The team created a virtual test environment for Keihin Carolina System Technology replicating their physical network. This allowed KCST to test software/hardware changes isolated from their live network. The team designed and implemented virtual servers including domain controllers, Exchange, file, and print servers. They overcame obstacles like limited resources and VPN compatibility issues. The virtual environment provided KCST benefits like testing updates securely while reducing overhead on their live network.
1. C H A I S E C U R L E Y , D E V A R E O G E O R G E , K E I T H W O O D ,
W I L L I A M B R O W N I N G
PROJECT VIRTUALIZE
TEAM: NETWORKING IN PROGRESS
2. PROJECT DESCRIPTION
• Scope
• Project Virtualize, realized in September 2012, oversaw the development and
implementation of a vSphere virtual test environment for Keihin Carolina System
Technology, Tarboro NC. This test environment replicated a baseline setup of the
physical KCST network and provided an isolated testing area to experiment with
software/hardware updates, changes, and potential failures. Project Virtualize
came to fruition in April 2013.
• Ultimate Focus
• Increase network security and stability with the availability of a virtual test network.
3. ASSUMPTIONS
• Hardware/Software
• Computers, vSphere server, and access related software will be readily available
• Learning Curve
• With proper preparation, group members will be capable of utilizing vSphere
• Outside training will be provided if necessary (ECU TECS)
• Access Policy
• All work completed will be done remotely via VPN
4. DELIVERABLES
• Virtual replication of KCST’s network
• 2 Microsoft Domain Controllers
• Microsoft Exchange Server
• Linux File Server
• Utility Server
• Print Server
• Multiple client stations
5. PROCEDURE
• vSphere server hosted on-site at KCST
• Security policies in place to prevent traffic from escaping server
• Team members are assigned their own machines
• Work is done remotely via secure VPN connection
• Software utilized:
• VMware ESXi Server
• vSphere Client
• Cisco VPN Client
6. PHASE 1: RESEARCH
• Beginning of Fall 2012 semester
• Team NIP is formed and a project objective is obtained from KCST
7. PHASE 2: TEAM PREPARATION
• With Limited Virtualization
knowledge to begin with this
was our most important
stage.
• Primary focus on training
• Additional milestones:
• VPN tunnel creation
• vSphere server setup
• User account authorization
8. PHASE 3: DESIGN
• Prior to accessing vSphere, all virtual servers are designed
• Software installations and adjustments are planned out
9. PHASE 4: DEVELOP
• After designing every aspect of the servers on paper, it was time to
take it to the actual virtual environment.
10. PHASE 5 AND 6: IMPLEMENT AND SIGN OFF
• For stage 5 we enabled outside access to the server and monitored
status. Stage 6 was approval from our sponsor and a final once over of
our environment.
11. NETWORK LAYOUT
• The addressing scheme of
our network is using a class
C subnet and is subnetted
to allow further expansion
of the virtual environment.
12. EXCHANGE SERVER
The Exchange server
is using Exchange
2010 and is setup to
use a local database.
Every server and host
has Microsoft outlook
installed and is
configured to pull all
user data directly
from AD.
13. AD SERVERS
• There are two domain
controllers that make up
the AD server. The primary
active directory and
second AD server will serve
as backup server. The two
servers were configured
with Windows Server 2008 as
the OS.
14. FILE SERVER
• Linux based file sever utilizing Samba
• Secure storage for each team member
• Public storage accessible to everybody
• Weekly file archiving and backup
16. PRINT SERVER
• The print server has three printers shared throughout the network and
can be accessed by any of our seven hosts or 6 servers and has
secureprint enabled
17. OVERCOMING OBSTACLES
• Restricted access
• VMs are not allowed to communicate outside of the virtual network – No internet
• Solutions:
• Temporary administrative internet access
• Use of remote virtual USB
• Hardware limitations
• vSphere server working on limited resources
• RAM upgrade backordered indefinitely
• Solutions:
• Trimming of VM resources
• Hard drive upgrade
• Lightweight Linux installation
18. OVERCOMING OBSTACLES CONTD.
• Software Compatibility
• VPN software did not work with newer Windows 8 systems
• Solution: Configuration of a second VPN client
Project Virtualize Incident Report Sheet
Date Reported Incident Description Response Owner Impact (1-5) Resolved?
1/13/2013Low server Storage HDD space on the ESXi server is limited Scheduled expansion of hard drive(s) Chaise 4Yes
1/14/2013Setup files in Dropbox lost
Files were accidentally removed from
Dropbox
Upload backup Keith 4Yes
1/17/2013Windows 8 VPN compatibility VPN vlient doesn't work on Windows 8 Use different client Chaise 2Yes
1/17/2013VM's have no internet access Due to KCST security policies Upload files via USB controller Group 3Yes
19. KCST BENEFITS
• Allow KCST to test software and hardware updates.
• Testing takes place in a secure remote environment.
• Reduced KCST network overhead.
• Left room for KCST to make expansions throughout the virtual Network.
20. C H A I S E C U R L E Y , D E V A R E O G E O R G E , K E I T H W O O D , W I L L I A M
B R O W N I N G
PROJECT VIRTUALIZE