Sammi,
This may be a bit ungracious but how is your security as it seems now that
we have all the plans?
Karl
----- Original Message -----
From: "Sammi"
To:
Sent: Saturday, June 30, 2001 12:05 PM
Subject: Proposed Network Design [7:10494]
> Hello all,
>
> We are migrating off of Banyan to Windows 2000 in late July and
> through August. Concurrent with the migration will be an
> infrastructure overhaul. I would like to lay out my plans and
> thoughts; any comments, advice, criticism, improvements, etc. greatly
> appreciated.
>
> I have 95% of my hardware:
>
> Dell Poweredge servers:
> 1550 (6) - file servers
> 6450 (2) - SQL and Exchange servers
> 2450 (1) - SQL
>
> Cisco Switches:
> 2948G (1) - distribution switch
> 2900xl (8) - access switches
> various numbers of 1900/2800 to be phased out
>
> Cisco Aironet Wireless:
> 2 parabolic, various yaggi and omni antennae
> a number of workgroup and access bridges, various sizes.
>
> The new environment will consist entirely of new servers, no upgrades
> from old environment.
>
> I've taken my first crack at using Visio 2000 to try and lay out a
> high level conceptualization of my planned design. If interested,
> please download the diagram: http://www.tuzzy.org/design.zip 200k
>
> Currently our network is on one segment and I am creating vlan's. This
> is an ambitious project for my experience but I'm confident, although
> I realize it'll take a lot of work and study as I go. I've been
> researching this scenario for some time now, and have attended a BCMSN
> week long course with Global Knowledge. So, I may be in dim light but
> not totally in the dark ;-)
>
> Physical Sites consist of:
>
> Main site; includes main administrative building and 6 outlying
> quonset (huts). Fiber from main building to one hut, fiber between
> huts. Currently in place and operable. Main server room; distribution
> switch, access switches in main building and physical locations.
>
> Heritage site: approx. 4 miles from main. Will connect to Main Site
> via Aironet, parabolic at Heritage and at Main.
>
> Northstar site: approx. 400 yds. from Heritage, connected via fibre,
> currently in place and operable.
>
> Daycare site: approx. 800 yds. from Heritage, will connect via
> Aironet.
>
> Home: approx. 1 mi. from Heritage, will connect via Aironet.
>
> All operations must take place within 10.200.x.x range. Our
> organization is one of three trees within the 2000 forest. Each tree
> is an independent organization with close ties. One domain per tree.
>
> My plans:
>
> All servers are Windows 2000, all desktops 2000 Professional.
> Each VLAN consists of 6 ports on the 2948 switch, each port (as
> needed) will go to a 2900xl switch for eventual end user access,
> possible direct 2948 to desktop in some cases.
>
> VLAN 1
> 10.200.1.x / 24
> Serving enterprise;
> Exchange 2000 / Universal file server box
> ISA (firewall) box
> Primary DNS, DC, DHCP, Global Catalog
>
> VLAN 2
> 10.200.2.x / 24
> File server for info systems, main building.
> Secondary DNS, DC
> DHCP?
> 3 users
>
> VLAN 3
> 10.200.3.x / 24
> File server for huts.
> SQL backend server for online application, access from huts.
> DHCP?
> 50 users, web server.
>
> VLAN 4
> 10.200.4.x / 24
> One box, 6450, SQL server and file server for finance and services,
> main building.
> DHCP?
> 6 - 12 users, critical data, high resource demand
>
> VLAN 5
> 10.200.5.x / 24
> File server for administrative staff, main building.
> DHCP?
> 75 users
>
> VLAN 6
> 10.200.6.0 / 24
> Spans from main building to heritage center, approx. 4 miles distant.
> Parabolic and bridge, Aironet, at main building and Heritage center.
> Bridge on each end connected to a 2900xl switch.
> File server for Heritage center, possibly daycare.
> Daycare connected via workstations -> 2900xl -> aironet -> heritage
> Northstar has own servers, connected to Heritage via fiber.
> Home will connect to Heritage via wireless (low priority).
> Possible (probable) second server at Heritage, possible server at
> Daycare.
> DNS (cache only), DC, Global Catalog
> DHCP?
> 50 users
>
> VLAN 7
> Not utilized.
>
> VLAN 8
> Gateway to existing Banyan network.
>
>
> So there we have it.
>
> This is actually my first time writing it out in detail and that in
> itself has been beneficial.
> If anyone is feeling ambitious and generous I would more than welcome
> a picking apart of my logic, diagramming, any input at all welcome.
> I'm sure I have some gaping omissions, leaps of logic or
> considerations not yet considered. Chances are I'm going overboard
> with the segmenting? I realize the extra admin chores but think the
> trade off is tolerable.
>
> If you've read this through, I already owe you my thanks ;-)
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=10501&t=10494
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
