SlideShare a Scribd company logo

THEORY

Download as DOCX, PDF
E
Ethan Cloete
1 of 47
CTU Training Solutions LU08 FINAL INTEGRATIVE ASSESMENT BY Uneeb Parkar AND Ethan Cloete
What is the final integrative assessment? The luo8 task is a network upgrading development task/project in which we (The MCSA students of 2015) will have the opportunity to implement our networking skills, as well as our ability to plan a network and its components, which we have been studying for the past year. (for a detailed description, see overview) The topic of the LU08 assessment The topic of this task is the development of a company network, planning and upgrading all aspects of the proposed network and implementing a practical session to demonstrate the creation of said network. The network will consist of a small company of 200 client users.
Overview Phase 1: Gather information and address a solution planning. : In this step, the IT team will be responsible for the planning of the new network infrastructure and how the network will be implemented. The planning team must gather information on the modules they will need the company to obtain in order for the network to be fully upgraded. The team must then present their planning and suggestions to the company as requested. Finally, the team is responsible for building the physical and logical topology of the planned network. Phase 2: Set up of virtual network and install of operating systems and roles and features. : In this step, the planning team must set up a complete virtual environment, on which they must install the required operating systems and role services. The lab must then be configured to house an active directory service which must contain the other machines and users that will be integrated. Network discovery and basic IP configuration must be configured, alongside critical software upgrades to the machines. Phase 3: Configuration of the lab and implementation of managing strategies. : In this phase, the IT team will configure the lab they set up in Phase 2, the machines must be configured to include DHCP, fully configured using scopes and reservations. WDS must be set up and deploy an image of 2012 server to a remote server. DNS must be setup and contain forward and reverse zones for name queries. The active directory will be configured to contain groups and users, which all will be assigned group policies. The file server will also be set up to contain quotas and file screens. Phase 4: Configuration of remote resource access, as well as, access rules management. : This Phase will require the Team to configure the servers and client computers to be accessible remotely and be managed accordingly. Network policy services will be installed on a server and will be configured to introduce logon hours to the clients, before configuring access requirements and authentication standards. A server will be configured to contain a IIS web server role, configured to contain a self-signed certificate and set up to run on a https connection only.
FINAL INTEGRATIVE ASSESMENT Phase 1: Gather information and address a solution planning.
What is the purpose of Phase 1? The purpose of this Phase is the planningof the new networkinfrastructure and how the network will be implemented. Index  The meeting. : A meeting will be held, during which we will discuss the intended upgrade process.  Listing of attainable soft and hardware : A list of modules the companywill needtoobtain.  Upgrade planning. : A myriad of steps that will be followed in order to upgrade the network fully.  User education. : Educate the users on how to use the new network.  Presentation. : Migrating the company data into a cloud environment.  Physical and logical diagram. : A plan of the floor building and all logical components.  Referents : Referents
The meeting The IT upgrading team is tasked to convene a meeting, in which they will discuss the various aspects of the task they have been given, which is the upgrade of the company’s network infrastructure. In this meeting the parties will take turns to discuss their view on the processes that must be met to upgrade the network and express their ideas and viewpoints on the upgrading process. This meeting will also encompass the roles and responsibilities that will be placed on the parties involved in the processes. The meeting will be presented in the following fashion:  Agenda  Meeting introduction (welcoming of parties)  Stating of meeting agenda  Opening of meeting  Establishing of a upgrade plan by members in attendance  Assignment of roles to parties  Presentation on migrating process to the Cloud  A short, drawn up budget  Presentation of upgrade plan deployment proceedings  Presentation of the Physical and logical topologies  Documentation of meeting - Minutes - Attendance register
Agenda The following Index will be discussed in the coming meeting.  Preparation for meeting. -17:05 : The preparation for the meeting will encompass the following: - The preparation of the meeting board room - Provisioning of pens and papers - Set up of laptops and projectors - Water jugs and glasses are to be provisioned -  Action items from previous meeting -17:30 : There are no remaining agenda items from the previous meeting.  Agenda items - Meeting introduction (welcoming of parties) - 17:30 - Stating of meeting agenda - 17:35 - Opening of meeting - 17:40 - Establishing of a upgrade plan by members in attendance - 17:45 - Assignment of roles to parties - 18:30 - Presentation on migrating process to the Cloud - 18:45 - A short, drawn up budget is presented - 19:00 - Presentation of upgrade plan deployment proceedings - 19:10 - Reveal of the Physical and logical topologies - 19:20  Meeting adjournment – 19:45 - Documentation of meeting - 19:45 Minutes Attendance register
The meeting  Meeting introduction (welcoming of parties) : Mr Pakaar Welcomed the parties involved and discussed why we were going to have this meeting and disclosed the general topic to the members in attendance. He also addressed the parties as to the fact that any input from each member is voluntary and can be given forward at any time.  Stating of meeting agenda : Mr Cloete stood and addressed the board, stating that there were no previous topics standing over from the previous meeting. He then proceeded to read out the meeting agenda.  Opening of meeting : After a short pause, Mr Cloete opened the meeting by addressing the fact that the company needed the network to be upgraded. He also stated the following facts: - He stated that the network infrastructure has fallen behind other competing companies - He stated that the company’s efficiency level has been stagnant for the past few years and provided the following reason, “we have reached the limit of the network functionalities.” - He also stated that the support for windows server 2003 has ended, then added that the network is more susceptible to security issues and threats. - His last point was that the company has begun to fail regular compliance audits. : The company owner than inquired Mr Cloete as to whether The IT team had any suggestions as to how the network can be improved. : Mr Pakaar then replied that they had a suggestion ready and then suggested that the company infrastructure be completely upgraded and migrated to a windows server 2012 infrastructure and the clients be upgraded to windows 8.1. : The board members then discussed the proposed notion among themselves, while the IT team waited for a response. : The branch manager then proposed that the IT team suggest what the improvements will be, should the upgrade be implemented.
: Mr Cloete then stood and stated that as the implementation particulars have not been discussed, he cannot entail any details. The following facts were then stated by him: - From the perspective of the IT team, the managing of the server will be much more user friendly, as Server manager was added. - Attaining the licence for the server edition is much easier. - Management of resources, for example, access to shared volumes can be managed much more easily - Share storage can be implemented more skilfully thanks to the improvements to File server roles - The company will be able to run virtualization in a much more managed fashion and all users in a department will be able to run on one powerful machine, saving lots of money. : Mr Pakaar then stood and added to Mr Cloete’s points by adding the following facts: - By upgrading the company’s hardware to a standard of 1000mbps transfer speed, not including any devices that will introduce bottlenecking, the network speed will be substantially faster. : The board members then discussed the proposed notion among themselves, while the IT team waited for a response. : After the members convened, a vote was taken and it was decided that the network will be upgraded. : The members the proceeded to the planning process.  Establishing of a upgrade plan : Mr Cloete began the discussion by relaying to the members that in each full network upgrading process, there is a pre-set process that must be followed and relayed the following: The first step is the Documentation of the existing network. The second is the Assigning new infrastructure to the existing network. The third step is the Configuration of management resources. The fourth step is the Incorporation of new network. The fifth step will be the Monitoring process. : The resources department representative then replied that they have the documentation of the existing network in place and it is available to any person of the IT department. : Mr Pakaar then added that a performance base line must be taken of the current network and added to the documentation. : The resources department’s documentation was then retrieved and presented to the board, after which it was approved.
: Mr Cloete then stated that the next topic would be the upgrading of the infrastructure. : The sales department representative then proposed that the plan have a full backup process set up before any further steps are taken. : Mr Pakaar then acknowledged the point and suggested that the company buy a SAS storage on which the backup will be saved. : Mr Cloete added that the backup can be performed using the windows 7 backup feature on the clients and on the servers, an imaging backup will be performed. : Mr Pakaar then proposed that the company purchase the following new hardware: - WI-FI access points - Cat5e cabling - Switches - A router - Hardware components for the pc’s and servers - A UPS - Printers and projectors : The Company owner then queried the IT team as to whether the building will need any renovations to accommodate the new hardware. : Mr Cloete then replied that the departments will need renovations done to accommodate the new cabling, other than that, the installations will be done by the IT department. : The Branch manager then added that the need for contractors will be inevitable, and that the company will hire external personnel to ready the departments for the installation. : Mr Cloete then stated that the installation of new hardware will then be implemented after renovations are done. : Mr Pakaar then added that the installation of pc hardware will be implemented at the same time as the installation of new net hardware. : Mr Cloete then stated that the next step is the instalment of the new operating system onto the servers : The resources department representative then stated that the IT department state where they will be attaining the volume licencing quotes for the upgrade. : Mr Cloete stated that the quotes will be bought directly from Microsoft.
: The Help desk department representative then queried the IT department as to how the upgrading process will develop. : Mr Pakaar then replied that as the servers have been backed and accompanying the fact that the architectures are crossover, the installation will have to be a clean install. : The board members then discussed the notion among themselves, while the IT team waited for a response. : Mr Cloete then stated that the upgrading process will be completed as any normal clean install, however, should the installation fail, the IT members can simply connect the server to the SAS and apply the previously captured image, restoring the backup. : The Graphics department representative then queried the IT department on how the client images will be deployed. : Mr Pakaar replied that the servers will first be fully configured before the pc’s are attended to. : Mr Cloete then added that the clients could be installed with WDS after server configuration. : The branch manager then proposed that the board begin discussing the configuration of the servers. : Mr Pakaar stated that the first actions to be completed on the server involve the following: - Assigning of a static ip - The instalment of ADDS and the creation of a new forest, followed by the promotion of the DC : Mr Cloete then stated that the following roles will be configured: ADDS: this role will be configured by adding OU’s, groups and users for each department. DHCP: this role will be configured by adding scopes for the reserved modules and the departments will be added scopes. The DHCP will also be configured for failover to the other server DNS: a forward and reverse lookup zone will be added to the dns role. The lookup zones will also be configured to be secondary on the other server. WDS: this role will be setup to run alongside DHCP to deploy the installation of 8.1 to the clients. : The branch manager then stated that there be more strict policies applied to users : Mr Pakaar then replied that the Group policies applied to users will be defined to be stricter. : The representative of the customer support department then stated that their department have a more reliable and faster connection.
: Mr Cloete then replied that the group policies will include qos that ensures that the customer support users will receive higher network speeds. : The web development department representative then stated that the IT team must disallow ports on the server firewall to create a more secure environment. : Mr Pakaar noted this request, assuring it will be done. : The marketing representative then stated that the marketing users are having trouble accessing their resources remotely : Mr Pakaar responded that the remote access feature will be completely remade to allow secure connections to the marketing workstations. He also added that there will be training given to users on how to use the vpn connection. : The company owner then added that only the marketing and IT users should be able to log in remotely. : Mr Cloete then added that the vpn connections can be distributed through the use of the CMAK tool. : The resources representative then stated that a shared volume be created for all departments. : Mr Cloete replied that a shared folder will be set up for each department for which they only have access to and that it will be implemented on the SAS. : Mr Pakaar then stated that a backup solution will also be implemented onto the SAS : The branch manager then stated that the copying of video and audio files to the shares be prohibited. : Mr Cloete then stated that the share will be monitored by a file screen, preventing the copy of audio and video files. : The board members then discussed the proposed notion among themselves, while the IT team waited for a response. : The branch manager then stated that general failure policies be set in place. : Mr Pakaar then replied that the policy will be a simple one and will be followed by the help desk and IT department employees only. : Mr Cloete then ended the upgrading planning section of the meeting.
 Assignment of roles to parties : Mr Pakaar then stated that the roles assignment section of the meeting has begun. : The branch manager then assigned the following roles to each department. - Gathering of items needed for the upgrade – Resources + IT - Budget - Finance - Hiring of contractor – Management - Oversee of construction – IT - Install of net infrastructure – IT - Configure of server infrastructure and client infrastructure – IT - Monitoring of network – IT + Help desk : All departments accepted their roles.  Presentation on migrating process to the Cloud  Budget Available for budget: R750 000.00 List of attained modules OS volume licencing name Unit price units total Windows 8.1 enterprise 64 bit R958.41 x 200 R 191 682.00 Windows 2012 r2 datacentre R22432.35 x 2 R44 864.70 Switches Cisco SG200-26 switch R2833.56 x 12 R34 002.72 Router TP link archer C9 AC 1900 R1805.70 x 1 R1 805.70 Network interface cards TP-link TG-3468 R166.68 x 250 R41 670 Wireless adaptors TP-LINK TL- WN881ND R248.49 x 250 R62 123.03 Server RAM Kingston KVR16E11K4/32GB R6153.27 x2 R12 306.52 Client RAM Kingston Technology ValueRAM 2GB 209.32 x 220 R46 050.91 SAS storage server 12 bay Hot Swap Trayless SAS/SATA R8 320.11 X1 R8 320.11 Western Digital 4TB Internal Hard Drive
WD40EZRX Western Digital 4TB R2 082.80 x 6 R12 496.83 Uninterruptable power supply CyberPower CP1500AVRLCD Intelligent LCD UPS R1943.9055 x2 R3 887.81 Company laptops HP TouchSmart 15AC12IDX R5 347.65 x 10 R53 476.50 Multimedia Projector Aketek Multimedia Projector R819.51 x15 R12 292.65 Wi-Fi Access points Ubiquiti Unifi long range access point R1 375.11 x6 R8 250.66 Scanner-Printer Konica Minolta Dialta DI2510F R6 250.50 x 10 R62 505.00 Rj45 cabling CAT5e cable rolls R555.60 x 15 R8 334 Strain Relief Boots CableWholesale RJ45 Black R69.45 x12 R833 Print Server Monoprice Networking 4 Port USB 2.0 R527.82 x10 R5278.20 Surface Mount Box Cable Matters Cat6 RJ45– 2 Port R222.24 x60 R13 334.40 RJ45 Connector Heads RJ45 Connector Heads R83.34 x6 R500.04 Network Cable Crimper TRENDnet TC- CT68 R194.46 x15 R2 916.90 Cable Tester Tool Toner Network LAN Cable Tester Tool R138.90 x15 R2083.50 Punch Down Tool TRENDnet TC-PDT Punch Down Tool R250.02 x15 R3 750.30 TOTAL R632 765.48 Personnel payment Building contractors R2000 per hour x18 R36 000 GRAND TOTAL: R668 765.48
 Presentation of upgrade plan deployment proceedings (Planning of timings) : It was decided that the upgrade process will be implemented during the course of the first two weeks of December, as all employees are on holiday at that time. The upgrade process will consist of the following steps and will be implemented during the following times. - Documentation of existing network - Backup - Construction - Install net infrastructure - Server setup - WDS deployment - Remote access setup, security, monitoring processes and test of net functionality - User education The following were proposer by the company owner and were accepted by the board members (during this period, the work day will start from 09:00 to 15:00 for the IT department employees.) The planned schedule is set to be completed from 4-20 Dec. - Documentation of existing network : As the documentation of the network has already been implemented, this step is completed. - Backup – First weekend : This process will be implemented during the first weekend of the vacation and will be left to run during the weekend. - Construction – First week : During this process, the contractors will reconstruct the departments in order to accommodate the new network infrastructure. - Install net infrastructure – first four days of the second week : This phase encompasses the IT team installing the network resources into the refurbished departments. - Server setup – last two days of the second week : In this step, the IT team will be responsible for the reconfiguration of the Network operating systems on the server machines. - WDS deployment – Second weekend : This step entails deploying the windows 8.1 enterprise OS to the clients and will be run during the night (an administrator will oversee the process) - Remote access setup, security, monitoring processes and test of net functionality : Last/third week - User education – One day before the offices are opened. : The company users will be called in to a short UE course. (see User education)
 Physical and logical diagram. : After some minor planning in conjunction with the resources department, a logical and physical topology was drawn up alongside the IT department.
 Minutes - Mr Pakaar Welcomed the parties involved. - Mr Cloete stood and addressed the board, stating that there were no previous topics. - Mr Cloete opened the meeting by addressing the fact that the company needed the network to be upgraded. - Mr Pakaar suggested that the company infrastructure be upgraded to windows server 2012 and the clients be upgraded to windows 8.1. - The branch manager proposed the IT team should suggest what the improvements will be. - Mr Cloete stated facts on improvement. - Mr Pakaar added to Mr Cloete’s points. - A vote was taken and it was decided that the network will be upgraded. - The members the proceeded to the planning process. - Mr Cloete began the discussion, relaying that there is a pre-set process that must be followed to upgrade a network. - The resources department representative then replied that they have the documentation of the existing network in place. - Mr Pakaar then added that a performance base line must be taken. - The resources department’s documentation was then retrieved. - Mr Cloete then opened the next topic. - The sales department representative proposed a full backup process. - Mr Pakaar suggested that the company buy a SAS. - Mr Cloete added that the backup can be performed using the windows 7 backup. - Mr Pakaar proposed that the company purchase new hardware. - The Company owner queried the IT team as to whether the building needed renovations. - Mr Cloete then replied that the departments will need renovations done. - The Branch manager then added that the need for contractors will be inevitable. - Mr Cloete stated the next step is the instalment of new operating system onto the servers. - The resources department representative stated that the IT department state where they will be attaining the volume licencing for the upgrade. - Mr Cloete stated the quotes will be bought from Microsoft. - The Help desk representative queried as to the upgrading process. - Mr Pakaar replied that the installation will be a clean install. - Mr Cloete stated that, should the installation fail, the IT members can connect the SAS and apply the captured image. - Mr Cloete added that the clients could be installed with WDS. - Mr Pakaar stated the first actions to be completed on a server. - Mr Cloete stated that roles will be configured. - The branch manager queried stricter policies applicable to users. - Mr Pakaar ensured the Group policies applied to users will be stricter. - The representative of the customer support department queried a more reliable and faster connection. - Mr Cloete then replied that the group policies will include qos.
- The web development department representative stated that the IT team disallow server firewall ports. - The marketing representative stated that their users were having remote resource access. - Mr Pakaar responded that the remote access feature will be completely remade. - The company owner then added that only the marketing and IT users should be able to log in remotely. - Mr Cloete added that vpn connections can be distributed through CMAK. - The resources representative then stated that a shared volume be created. - Mr Pakaar stated that a backup solution will be implemented onto the SAS. - The branch manager stated that copying of video and audio files to shares be prohibited. - Mr Cloete stated that the share will be monitored by file screens. - The branch manager stated that1general failure policies be set in place. - Mr Pakaar replied that a simple policy will be followed by the help desk and IT department employees. - Mr Cloete ended the upgrading planning section of the meeting. - Roles were assigned to parties. - Presentation on migrating process to the Cloud, done by Mr Pakaar. - A budget was presented. - Planning of the timing of the upgrade is presented. - Meeting is adjurned. - Minutes and attendance are drawn up.  Attendance register - IT – Ethan Cloete + Uneeb Pakaar + other administrators - Resources - Web development - Sales - Management - Help desk - Customer support - Finances - Graphics - Marketing - Branch manager - Company Owner
Listing of attainable Software and Hardware The following will be a detailed description of the components that the Upgrading team will need the company to obtain to ensure a full network upgrade. Attainable components: OS volume licencing : The Operating systems of the clients and servers must be bought in a bulk licence. Windows 8.1 enterprise 64 bit, client volume licencing. (Quota is attained from Microsoft) The specifications for the module are: - Multiple Activation Key - Upgrade key type - 3 year agreement - Annual payment - Price = R958.41 x 200 = R 191682.00 Windows 2012 r2 datacenter volume licencing. (Quota is attained from Microsoft) The specifications for the module are: - Multiple Activation Key - 3 year agreement - Annual payment - Price = R22432.35 x 2 = R44864.70 Switches : The company will need to attain the following switches to ensure that the company departments will be able to connect to each other. Cisco SG200-26 switch. 12 of these must be bought The specifications for the module are: - 24 ports - Transfer speed of 1000Mbps - Price = R2833.56 x 12 = R34002.72
Router : The following Routers will be purchased to enable the company resources to be able to connect to external networks. TP link archer C9 AC 1900. 5 of these must be bought. The specifications for the module are: - Transfer speed of 1000Mbps - Price = R1805.70 x 1 = R1805.70 Client Network interface cards : NIC’s must be bought for all client pc’s and servers to ensure fast and optimal networking speeds. TP-link TG-3468, 250 of these must be bought The specifications for the module are: - Transfer speed = 10/100/1000Mbps - Price of item = R166.68 x 250 = R41 670
Wireless adaptors In order to enable the client pc’s to access the network through the Wi-Fi access points, the following Wi-Fi net adaptors will be bought TP-LINK TL-WN881ND Wireless N300 PCI Express Adapter, 2.4GHz 300Mbps, Include Low-profile Bracket The specifications for the module are: - Speed: Up to 300 Mbps - Supports 64/128 WEP, WPA /WPA2/WPA-PSK/WPA2-PSK(TKIP/AES), supports IEEE 802.1X - Supports on vista and up - Price = R248.49 x 250 = R62 123.03 Server RAM - Kingston KVR16E11K4/32GB will be bought to upgrade the Server’s RAM. - Each package consists of 4 x 8GB DDR3 RAM. - Each server will receive 16GB of RAM - Amount Required: 2 packs - Cost per package: R6153.27 - Total Cost: R12 306.52
Client RAM The client computers will be upgraded with the following ram. Kingston Technology ValueRAM 2GB 1333MHz DDR3 Non-ECC CL9 DIMM SR x16 Desktop Memory KVR13N9S6/2 220 of these must be bought - 2gb ram modules - Each client receivs 2 gb - Cost = 209.32 x 220 =R46 050.91 SAS storage server : This component must be bought to ensure that an appropriate amount of shared storage is available on the network. 12 bay Hot Swap Trayless SAS/SATA External Tower Enclosure The specifications for the module are: - The price of the module is = R8 320.11 - 12 bay capacity (sata) :will be half filled with 6 of WD40EZRX Western Digital 4TB Internal Hard Drive (sata) /price = R2 082.80 x 6 = R12 496.83 - Storage available after hdd install= 24Tb
Western Digital 4TB Internal Hard Drive (sata) Uninteruptable power supply : The following ups’s will be bought and issued to the servers and storage devices. CyberPower CP1500AVRLCD Intelligent LCD UPS 1500VA 900W AVR Mini- Tower. 5 of these must be bought The specifications for the module are: - 1500VA/900 watts. - Corrects brownouts and overvoltage without using battery power. - Multifunction LCD - Price = R1943.9055 x2 = R3 887.81
Company laptops : The following laptops will be bought and issued to the roaming users. HP TouchSmart 15AC12IDX. 10 of these must be bought. The specifications for the module are: - 15.6 inch touch - 5th Generation i3 Processor 2.16 GHz - 6GB of RAM - 1TB HDD - 10/100/1000Mbps NIC - Price = R5 347.65 x 10 = R53 476.50 Aketek Multimedia Projector - The projector will be used during meetings. There will also be one used in the lobby showing images/clips of what exactly the company specialises in. - Amount Required: 15 - Cost per Projector: R819.51 - Total Cost: R12 292.65
Wi-Fi Access points : The Wi-Fi access points that will be acquired will be the following. Ubiquiti Unifi long range access point. Six of these will be bought. The specifications for the module are: - Processing speed = 2.4Ghz - Power over Ethernet - Price R1 375.11 x6 = R8 250.66 Scanner-Printer A scanner-printer will be issued to all departments. Konica Minolta Dialta DI2510F. 10 of these must be bought. The specifications for the module are: - Faxer - Scanner - Printer - Copier - Price = R6 250.50 x 10 = R62 505.00
Rj45 cabling : Rj 45 cabling must be bought to ensure wired connectivity between resources. CAT5e cable rolls. 15 of these must be bought. The specifications for the module are: - One roll contains 76m x 15 = 1140m of cable. - Transfer speed of 1000Mbps - One roll price = R555.60 x 15 = R8 334 CableWholesale RJ45 Black Strain Relief Boots - 50 pieces per bag - Suggested Amount: 600 pieces - Total Bags: 12 - Price per Bag: R69.45 - Total Price: R833 for 12 Bags
Monoprice Networking 4 Port USB 2.0 Print Server - Connects to the network using an auto-sensing 10/100 Mbps Ethernet Port - Transfer Speed: 1000 Mbps - Price per Print Server: R527.82 - Required Amount: 10 - Total Price: $ 5278.20 Cable Matters Cat6 RJ45 Surface Mount Box – 2 Port - 5 per pack - Required Amount: +/- 200 - Purchase Amount: 60 packs - Price per Pack: R222.24 - Total: R13 334.40
RJ45 Connector Heads - 100 per pack - Required Amount: 600 connector heads / 6 packs - Cost per pack: R83.34 - Total Cost: R500.04 TRENDnet TC-CT68 Network Cable Crimper - These will be used when connecting the RJ45 Connector Heads to the RJ45 Cables. - Amount Required: 15 - Cost per Tool: R194.46 - Total Cost: R2 916.90
Toner Network LAN Cable Tester Tool - This will be used to see if newly crimped cables are working properly or not - Amount Required: 15 - Cost per Tool: R138.90 - Total Cost: 2083.50 TRENDnet TC-PDT Punch Down Tool - This will be used to connect wires in wall boxes during the network setup. - Amount Required: 15 - Cost per Tool: R250.02 - Total Cost: R3 750.30
Upgrade planning The following will be a detailed description of the Upgrading process the team will need to execute in a step by step process to ensure a full network upgrade. What does the upgrade process consist of? The upgrading process of a network consists of a myriad of steps that will be taken in order to ensure that the process proceeds smoothly. The process must begin with the documentation of the existing network, encompassing the network in a baseline. This will be followed by assigning new infrastructure/modules to the existing network. This step will include the physical instalment of modules into the network premises. The following step will ensure that the network management resources will be configured to maintain all the network resources. In the next step, the management infrastructure will incorporate the rest of the network and establish a secure environment, ready for practical implementation. After this, the network will continue to be monitored for any problem detection. Why are we upgrading to a newer version? First of all, the primary reason for upgrading is the fact that the company has fallen behind some of the competing business in terms of a cutting edge data infrastructure. We would also like to inform the company that the resources, which are available to employees, in the near future need to be much more efficient as to conduct a constructive and productive workspace. The main issue here is the fact that the network, as is, is liable to be left behind and in the dust. Why I say so is the fact that Windows has moved on and gotten much smarter than the current infrastructure. I can say with that with certainty, as windows has decommissioned their support for windows 2003 this year, that is already a huge loss for the company, as this implies that no patches are going to be released, the system is going to be more vulnerable to security threats and the company will start to fail more standard compliance audits. To prevent all this, we will be upgrading to windows server 2012 runtime 2.
Upgrade planning Index 1: Documentation of the existing network. 2: Assigning new infrastructure to the existing network. 3: Configuration of management resources. 4: Incorporation of new network. 5: Monitoring process.
Upgrade planning 1: Documentation of the existing network. : We were asked to provide an upgrade plan, however, not much information was provided on the existing network, other than the following. The existing network contains two servers, each with a different operating system. - 1st server = windows server 2003 32 bit - 2nd server = windows server 2008 32 bit I can only now assume the forest functionality was set to widows server 2003. I can also assume that the servers had the following roles installed: ADDS DNS Information was also disclosed on the number and configuration of the client pc’s: In all, there are 200 client computers, configured with the following operating system: - Windows 7 Enterprise 32 bit + Further documentation of network : The network can be monitored for problems and performance errors using a Performance baseline. : a performance baseline is a single performance chart accompanied by an interpretation of its results, this is based on your environment.
2: Assigning new infrastructure to the existing network. : During this step, the upgrading team will be backing up the current company infrastructure onto a share, the clearing and reconstruction of the current company building to accommodate new network infrastructure and the installation of new network infrastructure.  Preparing the company building. : This step entails the removal of all company resources from the premises. The process will be implemented in the following steps: + Back up of all company infrastructure. : As we would not want to lose any company data, we will be backing up all company infrastructure to a network attached storage. The network storage we will be using is: A 12 bay Hot Swappable Trayless SAS/SATA External Tower Enclosure This process will entail; - Creating backups of all user data to the nas. : This will be achieved by applying a gpo to all client computers, which will automate a backup process to the nas for each user. - Create an image of servers and back them up to nas. : To achieve this, we first need to attain the windows aik. This enables the administrator to append various modules to PowerShell and add more deployment and managing features to the server. The detail of this process is: - Install the nas and the 6 western digital hard drives to the existing network. - Run and log in to the user pc’s on which the backup gpo is linked. - The backup process runs and completes a backup of each user’s important files according to the windows 7 backup feature. - While the gpo backup is being implemented, the administrator must install the aik tool to the 2008 server. - The following imagex command must be run: imagex /capture c: c:my-windows-partition.wim "My Windows partition" - The captured image will then be moved to the nas. - The nas is removed from the network premises after the backup of drives and server images is done
 Reconstructing the company building. : In this step, the company will hire external personnel who will be responsible for rebuilding the office in such a manner that the network infrastructure will be able to be applied with minimal confuses. The contractors will be upgrading the premises to be on standard with a bare standard of the physical topology. During this process, the contractors will be installing the following network infrastructure: Cable racks will be installed throughout the building. Lock boxes will be placed in each department.  Installation of new network resources : This step will include the following subcategories: + Installation of cabling : This step will require the IT technicians to place the CAT5e cabling along predefined routes. (Defined in the physical topology). After the cabling is installed, the cables will be crimped with RJ45 cable connector heads, after the Boot covers are applied. This will be followed by applying wall boxes to the predefined areas of the physical topology. During all these installations, the technicians must constantly check the network cables for optimal connections using cable testing tools. + Installation of switches and routers : In this step, the technicians will be placing the switches at their predefined positions, according to the physical topology. This will be followed by connecting the RJ45 cables running from the pc’s through a wall box, to the switch in each department. After this step the routers will be installed at their specified points, which will be followed by connecting all the switches to the nearest router. + Placing of network resources and computers. : The client pc’s will be sorted and numbered by department and will be upgraded with predetermined hardware upgrades. (See logical topology key for details) While other resources, for example, printers, print servers, Access points, servers and data storage units. This will be followed by the placing of the sorted and optimally upgraded client pc’s into the departments according the number each pc is assigned. None of the resources are to be connected to the network using the available RJ45 cables yet.
3: Configuration of management resources. : In this phase the Administrators will be configuring the current system hardware to be able to compute at the same speed as the new infrastructure, upgrading the operating system of clients and servers and will be configuring the network management infrastructure to be able to function normally.  Configuring servers. : This step will include the following subcategories: # Hardware + Upgrading server hardware. : As the server will be requiring more processing ability to be able to aptly respond to a myriad of requests from the resources, an upgrade of hardware will be implemented. The hardware will be configured with the following specifications: - The following new ram modules will be fitted: 2 x Kingston KVR16E11K4/32 8gb modules x2 Resulting in 16gb of ram for each server. - A new NIC will be added to the servers, with the following specifications : 10/100/1000Mbps PCIe - A uninterruptable power supply will be added: CyberPower CP1500AVRLCD Intelligent LCD UPS + Upgrading of client pc hardware. : the client computers will require more ability to process and be able to request queries to the other resources, an upgrade of hardware will be practised to ensure full functionality. The hardware will be configured according to the needs of each department, however, a baseline upgrade is underwent with all pc’s. The following specifications will be implemented: - Ram = Kingston Technology ValueRAM 2GB 1333MHz DDR3 - Nic = TP-link TG-3468, to ensure fast net connectivity.
# Operating Systems + As the server will be requiring new features and roles services to keep up with the modern standards, the administrators will be installing the Windows server 2012 r2 os on the existing servers. The servers will be upgraded along the following process: - Both servers will be connected to a private network along with the SAN. - The servers have already been backed up to the SAS (see + Back up of all company infrastructure) - A clean installation will be started on both servers using the installation disk provided by the Microsoft volume quota. - The destination for the install will be the hard drives on the servers (as to not confuse with sas) - Wait for the installation to be completed. Should the upgrade fail at any point, the following procedure must be followed: - After the installation is completed on both servers, the first to complete will be used to install wds on. - The image captured onto the sas will then be applied to the other server, recovering its own captured image and applying the server infrastructure (adds dns, etc) that was implemented before the upgrade. - After this step, imagex will be used to apply the image of the 1st server to the remaining server. Here is an illustration of the process:
+ Incorporate the servers into the new network. : The servers will be incorporated into the new network infrastructure using the following procedure: - Place the servers in the server room and connect them to the nearest switch using the available network cables. + Install the following features on the server designated as the primary server: - Change the name of the server to IPark1 - Assign IPark1 a static ip address of 172.16.1.1 - Install ADDS and DNS - Promote IPark1 to a domain controller. - Create a new Forest and name it IPark.com - Install DHCP on IPark1 - Create the following scopes on IPark1: (For each of the following, assign a Router address of, 172.16.1.3) Resources reservations = range: 172.16.1.4 – 172.16.1.31 Inside this new scope, create the following reservations: Switches = create a reservation for each switch, starting with 172.16.1.4 to 172.16.1.15 Wi-Fi ap’s = create a reservation for each ap, starting with 172.16.1.16 to 172.16.1.21 Print servers = create a reservation for each print server, starting with 172.16.1.22 to 172.16.1.31 Create the following scopes in dhcp (For each of the following, assign a Router address of, 172.16.1.3) IT = 172.16.2.1 - 172.16.2.20 Customer support = 172.16.2.21 - 172.16.2.40 Web development = 172.16.2.41 - 172.16.2.60 Resources = 172.16.2.61 - 172.16.2.80 Sales = 172.16.2.81 - 172.16.2.100 Help desk = 172.16.2.101 - 172.16.2.120 Finance = 172.16.2.121 - 172.16.2.140 Marketing = 172.16.2.141 - 172.16.2.160 Management = 172.16.2.161 - 172.16.2.180 Graphic design = 172.16.2.181 - 172.16.2.200 Remote users = 172.16.2.201 - 172.16.2.220 Include all these scopes in a Superscope called, IParkscopes for better manageability For a more detailed description, see the logical topology.
- On IPark1, create the following OU’s, followed by the groups and the users. IT = ITgrp = IT1 – IT10 Customer support = CSgrp = Customer support1 – Customer support10 Web development = WDgrp = Web development1 – Web development10 Resources = RECgrp = Resources1 – Resources10 Sales = Salgrp = Sales1 - Sales10 Help desk = Hdskgrp = Help desk1 - Help desk10 Finance = Fingrp = Finance1 - Finance10 Marketing = Markgrp = Marketing1 - Marketing10 Management = Mangrp = Management1 - Management10 Graphic design = Grpgrp = Graphic1 - Graphic10 Remote users = Rmtgrp = Remote1 - Remote10 - On IPark1, create the following Gpo’s and link it to each OU : As there are too many GPO’s that will be applied to each OU, I will instead give a brief description of the effect the group policies should have on each OU. As a baseline, all OU’s except the IT ou will be assigned the following policies. # Users must not be able to install drivers on the computer # Users must not be able to switch the computer off # A standardized background must be implemented # Users must not be able to use the USB ports # Users must not be able to switch the firewall off # Users are able to change their connection type from Wi-Fi to Ethernet. # Qos: set Wi-Fi connection priority above Ethernet IT: the members in the it group will not be assigned any gpo’s Customer support: # QOS: the customer support group will be assigned the qos to ensure that their connection never drops below a certain high speed. Marketing: # Remote access: the marketing computer accounts will be set to allow remote connections. The other OU’s will not be assigned other gpo’s - The DNS role will be configured with a forward and reverse lookup zones. : A primary forward lookup zone will be created called, IParkzone1 : A primary reverse lookup zone will be created called, IParkrevzone1, with a net id of 172.16.1. : set up the server to accept CNAME records.
+ Do the following configurations on the second server: - Change the name of the server to IPark2 - Assign IPark2 a static ip address of 172.16.1.2 - Join IPark2 to the IPark.com domain. - Install the following roles and features on IPark2 : WDS = will be used to deploy windows 8.1 to the clients Add an install image and boot image wim file of Win Svr 2012 R2 Datacentre Windows 8.1 enterprise. : Dhcp = will be used as a failover server using IParkscopes. + The following configuration will be completed on the IPark1 : The IParkscopes superscope will be configured for failover. The partner server will be IPark2. + Client backup restore. : As the clients have been backed up to the sas using the windows 7 backup feature, the clients’ important files are available on the sas. The process for upgrading the client computers will include the following: Do the following configuration will be completed on the IPark2 : Configure the wds server to be able to respond to all clients and require administrator approval when installing. (This setting will require an administrator to be at each station while installing from wds to enter the password, but is more secure.) - Remove the windows server image file and ensure that only the windows 8.1 ent install and boot images are available for pxe installation. - Start all client pc’s from the network and install windows 8.1 ent using wds. - Once the installation is completed, the admin must run the group policy management and update each OU policy settings remotely.
Net security. + Set up firewall to only allow specific ports. : As the network is susceptible to many threats the number of ports allowed through the server will be minimized. + set up Remote access to the network for roaming users. : As the company will be implementing laptops and have marketers who will be roaming outside the network, a remote access solution must be set up. The access solution will be set up following the below protocol: The following configuration will be completed on the IPark2: : install the remote access and NPS server roles on IPark2.  Configure routing and remote access and allow remote users to connect through vpn connections only.  While setting up RRAS, ensure the NAT feature is enabled to reduce the amount of public addresses used by the company.  Also configure access to only allow L2TP connections.  Set up NPS to the following configuration:  Only allow L2TP connections for all authenticating users  All remote logins must occur on the RRAS server.  Use the CMAK tool to create ready-made VPN connections and distribute them to the Remote users OU, this will make the process of connecting to company resources much more automated for the remote users.
+Implement shared folders for each department : As the company includes a Server attached storage with an ample amount of free space, the SAS must be set up to serve as a share location for users, where they can store important work files. Do the following steps on IPark2:  Install the file and storage services role.  Ensure that the storage pools feature is enabled and installed  Open the storage pools feature and create a new storage pool.  Add 3 of the SAS drives to the pool  Configure for fixed provisioning  Name the pool USERDOCOMENTS  Ensure the shared folders feature is installed on IPark2  Open the shares tool  Create a new nfs share with the following configurations:  : use USERDOCOMENTS as the share location. Share name = IT Use no server authentication for ease of use for the users. And allow unmapped user access. Allow the IT group the rearwrite share permissions Add the IT group to the NTFS permissions list and give them the modify permission. Create a new quota template that has a 600MB hard quota limit and use it on the share. Repeat all steps for each department, replacing the group each time. +Implement a backup Plan. : As the network is susceptible to many types of failures and data loss, it is customary to set up a proper backup strategy to ensure data that is lost, can be retained again. Do the following configurations on Ipark2:  Ensure that IPark2 has the windows server backup, if not, add the feature in add roles and features.  Open the windows server backup feature.  Create a backup schedule to back up the USERDOCUMENTS SAS storage pool.  Ensure that the backup os stored on the 4th SAS hdd.  Ensure that shadow copies are enabled and only keeps the most recent backup.  Configure the backup to run every day at 20:00  Repeat these steps on both servers as well, configuring a full back up on each server and setting the location to the 5th.
4: Incorporation of new network. : After the last step, the network has been set up for the basic tasks of the company. The next step is to integrate the clients into the network and verify full network functionality.  Join clients to the domain. The clients will be domain joined by the time the WDS installation is completed  Ensure users are able to obtain ip addresses from the DHCP server. The clients will receive ip’s from DHCP automatically by the time the WDS installation is completed  Update group policy one more time from the GPMC 5: Monitoring process. : Even though the network is running smoothly, the company is still susceptible to the ignorant user error, (an error on the part of the user) and to prevent and fix these errors, the admins can follow a small company policy to ensure any problem can be fixed.  Create a file screenaudit to monitor each department share for the presence of the following: Video files, audio files and executables. - Install the FSRM feature on IPark2 - Open FSRM - Create a new file screen template, configured for active screening, that monitors for: Video files, audio files and executables - Create a file screen for each department, specifying their shared folder as the target.  Ensure user has been added to the connect Group policies. : Each user, except the IT OU users are assigned Group policies according to his/her department. This audit is set as the user account may have acquired the Group policies of another department and now is not functioning as it should. This error can be fixed by, if need be, relocating the user account to the correct OU in active directory. After this the admin can run the invoke-gpupdate command to apply the correct group policies.
 Test network functionality : In this phase, the network is tested for flaws on all fields. All flaws or errors are to be reported to the Help desk, where they undergo further investigation and are then placed through to the administrator. Errors are checked by following the below procedure: - Client is able to log in? - Client pc has a network connection to the domain resources? - Client pc has a network connection to external resources? - Client pc has obtained the correct IP according to its logged on user and department? Client is able to engage in his/her duties as an employee without any restrictions?
User Education In this section we will educate the users on the proper procedures they should take in order to ensure that they can operate the network resources to a functional level at which they will be able to productively complete their workload on the new infrastructure. During this procedure, the IT team will convene meetings with each department and will discuss the following:  Windows 8.1 basics  Workstation assignment.  1st Login  NO adding peripherals  Change net connection from Wi-Fi to Ethernet  Connect to a VPN  Use of the shared folder  Common processes  Fault reporting process  Windows 8.1 basics : During this step, the users will be familiarised with the new windows 8.1 Desktop OS.  Workstation assignment. : During the user education, each user will be informed that they each have been assigned a workstation and once they have logged in to the workstation, they will no longer be able to move from workstations.  1st Login : The users will be educated on their first logon process, during which they will have to log on using their FQDN, after this they are free to use their CNAME.  NO adding peripherals : The users will be informed as to the fact that they are now forbidden to plug any device into the pc that was not approved by the administrator.  Change net connection from Wi-Fi to Ethernet : The users will be educated on how to connect the pc to the Ethernet if they feel their connection is too slow.  Connect to a VPN : Users will be educated on how to use the VPN connection they have been provided by CMAK.
 Use of the shared folder : Users will be educated on how to access their departments shared folder and how to use it, they will also be informed on the fact that they have a limit of 600mb and the fact that they are not allowed to copy audio, video or executables onto the volume.  Fault reporting process : We will educate the users on how to properly report a fault on their workstation.
Logical and Physical Topologies
Referents http://searchitchannel.techtarget.com http://www.dell.co.za http://www.ebay.com https://www.acronis.com https://technet.microsoft.com http://mla.microsoft.com 410, 411 and 412 handbook. End of project.

Recommended

2015 Upload Campaigns Calendar - SlideShare
2015 Upload Campaigns Calendar - SlideShare2015 Upload Campaigns Calendar - SlideShare
2015 Upload Campaigns Calendar - SlideShare
SlideShare
 
What to Upload to SlideShare
What to Upload to SlideShareWhat to Upload to SlideShare
What to Upload to SlideShare
SlideShare
 
Getting Started With SlideShare
Getting Started With SlideShareGetting Started With SlideShare
Getting Started With SlideShare
SlideShare
 
CIS337– Networking in Business Unit 7 Assignment Final
CIS337– Networking in Business Unit 7 Assignment FinalCIS337– Networking in Business Unit 7 Assignment Final
CIS337– Networking in Business Unit 7 Assignment Final
VinaOconner450
 
IT327-1404A-01 Implementing, Managing and Mainta.docx
IT327-1404A-01 Implementing, Managing and Mainta.docxIT327-1404A-01 Implementing, Managing and Mainta.docx
IT327-1404A-01 Implementing, Managing and Mainta.docx
priestmanmable
 
1 of my Data Migration Projects at ABB
1 of my Data Migration Projects at ABB1 of my Data Migration Projects at ABB
1 of my Data Migration Projects at ABB
Tommy Lombard
 
Project Scope Statement
Project Scope StatementProject Scope Statement
Project Scope Statement
brittanyjespersen
 
3Worksheet The Project CharterProject NameBurl.docx
3Worksheet The Project CharterProject NameBurl.docx3Worksheet The Project CharterProject NameBurl.docx
3Worksheet The Project CharterProject NameBurl.docx
gilbertkpeters11344
 

Recommended

2015 Upload Campaigns Calendar - SlideShare
2015 Upload Campaigns Calendar - SlideShare2015 Upload Campaigns Calendar - SlideShare
2015 Upload Campaigns Calendar - SlideShare
SlideShare
 
What to Upload to SlideShare
What to Upload to SlideShareWhat to Upload to SlideShare
What to Upload to SlideShare
SlideShare
 
Getting Started With SlideShare
Getting Started With SlideShareGetting Started With SlideShare
Getting Started With SlideShare
SlideShare
 
CIS337– Networking in Business Unit 7 Assignment Final
CIS337– Networking in Business Unit 7 Assignment FinalCIS337– Networking in Business Unit 7 Assignment Final
CIS337– Networking in Business Unit 7 Assignment Final
VinaOconner450
 
IT327-1404A-01 Implementing, Managing and Mainta.docx
IT327-1404A-01 Implementing, Managing and Mainta.docxIT327-1404A-01 Implementing, Managing and Mainta.docx
IT327-1404A-01 Implementing, Managing and Mainta.docx
priestmanmable
 
1 of my Data Migration Projects at ABB
1 of my Data Migration Projects at ABB1 of my Data Migration Projects at ABB
1 of my Data Migration Projects at ABB
Tommy Lombard
 
Project Scope Statement
Project Scope StatementProject Scope Statement
Project Scope Statement
brittanyjespersen
 
3Worksheet The Project CharterProject NameBurl.docx
3Worksheet The Project CharterProject NameBurl.docx3Worksheet The Project CharterProject NameBurl.docx
3Worksheet The Project CharterProject NameBurl.docx
gilbertkpeters11344
 
SAP sample
SAP sampleSAP sample
SAP sample
cherry1206
 
Stakeholder update 4 14 data center outage
Stakeholder update 4 14 data center outageStakeholder update 4 14 data center outage
Stakeholder update 4 14 data center outage
kevin_donovan
 
DDI_SN_NetwkOptimizationUpgrade
DDI_SN_NetwkOptimizationUpgradeDDI_SN_NetwkOptimizationUpgrade
DDI_SN_NetwkOptimizationUpgrade
AbdRozaq Iwashokun
 
Group_1__Assignment_Case_Study_.pdf.pdf
Group_1__Assignment_Case_Study_.pdf.pdfGroup_1__Assignment_Case_Study_.pdf.pdf
Group_1__Assignment_Case_Study_.pdf.pdf
MainaliSabin
 
CPIN 269 Final Documentation
CPIN 269 Final DocumentationCPIN 269 Final Documentation
CPIN 269 Final Documentation
Jennifer Cordes
 
Project Plan
Project PlanProject Plan
Project Plan
Mohammad Yousef
 
TFI2014 Conference Opening - ISOC Deployment & Operationalization
TFI2014 Conference Opening - ISOC Deployment & OperationalizationTFI2014 Conference Opening - ISOC Deployment & Operationalization
TFI2014 Conference Opening - ISOC Deployment & Operationalization
Colorado Internet Society (CO ISOC)
 
Assignment 8.14.docx
Assignment 8.14.docxAssignment 8.14.docx
Assignment 8.14.docx
ssuser562afc1
 
ProjectReport_Subhayu
ProjectReport_SubhayuProjectReport_Subhayu
ProjectReport_Subhayu
Subhayu Chakravorty
 
Digital roadmaps
Digital roadmapsDigital roadmaps
Digital roadmaps
Symphony3
 
Project Charter and Management Plan Project ClientOr.docx
Project Charter and Management Plan Project ClientOr.docxProject Charter and Management Plan Project ClientOr.docx
Project Charter and Management Plan Project ClientOr.docx
briancrawford30935
 
CV - Gunjan Sharma
CV - Gunjan SharmaCV - Gunjan Sharma
CV - Gunjan Sharma
gunjan sharma
 
Chapter 4
Chapter 4Chapter 4
Chapter 4
uncleRhyme
 
Private Network Project for Colleges
Private Network Project for CollegesPrivate Network Project for Colleges
Private Network Project for Colleges
Aditya Jain
 
Final Report - Essam Khalid
Final Report - Essam KhalidFinal Report - Essam Khalid
Final Report - Essam Khalid
Essam Khalid
 
(Worthy & Heatley Networking Kimberly N. WorthyCIS 4.docx
(Worthy & Heatley Networking Kimberly N. WorthyCIS 4.docx(Worthy & Heatley Networking Kimberly N. WorthyCIS 4.docx
(Worthy & Heatley Networking Kimberly N. WorthyCIS 4.docx
mercysuttle
 
Project charter and plan document for millennium upgrade
Project charter and plan document for millennium upgradeProject charter and plan document for millennium upgrade
Project charter and plan document for millennium upgrade
Theodore Van Patten, Jr.
 
It%40arts update may2013_v6.2
It%40arts update may2013_v6.2It%40arts update may2013_v6.2
It%40arts update may2013_v6.2
SarahKante
 
1 CITY OF DuPONT REQUEST FOR PROPOSALS .docx
1 CITY OF DuPONT REQUEST FOR PROPOSALS .docx1 CITY OF DuPONT REQUEST FOR PROPOSALS .docx
1 CITY OF DuPONT REQUEST FOR PROPOSALS .docx
karisariddell
 
Mortgage Bank Implementation Process
Mortgage Bank Implementation ProcessMortgage Bank Implementation Process
Mortgage Bank Implementation Process
Dan Nelson
 

More Related Content

Similar to THEORY

DDI_SN_NetwkOptimizationUpgrade
DDI_SN_NetwkOptimizationUpgradeDDI_SN_NetwkOptimizationUpgrade
DDI_SN_NetwkOptimizationUpgrade
AbdRozaq Iwashokun
 
CPIN 269 Final Documentation
CPIN 269 Final DocumentationCPIN 269 Final Documentation
CPIN 269 Final Documentation
Jennifer Cordes
 
Assignment 8.14.docx
Assignment 8.14.docxAssignment 8.14.docx
Assignment 8.14.docx
ssuser562afc1
 
Project Charter and Management Plan Project ClientOr.docx
Project Charter and Management Plan Project ClientOr.docxProject Charter and Management Plan Project ClientOr.docx
Project Charter and Management Plan Project ClientOr.docx
briancrawford30935
 
Final Report - Essam Khalid
Final Report - Essam KhalidFinal Report - Essam Khalid
Final Report - Essam Khalid
Essam Khalid
 
(Worthy & Heatley Networking Kimberly N. WorthyCIS 4.docx
(Worthy & Heatley Networking Kimberly N. WorthyCIS 4.docx(Worthy & Heatley Networking Kimberly N. WorthyCIS 4.docx
(Worthy & Heatley Networking Kimberly N. WorthyCIS 4.docx
mercysuttle
 
Project charter and plan document for millennium upgrade
Project charter and plan document for millennium upgradeProject charter and plan document for millennium upgrade
Project charter and plan document for millennium upgrade
Theodore Van Patten, Jr.
 
It%40arts update may2013_v6.2
It%40arts update may2013_v6.2It%40arts update may2013_v6.2
It%40arts update may2013_v6.2
SarahKante
 
1 CITY OF DuPONT REQUEST FOR PROPOSALS .docx
1 CITY OF DuPONT REQUEST FOR PROPOSALS .docx1 CITY OF DuPONT REQUEST FOR PROPOSALS .docx
1 CITY OF DuPONT REQUEST FOR PROPOSALS .docx
karisariddell
 

Similar to THEORY (20)

SAP sample
SAP sampleSAP sample
SAP sample
 
Stakeholder update 4 14 data center outage
Stakeholder update 4 14 data center outageStakeholder update 4 14 data center outage
Stakeholder update 4 14 data center outage
 
DDI_SN_NetwkOptimizationUpgrade
DDI_SN_NetwkOptimizationUpgradeDDI_SN_NetwkOptimizationUpgrade
DDI_SN_NetwkOptimizationUpgrade
 
Group_1__Assignment_Case_Study_.pdf.pdf
Group_1__Assignment_Case_Study_.pdf.pdfGroup_1__Assignment_Case_Study_.pdf.pdf
Group_1__Assignment_Case_Study_.pdf.pdf
 
CPIN 269 Final Documentation
CPIN 269 Final DocumentationCPIN 269 Final Documentation
CPIN 269 Final Documentation
 
Project Plan
Project PlanProject Plan
Project Plan
 
TFI2014 Conference Opening - ISOC Deployment & Operationalization
TFI2014 Conference Opening - ISOC Deployment & OperationalizationTFI2014 Conference Opening - ISOC Deployment & Operationalization
TFI2014 Conference Opening - ISOC Deployment & Operationalization
 
Assignment 8.14.docx
Assignment 8.14.docxAssignment 8.14.docx
Assignment 8.14.docx
 
ProjectReport_Subhayu
ProjectReport_SubhayuProjectReport_Subhayu
ProjectReport_Subhayu
 
Digital roadmaps
Digital roadmapsDigital roadmaps
Digital roadmaps
 
Project Charter and Management Plan Project ClientOr.docx
Project Charter and Management Plan Project ClientOr.docxProject Charter and Management Plan Project ClientOr.docx
Project Charter and Management Plan Project ClientOr.docx
 
CV - Gunjan Sharma
CV - Gunjan SharmaCV - Gunjan Sharma
CV - Gunjan Sharma
 
Chapter 4
Chapter 4Chapter 4
Chapter 4
 
Private Network Project for Colleges
Private Network Project for CollegesPrivate Network Project for Colleges
Private Network Project for Colleges
 
Final Report - Essam Khalid
Final Report - Essam KhalidFinal Report - Essam Khalid
Final Report - Essam Khalid
 
(Worthy & Heatley Networking Kimberly N. WorthyCIS 4.docx
(Worthy & Heatley Networking Kimberly N. WorthyCIS 4.docx(Worthy & Heatley Networking Kimberly N. WorthyCIS 4.docx
(Worthy & Heatley Networking Kimberly N. WorthyCIS 4.docx
 
Project charter and plan document for millennium upgrade
Project charter and plan document for millennium upgradeProject charter and plan document for millennium upgrade
Project charter and plan document for millennium upgrade
 
It%40arts update may2013_v6.2
It%40arts update may2013_v6.2It%40arts update may2013_v6.2
It%40arts update may2013_v6.2
 
1 CITY OF DuPONT REQUEST FOR PROPOSALS .docx
1 CITY OF DuPONT REQUEST FOR PROPOSALS .docx1 CITY OF DuPONT REQUEST FOR PROPOSALS .docx
1 CITY OF DuPONT REQUEST FOR PROPOSALS .docx
 
Mortgage Bank Implementation Process
Mortgage Bank Implementation ProcessMortgage Bank Implementation Process
Mortgage Bank Implementation Process
 

THEORY

  • 1. CTU Training Solutions LU08 FINAL INTEGRATIVE ASSESMENT BY Uneeb Parkar AND Ethan Cloete
  • 2. What is the final integrative assessment? The luo8 task is a network upgrading development task/project in which we (The MCSA students of 2015) will have the opportunity to implement our networking skills, as well as our ability to plan a network and its components, which we have been studying for the past year. (for a detailed description, see overview) The topic of the LU08 assessment The topic of this task is the development of a company network, planning and upgrading all aspects of the proposed network and implementing a practical session to demonstrate the creation of said network. The network will consist of a small company of 200 client users.
  • 3. Overview Phase 1: Gather information and address a solution planning. : In this step, the IT team will be responsible for the planning of the new network infrastructure and how the network will be implemented. The planning team must gather information on the modules they will need the company to obtain in order for the network to be fully upgraded. The team must then present their planning and suggestions to the company as requested. Finally, the team is responsible for building the physical and logical topology of the planned network. Phase 2: Set up of virtual network and install of operating systems and roles and features. : In this step, the planning team must set up a complete virtual environment, on which they must install the required operating systems and role services. The lab must then be configured to house an active directory service which must contain the other machines and users that will be integrated. Network discovery and basic IP configuration must be configured, alongside critical software upgrades to the machines. Phase 3: Configuration of the lab and implementation of managing strategies. : In this phase, the IT team will configure the lab they set up in Phase 2, the machines must be configured to include DHCP, fully configured using scopes and reservations. WDS must be set up and deploy an image of 2012 server to a remote server. DNS must be setup and contain forward and reverse zones for name queries. The active directory will be configured to contain groups and users, which all will be assigned group policies. The file server will also be set up to contain quotas and file screens. Phase 4: Configuration of remote resource access, as well as, access rules management. : This Phase will require the Team to configure the servers and client computers to be accessible remotely and be managed accordingly. Network policy services will be installed on a server and will be configured to introduce logon hours to the clients, before configuring access requirements and authentication standards. A server will be configured to contain a IIS web server role, configured to contain a self-signed certificate and set up to run on a https connection only.
  • 4. FINAL INTEGRATIVE ASSESMENT Phase 1: Gather information and address a solution planning.
  • 5. What is the purpose of Phase 1? The purpose of this Phase is the planningof the new networkinfrastructure and how the network will be implemented. Index  The meeting. : A meeting will be held, during which we will discuss the intended upgrade process.  Listing of attainable soft and hardware : A list of modules the companywill needtoobtain.  Upgrade planning. : A myriad of steps that will be followed in order to upgrade the network fully.  User education. : Educate the users on how to use the new network.  Presentation. : Migrating the company data into a cloud environment.  Physical and logical diagram. : A plan of the floor building and all logical components.  Referents : Referents
  • 6. The meeting The IT upgrading team is tasked to convene a meeting, in which they will discuss the various aspects of the task they have been given, which is the upgrade of the company’s network infrastructure. In this meeting the parties will take turns to discuss their view on the processes that must be met to upgrade the network and express their ideas and viewpoints on the upgrading process. This meeting will also encompass the roles and responsibilities that will be placed on the parties involved in the processes. The meeting will be presented in the following fashion:  Agenda  Meeting introduction (welcoming of parties)  Stating of meeting agenda  Opening of meeting  Establishing of a upgrade plan by members in attendance  Assignment of roles to parties  Presentation on migrating process to the Cloud  A short, drawn up budget  Presentation of upgrade plan deployment proceedings  Presentation of the Physical and logical topologies  Documentation of meeting - Minutes - Attendance register
  • 7. Agenda The following Index will be discussed in the coming meeting.  Preparation for meeting. -17:05 : The preparation for the meeting will encompass the following: - The preparation of the meeting board room - Provisioning of pens and papers - Set up of laptops and projectors - Water jugs and glasses are to be provisioned -  Action items from previous meeting -17:30 : There are no remaining agenda items from the previous meeting.  Agenda items - Meeting introduction (welcoming of parties) - 17:30 - Stating of meeting agenda - 17:35 - Opening of meeting - 17:40 - Establishing of a upgrade plan by members in attendance - 17:45 - Assignment of roles to parties - 18:30 - Presentation on migrating process to the Cloud - 18:45 - A short, drawn up budget is presented - 19:00 - Presentation of upgrade plan deployment proceedings - 19:10 - Reveal of the Physical and logical topologies - 19:20  Meeting adjournment – 19:45 - Documentation of meeting - 19:45 Minutes Attendance register
  • 8. The meeting  Meeting introduction (welcoming of parties) : Mr Pakaar Welcomed the parties involved and discussed why we were going to have this meeting and disclosed the general topic to the members in attendance. He also addressed the parties as to the fact that any input from each member is voluntary and can be given forward at any time.  Stating of meeting agenda : Mr Cloete stood and addressed the board, stating that there were no previous topics standing over from the previous meeting. He then proceeded to read out the meeting agenda.  Opening of meeting : After a short pause, Mr Cloete opened the meeting by addressing the fact that the company needed the network to be upgraded. He also stated the following facts: - He stated that the network infrastructure has fallen behind other competing companies - He stated that the company’s efficiency level has been stagnant for the past few years and provided the following reason, “we have reached the limit of the network functionalities.” - He also stated that the support for windows server 2003 has ended, then added that the network is more susceptible to security issues and threats. - His last point was that the company has begun to fail regular compliance audits. : The company owner than inquired Mr Cloete as to whether The IT team had any suggestions as to how the network can be improved. : Mr Pakaar then replied that they had a suggestion ready and then suggested that the company infrastructure be completely upgraded and migrated to a windows server 2012 infrastructure and the clients be upgraded to windows 8.1. : The board members then discussed the proposed notion among themselves, while the IT team waited for a response. : The branch manager then proposed that the IT team suggest what the improvements will be, should the upgrade be implemented.
  • 9. : Mr Cloete then stood and stated that as the implementation particulars have not been discussed, he cannot entail any details. The following facts were then stated by him: - From the perspective of the IT team, the managing of the server will be much more user friendly, as Server manager was added. - Attaining the licence for the server edition is much easier. - Management of resources, for example, access to shared volumes can be managed much more easily - Share storage can be implemented more skilfully thanks to the improvements to File server roles - The company will be able to run virtualization in a much more managed fashion and all users in a department will be able to run on one powerful machine, saving lots of money. : Mr Pakaar then stood and added to Mr Cloete’s points by adding the following facts: - By upgrading the company’s hardware to a standard of 1000mbps transfer speed, not including any devices that will introduce bottlenecking, the network speed will be substantially faster. : The board members then discussed the proposed notion among themselves, while the IT team waited for a response. : After the members convened, a vote was taken and it was decided that the network will be upgraded. : The members the proceeded to the planning process.  Establishing of a upgrade plan : Mr Cloete began the discussion by relaying to the members that in each full network upgrading process, there is a pre-set process that must be followed and relayed the following: The first step is the Documentation of the existing network. The second is the Assigning new infrastructure to the existing network. The third step is the Configuration of management resources. The fourth step is the Incorporation of new network. The fifth step will be the Monitoring process. : The resources department representative then replied that they have the documentation of the existing network in place and it is available to any person of the IT department. : Mr Pakaar then added that a performance base line must be taken of the current network and added to the documentation. : The resources department’s documentation was then retrieved and presented to the board, after which it was approved.
  • 10. : Mr Cloete then stated that the next topic would be the upgrading of the infrastructure. : The sales department representative then proposed that the plan have a full backup process set up before any further steps are taken. : Mr Pakaar then acknowledged the point and suggested that the company buy a SAS storage on which the backup will be saved. : Mr Cloete added that the backup can be performed using the windows 7 backup feature on the clients and on the servers, an imaging backup will be performed. : Mr Pakaar then proposed that the company purchase the following new hardware: - WI-FI access points - Cat5e cabling - Switches - A router - Hardware components for the pc’s and servers - A UPS - Printers and projectors : The Company owner then queried the IT team as to whether the building will need any renovations to accommodate the new hardware. : Mr Cloete then replied that the departments will need renovations done to accommodate the new cabling, other than that, the installations will be done by the IT department. : The Branch manager then added that the need for contractors will be inevitable, and that the company will hire external personnel to ready the departments for the installation. : Mr Cloete then stated that the installation of new hardware will then be implemented after renovations are done. : Mr Pakaar then added that the installation of pc hardware will be implemented at the same time as the installation of new net hardware. : Mr Cloete then stated that the next step is the instalment of the new operating system onto the servers : The resources department representative then stated that the IT department state where they will be attaining the volume licencing quotes for the upgrade. : Mr Cloete stated that the quotes will be bought directly from Microsoft.
  • 11. : The Help desk department representative then queried the IT department as to how the upgrading process will develop. : Mr Pakaar then replied that as the servers have been backed and accompanying the fact that the architectures are crossover, the installation will have to be a clean install. : The board members then discussed the notion among themselves, while the IT team waited for a response. : Mr Cloete then stated that the upgrading process will be completed as any normal clean install, however, should the installation fail, the IT members can simply connect the server to the SAS and apply the previously captured image, restoring the backup. : The Graphics department representative then queried the IT department on how the client images will be deployed. : Mr Pakaar replied that the servers will first be fully configured before the pc’s are attended to. : Mr Cloete then added that the clients could be installed with WDS after server configuration. : The branch manager then proposed that the board begin discussing the configuration of the servers. : Mr Pakaar stated that the first actions to be completed on the server involve the following: - Assigning of a static ip - The instalment of ADDS and the creation of a new forest, followed by the promotion of the DC : Mr Cloete then stated that the following roles will be configured: ADDS: this role will be configured by adding OU’s, groups and users for each department. DHCP: this role will be configured by adding scopes for the reserved modules and the departments will be added scopes. The DHCP will also be configured for failover to the other server DNS: a forward and reverse lookup zone will be added to the dns role. The lookup zones will also be configured to be secondary on the other server. WDS: this role will be setup to run alongside DHCP to deploy the installation of 8.1 to the clients. : The branch manager then stated that there be more strict policies applied to users : Mr Pakaar then replied that the Group policies applied to users will be defined to be stricter. : The representative of the customer support department then stated that their department have a more reliable and faster connection.
  • 12. : Mr Cloete then replied that the group policies will include qos that ensures that the customer support users will receive higher network speeds. : The web development department representative then stated that the IT team must disallow ports on the server firewall to create a more secure environment. : Mr Pakaar noted this request, assuring it will be done. : The marketing representative then stated that the marketing users are having trouble accessing their resources remotely : Mr Pakaar responded that the remote access feature will be completely remade to allow secure connections to the marketing workstations. He also added that there will be training given to users on how to use the vpn connection. : The company owner then added that only the marketing and IT users should be able to log in remotely. : Mr Cloete then added that the vpn connections can be distributed through the use of the CMAK tool. : The resources representative then stated that a shared volume be created for all departments. : Mr Cloete replied that a shared folder will be set up for each department for which they only have access to and that it will be implemented on the SAS. : Mr Pakaar then stated that a backup solution will also be implemented onto the SAS : The branch manager then stated that the copying of video and audio files to the shares be prohibited. : Mr Cloete then stated that the share will be monitored by a file screen, preventing the copy of audio and video files. : The board members then discussed the proposed notion among themselves, while the IT team waited for a response. : The branch manager then stated that general failure policies be set in place. : Mr Pakaar then replied that the policy will be a simple one and will be followed by the help desk and IT department employees only. : Mr Cloete then ended the upgrading planning section of the meeting.
  • 13.  Assignment of roles to parties : Mr Pakaar then stated that the roles assignment section of the meeting has begun. : The branch manager then assigned the following roles to each department. - Gathering of items needed for the upgrade – Resources + IT - Budget - Finance - Hiring of contractor – Management - Oversee of construction – IT - Install of net infrastructure – IT - Configure of server infrastructure and client infrastructure – IT - Monitoring of network – IT + Help desk : All departments accepted their roles.  Presentation on migrating process to the Cloud  Budget Available for budget: R750 000.00 List of attained modules OS volume licencing name Unit price units total Windows 8.1 enterprise 64 bit R958.41 x 200 R 191 682.00 Windows 2012 r2 datacentre R22432.35 x 2 R44 864.70 Switches Cisco SG200-26 switch R2833.56 x 12 R34 002.72 Router TP link archer C9 AC 1900 R1805.70 x 1 R1 805.70 Network interface cards TP-link TG-3468 R166.68 x 250 R41 670 Wireless adaptors TP-LINK TL- WN881ND R248.49 x 250 R62 123.03 Server RAM Kingston KVR16E11K4/32GB R6153.27 x2 R12 306.52 Client RAM Kingston Technology ValueRAM 2GB 209.32 x 220 R46 050.91 SAS storage server 12 bay Hot Swap Trayless SAS/SATA R8 320.11 X1 R8 320.11 Western Digital 4TB Internal Hard Drive
  • 14. WD40EZRX Western Digital 4TB R2 082.80 x 6 R12 496.83 Uninterruptable power supply CyberPower CP1500AVRLCD Intelligent LCD UPS R1943.9055 x2 R3 887.81 Company laptops HP TouchSmart 15AC12IDX R5 347.65 x 10 R53 476.50 Multimedia Projector Aketek Multimedia Projector R819.51 x15 R12 292.65 Wi-Fi Access points Ubiquiti Unifi long range access point R1 375.11 x6 R8 250.66 Scanner-Printer Konica Minolta Dialta DI2510F R6 250.50 x 10 R62 505.00 Rj45 cabling CAT5e cable rolls R555.60 x 15 R8 334 Strain Relief Boots CableWholesale RJ45 Black R69.45 x12 R833 Print Server Monoprice Networking 4 Port USB 2.0 R527.82 x10 R5278.20 Surface Mount Box Cable Matters Cat6 RJ45– 2 Port R222.24 x60 R13 334.40 RJ45 Connector Heads RJ45 Connector Heads R83.34 x6 R500.04 Network Cable Crimper TRENDnet TC- CT68 R194.46 x15 R2 916.90 Cable Tester Tool Toner Network LAN Cable Tester Tool R138.90 x15 R2083.50 Punch Down Tool TRENDnet TC-PDT Punch Down Tool R250.02 x15 R3 750.30 TOTAL R632 765.48 Personnel payment Building contractors R2000 per hour x18 R36 000 GRAND TOTAL: R668 765.48
  • 15.  Presentation of upgrade plan deployment proceedings (Planning of timings) : It was decided that the upgrade process will be implemented during the course of the first two weeks of December, as all employees are on holiday at that time. The upgrade process will consist of the following steps and will be implemented during the following times. - Documentation of existing network - Backup - Construction - Install net infrastructure - Server setup - WDS deployment - Remote access setup, security, monitoring processes and test of net functionality - User education The following were proposer by the company owner and were accepted by the board members (during this period, the work day will start from 09:00 to 15:00 for the IT department employees.) The planned schedule is set to be completed from 4-20 Dec. - Documentation of existing network : As the documentation of the network has already been implemented, this step is completed. - Backup – First weekend : This process will be implemented during the first weekend of the vacation and will be left to run during the weekend. - Construction – First week : During this process, the contractors will reconstruct the departments in order to accommodate the new network infrastructure. - Install net infrastructure – first four days of the second week : This phase encompasses the IT team installing the network resources into the refurbished departments. - Server setup – last two days of the second week : In this step, the IT team will be responsible for the reconfiguration of the Network operating systems on the server machines. - WDS deployment – Second weekend : This step entails deploying the windows 8.1 enterprise OS to the clients and will be run during the night (an administrator will oversee the process) - Remote access setup, security, monitoring processes and test of net functionality : Last/third week - User education – One day before the offices are opened. : The company users will be called in to a short UE course. (see User education)
  • 16.  Physical and logical diagram. : After some minor planning in conjunction with the resources department, a logical and physical topology was drawn up alongside the IT department.
  • 17.  Minutes - Mr Pakaar Welcomed the parties involved. - Mr Cloete stood and addressed the board, stating that there were no previous topics. - Mr Cloete opened the meeting by addressing the fact that the company needed the network to be upgraded. - Mr Pakaar suggested that the company infrastructure be upgraded to windows server 2012 and the clients be upgraded to windows 8.1. - The branch manager proposed the IT team should suggest what the improvements will be. - Mr Cloete stated facts on improvement. - Mr Pakaar added to Mr Cloete’s points. - A vote was taken and it was decided that the network will be upgraded. - The members the proceeded to the planning process. - Mr Cloete began the discussion, relaying that there is a pre-set process that must be followed to upgrade a network. - The resources department representative then replied that they have the documentation of the existing network in place. - Mr Pakaar then added that a performance base line must be taken. - The resources department’s documentation was then retrieved. - Mr Cloete then opened the next topic. - The sales department representative proposed a full backup process. - Mr Pakaar suggested that the company buy a SAS. - Mr Cloete added that the backup can be performed using the windows 7 backup. - Mr Pakaar proposed that the company purchase new hardware. - The Company owner queried the IT team as to whether the building needed renovations. - Mr Cloete then replied that the departments will need renovations done. - The Branch manager then added that the need for contractors will be inevitable. - Mr Cloete stated the next step is the instalment of new operating system onto the servers. - The resources department representative stated that the IT department state where they will be attaining the volume licencing for the upgrade. - Mr Cloete stated the quotes will be bought from Microsoft. - The Help desk representative queried as to the upgrading process. - Mr Pakaar replied that the installation will be a clean install. - Mr Cloete stated that, should the installation fail, the IT members can connect the SAS and apply the captured image. - Mr Cloete added that the clients could be installed with WDS. - Mr Pakaar stated the first actions to be completed on a server. - Mr Cloete stated that roles will be configured. - The branch manager queried stricter policies applicable to users. - Mr Pakaar ensured the Group policies applied to users will be stricter. - The representative of the customer support department queried a more reliable and faster connection. - Mr Cloete then replied that the group policies will include qos.
  • 18. - The web development department representative stated that the IT team disallow server firewall ports. - The marketing representative stated that their users were having remote resource access. - Mr Pakaar responded that the remote access feature will be completely remade. - The company owner then added that only the marketing and IT users should be able to log in remotely. - Mr Cloete added that vpn connections can be distributed through CMAK. - The resources representative then stated that a shared volume be created. - Mr Pakaar stated that a backup solution will be implemented onto the SAS. - The branch manager stated that copying of video and audio files to shares be prohibited. - Mr Cloete stated that the share will be monitored by file screens. - The branch manager stated that1general failure policies be set in place. - Mr Pakaar replied that a simple policy will be followed by the help desk and IT department employees. - Mr Cloete ended the upgrading planning section of the meeting. - Roles were assigned to parties. - Presentation on migrating process to the Cloud, done by Mr Pakaar. - A budget was presented. - Planning of the timing of the upgrade is presented. - Meeting is adjurned. - Minutes and attendance are drawn up.  Attendance register - IT – Ethan Cloete + Uneeb Pakaar + other administrators - Resources - Web development - Sales - Management - Help desk - Customer support - Finances - Graphics - Marketing - Branch manager - Company Owner
  • 19. Listing of attainable Software and Hardware The following will be a detailed description of the components that the Upgrading team will need the company to obtain to ensure a full network upgrade. Attainable components: OS volume licencing : The Operating systems of the clients and servers must be bought in a bulk licence. Windows 8.1 enterprise 64 bit, client volume licencing. (Quota is attained from Microsoft) The specifications for the module are: - Multiple Activation Key - Upgrade key type - 3 year agreement - Annual payment - Price = R958.41 x 200 = R 191682.00 Windows 2012 r2 datacenter volume licencing. (Quota is attained from Microsoft) The specifications for the module are: - Multiple Activation Key - 3 year agreement - Annual payment - Price = R22432.35 x 2 = R44864.70 Switches : The company will need to attain the following switches to ensure that the company departments will be able to connect to each other. Cisco SG200-26 switch. 12 of these must be bought The specifications for the module are: - 24 ports - Transfer speed of 1000Mbps - Price = R2833.56 x 12 = R34002.72
  • 20. Router : The following Routers will be purchased to enable the company resources to be able to connect to external networks. TP link archer C9 AC 1900. 5 of these must be bought. The specifications for the module are: - Transfer speed of 1000Mbps - Price = R1805.70 x 1 = R1805.70 Client Network interface cards : NIC’s must be bought for all client pc’s and servers to ensure fast and optimal networking speeds. TP-link TG-3468, 250 of these must be bought The specifications for the module are: - Transfer speed = 10/100/1000Mbps - Price of item = R166.68 x 250 = R41 670
  • 21. Wireless adaptors In order to enable the client pc’s to access the network through the Wi-Fi access points, the following Wi-Fi net adaptors will be bought TP-LINK TL-WN881ND Wireless N300 PCI Express Adapter, 2.4GHz 300Mbps, Include Low-profile Bracket The specifications for the module are: - Speed: Up to 300 Mbps - Supports 64/128 WEP, WPA /WPA2/WPA-PSK/WPA2-PSK(TKIP/AES), supports IEEE 802.1X - Supports on vista and up - Price = R248.49 x 250 = R62 123.03 Server RAM - Kingston KVR16E11K4/32GB will be bought to upgrade the Server’s RAM. - Each package consists of 4 x 8GB DDR3 RAM. - Each server will receive 16GB of RAM - Amount Required: 2 packs - Cost per package: R6153.27 - Total Cost: R12 306.52
  • 22. Client RAM The client computers will be upgraded with the following ram. Kingston Technology ValueRAM 2GB 1333MHz DDR3 Non-ECC CL9 DIMM SR x16 Desktop Memory KVR13N9S6/2 220 of these must be bought - 2gb ram modules - Each client receivs 2 gb - Cost = 209.32 x 220 =R46 050.91 SAS storage server : This component must be bought to ensure that an appropriate amount of shared storage is available on the network. 12 bay Hot Swap Trayless SAS/SATA External Tower Enclosure The specifications for the module are: - The price of the module is = R8 320.11 - 12 bay capacity (sata) :will be half filled with 6 of WD40EZRX Western Digital 4TB Internal Hard Drive (sata) /price = R2 082.80 x 6 = R12 496.83 - Storage available after hdd install= 24Tb
  • 23. Western Digital 4TB Internal Hard Drive (sata) Uninteruptable power supply : The following ups’s will be bought and issued to the servers and storage devices. CyberPower CP1500AVRLCD Intelligent LCD UPS 1500VA 900W AVR Mini- Tower. 5 of these must be bought The specifications for the module are: - 1500VA/900 watts. - Corrects brownouts and overvoltage without using battery power. - Multifunction LCD - Price = R1943.9055 x2 = R3 887.81
  • 24. Company laptops : The following laptops will be bought and issued to the roaming users. HP TouchSmart 15AC12IDX. 10 of these must be bought. The specifications for the module are: - 15.6 inch touch - 5th Generation i3 Processor 2.16 GHz - 6GB of RAM - 1TB HDD - 10/100/1000Mbps NIC - Price = R5 347.65 x 10 = R53 476.50 Aketek Multimedia Projector - The projector will be used during meetings. There will also be one used in the lobby showing images/clips of what exactly the company specialises in. - Amount Required: 15 - Cost per Projector: R819.51 - Total Cost: R12 292.65
  • 25. Wi-Fi Access points : The Wi-Fi access points that will be acquired will be the following. Ubiquiti Unifi long range access point. Six of these will be bought. The specifications for the module are: - Processing speed = 2.4Ghz - Power over Ethernet - Price R1 375.11 x6 = R8 250.66 Scanner-Printer A scanner-printer will be issued to all departments. Konica Minolta Dialta DI2510F. 10 of these must be bought. The specifications for the module are: - Faxer - Scanner - Printer - Copier - Price = R6 250.50 x 10 = R62 505.00
  • 26. Rj45 cabling : Rj 45 cabling must be bought to ensure wired connectivity between resources. CAT5e cable rolls. 15 of these must be bought. The specifications for the module are: - One roll contains 76m x 15 = 1140m of cable. - Transfer speed of 1000Mbps - One roll price = R555.60 x 15 = R8 334 CableWholesale RJ45 Black Strain Relief Boots - 50 pieces per bag - Suggested Amount: 600 pieces - Total Bags: 12 - Price per Bag: R69.45 - Total Price: R833 for 12 Bags
  • 27. Monoprice Networking 4 Port USB 2.0 Print Server - Connects to the network using an auto-sensing 10/100 Mbps Ethernet Port - Transfer Speed: 1000 Mbps - Price per Print Server: R527.82 - Required Amount: 10 - Total Price: $ 5278.20 Cable Matters Cat6 RJ45 Surface Mount Box – 2 Port - 5 per pack - Required Amount: +/- 200 - Purchase Amount: 60 packs - Price per Pack: R222.24 - Total: R13 334.40
  • 28. RJ45 Connector Heads - 100 per pack - Required Amount: 600 connector heads / 6 packs - Cost per pack: R83.34 - Total Cost: R500.04 TRENDnet TC-CT68 Network Cable Crimper - These will be used when connecting the RJ45 Connector Heads to the RJ45 Cables. - Amount Required: 15 - Cost per Tool: R194.46 - Total Cost: R2 916.90
  • 29. Toner Network LAN Cable Tester Tool - This will be used to see if newly crimped cables are working properly or not - Amount Required: 15 - Cost per Tool: R138.90 - Total Cost: 2083.50 TRENDnet TC-PDT Punch Down Tool - This will be used to connect wires in wall boxes during the network setup. - Amount Required: 15 - Cost per Tool: R250.02 - Total Cost: R3 750.30
  • 30. Upgrade planning The following will be a detailed description of the Upgrading process the team will need to execute in a step by step process to ensure a full network upgrade. What does the upgrade process consist of? The upgrading process of a network consists of a myriad of steps that will be taken in order to ensure that the process proceeds smoothly. The process must begin with the documentation of the existing network, encompassing the network in a baseline. This will be followed by assigning new infrastructure/modules to the existing network. This step will include the physical instalment of modules into the network premises. The following step will ensure that the network management resources will be configured to maintain all the network resources. In the next step, the management infrastructure will incorporate the rest of the network and establish a secure environment, ready for practical implementation. After this, the network will continue to be monitored for any problem detection. Why are we upgrading to a newer version? First of all, the primary reason for upgrading is the fact that the company has fallen behind some of the competing business in terms of a cutting edge data infrastructure. We would also like to inform the company that the resources, which are available to employees, in the near future need to be much more efficient as to conduct a constructive and productive workspace. The main issue here is the fact that the network, as is, is liable to be left behind and in the dust. Why I say so is the fact that Windows has moved on and gotten much smarter than the current infrastructure. I can say with that with certainty, as windows has decommissioned their support for windows 2003 this year, that is already a huge loss for the company, as this implies that no patches are going to be released, the system is going to be more vulnerable to security threats and the company will start to fail more standard compliance audits. To prevent all this, we will be upgrading to windows server 2012 runtime 2.
  • 31. Upgrade planning Index 1: Documentation of the existing network. 2: Assigning new infrastructure to the existing network. 3: Configuration of management resources. 4: Incorporation of new network. 5: Monitoring process.
  • 32. Upgrade planning 1: Documentation of the existing network. : We were asked to provide an upgrade plan, however, not much information was provided on the existing network, other than the following. The existing network contains two servers, each with a different operating system. - 1st server = windows server 2003 32 bit - 2nd server = windows server 2008 32 bit I can only now assume the forest functionality was set to widows server 2003. I can also assume that the servers had the following roles installed: ADDS DNS Information was also disclosed on the number and configuration of the client pc’s: In all, there are 200 client computers, configured with the following operating system: - Windows 7 Enterprise 32 bit + Further documentation of network : The network can be monitored for problems and performance errors using a Performance baseline. : a performance baseline is a single performance chart accompanied by an interpretation of its results, this is based on your environment.
  • 33. 2: Assigning new infrastructure to the existing network. : During this step, the upgrading team will be backing up the current company infrastructure onto a share, the clearing and reconstruction of the current company building to accommodate new network infrastructure and the installation of new network infrastructure.  Preparing the company building. : This step entails the removal of all company resources from the premises. The process will be implemented in the following steps: + Back up of all company infrastructure. : As we would not want to lose any company data, we will be backing up all company infrastructure to a network attached storage. The network storage we will be using is: A 12 bay Hot Swappable Trayless SAS/SATA External Tower Enclosure This process will entail; - Creating backups of all user data to the nas. : This will be achieved by applying a gpo to all client computers, which will automate a backup process to the nas for each user. - Create an image of servers and back them up to nas. : To achieve this, we first need to attain the windows aik. This enables the administrator to append various modules to PowerShell and add more deployment and managing features to the server. The detail of this process is: - Install the nas and the 6 western digital hard drives to the existing network. - Run and log in to the user pc’s on which the backup gpo is linked. - The backup process runs and completes a backup of each user’s important files according to the windows 7 backup feature. - While the gpo backup is being implemented, the administrator must install the aik tool to the 2008 server. - The following imagex command must be run: imagex /capture c: c:my-windows-partition.wim "My Windows partition" - The captured image will then be moved to the nas. - The nas is removed from the network premises after the backup of drives and server images is done
  • 34.  Reconstructing the company building. : In this step, the company will hire external personnel who will be responsible for rebuilding the office in such a manner that the network infrastructure will be able to be applied with minimal confuses. The contractors will be upgrading the premises to be on standard with a bare standard of the physical topology. During this process, the contractors will be installing the following network infrastructure: Cable racks will be installed throughout the building. Lock boxes will be placed in each department.  Installation of new network resources : This step will include the following subcategories: + Installation of cabling : This step will require the IT technicians to place the CAT5e cabling along predefined routes. (Defined in the physical topology). After the cabling is installed, the cables will be crimped with RJ45 cable connector heads, after the Boot covers are applied. This will be followed by applying wall boxes to the predefined areas of the physical topology. During all these installations, the technicians must constantly check the network cables for optimal connections using cable testing tools. + Installation of switches and routers : In this step, the technicians will be placing the switches at their predefined positions, according to the physical topology. This will be followed by connecting the RJ45 cables running from the pc’s through a wall box, to the switch in each department. After this step the routers will be installed at their specified points, which will be followed by connecting all the switches to the nearest router. + Placing of network resources and computers. : The client pc’s will be sorted and numbered by department and will be upgraded with predetermined hardware upgrades. (See logical topology key for details) While other resources, for example, printers, print servers, Access points, servers and data storage units. This will be followed by the placing of the sorted and optimally upgraded client pc’s into the departments according the number each pc is assigned. None of the resources are to be connected to the network using the available RJ45 cables yet.
  • 35. 3: Configuration of management resources. : In this phase the Administrators will be configuring the current system hardware to be able to compute at the same speed as the new infrastructure, upgrading the operating system of clients and servers and will be configuring the network management infrastructure to be able to function normally.  Configuring servers. : This step will include the following subcategories: # Hardware + Upgrading server hardware. : As the server will be requiring more processing ability to be able to aptly respond to a myriad of requests from the resources, an upgrade of hardware will be implemented. The hardware will be configured with the following specifications: - The following new ram modules will be fitted: 2 x Kingston KVR16E11K4/32 8gb modules x2 Resulting in 16gb of ram for each server. - A new NIC will be added to the servers, with the following specifications : 10/100/1000Mbps PCIe - A uninterruptable power supply will be added: CyberPower CP1500AVRLCD Intelligent LCD UPS + Upgrading of client pc hardware. : the client computers will require more ability to process and be able to request queries to the other resources, an upgrade of hardware will be practised to ensure full functionality. The hardware will be configured according to the needs of each department, however, a baseline upgrade is underwent with all pc’s. The following specifications will be implemented: - Ram = Kingston Technology ValueRAM 2GB 1333MHz DDR3 - Nic = TP-link TG-3468, to ensure fast net connectivity.
  • 36. # Operating Systems + As the server will be requiring new features and roles services to keep up with the modern standards, the administrators will be installing the Windows server 2012 r2 os on the existing servers. The servers will be upgraded along the following process: - Both servers will be connected to a private network along with the SAN. - The servers have already been backed up to the SAS (see + Back up of all company infrastructure) - A clean installation will be started on both servers using the installation disk provided by the Microsoft volume quota. - The destination for the install will be the hard drives on the servers (as to not confuse with sas) - Wait for the installation to be completed. Should the upgrade fail at any point, the following procedure must be followed: - After the installation is completed on both servers, the first to complete will be used to install wds on. - The image captured onto the sas will then be applied to the other server, recovering its own captured image and applying the server infrastructure (adds dns, etc) that was implemented before the upgrade. - After this step, imagex will be used to apply the image of the 1st server to the remaining server. Here is an illustration of the process:
  • 37. + Incorporate the servers into the new network. : The servers will be incorporated into the new network infrastructure using the following procedure: - Place the servers in the server room and connect them to the nearest switch using the available network cables. + Install the following features on the server designated as the primary server: - Change the name of the server to IPark1 - Assign IPark1 a static ip address of 172.16.1.1 - Install ADDS and DNS - Promote IPark1 to a domain controller. - Create a new Forest and name it IPark.com - Install DHCP on IPark1 - Create the following scopes on IPark1: (For each of the following, assign a Router address of, 172.16.1.3) Resources reservations = range: 172.16.1.4 – 172.16.1.31 Inside this new scope, create the following reservations: Switches = create a reservation for each switch, starting with 172.16.1.4 to 172.16.1.15 Wi-Fi ap’s = create a reservation for each ap, starting with 172.16.1.16 to 172.16.1.21 Print servers = create a reservation for each print server, starting with 172.16.1.22 to 172.16.1.31 Create the following scopes in dhcp (For each of the following, assign a Router address of, 172.16.1.3) IT = 172.16.2.1 - 172.16.2.20 Customer support = 172.16.2.21 - 172.16.2.40 Web development = 172.16.2.41 - 172.16.2.60 Resources = 172.16.2.61 - 172.16.2.80 Sales = 172.16.2.81 - 172.16.2.100 Help desk = 172.16.2.101 - 172.16.2.120 Finance = 172.16.2.121 - 172.16.2.140 Marketing = 172.16.2.141 - 172.16.2.160 Management = 172.16.2.161 - 172.16.2.180 Graphic design = 172.16.2.181 - 172.16.2.200 Remote users = 172.16.2.201 - 172.16.2.220 Include all these scopes in a Superscope called, IParkscopes for better manageability For a more detailed description, see the logical topology.
  • 38. - On IPark1, create the following OU’s, followed by the groups and the users. IT = ITgrp = IT1 – IT10 Customer support = CSgrp = Customer support1 – Customer support10 Web development = WDgrp = Web development1 – Web development10 Resources = RECgrp = Resources1 – Resources10 Sales = Salgrp = Sales1 - Sales10 Help desk = Hdskgrp = Help desk1 - Help desk10 Finance = Fingrp = Finance1 - Finance10 Marketing = Markgrp = Marketing1 - Marketing10 Management = Mangrp = Management1 - Management10 Graphic design = Grpgrp = Graphic1 - Graphic10 Remote users = Rmtgrp = Remote1 - Remote10 - On IPark1, create the following Gpo’s and link it to each OU : As there are too many GPO’s that will be applied to each OU, I will instead give a brief description of the effect the group policies should have on each OU. As a baseline, all OU’s except the IT ou will be assigned the following policies. # Users must not be able to install drivers on the computer # Users must not be able to switch the computer off # A standardized background must be implemented # Users must not be able to use the USB ports # Users must not be able to switch the firewall off # Users are able to change their connection type from Wi-Fi to Ethernet. # Qos: set Wi-Fi connection priority above Ethernet IT: the members in the it group will not be assigned any gpo’s Customer support: # QOS: the customer support group will be assigned the qos to ensure that their connection never drops below a certain high speed. Marketing: # Remote access: the marketing computer accounts will be set to allow remote connections. The other OU’s will not be assigned other gpo’s - The DNS role will be configured with a forward and reverse lookup zones. : A primary forward lookup zone will be created called, IParkzone1 : A primary reverse lookup zone will be created called, IParkrevzone1, with a net id of 172.16.1. : set up the server to accept CNAME records.
  • 39. + Do the following configurations on the second server: - Change the name of the server to IPark2 - Assign IPark2 a static ip address of 172.16.1.2 - Join IPark2 to the IPark.com domain. - Install the following roles and features on IPark2 : WDS = will be used to deploy windows 8.1 to the clients Add an install image and boot image wim file of Win Svr 2012 R2 Datacentre Windows 8.1 enterprise. : Dhcp = will be used as a failover server using IParkscopes. + The following configuration will be completed on the IPark1 : The IParkscopes superscope will be configured for failover. The partner server will be IPark2. + Client backup restore. : As the clients have been backed up to the sas using the windows 7 backup feature, the clients’ important files are available on the sas. The process for upgrading the client computers will include the following: Do the following configuration will be completed on the IPark2 : Configure the wds server to be able to respond to all clients and require administrator approval when installing. (This setting will require an administrator to be at each station while installing from wds to enter the password, but is more secure.) - Remove the windows server image file and ensure that only the windows 8.1 ent install and boot images are available for pxe installation. - Start all client pc’s from the network and install windows 8.1 ent using wds. - Once the installation is completed, the admin must run the group policy management and update each OU policy settings remotely.
  • 40. Net security. + Set up firewall to only allow specific ports. : As the network is susceptible to many threats the number of ports allowed through the server will be minimized. + set up Remote access to the network for roaming users. : As the company will be implementing laptops and have marketers who will be roaming outside the network, a remote access solution must be set up. The access solution will be set up following the below protocol: The following configuration will be completed on the IPark2: : install the remote access and NPS server roles on IPark2.  Configure routing and remote access and allow remote users to connect through vpn connections only.  While setting up RRAS, ensure the NAT feature is enabled to reduce the amount of public addresses used by the company.  Also configure access to only allow L2TP connections.  Set up NPS to the following configuration:  Only allow L2TP connections for all authenticating users  All remote logins must occur on the RRAS server.  Use the CMAK tool to create ready-made VPN connections and distribute them to the Remote users OU, this will make the process of connecting to company resources much more automated for the remote users.
  • 41. +Implement shared folders for each department : As the company includes a Server attached storage with an ample amount of free space, the SAS must be set up to serve as a share location for users, where they can store important work files. Do the following steps on IPark2:  Install the file and storage services role.  Ensure that the storage pools feature is enabled and installed  Open the storage pools feature and create a new storage pool.  Add 3 of the SAS drives to the pool  Configure for fixed provisioning  Name the pool USERDOCOMENTS  Ensure the shared folders feature is installed on IPark2  Open the shares tool  Create a new nfs share with the following configurations:  : use USERDOCOMENTS as the share location. Share name = IT Use no server authentication for ease of use for the users. And allow unmapped user access. Allow the IT group the rearwrite share permissions Add the IT group to the NTFS permissions list and give them the modify permission. Create a new quota template that has a 600MB hard quota limit and use it on the share. Repeat all steps for each department, replacing the group each time. +Implement a backup Plan. : As the network is susceptible to many types of failures and data loss, it is customary to set up a proper backup strategy to ensure data that is lost, can be retained again. Do the following configurations on Ipark2:  Ensure that IPark2 has the windows server backup, if not, add the feature in add roles and features.  Open the windows server backup feature.  Create a backup schedule to back up the USERDOCUMENTS SAS storage pool.  Ensure that the backup os stored on the 4th SAS hdd.  Ensure that shadow copies are enabled and only keeps the most recent backup.  Configure the backup to run every day at 20:00  Repeat these steps on both servers as well, configuring a full back up on each server and setting the location to the 5th.
  • 42. 4: Incorporation of new network. : After the last step, the network has been set up for the basic tasks of the company. The next step is to integrate the clients into the network and verify full network functionality.  Join clients to the domain. The clients will be domain joined by the time the WDS installation is completed  Ensure users are able to obtain ip addresses from the DHCP server. The clients will receive ip’s from DHCP automatically by the time the WDS installation is completed  Update group policy one more time from the GPMC 5: Monitoring process. : Even though the network is running smoothly, the company is still susceptible to the ignorant user error, (an error on the part of the user) and to prevent and fix these errors, the admins can follow a small company policy to ensure any problem can be fixed.  Create a file screenaudit to monitor each department share for the presence of the following: Video files, audio files and executables. - Install the FSRM feature on IPark2 - Open FSRM - Create a new file screen template, configured for active screening, that monitors for: Video files, audio files and executables - Create a file screen for each department, specifying their shared folder as the target.  Ensure user has been added to the connect Group policies. : Each user, except the IT OU users are assigned Group policies according to his/her department. This audit is set as the user account may have acquired the Group policies of another department and now is not functioning as it should. This error can be fixed by, if need be, relocating the user account to the correct OU in active directory. After this the admin can run the invoke-gpupdate command to apply the correct group policies.
  • 43.  Test network functionality : In this phase, the network is tested for flaws on all fields. All flaws or errors are to be reported to the Help desk, where they undergo further investigation and are then placed through to the administrator. Errors are checked by following the below procedure: - Client is able to log in? - Client pc has a network connection to the domain resources? - Client pc has a network connection to external resources? - Client pc has obtained the correct IP according to its logged on user and department? Client is able to engage in his/her duties as an employee without any restrictions?
  • 44. User Education In this section we will educate the users on the proper procedures they should take in order to ensure that they can operate the network resources to a functional level at which they will be able to productively complete their workload on the new infrastructure. During this procedure, the IT team will convene meetings with each department and will discuss the following:  Windows 8.1 basics  Workstation assignment.  1st Login  NO adding peripherals  Change net connection from Wi-Fi to Ethernet  Connect to a VPN  Use of the shared folder  Common processes  Fault reporting process  Windows 8.1 basics : During this step, the users will be familiarised with the new windows 8.1 Desktop OS.  Workstation assignment. : During the user education, each user will be informed that they each have been assigned a workstation and once they have logged in to the workstation, they will no longer be able to move from workstations.  1st Login : The users will be educated on their first logon process, during which they will have to log on using their FQDN, after this they are free to use their CNAME.  NO adding peripherals : The users will be informed as to the fact that they are now forbidden to plug any device into the pc that was not approved by the administrator.  Change net connection from Wi-Fi to Ethernet : The users will be educated on how to connect the pc to the Ethernet if they feel their connection is too slow.  Connect to a VPN : Users will be educated on how to use the VPN connection they have been provided by CMAK.
  • 45.  Use of the shared folder : Users will be educated on how to access their departments shared folder and how to use it, they will also be informed on the fact that they have a limit of 600mb and the fact that they are not allowed to copy audio, video or executables onto the volume.  Fault reporting process : We will educate the users on how to properly report a fault on their workstation.
  • 46. Logical and Physical Topologies