Scribd
Upload
93 views1 page

LLD Design 9 9 2024

The document outlines the low-level network design for Zemen Bank S.C, detailing connections between various branches, ATMs, and the data center. It includes management IP addresses, VLAN configurations, and descriptions of the network equipment used, such as firewalls and switches. Additionally, it specifies the redundancy and connection types, including MPLS/WAN and IPSEC VPNs.

Uploaded by

medrek
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
93 views1 page

LLD Design 9 9 2024

The document outlines the low-level network design for Zemen Bank S.C, detailing connections between various branches, ATMs, and the data center. It includes management IP addresses, VLAN configurations, and descriptions of the network equipment used, such as firewalls and switches. Additionally, it specifies the redundancy and connection types, including MPLS/WAN and IPSEC VPNs.

Uploaded by

medrek
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

Zemen Bank S.

C Network Low Level Design Diagram


Internet
MPLS/WAN Connection DR site, IPSEC VPN
Branches, ATMs, & POS Connection

10.131.194.192/29 10.131.173.128/29

MPLS/WAN
Connection
Mgmt_IP: 10.1.254.253 Mgmt_IP: 10.1.254.103 mgmt_IP: 213.55.77.146
mgmt_IP: 213.55.77.147
Legend
Mgmt_IP: 172.16.10.11
DR site mgmt_IP:172.16.10.10 G0/0/2 .1
iBGP 1.1.1.0/24
.2 G0/0/2
.103 Port 8
10.1.1.2 iBGP 10.1.1.2

Description
G0/0/2 10.1.1.0/24 G0/0/2
Port 3
Symbol Model
.41

Port 8
.10 Port-channel 5 .11

.253
.146 Po5(213.55.77.144/29) .147
10.129.243.40/29

cloud Internet and Data


.44

172.16.10.8/29

mgmt_IP: 10.129.243.44
mgmt_IP: 10.2.252.1
.1 10.2.252.0/29 .2
Int 1 G0/0
ASA 5525 DR cisco ASA firewall
DR-SFS-01 NBE mgmt2: 10.1.20.50 .9

a3 .145(outside)

Cisco catalyst 8200L

Vlan 100 mgmt:10.1.254.0/24


Port 21 .50 FortiGate 1200D


FortiGate 1200D

10G SFP+
MGMT 1 1 3 5 7 9 11 13 15 17 19 21 23 25 27 29 31 33 35 10G SFP+

Hauwei 1220 Internet, Data, VISA, and Mastercard Routers


MGMT 1 1 3 5 7 9 11 13 15 17 19 21 23 25 27 29 31 33 35
CONSOLE
CONSOLE
STATUS

ALARM

HA
Port 31 & 32 STATUS

ALARM

HA
POWER
POWER
USB MGMT USB MGMT 2 2 4 6 8 10 12 14 16 18 20 22 24 26 28 30 32 34 36
USB MGMT USB MGMT 2 2 4 6 8 10 12 14 16 18 20 22 24 26 28 30 32 34 36

Port e1/11-12
Cisco catalyst
.9
Third party mgmt_IP: 10.1.254.5
mgmt_IP: 10.1.254.6

e1/9
Remote mgmt_IP: 10.1.20.51

connection .1
External palo alto firewall
PA-1420

10.1.22.8/29

XG430 Sophos bridge


Mgmt IP and VLANs for HQ Access switches

e8
e7
Po100 e54/3 & e54/4
Mgmt_IP_Address FL VLAN ID VLAN Name HA
Po-100 e3/47-48 FortiGate 1200D

Mgmt_IP: 10.1.20.2
10.1.20.40 & 41 1st 40 Main Branch VRRP 10.1.20.1 STATUS

ALARM

HA
CONSOLE
MGMT 1 1 3 5 7 9 11 13 15 17 19 21 23 25 27 29 31 33
10G SFP+
35

Fortigate 1200D Internal firewalls with HA

Vlan 100 mgmt:10.1.254.0/24


POWER

USB MGMT USB MGMT 2 2 4 6 8 10 12 14 16 18 20 22 24 26 28 30 32 34 36

Mgmt_IP: 10.1.20.3 mgmt_IP: 10.1.254.10 mgmt_IP: 10.1.254.11


32,40,41,& 34
Core layer

10.1.20.60 6th Swift, Call center, ATM-card, & IT


VRRP 10.1.20.1

10.1.20.61 6th 33 IT e3/8

10.1.20.8 & 81 8th 34 ATM-&-VISA

10.1.20.9 & 91 9th 31 Coporate-Banking DCS-7304-F Arista core switchs with HA


10.1.20.10 10th 34 ATM-&-VISA(omni)

10.1.20.101 10th 41 PBB-&-Branch-mgt-&-Interest-Free

10.1.20.11 11th 41 PBB-&-Branch-mgt-&-Interest-Free(KYC)


Arista 7050x DC and DR server farm switches
10.1.20.111 11th 43 Risk-&-Compliance + Audit

Port 23
Access Layer

10.1.20.12 12th 37 Engineering-&-Procurement mgmt_IP: 10.1.254.3

Port6
10.1.20.12 13th 32 Human Resource
Aruba switch 3810M HQ Access switch
mgmt_IP: 10.1.254.4
10.1.20.13,131, & 132 13th 33 IT Mastercar-R-1

Sample HQ Access switches

10.1.20.14 14th 36 Research-&-Business-Mgt(Marketing)

10.1.20.141 14th 36 Research-&-Business Mgt(strategic) DC servers DC servers


Mastercard-R-2
10.1.20.15 15th 38 Finance

10.1.20.151 15th 37 Procurement

10.1.20.16 & 161 16th 31 CIB .5 Workstation Workstation


g0/0/0
workstations

10.1.20.17 17th 35 Credit


Zemen VISA-R2 VISA-R-1
Mgmt_IP: 172.6.6.4
VRRP 172.6.6.6
10.1.20.171 17th 41 SME

10.1.20.18 & 181 18th 37 Engineering


HQ end devices DC servers Laptop Laptop
10.1.20.19 19th 46 Training Room .4 Third party
g0/0/0

10.1.20.26 26th 42 Executive


connection
Mgmt_IP: 172.6.6.5
Zemen VISA-R1 VISA-R-2
VRRP 172.6.6.6
10.1.20.28 28th 43 Board-Member
Aironet Wireless Data network

Cat 6 cable UTP cable

Fiber cable Fiber cable

Prepared by: Network Team Version: v1 CloudConnect Cable CloudConnect Cable

Approved by: ____________ Approved Date: 9/9/2024 Redundant UTP cable Redundant UTP cable

Coaxial cable For mastercard connectivity to cloud

Fiber cable Redundant fiber cable

IPSEC VPN IPSEC VPN

You might also like