====== Firmenstandards Netzerk der Rafisa Informatik GmbH ======
^ Version ^ Status ^ Datum ^ Author ^ URL ^
| 0.1| Erster Entwurf| 08.08.2019| Egil Rüefli| |
| 0.2| Ergänzungen| 08.09.2019| Richi Stammherr, Tim de Vries, Silvan Dux, Egil Rüefli| |
| 1.0| Review und Freigabe| 08.09.2020| Richi Stammherr, Egil Rüefli| |
===== VLANs der Rafisa Dietikon =====
==== zh.rafisa.org - 172.16.0.0/12 ====
^ VLAN Name ^ Kürzel ^ Funktion ^ VID ^ IP-Adresse ^ FW-Interface-Name ^ DHCP-Server ^
| ::: |||||||
^ VLAN Management ^  ^  ^ 01 ^ ^ ^ ^
| VLAN01 | MGMT | Management               | 01 | 172.16.1.0/24  | VLAN01_MGMT | ❌|
^ VLAN Server   ^ ^ ^ 10-19 ^ ^ ^ ^
| VLAN10 | SRVAUTH | Server Authentifizierung | 10 | 172.16.10.0/24 | VLAN10_SRVAUTH | ❌|
| VLAN14 | SRVEMPL     | Server Ausbildner        | 14 | 172.16.14.0/24 | VLAN14_SRVEMPL |❌|
| VLAN15 | SRVLEARN     | Server Lernende          | 15 | 172.16.15.0/24 | VLAN15_SRVLEARN |❌|
^ VLAN Clients  ^ ^ ^ 20-29 ^ ^ ^ ^
| VLAN21 | CLEMPL     | Clients Ausbildner       | 21 | 172.16.21.0/24 | VLAN21_CLEMPL |✔️|
| VLAN22 | CLLEARN     | Clients Lernende         | 22 | 172.16.22.0/24 | VLAN22_CLLEARN |✔️|
| VLAN23 | CLGUEST     | Clients Guest (WLAN)     | 23 | 172.16.23.0/24 | VLAN23_CLGUEST |✔️|
^ VLAN Drucker  ^ ^ ^ 40 ^ ^ ^ ^
| VLAN40 | LP   | Drucker                  | 40 | 172.16.40.0/24 | VLAN40_LP |❌|
^ VLAN Labor    ^ ^ ^ 50-59 ^ ^ ^ ^
| VLAN51 | LAB01     | Labor 01 | 51 | 172.16.51.0/24 | VLAN51_LAB01 |✔️|
| VLAN52 | LAB02     | Labor 02   | 52 | 172.16.52.0/24 | VLAN52_LAB02 |✔️|
| VLAN53 | LAB03     | Labor 03   | 53 | 172.16.53.0/24 | VLAN53_LAB03 |✔️|
| VLAN54 | LAB04    | Labor 04   | 54 | 172.16.54.0/24 | VLAN54_LAB04 |✔️|
| VLAN55 | LAB05     | Labor 05      | 55 | 172.16.55.0/24 | VLAN55_LAB05 |✔️|
==== Berechtigungsmatrix ====
Die Matrix wird Zeile nach Spalte gelesen (Zugriff von Zeile nach Spalte erlaubt/nicht erlaubt)

^VLAN^ 01^10^14^15^21^22^23^40^ 51^52^53^54^55^WAN^VPN-EXT^
| 01  |✔️|✔️|✔️|✔️|✔️|✔️|✔️|✔️|✔️|✔️|✔️|✔️|✔️|✔️|✔️|
| 10  |❌|✔️|❌|❌|❌|❌|❌|❌|❌|❌|❌|❌|❌|✔️|✔️|
| 14  |❌|❌|✔️|❌|❌|❌|❌|❌|❌|❌|❌|❌|❌|✔️|❌|
| 15  |❌|❌|❌|✔️|❌|❌|❌|❌|❌|❌|❌|❌|❌|✔️|❌|
| 21  |❌|✔️|✔️|✔️|✔️|✔️|✔️|✔️|✔️|✔️|✔️|✔️|✔️|✔️|✔️|
| 22  |❌|✔️|❌|✔️|❌|✔️|❌|✔️|❌|❌|❌|❌|❌|✔️|❌|
| 23  |❌|❌|❌|❌|❌|❌|✔️|❌|❌|❌|❌|❌|❌|✔️|❌|
| 40  |❌|❌|❌|❌|❌|❌|❌|✔️|❌|❌|❌|❌|❌|✔️|❌|
| 51  |❌|❌|❌|❌|❌|❌|❌|❌|✔️|❌|❌|❌|❌|✔️|❌|
| 52  |❌|❌|❌|❌|❌|❌|❌|❌|❌|✔️|❌|❌|❌|✔️|❌|
| 53  |❌|❌|❌|❌|❌|❌|❌|❌|❌|❌|✔️|❌|❌|✔️|❌|
| 54  |❌|❌|❌|❌|❌|❌|❌|❌|❌|❌|❌|✔️|❌|✔️|❌|
| 55  |❌|❌|❌|❌|❌|❌|❌|❌|❌|❌|❌|❌|✔️|✔️|❌|
|WAN  |❌|❌|❌|❌|❌|❌|❌|❌|❌|❌|❌|❌|❌|✔️|❌|
|VPN-EXT |❌|✔️|❌|❌|❌|❌|❌|❌|❌|❌|❌|❌|❌|❌|✔️|

===== L3-Netzplan Rafisa Dietikon =====
----
{{drawio>team:sabareeshan-nadeswaran:rafisa_zh_l3netzplan}}
----
^ FQDN ^ IP-Adresse ^ OS ^ Services ^ Service-Team ^ Service-Owner ^
^ Server ^^^^^^
| dc-zh-ruga-02.zh.rafisa.org | 172.16.10.22/24 | Windows Server 2019 | DC/AD, DNS | Server Services | RS |
| dc-zh-ruga-04.zh.rafisa.org | 172.16.10.24/24 | Windows Server 2019 | DC/AD, DNS | Server Services | RS |
| MUSS ERGÄNZT WERDEN ||||||

===== L3-Soll Zustand Testumgebung =====
----
{{drawio>team:sabareeshan-nadeswaran:rafisa_zh_l3netzplan}}
----
^ FQDN ^ IP-Adresse ^ OS ^ Services ^ Service-Team ^ Service-Owner ^
^ Server ^^^^^^
| dc-zh-ruga-02.zh.rafisa.org | 172.16.10.22/24 | Windows Server 2019 | DC/AD, DNS | Server Services | RS |
| dc-zh-ruga-04.zh.rafisa.org | 172.16.10.24/24 | Windows Server 2019 | DC/AD, DNS | Server Services | RS |
| MUSS ERGÄNZT WERDEN ||||||