Task 1: Network Designs
Your line manager wants you to provide detailed network designs for the primary and secondary business sites of
the company using the provided office floor plans as a guide. The customer has provided the following specifications
for the network.
Network Specifications: Primary business site
• Office 1 should be used as the Communication Room (comms room)
• There should be at least 15 workstations which must include one for the reception and
conference room respectively.
• Three of the workstations should be running Linux OS i.e. Debian & Ubuntu LTS versions.
• In the comms room, there is a need for at least one hardware firewall to be connected to the
border router and the main router should serve as the DHCP server.
• The network must have a DNS server, FTP server, and at least two 24-port switches.
• Most core network devices should be in the comms room. They will need racks. It is expected
that most of the networking infrastructure should be stored in the same room unless in
• The LAN must be 100% redundant in the case of a single point failure. Redundancy is critical.
In the case that one of the circuits fails the other one must be up and able to warn for backup.
• There must be a Backup server and Print server.
School of Physics, Engineering and Computer Science
• You are expected to choose your network devices sensibly i.e., a carrier-class router should
not be used when you only need an enterprise-class router.
• You must consider scalability for future network expansion.
• Your network must have four VLANs which should be named Management, IT Support,
Human Resources, and Sales Team.
• The workstations required for each VLAN are as follows: Management (3), IT support (3) Human
Resources (3), and Sales Team (6).
• VLAN Routing must be enabled to ensure that workstations in the different departments can
communicate with each other.
• Your network must have at least one Layer 3 switch, to ensure devices that are on the same
subnet or virtual LAN connect at lightning speeds.
• The main server required for network administration must be Linux-based (i.e., Debian or
• The main router must have an access control list enabled to block the following UDP & TCP ports: MS
RPC (135), Syslog (514), IRC – TCP ports 6660-6669, and SNMP (161 -162).
• You must also provide a brief description of the network devices or software needed. For
example, Server OS or VM technologies.
• There is a 10G SFP+ transceiver connection that will need to be connected to an ISP provider
router. This connection comes to the comms room from the ISP’s building.
Network Specifications: Secondary business site
• The secondary business site is a bit smaller than the main site with only five rooms.
• One of the rooms should be a comms room with at least one hardware firewall to be connected to the border
router. This border router must be able to communicate with the border router of their main office premises
via their respective ISPs or using a VPN.
• The comms room should have the main router which can serve as a DHCP server and at least one 24-port
switch. Note: The main router serving as a DHCP server is not a compulsory requirement for this site.
The workstations IP configuration can be configured manually if you want that option, however, testing must
show that all devices can communicate with each other.
• The main router must have an access control list enabled to block the following ports: TFTP (69) &
NETBIOS/IP 137 – 139.
• Most devices should be in the comms room and the LAN must also be 100% redundant.
• Each office and the reception area are equipped with 1 desktop PC and all PCs can connect to a
• The PCs in the secondary site should be able to communicate with PCs on the main site.