INTRODUCTION TO PROJECT
Implement access list
,Port Security and DHCP for a Company Network
Design
In this project we make three lab
named as block 1, bock 2 and block 3 .Every block have several number of pc and
one admin pc .An office lab also created in which the main router of company is
placed .There is three servers that are working on wide area network server
name are Google, YouTube, Facebook there is no control of company on any server
because they are placed outside the company network.
Block 1
There is 8 simple users pc and one
Admin pc .User pc are not allowed to use Facebook and YouTube sites. Admin pc
can use these sites without any restriction.
Block 2
8 simple users pc are placed in this
bock with one admin .Same security measures and privileged done in this block
.Admin can configure the switch any time so admin pc is connected with a console wire .
Block 3
Same number of simple users pc are
placed and one admin pc .number of users pc may vary according to the working
need of a company .New user can access
company network when administrator allowed this user .
Office
In office there is a single pc which
is just use to configure the company router .All blocks connectivity can be
controlled from this office router. A single switch is connected to this router
all thee lab are directly connected to main switch.
Requirements
1. Requirements of company form us is
that in every block no client is able to use Facebook and YouTube on their pc
except Google. But the admin pc should allow access any site and internet
service .We can do this by using access list technology.
2. Second thing
is that if there is any type unauthenticated user try to attach their own
device with company switches then proper security should be implemented .This
is possible by using port security service. There is many action provided by
the port security service if any volition is count but we use here default
action i.e. shutdown. If any user try to attach there device with company
switch then the port immediately shutdown without any delay.
3. Third
requirement is that no one allowed to enter IP address in pc statically all
host are given IP address automatically except the admin of each block. For
this we use the dhcp service on company router.
To full feel these requirements there are some other configuration alo done
some of them are Network Address Translation, Interface configuration on
routers ,Create pool for DHCP on router.