Reference no: EM13545
Bluesky Systems is a software development company that builds software components for a variety of private and government clients. Their current infrastructure is outdated and has been prone to being attacked by hackers that have exploited vulnerabilities in their current DNS causing serious down time. In the last 4 years Bluesky has had to recover from numerous disasters due to a lack of any good business continuity planning. Remote access to the two existing sites is allowed using Cisco VPN technology. This has caused numerous security issues because of missing security patches, outdated AV signatures and missing OS patches and updates.
Bluesky has a main site located in Tucson Arizona with one remote site located Phoenix, Arizona. Another remote site is proposed for 2014 for Sierra Vista, Arizona which add an additional 12 employees. The threesites will be connected via a VPN connection built between their three ASA firewalls. The existing two sites are configured as follows.
The Blue Sky internal domain located in Tucson, called bluesky.local has two domain controllers. All servers run Microsoft Windows Server 2003, Standard Edition. All client computers run either Windows XP, or Windows 7.
Rosa Ruiz, director of technology at Blue Sky has asked you to design a new networking infrastructure for the company.
Required Proposal Responses:
Executive Summary - Provide a high level executive summary of your Infrastructure proposal. Imagine that you have 20 minutes to present your proposal to the board of directors. Explain to the board the issues with their current infrastructure;highlight the key aspects of your design and how your proposal will benefit Bluesky Systems.Close out your executive summary by summarizing why Bluesky should select your proposal and not your competitors'. Assume that the board of directors is not technical. Be careful of the technical jargon you use. This is your one chance to shine before the executive committee and convince them that you are the right chose for their network up grade. Be persuasive! (Three paragraphs- Half page)
The Appendix Adetailsthe current network configuration along with the proposed Sierra Vista site.
Appendix B details the layout of the wiring closet located at the main site in Tucson.
1) Describe the forest, domain, OU, and trust configuration for Bluesky. Include a chart or diagram of the current configuration. Currently Bluesky has a single domain and default OU structure. Tucson location has 2 Domain Controllers. The Phoenix location has a single Domain Controller. You can make changes to the forest, domain and OUs based on how it will benefit your design. Also include an overview of your design in paragraph form. (1 page, including charts and/or diagrams)
2) All clients should obtain IP addresses automatically. Develop a DHCP configuration. Include what servers will have the DHCP Server role on them. Describe all the components such as: scopes, leases, reservations, options and relay agents. Also include IP address scheme for organization. (1page)
3) The following chart describes Bluesky's current IP scheme. Use the following table as your guide or create of your own.
4) All workstations and servers need name resolution capabilities for the intranet and the Internet. DNS - Develop a DNS namespace for Bluesky. What servers will contain the DNS Server role and describe where DNS servers will be located. Describe what the DNS namespace structure will look like.
5) BlueskyDNS1 currently holds the primary DNS zone for the bluesky.local network and is used for name resolution internally and externally.
6) BlueskyDNS1 is the forest root and the DHCP server for the Tucson location.
7) BlueskyDNS2 is a backup domain controller for the network and the secondary DNS server for bluesky.local.
8) BlueskyPhoenix is a domain controller, file server, print server, DNS and DHCP server for the Phoenix location.
9) All sites will connect via a VPN connection established between three Cisco ASAs. The VPN is used for replication traffic between the sites and secure remote access.
10) The proposed Sierra Vista will need the same configuration as the Phoenix location.
Your proposal must incorporate the following items
1. All Domain Controllers must be Windows 2008 Active Directory.
2. All sites must have Active Directory services available even if a single Domain Controller fails.
3. Client IP address assignment must be automated and manageable for all sites and locations.
4. DNS must be manageable and secure. Clients must be able to resolve DNS even if a single DNS server fails or during an internet connection outage.
5. Provide secure remote access solution that utilizes Network Access Policy controls. Remote users should connect using certificates.
6. Provide easy and manageable workstation image and software deployments. All workstations should be Window 7.
7. Users must be able to print and share files on the network.
8. Executives and department managers must not be affected by print and file server failures.
Windows Server Deployment Proposal
Prepare a proposal to deploy Windows Server onto an existing network based on the provided scenario. The proposal will include deployment, security policy, application and data provisioning, monitoring, and continuity plans. It should be at least 1,000 words. Diagrams, answer files, log files, and other attachments will not count toward the word count.
Your proposal may be based on one of two possible designs:
1. A parallel network installation deploying new hardware and/or virtualization is used to replace the existing infrastructure. The existing network is left in place until a time that the network is no longer needed.
2. All proposalsshould have the following services and server roles present.
e. Security policy
g. Backup and recovery
h. Remote access
i. Continuity planning
3. Your proposal should begin with an executive summary of the proposed Server 2008 deployment for Bluesky Systems.
4. Your responsibilities for the server deployment begins at the clients demark for all three sites. No changes to any router, ASA firewall orVPN is needed.