Network Addressing and Security

II. Network Addressing and Security

A. Subnetting

Overview

Subnetting is a process of breaking a large network into small networks known as subnets. Subnetting happens when we extend the default boundary of the subnet mask. Basically we borrow host bits to create networks (i.e., subnets).

We have been assigned the network address 199.1.2.0. Based on the chart below, we know this is a Class C address. This is determined by observing the first octet of the IP address, which is 199. This octet falls in between 192 and 223.

Class Octet Decimal Range A 1 – 126 B 128 – 191 C 192 – 223

Each class has a predefined default subnet mask that tells us the octets, which are already part of the network portion, as well as how many bits we have available to work with.

Class Subnet Mask Format A 255.0.0.0 Network.Host.Host.Host B 255.255.0.0 Network.Network.Host.Host C 255.255.255.0 Network.Network.Network.Host

CIDR (Classless Inter Domain Routing)

CIDR is a slash notation of the subnet mask. CIDR tells us the number of on bits in a network address.

● Class A has default subnet mask 255.0.0.0. that means first octet of the subnet mask has all on bits. In slash notation it would be written as /8, means address has 8 bits on.

● Class B has default subnet mask 255.255.0.0. that means first two octets of the subnet mask have all on bits. In slash notation it would be written as /16, means address has 16 bits on.

● Class C has default subnet mask 255.255.255.0. that means first three octets of the subnet mask have all on bits. In slash notation it would be written as /24, means address has 24 bits on.

Technical Requirements

UMUC has not decided how they will use all of the physical space within the two new leased buildings. However, they have decided to use some of the space for a total of eight offices. Specifically, the initial setup will include four classrooms, one computer lab, one administrative office, one library, and one shared printer office.

Given the aforementioned scenario, we are going to use the 199.1.2.0 network and create a total of 8 subnets, with 25 hosts on each subnet. The chart below describes structures the scenario to include each subnet and required hosts.

Subnet Description Required Hosts Classroom 1 25 Computers Classroom 2 25 Computers Classroom 3 25 Computers Classroom 4 25 Computers Computer Lab 25 Computers Administrative Office 25 Computers Library 25 Computers Shared Printers 14 Printers

Using the How to Subnet a Network Video provided in CMIT 265 LEO – Content – UMUC Network Design Proposal, complete the following chart.

Proposed Subnet

Subnet Network Address Host Address Range Broadcast Address Subnet Mask: 255.255.255._____ Classroom 1 199.1.2.0 199.1.2.1 – 199.1.2.30 199.1.2.31 Classroom 2 199.1.2._ 199.1.2._ – 199.1.2._ 199.1.2._ Classroom 3 199.1.2._ 199.1.2._ – 199.1.2._ 199.1.2._ Classroom 4 199.1.2.96 199.1.2.97 – 199.1.2.126 199.1.2.127 Classroom 5 199.1.2.128 199.1.2.129 – 199.1.2.158 199.1.2.159 Classroom 6 199.1.2._ 199.1.2._ – 199.1.2._ 199.1.2._ Library Lab 199.1.2._ 199.1.2._ – 199.1.2._ 199.1.2._ Office Network 199.1.2._ 199.1.2._ – 199.1.2._ 199.1.2._

B. Firewall Implementation

Technical Requirements

In this section, you will assess UMUC’s technical requirements related to the firewall implementation. You will need to make assumptions where appropriate. When making assumptions, list each and make sure to justify the solution in the Justification section.

Proposed Network Security Hardware

This section should be used to provide the details of your proposed solution, based on the technical requirements and assumptions. Student should be specific when discussing the models, types, and costs.

Justification

This section should be used to justify your proposed solution based on the technical requirements and assumptions. C. Intrusion Detection System / Intrusion Protection System

Technical Requirements

In this section, you will assess UMUC’s technical requirements related to the intrusion detection system (IDS) and Intrusion Prevention System (IPS). You will need to make assumptions where appropriate. When making assumptions, list each and make sure to justify the solution in the Justification section.

Proposed Network Security Hardware

This section should be used to provide the details of your proposed solution, based on the technical requirements and assumptions. Student should be specific when discussing the models, types, and costs.

Justification

This section should be used to justify your proposed solution based on the technical requirements and assumptions.

D. DMZ Implementation

Technical Requirements

In this section, you will assess UMUC’s technical requirements related to the DMZ implementation. You will need to make assumptions where appropriate. When making assumptions, list each and make sure to justify the solution in the Justification section.

Proposed Network Security Hardware

This section should be used to provide the details of your proposed solution, based on the technical requirements and assumptions. Student should be specific when discussing the models, types, and costs.

Justification

This section should be used to justify your proposed solution based on the technical requirements and assumptions.

E. Physical Security Measures

Technical Requirements

In this section, you will assess UMUC’s technical requirements related to the physical security measures. You will need to make assumptions where appropriate. When making assumptions, list each and make sure to justify the solution in the Justification section.

Proposed Network Security Hardware

This section should be used to provide the details of your proposed solution, based on the technical requirements and assumptions. Student should be specific when discussing the models, types, and costs.

Justification

This section should be used to justify your proposed solution based on the technical requirements and assumptions.

F. Additional Network Security Measures

Technical Requirements

In this section, you will assess UMUC’s technical requirements related to the additional security measures. You will need to make assumptions where appropriate. When making assumptions, list each and make sure to justify the solution in the Justification section.

Proposed Network Security Hardware

This section should be used to provide the details of your proposed solution, based on the technical requirements and assumptions. Student should be specific when discussing the models, types, and costs.

Justification

This section should be used to justify your proposed solution based on the technical requirements and assumptions.

You may also like