West Cheshire College

CO5043 – Further Computer Systems

Practical Assignment

 

Andrew Jones

30/01/2010

 

 

This document deals with the three tasks of Network Design, Network Construction and Network Configuration.

 


 

Table of Contents

Table of Figures. 2

Network Design. 3

Description of the network. 3

The physical topology and the logical topology. 4

The Hardware Required. 7

The Software Required. 7

Limiting Access to Network Resources. 8

Problems Posed and the Solutions Offered. 9

Costs. 9

Support 9

Security. 9

Network Construction. 10

Network Configuration. 10

The server installation. 10

The server configuration. 42

References. 121

Table of Figures

Figure 1: Groups and Users. 4

Figure 2: Logical Network Design Layout 5

Figure 3: Physical Network Design Layout 6

Figure 4: Users being added to a security group. 8

Figure 5: Inappropriate network access. 9


Network Design

Description of the network

We are proposing a switched Microsoft Small Business Client / Server Category 6 cabled Ethernet Local Area Network combined with a Wireless Local Area Network, together with internet access. It will comprise:

·         eight workstations,

·         three laptops,

·         two servers,

·         one switch,

·         one router,

·         one network printer,

·         three wireless access points,

·         one patch panel, and

·         32 shielded CAT 6 sockets

The eight workstations will be fitted with a Gigabit Network Interface Card and physically connected via a patch lead and socket to the cabled infrastructure.

The three Partners laptops will have the option to either connect wirelessly through a Wireless Access Point in their office or connect physically via a patch lead and socket to the cabled infrastructure.

One of the servers will be connected physically via a patch lead to the switch and configured with the Microsoft Small Business Server 2008 operating system to act as:

·         Domain Controller

·         DHCP Server

·         DNS Server

·         Exchange Server

·         Document Repository

·         Windows Updates Service Server

The second server will connect physically via a patch lead to the switch, a second NIC will be used to connect to the router, and the server will be configured with the Microsoft Server 2008 operating system to act as:

·         an additional domain controller,

·         Document Repository backup, and

The switch will act as a central communications focal point managing both the wired and wireless communications with the servers.

The router, which has an integrated firewall, will be connected to one of the two network cards in the second server and provide internet access.

The network printer will be connected physically via a patch lead and socket to the cabled infrastructure.

The three Wireless Access Points will be connected physically via a patch lead and socket to the cabled infrastructure.

The patch panel will provide a central termination point for the cabled infrastructure, and an interface between the switch and the cabled infrastructure, with the switch being connected to the panel via patch leads.

The physical topology and the logical topology

A number of different topologies were considered these included:

·         Bus network,

·         Star network,

·         Ring network,

·         Mesh network,

·         Star-bus network,

·         Tree or hierarchical topology network

We have chosen to implement an Ethernet based shielded twisted pair Category 6 cabled LAN infrastructure combined with a Wireless LAN segment. Ethernet is a logical bus topology which we have implemented in a physical star topological layout. The star topology reduces the probability of a network failure by connecting all of the computers, servers, routers and printers to a central switch. The failure of a transmission line linking any device to the central switch will result in the isolation of that device from all others, but all the remaining devices will be unaffected. However, the disadvantage is that the failure of the central switch will cause transmission failure for all of the devices.

Logically the network will be managed by security groups, shown in figure 1, for access to shared folders and resources, as well as email and internet access. an additional a further logical description is shown in Figure 2.

Figure 1: Groups and Users


Figure 2: Logical Network Design Layout

Figure 3: Physical Network Design Layout


Figure 3 shows the physical layout of the network, taking into account the various rooms and offices described in the scenario. It details the physical position of the computer workstations and the corresponding network sockets together with the servers, router, switch and patch panel.

The Hardware Required

The scenario is not specific, so we are assuming that all the office computers are running the Windows XP professional operating system with 2 Gb of RAM and have a spare PCI slot. The three partners laptops have inbuilt wireless networking and integrated RJ45 LAN connectors and are running the Windows XP Professional operating system.

To meet the principal objective of the scenario: the provision of a network: we would recommend the hardware outlined in Table 1

Description

Quantity

Gigabit Ethernet Network Interface Cards

8

Servers

2

36 port Gigabit switch

1

36 port patch panel

1

Network Laser Printer

1

CAT 6 RJ45 Network Points

32

Router with integrated Firewall and ADSL modem

1

Wireless Access Points

3

CAT6 Patch leads

74

Table 1: Hardware Required for the Solicitors

We feel that this is the minimum amount of additional hardware require to meet the principal objectives. This hardware list ensures that the goals of managed e-mail, internet access and secure access to shared folders will be met. It also provides flexibility for the partners in the way in which they choose to connect to the network.

The Software Required

The choice of software for the solicitors practice has been the most challenging aspect of the design solution, and it boils down to four key aspects:

Looking at these areas in turn: legacy investment: it is most likely that the Microsoft Windows Operating System and applications suit are installed on all of the PC’s and laptops; all of the businesses additional software applications will run on a Windows platform, so the business has considerable investment desire to keep to that platform, as such the costs of software rises from a few hundreds of pounds for all of the software required to several thousands of pounds. The Microsoft and additional software required for the solicitors practice is laid out in Table 2.

The considerably lower cost solution for the practice would be through a Linux operating system and applications suit, this however brings into the equation: reliability and support: whilst the Microsoft applications suit and O/S are by no means perfectly reliable they are considerably better than the Linux based free alternatives. Leaving support, this for a Linux system is limited and would typically tie the practice into an expensive support contract with very few options for other providers. Where on the other hand a Microsoft based solution leaves the practice many more choices for support as these produces are considered as industry standard.

Description

Quantity

Microsoft Windows Small Business Server Premium Edition 2008

1

Microsoft Windows Server 2008 R2

1

Microsoft Forefront Threat Management Gateway 2010

1

Office Professional Plus 2010

11

Anti-virus software

11

Backup software

1

Table 2: Software Required for the Solicitors

Limiting Access to Network Resources

Text Box: Figure 4: Users being added to a security groupSecurity on the network will be managed through the use of a user name with password to logon to the domain and the membership of security groups. The following security groups will be created: Partners, Staff, Finance, Receptionists, HR and Office Manager with the various members of staff being added to each security group. Shown in Figure 4 are the Partners user accounts being added to the Partners security group.


The use of security groups allows for the simple application of security permissions for shared files and folders. Shown in Figure 5 is the attempt by a non-member of the correct security group attempting to access a protected folder.

 

 

 

 

 

 

Text Box: Figure 5: Inappropriate network access

Problems Posed and the Solutions Offered

Costs

The costs debate is closely related to support dilemma and revolves around industry standards, legacy investment and systems availability. There is little use to the business in having a network system that costs very little but is made up of non-industry standard components and software that is only supported by one individual. Better the safer, but considerably more expensive route of the Microsoft solution, which will be more flexible and more than likely less expensive in the longer term.

Support

Support is like insurance, you only need it when you need it! Following on from the costs debate and closely linked is the deliberation about support contracts. The Linux, free and low cost, route severely limits the opportunities to provide a robust and secure support contract. Linux and the associated applications suits is a very small and limited market. The Microsoft based solution is industry standard and as such the opportunities to choose the practice’s support contract provider a significantly greater, an all together safer option.

Security

The solution proposed provides a more than adequate level of security for the practice. Access to the computers is managed by user names and password, which have to meet complexity requirements. Access to the shared resources on the network is managed by the implementation of security groups. The wireless portion of the network will use WPA2, a highly secure connection methodology, to connect to the LAN. The shielded Category 6 cabled infrastructure is again very secure against eavesdropping; and, the servers are physically stored away from other people and if necessary the door could be locked.

Network Construction

We were provided a NIC, a Windows XP PC, a patch lead, switch and a screw driver set. Following electrical safety procedures, all power was cut from the PC. Using the screw driver we removed the four retaining screws at the rear of the PC and took the case off. Again using the screw driver we removed the screw holding the PCI blanking plate in place and removed the blanking plate. With the slot now clear we inserted the NIC in to the PCI slot and secured it with the screw previously removed. We replaced the case, reinserting and securing the four case screws.

Power was now re-applied to the PC and it was booted into Windows, automatically the addition of new hardware prompted the system so search for drivers, which it found and configured for use with the hardware.

The patch lead was inserted into the RJ45 socket on the NIC and the other end of it into the RJ45 socket in the switch. With this connection made, a green light was displayed by both the NIC and the switch to indicate that there was a physical link, we used the ping utility to contact a laptop, acting a server, on the network, with this successfully completed we made a Windows network connection to the server and created and saved a document in a shared folder on the server.

Network Configuration

The server installation

 


Initial loading screen where the files for the text based portion of the installation are loaded

 

 


The first welcome screen where we choose set up windows

 


The license agreement screen, we choose to accept it and press F8

 


There is already an installation of Windows on the system so we choose escape

 


There is already an existing partition which we are going to delete so we choose D

 


A warning that the partition is a system partition and we choose Enter to continue

 


A further warning that we are about to delete the partition and we choose L to continue

 

 


We know have a blank disk with no partition which we are to setup Windows on so we choose Enter

 


We are prompted for a file system for use in the formatting of the newly created partition, we choose NTFS and press enter to continue

 


The formatting progress bar

 


Setup is now copying the files necessary to complete the text based portion of the setup process and readying the system for the GUI phase of the installation

 

 


The setup programme is completing the configuration

 

 


The text portion of the installation is complete and the system is to reboot

 

 


The Windows loading screen

 

 


The installation screen for the GUI portion of the installation


The configuration option to change the language and keyboard setting for the server, we choose customise

 


The current regional options, we change these to English (United Kingdom) by selecting customise

 


We change the input language to English (United Kingdom) and remove the existing language options


A warning that the language settings will not change until the next restart or logon

 


Change the language option to English (United Kingdom)

 


Confirmation that the regional and language options have been changed

 


Enter the name and organisation of the software owner

 


Enter the product key

 


Select the licensing mode for the server, we choose per device or per user


Create a computer name and set the administrative password

 

 


A warning that the computer name contains non-standard characters, we choose yes to continue

 


Set the date and time settings and select next

 

 


Windows configuration screen

 


Configure the network, we choose custom settings

 


Custom settings options for the network configuration, we are going to customise the internet protocol (TCP/IP) settings

 


We set the IP address to 192.168.1.1 with a subnet mask of 255.255.255.0 and the default gateway to 192.168.1.1 and the primary DNS server to 192.168.1.1

 


We choose to make the computer a member of a workgroup called WORKGROUP

 


The Windows configuration screen

 

 


The Windows start-up screen

 


The server is applying settings

 


The logon screen

 

 


Enter a user name and password

 


The desktop as displayed when logged on

 

The server configuration


The Windows logon screen


Enter a user name and password


The Windows server desktop


The Windows systems properties dialog box, where we are going to change the computer name


Changing the computer name to Andrew and leaving it in the workgroup WORKGROUP


Confirmation of the name change and that it will be implemented when the computer restarts


The Windows server shut down screen


The windows logon screen


The next stage in the configuration of the server, we click next


We are choosing the custom configuration option and click next


We are selecting the create a domain controller option and then clicking next


We are clicking next to confirm that we are configuring active directory


We are selecting next


A warning that the security requirements do not support older operating systems. We are again selecting next


We are choosing the option to create a new domain controller for a new domain and clicking next


We are creating a domain controller for a domain in a new forest and clicking next


We are choosing just install DNS on this computer and clicking next


We are calling our new domain jones.local a clicking next


Confirmation that the NetBIOS name will be JONES and clicking next


Confirmation that the active directory database and log will be located in c:\windows\ntds and clicking next


Confirmation that the shared SYSVOL folder will be c:\windows\sysvol and clicking next


We are choosing the permissions compatible with windows 2000, windows 2003 operating systems and clicking next


A summary page for our configuration of active directory and clicking next


The configuration of active directory dialog box


A warning that the computer has a dynamically assigned IP address, we click OK


We are selecting the properties of internet protocol TCP/IP


We are entering a static IP address, subnet mask, default gateway and preferred DNS server and clicking ok


The configuring DNS services dialog box


Confirmation that active directory has been installed, we click finish


The computer must restart dialog box, we choose restart now


The windows logon screen


We enter a username and password


Confirmation that the computer is now a domain controller, we click finish


The desktop, we choose add or remove a role


We choose next


We selecting DHCP server and clicking next


We are choosing next


the welcome dialog box, we are clicking next


The naming the scope dialog box, we name the scope and click next


Here we enter the range of the scope and subnet mask and click next


The add an exclusion dialog box, we have no exclusions so click next


set the lease duration and click next


The configure the scope options dialog, we are choosing yes and clicking next


The set a router IP address, we are leaving this blank and clicking next


The domain name and DNS servers dialog box, we are leaving this blank and clicking next


The WINS servers dialog box, we are leaving this blank and clicking next


The activate scope dialog, we are choosing activate now and clicking next


The confirmation dialog box that the server is now a DHCP server, we are clicking finish


The windows command screen


The results of the ipconfig /all command


The Windows XP system properties dialog box


The computer name changes dialog box, we are joining the domain jones


The Windows Server administrative tool explorer, we are selecting DHCP


We are choosing authorize from the DHCP mmc


Confirmation that the DHCP scope is now authorized and active


The Windows command screen with the results of the ipconfig /renew command


We are joining the domain jones and clicking ok


The domain logon on dialog, we have to enter the user name and password of an account with the credentials that will allow us to join the domain

 


Confirmation that we have successfully joined the domain jones

 


The computer must restart to implement the changes to the domain, we click ok


Choice of when to restart the computer, we are choosing yes

 


The windows xp logon screen

 


Enter a user name and password to logon


The windows xp desktop

 

 


Above, the create a new user option of the users and computers mmc.

 


Below, the new user dialog box


confirmation of the create a new user function, we click finish

 


The AD users and computers mmc with the staff accounts created

 


The AD users and computers mmc with all of the users created

 


The create a new group dialog box, we are creating a global security group


The create a new group dialog box with the name common

 


The AD users and computers mmc with the security groups created


The addition of user accounts to the security groups, this screen show the partners user accounts being added to the partners security group


Confirmation that all three partner accounts are added to the partners security group

 


The addition of the hr manager user account to the security group hr

 


The shared folders for use by the practice


The select users, computers and groups dialog box where we add the security groups that we wish to have access to the shared folder


The security properties of the finance folder showing the users and groups allowed access, we are going to grant the finance group full control

 


The shared network resources

 


The effects of the security policy when logged on as a non-finance group member attempting access to the finance folder

References

http://en.wikipedia.org/wiki/Computer_network

http://en.wikipedia.org/wiki/Ethernet

http://en.wikipedia.org/wiki/Wired_Equivalent_Privacy