The network IP addressing scheme for the MD building is designed to ease network management. It have to protect students and employees data as well as any intellectual property that COMIC has on the servers and computers. The PIPS with Application Level Gateway Firewall security appliance will be installed to secure the private network from the Internet and provide Pipes VPN connectivity to the main COMIC office. The Intrusion Protection System (UP'S) is able to inspect network traffic, examine and filter based on information contained within the data portion of a packet.
It help the IT personnel monitor, log, and detect security breaches. It could use to send security breach alerts, terminate security breaches, and terminate or restart processes. The network will use the Ethernet, 24 RAJA-45 ports, Power over Ethernet (POE) switch series because of their high performance. The switches are can support up to 144 gigabit network connections (10/100/Bassett Ethernet) and one will be installed on each floor in the Server Room. The switches will be configured with a tagged PLAN (Virtual Local Area Networks) for each subnet.
The network will e secured using Active Directory single sign-on and IP addresses centrally managed using DDCD with DDCD relay enabled on the switches to forward DDCD broadcast traffic as incase transmissions across PLAN boundaries. The switches also will be installed in each office or room which have more than four workstations. The switches will be connected in a partial mesh that ensures no single point of network failure. A Wireless Access Point, 802. 1 b/g/n Wireless, abases TX Ethernet series will integrate seamlessly into the network with PLAN support and provide 104 Mbps outwork access speed.
Wireless media access will be protected using WPAD security with AES 256 encryption and authentication using user credentials and 802. Xx integrated Into Active Directory via Radius(Calls applied to the PLAN for security). The servers in server rooms with the Windows Server operating system will be Installed for the Active Directory and Microsoft Exchange servers and as dedicated file servers.This hardware Includes a RAID 5 fault tolerant, hot swappable disk array that will continue to operate even If one drive In the array falls. Each server Is also equipped tit a UPS (Uninterruptible Power Supply) that filters power line surges and enables graceful shutdown In the event of a power outage to protect data from corruption. The primary Active Directory domain controller will reside on the first floor and a backup domain controller on the second floor to malting network access If the primary domain controller falls and share the load.
The servers In each lab (SIX class room computer labs and a student computer lab) with the Windows Server operating system will be Installed for the Active Directory and Microsoft Exchange servers and s dedicated file servers to support each special lab need. Each server will have two network Interface card (NICE) and could be configuration to be a small network. Each floor will also be equipped with an network printing scanning, copying for Administrative and Instructional networks.The Administrative printers will be In the front of server room each floor. The Instructional printer will be In the front of library and student computer lab.
ACTA HTTP (plenum rated where required) will be Installed In a star topology because Is less expensive and provides higher cable). However the distance from the server room on each floor to the last room is over 300 feet (the Ethernet limit) and a diagonal pull through the ceiling (240 feet length, 95 feet width plus a 30 feet drop).We have to install switches 150 feet from the server rooms to manage the far four rooms in each floor. The network subnet layout enables administrators to quickly locate computers by IP address by building floor and room, and whether the computer is a server, staff computer or instructor's computer. The subnet layout minimized the broadcast traffic that can reduce outwork performance by limiting the number of computers in each broadcast domain.