Difference between revisions of "Netband Project"
(→Ip Addressing schema) |
(→Ip addresses) |
||
| Line 19: | Line 19: | ||
<br> | <br> | ||
| − | ==Ip addresses== | + | == Ip addresses == |
| − | HQ | + | HQ |
{| cellspacing="1" cellpadding="1" border="1" style="width: 534px; height: 87px;" | {| cellspacing="1" cellpadding="1" border="1" style="width: 534px; height: 87px;" | ||
|- | |- | ||
| − | | Vlan name | + | | Vlan name |
| − | | Ip address range | + | | Ip address range |
| Vlan number | | Vlan number | ||
|- | |- | ||
| − | | ServerHQ | + | | ServerHQ |
| − | | 10.1.1.0/24 | + | | 10.1.1.0/24 |
| 3 | | 3 | ||
|- | |- | ||
| − | | GuestHQ | + | | GuestHQ |
| − | | 172.16.0.0/24 | + | | 172.16.0.0/24 |
| 4 | | 4 | ||
|- | |- | ||
| − | | ClientHQ | + | | ClientHQ |
| − | | 10.1.2.0/24 | + | | 10.1.2.0/24 |
| 5 | | 5 | ||
|- | |- | ||
| − | | PhoneHQ | + | | PhoneHQ |
| − | | 10.1.3.0/24 | + | | 10.1.3.0/24 |
| 6 | | 6 | ||
|} | |} | ||
| − | Branch1 | + | Branch1 |
{| cellspacing="1" cellpadding="1" border="1" style="width: 534px; height: 87px;" | {| cellspacing="1" cellpadding="1" border="1" style="width: 534px; height: 87px;" | ||
|- | |- | ||
| − | | Vlan name | + | | Vlan name |
| − | | Ip address range | + | | Ip address range |
| Vlan number | | Vlan number | ||
|- | |- | ||
| − | | ServerB1 | + | | ServerB1 |
| − | | 10.2.1.0/24 | + | | 10.2.1.0/24 |
| 3 | | 3 | ||
|- | |- | ||
| − | | GuestB1 | + | | GuestB1 |
| − | | 172.16.1.0/24 | + | | 172.16.1.0/24 |
| 4 | | 4 | ||
|- | |- | ||
| − | | ClientB1 | + | | ClientB1 |
| − | | 10.2.2.0/24 | + | | 10.2.2.0/24 |
| 5 | | 5 | ||
|- | |- | ||
| − | | PhoneB1 | + | | PhoneB1 |
| − | | 10.2.3.0/24 | + | | 10.2.3.0/24 |
| 6 | | 6 | ||
| + | |} | ||
| + | |||
| + | Misc. | ||
| + | |||
| + | {| cellspacing="1" cellpadding="1" border="1" style="width: 538px; height: 87px;" | ||
| + | |- | ||
| + | | Purpose | ||
| + | | Ip address range | ||
| + | |- | ||
| + | | Lan p2p links | ||
| + | | 10.255.255.x/30 | ||
| + | |- | ||
| + | | Management | ||
| + | | 10.0.0.x/32 | ||
| + | |- | ||
| + | | Gre p2p links | ||
| + | | 10.1.3.x/30 | ||
|} | |} | ||
Revision as of 13:04, 7 April 2009
<accesscontrol>NetBand</accesscontrol>
Netband Project
The main goal of this project is to design and implement some of the newest security functionalities in Cisco IOS and the Asa appliance.
Contents
Course description
A small company setup is used to illustrate and document the various relevant security features on an network infrastructure. The bussiness case evolves around a small to medium sized company with a centralized HQ and a number of remote branch offices. The project will consist mainly of cisco switches, routers and Asa firewall appliances. In order to support and demonstrate selected features, a small number of linux and windows servers are installed. The servers are just used as support so only basic configuration and security are implemented.
Ip addresses
HQ
| Vlan name | Ip address range | Vlan number |
| ServerHQ | 10.1.1.0/24 | 3 |
| GuestHQ | 172.16.0.0/24 | 4 |
| ClientHQ | 10.1.2.0/24 | 5 |
| PhoneHQ | 10.1.3.0/24 | 6 |
Branch1
| Vlan name | Ip address range | Vlan number |
| ServerB1 | 10.2.1.0/24 | 3 |
| GuestB1 | 172.16.1.0/24 | 4 |
| ClientB1 | 10.2.2.0/24 | 5 |
| PhoneB1 | 10.2.3.0/24 | 6 |
Misc.
| Purpose | Ip address range |
| Lan p2p links | 10.255.255.x/30 |
| Management | 10.0.0.x/32 |
| Gre p2p links | 10.1.3.x/30 |
Equipment list
HQ
1 x Asa5505
1 x Wlc2006
1 x Catalyst 3560 PoE
1 x 1221 Lap
1 x 2801
Branch 1
1 x Asa5505
1 x Catalyst 3560 PoE
1 x 1221 Lap
1 x 2801
Cloud
1 x 2801
1 x 3560
Access control
<accesscontrol>NetBand</accesscontrol>
Passwords
Internet NAT router(192.168.138.148): cisco
Internet Switch(192.168.0.5): : cisco
Ubuntu server: ciscodisco
W2k3 Server: ciscodisco