SJT Task 1 Western County Bank Scenario: Western County Bank is a small community bank that makes a modest profit by providing small business and personal loans to customers within the county and surrounding areas. Recently, customers and employees have been dissatisfied with the bank’s services due to unplanned outages, lack of support for mobility, and a lack of online banking capability. Management at Western County Bank has identified multiple needs for modernization and expansion of their network architecture, including new capabilities for both employees and customers. The bank is open to making changes during planned outage windows and
understands that there will be unavoidable downtime. They only ask that when possible, you will avoid complete outages when installing a new component.
Due to frequent unplanned outages and ongoing regular maintenance performed on network equipment, Western County Bank would like redundant routers and network connections put in place for both the Internet and wide area network (WAN). New routing devices can be put in place due to the fact that existing equipment is approximately 5 years old and nearing the end of the manufacturer support period. New Internet and WAN technologies will also be
Western County Bank will keep its assigned ARIN-assigned (American Registry for Internet Numbers) public Internet Protocol (IP) block and is interested in using two different providers for redundant connections to the Internet.
Since the routers in the current network provide minimal filtering of OSI layers 2–4 at the network edge, Western County Bank is looking to implement a pair of redundant security devices. They’re interested in a product that can filter at OSI layers 1–7 and prevent common network attacks. The platform and its location should be implemented to protect critical infrastructure.
The switched infrastructure is aging and currently only supports 1 GB Ethernet at the network access layer. In an effort to modernize, a set of redundant distribution switches were recently purchased and integrated. These switches can support 10 GB links as well as static or LACP-based (link aggregation control protocol) network interface controller (NIC) teaming. Western County Bank will need a new platform (or platforms) for the access layer
of the switched infrastructure.
Western County Bank would like to allow employees and customers to use mobile technologies. They are requesting that a new wireless infrastructure be deployed. They are concerned with security and other constraints such as power availability. To address security concerns, they would like to have integrated authentication with the Microsoft
Active Directory (AD) infrastructure. They would like to authenticate employees before they grant network access to a specific mobile device. They are unsure if this is possible directly with AD but have heard that there are solutions that can address the possible lack of native functionality. Available power outlets are in limited supply, especially where they would like to deploy wireless access points, so they would like to implement Power over Ethernet (PoE)
at the access layer of the switched infrastructure.
Western County Bank would also like to have a simple guest wireless network in the main office that is protected via simple pre-shared key authentication and only provides access to the Internet and any Internet-facing applications located in the headquarters datacenter. Currently, Western County Bank is looking at modernizing the server infrastructure in the datacenter. They feel virtualization can greatly reduce capital and operational expenditures
(CAPEX and OPEX), and they have recently purchased a set of new server infrastructure that leverages 10 GB Ethernet and does not include any local storage media. For this reason, they also purchased a multiprotocol storage area network (SAN) array. The major issue with this purchase is that the bank has not yet purchased any Fibre Channel (FC) host bus adapters (HBA’s), cabling, or software licensing for FC on the array.
The operational staff is unfamiliar with FC switching and is looking for a solution which is easily manageable for administrators with a strong background in existing IP-based Ethernet networks. They will need a new fabric for the SAN since storage and computing resources have been separated. This will impact selection of new access switches for these networks. Western County Bank is very concerned with ensuring high performance for the main webbased
application supporting employees and customers. You will need to configure quality of service (QoS) to ensure precedence is given to HTTPS traffic to a specific IP address. Western County Bank is also concerned with the overall manageability of network devices. They have not yet selected a monitoring suite but they are interested in using standardized protocols for device administration and monitoring. These protocols would have adequate security options including authentication and encryption. Western County Bank is not opposed to having new IP networks and virtual local area networks (VLAN’s) allocated for this and any other new network. They only require use of IP addresses within similar ranges to their existing allocations (192.168.x.x). They also prefer class C subnets.
Finally, SJT Task 1 Western County Bank is interested in integrating their main internal web-basedapplica tion with a software as a service (SaaS) provider that specializes in online banking services. The web-based application was designed to easily integrate into a cloud computing environment.