How JustAnswer Works:
  • Ask an Expert
    Experts are full of valuable knowledge and are ready to help with any question. Credentials confirmed by a Fortune 500 verification firm.
  • Get a Professional Answer
    Via email, text message, or notification as you wait on our site.
    Ask follow up questions if you need to.
  • 100% Satisfaction Guarantee
    Rate the answer you receive.
Ask Cody Your Own Question
Cody
Cody, Senior Systems Administrator
Category: Homework
Satisfied Customers: 1819
Experience:  Systems Administrator
58973002
Type Your Homework Question Here...
Cody is online now
A new question is answered every 9 seconds

You are the IT Director of a company (bigcompnay.com) that

Customer Question

You are the IT Director of a company (bigcompnay.com) that has six different departments, as follows:
a. Human Resources
b. Research and Development
c. Accounts Payable
d. Accounts Receivable
e. Public Relations
f. Payroll
You are building a brand new network (from scratch). For the moment, the assumption is that there is no budget limit. You contacted your ISP and were lucky enough to receive the IP address of 199.128.1.0/24.
You need to subnet your network and the sub-netting must not only allow for a separate subnet for each of the department listed above, it must allow for addition of three more subnets within the next five (5) years. Each of these subnets must be able to support at least 50 users.
It is extremely critical that the Human Resources and Research and Development departments are completely isolated from the rest of the network. You need to design a private IP addressing scheme that will achieve that, in addition to securing the entire private network from outside access. All departments also need fast Internet access so your solution needs to ensure that provisions are made to handle that.
Submitted: 10 months ago.
Category: Homework
Expert:  Cody replied 10 months ago.
Ideally you would have a firewall with multiple ports so you can have anisolated network but using the same modem. (Internet) Each network could have 252 additional devices on the network. Isolated NetworkFirewall = 172.16.1.1Gateway = 172.16.1.254 (switch)for each different VLAN it would be 172.16.x.254 (gateway)a. Human Resources = 17.16.10.0/24b. Research and Development = 17.16.20.0/24Firewall = 192.168.1.1Gateway = 192.168.1.254 (switch)for each different VLAN it would be 192.168.x.254 (gateway)c. Accounts Payable = 192.168.10.0/24d. Accounts Receivable = 192.168.20.0/24e. Public Relations = 192.168.30.0/24f. Payroll = 192.168.40.0/24additional 1 = 192.168.50.0/24additional 2 = 192.168.60.0/24additional 3 = 192.168.70.0/24
Customer: replied 10 months ago.
So what are the specific networks based on the ip address that was given so 199.128.1.0 - 199.128.1.50
Customer: replied 10 months ago.
I have to explain what I did an why and make aurw it covers the need for 50 hosts
Expert:  Cody replied 10 months ago.
Given the question it says to setup a private IP addressing scheme. I'm not sure why they even have the public IP (199.128.1.0) listed as it could be anything and wouldn't affect the internal network.
Expert:  Cody replied 10 months ago.
You are going to use a firewall that can support multiple networks.ExampleISP (fiber) plugged into port 1 on firewallMain network plugged into port 2 on firewall and then out to the InternetIsolated network will be running to port 3 on the firewall and then out to the Internet We have each office organized by 192.168.10.x and 192.168.20.x... etc so the range is organized and standardized with inside the main network and each office, and also allowing each office to have 252 devices (meeting the 50 device minimum)Isolated network is similar and on their own network (172.16.1.x) but using the same IP scheme per office so its standard across the whole company.
Expert:  Cody replied 10 months ago.
each office can have 252 devices because the firewall will be 192.168.10.1 and switch will be 192.168.10.254 This leaves 192.168.10.2 -- 192.168.10.253 open. Then for each office you just replace the 3rd octet with .20 or .30...etc.
Customer: replied 10 months ago.
this is the full essay content
You are the IT Director of a company (bigcompnay.com) that has six different departments, as follows:
a. Human Resources
b. Research and Development
c. Accounts Payable
d. Accounts Receivable
e. Public Relations
f. Payroll
You are building a brand new network (from scratch). For the moment, the assumption is that there is no budget limit. You contacted your ISP and were lucky enough to receive the IP address of 199.128.1.0/24.
You need to subnet your network and the sub-netting must not only allow for a separate subnet for each of the department listed above, it must allow for addition of three more subnets within the next five (5) years. Each of these subnets must be able to support at least 50 users.
It is extremely critical that the Human Resources and Research and Development departments are completely isolated from the rest of the network. You need to design a private IP addressing scheme that will achieve that, in addition to securing the entire private network from outside access. All departments also need fast Internet access so your solution needs to ensure that provisions are made to handle that.
Your Public Relations department will be hosting a web site whereby outside public users can get information about the company’s product and services. It is of utmost importance the public website is not defaced and content is protected.
You also need to design an appropriate DNS Strategy so that both the internal and external names can be successfully resolved by the internal users.
As the IT Directory, you also need to properly manage and monitor all components of the network, including switches, routers, servers, and users’ workstations. Your design and implementation of the network must take this into consideration. You need to describe what you need to accomplish this and how would you about doing it?
Each one of the departments storage needs continues to grow at a very accelerated pace. All these departments need the capability to share data with other departments, while ensuring other data pertaining to them is keep private and secure. Disk read time and write time must be properly optimized and your solution must describe what would you need to do to accomplish this and what type of solution you must implement?
You need to write an essay addressing every single one of the points discussed above, along with a justification and explanation as to why you do it this way? You will get full credit if you answer all points asked and your responses are technical with sufficient explanation. You should be referencing the lecture notes to assist you.
we have learned about Subnetting and supernetting, IPV6, DNS, NAT, Firewalls SNMP, and SANsso my assumption is that I have to figure out how to turn 199.128.1.0 /24 into 9 subnets that can support up to 50 users, and to isolate hr and R&D it can reside behind firewalls and can use NAT to hide the true IP address when going out of the HR and R&D networks my confusion comes from turning(###) ###-####1.0 /24 into 9 subnets and what the subnet mask would be and how to get it to support 50 users
Customer: replied 10 months ago.
i get a little confused when it comes to cidr and subnetting because they way I look at it is is that /24 determines the subnet and from there I would have to figure out how to make it so I can create more networks from the /24
Expert:  Cody replied 10 months ago.
Each department having it's own external IP address of 199.128.1.x doesn't make senseIf that was the case, the scenario would be from the Internet Provider aspect of creating subnets for various customers.
Customer: replied 10 months ago.
it is what the professor gave and it is why I dont quite understand I know that I could use 199.128.1.0 255.255.255.224 which would give me 8 subnets that support 30 host
Customer: replied 10 months ago.
understand my fustration as I know how to answer the other questions but this question doesnt make sense with the choice of the ip address and it being a /24 which mean it has one subnet with 254 hosts so how do i change that would be by changing the subnet?
Customer: replied 10 months ago.
so basically I have too Create 9 Subnets in the 199.128.1.0/24 Net
Expert:  Cody replied 10 months ago.
/24 the first 3 octets are the same, given you only have 254 addressesThis is not possible, I would clarify what they want done. I think they are referring to the private networks that I sent you. Doing anything with the external IP address has nothing related to this scenario.
Customer: replied 10 months ago.
how do you create subnets?
Customer: replied 10 months ago.
I would have to use vslm to divide the networks into different for example a /24 into a /26 network
Expert:  Cody replied 10 months ago.
I'll see if someone else can help you out as I'm either not fully understanding the scenario or something else.
Customer: replied 10 months ago.
maybe I am confused so the ISP just gives the initial IP address that allows the company to access the internet and on the internal I can use any IP address as long as it is class C.
Expert:  Cody replied 10 months ago.
correct If you go to www.whatismyip.com you will see your external IP address given to you by your ISP. Then if you open a command prompt and do ipconfig, you'll see your internal IP address.
Expert:  Cody replied 10 months ago.
http://www.vlsm-calc.net/ipclasses.php
Customer: replied 10 months ago.
Ok now I understand I assumed that I had to use supernetting or subnetting on the original ip address not that I could use specific ip addresses afterwards, so basically I could use a 10.10.10.0 network for hr and r&d departments and use 192.168.0.1 network for the other departments with a subnet mask of 255
255.255.255.192 for the 50 host. With my first subnet being 192.168.0.1 - 192.168.0.60 and so forth
Customer: replied 10 months ago.
So even though the ISP address is a class C, I can create a class A, B or C network within my network to accomodate my networks needs?
Expert:  Cody replied 10 months ago.
/26 would only get you 4 subnets I think you would want to do something like /21 Then you could do the below for each department. 192.168.0.0192.168.1.0192.168.2.0192.168.3.0192.168.4.0192.168.5.0192.168.6.0192.168.7.0 play around with this http://jodies.de/ipcalc
Expert:  Cody replied 10 months ago.
So even though the ISP address is a class C, I can create a class A, B or C network within my network to accomodate my networks needs? Yes as long as it's within the private IP range shown here https://en.wikipedia.org/wiki/Private_network
Expert:  Cody replied 10 months ago.
so basically I could use a 10.10.10.0 network for hr and r&d departments Yes this would work, if you wanted to do a /23 network here you could have:10.10.10.010.10.11.0
Expert:  Cody replied 10 months ago.
These last 3 posts I think is was you're looking for. The initial post by me with VLANS is probably not what this project is looking for.
Customer: replied 10 months ago.
ok then for the other networks I could use a class C addressing scheme that would cover 8 additional subnets that can support 50 hosts
Expert:  Cody replied 10 months ago.
yes it can support well over 50
Customer: replied 10 months ago.
I want to work with you so please don't refer me to someone else
Expert:  Cody replied 10 months ago.
ok I'll be around for awhile still tonight
Customer: replied 10 months ago.
so for HR and R&D I can use 10.10.10.0 /26 and 10.10.11.0 /26
forAccounts Payable 192.168.0.0 - 192.168.0.254Accounts Receivable 192.168.1.0 - 192.168.1.254Public Relations 192.168.2.0 -192.168.2.254Payroll 192.168.3.0 - 192.168.3.254unused 192.168.4.0-192.168.4.254unsused 192.168.5.0 -192.168.5.254unsused 192.168.6.0 -192.168.6.254with the broadcast IP for each ending in X.X.X.255
Customer: replied 10 months ago.
/26 for the 192.168 though or /24
Customer: replied 10 months ago.
or I can leave a network within the 10.10. ip address ranges available because it will host 4 subnets
Expert:  Cody replied 10 months ago.
that looks good, the 192.168 would be /21 These 2 below would be /23HR and R&D I can use 10.10.10.0 /23 and 10.10.11.0 /23 as you get to /25 /26 /27.... etc.. you're limiting your addresses because the first 3 octets can't changeso example /26 would be 10.10.10.x You can't have 10.10.11.x See this link for the full details http://jodies.de/ipcalc?host=10.10.10.1&mask1=24&mask2=26
Customer: replied 10 months ago.
A /21 would provide 7 subnet and 50 hosts
Expert:  Cody replied 10 months ago.
/21 provides 8 subnets and a total of 2046 hosts which is basically 254 hosts per subnet example below are 2 subnets with 254 hosts available for Accounts Payable, and 254 hosts available for Accounts Receivable. Accounts Payable 192.168.0.0 - 192.168.0.254Accounts Receivable 192.168.1.0 - 192.168.1.254
Customer: replied 10 months ago.
All /21
Accounts Payable
192.168.0.0 - 192.168.0.254Accounts Receivable
192.168.1.0 - 192.168.1.254Public Relations
192.168.2.0 -192.168.2.254Payroll 192.168.3.0 - 192.168.3.254unused 192.168.4.0-192.168.4.254unsused 192.168.5.0 -192.168.5.254unsused 192.168.6.0 -192.168.6.254with the broadcast IP for each ending in X.X.X.255Then
All /23
HR
10.10.10.0 - 10.10.10.254
R&D
10.10.11.0 - 10.10.11.254
Expert:  Cody replied 10 months ago.
yes looks good
Customer: replied 10 months ago.
/23=255.255.254.0
/21= 255.255.248.0
Expert:  Cody replied 10 months ago.
yes thats correct
Customer: replied 10 months ago.
When you do this is there any specific router or firewall settings that need to be, for example let's say I wanted to use a nat pool for my isolated networks to access the Internet
Expert:  Cody replied 10 months ago.
You can have the firewall do the routing and setup 2 networks on the firewall which route both networks out to the internet. So let's say the gateway is 10.10.10.254 for isolated network and 192.168.0.254 for the main network. Both of these 2 ip's would be the firewall. or you could setup 2 vlans on a switch.isolated network = vlan 10 and main network = vlan 1then have the switch route network traffic for 10.10.0.0 to route to 10.10.10.1then have the switch route network traffic for 192.168.0.0 to route traffic to 192.168.0.1 In this instance 10.10.10.1 would be firewall and 10.10.10.254 would be the switch (gateway)and then main network 192.168.0.1 for firewall and 192.168.0.254 for switch
Expert:  Cody replied 10 months ago.
regarding the part about the IIS web server, you can integrate the NAT hereso you would setup a static NAT on the firewall so that any traffic going to the external IP address on port 443 for example would then forward traffic to the server IP address (internal IP for example 192.168.0.10) I'll be on in morning if you have any other questions.
Expert:  Cody replied 10 months ago.
THIS ANSWER IS LOCKED!

You need to spend $3 to view this post. Add Funds to your account and buy credits.

Related Homework Questions