Cisco Company Vpn Case Study
Essay by pacers01 • July 25, 2012 • Case Study • 1,016 Words (5 Pages) • 1,921 Views
The new company computer network has many challenges that need to be over come in order to provide the desired security and performance needs to assist company users. There are three locations that need to be connected together. The entire network will be connected together through a Virtual Private Network (VPN). The network connection to each site will be provided by a local internet service provider through a leased line. These leased connections will provide an always on connection ensuring the connectivity between the sites is always available, while a guaranteeing a predetermined bandwidth. The typical price for a T1 is about $1000 and provides 1.544 Mbps bandwidth. A T3 will go for $5000 while proving 44.736 Mbps of bandwidth. Taking bandwidth, price and the number of users per location, Location one will make use of a Leased T3, while location two and three will be connected using a Leased T1. If internet telephones will be used, a T3 may have be used in location three as well.
This will be a high level view of the proposed company WAN showing only the user workstation, networking equipment and WAN connectivity. There are no servers, printers and other network peripherals shown on the diagrams. There will be common equipment that will be at each location. The same model equipment will be installed in each building to increase compatibility and cost associated with training and maintenance. Security functions will be run by the Cisco ASA 5505 Security Plus appliance at each location. All Buildings within each location will be using a Cisco 2901 integrated Service router for routing needs. The Cisco 3560CG-8PC-5 switch will used to connect user workstations to the routers. Please see attachments at the end for diagrams of the network and locations.
The Cisco ASA 5505 Security plus appliance will provide firewall and VPN functions. The external network security from this unit will provided by the intrusion detection, active and passive network protection features while protecting against unauthorized network access. This model offers an always on, highly secure security services. The ASA 5505 integrates into one unit most common security functions including firewall at various OSI layers, intrusion prevention, and content security. Also integrated is VPN functionality which eliminates the need for a separate server. Combining all these functions into one unit will lower initial and maintenance costs as well as space requirements.
Within each building will be a Cisco 2901 router. This small unit will provide the routing needs for each building. It small size along with the ASA 5505 decreases the required space to store the equipment. One fain feature of this unit is its Power over Ethernet (POE) capability which when used with POE switches, greatly increases the flexibility in switch placement. The Cisco 3560CG-8PC-5 switch will be used to connect each workstation to the routing. This unit is PoE capable. The capability eliminates the need for a power source, allowing the unit to place virtually anywhere.
The ASA 5505 will provide the bulk of the system security needs mainly though the use of its VPN and Firewall features. The most economically viable method to connect all three locations together securely is through the use of Virtual Private Networks (VPN). VPN's are secure direct connection between a computer or network to another computer or network by encryption over the internet. Using VPN to connect all three locations allows the company to share private data and resources over an unsecure medium such as the internet. While VPN capabilities are available in many routers, have the capability separated from the router and paired with the firewall will decrease the strain on the router.
Not
...
...