Capstone Week 4


Published on

Published in: Education, Technology
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Capstone Week 4

  1. 1. <ul><li>We will find the most effectual tools essential for your business in order to keep up with the evolving changes of our fast paced world.706 Moore Street King of Prussia, Pennsylvania 19406Phone: 610-444-5555 Fax: 618-444-5556www.ICUconsultants.comICU consultantsReputed knowledge and planning goes into the delivery of every single intricate design by our team of experts.CreativeInnovativeWith the constant and rapid changes in technology, fast paced minds are required to keep up with the slew of equipment changes for multiple types of businesses. Our team of experts will devise the most effective and efficient design for your business. A complete and thorough evaluation of your floor plan will be assessed in order for our team of designers to create the best design that caters to the needs of your business .Unthinkable37566607874007073900787400 Hardware overview (Ron)Current hardwareProposed hardwareSoftware overview (Ron)Current softwareProposed softwareLAN overview (David)Current LANProposed LAN designWAN overview (David)Current WANProposed WANMain office design/network services (Jacob)Ip addressing design/scheme (David)Internet connectivity design (Elias)Network Security (Rick)Physical securityLogical securityData securityProject coat (Rick)HR costHardware costSoftware costImplementation costTesting/training costTesting (Nate)Hardware configurationSoftware configurationBandwidthInfrastructureProject schedule (Elias)Project conclusion (Kay)INDEXKOP MEDICAL ASSOCIATESIMPLEMENTATION AND UPGRADE TO NETWORK DESIGN AND INFRASTRUCTURE FOR KOP MEDICAL ASSOCIATESA COMPREHENSIVE NETWORK DEVELOPMENT PROJECTSUBMITTED TO THEIT/COMPUTER NETWORK SYSTEMS PROGRAMIN PARTIAL FULFILLMENT OF THE REQUIREMENTSFOR THE ASSOCIATE DEGREEbyNICK DATTILOKAY LAIJACOB MARTELELIAS ALVAREZRICHARD DABNEYRONDALD DUNN JRNATHANIEL DUFFYADVISOR-MR. NNOKOITT TECHNICAL INSTITUTEKING OF PRUSSIA, PENNSYLVANIAAUGUST, 2010Week 4Hardware Selection and Cost (Ron)IP Addressing (Dave)LAN and WAN Diagrams (Dave)Internet, Phone, Cabling selections (Elias)Week 5Hardware Finalize (Ron)Software Selection and Licensing (Ron)Network Services Finalize (Jacob)Security Finalize (Rich)Disaster Recovery Requirements (Nate)Week 6Software Finalize (Ron)Internet, Phone, Cabling Finalize (Elias)Project Plan Start (Elias)Cost Finalize (Rich)LAN and WAN Finalize (Dave)Week 7Disaster Recovery FinalizeTesting FinalizeProject Plan FinalizeProject Overview FinalizeProject Conclusion FinalizeWeek 8-11Actual installs762000711200As primary care centers King of Prussia Medical Associates strives to provide excellent medical services and convenience for all of our patients. From their in-house pharmacies to x-ray and other lab testing services, to minor surgeries, The Doctor's Office can diagnose and care for you and your family at any of their five convenient Philadelphia, Pennsylvania locations. Their office hours are (7 a.m. - 9 p.m.) depending on what doctors are in which location. Such domains have at least a Primary Domain Controller (PDC), and will often have one or more Backup Domain Controllers (BDCs). the first Windows NT Server in the domain is configured as a PDC. The User Manager for Domains utility is used to maintain user and group information for the domain using the domain security database on the primary controller. The PDC has the master copy of the user accounts database that it can access and modify, called Active Directory. The BDC computers have a copy of this database, but these copies are read-only. The PDC will replicate its account database to the BDCs on a regular basis. The BDCs exist in order to provide a backup to the PDC, and can also be used to authenticate users logging on to the network for load balancing. If a PDC should fail, one of the BDCs can then be promoted to take its place. The PDC will usually be the first domain controller that was created unless it was replaced by a promoted BDC. Our PDC will be on a server running Windows Server 2008 in the Main Office. Each satellite office will host a BDC, also on a Windows Server 2008 machine.The Domain Name System distributes the responsibility of assigning domain names and mapping those names to IP addresses by designating authoritative name servers for each domain. Authoritative name servers are assigned to be responsible for their particular domains, and in turn can assign other authoritative name servers for their sub-domains. This mechanism has made the DNS distributed and fault tolerant and has helped avoid the need for a single central register to be continually consulted and updated. Similarly to the Domain Controllers, our primary DNS server will exist on the same machine as the PDC, and each BDC will also provide DNS services.In general, the Domain Name System also stores other types of information, such as the list of mail servers that accept email for a given Internet domain. By providing a worldwide, distributed keyword-based redirection service, the Domain Name System is an essential component of the functionality of the Internet.863600622300755650809625In computer networking, network address translation (NAT) is the process of modifying network address information in datagram (IP) packet headers while in transit across a traffic routing device for the purpose of remapping one IP address space into another.The term web are applications that facilitate interactive information sharing, interoperability, user-centered design, and collaboration on the World Wide Web. A Web 2.0 site allows its users to interact with each other as contributors to the website's content, in contrast to websites where users are limited to the passive viewing of information that is provided to them. Examples of Web 2.0 include web-based communities, hosted services, web applications, social-networking sites, video-sharing sites. We will host a few different web applications that will be backed by a SQL Server database. Users will interact with the database via html pages..The Dynamic Host Configuration Protocol (DHCP) is a computer networking protocol used by hosts (DHCP clients) to retrieve IP address assignments and other configuration information.DHCP uses a client-server architecture. The client sends a broadcast request for configuration information. The DHCP server receives the request and responds with configuration information from its configuration database. In the absence of DHCP, all hosts on a network must be manually configured individually - a time-consuming and often error-prone undertaking. DHCP is popular with ISP's because it allows a host to obtain a temporary IP address. Our DHCP server will sit on the PDC machine at the main site.FTP is usually used to send files from computers to hosting web servers when creating a website. It can also be used as a means of "downloading" files from other servers. FTP is sometimes used to send files from one computer directly to another. It most commonly uses ports 20 and 21. We will use FTP to allow doctors and nurses access to electronic patient records via Patient Management software.Communication is very important in the business world--especially when it comes to business email. Gone are the days when communication was solely done through paper and pencil and then delivered through snail mail. Electronic messaging is now a very important part of businesses. Due to the volume of business trades around the world, a faster and more efficient system that would handle exchange of messages and manage communication between servers is a necessity. Business email needs to travel quickly and efficiently to its recipient. This is where exchange servers come into play. You may be wondering, "How does an exchange server work?" Let's discuss more about these email servers. Here's how to understand an email server. An HYPERLINK "" "_blank"Exchange Server is an application intended to handle a corporate messaging system. The email server system supports both internal and external electronic messages. The Exchange Server processes the messages into four basic steps. First, the client who will be sending a message shall connect to the exchange servers and then send the message. The server then processes the message by storing it in the appropriate location in the messaging database. After which, the server informs the recipient of the message's arrival. The recipient of the message then connects to the server to retrieve the message. 914400863600To process the messages, the Exchange Server has four core components that make exchanges of communication happen. These four core components of these email servers assist to organize, distribute and receive messages from other processes and operations.Information StoreSystem AttendantSimple Mail Transfer Protocol (SMTP)Active Directory Service.838200711200In computer networks, a proxy server is a server (a computer system or an application program) that acts as an intermediary for requests from clients seeking resources from other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource, available from a different server. The proxy server evaluates the request according to its filtering rules. For example, it may filter traffic by IP address or protocol. If the filter validates the request, the proxy provides the resource by connecting to the relevant server and requesting the service on behalf of the client. A proxy server may optionally alter the client's request or the server's response, and sometimes it may serve the request without contacting the specified server. In this case, it 'caches' responses from the remote server, and returns subsequent requests for the same content directly.A proxy server has a large variety of potential purposes, including:To keep machines behind it anonymous (mainly for security). To speed up access to resources (using caching). Web proxies are commonly used to cache web pages from a web server. To apply access policy to network services or content, e.g. to block undesired sites. To log / audit usage, i.e. to provide company employee Internet usage reporting. To bypass security/ parental controls. To scan transmitted content for malware before delivery. To scan outbound content, e.g., for data leak protection. To circumvent regional restrictions. 698500647700Physical security describes both measures that prevent or deter attackers from accessing a facility, resource, or information stored at a physical location/sight. There will be a complete upgrade to KOP Medical Associates physical security system to protect against intrusion when the office is closed as well as during the companies normal business hours. During the evening hours ICU will implement an alarm system monitored and installed by ADT. The ADT Premise Pro electronic security system will help protect each of KOP Medical Associates five locations from burglary and intrusion. ICU specifically chose this system because it is designed to provide a small business with effective, affordable security.ICU consultants strive to be a dependable and elite organization that takes pride in every aspect of our day to day activities. Network security is by far the most important when building or in this case restructuring a network. The provisions set forth in this computer network infrastructure will protect the network and the networks accessible resources from unauthorized access. While strategically protecting the network itself, ICU will also be responsible for protecting the physical aspect of every facility incorporated by KOP Medical Associates. Therefore, ICU Consultants will be responsible for restructuring KOP Medical Associates. physical, logical, and data security.Technology is why ICU Consultants exist; therefore KOP Medical Associates will be going keyless to gain access to each facility. Each visiting patient will have to be buzzed in to gain access to the facility to ensure a more secure environment. Every employee will be given an access card to gain entry, this will also give upper management the ability to monitor who enters and leaves each facility. The next measure of physical security ICU will be implementing to ensure the safety of KOP Medical Associates facilities will be the installation of surveillance cameras. There will be two cameras installed per five locations, thus bringing the total in entirety to ten for all of KOP Medical Associates facilities. The cameras will monitor the office during normal business hours plus adds an additional measure of security during the hours the business is closed. ICU will be installing the Panasonic I – Pro color fixed mini dome IP Security Camera. This equipment comes complete with viewing software that will be linked to the application server and a pc will be designated for viewing and recording. The final upgrade to KOP Medical Associates physical security will be fingerprint door locks to be installed on the IT/Telecom room as well as the storage area. There will be an elite chosen few to gain access to these two areas. There will be a total of ten to complete the upgrade, two per facility. The device chosen by ICU Consultants is the Tocahome e key. This is another measure ICU Consultants takes to ensure the integrity of our network security.Logical Security consists of software safeguards for an organization’s systems, including user Identification and password access, authentication, access rights and authority levels. These measures are to ensure that only authorized users are able to perform actions or access information in a network or a workstation. The logical security of KOP Medical Associates needs considerable improvement. There will be several upgrades implemented to provide top notch security of the networks infrastructure. For starters ICU will apply and implement several scopes on every server starting with the DHCP Server. Configuring the necessary scopes and configuring group policy to determine who can access and modify will be determined by the resources on the network and who actually needs to access them. IIs will also be configured for this network. There will also be ASP.NET and exchange 2010 that will be configured and will require username and password to access. Every possible avenue on KOP Medical Associates network will be road blocked with username, password, authentication, and biometrics. All of these measures are taken to log onto the network, this ensures that the authorized user can access only what they are permitted. To further protect the network there will be hardware encryption software installed as well as database encryption software. To protect all of KOP Medical Associates wireless capabilities there will be Mac Address filtering along with router security configured so that there will be no broadcast of the networks SSID.Finally the most important part of protecting a business’s network resources is protecting the resources central location. For us at ICU Consultants the server room is where it all begins and is the most guarded area when we are called upon to upgrade or install a network system. Therefore ICU Consultants enforce a very strict server room policy and server room security is implemented in every location. This protects the network and all of its resources. Server rooms are full of equipment, such as servers, routers switches, server racks etc., these machines run constantly and can potentially overheat. ICU will be installing network monitoring and server monitoring software. This will keep a close eye on the temperature of the server room and all equipment in use in that designated area. Every server room in all five of KOP Medical Associates facilities will implement this security standard and monitoring software. By implementing such a vigorous security process ICU stands firm and confident in protecting the confidentiality of KOP Medical Associates patients and all resources that reside on their network 22606002260600 445960546831257620007112006507480473075077470072453578740071120012496805365750930275584200796925711200774700723900762000711200774700711200752475723900762000711200Megapixel Super Dynamic at 1,280 x 960 imageH.264 High Profile 1,280 x 960 image at 30 ips real time video2.6 million pixels CCD 2,048 x 1,536 high resolution imageHigh sensitivity: 1.0 lux (Color), 0.08 lux (B/W) at F1.4Multi-streaming including H.264, MPEG-4 and JPEGVandal and Weather resistantMegapixel Super Dynamic Vandal Resistant Fixed Dome Network CameraWV-NW502S3 Megapixel Vandal Resistant Day/Night Network Camera featuring
Super Dynamic and Megapixel real time transmission by H.264 high profile1046480361950786765558165Megapixel Network Camera featuring H.264 High Profile and Super Dynamic.In 2002 Panasonic first introduced i-Pro Network cameras to the surveillance industry, that have been well accepted in the market. In 2009, with the market proven knowledge and experience, Panasonic proudly introduces new i-Pro, Mega SD Network Cameras, WV-NP502 standard model and WV-NW502S Vandal resistant fixed dome model.. It is equipped with a 2.6 million pixels CCD, Super Dynamic DSP and UniPhier LSI. These compornents made MEGA SD camera an unique and outstanding network camera, enabling Megapixel Super Dynamic, 2048x 1556 high resolution image and 1280x960 H.264 30 ips real time transmission.201485525082576200071120041960803943350Megapixel ImageMegapixel Super Dynamic2.6 million pixels CCD and Uniphier platform delivers 2048 x 1538 outstanding image quality, allowing precise identification. It can provides 10 times more precise image than the conventional VGA CCDs. Alternatively it can capture an area 10 times larger while maintaining the same image quality of conventional VGA camerasMegapixel Super Dynamic delivers 1280 x 960 image with superior dynamic range by fusion of 2.6 million pixels CCD and Super Dynamic DSP. It can reproduce more natural dark gradation and visibility around motion area.1066801987550762000711200H.264 High ProfileProgressive Video OutputProgressive Video Output ensures clear images with less motion blur and no tearing even when the subject is moving.H.264 High profile encoding with Panasonic Uniphier LSI enables 1280 x 960 real time video stream with smaller data size.81915187261538188904592320774700711200Day/Night feature automatically switches the camera from color to B/W depending on the illumination. ABF automatically adjusts back focus, allowing easy installation and accurate focus in both color and B/W mode. With moving IR cut filter and ABF, both high sensitivity and accurate focus are ensured.72326543243539325552978150High SensitivityHigh sensitivity 1.0 lux allows color images even when the lighting is dim. When the situation is too dark, Electronic Sensitivity Enhansment and Day/Night feature further enhances the low light capability, ideal for 24-hour surveillance.752475635000Three different type of streaming modes including JPEG and H.264(2ch) or MPEG4(2ch) can be transmitted simultaneously, enabling both real time monitoring and high quality recording.388175534353502D-DNR for motion area and 3D-DNR for static area are effectively combined, realizing a clear low noise image with less motion blur and resolution deterioration.208280463550762000711200i-Pro cameras can send motion meta data when used with WJ-ND400 so that motions in the specified area in the recorded images can quickly be searched. Sensitivity depends on the VMD setup of the camera.6654803613150When the network experiences a problem, images can automatically be backed up in the SD/SDHC memory card. Images recorded in the SD/SDHC memory during a network failure can be transferred to the recorder automatically or manually when the recorder is in non-recording status.-4013201390015762000711200FTP client function enables periodic live image transfer or recorded image transfer in response to an alarm.37998404232275Various alarm sources and actions are available for flexible alarm control. Alarm sources including 3 terminal inputs, VMD and Panasonic alarm command can trigger actions such as SD/SDHC memory recording, Image quality change (JPEG). FTP image transfer, E-mail notification, Indication on browser, Terminal output, and Panasonic alarm command output.3676651372235774700558800Frame Rate Priority Mode dynamically controls bit rate and image quality depending on the subject to maintain the frame rate.37738055715039852603867150Up to two streams can be prioritized when multiple devices are accessing, allowing to maintain the frame rate of the recording or specific clients.762000711200Full duplex bi-directional audio allows interactive communication between camera site and monitoring site.225615532575502256155733425Up to 16 cameras can be displayed on 4x Quad screens or 16 split screen. Pan/Tilt control is available in the Quad screens.762000533400Internet ConnectivityService TierPrice $High- Download / Upload speed 1mbps=1000kbps 99.95/month 22 mbps / 5 mbpsStatic IPs 1-14.955-19.9513-34.95EquipmentIncluded IP Gateway with Firewall & RouterWeb Hosting Included domain name & 3 page website,10MB storage, site-builder softwareApplicationsIncluded Norton Business Suite (up to 25 PCs/MACs)Included Microsoft Communications ServicesWindows SharePoint1 site per company2 GB total storage Shared documents and files EmailMicrosoft Outlook 2007 with both desktop and web access-Shared and synchronized email, calendar and task lists-2, 4, or 8 email box (depends on package)-2 GB storage Mobile SupportSupport for mobile devices with Microsoft ActiveSync + iPhonePoint-to-point This type of network consists of many connections between individual pairs of machines. To go from the source to the destination, a packet of information on this type of network may have to first visit one or more intermediate machines. Often multiple routes, of different length are possible, so routing algorithms play an important role in point-to-point networks6819900355600066389252286000762000863600Workstations need 45 for safety and replacementHP Compaq 6005 Pro (has hd, ram, windows 7 on it already)Laptops 15 HP Compaq 515 - Athlon X2 QL-66 2.2 GHz Tablets 45 M&A Companion Touch 10 (cheap portable and will cover the needs for the laptop and pda)Servers needed 13 for redundancyHP ProLiant BL2x220c G6 ( has hd more than needed ram )Keyboard/mice needed 100 for replacementLogitech Desktop MK120 (cheap and dose the job needed) Acer V173 DJb LCD Monitor (cheap, good name brand. Will allow them to see the medical pictures the needed) 904875558800Workstations need 45 for safety and replacementHP Compaq 6005 Pro (has hd, ram, windows 7 on it already)Laptops 15 HP Compaq 515 - Athlon X2 QL-66 2.2 GHz Tablets 45 M&A Companion Touch 10 (cheap portable and will cover the needs for the laptop and pda)Servers needed 13 for redundancyHP ProLiant BL2x220c G6 ( has hd more than needed ram )Keyboard/mice needed 100 for replacementLogitech Desktop MK120 (cheap and dose the job needed) Acer V173 DJb LCD Monitor (cheap, good name brand. Will allow them to see the medical pictures the needed) 914400584200Monitors needed 45 for replacementAcer V173 DJb LCD Monitor (cheap, good name brand. Will allow them to see the medical pictures the needed) Docking stations 15HP xb4 Notebook Media Docking StationNetwork phones 100Aastra 9116 Single Line Analog Telephone CharcoalCameras Panasonic i-Pro Network Color Dome CameraNetworking Wireless access points Cisco 521 Wireless Express Access Point (Cisco IOS Software Standalone modeRouters Cisco Small Business Pro SR 520-T1 Secure Router Switches Cisco Catalyst 2960G-24TC 24 port SwitchPrinters / fax HP LJ M2727nf MFP762000609600Week 4 Software Server OSWindows Small Business Server 2008 Standard 20-User Client Access License $1540.00Security Virus – AVG freeSpyware – Spybot Search and Destroy Microsoft office Office-Professional-2010 $514.94ExchangeExchange Server 2010 Standard Edition $699.00SQL server 2SQL-Server-2008-Standard-Edition $5999.00768350635000208597510287002222500166370022891751346200228917514732002082800184150020701001320800Router ConfigurationTo ease the setup, it makes sense to rename the routers something that will uniquely identify them:Enter configuration modeRouter>enableRouter#config tRouter(config)#Rename the router to "Center"Router(config)#hostname CenterCenter(config)#endCenter#copy run start914400711200Securing the WAN network is essential. There are a variety of passwords that can be used to protect the routers from unauthorized access & configuration:Set the enable password to "password1"Router(config)#enable password password1Set the enable secret password to "secret1". This password overrides enable passwordRouter(config)#enable secret secret1Set console password to "console1"Center(config)#line con 0Center(config-line)#loginCenter(config-line)#password console1Set telnet password to "telnet1"Center(config)#line vty 0 4Center(config-line)#loginCenter(config-line)#password telnet1698500711200WAN Router ConfigurationThere are five sites, one router per site. The routers are set up with these addresses:CenterEastSouthWestNorthDTE Serial172.32.5.2/24172.32.6.2/24172.32.7.2/24172.32.8.2/24172.32.9.2/24DCE Serial172.32.6.3/24172.32.7.3/24172.32.8.3/24172.32.9.3/24172.32.5.3/24Configure Center's DTE Serial Interface w/ IP to connect to EastNorth(config)#int s0/0Center(config-if)#ip addr shutCenter(config-if)#exitConfigure Center's DCE Serial Interface w/ IP & clock rate to connect to CenterCenter(config)#int s1/0Center(config-if)#ip addr rate 64000Center(config-if)#no shut762000635000ConclusionAfter careful evaluation of the current system and floor plan, our team of skilled engineers and technical experts implemented the best equipment apposite for the facility.The design has been implemented to provide information and communication services for the new partnership with all necessary security and disaster planning to meet HIPPA requirements. Each solution and change has been documented with detailed configurations and instructions for ease of use. 914400762000