Homework #3 Wireless Network for ABC Corporation Overview This assignment is for you to complete a wireless network design for a small company. You will place a number of network elements on the diagram and label them appropriately. A network diagram is important to communicate the design features of a network between network administrators, system administrators and cyber-security analysts. It helps to create a shared mental model between these different technologists, yet each will have their own perspective on what is important to have documented on the diagram. Please review a description of ABC Corporation’s network resources and how they are allocated. ABC Corporation’s Network Description ABC Corporation is a small business in the heart of Central Pennsylvania. They provide services to their clients all over the region. The three-story main office building is where all of the employees report to work each day. There are no remote users. ABC Corporation is a very traditional business. While they have a computer network and are connected to the Internet, they aren’t very fancy and don’t yet have a need for telecommuting, wireless networks or smart phones. All of their computers are desktop machines and are connected with wired Ethernet connections. All of the network wiring is CAT-6 twisted pair wiring that goes from the office location to a wiring closet. There is one wiring closet on each floor. Each closet is connected to the basement wiring closet via fiber. There are several departments of the company. The administrative office has 10 employees including the CEO, executive Vice-President, a human resources manager, and several assistants and secretaries. The finance office has 15 employees. Both of these divisions are on the third floor. The second floor has the Sales and R&D departments. There are a total of 20 employees in the Sales Department and includes sales executives and assistants. All of the sales department personnel have laptop computers, but they are still connected via the wired network. The R&D department has 10 engineers who have two computers each – one in their office and one in their lab spaces. The first floor has the shipping/receiving department, manufacturing department and the receptionist. The receptionist shares a computer with the night watchman, since they work opposite shifts. There are 20 people in manufacturing, but they only use 3 computers to enter their production details into the company’s ERP system. The shipping/receiving department has six people, each with a computer that connects to UPS, Fedex and USPS systems, prints packaging labels and shipping documents. There is IST 220 – World Campus Page 2 Homework #3 also a conference room/training room on the first floor with a multimedia system that includes a podium computer, projector and all of the bells and whistles. The basement houses the maintenance department, information technology and the mail room. The mail room clerk doesn’t use the computers at all. The two maintenance workers have computers at their desks that they use to enter reports of work performed. The IT Department has seven employees, each with a desktop computer. They also manage the server farm, which includes two domain controllers, one print server, one mail server, one database server, one internal web server, one external web server (on the DMZ interface of the firewall), a file server, a special server for the ERP system, and a backup server. Add Wireless Network Access Points Each floor, with the exception of the basement (the basement does not need wireless), needs to have two wireless access points, one for the north end of the building, and the other for the south. However, the wireless access points will overlap in the middle of the building, so you need to pick different wireless network channels for each end. On the first floor, there should be an additional wireless access point in the conference room for guests. The “guest” network should have a different SSID than the company’s wireless network. It should be configured to allow anyone to connect, with a password. The password will be provided by the receptionist to any visitors and will be changed each week. The company wireless network should be configured to have the same SSID on all of the wireless network access points (but different from the “guest” network). It should be configured with WPA-2 Enterprise with AES and should be connected to the company’s servers for authentication (Windows Server with RADIUS server enabled for the Active Directory). Note: You might want to review http://www.windowsnetworking.com/articles-tutorials/windowsserver-2008/Setting-up-Wi-Fi-Authentication-Windows-Server-2008-Part1.html to see how to configure Windows Server to handle the authentication for the access points. Place your network access points on your network diagram you did for Homework #2. Segment the wireless network separately from the wired network so that it is on its own subnet. Segment the visitor wireless network so it’s on its own subnet, separate from both the wired network and the company wireless network. Label each access point with its own IP address and basic configuration. Each device should have its own name, IP address and should list its configuration in terms of encryption protocol (TKIP, AES, 3-DES or None) and authentication protocol (WPA, WPA-Enterprise, WPA2-Enterprise, WPA-2, WEP, etc, none, etc). Identify the SSIDs that are used for each device. IST 220 – World Campus Page 3 Homework #3 Place the wireless access points in the building. Use a building floorplan similar to this one: http://www.architecturenewsplus.com/projects/2668 Create a Network Diagram Your network diagram needs to include the following elements: • Each Wireless Access Point (WAP) • Each WAP’s critical configuration details – name, IP address, SSID, connection protocols, encryption protocols and wireless channel. • The Windows authentication server – including name, IP address, and important configuration details • Additional switches and connections between the building’s floors to establish the network(s). • IP Address ranges that will be assigned to network devices when they join the wireless networks Network Documentation Your network design document needs to explain each of the elements in your wireless network design. Explain how you segmented your wireless network from other parts of the network. Describe what security settings you might want to implement in your router. Describe the reason for the number of access points that you need on each floor. What to Turn In Turn in your Visio Diagram (.vsd/.vsdx) that includes your entire network. You also need to turn in a .doc/.docx file that explains your network diagram elements. Include snapshots from your network diagram in your .doc/.docx file – and annotate your diagram snapshots to better help your explanation of your network.