User Account

All Pages

Setup and install a small network and set of servers

Assignment Help Computer Networking
Reference no: EM131073379

Subject - System and network administration

Project Requirements

Overview

You are required to setup and install a small network and set of servers to support a small company which operates a tomato packing plant. The plant operates in a small regional town and has 10 permanent employees and around 25 part-time and casual employees.

The company requires a forward facing (connected to the Internet) Web Server that is located onsite in the main office. The National Broadband Network has just been enabled in the area so a high speed Internet connection is now available.

An existing file server, TommyToe, used by the permanent employees to store various documents, spreadsheets, databases, etc., will need to be integrated into the new network. TommyToe runs Microsoft Windows Server as the operating system and is backed up daily via an attached high speed tape drive with suitable software. All new servers should mount a shared space on TommyToe to save backups to. These will then form part of the backup process already operating on the TommyToe server.

The Network

Summary

A single internal network is to be created using DHCP for all networked device configuration. All servers (including TommyToe) should be allocated a fixed IP address by the DHCP server and have a fixed server name (server names are provided below). All other client hosts should be allocated an IP address from a range of IP addresses.

The internal network should be protected using a single gateway/firewall server.

The Servers

General

To provide simple, robust and secure systems throughout the company the following standards and recommendations have been agreed to and must be adhered to, for all systems:

* all servers will be Ubuntu based (excluding TommyToe)
* lighttpd will be used for all web servers
* MySQL will be used for all new databases where possible
* Samba is used for all internal file sharing requirements
* all new systems must be hardened and scanned for security issues prior to being made available for use
* an intrusion detection and prevention systems (IDPS) must be running at all times
* appropriate password aging must be implemented on all servers

DHCP Server [Cherry]

A small, secure, dedicated server should be created that provides automatic server and client network configuration using DHCP. Only support staff will have access to this server. DHCP configuration must be backed up regularly and a simple recovery procedure must be developed in the event of server failure.

It is suggested that one of the other servers be setup as a manual failover DHCP server with changeover details listed in the recovery procedure.

All servers should have permanent IP addresses assigned to them from the DHCP server, based on MAC addresses. The internal network IP address range to be used is 192.168.33.0/24.

Web Server [BigBeef]

The Web Server offers an overview of the organisation and provides potential casual staff with all necessary details to apply for a position within the company.

The Web content is handled by an external web developer. The only requirements are that lighttpd and php5 be available on the server and that the server be very secure. Only support staff and the web developer should have access to the Web Server itself.

File Server [TommyToe]

The existing Microsoft Windows Server with MAC address: 08-00-27-00-CC-77.

Client machines vary on the internal network - they are a mix of Windows, Mac OS and Linux, however all will access the File Server using Samba shares. All client machines will receive network configuration from the DHCP server.

All of the organisations servers and data should be backed up to the central File Server over the network. All backup procedures must be scripted, well documented and limited to a backup group of staff members. The File Server will hold the most recent backups of all systems, data and files, on disk, to allow for fast retrieval/restore of data, files and systems. All long term backups will be removed from the server once they have been written to tape by third party backup software and stored offsite.

Server backup scripts must generate a text file list of all files that were backed up, including timestamp and ownership details, which should be stored with the backup file (use the same name but with a different extension).

Third party backup software is installed on the File Server that automates the process of writing backups to a tape backup system (assume it just works). It simply requires that all backups be named appropriately and placed into a single directory, \\TommyToe\backup, on the server. Retrieval of long term backup file sets is simply a matter of typing the backup file set name into the third party software and it will prompt for the required tape to be inserted and restore the file set to the \\TommyToe\restore directory on the File Server.

Gateway/Firewall [Roma]

A hardened Gateway/Firewall should be placed between the internal network and the Internet. At this time there are no restrictions on staff access to external networks. External access should be limited to the organisations Web Server and support staff SSH access to maintain systems.

IDPS [BlackRussian]

A suitable server for detecting, reporting and preventing all suspicious activity on the network, should be installed and configured.

Email

The organisation finds it much easier to use Gmail for all of its Email requirements. So no internal Email server is required. However, all server 'alerts' should be sent to a generic support email address (use your own for this).

The document must include the following:

a) Installation and configuration details of all servers.

b) Backup and recovery procedures to allow staff to perform backup and recovery of all servers.

c) Failover procedures in the event of failure of the DHCP server.

d) Details of the network configuration. This should include a table of servers with MAC addresses, allocated IP addresses, client IP address ranges and a well labelled diagram of the entire network.

e) Details of general procedures and actions required to be taken in the event of an attempted attack/security breach.

f) Details of general procedures and actions to be taken in the event of a significant security breach occurring e.g. unauthorised access to the Web Server.

g) Details of how support staff gain access to internal systems from outside of the network.

h) Details on how all servers have been hardened against security attacks.

i) Details of system/security alerts - what/where alerts are generated and where they are sent.

j) Details of the password aging implementation.

Tips:

i. Keep notes on each server as you progress. You can use these to provide the required details listed above.

ii. Backup notes and configuration files regularly - loss of these due to hardware or software failure will not be accepted as a reason for problems with submitting the project.

iii. Do not repeat yourself e.g. if you list details for a base server installation, which is used by most/all servers, only do that once. Do not include details about VirtualBox installation or configuration - we are only interested in the servers and network details.

2. Submit the following configuration files and scripts:

a) All backup scripts which must be well documented and clearly referred to in the TommatoPlant.docx document. Sample backup script output for each server named as $SN.BackupOutput.txt, where $SN is the server name. Include a backup.readme.txt file that summarises the files you have submitted.

b) iptables rules used on the gateway/firewall - submit as a well-documented script. Ensure it is named appropriately.

c) /etc/passwd, /etc/group and /etc/sudoers (or sudoers.d) files for all servers. Name them as follows, substituting the server name for $SN:
$SN.passwd e.g. Roma.passwd
$SN.group e.g. BigBeef.group
$SN.sudoers e.g. Cherry.sudoers or Cherry.sudoers.d.xxx

3. Summarise results of security scans performed on each server. Submit as a single Word document named SecurityScans.docx.

4. The hard disk on the Web Server has failed. Rebuild the entire server using your recovery procedures in 1 (b). Provide full details of the process including details of where your recovery procedures failed or can be improved.

You must provide 'proof' that you have rebuilt your Web Server with screen shots of the recovery process where appropriate. Include relevant sections of the /var/log/auth.log file showing the relevant commands being performed using sudo. These must be full entries including date/time stamps etc.

5. The idea to move the main web server offsite has been raised - moving it into the 'cloud'. Write an overview of the requirements to do this. List three providers including: Amazon ec2 (Amazon Elastic Compute Cloud), linode (Linode Cloud) and one of your choosing. Highlight associated costs/savings/pros/cons for doing this.

Reference no: EM131073379

Questions Cloud

Degree of operating leverage-percent will profit increase : You have computed your healthcare facility's degree of operating leverage (DOL) at a projected volume of 10000 patient visits and found this value to be 8.49. Using this information, if volume increases by 12 percent, by what percent will profit incr..
Consider the four components making up the system : In this assignment, you will consider the four components making up the system of one of the six focus organizations (Netflix, Ford Motor Company, Oracle Corporation, Groupon, Dyson, and QuikTrip) referred to in your text.
What is an example of a recent creative sourcing strategy : What is an example of a recent creative sourcing strategy used by a company and how successful was it? Share other sourcing strategies you personally think are creative.
What is the decision making process normally used by you : How would the decision-making process help resolve this conflict? Consider the special challenge of working to make a company decision with family involvement.
Setup and install a small network and set of servers : COIT13146 - System and Network Administration - You are required to setup and install a small network and set of servers to support a small company which operates a tomato packing plant. The plant operates in a small regional town and has 10 perman..
Element of managing an on-site event production : 1. Select and explain one element of managing an on-site event production. How does it enhance or diminish the event or function? 2. Conduct an Internet search to find an example of an event on-site production contract and highlight the various i..
Financial projections-after-tax profit : You are considering starting a walk-in clinic. Your financial projections for the first year of operations are as follows: Revenue (10000 visits) $409699 Wages and benefit $226160 Rent $5349 Depreciation $25568 Utilities $2442 Medical supplies $48524..
Exceptional knowledge of the engineering : Zack has been with your company for 20 years. He has an exceptional knowledge of the engineering aspects of a large project that the company is implementing.
What number of visits is required to break even : You are considering starting a walk-in clinic. Your financial projections for the first year of operations are as follows: Revenue (10000 visits) $416541 Wages and benefit $205597 Rent $4129 Depreciation $28555 Utilities $2495 Medical supplies $45344..

Reviews

Write a Review

Computer Networking Questions & Answers

  Explain detailed response to the network design request

The Technical Term Paper will include the detailed response to the network design request. The document will be submitted in MS Word and will be between 10-15 pages with graphics embedded within the document.

  Alter minix three to count sent processes

The assignment is to alter Minix 3 to count sent processes and print it into table saying who sent and who's receiving. He said we require place to store counts and then print in readable fashion.

  What topology works best for the offices

What topology works best for the offices

  Why are scrum and xp rapidly emerging frameworks

"What are the criteria of effectiveness used to support the claim that ''agile software development methodologies'' are a superior design method? Why are Scrum and XP rapidly emerging frameworks as methodoly techniques?"

  Hypothetical condition for each signal type used in wan

Give the hypothetical condition for each signal type which shows how it could be, or is being, used in the WAN. In what situations, for instance, would the company select to use satellite signal?

  What are major concerning factors of data loss and data thef

What are major concerning factors of data loss and data theft

  Explain use of windows server network operating system

It has already decided to use Windows Server 2003 network operating system. What type of LAN will your team design for this company?

  Prepare essay that describes access performance requirements

Prepare an essay that describes the access performance requirements for a network fileserver, application server, and/or Web server. Include the pros and cons of the server you chose.

  Case studysource wwwsunnych author silvia hagen company

case studysource www.sunny.ch author silvia hagen company sunny connection ag staubergasse 9 8124 maur switzerland

  List the range of normal vlan

List the range of Normal VLANs. What VLANs are reserved in that range? List the Extended VLAN range. What, if any, VLANs are reserved in that range?

  Identify vendor-specific server-monitoring utility

Management utilities can be vendor-specific or vendor-neutral. There are many utilities that are available to provide a proactive approach to monitoring each node of the cluster. Identify vendor-specific server-monitoring utility

  Design the datagram for next header fields

Design the datagram and illustrate what contents of each of Next Header fields would contain. You do not have to look up actual numeric value, just explain what it would be referencing next.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd