ICT50220 ICTNWK562 Configure Internet Gateways

DEPARTMENT OF INFORMATION TECHNOLOGY  ICT50220 Diploma of Information Technology  Assessment ICTNWK562 Configure Internet Gateways Assessment Task 4022 Prepared by: Curriculum Unit, Melbourne Polytechnic   Course code and name ICT50120 Diploma of Information Technology Unit code and name ICTNWK562 Configure Internet Gateways Due date ….. / ….. / …… (See on Moodle) Resources required Ruijie Network Device Simulator RGOSV1.0 To Examination VMware Workstation Pro SecureCRT Speed Test Manager Acunetix RG Network Equipment Technical Documentations  Access to computer and internet  Decision making rules To achieve an overall satisfactory result for this assessment task: All questions must be answered satisfactorily Learners must achieve a satisfactory result for each item in the Assessment Checklist. Learner Instructions This is a scenario based lab project assessment composed of practical tasks and written questions. There are 4 parts to this task:  Part 1: Identify client requirements and network equipment Part 2: Security Features and Security Plan Part 3: Install and Configure a Gateway Part 4: Configure and Test Nodes For this task you will: Complete it individually. Write answers to all questions  Complete it in class at a time determined by your assessor.  Have time to read and review the assessment task in class.  You must submit your assessment electronically via Moodle and use the following naming convention: “Student ID_Student Name_ Assessment Task 4: Lab Project - Configure an internet gateway” Example:  “s123456_Sathish_ Assessment Task 4: Configure an internet gateway.pkt” “s123456_Sathish_ Assessment Task 4: Configure an internet gateway.docx” You must agree (by clicking on the ‘I confirm radio button) with the assessment submission terms and conditions in Melbourne Polytechnic Moodle prior to the submission   Scenario ABC is a start-up consulting company that has two departments in different floors. Each of the department has 20 employees. In order to conduct business well, an internal web server is needed to provide services to the employees and customers. It is required that all the employees can have access to the internet in the company. The bandwidth of the company's internal LAN is required to 代 写ICT50220  ICTNWK562 Configure Internet Gateways reach 1Gbps and the bandwidth of the internet is required to reach 10Mbps.  Your Role You work as a network engineer for ABC company and you have been given the task to design and build a safe, reliable, scalable and efficient network for the company.   Part 1– Prepare to configure internet gateways Step 1: Confirm work brief and tasks according to organisational policies and procedures. 1 What is your work brief and tasks according to the above scenario with reference to ABC Company’s Network Engineering Project Management Policies and Procedures?  [40-60 words] AnswerSatisfactoryUnsatisfactory work brief and tasks [40-60 words]   2 How will you conduct your work and tasks? Describe the work procedures. [40-60 words] AnswerSatisfactoryUnsatisfactory work procedures[40-60 words]   You need to identify the client's requirements and fill in the following section according to the above scenario and confirm that with your ABC manager. The key points to be confirmed are as follows: Advanced network structure is adopted to meet the needs of information transmission, storage and processing. Appropriate security measures are taken for the network. Proper network topology is planned and adopted. Network interconnection testing requirements should be satisfied. Other requirements should be considered and confirmed. Validation Checklist Project Network Design and Implementation for ABC Company Network Topology Type Security Measures Network Topology Planning Any Other Requirements Start Date Due Date Project Manager ABC Manger (signature)   Step 2: Assess system architecture according to work brief. 3 Assess the system architecture that you’ve confirmed with your client  from the aspects of network security, speed and functions.  [45-90 words] AnswerSatisfactoryUnsatisfactory 1 Network security [15-30 words]           AnswerSatisfactoryUnsatisfactory 2 Network speed [15-30 words] □ □   AnswerSatisfactoryUnsatisfactory 3 Network functions [15-30 words] □ □     Step 3: Select and source required configuration hardware, software and tools. The hardware and software components that are required for building ABC network are listed as following: Hardware Components Equipment Type Quantity Router RG-RSR20-X SERIES 1 Switch (Layer 3) RG-S5750-28GT4XS-H 1 Switch (Layer 2) RG-S2910-24GT4XS-E 2 Gateway RG-EG2000F 1 FIREWALL RG-WALL 1600-S3100 1 SERVER UDS-Serv 4000G20 1   Software Components Name Version Quantity Vmware Workstation Pro Vmware Workstation Pro 16 1 SecureCRT SecureCRT.8.5.4 1 Ruijie Network Device Simulator RGOSV 1.0 To Examination 1 Speed Test Manager V3.1.0 1 Acunetix V12 1   You need to install the software components and use Ruijie Network Device Simulator to build a simulated network according to the following topology diagram and indicate the type of each device in the topology, then install the hardware components according to the simulated network. For simplicity, only 5 PCs are required to be connected and configured in the simulated network.     4 Install the software component and build a simulated network according to the above topology and indicate the type of each device in the topology. Paste the screenshot in the following. AnswerSatisfactoryUnsatisfactory Screenshot of the simulated network with the indication of each device type     Step 4: Verify equipment specifications and confirm component serviceability. You need to verify the availability and reliability of the above equipment and provide the following screenshots: The availability and reliability of the equipment Euipment Screenshots of equipment startup Screenshots of equipment self-checking Switch (Layer 3)   Switch (Layer 2)   Gateway（R1）   Firewall   Server     Part 2– Determine security requirements Step 1: Analyse existing ISP security features. China Telecom, as one of the biggest ISP in China, provide the internet services for ABC company.  You need to analyse the security features of China Telecom and assess its ability to prevent data interception, data corruption and data falsification. 1 Analyse security features of China Telecom and assess its ability to prevent data interception, data corruption and data falsification. [60–100 words] AnswerSatisfactoryUnsatisfactory 1Security features of China Telecom [30–50 words]   AnswerSatisfactoryUnsatisfactory 2 Assess China Telecom’s ability to prevent data interception, data corruption and data  falsification [30–50  words]     Step 2: Conduct required ISP speed test and identify system vulnerabilities. 2 Using Speed Test Manager and Acunetix to conduct the speed test and system vulnerability scanning for China Telecom. Provide the screenshots of the results. AnswerSatisfactoryUnsatisfactory 1 Speed test screenshot   AnswerSatisfactoryUnsatisfactory 2 System vulnerability scanning screenshot     Step 3: Analyse internet gateway options.   3 Analyse the internet gateway options and explain the features of Static Network Address Translation (SNAT), Dynamic Network Address Translation (DNAT) and Port Address Translation (PAT). AnswerSatisfactoryUnsatisfactory 1 Static NAT  [30–50  words]     AnswerSatisfactoryUnsatisfactory 2 Dynamic NAT [30–50  words] □ □   AnswerSatisfactoryUnsatisfactory 3 PAT [30–50  words] □ □   Step 4: Select required internet gateway option and create security plan according to analysis findings. 4 Which internet gateway options will you select according to your analysis findings. AnswerSatisfactoryUnsatisfactory 1 Select required internet gateway options [2–10  words]     5 Create  a security plan according to analysis findings and have a description. [40–50 words] AnswerSatisfactoryUnsatisfactory 1Security Plan [40–50 words]   6 Report the potential security problems and attacks to the clients. [40–60 words] AnswerSatisfactoryUnsatisfactory 1Potential Security Problems [20-30 words]   AnswerSatisfactoryUnsatisfactory 2 Potential Attacks [20-30 words]     address table is as follows. You need to change the following X into your own ID number. Device Interface / VLAN IP Address PC1_1 G 0/0  VLAN 10 192.168.X.1/24 PC1_2 G 0/1  VLAN 10 192.168.X.2/24 PC1_20 G 0/2  VLAN 10 192.168.X.3/24 PC2_1 G 0/1  VLAN 20 192.168.X+1.1/24 PC2_2 G 0/2  VLAN 20 192.168.X+1.2/24 SERVER Eth 0 172.16.1.1/24 SWA VLAN10 192.168.X.254/24 VLAN 20192.168.X+1.254/24 G 0/2200.200.200.201/30 Gateway(R1) G 0/1 200.200.200.2/30 G 0/2200.200.201.1/30 Firewall G 0/0 218.122.12.1/24 G 0/1200.200.200.1/30 G 0/2172.16.1.2/24 Internet(R2) G 0/0 218.122.12.2/24 218.122.12.3/24 (Alternate test address)         1 Describe the internet gateway installation method according to security plan and work brief.[30-40] AnswerSatisfactoryUnsatisfactory Internet gateway installation method [30-40]   Step 2: Configure internet gateways according to technical guidelines. 2 Configure the firewall to make the server access the Internet through SNAT, and provide a screenshot. AnswerSatisfactoryUnsatisfactory Screenshot of SNAT on the firewall   3 Configure the router to make the PCs access the Internet through PAT, and provide a screenshot. AnswerSatisfactoryUnsatisfactory Screenshot of PAT on the router     Step 3: Test internet gateway, and rectify and report any network issues. 4 When you were doing the testing, you found that the PC1_1 could not ping the PC2_1  successfully. Please analyze the possible causes (at least 2 points) and make necessary changes for the network. Provide the screenshot of the correct result. [40-60 words] AnswerSatisfactoryUnsatisfactory 1Analyze the Possible Causes [40-60 words]     AnswerSatisfactoryUnsatisfactory 2 Screenshot of the Correct Result                5 During the testing, you found that PC1_1 cannot access Server although the gateway address was configured correctly. Please analyze the possible causes (at least 2 points) and make necessary changes for the network. Provide the screenshot of the correct result. [40-60 words] AnswerSatisfactoryUnsatisfactory 1Analyze the Possible Causes [40-60 words]           AnswerSatisfactoryUnsatisfactory 2 Screenshot of the Correct Result               6 During the testing, you found PC1_1 cannot ping Firewall’s G0/1 successfully. Please analyze the possible causes (at least 2 points) and make necessary changes for the network. Provide the screenshot of the correct result. [40-60 words] AnswerSatisfactoryUnsatisfactory 1Analyze the Possible Causes [40-60 words]           AnswerSatisfactoryUnsatisfactory 2 Screenshot of the Correct Result               Part 4 – Connect nodes to internet gateways Please refer to the attached RG Network Equipment Technical Documentations and complete the following configuration and testing. Step 1: Establish prerequisites and confirm gateway connection to network router. 1 Describe the prerequisites that you established. AnswerSatisfactoryUnsatisfactory 1Prerequisites [30-50 words]   2 Confirm gateway connection to network router and provide the screenshot. AnswerSatisfactoryUnsatisfactory 1screenshot   Step 2: Assign nodes to logical gateway as required by network architecture. Provide the screenshots of IP configurations of the gateway, switch (layer 3), Firewall, Server, PC1_1, PC1_2, PC1_20, PC2_1,PC2_2. 3 Provide the screenshots of IP configurations of the following devices. AnswerSatisfactoryUnsatisfactory 1. Gateway     AnswerSatisfactoryUnsatisfactory 2. Switch (Layer 3)     AnswerSatisfactoryUnsatisfactory 3 Firewall      AnswerSatisfactoryUnsatisfactory 4 Server           AnswerSatisfactoryUnsatisfactory 5 PC1_1           AnswerSatisfactoryUnsatisfactory 6 PC1_2             AnswerSatisfactoryUnsatisfactory 7 PC1_20           AnswerSatisfactoryUnsatisfactory 8 PC2_1           AnswerSatisfactoryUnsatisfactory 9PC2_2   Step 3: Determine connection type and configure firewalls. Provide screenshots that show the configuration of the firewalls. 4 Provide the screenshots of the completed configuration of the firewall. AnswerSatisfactoryUnsatisfactory Screenshot of firewall Step 4: Test and confirm internet gateway node connection. Provide the screenshots of the following device connectivity test. 5 Test the connectivity of the following devices using ping command and provide the screenshots. AnswerSatisfactoryUnsatisfactory 1. From PC1_1 to Internet   AnswerSatisfactoryUnsatisfactory 2. From PC1_2 to Internet     AnswerSatisfactoryUnsatisfactory 3 From PC1_20 to Internet     AnswerSatisfactoryUnsatisfactory 4 From PC2_1 to Internet   Student Declaration Please read, tick and sign below   I declare that the attached assessment I have submitted is my own original work and any contributions from and references to other authors are clearly acknowledged and noted.    This document has been created for the purpose of this assessment only and has not been submitted as another form of assessment at Melbourne Polytechnic or any other tertiary institute.    I have retained a copy of this work for my reference in the event that this application is lost or damaged.   I give permission for Melbourne Polytechnic to keep, make copies of and communicate my work for the purpose of investigating plagiarism and/or review by internal and external assessors.    I understand that plagiarism is the act of using another person’s idea or work and presenting it as my own. This is a serious offence and I will accept that penalties will be imposed on me should I breach Melbourne Polytechnic’s plagiarism policy.   Student SignatureXDate Please note that your assignment will not be accepted unless you have: Completed all sections of the assignment Acknowledged all sources of other people’s contributions including references and Students’ names for group work assessments Completed all areas of this Student assignment cover sheet.