Assessment Details and Submission Guidelines
Trimester	T3 2018
Unit Code	ME504
Unit Title	Advanced Networking
Assessment	Group: 4 Students (at max)
Type
Assessment	Assignment 2 – Propose/design a VPN for the scenario given below including LAN and WAN settings.
Title
Purpose of the Assessment (with ULO mapping)	The purpose of this assignment is to implement a VPN network for an SME (small and medium sized enterprise), details are given below. A thorough verification and evaluation analysis should be presented to meet he ULO mapping in the Unit Description. In preparing the assignment, students should acquire not only the knowledge of current technical aspects of IP networks but also research, data collection, analysis and writing skills.
Weight	15
Total Marks	30
Word limit	No limit
Due Date	01 Feb 2019, 11:00 p.m.
Submission Guidelines	All work must be submitted on Moodle by the due date along with a completed Assignment Cover Page. The assignment must be in MS Word format, 1.5 spacing, 11-pt Calibri (Body) font and 2 cm margins on all four sides of each page with appropriate section headings. Reference sources must be cited in the text of the report, and listed appropriately at the end in a reference list using IEEE referencing style. MS WORD file type is used for submission in Moodle. No ‘zipped’ files or other types must be used.
Extension	If an extension of time to submit work is required, a Special Consideration Application must be submitted directly to the School’s Administration Officer, in Melbourne on Level 6 or in Sydney on Level 7. You must submit this application three working days prior to the due      date            of                        the             assignment.    Further            information   is      available                       at: http://www.mit.edu.au/about-mit/institute-publications/policies-procedures-and- guidelines/specialconsiderationdeferment   Academic Misconduct is a serious offence. Depending on the seriousness of the case,
Academic
Misconduct	penalties can vary from a written warning or zero marks to exclusion from the course or rescinding of the degree. Students should make  themselves familiar  with     the     full policy      and     procedure     available     at: http://www.mit.edu.au/about-mit/institute- publications/policies-procedures-and-guidelines/Plagiarism-Academic-Misconduct- Policy-Procedure.For further information, please refer to the Academic Integrity Section in your Unit Description.

Tasks:

Assignment Description

There are two parts to this assignment, part A and part B.

1. Design and model Implement (in Netsim) of VPN for Sigma Inc. by addressing the following criteria. See detailed instructions in the next section.                                                                                      (25 marks)

• Presentation                                                                                                                                                                  (5 marks)

Two broad areas to be considered for VPN network design in this assignment are as under;

1. Propose/design a VPN for the scenario given below including LAN and WAN settings.
2. Configure and implement the network at low-level design, this part should be done using BOSON NETSIM Simulator.

Contents must include:

High-level network design summary Solution Design

1. Network Topologies
   1. IP addressing
   1. Configuration details and screenshots to present low-level design
   1. Verification methodologies and evaluation analysis

Scenario

In this scenario, Sigma, Inc. wants to establish a VPN between the subnets of its Human Resources and Finance departments through a system models which does not have any firewall deployed at either end. Both systems will act as VPN gateways. In terms of VPN configurations, a gateway performs key management and applies IPSec to the data that flows through the tunnel. The gateways are not the data endpoints of the connection.

The objectives of this scenario are as follows:

• The VPN must protect all data traffic between the Human Resources department’s subnet and the Finance department’s subnet.
• Data traffic does not require VPN protection once it reaches either of the department’s subnets.
• All clients and hosts on each network have full access to the other’s network, including all applications.
• The gateway systems can communicate with each other and access each other’s applications.

Details

The following figure illustrates the network characteristics of Sigma Inc.

Figure-1: Sigma Inc. Office configuration

[Source: IBM Knowledge Centre]

Human Resources Department

• System A acts as the Human Resources Department’s VPN gateway.
• Subnet is 10.6.0.0 with mask 255.255.0.0. This subnet represents the data endpoint of the VPN tunnel at the Sigma Inc., Melbourne site.
• System A connects to the Internet with IP address 204.146.18.227. This is the connection endpoint. That is, System A performs key management and applies IPSec to incoming and outgoing IP datagrams.
• System A connects to its subnet with IP address 10.6.11.1.
• System B is a production system in the Human Resources subnet that runs standard TCP/IP applications.

Finance Department

• System C acts as the Finance Department’s VPN gateway.
  • Subnet is 10.196.8.0 with mask 255.255.255.0. This subnet represents the data endpoint of the VPN tunnel at the Sigma Inc., Sydney site.
  • System C connects to the Internet with IP address 208.222.150.250. This is the connection endpoint. That is, System C performs key management and applies IPSec to incoming and outgoing IP datagrams.
  • System C connects to its subnet with IP address 10.196.8.5.

Configuration tasks

You must complete each of these tasks to configure the branch office connection described in this scenario:

Completing the planning: The planning checklists illustrate the type of information you need before you begin configuring the VPN. All answers on the prerequisite checklist must be YES before you proceed with VPN setup.

Configuring VPN on System A: Complete these task to configure System A

Configuring VPN on System C: Follow the same steps you used to configure VPN on System A, changing IP addresses as necessary. Use your planning worksheets for guidance.

Starting VPN: After you have configured your VPN connection on System A and C you need to start your VPN connection.

Testing a connection: After you finish configuring both systems and you have successfully started the VPN servers, test the connectivity to ensure that the remote subnets can communicate with each other.

Marking criteria:

Marks are allocated as indicated on each question, taking the following aspects into account:

Aspects	Description
Identification and analysis and description	Correctly identification, appropriateness, discussion
Explanation/justification	Description and justification
Presentation and diagrams	Structure, presentation, formatting, writing
Reference style	Correct referencing style is required, if applicable
Plagiarism	Copying from another student, copying from internet sources/textbook, copying from other sources without proper acknowledgement.

Marking Guide:

Task A –                                                                                                                                                                (25 marks)

No	Categories	Description	Marks
1	Report Quality	The document should include all necessary headings and content to depict a Level 2 (e.g. Ethernet, VPWS, VPLS) and Level 3 (e.g. VPRN) services and network design. It should not omit any necessary section to be used for network evaluation.	5
2	Low Level Design	Multiple figures and tables should be included to show the requirements development. All sections need to be in line with the high-level design proposed by the group. Any changes made should be addressed properly and clearly by ‘Change request’ section.	5
3	Screenshots and procedures (steps, commands, results)	This section should include appropriate commands executed and results. There must be heading and steps with proper explanation, e.g. the purpose of the steps and expected outcome.	10
4	Analysis and Evaluation	Include a section for results analysis and evaluate the outcome of the implementation of the network. Critical analysis and evaluation should be addressed.	5
	Total		25

Task B-                                                                                                                                                                                  (5-Marks)

The proposed network design will be presented in a 5-minute presentation during the week 12 Lab class. Presentation slides should be submitted in Moodle prior to the presentation for marking. No other options (hard copy, memory stick, website and email) will be considered but the presentation file submitted in Moodle.

Marks will be given as below:

Presentation (3 marks)

Slides (2 marks)

Marking Rubric for Assignment 2 Questions-Marks as shown

Grade Mark	HD 80%+	D 70%-79%	CR 60%-69%	P 50%-59%	Fail <50%
	Excellent	Very Good	Good	Satisfactory	Unsatisfactory
Identification and Analysis and description	Highly valid and appropriate	Valid and appropriate	Generally valid and appropriate	Valid but not appropriate	Not Valid and not appropriate
Explanation/ Justification	All elements are present and well integrated.	Components present with good cohesion	Component present and mostly well integrated	Most components present	Lacks structure
Reference Style	Clear styles with excellent source of references	Clear referencing/ style	Generally good referencing/style	Unclear referencing/style	Lacks consistency with many errors
Presentation and Diagrams	Proper writing and drawings professionally presented	Properly written and drawing, with some minor deficiencies	Mostly good, but some structure or presentation problems	Acceptable presentation	Poor structure, careless presentation