Security

Wireless Layout Example

4

Client: Forever Young Cosmetics

Location: St. Louis, MO.

Facility: 250,000 square foot building containing the corporate HQ, manufacturing plant, and distribution center.

Wireless Technology: IEEE 802.11

After being hired to design a secure wireless network for Forever Young Cosmetics, my group has compiled a list of hardware and software necessary, as well as created the overall layout for the new system. Forever Young Cosmetics currently is utilizing a wired LAN with approximately 250 hosts; this is a high-speed Cox connection protected with an unspecified firewall. The client wishes to provide their employees with a secure and robust wireless network. I will now provide the hardware list for the new wireless system.

WAP: D-Link DAP-2553 Wireless N Dual Band Gigabit Access Point w/ PoE

Firewall: Cisco Meraki MX100

Switch Slot Chassis: N7K-C7004 Cisco Nexus 7000 4-slot Switch Chassis (room to upgrade)

Switches: 2 Cisco Catalyst 4928 10 Gigabit Ethernet Switches (possibly two more for redundancy (if budgeting allows)

UPS: CyberPower PR1500LCD Smart App Sinewave UPS System, 1500VA/1500W, 8 Outlets, AVR, Mini-Tower

Security Protocols: The wireless network will feature PSK, WPA2, and TKIP protocols. The WAP’s will feature SSID authentication.

Summary:

        With this wireless network design, employees will have full wireless coverage to all sections of the business without any blind-spots. The connection itself will be secure using PSK, WPA2, and TKIP, with high-speed access. Due to the use of laptops, I would recommend that each device is manually configured into the network using the IP addresses listed while preventing any other IP addresses from accessing the system (not use DHCP). The wireless network will have its default admin password changed, have SSID broadcasting disabled (depending on company policies), have its software continuously updated, audited, and maintained, as well as be subjected to routine, yet random, intrusion tests. The firewall and switches will all have their security settings configured to the specific business, with all admin passwords changed; they will also be continuously updated, audited, and maintained. I have added a UPS to the data center to ensure the uptime of the network is protected. The proposed wireless network will have adequate confidentiality, integrity, and availability.

Categories: Security

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s