Networking Projects
Er. Prashant Kumar Sharma
Network design proposal for Bank
Abstract
A network proposal has to be developed for a bank. The bank has a main office , which is located in London, and has 5 branch offices located at Paris, California, India, Dubai and Qatar. The bank has an application server, which is used by it’s customers across the world for online transactions. All the branches have high speed internet connection. There are approximately 100 users in each of the branch offices and 200 users in the main office.
Network requirements.
1.Identify the hardware components required to setup the network for the Bank
2.High availability should be available to the application server, which is accessible using https protocol.
3.The application server should be setup in a secure manner with network and host level protection.
4.All traffic into the application server should be scanned for security attacks.
5.IP network design for the branch and main offices.
6.IP addressing range for users and hardware components.
7.The users at different locations should be able to access each other, including the application server.
8.Identify the features and methodology which would be followed to achieve the solution.
9.Network Topology diagram.
Remote access VPN Network design behind NAT router
Project scope and description
In this project, a network has to be designed for remote access VPN. A windows XP VPN server is to be setup behind a Cisco NAT router.
The NAT router has a public IP address received dynamically by the ISP, which is also required to be used by the LAN users for internet. The remote users should be able to connect to the public IP address of the router, and establish connectivity with the VPN server. After connection is established, the remote user should be able to access systems on the LAN. LAN and VPN network should be segregated using appropriate VLAN’s
Hardware and Software used.
Cisco 2611 XM router.
Cisco 2950 switch
Windows XP VPN Server with two network cards.
Windows / Linux systems for LAN users.
Windows 7 for remote access
Network design proposal for a LAN
Project requirement
A proposal has to be developed for a LAN of an organization. The LAN network has 50 users. There is an ADSL Internet access for all users. The users should belong to one single domain.
Dynamic IP addresses for all the users should be available. A server should be available for sharing and storing files along with necessary antivirus solutions
Buy the proposal report which contains the details related to the appropriate software and hardware products, IP address schema, required services and features, network diagram and explanation on the integration plan to achieve the solution.
Report Contents -
1. Requirement
2. Network diagram
3. Network Integration plan
4. IP address schema
5. Services and features
6. Software and Hardware
Network Design proposal for Internet Cafe
Project Scope
The project is to prepare a network design proposal for an Internet cafe. The following are the requirements. The cafe is to support 30 users and requires a web filtering device or software to filter websites based on content.
The users need to share one ADSL internet connection. The cafe has to be managed with a billing software.
Report Contents
Network Design Requirement
Design Requirement Analysis
Network Diagram
IP address Design
Hardware and Software products.
Cloud network design proposal
Project Scope
Design a cloud network proposal for a software development organization with 100 users.
Project Requirements
1.The organization should have a website setup on the cloud
2.All users should have email accounts under the organization name, setup on the cloud.
3.Data storage repository should be available for all the users on the cloud
4.An application server should be available, which would be a dedicated system on the cloud.
5.The organization should have a LAN with appropriate components like routers and switches.
6.Internet access for all LAN users.
LAN Network design with redundancy
Project Scope
A network which has redundancy in the design to to be setup for an organization. The organization is currently having an internet connection, which is setup using a Cisco router. The gateway addresses for users in the LAN is currently provided as an intermediate routers address, which would then forward all internet bound packets to the internet router. The network has to be upgraded by having dual intermediate routers which would automatically failover, and provide high availability access to the internet. HSRP is to be used for the deployment. The project identifies the configurations required on Cisco routers to achieve the same.
Networking requirements
1.LAN IP network design.
2.Network Topology diagram.
3.Configurations required on the routers to setup high availability with HSRP.
4.Configurations required on the routers to setup appropriate IP address and internet packet forwarding on the routers.
5.Configurations required on the LAN PC’s for appropriate gateway parameters.
6.Verification and Testing Procedure
Hardware
1.Cisco routers ( 2 nos)
2.Cisco switches ( 2 nos)
3.Internet router (Internet not mandatory)
4.PC (As per requirement)
5.Network cables.
VLAN network design with restricted internet access
Project Scope
To design a network for a software development organization based on vlan with Cisco routers and switches. The organization has three departments, development, testing and trainee and a high speed internet connection.
The trainee department should not have access to internet browsing, but all other communication should be allowed on the internet. The users in all the departments should have inter access communication with each other. All the departments should be on different IP networks.
Project Requirements
1.Design different vlans for each department.
2.Design and map IP network addresses for each vlan.
3.Cisco based routers and switches to be used.
4.Identify the configurations required on the routers and switches for the solutions like vlan, intervlan routing, internet access restriction etc.
5.Identify the TCP/IP adapter configurations which are required to be setup on the clients.
Hardware and Software
1.Cisco 2611 XM router ( 1nos)
2.Cisco 2950 ( 1nos)
3.PC’s ( As per requirement )
Network design proposal for airport
Project Description
The project is to design a proposal for setting up a network in an airport. The airport has three departments.
1. Airport authority
2. Flight service providers
3. Guests.
The airport authority maintains a server which handles the flight management controls. The flight service providers should have access only to the specific server in the airport authority network and not to any other systems. The guest users should have wireless access to a high speed internet connection, which should be shared among all the users in all the departments.
The wireless access should be using a common password. The guest users should not have access to the other two departments. The users should obtain IP addresses automatically. The airport authority has 20 users, the flight service providers have 40 users and the maximum numbers of guests are estimated to be 100.
Networking Requirement.
1.The active networking components (Routers, switches, wireless access points etc) with quantity.
2.The IP network design for each department.
3.Creating and mapping IP networks with vlans.
4.Analysis, identification and explanation of methodologies to use for access restriction and internet sharing.
5.Dynamic IP addressing design for all the networks.
6.Identify the configuration and features, wherever appropriate, which is required on the active components to setup the network.
7.Network topology diagram.
Router access restriction on a VLAN network
Abstract
An organization uses a VLAN based network. There are 3 vlans on the network, namely vlan 2, vlan 3 and vlan 4. The IT department belongs to vlan 4. The vlans are mapped with the IP networks 192.168.1.0/24, 192.168.2.0/24 and 192.168.3.0/24. It is required that only the IT department vlan should be able to remote access the router using telnet.
All the other vlans should be blocked. To demonstrate the solution a lab is setup with Cisco routers and switches with the topology simulated. The necessary configurations required to achieve the solution is identified.
Project Type: Practical demonstration
Hardware and software
1. Cisco 2611 XM – 1 nos (Any Cisco router which supports intervlan routing would suffice )
2. Cisco 2950 switch – 1 nos (Any Cisco switch which supports vlans would suffice )
3. Computers ( 3 nos)
Network design with multiple VLANs and Single DHCP Server
Project Scope
To design and configure a network for an organization with multiple departments, finance, hr and marketing, where all users in the department receive appropriate dynamic IP address from Windows 2008 DHCP Server.
Each department uses different IP network address. The organization uses Cisco switches and routers.
Project Requirements
1.Design respective vlans for different departments.
2.Design network addresses for each departments.
3.Map the network address with respective vlans.
4.Identify configuration required on Cisco routers and switches to create vlans and intervlan routing.
5.Identify configuration required on Windows 2008 DHCP server to provide dynamic IP address to users belonging to respective vlans from the specific network address range.
6.Identify configuration required on the Cisco router for DHCP specific design.
7.The users in all the departments should be able to access each other after receiving appropriate IP addresses from the DHCP Server.
Hardware and Software
1.Cisco 2611 XM router ( 1nos)
2.Cisco 2950 switch ( 1nos)
3.Windows 2008 Server ( 1nos)
4.PC’s.
Design proposal for VLAN based Infrastructure with focus on security issues and mitigation
Abstract
The report describes why VLANS are used, how to design a VLAN infrastructure for an organization with necessary switches and routers, security attacks based on VLANS and features on the platforms which would mitigate these attacks.
Report Contents
What is a VLAN
VLAN Tagging and Trunking
Intercommunication between VLAN
Design a VLAN based network – Case study for an organization- Includes Technical investigation, Network Design and diagrams
Configuration on Cisco routers and switches for Intervlan deployment (Cisco 2611 XM and Cisco 2950 )
Configuration on user computers TCP/IP Settings
VLAN based attacks – Different types of attacks, how it is performed and mitigation techniques.
Design a pre-sales proposal for network setup in a university
Abstract A pre-sales design proposal for network setup in a university
The university has the following 7 departments.
1. IT
2. Finance
3. HR
4. Management
5. Faculty
6. Students
7. R&D
The university has an ADSL internet connection which would be used by the departments
except for the R&D department which should not have access to the same. All the
departments should be able to communicate with each other. Each department contains
50-100 users.
Networking Requirement
1. The active network components which are required ( Routers , Switches ).
2. The number of switches , routers which are required for the design.
3. The IP Design schema for the department.
4. Explanation of the details required to be configured on the Switch and how to
create different departments with VLAN.
5. Explanation of how to restrict internet connection for R&D Department and allow
access for the other departments with Access control lists on the Router.
6. Identify the feature on the router which is required for sharing the Internet for the
users.
7. Identify the TCP/IP adapter parameters ( IP address, Subnet mask, Default
Gateway, DNS Server IP address) for the users.
8. Network Design Diagram.
Network Design proposal for 5 star hotel
Abstract A network design proposal for a 5 star hotel with the following infrastructure and networking requirements.
Hotel Infrastructure
The hotel has 10 floors with 20 rooms in each floor
The hotel has a lobby area.
The hotel has a swimming pool area.
ADSL Internet is available for the hotel.
Networking Requirement
All the rooms should have computers installed.
The computers in all the rooms should have internet connection.
The swimming pool area and lobby should have wireless internet access.
The guests in the rooms should have free internet access.
The computers should have appropriate security software’s installed.
The hotel management staff and the guests should be on different networks.
There are 15 users on the hotel management who requires computers.
A hotel management server needs to be setup for the hotel management staff which should not be accessible by the guests.
The wireless access in the lobby and swimming pool area should be secure.
WAN design for multiple office connectivity
Abstract An organization has two remote offices and one main office. The organizations plans to design a WAN network through which both the remote offices have dedicated leased lines to the main office. The speed of the leased line links is 64 Kbps.
The organization plans to use Cisco routers and switches. The necessary topology and configurations are identified on the routers for the computers in the different offices to access each other. A lab is setup with actual Cisco equipment’s to simulate the above topology along with the working configurations.
Project Type: Practical demonstration
Hardware and Software
Cisco routers ( 3 nos)
Switches ( 3 nos. Note, if switch is unavailable, computers can be directly connected to the routers)
Computers ( 3 nos)
Cisco DTE-DCE Cable (2 nos)
Network design proposal for small office
Project Scope.
A network proposal has to be designed for a small office. The office has 5 users with an ADSL internet connection and a parallel port printer.
Project Requirements
1.All users should be able to access the internet through the ADSL internet connection.
2.All users should be able to print via the network.
3.All users should have secure wireless access to the network, with the flexibility to connect via LAN.
4.A file server for sharing files on the network.
5.Hosted Email servers for email access.
6.Administrator should be able to remotely view and control the file server from any location on the internet.
DNS Lookup tool
The DNS lookup tool would take the website name and print the IP address of the server on which the website is hosted using DNS resolution. The tool is a command line tool which is developed with Python. The output of the code is shown below.
TCP Port Scanner
Project Scope:
The project develops a TCP port scanner with Python and Scapy. The tool would analyze if a corresponding TCP port is open or closed on the destination.
Hardware and Software
Python 2.6, Scapy 2.2.0 (Free Download)
Windows XP or Linux
Router or any PC.
Code execution with Screenshot
Web Server fingerprinting tool
Project Scope
The scope of the project is to develop a command line program , which would fingerprint a web server based on the information received in response to a HTTP Get request. For this purpose, a HTTP Get request is sent to the server and the response header is analyzed. The codes takes the URL or IP address of the server as input. The code output is shown below.
Platform : Python
LAN Speed testing tool
Project Scope
The goal of the project is to identify the time it takes for a data packet to travel between two computers on a LAN. For this purpose, a ping request packet is crafted and sent to the destination.
The response from the destination is analyzed and the time delay is observed and displayed. The code is developed with open source tools, Python and Scapy.
Hardware and Software
1.Two Computers ( Linux or Windows)
2.One switch
3.Python / Scapy ( Free download)
4.Network cables.
LAN Security assessment Proposal
Project Scope:
In the project, a network and security consultancy services organizations has been hired to understand the current LAN infrastructure design of an organization, perform a LAN security assessment,
identify the existing security vulnerabilities which can be exploited and propose a network upgrade with appropriate security recommendations, including additional software and hardware components, highlighting the security features on the recommended products and how it can be used to mitigate attacks targeted on the current LAN infrastructure should be provided.
Current Infrastructure:
There are 100 users in the organization. The users in the organization receive , dynamic IP addresses from a DHCP server residing on the network. A file server based on FTP, is hosted on a Window based system, where any user on the network, with appropriate username and password can upload or download files. Wireless access to the network is provided to all users on the network using wireless access points (2 nos). Open system authentication is used for the wireless network. Currenty, guests in the organization, access the internet on the LAN network through the wireless channel. There is no segregation between the guest and the LAN network. The switches which are currently in use are non-manageable switches (48 port, 3nos). Internet is shared by an ADSL router
Active and Passive FTP Design and Security analysis
Abstract
The project does a detailed analysis of the two different types of the FTP protocol, Active and Passive. The design of the protocols, which include the TCP connection establishment on the respective ports,
are verified using live practical analysis with wireshark protocol analyzer. The different types of security vulnerabilities and attacks targeted on FTP based application are understood. A lab setup topology with appropriate instructions is provided for practical experiment.
VPN Network proposal
Abstract:
A VPN network design proposal for an organization with different branches
Description:
An organization has three offices. The main office is in California in USA, one branch office in London in UK and the second branch office in Bangalore, in India. The main office has an Email server and File server. The following are the requirements.
Network requirement
1. All the three offices should be interconnected with each other using VPN technology.
2. The users at all the location should be able to access the email and file server.
3. Users at all the locations should have access to internet, and should not be routed through the VPN network.
4. Appliances like routers to setup the network.
5. Identify additional requirements like public ip addresses, internet connections etc.
6. Identify the IP network schema for all the locations.
7. Identify the methodology to route internet traffic separately and not through the tunnel.
DMZ Network design with VLAN
Abstract
A DMZ network is to be designed for an organization using VLAN. The organization uses a web server which is publicly accessible over the internet. A DMZ has to be setup using a Cisco IOS firewall router using VLAN’s on the interface, which are connected to Cisco switch. On the switch, vlans are created to segregate between the web server and LAN network. The project uses appropirate devices to demonstrate the above requirement with appropirate equipments and features on it.
Hardware and Software
1. Cisco IOS firewall router
2. Cisco switch ( 2nos)
3. Computers.
Home wireless network design
Project Scope
A wireless network has to be designed at home with remote access from office. There are 3 users at home. Two users have a desktop and the third user has a laptop. A high speed cable internet connection is available at home. A serial port printer is available for printing.
Network Requirement
1.All the users should share the internet connection.
2.The laptop should have secure wireless access to the internet
3.The desktop users should be able to access internet through the LAN.
4.The users should be transparent to the IP addressing system and should not be required to configure the same manually.
5.One of the desktop at home needs to be accessed from office.
6.All the users should be able to use the printer.
IP Spoofing demonstration
Project Scope
IP spoofing is a type of security attack in which the attacker spoofs the source address in the IP header to a fake IP address. The project aims to demonstrate the concept of IP spoofing by using packet crafting tools like Scapy in a test lab.
Hardware and Software:
1.Three PC (Ubuntu and Windows)
2.Scapy and Python (Free download )
3.Wireshark (Free download)
4.Switch ( 1nos)
5.Network cables
Wireless network proposal
Abstract: A wireless network design proposal for a campus with VLAN.
Network requirement and infrastructure
A wireless network proposal has to be prepared for setting up a wireless VLAN based infrastructure at a campus. The campus has 3 departments, management, research and finance. Each department has approximately 30 users. ADSL internet connection is available in the campus, which needs to be shared by the all the users in the different departments. Wireless access to the network should be available using access points installed at strategic locations. Users should also be able to access the network through computers using LAN connectivity.
Files servers should be setup on the network for users in the departments to share and transfer files. Guest users should be able to connect to the internet through the wireless access points, without any authentication. Users in each department should have a common password, which should be used for gaining access to the network through the wireless access points.
The guest users should not have access to the file server installed on the network. Dynamic ip addressing system should be available from a single DHCP server to allocate ip address to all departments users and guests. Users should be able to connect to the appropriate departments, highlighted through appropriate names on the access point. Appropriate equipment for internet sharing should be made available. The following lists the details included in the wireless network proposal report.
STP Design and Attacks
Abstract:
The project understands the design and architecture of the spanning tree protocol with a packet analysis of STP protocol with wireshark. The different types of attacks which are targetted on a network on which STP is deployed, mitigation techniques and methods to simulate a STP attack with appropriate code is provided.
VLAN design with Cisco Infrastructure
Abstract:
An organization has different departments , Finance , IT , Marketing. The project understands how to create different IP networks , map it with respective vlans, the actual configurations which are required on Cisco routers and switch to setup a VLAN based
Infrastructure and allow communication between VLANs. The IP address settings which are required on the TCP/IP adapter for the users computers are also understood.
Software / Hardrware
Cisco 2611 XM router ( 1 nos)
Cisco 2950 ( 1 nos)
Computers.
Network design for school.
Abstract
A network has to be designed for a school. There are a total of 230 computers in the school computer lab. The users in the lab should belong to a single domain and receive IP address dynamically from a central server with the ability to share files on a central location. Some of the users have laptops with wireless cards for which wireless access is required. The total size of the lab is 1000 sq ft. Identify appropriate solution with the detailed services, hardware and software requirements to design the appropriate network for the school.
Small business network proposal
Requirement
A proposal has to be developed for a software development organization, which is planning to setup a small business network. There are 5 users in the organization. Users should belong under one group. A server should be available for file sharing and a printer which
should be network based. All the users should have internet access. One of the rooms requires wireless connection to the network and the internet. Identify the necessary components and features which would be an appropriate solution.
Campus network design
Project Scope
A campus network design for a college. There are 100 users in the college. 30 users in the main building, 30 users in bldg 1, and 40 users in bldg 2. Every building has a lobby which is 200 sqft open space, where wireless access to the network is required. Only authorized personal should have access to the wireless network.
The distance between bldg 1 and the main building is 300 mtrs. The distance between bldg 2 and the main building is 90 mtrs. The distance between bldg 1 and bldg 2 is 70 mtrs. A high speed cable internet connection is available in the main building which needs to be shared among the users.
The necessary equipments and appropriate topology required for the campus network design along with the IP address schema, IP address management, secure wireless access, internet sharing, features and services should be worked out. A bill of material should be included with products from Microsoft, Cisco, D-LINK or Netgear with appropriate quantity which can be used for setting up of the campus infrastructure.
ARP Spoofing and cache poison attack demonstration
Project Scope
ARP spoofing is a type of security attack in which the attacker spoofs the ARP reply packet sent to a destination with its own mac-address. The project aims to demonstrate the concept of ARP spoofing, where the ARP cache of Windows XP is poisoned with the attacker mac-address for a specific system on the network.
Hardware and Software:
1.Three PC (Ubuntu and Windows XP, 7)
2.Scapy and Python (Free download )
3.Switch ( 1nos)
4.Network cables
VLAN design, attacks and defense
Abstract
In this project. the concept of VLAN and the methodology to design a VLAN based network for an organization is documented. A practical case study with Cisco routers and switches is documented along with the necessary configuration.Attacks which are targetted on a VLAN based infrastructure and the defense mechanism is documented.
Enterprise network design with IPSEC
Abstract
An organization is planning to link up the main and branch office with Cisco VPN routers. Users in the main and branch office uses the network address 192.168.1.0/24 and 192.168.2.0/24. After the VPN deployment , the computers in the different offices should be able
to access (ping) each other. As a proof of concept, a lab is setup where the VPN design is practically demonstrated by connecting Cisco routers in a point to point fashion using a DTE-DCE Cable. Networks are setup on the routers to create a main and branch office scenario with computers. Necessary configurations are identified on the router to setup the VPN tunnel for the computers to ping each other.
Project Type: Practical demonstration
Hardware and Software
1. Computers ( 2nos)
2. Cisco 2611 XM and Cisco 1751 router ( 2nos) (Any Cisco routers which support IPSEC would suffice)
3. Switches ( 2 nos)
4. DTE-DCE Cable
Mac-flooding Attack demonstration
Project Scope
Mac-flooding is an attack by which the attacker attempts to fill the mac-address table of the switch, by simulating random mac-addresses. The project aims to demonstrate the concept of mac-flooding by using packet crafting tools like scapy in a test lab.
Hardware and Software:
1.Two PC (Ubuntu and Windows)
2.Scapy and Python (Free download )
3.Cisco Switch ( 1nos) – 2950 is used in the project.
4.Network cables