Table of Contents

1. Introduction.........................................................................................................................5
2. Routing and Switching Protocols..........................................................................................6
2.1 Routing Protocols.......................................................................................................................6
2.1.1 Static Routing.............................................................................................................................................6
2.1.2 Dynamic Routing........................................................................................................................................6

2.2 Switching Protocols....................................................................................................................8

2.2.1 Spanning Tree Protocol (STP).....................................................................................................................8
2.2.2 Rapid Spanning Tree Protocol (RSTP).........................................................................................................8
2.2.3 VLAN Trunking Protocol (VTP)....................................................................................................................8

3. IEEE Standards & Infrastructure Connectivity.....................................................................10

3.1 IEEE Standards..........................................................................................................................10
3.2 Infrastructure Connectivity.......................................................................................................10
3.2.1 Router-to-Router Connectivity.................................................................................................................10
3.2.2 Router-to-Switch Connectivity.................................................................................................................11
3.2.3 External Connectivity...............................................................................................................................11
3.2.4 Subnetting...............................................................................................................................................12

4. Network Security Strategies...............................................................................................13

4.1 Introduction to Network Security.............................................................................................13
4.2 Firewall Implementation...........................................................................................................13
4.2.1 Firewall Configuration..............................................................................................................................13

4.3 Access Control Lists (ACLs)........................................................................................................14

4.3.1 ACL Implementation................................................................................................................................14

4.4 Intrusion Detection and Prevention Systems (IDS/IPS)..............................................................14

4.4.1 IDS/IPS Configuration...............................................................................................................................14

4.5 Encryption Mechanisms............................................................................................................15

4.5.1 Encryption Methods................................................................................................................................15

4.6 802.1X Authentication..............................................................................................................15

4.6.1 Implementation of 802.1X.......................................................................................................................15

4.7 Network Monitoring and Logging.............................................................................................15

4.7.1 Monitoring Tools......................................................................................................................................16

5. Network Management Strategies.......................................................................................17

5.1 Introduction to Network Management.....................................................................................17
5.2 Key Network Management Strategies.......................................................................................17
 5.2.1 Centralized Network Monitoring.............................................................................................................17
5.2.2 Configuration Management.....................................................................................................................18
5.2.3 Performance Optimization.......................................................................................................................18
5.2.4 Redundancy and High Availability............................................................................................................19

6. Network Design and Documentation.................................................................................20

6.1 Network Design........................................................................................................................20
6.2. IP Assignment of Devices.........................................................................................................21

7. Assimilating and Collecting network Metrics......................................................................25

7.1 Ping Across Devices:.................................................................................................................25
7.2 Simulation................................................................................................................................28

8. Conclusion.........................................................................................................................29
References.............................................................................................................................30

Table of Figures
Figure 1: Network Design............................................................................................................20
Figure 2: IP Assignment Laptop 1F (Faculty Block)....................................................................21
Figure 3: IP Assignment for Server 1...........................................................................................22
Figure 4: IP Assignment for PC 2R (Research Block).................................................................23
Figure 5: IP Assignment for Printer (Admin Block)....................................................................24
Figure 6: Ping from PC 1f (Faculty Block) to PC 1A (Admin Block).........................................25
Figure 7: Ping from PC 2F (Research Block) to PC 1F (Faculty Block)......................................26
Figure 8: Ping from PC 2A (Admin Block) to Laptop 1F (Faculty Block)..................................27
Figure 9 : Successful Packet Transfer Accross Routers...............................................................28
Figure 10: Packet transfer from Router to Devices......................................................................28
1. Introduction
Organizations rely on an efficient network structure to deliver whole communication systems
that guarantee data security and operational excellence in this digital age. The modern
organization depends on networks which operate as essential supports for cloud computing
services as well as research endeavors collaboration activities and cybersecurity systems.

Network design requires implementation of appropriate standards and protocols and

security measures to meet high demands along with defense against possible threats. The main
goal of this study involves creating a high-performance network which satisfies scalability needs
while delivering security and efficiency standards. An optimized secure future-proof network
will be developed by using Enhanced Interior Gateway Routing Protocol (EIGRP) and Virtual
Local Area Networks (VLANs) and Spanning Tree Protocol (STP) and Quality of Service (QoS)
technology.

The study focuses on assessing various protocols to determine their characteristics before
developing design solutions that present optimal performance alongside security benefits. The
network receives protection from possible threats through integrated implementation of
protection tools like firewalls along with Access Control Lists (ACLs) and Intrusion Detection
and Prevention Systems (IDS/IPS). This study implements best practices for designing networks
and managing them in order to develop infrastructure that stands against threats and extends its
capabilities according to technology advancements.
2. Routing and Switching Protocols

2.1 Routing Protocols

Network efficiency depends on routing protocols because these protocols take charge of
selecting optimal transmission routes for data transfer throughout networks. The adjustments
made by routing protocols to network conditions determine the performance and reliability and
expansion capabilities of networks that ensure optimal communication between devices.

2.1.1 Static Routing

Network administrators use static routing to manually set routing configurations on routers
through their programmed specifications. Manual updates are needed to change these static
routes which makes them the most suitable choice for networks that remain simple and
predictable. By using static routing administrators gain total control of data paths while routers
consume minimal CPU resources and automatically preventing unauthorized route learning for
better security levels. Adaptability stands as the main weakness of this approach. Network
topography changes force administrators to devote extensive manual work when operating static
routing in a dynamic network environment. Large networks along with networks that change
often experience decreased performance because of static routing designs.

2.1.2 Dynamic Routing

The routing process automatically discovers new routes for routers to adjust their network
pathways according to changing network topology. Automated route discovery makes all route
setups unnecessary which enables higher adaptability and scalability. The three key
classifications of dynamic routing protocols exist:

2.1.2.1 Enhanced Interior Gateway Routing Protocol (EIGRP)

The Cisco-developed EIGRP represents a progressed version of distance-vector routing

technology. This network protocol provides both fast convergence speed and efficient utilization
of bandwidth resources and better scalability capabilities. EIGRP performs path calculations
through Diffusing Update Algorithm (DUAL) as it stops routing loops from occurring. The main
benefit of EIGRP is its feature that enables unequal-cost traffic distribution because it permits
flexible path distribution across multiple routes. The protocol suits enterprise scenarios because
it offers quick convergence together with efficient memory usage and decreases bandwidth
requirements.

2.1.2.2 Open Shortest Path First (OSPF)

Link-state routing protocol OSPF functions to manage networks with extensive sizes. The
mapping and updating of network topologies by OSPF occurs through Link-State
Advertisements (LSAs as it differs from distance-vector protocols. OSPF achieves rapid network
convergence and streamlined routing by means of hierarchical segmentation which also
minimizes superfluous updates for better network performance. This protocol needs higher
processing capabilities together with significant memory capacity which makes it use more
resources than EIGRP does. Open standards are a key factor why network administrators select
this protocol for multi-vendor networks.

2.1.2.3 Border Gateway Protocol (BGP)

AS network traffic connection during inter-domain routing operations relies on BGP as the
exterior gateway protocol which functions mainly between Internet Service Providers (ISPs).
The decision-making process for BGP depends on path attributes and policies instead of
traditional metric-based routing which OSPF and EIGRP follow. BGP provides strong
capabilities to manage internet traffic while being difficult both to set up and to maintain because
of its complexity. The necessity of BGP exists for worldwide network connectivity although it
lacks standard implementation within enterprise internal networks.

The selected routing protocol for this design is EIGRP because it demonstrates higher
scalability with fast convergence capabilities and performs better bandwidth usage than both
OSPF and RIP. Network reliability receives an enhancement from EIGRP through its effective
path load distribution capabilities.
2.2 Switching Protocols

Local Area Networks operate more efficiently with the help of switching protocols which control
data frame forwarding between devices. Data frame forwarding functions of switching protocols
handle data transmission between devices through protocols which prevent network congestion
and maintain complete network node connectivity.

2.2.1 Spanning Tree Protocol (STP)

Through STP networks establish a protocol to prevent loops that appear in Ethernet-based LANs.
Network loops emerge when switches have multiple active paths between them which produces
broadcast storms and duplicates frame transmission. The STP protocol operates to validate just
one active path and keeps blocked state settings for backup links. A network failure of primary
paths prompts STP to instantly activate backup connection paths thus keeping the network
operational. Traditional STP operates too slowly for contemporary fast networks despite its
capability to establish convergence.

2.2.2 Rapid Spanning Tree Protocol (RSTP)

The RSTP protocol enhances STP operations by minimizing convergence time which decreases
from 50 seconds down to milliseconds. Through its proactive handshake mechanism RSTP
operates instead of typical blocking and forwarding protocols. Modern networks heavily rely on
RSTP because uptime demands require it to minimize disruptions when the topology changes.

2.2.3 VLAN Trunking Protocol (VTP)

Through VTP users can simplify VLAN management because the protocol distributes VLAN
configuration information to multiple switches from a centralized location. VTP simplifies
VLAN administration through its ability to let network administrators create VLANs throughout
connected switches before automatically distributing them to all switches in the network.
Standard network segmentation receives support and administrative overhead reduction through
this method. The VTP protocol leads to unwanted VLAN propagation when not properly
controlled which produces security along with connectivity problems.
The proposed network design benefits from RSTP along with VTP implementation to achieve
rapid convergence speed and enhanced redundancy along with optimized VLAN management
which results in improved network performance.
3. IEEE Standards & Infrastructure Connectivity

3.1 IEEE Standards

The IEEE (Institute of Electrical and Electronics Engineers) created standards which direct the
installation and operation of network technologies because they establish protocol compatibility
with network devices and protect network security. Such standards play an essential role in
supporting a stable and efficient network environment.

 IEEE 802.3 (Ethernet): The IEEE 802.3 standard creates specifications for wired
Ethernet networks through which data moves quickly over copper and fiber-optic cables.
 IEEE 802.1D (STP): Spanning Tree Protocol as defined by IEEE 802.1D (STP)
implements the functionality to stop network loops while keeping failover paths available
from redundancy.
 IEEE 802.1Q (VLANs): The standard IEEE 802.1Q defines VLAN tagging technology
for segmenting enterprise network traffic into logical units which boosts security together
with traffic management elements.

3.2 Infrastructure Connectivity

An infrastructure architecture that has been properly designed enablesdevices to work without
interruptions plus controls traffic patterns while maintaining security measures. Different devices
use structured communication pathways to operate efficiently in their hierarchical layers.

3.2.1 Router-to-Router Connectivity

Point-to-point serial links create structured communication connections between routers to

ensure efficient network segment communications. Routers establish separate subnets for mutual
connection which enhances both routing operations and data division. The serial links between
routers use subnets with 172.16.0.0/16 addressing format to promote standardized and
expandable IP address management. For instance:

 Router1 to Router2: 172.16.11.1

 Router1 to Router3: 172.16.12.1
 The network configuration provides one unique subnet per router so traffic can be
managed effectively while preventing IP conflicts. The networks operate through specific IP
addresses allocated to each router interface that support correct data transmission and security
functions.

3.2.2 Router-to-Switch Connectivity

The Fast Ethernet interfaces serve to establish router-to-switch connections that provide fast and
dependable communication between network layers. Each router maintains an individual
connection with a specific switch to create the VLAN infrastructure for traffic segregation and
distribution. The performance reaches its optimal level because VLANs create department-
specific isolated traffic areas.

 Router1 connected to Switch1: 172.16.10.0/24 (Faculty VLAN)

 Router2 connected to Switch2: 172.16.20.0/24 (Research VLAN)
 Router3 connected to Switch3: 172.16.30.0/24 (Administration VLAN)

This topology makes each switch handle various end devices including PCs and printers.
Every department function separates through VLAN implementation which creates independent
working areas to stop unauthorized access and strengthen network security.

3.2.3 External Connectivity

Through its firewall the network obtains external resource connections that enable secured
accessibility to internet and cloud services. The security gateway function of ASA 5506-X
firewall controls network traffic streams by blocking unauthorized system entrance attempts.
Secure high-speed external communication is achieved through the firewall by using Gigabit
Ethernet interfaces G1/1 and G1/2 to connect with Router1. Through its integration with the
Internet Service Provider the firewall system provides managed internet access which adheres to
security policies and protects data standards.
3.2.4 Subnetting

Network subnetting functions as an essential organizational system that enhances performance

and protects network security. The 172.16.0.0/16 address block is subdivided into numerous
netblocks which are now used to manage IP addresses in specific network segments. Network
subnetting allows for better domain management and congestion reduction which leads to better
resource utilization.

This implementation divides subnets through the combination of departmental VLANs

and router connection designs and external entry points. Point-to-point router connections
operate under a /30 mask in each subnet therefore achieving address optimization together with
neat network segment separation. Placing devices in a single department requires using large /24
subnets for VLAN configuration.

For example:

 Faculty VLAN: 172.16.10.0/24

 Research VLAN: 172.16.20.0/24
 Administration VLAN: 172.16.30.0/24

Network troubleshooting along with maintenance tasks become more efficient because subnet
management enables administrators to identify and manage each subnet space. Network traffic
operates with improved efficiency through VLAN assignments of subnets because these
assignments control data transmission while stopping congestion. A routing protocol named
EIGRP enables secure data communication between different VLANs by managing inter-VLAN
traffic.

The defined subnetting method in this network infrastructure design enables effective
address administration together with high performance capabilities and scalability. The
implementation of systematic segmentation functions as a security measure because departments
stay separate and controlled routing designs enhance system-wide data pathways. Such
networking techniques simultaneously create efficient networks and establish them as building
blocks for future advancement and system modernization.
4. Network Security Strategies

4.1 Introduction to Network Security

The modern network infrastructure depends on network security as its foundational element to
defend delicate information and block unapproved system infiltration and reduce cyber-attack
risks. A security strategy with successful outcomes consists of hardware-based security devices
together with software solutions and access control mechanisms that also require continuous
monitoring. The key goal consists of building a protected space which enables effective
communication while defending from outside and inside security threats.

4.2 Firewall Implementation

The first defense mechanism against unauthorized access and cyber-attacks exists in the form of
a firewall. The network perimeter utilizes an ASA 5506-X firewall that functions to check and
block all incoming and outgoing traffic. The configuration of this firewall system involves two
security techniques: stateful packet inspection (SPI) with deep packet inspection (DPI) to
evaluate and block network packets from malicious operatives. Security policies guide the
definition of firewall rules that determine whether traffic should be permitted or blocked in order
to allow legitimate traffic through the network.

4.2.1 Firewall Configuration

 Rules within Access Control Policies determine what actions are permitted and denied or
limited regarding network resource accessibility according to user roles.
 The firewall integrates its Intrusion Prevention System (IPS) module which detects
suspicious network traffic and blocks it altogether.
 The firewall solution enables secure remote access by establishing VPN tunnels to
encrypt both internal network and remote user data transmissions.
4.3 Access Control Lists (ACLs)

Security enforcement through Access Control Lists (ACLs) takes place at both router and switch
platforms. ACLs function as security controls by establishing limitations for network
communication between users, devices and applications.

4.3.1 ACL Implementation

 Standard Access Control Lists function to permit or block particular hosts through their
source IP addresses when filtering network traffic.
 Extended ACLs enable users to achieve advanced traffic filtering through source and
destination IP address control together with protocol and port number regulation.
 Applications of ACLs are placed on network interfaces to both check and manage traffic
flowing inside or outside the network..

4.4 Intrusion Detection and Prevention Systems (IDS/IPS)

An Intrusion Detection System (IDS) tracks network events for dangerous incidents and
produces warning notifications yet an Intrusion Prevention System (IPS) blocks threats during
detection. The integrated network combines IDS and IPS solutions which perform real-time
threat detection and prevention operations.

4.4.1 IDS/IPS Configuration

 The security system employs two detection methods to stop previously known threats
instantly.
 The system detects suspicious network activities which imply potential security risks
through anomaly-based detection methods.
 The system possesses automated capabilities to generate alerts as well as block enemy IP
addresses and automatically alert administrators about potential security events.
4.5 Encryption Mechanisms

The main security function of encryption protects data transmissions from unauthorized
surveillance of sensitive information.

4.5.1 Encryption Methods

 SSL /TLS provides secure web-based communications through encryption which

establishes safe server-user network connections.
 A Virtual Private Network (VPN) Encryption system protects remote access by using
protocols including IPSec and SSL VPN.
 Two encryption standards called Data Encryption Standard (DES) / Advanced Encryption
Standard (AES) protect confidential data from breaches in storage facilities as well as
during transmission.

4.6 802.1X Authentication

802.1X authentication framework functions as the network access control mechanism that
operates at the switch level. The authentication process shields the network from unauthorized
access by both users and devices.

4.6.1 Implementation of 802.1X

 RADIUS Server Integration: Authenticating users via a centralized authentication system.

 The security policy requires devices to authenticate their access to network resources
using Port-Based Network Access Control methods.
 Multi-Factor Authentication (MFA) implements additional security protocols that
demand various authentication methods before allowing system access..

4.7 Network Monitoring and Logging

The process of extensive network monitoring allows both breach detection and incident response
to occur in real time.
4.7.1 Monitoring Tools

 Network performance and security monitoring tools managed using Simple Network
Management Protocol (SNMP) include SolarWinds and PRTG.
 Syslog Servers serve as central repositories that logging security events so administrators
can monitor unauthorized access attempts together with system anomalies.
 Modern Security Information and Event Management systems merge various security
data to identify dangers instantly so organizations can get real-time alerts..
5. Network Management Strategies

5.1 Introduction to Network Management

The reliability together with security and efficiency of organizational network infrastructure
depends on proper network management practices. Network administration requires continuous
performance observation together with configuration control and fault prevention maintenance
and resource performance enhancement. Networks seek standardized management practices
because they protect systems from failure incidents and limit downtime while securing important
data. The full implementation of network management includes real-time observation combined
with automated protocols and security standards and system efficiency validation to produce
smooth network performance. An organization that adopts proactive network management
achieves better productivity along with speedier data transfers and defends itself from cyber
threats and meets industry standards.

5.2 Key Network Management Strategies

Operation efficiency reaches its highest potential through different techniques and technologies
which comprise a well-structured network management approach. A network management
system thrives on these essential strategies as its foundation for optimization.

5.2.1 Centralized Network Monitoring

Business operations remain unaffected by risks because centralized network monitoring

systematically identifies problems and performance issues while preventing disruptions. Network
administrators gain access to current network information and they monitor bandwidth usage and
device integrity while detecting security vulnerabilities through the implementation of SNMP-
based tools SolarWinds and PRTG. Network monitoring tools detect three essential anomalies
which include unauthorized access attempts and excessive traffic loads and possible hardware
failures thus allowing IT teams to respond right away.

The system's real-time alerts together with automation for notifications help
administrators stop important problems from becoming worse. Network Operations Centers
(NOCs) enable organizations to monitor continuously the status of network traffic together with
device health as well as security threats. The recorded activity from monitoring systems produces
tracking data which helps administrators evaluate system trends for making knowledgeable
network improvement choices.

5.2.2 Configuration Management

Configuration management enables network devices to work with optimal settings through
methods which minimize the negative impact of configuration errors on system downtime. The
main challenge in network operations exists in improper configuration because it produces
security holes and system breakdowns. System failures and misconfigurations become easier to
recover from while data loss remains prevented through automated configuration backup
implementation.

Network administrators benefit from version control features in configuration

management through its ability to monitor system changes with version tracking capabilities. IT
teams can restore system versions via detailed modification logs to avoid system failure or
misconfiguration events. Organizations through Change Management Policies (CMP) require
staff to test and achieve approval on all configuration modifications before deploying new
elements which minimizes unintended disruptions.

5.2.3 Performance Optimization

Network optimization stands essential to operate critical applications and services in an unbroken
fashion. Through the implementation of Quality of Service (QoS) networks can decide priority
levels for different applications by delivering essential business traffic such as VoIP calls and
video conferencing with maximum bandwidth allocation. Network congestion will not impact
latency-sensitive applications since QoS prevents their performance from degrading.

The Bandwidth Management technique enables organizations to distribute their network

resources effectively between departments through devices. Organizations must use traffic
shaping and load balancing techniques to stop congestion problems which protects bandwidth-
intensive applications from negatively affecting network performance levels. Optimizing user
experience in distributed networks becomes possible through implementing Content Delivery
Networks (CDNs) and caching technologies for optimizing data retrieval.

5.2.4 Redundancy and High Availability

A network must include two essential features called redundancy alongside high availability for
it to function effectively as a resilient system. Networks need proper engineering which enables
them to operate through failures without long service interruptions. Network availability stays
active through automatic failover using Hot Standby Router Protocol (HSRP) in conjunction
with Virtual Router Redundancy Protocol (VRRP) such that primary devices can switch to
backup devices to take over.

Extra fault tolerance arises from network configuration with dual internet service
provider connections and multiple data path paths. The network traffic gets more balanced
through round-robin DNS and dynamic routing protocols while these methods distribute the load
uniformly across different paths to minimize congestion possibilities and equipment failures.
Data center mirroring together with cloud-based backups builds network redundancy because
both systems maintain mission-critical service operation through hardware failures or
cyberattacks.

The role of disaster recovery planning (DRP) stands crucial in establishing high
availability. Organizations benefit from formal recovery strategies because they enable swift
operational recovery in situations of natural disasters along with cyber incidents and hardware
malfunctions. Testing failover systems through scheduled testing alongside conducting business
continuity planning allows the effective operation of redundancy measures which reduces
potential disruptions.
 6. Network Design and Documentation
Cisco Packet Tracer was used for the simulation and design of Network. Required screenshots
and documentations of the network design and simulations are shown below this portion.

6.1 Network Design

Figure 1: Network Design

The network starts with an internet connection from Cloud-PT to a security barrier provided by
Cisco ASA 5505 firewall. The firewall operates as the primary gateway for different faculty
subnets through its connection to Router 1 (Cisco 1841). Through Router 1 the user can reach the
Faculty Block (172.16.10.1) directly and can also access the Faculty Research (172.16.11.2
through Router 2) and Faculty Admin (172.16.12.2 through Router 3). Through the Cisco 2960
switch the Faculty Block connects devices that include a server along with laptops and a PC.

Router 2 with the IP address 172.16.20.1 serves the Research Faculty by connecting to
another Cisco 2960 switch that links to PC 1R, PC2R and PC3R. The subnetwork address of
172.16.30.1 belongs to Router 3 which connects to a Cisco 2960 switch containing PC1A PC2A
alongside the network printer. Multiple security subnets exist for managing the network
efficiently as 172.16.10.0/24 and 172.16.20.0/24 within 172.16.30.0/24. The network uses
routing functions either statically or dynamically to enable inter-subnet contact and implements a
firewall system for external security measures. Troubleshooting of faulty connections may be
needed due to the presence of red lines in the drawing. A professionally organized arrangement
provides secure efficient communication capabilities for all departments within the faculty.

6.2. IP Assignment of Devices

Every Devices were assigned proper IP Address for proper transfer of data according to the
proper blocks. Few screenshots are shown below as sample to clarify the ip assignment.

Laptop 1F (Faculty Block)

Figure 2: IP Assignment Laptop 1F (Faculty Block)

Server 1 (Faculty Block)

Figure 3: IP Assignment for Server 1

PC 2R (Research Block)

Figure 4: IP Assignment for PC 2R (Research Block)

Printer 1 (Admin Block)

Figure 5: IP Assignment for Printer (Admin Block)

 7. Assimilating and Collecting network Metrics
The images below shows the action of Ping from different devices across different blocks
demonstrating every different routers in connection with every devices connected.

7.1 Ping Across Devices:

Ping From Laptop F1 of Faculty Block to PC 1A of Admin Block

Figure 6: Ping from PC 1f (Faculty Block) to PC 1A (Admin Block)

Ping from PC 2F (Research Block) to PC 1F (Faculty Block)

Figure 7: Ping from PC 2F (Research Block) to PC 1F (Faculty Block)

Ping From PC 2A (Admin Block) to Laptop 1F (Faculty Block)

Figure 8: Ping from PC 2A (Admin Block) to Laptop 1F (Faculty Block)

7.2 Simulation
The screenshots below shows the successful transfer of packets into different blocks and routers.

Figure 9 : Successful Packet Transfer Accross Routers

Figure 10: Packet transfer from Router to Devices

8. Conclusion
A structured network infrastructure was successfully designed implemented and documented to
achieve secure and efficient communication between academic faculty departments. The logical
network design in Task 2 introduces central networking devices including a firewall and routers
together with switches and PCs and laptops and servers and printers for optimal data flow with
security measures. The Cisco ASA 5505 is strategically positioned as the primary protection
against external threats since it manages all traffic entering and leaving the network. The Cisco
1841 routers effectively create secure departmental communication by directing data between
restricted areas while maintaining individual faculty blocks in their specified IP space for better
network traffic control and safety and operational effectiveness. Each subnet of the Cisco 2960
switches enables internal connectivity through their ability to bridge various devices together so
different subnetworks can interact smoothly between faculty members and researchers and
administrative staff.

The network documentation process in Task 3 achieved thorough precision to provide

proper configuration details as well as IP addressing information and infrastructure
specifications. The documented information proves essential for performing network
maintenance activities and helps solve technical issues while allowing organizations to expand
their network capabilities. The IP addressing scheme together with subnet division minimizes
congestion and avoids conflicts and the network segmentation delivers better performance with
enhanced security and simpler management. The network design incorporates fundamental
connected resources including server storage along with shared printers and workstations so the
faculty and administration users can perform effectively. The strong network infrastructure
requires minor network connection repairs or link reconfiguration fixes to reach maximum
performance levels.

The evaluation signifies that this project presents a security-based network infrastructure
solution capable of meeting institutional communication requirements through focused design
choices and enhanced reliability and secure data exchange performance. Standard industrial
network devices together with best practices allow the network to grow in the future while
maintaining security and operational stability. Through complete documentation we create the
foundation needed for long-term network management which establishes strong stability in
institutional networking systems.

References
Cisco Systems. (2020). Cisco ASA 5505 Adaptive Security Appliance: Getting Started Guide.
Cisco Press.

Cisco Systems. (2019). Cisco 1841 Router Hardware Installation Guide. Cisco Networking
Academy.

Cisco Systems. (2021). Cisco Catalyst 2960 Series Switches Data Sheet. Cisco Press.

Forouzan, B. A. (2017). Data Communications and Networking (5th ed.). McGraw-Hill.

Kurose, J. F., & Ross, K. W. (2021). Computer Networking: A Top-Down Approach (8th ed.).
Pearson.

Tanenbaum, A. S., & Wetherall, D. J. (2019). Computer Networks (5th ed.). Pearson.

Stallings, W. (2020). Foundations of Modern Networking: SDN, NFV, QoE, IoT, and Cloud (2nd
ed.). Pearson.

International Organization for Standardization. (2018). ISO/IEC 27001: Information Security

Management Systems Requirements. ISO.

Lammle, T. (2020). CCNA Certification Study Guide (8th ed.). Sybex.

Doyle, J. (2016). Routing TCP/IP (2nd ed.). Cisco Press.

White, R. (2017). The Art of Network Architecture: Business-Driven Design. Cisco Press.

Perkins, E. (2019). IPv6 Fundamentals: A Straightforward Approach to Understanding IPv6.

Cisco Press.
Horowitz, M., & Sirois, L. (2021). Network Security Essentials: Applications and Standards (6th
ed.). Pearson.

Stewart, J. M. (2021). Network Security, Firewalls, and VPNs (3rd ed.). Cengage Learning.

Hucaby, D. (2018). Cisco LAN Switching Configuration Handbook (2nd ed.). Cisco Press.

Wendell, O., & McQuerry, S. (2019). CCNP Routing and Switching Portable Command Guide.
Cisco Press.