Upload
phungtuong
View
255
Download
2
Embed Size (px)
Citation preview
Running head: UNIT 4 ASSIGNMENT
Unit 4 Assignment
Network Upgrade Implementation Plan
Charles W Jansen, II
Kaplan University
IT499-01 Bachelors Capstone in Information Technology
Instructor: Allison Selby
June 12, 2012
UNIT # ASSIGNMENT: 1
Contents 1 Introduction .................................................................................................................................. 3
1.1 Summary Project Background .............................................................................................. 3
1.2 Summary of Project Goals .................................................................................................... 3
1.3 Assumptions .......................................................................................................................... 3
1.4 Notes on additions................................................................................................................. 4
2 Current State of Project ................................................................................................................ 5
3 Integration Information ................................................................................................................ 5
3.1 Comcast Integration .............................................................................................................. 5
3.2 Corero Network Security Integration.................................................................................... 5
3.3 HP Integration ....................................................................................................................... 6
4 Risks ............................................................................................................................................. 7
4.1 Schedule ................................................................................................................................ 7
4.2 Equipment ............................................................................................................................. 7
4.3 Personnel ............................................................................................................................... 8
4.4 Training ................................................................................................................................. 8
5 Blocks .......................................................................................................................................... 9
5.1 Possible cancellation ............................................................................................................. 9
5.2 Denial of Permit .................................................................................................................... 9
5.3 Product discontinuation ........................................................................................................ 9
5.4 Budget ................................................................................................................................... 9
6 Resources ..................................................................................................................................... 9
6.1 Personnel ............................................................................................................................... 9
6.2 Material ............................................................................................................................... 10
6.3 Total Budget........................................................................................................................ 11
6.4 Constraints .......................................................................................................................... 12
6.5 Success Measurements........................................................................................................ 12
8 Diagrams .................................................................................................................................... 12
8.1 Project Manager .................................................................................................................. 12
8.2 Network Diagrams .............................................................................................................. 12
9 Future projects ........................................................................................................................... 13
9.1 Studio Construction ............................................................................................................ 13
9.2 Disaster Recovery Plan ....................................................................................................... 13
9.3 Internal Security .................................................................................................................. 13
UNIT # ASSIGNMENT: 2
10 Signatures ............................................................................................................................. 14
Appendix A: Logical Topology Design Specifications ................................................................ 15
Appendix B: Wiring Closet Design Specifications ...................................................................... 17
Appendix C: Table of Terms ........................................................................................................ 21
Appendix D: IP Scheme As Is ...................................................................................................... 24
Appendix E: New IP Scheme Approved for Implementation on Network Devices ..................... 25
Appendix F: Routing Table .......................................................................................................... 29
Appendix G: References ............................................................................................................... 32
UNIT # ASSIGNMENT: 3
1 Introduction
1.1 Summary Project Background The objective of the network expansion and installation is to accommodate the hiring of
additional personnel in order to develop a motion picture division of Patch Productions. The
additional network equipment and redesigned IP scheme will allow the additional team members
to work on film projects using the company’s intranet. This is a precursor to building a studio
soundstage and full production facilities.
1.2 Summary of Project Goals The primary goal is to integrate the network expansion into the current network. The second goal
is to coordinate with the vendors to ensure the network equipment and host equipment will be
compatible. The vendors are HP, Corero Security and Comcast. The network has the goal of
helping the employees of Patch Productions preform their work in a secure environment in order
to develop motion picture production.
1.3 Assumptions The network will have adequate bandwidth for graphics editing and video conferencing. This
will be a gigabit Ethernet connection internally. Connection to the Internet requires less
bandwidth.
The network will be secure. This will be accomplished using authentication and encryption
protocols. Access Control Lists will also be used on routers to limit who has access to what
resources. This will help augment the configurations the server project team will implement
regarding Microsoft 2008 access directory, user groups and permissions given to those groups
and individuals within those groups.
With the exception of adding one switch in year 3, the design of the network equipment will
allow for a gradual expansion over three years before it will need to be expanded again based on
UNIT # ASSIGNMENT: 4
ten percent growth. These numbers were provided to Chuckamania Productions by Patch
Productions. Otherwise, the system is built for future scalability using Class B private IP range
from 172.20.0.0 to 172.20.15.255.
Network will integrate with existing network and allow for scalability to accommodate future
growth at a rate of 10% per year.
Network equipment and configuration is compatible with the new hosts provided by HP,
including desktop computers, server and printers. All nodes will be wired in for security. HP will
be providing patch cables for all connected devices they supply. The network equipment and
configuration will be compatible with the Corero Network Security IPS and firewall. These too
will be wired in.
Disaster recovery plan has been discussed with Corero Network Security and they have a
separate project which will require HP, Chuckamania Productions and Comcast to be involved.
Chuckamania’s role will be as a vendor. A brief statement will be included in the implementation
plan.
1.4 Notes on additions The Comcast representative has been identified and assigned to the portfolio. Further
information on how to ensure the network equipment and upgrade will mesh with the IPS,
firewall and host devices provided by Corero Network Security and HP is included. Disaster
recovery plans are included in relation to the network upgrade. Schedule and budget have been
set and will be included. Network equipment has been selected and recommended. Updated
Project Charter will be included as a separate file. Risks and blocks have been identified and
contingencies planned for.
UNIT # ASSIGNMENT: 5
2 Current State of Project The Project charter has been approved and updated. The implementation plan is complete.
Disaster recovery plan for the future is discussed. Compatibility is outlined. Budget is complete
and schedule is in place and being followed. A Microsoft Project Management file has been
created and submitted named. This includes the WBS, Gantt Chart, project timeline and other
information on the project.
Network analysis of current network has been completed and specifications are recommended
and will be submitted for approval on time.
3 Integration Information
3.1 Comcast Integration The new edition to the network will still fall within the range of the public IP addresses allocated
for PAT (Port Address Translation). IP addresses used in the internal network are not routable
across the Internet due to duplication in networks across the World Wide Web. Public IP
addresses can only be used once on the Internet unless a TCP/UDP port number has been
randomly assigned that will uniquely identify individual hosts on the internal network. The
number of IP addresses in the allocated public range will cover all necessary hosts within the
network. This includes public servers that will need a one to one (static) relationship between a
static public and private IP address. Adequate IP addresses have been allocated by the Internet
Service Provider (ISP) Comcast.
3.2 Corero Network Security Integration Corero Network Security is using three IPS 5500-1000ES, the Cisco ASA 1000V Cloud Firewall
on the DMZ, the Cisco ASA 5525-X Adaptive Security Appliance on the Internet Edge and the
Cisco ASA 5585-X with SSP10 firewall on the Internal network server farm. The importance of
security on a network that can respond to threats from the Internet cannot be overstated. The
UNIT # ASSIGNMENT: 6
reason Chuckamania Productions recommended Corero Network Security is their experience in
knowledge with firewalls and IPS devices. Formerly Top Layer Security, Corero Network
Security is a leader in Intrusion Prevention Systems. The devices will be installed passively
which means they will be visible and require no user interaction.
One reason to secure the network using an IPS to replace the IDS is represented in the number of
theatrical release movies that are pirated in the production phase. One example is X-Men
Wolverine. I made contact with several people who had downloaded the film minus special
effects from file sharing sites. The unfinished film had been pirated and distributed because the
production company’s network was intruded upon by a hacker. An IPS would have prevented the
intrusion and then notified the network administrators.
Because Patch Productions is planning a new theatrical film division, it is important to have the
right device installed and maintained by the right company. Corero Network Security has the
experience and knowledge to perform this complex and important task.
3.3 HP Integration The computers, server and printers supplied by HP are outline in their specifications. These
desktop computers and printers are all equipped with one Gigabit NIC (network interface card).
The servers will have two NICs each that will be configured to load balance traffic and for
redundancy. Computers for the video and graphic editors have 8-core processors and 16 GB of
RAM (Random Access Memory). Each computer will have a 1TB hard drive with expansion
bays for two additional hard drives. All other computers will be quad-core processors with 8 GB
of RAM and one 500GB hard drive. All host devices will connect using Cat 6 UTP Ethernet
cables capable of handling Gigabit Ethernet connections. The operating system (OS) for the
desktops will be Microsoft Windows 7 Ultimate 64-bit edition. This OS is compatible with the
network hardware and software.
UNIT # ASSIGNMENT: 7
4 Risks
4.1 Schedule Scheduling is tight and there is little room for error. The first theatrical film project is due to start
in mid-August, but the system needs to be in place no later than August 1st, 2012. What little
leeway exists will be utilized for contingencies. One possible risk with the project is if the film
project is moved to start earlier. If this happens, then the project schedule may need to be
accelerated. If this happens, then the base configurations will be completed during the week. The
complex configurations will then be completed during the weekends in order to meet the new
deadline.
4.2 Equipment Equipment includes but is not exclusive to Chuckamania Productions portion of the Program.
Issues could arise with any material involved in the program that could cause a delay. One
example is carpet coming in with flaws or defects. If this were to happen, then the whole project
could be pushed back.
Issues could also arise from equipment supplied by Corero Network Security or HP. Floods have
resulted in slow production of hard drives. This could increase costs or throttled supply.
Equipment could be damaged or lost in shipment. Manufacturing delays include breakdown of
assembly line. Chuckamania Productions is prepared to work weekends in order to meet the
deadline of the project should these events occur.
Chuckamania Productions could also realize issues with supply, too. We are dealing with Cisco
as a Cisco Partner. HP and Corero Network Security are also Cisco Partners as well as Microsoft
Partners. This does not mean there will be a guarantee of no delays or damaged equipment.
Shipment delays and damaged equipment are not likely, but they do happen. Chuckamania
Productions has the ability to pay for expedited shipping of any replacement parts and will fight
UNIT # ASSIGNMENT: 8
with the suppliers for reimbursement if warranted after the project is completed. Issues happen in
projects. Chuckamania Productions will deal with those issues rapidly to fix the problem. Then
we will worry about the cause after. The important consideration is the happiness and
satisfaction of the client Patch Productions first and foremost.
4.3 Personnel Problems with personnel can happen. In the event that one of the other projects runs into an issue
in personnel resulting in a delay, Chuckamania Productions is prepared to respond. The same can
also be said if Chuckamania Productions runs into problems with our own personnel.
Chuckamania Productions has other personnel on our staff capable of filling in for any personnel
who may become sick or incapacitated thus unable to work. Chuckamania Productions also has
additional personnel to commit in the event of a schedule change. The only contingency we are
not prepared for is a meteor striking the Earth.
4.4 Training Personnel in Chuckamania Productions are experts in their field and all have certifications.
Realizing this, every job we undertake results in learning something new. This means that
training is ongoing. The same can be said of our colleagues in the program from the other
projects. It is possible that training of Patch Productions Personnel needs to be accomplished
during this project that would be separate from the security-training project that will be
undertaken after this project is completed.
UNIT # ASSIGNMENT: 9
5 Blocks
5.1 Possible cancellation It is possible that this project would be cancelled if the owner of Patch Productions has a disaster
that is unseen. If this is the case, the project can be closed out early. The other option is to look at
the project and see if a scaled back version would work for Patch Productions.
5.2 Denial of Permit Permits for the wiring closet were applied for several months ago. The deadline is coming due
and the permits have not yet been approved. If the permit is not received, the project cannot
continue.
5.3 Product discontinuation If a product has been discontinued, then the project cannot be completed. The project will need
to be given a new set of product recommendations. This could happen with HP, Chuckamania
Productions or the general contractor for the renovation.
5.4 Budget Budget constraints could mean a portion or the entire project needs to be adjusted or cancelled.
In this economy, money has been an issue. It does not appear that money is an issue with Patch
Productions at this time, but a budget issue could still become a reality should there be a crash of
the economy into a depression.
6 Resources
6.1 Personnel Sponsor: Provides overall direction on the project. Responsibilities include: approve the project charter and plan; secure resources for the project; confirm the project’s goals and objectives; keep abreast of major project activities; make decisions on escalated issues; and assist in the resolution of roadblocks.
Name Email / Phone
Cecile B. Miller [email protected] (239) 555-1066
Natalie Kalmus [email protected] (239) 555-1492 Project Manager: Leads in the planning and development of the project; manages the project to scope. Responsibilities include: develop the project plan; identify project deliverables; identify risks and
UNIT # ASSIGNMENT: 10
develop risk management plan; direct the project resources (team members); scope control and change management; oversee quality assurance of the project management process; maintain all documentation including the project plan; report and forecast project status; resolve conflicts within the project or between cross-functional teams; ensure that the project’s product meets the business objectives; and communicate project status to stakeholders.
Name Email / Phone
Charles W Jansen II [email protected]
(239) 273-8604
Team Member: Works toward the deliverables of the project. Responsibilities include: understand the work to be completed; complete research, data gathering, analysis, and documentation as outlined in the project plan; inform the project manager of issues, scope changes, and risk and quality concerns; proactively communicate status; and manage expectations.
Name Email / Phone
Herman Pinder [email protected] (239) 555-8605
Gloria Howard [email protected] (239) 555-8606
Pepé Yamichi [email protected] (239) 555-8607
Haruko Jones [email protected] (239) 555-8609 Customer: The person or department requesting the deliverable. Responsibilities include: partner with the sponsor or project manager to create the Project Charter; partner with the project manager to manage the project including the timeline, work plan, testing, resources, training, and documentation of procedures; work with the project team to identify the technical approach to be used and the deliverables to be furnished at the completion of the project; provide a clear definition of the business objective; sign-off on project deliverables; take ownership of the developed process and software.
Name Email / Phone
Patch Productions [email protected] (239) 555-1066
Subject Matter Expert: Provides expertise on a specific subject. Responsibilities include: maintain up-to-date experience and knowledge on the subject matter; and provide advice on what is critical to the performance of a project task and what is nice-to-know.
Name Email / Phone
Brad Lee [email protected] (239) 555-2112
Kim Burley [email protected] (239) 555-2001
Bill Dratz [email protected] (239) 555-1984
6.2 Material Resource Description
Cisco 2901 ISR (Cisco Systems, 2012) o Integrated Services Router o 2 integrated 10/100/1000 Ethernet Ports o 4 enhanced high-speed WAN interface card
slots o 2 onboard DSP (digital signal processor) slots o 1 onboard Internal Service Module for
application services o Fully integrated power distribution to modules
supporting 802.3af Power over Ethernet and Cisco Enhanced PoE
o Voice Support via Cisco Communications Manager Express
UNIT # ASSIGNMENT: 11
Cisco HSWIC (PC Rush, 2012) o 1 x 10/100/1000Base-T LAN - 1 x SFP
(mini-GBIC)
Cisco Catalyst WS-C3750X-48T-L (Cisco
Systems, 2012)
o Layer-2 Switch
o 48 10/100/1000 Ethernet Ports
o 4x1G, 2x10G uplinks
o 350W AC power rating
o LAN Base software package
o Rack Mountable 1U
APC Smart-UPS SMT2200RM2U Line-
interactive (APC by Schneider Electric,
2012)
o Uninterruptable Power Supply with surge
protections.
o UPS - 2.20 kVA/1.98 kW
o 1980 Watts / 2200 VA
o 120V
o Input 1 NEMA 5-20P
o Output
6 NEMA 5-15R
2 NEMA 5-20R
o 50/60 Hz auto sensing
o 2URack-mountable
o 0.08 Hour Full Load w/maximum 3:40
(HRS:MN)
Ethernet 6’ Patch Cables (C2G, 2012) o CAT 6 o 1 Gbps speed o Unshielded Twisted Pair o Bundle of 50 6ft cables
6.3 Total Budget
Resource Standard Rate
Hours/Qty UOM Extended Cost
Chuck Jansen II $50.00 316 Hourly $15,800.00
Howard Pinder $20.00 212 Hourly $4,240.00
Gloria Howard $20.00 246 Hourly $4,920.00
Pepé Yamichi $20.00 196 Hourly $3,920.00
Haruko Jones $20.00 236 Hourly $4,720.00
Cisco Router (PC Rush, 2012) $1,200.00 1 Each $1,200.00
Cisco HSWIC (PC Rush, 2012) $550.00 1 Each $550.00
Cisco Switches (PC Rush, 2012) $5,500.00 4 Each $22,000.00
APC UPS (PC Rush, 2012) $1,140.00 6 Each $6840.00
CAT 6 Ethernet Cables (50ct) (C2G, 2012)
$410.00 6 Bundle $2,460.00
UNIT # ASSIGNMENT: 12
Total Budget $66,650.00
Add 10% Reserve $6,665.00
Total with Reserve $73,315.00
6.4 Constraints Resource Constraints
Project Budget $75,000.00
Time, Network installed no later than July 13, 2012
Time, Final documentation delivered no later than July 23, 2012
Scope Must use: o 1 router o 4 switches o 6 new UPS o Supply the required amount of Ethernet cables o Manage existing wiring closets o Certify cables in the 4
th floor of Building 1
Quality Network must adhere to the 999 rule of 99.9% uptime and Bandwidth must handle required traffic during peak hours
Scalability Network must expandable in the future
Resources Chuckamania Productions needs to have the following: o Proper tools for configuring, installing and
testing the network o Knowledge of the systems installed o Dedicated experts to perform the required
tasks
6.5 Success Measurements The success measurement of the project is to complete the project under the budget of $75,000 as
defined by the current scope of the work. The metric will be the Earned Value Method (Heldman, 2009).
o PV: Planned value or approved budget amount o AC: Actual costs incurred for completed work at any given time in the project o EV: Earned value is the difference between the PV and AC in terms of the percentage of work
completed.
8 Diagrams
8.1 Project Manager For WBS, Gantt chart and other project management charts and tables, see the MS Project file.
8.2 Network Diagrams See Appendices
UNIT # ASSIGNMENT: 13
9 Future projects The following are not included in this project. These will be separate projects executed in the
future. These projects are in the planning stage. Preliminary information is provided below.
9.1 Studio Construction In the near future studio soundstages will be constructed with network and computer equipment
installed. There will be one central structure housing a wiring closet that each soundstage will
connect to. This wiring closet will connect back to the wiring closet in Building 3 where the
Network Operations Center (NOC) is located. Chuckamania Productions will supply equipment
and labor to complete the next phase of the network expansion.
9.2 Disaster Recovery Plan Corero Security and HP are heading a project to develop a disaster recovery plan. Included in
this plan will be contributions from Chuckamania Productions. The goal is to provide a backup
site out of the region that will act as a backup in case the main site is damaged or destroyed. This
site will act as a backup data center with the purpose of data loss prevention. All Patch
Productions data will be backed up at this site and will be available to restore data to the mother
site. This site will also act as a backup to the mother network and will be capable of acting as the
main NOC and data center until the mother facility is restored. This will include a backup server
farm for internal access and a backup server farm for the DMZ servers. These will be live
backups that will take over as main sites in the event the current data center is offline for any
reason.
9.3 Internal Security Internal security is important. Many hacking agents come from within a company’s own halls
and offices. Many of these incidents are innocent mistakes that open the door for hackers and
social engineers. Social engineers are individuals who mine data from companies by play-acting
UNIT # ASSIGNMENT: 14
as company personnel or repairmen called to fix an item in the building. These people may use
the telephone or they may appear in person. Sometimes these individuals comb through trash
containers in order to gather information. Once they have the information, they piece it together
like a puzzle. Chuckamania Productions has an expert staff that is working with Corero Network
Security on training for Patch Production personnel.
10 Signatures
The signatures of the people below document have received a copy of the implement plan.
Customer:
Name Signature Date
Patch Productions:
Cecil B. Miller (Co-sponsor and owner)
C B Miller 6/1/2012
Project Sponsors:
Name Signature Date
Natalie Kalmus Natalie Kalmus 6/1/2012
Project Manager: Chuckamania Productions
Name Signature Date
Charles W Jansen II
5/31/2012
Project Manager: HP
Name Signature Date
Kim Burley Kim Burley 6/12/2012
Project Manager: Corero Network Security
Name Signature Date
Brad Lee Brad Lee 06/12/2012
Project Manager: Comcast
Name Signature Date
William Dratz William Dratz 06/12/2012
UNIT # ASSIGNMENT: 15
Appendix A: Logical Topology Design Specifications
Figure 1: Building 1 topology of network as is.
UNIT # ASSIGNMENT: 17
Appendix B: Wiring Closet Design Specifications Figure 3: Wiring closets for building one as they are on left. Floor one additions are shown on the right.
UNIT # ASSIGNMENT: 19
Figure 5: Wiring closets for building 2. The current configuration is on the left. The configuration changes to first floor
wiring closet are on the right with the 2 UPS added.
UNIT # ASSIGNMENT: 20
Figure 6: Wiring closet for building three includes the DMZ and the NOC. Note the change adding the IPS replacing the
IDS.
Note: The firewall diagrams will be supplied by Corero Network Security next week. They are
adding three firewalls instead of one.
UNIT # ASSIGNMENT: 21
Appendix C: Table of Terms
Protocols to be used in the design:
Term abbreviation and long form Description Responsible Party
ACL Access Control List Used on routers to control what traffic passes in and out of the network.
Chuckamania Productions
AAA Authentication, Authorization and Accounting
A method of controlling how people can gain access to network resource, who has access to what resources and tracking who attempts to access those resources
Corero Security
Banner Login banner
MOTD (message of the day)
A happy or snappy greeting users will see when the access a network device when troubleshooting or configuring
Chuckamania Productions
CHAP Challenge Handshake Authentication Protocol
Authentication protocol used for PPP and PPPoE encapsulation for secure connection
Chuckamania production
Clock Time of day clock Sets the clock on the network device
Chuckamania Productions
Crypto Encryption module Used to encrypt authentication when signing in using SSH
Chuckamania Productions
DHCP Dynamic Host Configuration Protocol
Automatic assignment of IPv4 address to hosts on the network
Chuckamania Productions
DNS Domain Name System System to resolve IPv4 address and their corresponding alpha-numeric name across the Internet
Chuckamania Productions
Dot11 IEEE 802.1Q standard Encapsulation standard used with VLAN routing
Chuckamania Productions
Encryption Special coding used on networks and computers that masks characters sent by one device to another requiring receiver to have same code to understand code
Chuckamania Productions
Corero Network Security
Ethernet IEEE 802.3 standard Transmission protocol that works at the data link layer 2 of the OSI Model
Chuckamania Productions
Frame Ethernet frame Formatted data transmitted on the layer 2 data link layer of the OSI Model. Carried by Ethernet switches
Chuckamania Productions, Corero Network Security
Host A device that accesses a network such as a computer, server or printer
HP
UNIT # ASSIGNMENT: 22
Hostname Name of the device The given to a computer or network device and as it is then seen on the network by other devices and users
Chuckamania Productions
IDS Intrusion detection system
Passive security device that notifies a network admins that unwanted traffic has been detected and does nothing to prevent actual breeches
Existing device will be replaced by Corero Network Security
Interface Connection point A port that directly connects one device to another
Chuckamania Productions
IPS Intrusion Detection System
Proactive system that can detect, block and notify in regards to unauthorized traffic activity entering or exiting a network
Corero Network Security
IPv4 IP address version 4 Internet Protocol Address version 4 is the numeric representation of a host address on the network
Chuckamania Productions
Line Console Terminal line Access a router or switch using a directly connected roll over cable from a computer
Chuckamania Productions
Line VTY Remote configuration line
Access a router or switch from a computer using a network connections
Chuckamania Productions
Logging Message-logging Sets method of logging messages during configuration
Chuckamania Productions
Login Enable login with password or secret
Requires a user to enter a password or a username and password
Chuckamania Productions
NEMA National Electrical Manufacturers Association
North American standard for AC Power Plugs
Chuckamania Productions
Corero Network Security
HP
NEMA 5-15R AC Power port
Chuckamania Productions
Corero Network Security
HP
NEMA 5-20R AC Power Port
Chuckamania Productions
Corero Network Security
HP
NEMA 5-20P AC Power Port
Chuckamania Productions
Corero Network Security
HP
Network Node Routers, Switches, Bridges, Hubs, Firewall
Device that transmits bits across the network or Internet
Chuckamania Productions, Corero Security
NTP Network Time Protocol Retrieves time and date from a server
Chuckamania Productions
OSI Model Open Source Seven layer model detailing Chuckamania Productions,
UNIT # ASSIGNMENT: 23
Interconnect Model how network traffic originates, encapsulates, transmits, de-encapsulates and is received by target host
Corero Network Security, HP
OSPF Open Shortest Path First
A link state protocol used on internal networks
Chuckamania Productions
Packet Formatted unit of data carried on network layer of the OSI model. Carried by network routers
Chuckamania Productions
Password Special word used to authenticate a user
Clear text combination of characters used to login to a device
Chuckamania Productions
PoE Power over Ethernet Provide electrical power to host devices through the Ethernet cabling, necessary for VoIP phones.
Chuckamania Productions
PPPoE Point-to-Point Protocol over Ethernet
Encapsulation method over Ethernet WAN connections between routers. Can use encryption protocols PAP or Chap
Chuckamania Productions
Policy-map Creates a map for QoS policies and services
Corero Network Security
Priority-list List created that gives packets in QoS queues their priority of importance for transmission in relation to other packets
Corero Network Security
QoS Quality of Service Used to prioritize traffic in a network
Corero Network Security
Queue-list List of items to be sent by priority that are ready to be sent
Corero Network Security
Secret Encrypted password Password that is automatically encrypted
Chuckamania productions
Server Provides resources to clients HP
Service Network based service Sets password encryption and timestamp options
Chuckamania Productions
SNMP Simple Network Management Protocol
Protocol used for monitoring network traffic and security
Corero Network Security
Patch Productions
Rapid Spanning-tree
IEEE 802.1W Loop free switching Chuckamania Productions
SSH Secure Shell Secure remote management connections
Chuckamania Productions
VLAN Virtual Local Area Network
Subdivision of a network on switches to help control traffic
Chuckamania Productions
VTP Virtual Trunking Protocol
An interface can handle multiple VLAN traffic
Chuckamania Productions
Wiring Closet Room where network equipment is installed
Chuckamania Productions
UNIT # ASSIGNMENT: 24
Appendix D: IP Scheme As Is
Internal network as is
Department Num
Hosts Current Network Address
Current Subnet Mask
Executive 120 192.168.100.0 255.255.255.0
Web Design 100 192.128.101.0 255.255.255.0
Printers 100 192.168.102.0 255.255.255.0
Film Crew 85 192.168.103.0 255.255.255.0
Man_VLAN 54 192.168.104.0 255.255.255.0
Writing 40 192.168.105.0 255.255.255.0
Accounting 36 192.168.106.0 255.255.255.0
Production 34 192.168.107.0 255.255.255.0
Graphics 250 192.168.108.0 255.255.255.0 First proposed change
Department Num
Hosts Current Network Address
Current Subnet Mask
Customer Service 44 172.16.128.0 255.255.255.0
Sales 70 172.16.129.0 255.255.255.0
Tech Support (for customers) 28 172.16.130.0 255.255.255.0
Printers (DMZ) 25 172.16.131.0 255.255.255.0
Servers (Public Access) 110 172.16.132.0 255.255.255.0
Man_VLAN DMZ 26 172.16.133.0 255.255.255.0
NOC_Mon 8 192.168.32.0 255.255.255.0
Tech Support (Internal) 30 192.168.240.0 255.255.255.0
Printers (Internal) 16 192.168.241.0 255.255.255.0
Servers (Internal) 44 192.168.242.0 255.255.255.0
Man_VLAN NOC 12 192.168.33.0 255.255.255.0
UNIT # ASSIGNMENT: 25
Appendix E: New IP Scheme Approved for Implementation on Network Devices
Router Interface Hosts New Network Address
New Subnet Mask IP Address Connection
Edge_Router S0/0/0 62 209.160.32.0 255.255.255.192 209.160.32.2 209.160.32.1 ISP_CC751
S0/0/1 2 172.20.8.212 255.255.255.252 172.20.8.213 172.20.8.214 Core_Router
Core_Router S0/0/0 2 172.20.8.216 255.255.255.252 172.20.8.217 172.20.8.218 R-B3NOC
S0/0/1 2 172.20.8.212 255.255.255.252 172.20.8.214 172.20.10.213 Edge_Router
S0/1/0 2 172.20.8.224 255.255.255.252 172.20.8.225 172.20.8.226 R_B1F1
S0/1/1 2 172.20.8.240 255.255.255.252 172.20.8.241 172.20.8.242 R_B2F1
S0/2/0 2 172.20.8.220 255.255.255.252 172.20.8.221 172.20.8.222 R-B3DMZ
S0/2/2 2
R_B1F1 S0/0/0 2 172.20.8.228 255.255.255.252 172.20.8.229 172.20.8.230 R_B1F2
S0/0/1 0
S0/1/0 2 172.20.8.224 255.255.255.252 172.20.8.226 172.20.8.225 Core_Router
S0/1/1 0
Fa0/0.1 5 172.20.8.0 255.255.255.248 172.20.8.1 172.20.8.3 S1FL1A
Fa0/0.7 25 172.20.3.0 255.255.255.224 172.20.3.1 S1FL1A
Fa0/0.10 9 172.20.7.112 255.255.255.240 172.20.7.113 S1FL1A
Fa0/0.15 53 172.20.0.0 255.255.255.192 172.20.0.1 S1FL1A
Fa0/0.20 9 172.20.7.0 255.255.255.240 172.20.7.1 S1FL1A
Fa0/0.25 20 172.20.5.0 255.255.255.224 172.20.5.1 S1FL1A
Fa0/0.30 23 172.20.4.0 255.255.255.224 172.20.4.1 S1FL1A
Fa0/0.35 14 172.20.6.0 255.255.255.224 172.20.6.1 S1FL1A
Fa0/0.73 26 172.20.2.0 255.255.255.224 172.20.2.1 S1FL1A
R_B1F2 S0/0/0 2 172.20.8.228 255.255.255.252 172.20.10.230 172.20.10.229 R_B1F1
S0/0/1 2 172.20.8.232 255.255.255.252 172.20.8.233 172.20.8.234 R_B1F3
S0/1/0 0
S0/1/1 0
Fa0/0.1 5 172.20.8.8 255.255.255.248 172.20.8.9 172.20.8.10 S1FL2E
Fa0/0.7 25 172.20.3.32 255.255.255.224 172.20.3.33 S1FL2E
UNIT # ASSIGNMENT: 26
Fa0/0.10 9 172.20.7.128 255.255.255.240 172.20.7.129 S1FL2E
Fa0/0.15 53 172.20.0.64 255.255.255.192 172.20.0.65 S1FL2E
Fa0/0.20 9 172.20.7.16 255.255.255.240 172.20.7.17 S1FL2E
Fa0/0.25 20 172.20.5.32 255.255.255.224 172.20.5.33 S1FL2E
Fa0/0.30 23 172.20.4.32 255.255.255.224 172.20.4.33 S1FL2E
Fa0/0.35 14 172.20.6.32 255.255.255.224 172.20.6.33 S1FL2E
Fa0/0.73 27 172.20.2.32 255.255.255.224 172.20.2.33 S1FL2E
R_B1F3 S0/0/0 2 172.20.8.236 255.255.255.0 172.20.237 172.20.8.238
S0/0/1 2 172.20.8.232 255.255.255.252 172.20.8.234 172.20.8.233 R_B1F2
S0/1/0 0
S0/1/1 0
Fa0/0.1 5 172.20.8.16 255.255.255.248 172.20.8.17 172.20.8.18 S1FL3I
Fa0/0.7 25 172.20.3.64 255.255.255.224 172.20.3.65 S1FL3I
Fa0/0.10 9 172.20.7.144 255.255.255.240 172.20.7.145 S1FL3I
Fa0/0.15 53 172.20.0.128 255.255.255.192 172.20.0.129 S1FL3I
Fa0/0.20 9 172.20.7.32 255.255.255.240 172.20.7.33 S1FL3I
Fa0/0.25 20 172.20.5.64 255.255.255.224 172.20.5.65 S1FL3I
Fa0/0.30 23 172.20.4.64 255.255.255.224 172.20.4.65 S1FL3I
Fa0/0.35 14 172.20.6.64 255.255.255.224 172.20.6.65 S1FL3I
Fa0/0.73 27 172.20.2.64 255.255.255.224 172.20.2.65 S1FL3I
R_B1F4 S0/0/0 2 172.20.8.236 255.255.255.252 172.20.8.238 172.20.8.237 R_B1F3
S0/0/1 0
S0/1/0 0
S0/1/1 0
Fa0/0.1 5 172.20.8.32 255.255.255.248 172.20.8.33 172.20.8.34 S1FL4M
Fa0/0.7 25 172.20.3.96 255.255.255.224 172.20.0.97 S1FL4M
Fa0/0.10 8 172.20.7.160 255.255.255.240 172.20.7.161 S1FL4M
Fa0/0.15 55 172.20.0.192 255.255.255.192 172.20.0.193 S1FL4M
Fa0/0.20 11 172.20.7.48 255.255.255.240 172.20.7.49 S1FL4M
Fa0/0.25 20 172.20.5.96 255.255.255.224 172.20.5.97 S1FL4M
Fa0/0.30 23 172.20.4.96 255.255.255.224 172.20.4.97 S1FL4M
Fa0/0.35 14 172.20.6.96 255.255.255.224 172.20.6.97 S1FL4M
Fa0/0.73 27 172.20.2.96 255.255.255.224 172.20.2.97 S1FL4M
R_B2F1 S0/0/0 0 172.20.8.244 255.255.255.252 172.20.8.245 172.20.10.246 R_B2F2
S0/0/1 0
S0/1/0 0
S0/1/1 0 172.20.8.240 255.255.255.252 172.20.8.242 172.20.8.241 Core_Router
UNIT # ASSIGNMENT: 27
Fa0/0.1 5 172.20.8.48 255.255.255.248 172.20.8.49 172.20.8.50 S2FL1A
Fa0/0.7 27 172.20.3.128 255.255.255.224 172.20.3.129 S2FL1A
Fa0/0.10 8 172.20.7.176 255.255.255.240 172.20.7.177 S2FL1A
Fa0/0.15 53 172.20.1.0 255.255.255.192 172.20.1.1 S2FL1A
Fa0/0.20 9 172.20.7.64 255.255.255.240 172.20.7.65 S2FL1A
Fa0/0.25 20 172.20.5.128 255.255.255.224 172.20.5.129 S2FL1A
Fa0/0.30 23 172.20.4.128 255.255.255.224 172.20.4.129 S2FL1A
Fa0/0.35 15 172.20.6.160 255.255.255.224 172.20.6.161 S2FL1A
Fa0/0.73 26 172.20.2.128 255.255.255.224 172.20.2.129 S2FL1A
R_B2F2 S0/0/0 2 172.20.8.244 255.255.255.252 172.20.8.246 172.20.8.245 R_B2F1
S0/0/1 2 172.20.8.248 255.255.255.252 172.20.8.249 172.20.10.250 R_B2F3
S0/1/0 0
S0/1/1 0
Fa0/0.1 5 172.20.8.64 255.255.255.248 172.20.8.65 172.20.8.66 S2FL2E
Fa0/0.7 27 172.20.3.160 255.255.255.224 172.20.3.161 S2FL2E
Fa0/0.10 8 17.20.7.192 255.255.255.240 172.20.7.193 S2FL2E
Fa0/0.15 53 172.20.1.64 255.255.255.192 172.20.1.65 S2FL2E
Fa0/0.20 10 172.20.7.80 255.255.255.240 172.20.7.81 S2FL2E
Fa0/0.25 20 172.20.5.160 255.255.255.224 172.20.5.161 S2FL2E
Fa0/0.30 23 172.20.4.160 255.255.255.224 172.20.4.161 S2FL2E
Fa0/0.35 0 172.20.6.160 255.255.255.224 172.20.6.161 S2FL2E
Fa0/0.73 26 172.20.2.160 255.255.255.224 172.20.2.161 S2FL2E
R_B2F3 S0/0/0 0
S0/0/1 2 172.20.8.248 255.255.255.252 172.20.8.250 172.20.8.249 R_B2F2
S0/1/0 0
S0/1/1 0
Fa0/0.1 5 172.20.20.8.72 255.255.255.248 172.20.8.73 172.20.8.74 S2FL3I
Fa0/0.7 27 172.20.3.192 255.255.255.224 172.20.3.193 S2FL3I
Fa0/0.10 8 172.20.7.208 255.255.255.240 172.20.7.209 S2FL3I
Fa0/0.15 53 172.20.1.128 255.255.255.192 172.20.1.129 S2FL3I
Fa0/0.20 10 172.20.7.96 255.255.255.240 172.20.7.97 S2FL3I
Fa0/0.25 20 172.20.5.192 255.255.255.224 172.20.5.193 S2FL3I
Fa0/0.30 23 172.20.4.192 255.255.255.224 172.20.4.193 S2FL3I
Fa0/0.35 15 172.20.6.192 255.255.255.224 172.20.6.193 S2FL3I
Fa0/0.73 27 172.20.2.192 255.255.255.224 172.20.2.193 S2FL3I
R-B3NOC S0/0/0 0 172.20.8.216 255.255.255.252 172.20.8.218 172.20.8.217 Core_Router
UNIT # ASSIGNMENT: 28
S0/0/1 0
S0/1/0 0
S0/1/1 0
Fa0/0.1 7 172.20.9.176 255.255.255.248 172.20.9.177 172.20.9.178 S3NOCMON1
Fa0/0.51 30 172.20.9.64 255.255.255.192 172.20.9.65 S3NOCMON1
Fa0/0.60 8 172.20.9.160 255.255.255.240 172.20.9.161 S3NOCMON1
Fa0/0.70 16 172.20.9.128 255.255.255.224 172.20.9.129 S3NOCMON1
Fa0/1 110 172.20.12.0 255.255.255.192 172.20.12.1 S3NOCSF1
R-B3DMZ S0/0/0 0 172.20.8.220 255.255.255.252 172.20.8.222 172.20.8.221 Core_Router
S0/0/1 0
S0/1/0 0
S0/1/1 0
Fa0/0.1 5 172.20.8.88 255.255.255.248 172.20.8.89 172.20.8.90 S3CS1
Fa0/0.41 59 172.20.11.128 255.255.255.192 172.20.11.129 S3CS1
Fa0/0.42 93 172.20.11.0 255.255.255.128 172.20.11.1 S3CS1
Fa0/0.52 37 172.20.11.192 255.255.255.192 172.20.11.193 S3CS1
Fa0/0.71 33 172.20.9.192 255.255.255.192 172.20.9.193 S3CS1
Fa0/1 146 172.20.10.0 255.255.255.0 172.20.10.1 172.20.10.2 S3PSF1
UNIT # ASSIGNMENT: 29
Appendix F: Routing Table
The routing table of the new router installed in the fourth floor and what the routing table will return using the ‘show ip route’ command in the Cisco IOS. Example uses a lab computer with Fast Ethernet ports rather than Gigabit Ethernet ports. One test of the installed system is to replicate the routing table as show.
R_B1F4#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is 172.20.8.237 to network 0.0.0.0
172.20.0.0/16 is variably subnetted, 82 subnets, 8 masks
O 172.20.0.0/26 [110/193] via 172.20.8.237, 02:44:22, Serial0/0/0
O 172.20.0.64/26 [110/129] via 172.20.8.237, 02:44:22, Serial0/0/0
O 172.20.0.128/26 [110/65] via 172.20.8.237, 02:44:22, Serial0/0/0
C 172.20.0.192/26 is directly connected, FastEthernet0/0.15
O IA 172.20.1.0/26 [110/321] via 172.20.8.237, 02:44:02, Serial0/0/0
O IA 172.20.1.64/26 [110/385] via 172.20.8.237, 02:44:02, Serial0/0/0
O IA 172.20.1.128/26 [110/449] via 172.20.8.237, 02:44:02, Serial0/0/0
O 172.20.2.0/27 [110/193] via 172.20.8.237, 02:44:22, Serial0/0/0
O 172.20.2.32/27 [110/129] via 172.20.8.237, 02:44:22, Serial0/0/0
O 172.20.2.64/27 [110/65] via 172.20.8.237, 02:44:22, Serial0/0/0
C 172.20.2.96/27 is directly connected, FastEthernet0/0.73
O IA 172.20.2.128/27 [110/321] via 172.20.8.237, 02:44:02, Serial0/0/0
O IA 172.20.2.160/27 [110/385] via 172.20.8.237, 02:44:02, Serial0/0/0
O IA 172.20.2.192/27 [110/449] via 172.20.8.237, 02:44:02, Serial0/0/0
O 172.20.3.0/27 [110/193] via 172.20.8.237, 02:44:22, Serial0/0/0
O 172.20.3.32/27 [110/129] via 172.20.8.237, 02:44:22, Serial0/0/0
O 172.20.3.64/27 [110/65] via 172.20.8.237, 02:44:22, Serial0/0/0
C 172.20.3.96/27 is directly connected, FastEthernet0/0.7
O IA 172.20.3.128/27 [110/321] via 172.20.8.237, 02:44:02, Serial0/0/0
O IA 172.20.3.160/27 [110/385] via 172.20.8.237, 02:44:02, Serial0/0/0
O IA 172.20.3.192/27 [110/449] via 172.20.8.237, 02:44:02, Serial0/0/0
O 172.20.4.0/27 [110/193] via 172.20.8.237, 02:44:22, Serial0/0/0
O 172.20.4.32/27 [110/129] via 172.20.8.237, 02:44:22, Serial0/0/0
O 172.20.4.64/27 [110/65] via 172.20.8.237, 02:44:22, Serial0/0/0
C 172.20.4.96/27 is directly connected, FastEthernet0/0.30
O IA 172.20.4.128/27 [110/321] via 172.20.8.237, 02:44:02, Serial0/0/0
UNIT # ASSIGNMENT: 30
O IA 172.20.4.160/27 [110/385] via 172.20.8.237, 02:44:02, Serial0/0/0
O IA 172.20.4.192/27 [110/449] via 172.20.8.237, 02:44:02, Serial0/0/0
O 172.20.5.0/27 [110/193] via 172.20.8.237, 02:44:22, Serial0/0/0
O 172.20.5.32/27 [110/129] via 172.20.8.237, 02:44:22, Serial0/0/0
O 172.20.5.64/27 [110/65] via 172.20.8.237, 02:44:22, Serial0/0/0
C 172.20.5.96/27 is directly connected, FastEthernet0/0.25
O IA 172.20.5.128/27 [110/321] via 172.20.8.237, 02:44:02, Serial0/0/0
O IA 172.20.5.192/27 [110/449] via 172.20.8.237, 02:44:02, Serial0/0/0
O 172.20.6.0/27 [110/193] via 172.20.8.237, 02:44:22, Serial0/0/0
O 172.20.6.32/27 [110/129] via 172.20.8.237, 02:44:22, Serial0/0/0
O 172.20.6.64/27 [110/65] via 172.20.8.237, 02:44:22, Serial0/0/0
C 172.20.6.96/27 is directly connected, FastEthernet0/0.35
O IA 172.20.6.128/27 [110/321] via 172.20.8.237, 02:44:02, Serial0/0/0
O IA 172.20.6.192/27 [110/449] via 172.20.8.237, 02:44:02, Serial0/0/0
O 172.20.7.0/28 [110/193] via 172.20.8.237, 02:44:22, Serial0/0/0
O 172.20.7.16/28 [110/129] via 172.20.8.237, 02:44:22, Serial0/0/0
O 172.20.7.32/28 [110/65] via 172.20.8.237, 02:44:22, Serial0/0/0
C 172.20.7.48/28 is directly connected, FastEthernet0/0.20
O IA 172.20.7.64/28 [110/321] via 172.20.8.237, 02:44:02, Serial0/0/0
O IA 172.20.7.80/28 [110/385] via 172.20.8.237, 02:44:02, Serial0/0/0
O IA 172.20.7.96/28 [110/449] via 172.20.8.237, 02:44:02, Serial0/0/0
O 172.20.7.112/28 [110/193] via 172.20.8.237, 02:44:22, Serial0/0/0
O 172.20.7.144/28 [110/65] via 172.20.8.237, 02:44:22, Serial0/0/0
C 172.20.7.160/28 is directly connected, FastEthernet0/0.10
O IA 172.20.7.176/28 [110/321] via 172.20.8.237, 02:44:02, Serial0/0/0
O IA 172.20.7.192/28 [110/385] via 172.20.8.237, 02:44:02, Serial0/0/0
O IA 172.20.7.208/28 [110/449] via 172.20.8.237, 02:44:02, Serial0/0/0
O 172.20.8.0/29 [110/193] via 172.20.8.237, 02:44:22, Serial0/0/0
O 172.20.8.8/29 [110/129] via 172.20.8.237, 02:44:22, Serial0/0/0
O 172.20.8.16/29 [110/65] via 172.20.8.237, 02:44:22, Serial0/0/0
C 172.20.8.32/29 is directly connected, FastEthernet0/0.1
O IA 172.20.8.48/29 [110/321] via 172.20.8.237, 02:44:02, Serial0/0/0
O IA 172.20.8.64/29 [110/385] via 172.20.8.237, 02:44:02, Serial0/0/0
O IA 172.20.8.72/29 [110/449] via 172.20.8.237, 02:44:02, Serial0/0/0
O IA 172.20.8.88/29 [110/321] via 172.20.8.237, 02:44:02, Serial0/0/0
O IA 172.20.8.212/30 [110/320] via 172.20.8.237, 02:44:02, Serial0/0/0
O IA 172.20.8.216/30 [110/320] via 172.20.8.237, 02:44:02, Serial0/0/0
O IA 172.20.8.220/30 [110/320] via 172.20.8.237, 02:44:02, Serial0/0/0
O IA 172.20.8.224/30 [110/256] via 172.20.8.237, 02:44:12, Serial0/0/0
O 172.20.8.228/30 [110/192] via 172.20.8.237, 02:44:22, Serial0/0/0
O 172.20.8.232/30 [110/128] via 172.20.8.237, 02:44:22, Serial0/0/0
C 172.20.8.236/30 is directly connected, Serial0/0/0
C 172.20.8.237/32 is directly connected, Serial0/0/0
O IA 172.20.8.240/30 [110/320] via 172.20.8.237, 02:44:02, Serial0/0/0
UNIT # ASSIGNMENT: 31
O IA 172.20.8.244/30 [110/384] via 172.20.8.237, 02:44:02, Serial0/0/0
O IA 172.20.8.248/30 [110/448] via 172.20.8.237, 02:44:02, Serial0/0/0
O IA 172.20.9.64/26 [110/321] via 172.20.8.237, 02:44:02, Serial0/0/0
O IA 172.20.9.128/27 [110/321] via 172.20.8.237, 02:44:02, Serial0/0/0
O IA 172.20.9.160/28 [110/321] via 172.20.8.237, 02:44:02, Serial0/0/0
O IA 172.20.9.176/29 [110/321] via 172.20.8.237, 02:44:02, Serial0/0/0
O IA 172.20.9.192/26 [110/321] via 172.20.8.237, 02:44:02, Serial0/0/0
O IA 172.20.10.0/24 [110/321] via 172.20.8.237, 02:44:02, Serial0/0/0
O IA 172.20.11.0/25 [110/321] via 172.20.8.237, 02:44:02, Serial0/0/0
O IA 172.20.11.128/26 [110/321] via 172.20.8.237, 02:44:02, Serial0/0/0
O IA 172.20.11.192/26 [110/321] via 172.20.8.237, 02:44:02, Serial0/0/0
O IA 172.20.12.0/26 [110/321] via 172.20.8.237, 02:44:02, Serial0/0/0
O*E2 0.0.0.0/0 [110/1] via 172.20.8.237, 02:44:02, Serial0/0/0
R_B1F4#
UNIT # ASSIGNMENT: 32
Appendix G: References
APC by Schneider Electric. (2012). APC Smart-UPS 2000VA RM 2U LCD 120V. Retrieved June
9, 2012, from American Power Conversion:
http://www.apc.com/products/resource/include/techspec_index.cfm?base_sku=SMT2200
RM2U&total_watts=50
C2G. (2012). 5 ft Cat6 550 MHz Snagless Patch Cable - Blue 50pk. Retrieved June 9, 2012, from
Cables 2 Go: http://www.cablestogo.com/product.asp?cat%5Fid=3521&sku=31372
Cisco Systems. (2012). Cisco 2901 Integrated Services Router. Retrieved June 12, 2012, from
Cisco: http://www.cisco.com/en/US/products/ps10539/index.html
Cisco Systems. (2012). Cisco Catalyst 3750-X Series Switches (Data Sheet. Retrieved June 10,
2012, from Cisco:
http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps6406/data_sheet_c78-
584733.html
PC Rush. (2012). Cisco 2901 ISR; Cisco Catalyst Switch; Cisco HSWIC; APC UPS. Retrieved
June 12, 2012, from PC Rush: http://www.pcrush.com
PC Rush. (2012). Cisco High-Speed WAN Interface Card. Retrieved June 11, 2012, from PC
Rush: http://www.pcrush.com/product/Network-and-Interface-Modules/767067/Cisco-
Ehwic-1-Port-Dual-Mode-SFP-100M-1G-OR-GBE-10M-100M-1G-for-3900