Network design
The network IP addressing scheme for the MD building is designed to ease network management. It have to protect students and employees data as well as any intellectual property that UMUC has on the servers and computers.
The IPS with Application Level Gateway Firewall security appliance will be installed to secure the private network from the Internet and provide IPSec VPN connectivity to the main UMUC office. The Intrusion Protection System (IPS) is able to inspect network traffic, examine and filter based on information contained within the data portion of a packet. It help the IT personnel monitor, log, and detect security breaches. It could use to send security breach alerts, terminate security breaches, and terminate or restart processes.
The network will use the Ethernet, 24 RJ-45 ports, Power over Ethernet (P0E) switch series because of their high performance. The switches are can support up to 144 gigabit network connections (10/100/1000baseT Ethernet) and one will be installed on each floor in the Server Room. The switches will be configured with a tagged VLAN (Virtual Local Area Networks) for each subnet. The network will be secured using Active Directory single sign-on and IP addresses centrally managed using DHCP with DHCP relay enabled on the switches to forward DHCP broadcast traffic as unicast transmissions across VLAN boundaries. The switches also will be installed in each office or room which have more than four workstations. The switches will be connected in a partial mesh that ensures no single point of network failure.
A Wireless Access Point, 802.11b/g/n Wireless, 100Base TX Ethernet series will integrate seamlessly into the network with VLAN support and provide 104 Mbps network access speed. Wireless media access will be protected using WPA2 security with AES 256 encryption and authentication using user credentials and 802.1x integrated into Active Directory via Radius(ACLs applied to the VLAN for security).
The servers in server
The IPS with Application Level Gateway Firewall security appliance will be installed to secure the private network from the Internet and provide IPSec VPN connectivity to the main UMUC office. The Intrusion Protection System (IPS) is able to inspect network traffic, examine and filter based on information contained within the data portion of a packet. It help the IT personnel monitor, log, and detect security breaches. It could use to send security breach alerts, terminate security breaches, and terminate or restart processes.
The network will use the Ethernet, 24 RJ-45 ports, Power over Ethernet (P0E) switch series because of their high performance. The switches are can support up to 144 gigabit network connections (10/100/1000baseT Ethernet) and one will be installed on each floor in the Server Room. The switches will be configured with a tagged VLAN (Virtual Local Area Networks) for each subnet. The network will be secured using Active Directory single sign-on and IP addresses centrally managed using DHCP with DHCP relay enabled on the switches to forward DHCP broadcast traffic as unicast transmissions across VLAN boundaries. The switches also will be installed in each office or room which have more than four workstations. The switches will be connected in a partial mesh that ensures no single point of network failure.
A Wireless Access Point, 802.11b/g/n Wireless, 100Base TX Ethernet series will integrate seamlessly into the network with VLAN support and provide 104 Mbps network access speed. Wireless media access will be protected using WPA2 security with AES 256 encryption and authentication using user credentials and 802.1x integrated into Active Directory via Radius(ACLs applied to the VLAN for security).
The servers in server