Options

Help Please For HND Student Project (Thank You)

wullswulls Registered Users Posts: 3 ■□□□□□□□□□
in CCNA Security
Hello , and a belated Happy new Year to all of you ,
I know this is very tame, but I am currently an HND student. I am very Cisco orientated in a geekish kind of way, and we have been given the task of creating a project from start to finish including the following; first client contact, analysing, designing, implementation, testing, documentation and deployment, etc,etc. I know you have all been here before at some point, and I do realise that this is very tame in comparison to my level of knowlege to all of yours. My thought is we all have to start somewhere, so.....

Our lecturer wants us to aim higher than what we think we could achieve, self-study, and go for it. I did this and submitted a frame-relay business-to-business scenario usng WAN and point-to-points. He told me to stay away from WAN as he hadnt really covered this fully with us.

I know this is long winded, but has anyone any good ideas on security for me to do (ie, ACL's, etc), but which is achievable for me at my level. Many, many thanks to all of you for helping out with my plea. Wulls.
· Share on FacebookShare on Twitter

Comments

  • Options
    ChooseLifeChooseLife Member Posts: 941 ■■■■■■■□□□
    First idea that comes to mind is designing & implementing a firewall for a company. One can start with collecting requirements (e.g. users may surf internet, but may not download files via peer-to-peer networks), then do some design work, write configuration, make test cases, and so on. One benefit for such scenario as a student project is that its scope is easily adjustable in both directions (some projects have a hidden risk of not having that luxury). Your firewall could have simple static routes, then add statefulness, DMZ servers, and eventually grow to a complex security system with multiple environments with varying trust levels between them, application-level inspecting, inline IPS, etc etc....

    Securing internal environment could be interesting, too - layer 2 security, rogue DHCP detection, 802.1x, and so on...

    Good luck with your project! If done well, it can be a great addition to your future "portfolio". My university project on security analysis/penetration testing of a real company's computer network, listed on the resume, continues to draw attention of prospective employers despite being completed years ago and my moving through the ranks since then.
    “You don’t become great by trying to be great. You become great by wanting to do something, and then doing it so hard that you become great in the process.” (c) xkcd #896

    GetCertified4Less     - discounted vouchers for certs
    · Share on FacebookShare on Twitter
  • Options
    mikej412mikej412 Member Posts: 10,086 ■■■■■■■■■■
    wulls wrote: »
    we have been given the task of creating a project from start to finish including the following; first client contact, analysing, designing, implementation, testing, documentation and deployment, etc,etc
    Are you creating just a project plan for this? Or are you doing the actual (mock) interviews, design, and then the implementation and testing in a lab?
    wulls wrote: »
    He told me to stay away from WAN as he hadnt really covered this fully with us.
    So the scope of your project is limited by what's been taught in class? With no WAN, I'd find out if the scope of possible projects is limited to a small/medium business single location LAN project.
    wulls wrote: »
    I know this is long winded, but has anyone any good ideas on security for me to do (ie, ACL's, etc)
    Without a WAN or Internet access, for security you'd be limited to keeping everyone except HR from accessing the payroll/HR data and maybe keeping departmental data secure from other departments (while centralizing the admin and server in one server room).

    For Security you can search on Cisco's website for their Security Best Practices -- or use the old NSA securing routers & switches docs as a guide. There are a bunch of links that could get you started in this post:
    http://www.techexams.net/forums/ccsp/58469-cisco-router-configuration-security-hardened.html#post454781
    :mike: Cisco Certifications -- Collect the Entire Set!
    · Share on FacebookShare on Twitter
  • Options
    wullswulls Registered Users Posts: 3 ■□□□□□□□□□
    Hi there,I want to thank you both for replying. I do appreciate this. The lecturer rejected my initial WAN submission as he wants all of the students to stay away from WAN, and I appreciate that in hindsight there probably would be too many flaws in it. In reality this would be down to my lack of knowledge in that area. As he wants to keep it on a LAN basis (internal networking etc), I am really considering going down the layer 2/3 route, concentrating on security issues and prevention.
    Below is a summary of the assignment to help understand what is going to be required from me. My main concern is to get the Cisco material correct. I am doing a self-study night class for Cisco at a college also so that I can increase as much knowledge and information as I can. Well I think that you only get out what you put in.

    Mike, yes sir, it involves the whole mock structure of planning, design, and implementation. Interviews, What the client wants, what he has, what he wants it to do,.....everything.

    Thank You all again, and I hope this helps. Wulls

    HND Practical Assignment-Project

    This Graded Unit will be assessed by the use of a practical assignment.
    Assessment is based on the product, its evaluation, and the planning and development process.


    The candidate must;
    • Interpret the needs of the project from the brief.
    • Gather information to plan and develop the project.
    • Decide upon and develop a design approach.
    • Carry out the development.
    • Evaluate the product and process.
    • Evaluate their own performance.
    · Share on FacebookShare on Twitter
  • Options
    mikej412mikej412 Member Posts: 10,086 ■■■■■■■■■■
    This could give you some ideas about what you need to do (and the "Cisco way" to do it) -- but don't get carried away and try to become a CCDA (Cisco Certified Design Associate) just to get an A on a CCNA project. :D

    Analyzing Business Goals and Constraints of Network Design > Using a Top-Down Network Design Methodology

    Remember to focus on enhancing your existing CCNA knowledge and skills -- and apply those to the project. Don't get distracted by trying to learn and demonstrate Cisco Design Practices beyond the scope of your CCNA knowledge.
    :mike: Cisco Certifications -- Collect the Entire Set!
    · Share on FacebookShare on Twitter
  • Options
    wullswulls Registered Users Posts: 3 ■□□□□□□□□□
    I hear ya Mike. I think that i'm too "keen and eager". I just get really excited when i'm working on cisco projects or materials.
    I have already ordered "Top-Down Network Design" by Priscilla Oppenheimer from the USA, and this will just add to my "small library" which seems to be forever getting larger. I think perhaps you are right, and that i'm trying to run before I can walk.
    Please don't think that I am trying to do all this using CCDA experience levels and gain a high pass at a lower level. I know that I am at the bottom end of experience. I don't pretend or kid myself about that. What I am trying to achieve here is to put what experience I do have, and add to it from what I have personaly self studied for the last year, and applying all of that to my project. icon_study.gif

    I certainly respect and take on board all ideas, comments and advice. I also want to thank you all for your help. Thank You All.....Sent from Scotland. icon_thumright.gif
    · Share on FacebookShare on Twitter
Sign In or Register to comment.