Designed, configured, documented, executed testing, and reported results for 1000+ user network to test an enterprise level Network Intrusion Detection System. The following is an excerpt from the actual proposal:
The proposed environment will have a total of 1000 test hosts that will reside on 5 different network segments and one DMZ as depicted in the above diagram. Additional hosts will likely be added for network monitoring, sniffing, and testing purposes. Each DMZ host will have a static global IP address assigned. Internal network segments will have a private address assigned in the range of 192.168.x.x. A Layer 3 switch will provide routing between the Network Segments and will also provide Private to Global IP address translation utilizing NAT and NAT-PT. One full IP Class `C' Network will be allocated for testing. The actual breakdown of the network segments and the number of residing hosts are as follows:
demilitarized zone (DMZ): 10 Hosts
Server Farm: 25 Hosts