Secure ISP Company Network System Design and Implementation

Scenario Description: Secure ISP Company Network:

A multi-national ISP company which is based on three different continents has recently hired you as their network administrator. As your first task, you have been asked to provide a robust network design for them considering the following requirements:

- One of the sites is the company's HQ and employs 1,200 staff in three different departments, namely, HR, Sales and IT and a newly created Cyber Security department.
- The other two sites employ 700 staff each in two departments, namely, Marketing and Sales.
- These three sites are separated from each other by OSPF and BGP routers.
- Each site has a multi-layer hierarchical network design with redundancy and reliability factors considered.
- Each site has a DMZ area with at least one server in it.
- For security reasons, the Cyber Security department has all the network traffic monitored and reported to servers.
- Finally, the network administrators sometimes need to work offsite, to do that, they need a secure VPN connection to monitor and configure all the network devices on each site.

Assessment Criteria:

- Basic configuration and naming convention for all network devices (10%)
- IP addressing design scheme (10%)
- VLANs implementation and departmental segmentation (10%)
- HSRP (Hot Standby Router Protocol) and EtherChannel for redundancy and load balancing (10%)
- DHCP and DNS for dynamic IP allocation and name resolution (10%)
- Static routing and dynamic routing (e.g., OSPF) throughout the network (15%)
- NAT (Network Address Translation) and PAT (Port Address Translation) for internet access (10%)
- Network monitoring tools and protocols (10%)
- Network security and management, including firewalls, ACLs, and encryption (15%)

Network Topology Created
The network topology below satisfy the user requirements above and everything is verified, tested and working fine.