首页 > 其他分享 >Fundamentals of Networks and Security – 4CM507

Fundamentals of Networks and Security – 4CM507

时间:2024-06-15 13:10:25浏览次数:30  
标签:network Fundamentals IP 4CM507 10% will design Security your

Fundamentals of Networks and Security – 4CM507

Contents

Module Leader

Key dates and details

Description of the assessment

Assessment Content

Background:

Case study - Local Area Network Design:

Compliance with Requirement

Introduction

General requirements and IT usage

LAN Segregation Requirements

Physical layout of the site

Your Deliverable – A report detailing your proposed solution

Required report sections (see the assignment template for more detail)

Introduction

Proposed Design

Logical connection, IP addressing

Summary

References

Assessment Rubric / Marking

Anonymous Marking

Assessment Regulations

Discussion

 

Module Leader

Dr James Hardy

j.hardy@derby.ac.uk (preferred contact method)

MS310, Markeaton Street Campus

Tel: 01332 591732

Key dates and details

 

Assessment Type:

Individual

Design Report

Assessment weighting:

35%

Word count/Length

The ABSOLUTE MAXIMUM word count is 3000 words, excluding references. Note that the total of the recommended maximum word counts for each section is greater than the document total, this is to ensure that you do not exceed the overall word count without completing all sections. Work is to follow a supplied template.

Learning Outcomes:

 1. Articulate a critical awareness of the fundamental concepts of network construction and operation.

2. Apply basic principles of network design and tools for small campus networks.

Submission Method:

Turnitin Assignment

Submission Date:

12:00 MIDDAY UK time, MONDAY 15 Jan 2024

Provisional Feedback Release Date:

16:00 UK time, Friday 16 Feb 2024 (extended time due to module size)

 


Description of the assessment

You are provided with a hypothetical networking scenario. Whilst the scenario is hypothetical and not based on any existing supplier, customer or network design, the concepts covered are real and encountered by network designers on an almost daily basis.

The aim of this assessment is for you show your understanding of fundamental network concepts to design a basic IPv4 based network that will satisfy the scenario.

To achieve this aim, you will need to complete the following objectives:

  1. 1) Understand and explain the function of fundamental network devices including firewalls, routers, switches and wireless access points
  2. 2) Understand the use case, advantage and disadvantages of various types of communication media
  3. 3) Create a logical network diagram showing the interconnection and interaction between network devices and terminal equipment  
  4. 4) Modify a physical building layout diagram to indicate the location of equipment and interconnection systems
  5. 5) Understand IP addressing, address division and address allocation methods
  6. 6) Understand the basic advantages and disadvantages of network scaling

 

Assessment Content 

 

Background / scenario:

You are employed by a Networking Consultancy who design and implement networks for multiple clients. Your department of the consultancy provides general design and layout services.

Physical installation of equipment cabinets, equipment, cabling and containment will be completed by an external contracting company who will install exactly to your instructions.

The configuration of the networking equipment will be conducted by a separate external contractor who provides Technical Configuration Services. They will configure the equipment that you specify and that has been installed by the contract installation company under your instructions.

You need to complete the missing information in a report that supports the lead network engineers who are designing a local area network for the given scenario (please find more details in the case study section which you should read entirely). The Network Engineering Team have completed the majority of the work but require assistance with some of the detail and explanation.

Note for absolute clarity: The scenario and organisations are totally fictitious and have no relationship to any organisation either past or present with the same or similar name. Do not waste time or effort attempting to identify any real organisation.

For the introduction to the assignment, use only the information that has been provided in this specification.

 

Case study - Local Area Network Design:

 

Compliance with Requirement

 

This document has been prepared on behalf of the client, Kedleston University. This is a new building without a previous network installed. The client has conducted an extensive internal review and has defined their requirements. These requirements are fixed and not negotiable however the client will consider any informed advice offered by the designers for incorporation into a revised specification. The fabric of the building layout cannot be changed.

Introduction

The LAN will form a central part of the Information Technology strategy. It is expected to be fully operational for at least the next five years.  Any and all networking components must be available as new spares during the lifetime of the network.

The proposed solution should cover all points mentioned in this document and will consist of diagrams and tables with short descriptions of key points.

 

General requirements and IT usage

 

Each member of staff in the school will be allocated a desktop machine running Windows 11. This will be a standard system provided by a contract supplier. You are not required to provide hardware or software specifications for the machines, you are only required to provide a network connection for each device.

Lecturers will also be provided with laptops or other mobile devices that will be able to connect to the network anytime and anywhere within the campus. Students will be allowed to use the wireless network to access publicly available content using their own laptop or other devices.  

The school currently consists of staff offices and 6 computing laboratories, the layouts of which are shown in this document, the layouts are not to scale. Each member of staff and each student position will require a hardwired network connection point to attach a desktop workstation. The PC and patch cables will be provided by the University IT team once the network installation is complete.

A number of network attached dedicated hardware servers will also be provided and installed by the University IT team after the network installation. These will provide directory services, DHCP, DNS, Email, intranet, print services and database services. Once again, you are not required to provide hardware or software specifications for the machines, you are only required to provide a network connection for each device. The network design must include a location and connection method for the servers.

The network should provide flexible connectivity options throughout the site for a wide range of end systems including printers, host computers and fileservers. It should also be capable of supporting streaming content as well as voice and video communications over the LAN. The design must consider potential future requirements of increased user numbers, higher traffic loads and developing technology.

The LAN should be resilient, secure and cost effective.

 

LAN Segregation Requirements

 

The staff will be sharing the same physical network infrastructure. The network will provide access to external email and the general Internet for every attached workstation.

Each department / functional area will be a functional LAN broadcast environment, logically separated using IP subnets. The design must clearly show how the LANs will be able to interact with each other. Where inter-LAN communication restrictions are required, these will be implemented by University IT staff after the network handover.

For the sake of clarity, logical separation means that each of the departments / functional areas has its own IP subnet.

As part of this project, you will be required to create a table of IPv4 network address information based on a range provided by the client and included in the template.

 

 

General Staff

General staff are mainly lecturers and teaching assistants. The number of staff in each office is illustrated in the site layout. Each lecturer will have their own workstation with logical access to necessary servers including file storage and print servers. The General Staff network is logically separated from all other networks.  

Administrative staff

The admin team provides support to the lecturers and students. They also have a workstation with logical access to necessary services including file and print. The Administrative Staff network is logically separated from all other.  

Student Laboratories

The number of desk positions for the six student labs is known however the final layout is not yet defined. The requirement for the labs is to provide adequate connectivity and explain how a number of different layouts could be accommodated without causing trip hazards or other Health and Safety concerns.

The labs are split into five subject areas for Networks, Computer Science, Computer Games, Digital Forensics and Cyber Security. Each subject area network is logically isolated from all other networks but has access to the file and print services.

Technicians

Each technician has a desktop PC. The technicians network is logically isolated from all other networks but will need to have logical access to all networks for maintenance and support.

The technicians will need physical access to networking equipment as and when required. The technician’s area has a large storeroom which, although currently unoccupied, has multiple power connections available and an installed key card locking system.

Guest Network

A guest network is required for visiting clients to access the network from their mobile devices. Visitors will have secure and monitored connectivity to the Internet but will be denied access to the majority of the internal networks. This restriction will be implemented by the University staff.

 

Physical layout of the site

The diagrams below show the physical arrangement of the rooms over two floors. The diagrams are not drawn to scale but do suffice to illustrate the layout. It will be reasonable to assume that no room will be larger than 15m x 15m x 4m. The height of 4m includes a 1m ceiling void above the false ceiling height. The diagrams are shown in Figure 1 and Figure 2 at a reduced size and replicated full size in the template file.

The number in brackets indicates the number of people that will occupy the room.

 

Logical addressing – the IP address table

The number of physical connections in any network does not directly relate to the number of logical addresses required in that network. You are given a list of required numbers of IP addresses for each network, you should design an allocation table that uses the minimum number of addresses that will satisfy the requirements.

Figure 1: Ground floor layout

Figure 2: First floor layout

On completion, the final installation will be professional in appearance and allow for future changes including expansion with minimal service disruption and at minimal cost.

 

Your Deliverable – A report detailing your proposed solution

You have been provided with a template report structure. The template contains clarification of the requirements in each section.

This assignment is not a test of what you remembered from the lectures, it is a test of your ability to utilise the information that you possess in order to expand your knowledge and capability.

Researching information and validating understanding is not a failure in your abilities, far from it. Researching proves your interest and intent to succeed academically and commercially.

Your finished proposal must satisfy the requirements and be professional in appearance.  

Your report explains your work, this is the item that is marked, if you do not explain clearly then any work completed will be in vain. The report should explain what you are doing, why, provide the technical detail of the solution, summarise the solution and justify the content.

 

Required report sections (see the assignment template for more detail)

 

Introduction

A brief summary of the requirements. State the salient points that make this report specific to your client, showing that you have read and understood their needs.

Proposed Design

Device selection, cabling and connectivity, logical topology, physical topology and device placement.

Logical connection, IP addressing 

Planning, Design and implementation of an IP addressing scheme

Summary

A brief summary of your proposal and what benefits the design will provide for the organisation

References

References are summaries of your research. The necessity to research information and validate your understanding is not a failure in your abilities, it proves your interest and intent to succeed academically.  

 

Assessment Rubric / Marking

 

As a general guide, the distribution of marks is shown in Table 1.

The full marking Rubric is shown in Table 2

Table 1: Distribution of marks

Element

Mark allocation per section %

Comments

Introduction

10% 

Quality of Overview.

Device selection

10%

Types of devices, correct use, realistic equipment.

Connectivity

10%

Discussion of Connection options and methods.

Logical Network design

10%

Logical topology diagram, components, layout and explanation.

Physical Network design

10%

Physical topology diagrams. Discussion of installation with justification, relationship to Logical Topology.

IP addressing Table

10%

IP addressing scheme for the customer requirements.

IP addressing benefits

10%

Discussion of LAN segmentation.

IP addressing methods

10%

Discussion of IP address allocation in the network.

Summary

10%

Summary of how this design meets the customer requirements

Presentation, Referencing

10% 

Choice of references and correct use of citation style. Quality of technical writing and presentation of work.

TOTAL

100%

 

 

 

Table 2: Marking Rubric

 

<10 %

<35%

35-39%

40-49%

50-59%

60-69%

70%+

Submission that you should aim for:

Intro

10%

No Intro included

Introduction copied from spec, irrelevant or invented

Intro does not clearly relate to project

Intro too brief or too long but includes one from customer name, number of users, number of floors

includes purpose of report and one from customer name, number of users, number of floors

includes purpose of report and two from customer name, number of users, number of floors

includes purpose of report, customer name, number of users, number of floors

Succinct and very specific to the project, makes the client believe that they are your only customer

Device selection

10%

No devices discussed

Clear lack of understanding of component functions

Some devices discussed, most explanations are incorrect.

No specific components identified

Explanation of use / function of some components is unclear or not correct

Explanation of use / function of components is correct

Explanation of use / function of components is correct. Some specific devices identified but are inappropriate

All components used are appropriate and specific. Explanation of use / function of components is correct

All components used are appropriate and specific Confirmed as currently available and representing value for money.

Connection methods

10%

No connection methods discussed

Connectivity media is not understood evidenced by inappropriate basic choices

Two or less generic media discussed. No mention of standards.

Two or less generic media discussed. Some mention of standards. Lack of understanding means that some stated media is unsuitable for the project.

Three generic media discussed. Some standards cited. Lack of understanding means that some stated media is unsuitable for the project.

Three generic media types discussed. Relevant ieee standards identified. All media discussed is suited to project.

References are identified

Specific media discussed including ieee standards. All media discussed is current and suited to project.

Specific media discussed including standards. Actual figures stated for transmission speed and distance including tradeoff of speed vs distance, distance where appropriate.

Logical Network design

10%

No logical design or discussion included

Unprofessional diagram, unreadable, freehand drawn or annotated

Unrealistic design due to incorrect equipment or discontinuities in the network

Achievable but impractical network design. Unclear data paths.

Achievable design but likely to be uneconomical due to significant overuse of redundant equipment or connections for size of network

Practical design, with explanation. May be missing features including redundancy, security, external connections

Practical realistic design, with explanation.  Meets requirements and offers a value for money solution.

Practical realistic design. Theory of operation explained

Fully costed solution. Consideration of maintenance and warranty.

Professionally created diagrams.

Physical Network design

10%

No physical diagram included

Unrealistic, unclear or unachievable layout. Unprofessional diagram, freehand drawn or annotated.

Potentially achievable design but no discussion of layout requirements, restrictions or installation limitations

Clear but impractical design. Presentable diagram.

Clear and practical design but not complete. Presentable diagram but does not fully represent the Logical network.

Clear and practical design. Presentable diagram, identifies all aspects of the Logical network.

Professional diagram with clear explanation notes where necessary. Practical and effective layout. Discussion identifying all potential areas of concern

Fully annotated professional diagram produced on dedicated software package. Clear definition of installation materials. Justified explanation of design aspects

IP address scheme

10%

No addressing scheme present

Allocation of IP addresses fundamentally incorrect. Obvious lack of understanding or IP range does not match requirement

IP allocation attempted but subnetting is not understood resulting in incorrect range of addresses  

The address space was subnetted, however, there are errors such as some incorrect masks or addresses

Fixed length subnetting used. Scheme is functional but may contain some minor.

Totally correct fixed length subnetting used, functional and without errors

IP addressing mostly / all correct using VLSM. Some minor errors may be present.

A completely correct VLSM scheme which meets the design requirements with no mistakes or errors.

IP addressing benefits

10%

No discussion of LAN segmentation

Superficial discussion without identifying any major benefit

Some benefits identified but lack of referencing indicates this to be prior assumed knowledge

Some benefits identified, poor quality references indicate an attempt to justify prior assumed knowledge.

One or two benefits identified from low quality reference sources.

One or two benefits identified from good quality reference sources.

Three or more significant benefits identified from suitable reference material

Clear, concise and justified discussion of the three areas given in the assignment

IP addressing allocation methods

10%

No IP address allocation methods considered

Discussion is not relevant e.g. discussing allocation of specific IP address rather than allocation methods

Less than three allocation methods identified but without supporting discussion

Less than three allocation methods identified, discussion not supported by referencing

Less than three methods identified. Poor quality references indicate an attempt to justify prior assumed knowledge.

Less than three methods identified. Discussion supported by suitable reference material.

Three or more methods identified. Discussion supported by suitable reference material.

Clear, concise and justified discussion of the main methods of address allocation

Summary

10%

No summary provided

Incorrect audience: Summary is written as a conclusion to the report rather than a summary of the proposed design solution

Summary does not clearly explain the benefit of the design

Explains design intent

Explains design intent and either theory of operation or choice of equipment and connectivity

Explains design intent, theory of operation and choice of equipment and connectivity

Explains design proposal, choice of components, network operation with minimal technical detail.

Fully formed executive summary of the proposal including benefit of design. Thanks client for opportunity. No technical detail.

Presentation / Referencing

10%

Incomplete submission, sections missing, failed to follow requirements, no referencing

Poor submission, all headings present but not all content.

Poor English and grammar.  No references provided

Poor presentation and layout.

No captions for tables or diagrams

Weak submission, all sections completed but with minimal detail

Submission is complete but has poor presentation, 2 or more from:

1) Poor English and grammar, would benefit from rewriting.

2) No references provided

3) Poor presentation and layout.

4) Missing or incorrect captioning

Moderate issues, 2 or more from:
1) Level of grammar of English requires significant improvement.
2) Very few references provided, poor quality sources.
3) Harvard referencing incorrect.
4) Poor presentation and formatting.

Minor issues, 1 or 2 from
1) Level of grammar and English needs some improvement.
2) Number and quality of references needs improving.
3) Harvard referencing in wrong place or incorrect format.
4) Presentation and formatting could be improved.

Good set of relevant references. Harvard referencing used correctly. Good level of English and grammar. Well-presented and laid out.

Excellent range of up-to-date references, clear evidence of academic reading. Harvard referencing used correctly. Highly original work. Well-written, with a good level of English and grammar. Excellent presentation.

 

 

 

 

Anonymous Marking

 

Submissions in Turnitin and Blackboard

You must submit your work using your student number to identify yourself, not your name. You must not use your name in the text of the work at any point. When you submit your work in Turnitin you must submit your student number within the assignment document and in the Submission title field in Turnitin. A video showing how to do this can be found here (link)

Assessment Regulations

The University’s regulations, policies and procedures for students define the framework within which teaching and assessment are conducted. Please make sure you are familiar with these regulations, policies and procedures.

 

Discussion

 

The topic of each element of this assignment will be discussed over the semester. Do not expect to be given the answers to each section for you to copy down, you will need to understand the information that you are given and, with additional research, apply it.

We will cover most areas in more detail in the tutorial sessions where you will be free to ask questions and discuss alternatives. Remember that the tutorial sessions are not recorded.

Please consider carefully that this assignment will be marked against the Rubric, do not be tempted to answer questions that have not been asked or to add your own style.

 

 

 

 

标签:network,Fundamentals,IP,4CM507,10%,will,design,Security,your
From: https://www.cnblogs.com/qq99515681/p/18249220

相关文章

  • 鸿蒙开发文件管理:【@ohos.securityLabel (数据标签)】
    数据标签该模块提供文件数据安全等级的相关功能:向应用程序提供查询、设置文件数据安全等级的JS接口。 说明: 本模块首批接口从APIversion9开始支持。后续版本的新增接口,采用上角标单独标记接口的起始版本。导入模块importsecurityLabelfrom'@ohos.securityLabe......
  • 【第七篇】SpringSecurity核心组件和核心过滤器
    一、SpringSecurity中的核心组件在SpringSecurity中的jar分为4个,作用分别为jar作用spring-security-coreSpringSecurity的核心jar包,认证和授权的核心代码都在这里面spring-security-config如果使用SpringSecurityXML命名空间进行配置或者SpringSecurity的<br......
  • COSC2531 Programming Fundamentals
    Programming Fundamentals (COSC2531)FinalCodingChallengeAssessmentType Individual assessment (no group work).SubmitonlineviaCanvas/Assignments/FinalCodingChallenge.Marksareawardedperrubric(pleaseseetherubricon Canvas). Cla......
  • 【第三篇】SpringSecurity请求流程分析
    简介本篇文章主要分析一下SpringSecurity在系统启动的时候做了那些事情、第一次请求执行的流程是什么、以及SpringSecurity的认证流程是怎么样的,主要的过滤器有哪些?SpringSecurity初始化流程1.加载配置文件web.xml当Web服务启动的时候,会加载我们配置的web.xml文件web.xml......
  • springboot3项目的搭建四.3(security登录认证配置)
    security的jwt验证:总体来说,我们加入依赖项,security就已经开始生效了,但是使用的默认的UserDetails和UserDetailsService,一、我们只要继承UserDetailsService,在数据库中查询用户和权限列表,封装成UserDetails的实现类,返回就可以实现,security验证的接管,最多在security配置类中,放行......
  • 宝塔 nginx 安装 ModSecurity 模块
    本文基于modsecurity,ubuntu系统nginx搭建环境,需要先安装modsecurity,再编译安装nginx它是一款开源的的三方模块,功能包括http流量日志,实时检测等功能。ModSecurity核心规则集(CRS)提供以下类别的保户来防止攻击。官方宣传:◆HTTPProtection(HTTP防御)-HTTP协议和本地定义使用的......
  • 关于Spring Security的CORS
    目录一、CORS是什么二、同源安全策略三、SpringSecurity中CORS的开启四、其它处理方法一、CORS是什么        CORS(Cross-OriginResourceSharing,跨源/域资源共享)是一个W3C标准,一种允许当前域(domain)的资源(比如html/js/webservice)被其他域(domain)的脚本(比如AJ......
  • 什么是SpringSecurity的认证与授权?
    在SpringSecurity框架中,认证(Authentication)和授权(Authorization)是两个核心概念,它们是实现应用安全的基石。虽然这两个术语通常一起使用,但它们描述的是两个不同的安全过程。认证(Authentication)认证是确认某个用户的身份的过程。简而言之,认证过程是用来验证用户是否是......
  • SpringSecurity如何自定义用户认证逻辑?
    在SpringSecurity中自定义用户认证逻辑通常涉及到实现你自己的UserDetailsService或使用自定义的AuthenticationProvider。下面是通过这两种方式自定义用户认证逻辑的基本演示:使用UserDetailsService自定义UserDetailsService是SpringSecurity用于从数据库、L......
  • spring security中对并发登录的处理
    本文记录的springsecurity中对并发登录的处理,是基于使用session进行登录的场景,并且只适用于单体部署的场景一、session管理策略接口SessionAuthenticationStrategy针对同一个账号多次登录的问题,springsecurity抽象出了一个接口来处理同一个用户的多个sessionpublicinterf......