Home / Expert Answers / Computer Science / need-a-network-diagram-built-using-the-information-below-network-design-proposal-busine-pa172

(Solved): (Need a Network Diagram built using the information below) Network Design Proposal Busine ...

(Need a Network Diagram built using the information below)

Network Design Proposal

Business Requirements and Consideration

Recommended transmission speed is 10 Gbps

Internal LAN is 1Gbps, equipped for traffic of 20 + employees

MPLS secondary network that will back up the primary at all locations of 5 or more employees

Utilize single router for both primary and secondary networks at remote locations

Solution that will accommodate the bandwidth and priority required for data replication traffic between Location A and Location B, that will not interrupt other production traffic.

Accommodate future growth in VoIP traffic on WAN

Prioritization of Tier 1 and Tier 2 applications such as ERP, Email, and time tracking

IP Details for LAN and WAN Topologies

Internal static LAN IP address is

Static IP address assigned to the dynamic host, to using DHCP protocol.

Gigabit port capabilities include at least twenty-four physical RJ-45 ports to support future expansion.

Ethernet cabling and wireless access for connectivity for LAN networks

Reserve a block for addresses for DHCP and for static addressing.

Use different LAN IP subnets (or different subnet masks) at both ends while configuring VPN (Virtual Private Network) between different sites. Exp: If the site you are connecting to uses a 192.168.x.x addressing scheme, use a 10.x.x.x or 172.16.x.x subnet, so when the IP address changes the DHCP devices automatically pick up the IP address in the subnet.

Implement a centralized policy, configuring a hub and spoke technology, enabling the hub to communicate with all spoke sites. Note: Spoke sites can only communicate with the hub, not the spoke sites.

Sites A, B, and France will have Gi0/3 interfaces of all vEdge routers that service VPN, using Cisco SD-WAN version 19.3.0

VEdge routers establish IPSec connections with each other.

3100 Series firewall for medium-sized enterprises with allowable flexibility for future growth. Performance capabilities enabled by modern CPU architecture, optimizing firewall, cryptographic, and threat inspection functions. Higher Q in Q support. Platforms can be deployed in firewall and dedicated IPS modes. Supports Q-in-Q (stacked VLAN) up to 802.1Q headers in a packer. Also supports FTW (fail-to-wire) network modules.

Plan for Remote Access and VPN Usage

Standardized configurations across the network.

Tier 1 provider connections within the US, as connectivity over the VPN seems to be more stable and available as opposed to lease-line circuits (non-Tier 1 providers)

DST (Dynamic Split Tunneling) excludes low-risk browser traffic like videoconferencing for the VPN tunnel maximizing VPN efficiency and network performance by lowering costs.

NAS (Network Access Server, or VPN gateway enabling authenticated credentials of any device attempting to sign-into the VPN

Remote devices equipped with client software

We have an Answer from Expert

View Expert Answer

Expert Answer

We have an Answer from Expert

Buy This Answer $5

Place Order

We Provide Services Across The Globe