CMIT 495 Project implementation
01-01-2017
This section will lay out the implementation plan of the entire Authentic Assessment Project (AAP) design, which include configuration of key networking devices, detailing milestones, activities, resources, and budgets, as well as providing a deliverables schedule.
Project Implementation Plan
In this lecture I will discuss implementation plan through an example of an enterprise network.
The figure presents a fictitious enterprise factious network. The company would like to implement a scalable solution with a routing protocol that provides fast convergence. For optimal routing and packet forwarding, hierarchical addressing with summarization is required. Users require high-speed access to the server farm with redundant connectivity for protection. The company has many remote offices; a redundant connection to the Internet is required to provide the remote offices with nonstop access to its server farm. For remote offices, a secure connection must be implemented to prevent unauthorized persons from accessing data.
The first step before creating an implementation plan is to gather existing information about the networks and all the requirements.
The existing topology provides redundant connectivity among all the network devices. Internet connectivity is dual homed, which provides redundant access to the remote sites as well as World Wide Web resources. The equipment can provide all the functionalities that are required, but the software version of the operation system must be upgraded.
The networking equipment has existing IP addressing that needs to be changed to ensure optimal routing and forwarding of packets as well as summarization. Requirements for server farm access and remote office connectivity do not include changes in QoS configuration. The server farm hosts the critical applications of the company including VoIP, and these require preferred treatment. OSPF is configured in the network. This configuration must be changed, because a faster convergence time is required. EIGRP is better choice than OSPF.
Security configuration is required to provide secure access to terminal resources. In this case existing security is sufficient, therefor no changes are needed.
For this scenario implementation plan would be
Project contact list
Location information and means of accessing the premises
Tools and resources
Assumption
Task and detailed description
Network staging plan
Project Contact List
| Consultant Project Team | Customer Project Team |
| Project Manager Telephone | Project Manager Telephone |
| Configuration Engineer Telephone | Configuration Engineer Telephone |
| Project Coordinator Telephone | Project Coordinator Telephone |
|
|
|
Equipment installation Plan
| Location | Details |
| Floor |
|
| Room |
|
| Rack Number |
|
|
|
|
Tools Required
| Item Number | Item |
| PC with a VT 100 emulator, 10Base-T interface, FTP Server, TFTP client application | |
| Console port cable DB9-RJ45/DB25 | |
| 10Base-T Ethernet cable |
The implementation task list must provide a breakdown of the implementation process, followed by a detailed description of each activity.
Implementation Tasks
| Step Number | Task |
|
| Connect to the router |
|
| Verify the current installation, create a backup file (Note: this is not applicable in WWTC) |
|
| Change the Cisco IOS software version on all devices (Note: this is not applicable in WWTC) |
|
| Update or configure the IP address configuration on distribution routers. |
|
| Configure EIGRP (see detail below) |
|
|
|
|
|
|
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#host Router1
Router1(config)#router eigrp 1
Router1(config-router)#network 10.1.112.0 0.0.0.255
Router1(config-router)#network 10.1.115.0 0.0.0.255
Router1(config-router)#no auto-summary
Router1(config-router)#exit
Also, Implementation plan is not complete without a time line.
WWTC Implementation plan
Now, I will discuss some guidelines to prepare WWTC implementation plan:
Follow the procedure outlined above.
Provide Configuration for each network device (except work stations)
Provider security configuration
Provide Active Directory Configuration
Provide Time Line
Except work station, configure all devices as per your network diagram and IP scheme. For example if you have 10 devices, you need to configure all devices accurately to get full credit.
Below are sample templates for your guidance of WWTC implementation plan.
Configuration Template Samples
Step 1: Connect Network Devices to the Network
The network infrastructure devices will be connected to the network. The installation engineer must ensure that the devices are properly installed and powered from redundant power sources.
Step 2: Apply Device Configuration Template to Routers/Switches
The installation engineer will use the following configuration template to configure all core, distribution, and access layer devices.
| Switch> enable Switch# configure terminal Switch(config)# hostname <device-name> device-name(config)# ip domain-name xumuc.com device-name(config)# enable secret <password> device-name(config)# username <username> secret <password> device-name(config)# crypto key generate rsa How many bits in the modulus [512]: 2048 device-name(config)# line con 0 device-name(config-line)# login local device-name(config-line)# exit device-name(config)# line vty 0 4 device-name(config-line)# login local device-name(config-line)# transport input ssh device-name(config-line)# exec-timeout 1 00 device-name(config-line)# exit device-name(config)# line vty 5 15 device-name(config-line)# login device-name(config-line)# exit device-name(config)# no logging console device-name(config)# no ip domain-lookup |
Configure VLANs, Network, Routing protocols. Do not forget to configure voice vlan/s and wireless network.
Configure DHCP.
Security Implementation Tasks
VLAN, Port security, DHCP snooping, Authentication, ACL, firewall etc. (if required)
Active Directory Implementation Tasks
The tasks listed in Table 8 are necessary to successfully create the new WWTC.com Active Directory forest for WWTC.
| STEP | TASK |
| Create forest root domain | |
| Create domain trees | |
| Configure DNS stub zones for domains | |
| Configure DNS suffix search list and distribute through GPOs | |
| Establish forest trust with WWTC if required | |
| Configure global catalog servers and FSMO roles | |
| Create sites and subnets | |
| Create site link objects and configure site link settings | |
| Create organizational units and groups |
Table 8: Active Directory Implementation Tasks
Step 1: Create Forest Root Domain
The installation engineer will create the WWTC.com forest root domain using the procedure below.
|
Step 2: Create Domain Trees
Use the same procedure described in Step 1
Step 3: Configure DNS Stub Zones(if required)
Project Schedule or Time line
| DATE COMPLETED | PROJECT MILESTONE |
| March 27 | Business and design requirements identified for network, security, and Active Directory implementation. |
| April 3 | Preliminary network design submitted for client review. |
| April 10 | Network design modification requests received from client. |
| April 17 | Preliminary security design submitted for client review. |
| April 24 | Security design modification requests received from client. |
| April 28 | Preliminary Active Directory design submitted for client review. |
| May 5 | Active Directory design modification requests received from client. |
| May 12 | Final designs (network, security, Active Directory) submitted to client. |
Suggestion to prepare the Plan.
Prepare or revised your network high level diagram to indicate all networking devices, VLANs, link addresses. You have done in your LAN submittal, please revise that diagram.
Prepare an equipment list which you are using in your network. Your equipment list should have name of the equipment, connection to other equipment and IP addresses. You have done it in your LAN submittal but review that list and revise it.
Divide the work as you seem appropriate such as VLANs, or equipment. For example if you have created 20 VLANs, then 5 VLANs each member or you have 20 equipment, 5 equipment each.
You do not have to follow, you can use your own methods. This submittal depends on clarity of your diagrams and equipment list and IP address assignment.
