Updating current Network Design It18 roshan basnetDocument Transcript
Executive summaryAICL , Australian Institute of Commerce and Language is presently located at heart ofthe Sydney, George street and was established in the year 2000. Presently theinstitution possess 500 students in different courses like English preparationcourse(IELTS), Diploma in Accounting, Cert IV of Accounting, Diploma ofIT(networking), Cert IV of IT(networking), Electronics And Communications and manymore.Due to growing demand of the students the institution is about to establish a newbranch in the Sydney, Pitt street.Presently they have implemented three server that is Domain controller, Print serverand Proxy server.At the moment the head office at George Street has four branches:Account Department, IT Department, Administrative Department, and Staff Departmentwith student section.As a server window server 2003 is implemented with windows XP as a client operatingsystem.Same scenario will be implemented in the branch office also , but with updated devices.Introduction:AICL, Australian Institute of Commerce and Language is presently located at heart ofthe Sydney, George street and was established in the year 2000.AICL has 500 users in different courses such as English preparation course, Diploma inAccounting, Cert IV of accounting, Diploma of IT (networking), Cert IV of IT(networking), Electronics and Communications and many more.Due to growing demand of the students the institution is about to establish a newbranch in the Sydney, Pitt street.They are also adding new courses which makes student easier and more reliable suchas advanced diploma in accounting, diploma in hair dressing and so many others.
Background:At the moment AICL is using three basic server i.e. domain controller, print server andproxy server. Because of these servers It will be easy for all of the members in thisinstitute to easily share document any time anywhere throughout the institute. In thenetwork windows 2003 server is implemented as a server.Introduction to servers:Domain Controller:A domain controller is a server that is running a version of the Microsoft WindowsServer 2003 or Windows 2000 Server operating system and has the Active Directorydirectory service installed.Print server: A print server, is a computer or device that is connected to one or moreprinters and to client computers over a network, and can accept print jobs from thecomputers and send the jobs to the appropriate printers.Proxy serverA server that sits between a client application, such as a Web browser and a realserver. It intercepts all requests to the real server to see if it can fulfill the requests itself.If not, it forwards the request to the real server.It has two main purposes: Improve Performance: Proxy servers can dramatically improve performancefor groups of users. This is because it saves the results of all requests for acertain amount of time. The major online services such as MSN and Yahoo, forexample, employ an array of proxy servers. Filter Requests: Proxy servers can also be used to filter requests. Forexample, a company might use a proxy server to prevent its employees fromaccessing a specific set of Web sites.ISA Server: Microsofts ISA Server (Internet Security and Acceleration Server) is thesuccessor to Microsofts Proxy Server 2.0 (see proxy server) and is part ofMicrosofts .NET support. ISA Server provides the two basic services of an enterprisefirewall and a Web proxy/cache server. ISA Servers firewall screens all packet-level,circuit-level, and application-level traffic. The Web cache stores and serves all regularlyaccessed Web content in order to reduce network traffic and provide faster access tofrequently-accessed Web pages. ISA Server also schedules downloads of Web pageupdates for non-peak times.
ISA Server allows administrators to create policies for regulating usage based on user,group, application, destination, schedule, and content type criteria. ISA Server isdesigned to work with Windows 2000 and later operating systems and to takeadvantage of Windows Kerberos security. ISA Server includes a software developmentkit (SDK).ISA Server comes in two editions, Standard Edition and Enterprise Edition. StandardEdition is a stand-alone server that supports up to four processors. Enterprise Edition isfor large-scale deployments, server array support, multi-level policy, and computers withmore than four processors. Licenses are based on the number of processors.GFI Web Monitor 2009™ boosts employee productivity by giving you complete internetaccess control to monitor what users are browsing and downloading in real-time.Research by IDC shows that up to 40% of employee Internet access is non-workrelated. As a network administrator, internet monitoring software provides you the toolsthat enable you to have complete Internet access control to monitor employees webbrowsing activities and to ensure that any files downloaded are free of viruses and othermalware.Microsoft Exchange Server: Exchange is a popular Microsoft messaging system thatincludes a mail server an e-mail program (e-mail cliet) and groupware applications.Designed for use in a business setting, the Exchange server is often used in conjunctionwith Microsoft Outlook to take advantage of Outlooks collaborative features, such asthe ability to share calendars and contact lists.Microsoft Exchange serves two purposes:• Mail Server. Exchange supports POP, IMAP,and web e-mail clients, as well as its own preferred mail client, Microsoft Outlook.• Collaboration server. Exchange allows users to share information, either usingOutlook on their desktops or Outlook Web Access through a web browser. Itenables Outlooks most important features for collaboration - public folders towhich everyone can contribute and view files, calendars for scheduling meetingsor reserving resources like conference rooms, common address books forsharing contact information, and much more.
Problem:• Network congestion slow connectivity.• Bandwidth over consumed / increase rate of trafficking.• Unavailability of servers.• Duplicate IP ADDRESS.• malfunction of connectivity devices, such as in the case of a switch, routeror hub• Registry problems may also cause a networking issue, as well as a numberof other software-related possibilities.• Problem with the physical connections (being broken).Alternate Solution:• Design an IP addressing plan and select appropriate IP routing protocols• Check the devices thoroughly to prevent malfunction of connectivity devices,such as switch, router.• Similar testing can be done with switches and routers. If these look to be stable,then check the configuration of the equipment that’s experiencing the problem. Itcould well be that it simply needs to be reconfigured to accommodate the type ofequipment that’s been attached to make the network connection.• Filtering out traffic at the network edge also eliminates backbone congestion.• Apply network security design principles to boost network security.• Install ISA Server with GFI.
Current net work diagram:‘Current active directory diagram:aicl.com.auDomainControllerProxyServerPrintServerSwitch SwitchClientClientClientClientRouterInternetPrint ServerProxy Serverusers
Proposed active directory diagram:Aicl.com.au (Primary) pitt.aicl.com.au (Child domain)(Secondary)Print Server UsersISA ServerUsersPrintServerISA
Cost analysis/time frame:Num. Devices Price in AuD Brand1 Network cable $1 /mt. SFTP CAT 5/62 ISA Server $800 Microsoft3 Domain controller $890 Microsoft4 Router $1000 Cisco5 Printer $800 HP Laserjet6 Switch $500 Cisco7 Optical fibre $60/m LC8 Windows 2003 server $890 Microsoft9 Anti Virus $135 Nod3210 Application Programs $300 Various11 Exchange Server $100 MicrosoftEstimated Time Frame for the Completion:Entire project can be completed within 30 days with the help of 10 professionals.20 day’s completion of job.10 day’s for testing and maintenanceRecommendation:As we are connecting the network of George street (Head Office) to the branch office inPitt street. For the consistency and better performance following changes can beimplemented.1. ISA server can be implemented in place of Proxy server as a web cache andFirewall. For better performance of the ISA Server GFI can be implemented totrack all the sites and traffics’ inbound and outbound.2. Secondary domain as well as Heart Beat (Clustering and Load Balancing) can beimplemented, for the backup server. (If in case primary server gets down)3. Child domain can be configured in Pitt Street.4. Latest antivirus in each machine can be installed with required policy.5. Support for a hardware-based "watchdog timer", which can restart the server ifthe operating system does not respond within a certain amount of time.6. For all the clients including staffs and students mail, exchange server can beconfigured.
Conclusion:As Aicl is growing day by day, so the network they design should work for at least 2years. Moreover it is connecting its head office with branch office in Pitt street, sosecurity should be considered as a major topic to follow up.Here are the few topicswhich should be revised thoroughly at the end of project:• Server should be configured with latest OU and GPO• Firewall should be configured with good policies.• Exchange server should be configured with a good disk space• RAID should be maintained.• Heartbeat or other clustering server should be maintained properly in case ofserver failure.• Latest Antivirus should be installed.• If possible thorough testing should be done.• Heavy duty printer should be installed with priority levels for resource sharing.• Spam site should be well monitored and blocked.Reference:• Computer Network Security Problems and Solutions, viewed on Nov05,2009http://www.morebusiness.com/running_your_business/technology/d935705458.brc• Networking Computers and Your Television, viewed on Nov 05,2009http://www.compnetworking.about.com• Cisco Network Solution, viewed on Nov 06,2009http://www.cisco.com/en/US/solutions/collateral/ns340/ns517/ns431/ns17/net_customer_profile0900aecd80459891.html• Active Directory diagrams with ConceptDraw PRO, viewed on Nov 06,2009http://www.conceptdraw.com/en/products/cd5/ap_active_directory_diagram.php
• ACM Publications, viewed on Nov 06,2009https://campus.acm.org/• switch (network switch), viewed on Nov 07,2009http://compnetworking.about.com/od/hardwarenetworkgear/g/bldef_switch.htm• Exchange Server , viewed on Nov 07,2009http://searchexchange.techtarget.com/sDefinition/0,,sid43_gci952894,00.html• ISA Server , viewed on Nov 07,2009www.microsoft.com/forefront/.../isaserver/en/us/default.aspxAppendix:• Internet: the global computer network composed of millions of computers andthousands of networks.• Resource: any computing device, peripheral, software, or related consumable(e.g. paper, disk, space, central processor time, network bandwidth) owned orcontrolled by the University.• Service: any software that makes a computers files or other locally storedinformation available for use by another computer or facilitates the transfer ofdata between two remote computers. Services include, but are not limited to,web, file, and e-mail server software.• Spam: unsolicited mass e-mail for the purpose of advertising a service, personalgain, or other inappropriate use.• ISA : Microsoft Internet Security and Acceleration Server (ISA Server) isdescribed by Microsoft as an "integrated edge security gateway.• Domain Controller: On Windows Server Systems, a domain controller (DC) is aserver that responds to security authentication requests• Router: A device that connects to and receives data from outer networks andsends data only to network nodes meant to receive them, rather than sendinginformation to all nodes on the network• Switch: A network switch is a small hardware device that joins multiplecomputers together within one local area network (LAN).