Optiview is an integrated tool capable of advanced discovery, SNMP device analysis, cable testing, packet capturing, filtering and decoding, traffic generation, Web remote analysis, optical fiber inspection, and WAN as well as wireless network testing.

Of course, as the network grows or changes are made to it, the baseline will also change as different demands are placed on the network. Therefore, the network should be periodically re-measured and evaluated in order to ensure optimal bandwidth is available for network services and operations. Any documentation that was generated based on earlier baseline measurements needs to be updated with the new measurement readings.

Active discovery in switched networks Seven-layer analysis Fully automatic IP configuration even without DHCP Address-to-name mapping Connect to 100BASE-FX (Pro Models) Packet capture and decode (Pro Models) SNMP device analysis RMON II traffic analysis (Pro Models) Traffic Generation Gb testing capabilities (Pro Gb Model) Cable testing Wireless Network Analysis (optional) WAN Vision (optional)

Keep in mind that seemingly benign changes to the network may impact its performance. If there is a noticeable degradation in bandwidth or in workgroup and enterprise level services, well maintained documentation can mean the difference between a quick fix and a long drawn out hunt for the problem. In any case, before moving a piece of network equipment from one portion of the network to another, make sure that piece of equipment is working properly. If it is working before the move, check the network equipments performance after the move. Its not a given that a piece of network equipment will work equally well on any network. Taking - 52 -

WESD Network Design Project Proposal

RADD Networking, Inc.

periodic network readings and updating the baseline results can help with determining if there is any problem with a recent network equipment placement.

- 53 -

WESD Network Design Project Proposal

RADD Networking, Inc.

13.4 Security
After the network equipment is installed, VLAN and ACL scripts up loaded and in place, and the network is fully operational, we will test the security of the network by trying to by-pass the firewalls, VLANs, and ACLs. This will give us an idea if there are any loopholes in the system and what, if anything, needs to be addressed. Any ports that have been set to off limits will be tested to see that there are no backdoors into the network. In this day and age of hackers of all ages and agendas, trying to poke holes in the network after the fact is only prudent.

13.5 Environmental Controls


The temperatures in the IDFs and MDFs will be kept at 21C / 69.8F. Humidity levels will be maintained between 30% - 50%. In order to make sure that these environmental conditions stay constant, American Power Conversions SmartSlot Environmental Monitor will be placed in each IDF and MDF. The sensors in this device can detect humidity ranges between 0 - 95%, temperature ranges between 32 104 F, fire, water, smoke, unauthorized entry, physical security, or any external condition that can be measured via contact closure. In the event that the humidity or temperature in an IDF or MDF reaches unacceptable levels, the APC SmartSlot Environmental Monitor has the capability of alerting the system administrator via Email.

APC Environmental Monitoring SmartSlot Card

Features: Dry Contact Inputs E-mail Notification Environmental Monitor Event Logging MD5 Authentication Security Password Security SNMP Management Telnet Management UPS Support Web Management

- 54 -

WESD Network Design Project Proposal

RADD Networking, Inc.

13.6 Timeline
This is our current timeline as to our projections for completing the various stages of the network implementation. Several weeks has been allocated to coincide with the end of the school season and the installation of the network during the summer break. Prior to the fall school season, there will be a two week period dedicated to training the staff, faculty, and network administration on the new network hardware, workstations, and making sure that the enterprise and workgroup services are operational.
ID 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 Las t and f irs t day s 55 day s ? Thu 5/ 27/04 Tes t Training St af f 5 day s 10 day s Mon 7/26/04 W ed 8/4/ 04 Tas k Nam e Pilot Net work Lease Lines From Telc o Purchase Hardware Confi gure Hardware Rout ers Switches Serv ers Sof tware ACLs VLANs W ire School W ire Dis trict Of f ic e School Hardware I ns tall Dis trict Of f ice H ardware I ns tall Secur ity i mpl ementati on Lock s Cam eras Duration 5 day s 60 day s 10 day s 10 days 3 day s 3 day s 10 day s 3 day s 3 day s 3 day s 5 day s 5 day s 10 day s 10 day s 10 days 10 day s 10 day s Start Feb '04 Mon 3/15/04 Thu 4/ 1/04 Mon 4/5/ 04 Mon 4/19/04 Mon 4/19/04 Mon 4/19/04 Mon 4/19/04 Mon 4/19/04 Mon 4/19/04 Mon 4/19/04 Mon 5/31/04 Mon 5/31/04 Mon 5/3/ 04 Mon 5/3/ 04 W ed 6/ 2/04 W ed 6/2/ 04 W ed 6/2/ 04

Mar '04 Apr '04 May '04 J un ' 04 J ul '04 Aug ' 04 Sep ' 04 29 7 14 21 28 4 11 18 25 2 9 16 23 30 6 13 20 27 4 11 18 25 1 8 15 22 29 5

- 55 -

Pilot Network

WESD Network Design Project Proposal

RADD Networking, Inc.

14. Pilot Network


Our Pilot Network will consist of a setup of eight computers running various programs and performing several functions. Starting from the left side of the table, the first computer will be the terminal from which we load our configuration scripts. The next computer will be our Administrative Data Base server. It will be running Red Hat Linux and will be addressed on the 10.7.0.0 network. Next in line is the Administration Workstation, which will also be running Red Hat Linux and be addressed on the 10.7.0.0 network. After that comes the Student Workstation, running Red Hat Linux and residing on the 10.6.0.0 network. The next two computers will represent Student Terminal Server Clusters. Windows Server 2003 is their OS and they will reside on the 10.6.0.0 network. The seventh computer will represent the PDC/LB/TLS/DNS server for the Student segment. It too, will be running Windows Server 2003 and reside on the 10.6.0.0 network. The last computer will be a running Power Point presentation of our slides. We will be demonstrating our ability to load configurations into the router, communicate (ping) between separate subnets, configure ACLs to deny Curriculum access to the Admin network, establish Terminal Services, and run a Windows 2003 Terminal Session on a Linux Workstation.

- 57 -

WESD Network Design Project Proposal

RADD Networking, Inc.

14.1 Options & Future Growth


14.1.1 Service Level Agreement (SLA) RADD Networking, Inc. will offer the WESD and Sunnyslope Elementary a Service Level Agreement. This SLA will contain the servicing and maintenance options we offer, such as a 1-year, 5-year, or lifetime service package. Under the agreement, RADD Networking, Inc. will perform every service possible, up to and including replacement of non-repairable equipment. We will ensure that the network has maximum up time and optimal throughput.

14.1.2 Ring & Mesh Topology With the switches weve chosen to implement into Sunnyslope Elementarys LAN, there is an option to link IDFs together in a Ring Topology. This option would increase redundancy within the LAN as well as create multiple paths for data to flow. Though it may not be part of the RFP, we highly recommend going with this option in the near future.

14.1.3 Voice over IP (VoIP) Another positive of the switches weve chosen is that they are capable of supporting Voice over IP. VoIP will provide a means for sending voice information in digital form in discrete packets, rather than in the traditional circuit-committed protocols of the Public Switched Telephone Network (PSTN). Tolls charged by ordinary telephone services could then be avoided. This VoIP system can also be used as a school/district paging system.

- 58 -

15. Summary
We have proposed a network design that will allow the Washington Elementary School District and Sunnyslope Elementary to enjoy the best in network technology now and in the future. RADD Networking, Inc. always offers the finest in network design and implementation to its customers. We are highly committed to doing the job right the first time and we have been ranked #1 in customer satisfaction for the last five years. Thank you for taking the time to review our proposal. We look forward to doing business with you.

RADD NETWORKING, INC.

RANDY CROCKETT - ASH RAND - DIRK FRETZ - DANIEL CURTIS

Appendix A District & School Computers

WESD Network Design Project Proposal


Configuration for the District: 3 Application Cluster Servers Price*:$4,645.85 36 Month Business Lease**:$161 PowerEdge 2650: PowerEdge 2650, Intel Xeon 2.8GHz, 512K Cache, 533MHz Front Side Bus 265285 - [ 221-2654 ] Additional Processors: Single Processor Only 1P - [ 311-1193 ] Memory: 1.0GB DDR, 4X256 DIMMS 1GB4D - [ 311-2730 ] Keyboard: Standard Windows Keyboard,Gray S - [ 310-1676 ] Monitor: Dell E551,15in (13.8in Viewable),Gray Monitor 15MON - [ 320-0960 ] First Hard Drive: 36GB 10K RPM Ultra 320 SCSI Drive 3610320 - [ 340-7919 ] Primary Controller: PERC3-DI, 128MB Battery Backed Cache, 2 Internal Ch- Embedded RAID ROMB128 - [ 340-3943 ] Diskette Drive: 1.44MB Diskette Drive FD - [ 340-3961 ] OPERATING SYSTEM: Windows Server 2003 Enterprise Edition, Academic W2K3EED - [ 420-3227 310-1261 ] Mouse: Logitec System Mouse,Gray L - [ 310-3776 ] First Network Adapter: Intel Pro 1000XT Gigabit NIC-Copper IN1000T - [ 430-0375 ]

RADD Networking, Inc.

CD ROM or DVD ROM: 24X IDE Internal CD ROM Drive CD24X - [ 313-0317 ] Bezel: Active Bezel Option for Dell PowerEdge 2650 BEZEL - [ 310-1487 ] Hard Drive Backplane: 5 Bay (1x5) Hot Plug SCSI Hard Drive Backplane 1X5BKPL - [ 340-3932 ] Cables: Mouse/Keyboard Cable MKCABL - [ 310-5567 ] Documentation: Users Manual,Installation and Trouble Shooting Guide on CD EDOCS - [ 310-1989 ] Hard Drive Configuration: On-Board SCSI, 1 to 5 drives connected to on-board SCSI MS - [ 340-3947 ] Chassis Configuration: RapidRails for Dell Rack RPDRAIL - [ 310-1482 ] Hardware Support Services: 3Yr SILVER Support, 4Hr Onsite, S/W Support SILVERU - [ 960-4119 960-4130 960-4132 950-0227 ] Installation Support Services: No Installation NOINSTL - [ 900-9997 ] Power Supplies: Non-Redundant AC Power (500 Watt Power Supply) NREDPWR - [ 310-4237 ] Second Network Adapter: Intel Pro 1000XT Gigabit NIC-Copper IN1000T - [ 430-0375 ]

- 61 -

WESD Network Design Project Proposal


Configuration for the District: 3 Database Cluster servers Price*:$4,555.85 36 Month Business Lease**:$158 PowerEdge 2650: PowerEdge 2650, Intel Xeon 2.8GHz, 512K Cache, 533MHz Front Side Bus 265285 - [ 221-2654 ] Additional Processors: Single Processor Only 1P - [ 311-1193 ] Memory: 1.0GB DDR, 4X256 DIMMS 1GB4D - [ 311-2730 ] Keyboard: Standard Windows Keyboard,Gray S - [ 310-1676 ] Monitor: Dell E551,15in (13.8in Viewable),Gray Monitor 15MON - [ 320-0960 ] First Hard Drive: 36GB 10K RPM Ultra 320 SCSI Drive 3610320 - [ 340-7919 ] Primary Controller: PERC3-DI, 128MB Battery Backed Cache, 2 Internal Ch- Embedded RAID ROMB128 - [ 340-3943 ] Diskette Drive: 1.44MB Diskette Drive FD - [ 340-3961 ] OPERATING SYSTEM: Red Hat Linux 2.1 Advanced Server, Customer Installed LX21NFI - [ 310-1261 420-0918 ] Mouse: Logitec System Mouse,Gray L - [ 310-3776 ] First Network Adapter: Intel Pro 1000XT Gigabit NIC-Copper IN1000T - [ 430-0375 ]

RADD Networking, Inc.

- 62 -

WESD Network Design Project Proposal


CD ROM or DVD ROM: 24X IDE Internal CD ROM Drive CD24X - [ 313-0317 ] Bezel: Active Bezel Option for Dell PowerEdge 2650 BEZEL - [ 310-1487 ] Hard Drive Backplane: 5 Bay (1x5) Hot Plug SCSI Hard Drive Backplane 1X5BKPL - [ 340-3932 ] Cables: Mouse/Keyboard Cable MKCABL - [ 310-5567 ] Documentation: Users Manual,Installation and Trouble Shooting Guide on CD EDOCS - [ 310-1989 ] Hard Drive Configuration: On-Board SCSI, 1 to 5 drives connected to on-board SCSI MS - [ 340-3947 ] Chassis Configuration: RapidRails for Dell Rack RPDRAIL - [ 310-1482 ] Hardware Support Services: 3Yr SILVER Support, 4Hr Onsite, S/W Support SILVERU - [ 960-4119 960-4130 960-4132 950-0227 ] Installation Support Services: No Installation NOINSTL - [ 900-9997 ] Power Supplies: Non-Redundant AC Power (500 Watt Power Supply) NREDPWR - [ 310-4237 ] Second Network Adapter: Intel Pro 1000XT Gigabit NIC-Copper IN1000T - [ 430-0375 ]

RADD Networking, Inc.

- 63 -

WESD Network Design Project Proposal


Configuration for the School: 7 Application Cluster Servers Price*:$4,645.85 36 Month Business Lease**:$161 PowerEdge 2650: PowerEdge 2650, Intel Xeon 2.8GHz, 512K Cache, 533MHz Front Side Bus 265285 - [ 221-2654 ] Additional Processors: Single Processor Only 1P - [ 311-1193 ] Memory: 1.0GB DDR, 4X256 DIMMS 1GB4D - [ 311-2730 ] Keyboard: Standard Windows Keyboard,Gray S - [ 310-1676 ] Monitor: Dell E551,15in (13.8in Viewable),Gray Monitor 15MON - [ 320-0960 ] First Hard Drive: 36GB 10K RPM Ultra 320 SCSI Drive 3610320 - [ 340-7919 ] Primary Controller: PERC3-DI, 128MB Battery Backed Cache, 2 Internal Ch- Embedded RAID ROMB128 - [ 340-3943 ] Diskette Drive: 1.44MB Diskette Drive FD - [ 340-3961 ] OPERATING SYSTEM: Windows Server 2003 Enterprise Edition, Academic W2K3EED - [ 420-3227 310-1261 ] Mouse: Logitec System Mouse,Gray L - [ 310-3776 ] First Network Adapter: Intel Pro 1000XT Gigabit NIC-Copper IN1000T - [ 430-0375 ]

RADD Networking, Inc.

- 64 -

WESD Network Design Project Proposal


CD ROM or DVD ROM: 24X IDE Internal CD ROM Drive CD24X - [ 313-0317 ] Bezel: Active Bezel Option for Dell PowerEdge 2650 BEZEL - [ 310-1487 ] Hard Drive Backplane: 5 Bay (1x5) Hot Plug SCSI Hard Drive Backplane 1X5BKPL - [ 340-3932 ] Cables: Mouse/Keyboard Cable MKCABL - [ 310-5567 ] Documentation: Users Manual,Installation and Trouble Shooting Guide on CD EDOCS - [ 310-1989 ] Hard Drive Configuration: On-Board SCSI, 1 to 5 drives connected to on-board SCSI MS - [ 340-3947 ] Chassis Configuration: RapidRails for Dell Rack RPDRAIL - [ 310-1482 ] Hardware Support Services: 3Yr SILVER Support, 4Hr Onsite, S/W Support SILVERU - [ 960-4119 960-4130 960-4132 950-0227 ] Installation Support Services: No Installation NOINSTL - [ 900-9997 ] Power Supplies: Non-Redundant AC Power (500 Watt Power Supply) NREDPWR - [ 310-4237 ] Second Network Adapter: Intel Pro 1000XT Gigabit NIC-Copper IN1000T - [ 430-0375 ]

RADD Networking, Inc.

- 65 -

WESD Network Design Project Proposal


Configuration for the School: 1 Cache, DNS and 1 Email Server Price*:$5,174.15 36 Month Business Lease**:$180 PowerEdge 2650: PowerEdge 2650, Intel Xeon 2.8GHz, 512K Cache, 533MHz Front Side Bus 265285 - [ 221-2654 ] Additional Processors: 2nd Processor, Xeon, 2.8GHz, 512K Cache, 533MHz Front Side Bus 2P285 - [ 311-2724 ] Memory: 1.0GB DDR, 4X256 DIMMS 1GB4D - [ 311-2730 ] Keyboard: Standard Windows Keyboard,Gray S - [ 310-1676 ] Monitor: No Monitor Option N - [ 320-0058 ] First Hard Drive: 36GB 10K RPM Ultra 320 SCSI Drive 3610320 - [ 340-7919 ] Primary Controller: PERC3-DI, 128MB Battery Backed Cache, 2 Internal Ch- Embedded RAID ROMB128 - [ 340-3943 ] Diskette Drive: 1.44MB Diskette Drive FD - [ 340-3961 ] OPERATING SYSTEM: Linux 9 Professional, Factory Installed LINUX9 - [ 420-3229 310-1261 ] Mouse: Logitec System Mouse,Gray L - [ 310-3776 ] First Network Adapter: Intel Pro 1000XT Gigabit NIC-Copper IN1000T - [ 430-0375 ]

RADD Networking, Inc.

- 66 -

WESD Network Design Project Proposal


CD ROM or DVD ROM: 24X IDE Internal CD ROM Drive CD24X - [ 313-0317 ] Bezel: Active Bezel Option for Dell PowerEdge 2650 BEZEL - [ 310-1487 ] Hard Drive Backplane: 5 Bay (1x5) Hot Plug SCSI Hard Drive Backplane 1X5BKPL - [ 340-3932 ] Cables: Mouse/Keyboard Cable MKCABL - [ 310-5567 ] Documentation: Users Manual,Installation and Trouble Shooting Guide on CD EDOCS - [ 310-1989 ] Second Hard Drive: 36GB 10K RPM Ultra 320 SCSI Drive 3610320 - [ 340-7919 ] Hard Drive Configuration: On-Board RAID 5, 3 to 5 drives connected to on-board RAID MR5 - [ 340-3946 ] Chassis Configuration: RapidRails for Dell Rack RPDRAIL - [ 310-1482 ] Hardware Support Services: 3Yr SILVER Support, 4Hr Onsite, S/W Support SILVERU - [ 960-4119 960-4130 960-4132 950-0227 ] Installation Support Services: No Installation NOINSTL - [ 900-9997 ] Power Supplies: Redundant AC Power (2x500 Watt Power Supplies) REDPWR - [ 310-4324 ] Second Network Adapter: Intel Pro 1000XT Gigabit NIC-Copper IN1000T - [ 430-0375 ]

RADD Networking, Inc.


Third Hard Drive: 36GB 10K RPM Ultra 320 SCSI Drive 3610320 - [ 340-7919 ]

- 67 -

WESD Network Design Project Proposal


Configuration for the District: 1 File Server, Print Server 1 Security Server (PDC), TFTP 1 Virus Server Price*:$5,831.15 36 Month Business Lease**:$203 PowerEdge 2650: PowerEdge 2650, Intel Xeon 2.8GHz, 512K Cache, 533MHz Front Side Bus 265285 - [ 221-2654 ] Additional Processors: 2nd Processor, Xeon, 2.8GHz, 512K Cache, 533MHz Front Side Bus 2P285 - [ 311-2724 ] Memory: 1.0GB DDR, 4X256 DIMMS 1GB4D - [ 311-2730 ] Keyboard: Standard Windows Keyboard,Gray S - [ 310-1676 ] Monitor: No Monitor Option N - [ 320-0058 ] First Hard Drive: 36GB 10K RPM Ultra 320 SCSI Drive 3610320 - [ 340-7919 ] Primary Controller: PERC3-DI, 128MB Battery Backed Cache, 2 Internal Ch- Embedded RAID ROMB128 - [ 340-3943 ] Diskette Drive: 1.44MB Diskette Drive FD - [ 340-3961 ] OPERATING SYSTEM: Windows Server 2003 Enterprise Edition, Academic W2K3EED - [ 420-3227 310-1261 ] Mouse: Logitec System Mouse,Gray L - [ 310-3776 ] First Network Adapter:

RADD Networking, Inc.


Intel Pro 1000XT Gigabit NIC-Copper IN1000T - [ 430-0375 ] CD ROM or DVD ROM: 24X IDE Internal CD ROM Drive CD24X - [ 313-0317 ] Bezel: Active Bezel Option for Dell PowerEdge 2650 BEZEL - [ 310-1487 ] Hard Drive Backplane: 5 Bay (1x5) Hot Plug SCSI Hard Drive Backplane 1X5BKPL - [ 340-3932 ] Cables: Mouse/Keyboard Cable MKCABL - [ 310-5567 ] Documentation: Users Manual,Installation and Trouble Shooting Guide on CD EDOCS - [ 310-1989 ] Second Hard Drive: 36GB 10K RPM Ultra 320 SCSI Drive 3610320 - [ 340-7919 ] Hard Drive Configuration: On-Board RAID 5, 3 to 5 drives connected to on-board RAID MR5 - [ 340-3946 ] Chassis Configuration: RapidRails for Dell Rack RPDRAIL - [ 310-1482 ] Hardware Support Services: 3Yr SILVER Support, 4Hr Onsite, S/W Support SILVERU - [ 960-4119 960-4130 960-4132 950-0227 ] Installation Support Services: No Installation NOINSTL - [ 900-9997 ] Power Supplies: Redundant AC Power (2x500 Watt Power Supplies) REDPWR - [ 310-4324 ] Second Network Adapter: Intel Pro 1000XT Gigabit NIC-Copper IN1000T - [ 430-0375 ]

- 68 -

WESD Network Design Project Proposal


Third Hard Drive: 36GB 10K RPM Ultra 320 SCSI Drive 3610320 - [ 340-7919 ]

RADD Networking, Inc.

- 69 -

WESD Network Design Project Proposal


Configuration for the District: 1 Security, (PDC) Virus Server, TFTP, Backup Price*:$13,414.04 36 Month Business Lease**:$465 PowerEdge 6650: Intel Xeon 2.0GHz w/1MB Cache, GaL, Redundant Power 665201 - [ 221-3346 ] Additional Processor: Dual Processor Intel Xeon, 2.0GHz/1MB Cache PowerEdge 66XX 2P2001 - [ 311-3115 ] Memory: 1GB DDR SDRAM, 4X256MB DIMMs 1GB4D - [ 311-1541 ] Keyboard: Standard Windows Keyboard,Gray S - [ 310-1676 ] Monitor: No Monitor Option N - [ 320-0058 ] First Hard Drive: 73GB 10K RPM Ultra 320 SCSI Drive 7310320 - [ 340-7951 ] Primary Controller: PERC3-DC, 128MB, 1 Internal, 1 External Channels P3D128I - [ 340-2488 ] Diskette Drive: 1.44MB Diskette Drive FD - [ 340-3612 ] OPERATING SYSTEM: Windows Server 2003 Enterprise Edition, Academic W2K3EED - [ 310-1261 420-3227 ] Mouse: Logitec System Mouse,Gray L - [ 310-3776 ] First Network Adapter: Intel Pro 1000XT Gigabit NIC-Copper

RADD Networking, Inc.


IN1000T - [ 430-0375 ]

- 70 -

WESD Network Design Project Proposal


Remote Management: BroadCom, 56K PCI Internal Modem, V.92, For Dell Servers INMO56 - [ 313-1338 ] CD ROM or DVD ROM: 24X IDE Internal CD ROM Drive CD24X - [ 313-0317 ] Documentation: Users Manual,Installation and Trouble Shooting Guide on CD EDOCS - [ 310-1989 ] Second Hard Drive: 73GB 10K RPM Ultra 320 SCSI Drive 7310320 - [ 340-7951 ] HD Configuration: Add-in Card RAID 5 AR5 - [ 340-3862 ] Chassis Configuration: Rapid Rails for Dell Rack, P6650 RPDRAIL - [ 310-1453 ] Hardware Support Services: 3Yr GOLD Support, 4Hr Onsite, S/W Support, TAM Service GOLD4U - [ 310-3785 960-4140 960-4142 950-0117 950-0119 950-0268 970-0237 ] Installation: No Installation NOINSTL - [ 900-9997 ] Second Network Adapter: Intel Pro 1000XT Gigabit NIC-Copper IN1000T - [ 430-0375 ] Fourth Hard Drive: 73GB 10K RPM Ultra 320 SCSI Drive 7310320 - [ 340-7951 ] Fifth Hard Drive: 73GB 10K RPM Ultra 320 SCSI Drive 7310320 - [ 340-7951 ] Third Hard Drive: 73GB 10K RPM Ultra 320 SCSI Drive 7310320 - [ 340-7951 ]

RADD Networking, Inc.

- 71 -

WESD Network Design Project Proposal


Configuration for the District: 1 Web (Site) Server, Email, DNS 1 Proxy/Cache/Content Filtering 1 Library Server (DB) Price*:$12,757.04 36 Month Business Lease**:$442 PowerEdge 6650: Intel Xeon 2.0GHz w/1MB Cache, GaL, Redundant Power 665201 - [ 221-3346 ] Additional Processor: Dual Processor Intel Xeon, 2.0GHz/1MB Cache PowerEdge 66XX 2P2001 - [ 311-3115 ] Memory: 1GB DDR SDRAM, 4X256MB DIMMs 1GB4D - [ 311-1541 ] Keyboard: Standard Windows Keyboard,Gray S - [ 310-1676 ] Monitor: No Monitor Option N - [ 320-0058 ] First Hard Drive: 73GB 10K RPM Ultra 320 SCSI Drive 7310320 - [ 340-7951 ] Primary Controller: PERC3-DC, 128MB, 1 Internal, 1 External Channels P3D128I - [ 340-2488 ] Diskette Drive: 1.44MB Diskette Drive FD - [ 340-3612 ] OPERATING SYSTEM: Linux 9 Professional, Factory Installed LINUX9 - [ 310-1261 420-3229 ] Mouse: Logitec System Mouse,Gray L - [ 310-3776 ] First Network Adapter: Intel Pro 1000XT Gigabit NIC-Copper

RADD Networking, Inc.


IN1000T - [ 430-0375 ]

- 72 -

WESD Network Design Project Proposal


Remote Management: BroadCom, 56K PCI Internal Modem, V.92, For Dell Servers INMO56 - [ 313-1338 ] CD ROM or DVD ROM: 24X IDE Internal CD ROM Drive CD24X - [ 313-0317 ] Documentation: Users Manual,Installation and Trouble Shooting Guide on CD EDOCS - [ 310-1989 ] Second Hard Drive: 73GB 10K RPM Ultra 320 SCSI Drive 7310320 - [ 340-7951 ] HD Configuration: Add-in Card RAID 5 AR5 - [ 340-3862 ] Chassis Configuration: Rapid Rails for Dell Rack, P6650 RPDRAIL - [ 310-1453 ] Hardware Support Services: 3Yr GOLD Support, 4Hr Onsite, S/W Support, TAM Service GOLD4U - [ 310-3785 960-4140 960-4142 950-0117 950-0119 950-0268 970-0237 ] Installation: No Installation NOINSTL - [ 900-9997 ] Second Network Adapter: Intel Pro 1000XT Gigabit NIC-Copper IN1000T - [ 430-0375 ] Fourth Hard Drive: 73GB 10K RPM Ultra 320 SCSI Drive 7310320 - [ 340-7951 ] Fifth Hard Drive: 73GB 10K RPM Ultra 320 SCSI Drive 7310320 - [ 340-7951 ] Third Hard Drive: 73GB 10K RPM Ultra 320 SCSI Drive 7310320 - [ 340-7951 ]

RADD Networking, Inc.

- 73 -

Appendix B Router & Switch Configurations

Pilot Network Router Configuration


config t hostname Sunnyslope enable secret RADD ip subnet-zero ip host Curriculum 10.6.0.1 ip host Admin 10.7.0.1 ip audit notify log ip audit po max-events 100 interface FastEthernet0/0 description Curriculum ip address 10.6.0.1 255.255.0.0 no shut duplex full speed auto interface FastEthernet0/1 description Admin ip address 10.7.0.1 255.255.0.0 no shut duplex full speed auto router rip network 10.6.0.0 network 10.7.0.0 ip classless banner motd ^CC ************************** * Sunnyslope School * ************************** ^C line con 0 password RADD login line aux 0 password RADD login line vty 0 4 password RADD login exit

Router ACL Configuration


access-list 102 permit tcp any any range 30000 40000 access-list 102 permit icmp any any echo-reply int f0/0 ip access-group 102 in

Router VLAN Configuration


!-- Set the privileged mode !-- and Telnet password on the router. configure terminal hostname RADD1 enable password randy line vty 0 4 login password ash exit no logging console exit configure terminal !-- Select FastEthernet 0/0 for the trunk configuration. !-- No L2 or Layer 3 (L3) configuration is done here. int fastEthernet 0/0 no shut exit !-- Enable trunking on the subinterface FastEthernet 0/0.1. !-- Note that actual trunks are configured on the sub-interfaces. int fastEthernet 0/0.1 !-- Enter the trunking encapsulation as either isl encapsulation isl 1 ip address 10.10.10.1 255.255.255.0 exit !-- Enable trunking on the subinterface FastEthernet 0/0.2. !-- Note that actual trunks are configured on the sub-interfaces. int fastEthernet 0/0.2 !-- Enter the trunking encapsulation as isl encapsulation isl 2 !-- Configure L3 information on the sub-interface 0/0.2. ip address 10.10.11.1 255.255.255.0 exit exit !-- Remember to save the configuration. write memory

Switch VLAN Configuration


!-- Set the privileged mode !-- and Telnet password on the switch. configure terminal hostname RADD2 enable password randy line vty 0 4 login password ash exit no logging console exit !-- Set the IP address and default gateway for VLAN1 for management purposes. configure terminal int vlan 1 ip address 10.10.10.2 255.255.255.0 exit ip default-gateway 10.10.10.1 end !-- Set the VTP Mode. !-- In our example, we have set the mode to be transparent. !-- Depending on your network, set the VTP Mode accordingly. !-- For details on VTP, !-- refer to !-- Configuring VTP, VLANs, and VLAN Trunks on Catalyst 2900XL and 3500XL Switches. vlan database vtp transparent !-- Adding VLAN2. VLAN1 already exists by default. vlan 2 name VLAN002 exit !-- Enable trunking on the interface fastEthernet 0/1. configure terminal int fastEthernet 0/1 switchport mode trunk !-- Enter the trunking encapsulation as either isl switchport trunk encapsulation isl !-- In case of 2950 switches, none of the above two commands are used, !-- 2950 switches only support 802.1q encapsulation which is configured automatically, !-- when trunking is enabled on the interface by using switchport mode trunk command. !-- In case of dot1q, you need to make sure that !-- the native VLAN matches across the link. !-- On 3512XL, by default, the native VLAN is 1. !-- Depending on your network needs, you may change !-- the native VLAN to be other than VLAN1, !-- but it is very important that you change the native VLAN !-- on the router accordingly. !-- You may change the native VLAN, if needed, by using the following command: !-- 3512xl(config-if)#switchport trunk native vlan <vlan ID> !-- Allow all VLANs on the trunk. switchport trunk allowed vlan all

(Continued Switch VLAN Config) exit !-- The following set of commands will place FastEthernet 0/2 !-- into VLAN2 and enable portfast on the interface. int fastEthernet 0/2 switchport access vlan 2 spanning-tree portfast exit !--Adding another host to vlan 2 to simulate RouterSim CCNASim 3.2 Lab 6.14. int fastEthernet 0/4 switchport access vlan 2 spanning-tree portfast exit !-- FastEthernet 0/3 is already in VLAN1 by default.

!-- Enable portfast on the interface. int fastEthernet 0/3 spanning-tree portfast exit !--Adding another host to vlan 2 to simulate RouterSim CCNASim 3.2 Lab 6.14. int fastEthernet 0/5 spanning-tree portfast exit exit !-- For details on why to enable portfast, !-- refer to: !-- Using Portfast and Other Commands to Fix Workstation Startup Connectivity Delays. !-Remember to save the configuration. write memory

Bibliography

American National Standards Institute. ANSI. Retrieved September 14, 2003 from the World Wide Web: http://www.ansi.org/ 1. 2. 3. 4. AS. Red Hat. Retrieved September 17, 2003 from the World Wide Web: http://www.redhat.com/software/rhel/as/ B/W Hawk-Eye Recessed Dome. CCTV. Retrieved Aug 29, 2003 from the World Wide Web: http://www.123cctv.com/cctv/interior-security-cameras.html Cisco Systems Inc. (2001). Cisco Network Academy: Second-Year Companion Guide. Second Ed. Indianapolis: Cisco Press Cisco 1000Base-SX SFP. Cisco Systems. Retrieved September 23, 2003 from the World Wide Web: http://www.cisco.com/en/US/products/hw/modules/ps5000/ps5248/index.html Cisco 1000Base-T SFP. CDW. Retrieved September 13, 2003 from the World Wide Web: http://www.cdw.com/shop/products/default.aspx? EDC=525142 Cisco 2600 Series Modular Access Routers. Cisco Systems. Retrieved September 27, 2003 from the World Wide Web: http://www.cisco.com/en/US/products/hw/routers/ps259/products_data_sheet0 9186a00801761b1.html Cisco 3600 1-port T-1 CSU/DSU WAN Interface Card. CDW. Retrieved September 15, 2003 from the World Wide Web: http://www.cdw.com/shop/products/default.aspx?ProductID=20979 Cisco 3600 Series Multiservice Platforms. Cisco Systems. Retrieved September 27, 2003 from the World Wide Web: http://www.cisco.com/en/US/products/hw/routers/ps274/prod_brochure09186a 0080091b7c.html Cisco 3700 Series Multiservice Access Routers. Cisco Systems. Retrieved September 27, 2003 from the World Wide Web: http://www.cisco.com/en/US/products/hw/routers/ps282/products_data_sheet0 9186a008009203f.html Cisco Catalyst 2970 Series Switches. Cisco Systems. Retrieved October 5, 2003 from the World Wide Web: http://www.cisco.com/en/US/products/hw/switches/ps5206/products_data_she et09186a0080197384.html

5.

6.

7.

8.

9.

10.

11.

Cisco Catalyst 3750G-12S Switch. Cisco Systems. Retrieved September 21, 2003 from the World Wide Web: http://www.cisco.com/en/US/products/hw/switches/ps5023/ps5469/index.html Cisco Catalyst 6500 Series IDS Module. Cisco Systems. Retrieved October 2, 2003 from the World Wide Web: http://www.cisco.com/en/US/products/hw/modules/ps2706/products_data_she et09186a008019ab18.html Cisco Catalyst 6500 Series Switches. Cisco Systems. Retrieved October 4, 2003 from the World Wide Web: http://www.cisco.com/en/US/products/hw/switches/ps708/products_quick_refe rence_guide09186a00800923c3.html Cisco Network Modules. Cisco Systems. Retrieved September 28, 2003 from the World Wide Web: http://www.cisco.com/en/US/products/hw/modules/ps2797/products_data_she et09186a008017dc22.html Cisco PIX 535 Firewall. Cisco Systems. Retrieved August 25, 2003 from the World Wide Web: http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/ps2119/index.html Cisco SFPs. Cisco Systems. Retrieved September 23, 2003 from the World Wide Web: http://www.cisco.com/en/US/products/hw/modules/ps5000/products_data_she et09186a008014cb62.html Citrix MetaFrame. MediNotes. Retrieved September 21, 2003 from the World Wide Web: http://www.medinotes.com/citrix.htm Cluster. Oracle. Retrieved August 18, 2003 from the World Wide Web: http://www.oracle.com/ip/index.html?rac_home.html Clustering. Microsoft. Retrieved August 17, 2003 from the World Wide Web: http://www.microsoft.com/windowsserver2003/technologies/clustering/default. mspx

12.

13.

14.

15.

16.

17. 18. 19.

21. Clustering. Red Hat. Retrieved September 6, 2003 from the World Wide Web: http://www.redhat.com/software/rha/cluster/ 22. Easy Migration to Gigabit Ethernet over Copper. Cisco Systems. Retrieved September 5, 2003 from the World Wide Web:

http://www.cisco.com/en/US/products/hw/switches/ps646/products_white_pap er09186a008009268a.shtml 23. 24. Electronic Industries Alliance. EIA. Retrieved September 14, 2003 from the World Wide Web: http://www.eia.org/ Environmental Monitoring. APC. Retrieved October 12, 2003 from the World Wide Web: http://www.apcc.com/products/family/index.cfm? id=47&type=typea Environmental Monitoring SmartSlot Card. APC. Retrieved October 10, 2003 from the World Wide Web: http://www.apcc.com/resource/include/techspec_index.cfm? base_sku=AP9612TH&language=en&LOCAL.APCCountryCode=US Equipment Layout Assistance. CPI. Retrieved October 5, 2003 from the World Wide Web: http://www.chatsworth.com/Support/Equipment_Layout_Tech.htm 5e LAN. Mohawk/CDT. Retrieved September 3, 2003 from the World Wide Web: http://www.mohawk-cdt.com/prod/lan-8-1.html Hardware. Insight. Retrieved September 17, 2003 from the World Wide Web: www.insight.com Infrastructure Type A Components. APC. Retrieved October 12, 2003 from the World Wide Web: http://www.apcc.com/products/infrastruxure/typea_comps.cfm KVM Switch. APC. Retrieved October 12, 2003 from the World Wide Web: http://www.apcc.com/products/family/index.cfm?id=63 Microsoft Licensing. Microsoft. Retrieved October 5, 2003 from the World Wide Web: http://www.microsoft.com/windowsserver2003/howtobuy/licensing/default.msp x#pricing NetShelter Configure-to-Order. APC. Retrieved October 10, 2003 from the World Wide Web: http://www.apcc.com/products/netshelter/configure_to_order.cfm Network Security. Chapter 13 Network Security Handout. Pgs. 411-441 Received August 2003

25.

26.

27. 28. 29.

30. 31.

32.

33.

34. 35. 36. 37. 38. 39.

NetZoom. Altima Technologies. Retrieved September 3, 2003 from the World Wide Web: http://www.altimatech.com/home/index.php?mid=0 Notebook Security. APC. Retrieved October 12, 2003 from the World Wide Web: http://www.apcc.com/products/family/index.cfm?id=112 Product Documentation. Cisco Systems. Retrieved September 5, 2003 from the World Wide Web: http://www.cisco.com/univercd/home/home.htm Software. Softchoice. Retrieved October 2, 2003 from the World Wide Web: http://www.softchoice.com/ System Solutions. CPI. Retrieved October 5, 2003 from the World Wide Web: http://www.chatsworth.com/Support/Equipment_Layout_Tech.htm Technical Support Access Lists. Cisco Systems. Retrieved October 7, 2003 from the World Wide Web: http://www.cisco.com/pcgibin/Support/browse/psp_view.pl?p=Technologies:ACCESSLIST_ARP_BOOT_DHCP&viewall=true Telecommunications Industry Association. TIA. Retrieved September 14, 2003 from the World Wide Web: http://www.tiaonline.org/ Terminal Services. Microsoft. Retrieved August 18, 2003 from the World Wide Web: http://www.microsoft.com/windowsserver2003/technologies/terminalservices/d efault.mspx Washington Elementary School District. WESD Online. Retrieved August 15, 2003 from the World Wide Web: http://www.wesd.k12.az.us/ Windows 2003. Microsoft. Retrieved August 17, 2003 from the World Wide Web: http://www.microsoft.com/windowsserver2003/default.mspx

40. 41.

42. 43.