Check More Advanced Projects

IPsec VPN Network System Design and Implementation (Digital Financial Services Network)

Download this Project

Scenario Description: DFS (Digital Finance Services):

Network security attacks can result in financial cost and compromised availability. If a small business is targeted with security attack, it could create a lack of trust among employees and customers, forcing them to switch to a more prominent brand name they think can provide better security. A recent survey showed that 37% of small businesses in UK have lost customers and 17% have lost revenue due to downtime, proving that security should be now a number one agenda for small businesses.

DFS (Digital Finance Services) is a well-established small finance service provider, which offers online finance solutions and services to its clients. DFS has the following four departments within its main headquarter Human resource (HR), Information Systems (IS), Customer Centric (CC) and Marketing (MK). So far DFS was using third party services to maintain its IT services.

However, as the business is expending rapidly. The senior management has decided to own their own network infrastructure including Local Area Network (LAN), Wide Area Network (WAN) and an external Server-Side location connected via appropriate WAN technology with prioritizing secure communication between HR department and external site. The server-side site will host DNS, WEB and EMAIL servers.

Due to security requirements, it has been decided that all four departments will be on a separate network segment within the same local area network. Other than IT all departments have five users, whereas IT has only two users. Furthermore, IT users must have accessibility to ping all users in the LAN. None of the server is located within the local area network but will be hosted from external site accessible via WAN connection. It will be connected to the external site which we need to indentify IP.

To strengthen the security it is suggested that IPSec Tunnel has to be created between the HR and the external site via WAN connection. Also Access Control List (ACL) the rules will be applied whether deny or allow to connect to the browsers. can be used for further security control.

You have been hired as network security engineer to design the network for DFS according to the requirements set by the senior management. You will consult appropriate robust network design model to meet the design requirements. You will also implement Access Control Lists and Virtual Private Network to enable secure communication considering security and network performance factors paramount to safeguard Confidentiality, Integrity and Availability of data and communication.

Assessment Criteria/Marking Scheme:
  1. Hierarchical Network Design Model (LAN) (3 Marks).
  2. Subnetting (Design IP Addressing and Allocation) (3 Marks)
  3. VLAN Configuration, ( for security purpose as we do not want other department can see it) VLAN Trunking 802.1Q, Inter-VLAN Routing (4 Marks).
  4. DHCP Server, DNS Server, Web Server, Email Server (3 Marks)
  5. Dynamic Routing Protocol Configuration using OSPF (WAN) (4 Marks)
  6. IPSec tunnelling to enhance the security (3 Marks)
  7. User Privileges (Encrypted Passwords Configuration for Console, User, Privilege Exec Mode) (3 Marks).
  8. 2 Variations of Extended Access Control List (ACL) (7 Marks)
Network Topology Created
The network topology below satisfy the user requirements above and everything is verified, tested and working fine.

Purchase the Project from PayPal

  1. Get File via PayPal Donation

    Access the file through a PayPal donation. After donating, you'll be redirected to our repository where all files are stored.

      The zipped file has the following;
    • Complete Cisco Packet Tracer File
    • Complete Documentation
    • IP Addressing Table
    • Case Study/Case work
    • Project Screenshot
    Get via PayPal