User Account

All Pages

Details of a password policy and its implementation

Assignment Help Other Subject
Reference no: EM132923142 , Length: word count:1000

COIT13146 System and Network Admin Project

Teamwork requirement

You must do this project in a team, where you will accrue all the advantages that come from mind sharing, cooperating and collaborating with team members. The teamwork is accountable - there are compulsory team meetings to attend, and a personal reflection diary to submit - these are all assessed.

You are required to download and read the detailed requirements in the Team Rules Document.

Here is a summary of the main conditions:

All students must be a member of a Team.

Team members can be from any campus including Distance (online) students.

All students will be assigned to a team by the unit coordinator, but you can self-assign/form a team yourself if you wish, up to 2 or 3 members max. If you form your own team you MUST inform the unit coordinator of this and the member names/ID's.

Otherwise the assigned team is the one you will be in. Additional members may be assigned to your team by the unit coordinator.

Your team is committed for the whole project, no changes allowed, e.g. cannot swap members, drop in or out.
Teams need to nominate one to be team leader.
Three compulsory team meetings, recorded in Minutes
- use the Minutes template provided.

All members of the team will individually submit their personal reflection to their own moodle account.

All team members must submit the project, minutes and reflection for assessment, but only one submission per team will be marked (since they should all be the same except the Reflections). Reflections will be marked separately for each individual.

Full assessment requirements are in the Team Rules doc., including details of the required team meetings and reflection.

You will be held fully accountable for having read the Team Rules

The Team Rules Document, Meeting minutes template, and the Reflection template is posted in Unit Information section. Meeting minutes and Reflections are required items for the project.

Overview of the Project

The final project tests your ability to put together the skills learned in previous weeks and present it as an application of your knowledge and skills to a small business network. So as you read through the requirements, consciously relate it to relevant work you've already completed.

The small business network represents the capstone of this course - it is what all the previous assignments have led to, and is the reason that it takes the bulk of the assessment weighting. Some additional research and reading may still be required.

Scenario
You are the sysadmin for a software development startup company, called cqunix, that is moving into a new building. The company has 10 full-time employees, as well as up to another 10 that either work part-time or perform short-term contract work at the company. Each full-time employee will have a dedicated workstation; most also have a laptop. The part-time/contract staff have their own or company-supplied laptops. There will also be several spare workstations. The company develops Unix and Linux software, and they are an (Ubuntu) Linux exclusive company for all their computers.

Workstations, Laptops and Servers
The company has grown quite quickly. Initially when there was just a few friends, they used all online services (e.g. Google Docs, GitHub, DropBox). But now as they move into the new building, they have decided to use their own infrastructure. Most of the employees work in a distributed mode, working on their own computers and sharing resources direct with colleagues, however there are several centralised services required. Specifically, they have identified the need for the following. Included are the selected names.

1. Apache-based web server, called adelaide, to host a simple company website. The website is developed using HTML, CSS, Javascript and PHP by one full- time employee, with assistance by one contractor.

2. Secure shell server, called sydney, to allow employees and contractors to login and compile code. All people involved in the company should have accounts, and be able to access the SSH server from both internal network and from external (public) networks.

3. Git server, called gladstone, to store all code and documents. Everyone is experienced in using git on the command line on their own computers (they don't use the web interface), however in the past they used GitHub as the server. Now they will use this internal server, instead of GitHub. The access requirements are the same as for the SSH server.

4. Backup server, called bundaberg, to store a backup of the web, SSH and Git servers. The backup requirements are described in detail below.

5. DHCP server, called darwin, to provide dynamic IP addresses to workstations and laptops, and fixed IP addresses to other servers (based on MAC addresses). Only necessary full-time staff have access.

6. "Gateway" server called rocky, configured as a router - see under Network

Each of the above will run on separate hardware within the internal network. That is, there are five computers, one for each of the above server applications.

Network
The company has an NBN business connection coming into the building. A single internal network is needed, using DHCP to configure all networked devices. The internal network is to be connected to the Internet via a single router, called rocky. This router is the gateway, performing NAT and acting as a firewall.

Backup
The current plan is to have automated back ups of important content and configurations of adelaide, sydney and gladstone to the backup server, bundaberg. The back up must be implemented as a set of scripts, and each backup of a server must generate a text file listing all files that were backed up, with details including timestamp and ownership details. This output text file should be stored within or with the back up file.

Additional backup of bundaberg to external storage (e.g. tape drive, external disk) is planned, but not needed in this initial project setup.

Security
The firewall, using iptables, must implement appropriate network access control.

All accounts with passwords must be configured in a secure manner, including with password ageing.

Servers should be hardened.

The SSH server should implement an auditing mechanism, that at minimum provides a regular summary of unsuccessful login attempts in a user friendly format. Optionally, unsuccessful attempts may trigger blocking or banning of IP addresses or accounts.

HTTPS and certificates must be supported on the web server.

The major section headings below (A, B, C, D) are mapped to the project marksheet for easier reference.

A. Task Description
In this project you need to consider the above scenario and:

1. Design the internal network (including router) for the entire company.
2. Implement the server portion of the network (i.e. adelaide, sydney, gladstone, bundaberg, darwin and rocky) within a virtual network.
3. Test the network, demonstrating that the implementation meets the key requirements.
4. Document the design, implementation and testing, submitting a report named cqunix-sysadmin-
<student ID>.docx. Put your actual student ID in place of <student ID>.

The following provides details of what must be included (and what not to cover) in the project.

What to implement?
You need to implement the server portion of the network in a virtual network, e.g. as multiple Ubuntu Linux machines within VirtualBox. You do NOT need to implement the workstations or laptops, although you must configure the servers assuming the workstations and laptops exist. You do NOT need to implement external hosts. For testing purposes, you may implement one or more workstations, laptops and external hosts, however these will not be considered when marking.

B. How to demonstrate testing?
You need to test all aspects of your implementation. For example, test that the network has connectivity, the DHCP server assigns addresses correctly, the firewall implements the security policy, and so on. You should also test your instructions, e.g. perform a complete recovery using the instructions you have written. To demonstrate that you have performed testing you must include the following in your submission:

1. Screenshot of a web browser (GUI or command line) on any appropriate machine accessing the web server, saved as screenshot-webserver.png. In the web page, make sure your name is clearly viewable in the screenshot (that is, put your name into the HTML file that you access).

2. Screenshots that demonstrate that you have rebuilt adelaide based on your recovery instructions (see Backup and Recovery Design below). Name the screenshots as screenshot-recovery-01.png, screenshot-recovery-02.png, and so on.
C. What design details to include?

The design is divided into three parts, and must include:

Network and Server Design

1. Labelled diagram of the entire network, showing all network members. You should include workstations and laptops, however you do not need to be exact in the number that you show. For example, you may illustrate several laptops with specific names and addresses, and then add a note that explains how other laptops will be named/addressed.

2. Table of servers, with MAC addresses, allocated IP addresses, client IP address ranges.

3. Installation and configuration details of all the servers.

4. Justification of the network design and any assumptions made. This should explain why you have made certain design decisions and what assumptions you have made about the company, computers, applications, and network in order to complete the design.

Backup and Recovery Design

1. Overview of your approach to performing backup (referring to the backup scripts). Explain why you designed the backup in the way you did, for example, explain your recommended frequencies of backup.

2. Instructions for a staff member to perform a recovery of the web server adelaide. The instructions must be detailed enough such that an inexperienced sysadmin can perform the recovery (e.g. in the case that you are not available).

Security Design

1. Details of a password policy and its implementation. The policy should be appropriate to the organisation, and detail exactly how it is implemented in the system.

2. Instructions for staff to gain access to the relevant systems. There may be different sets of instructions depending on the system and staff role (e.g. instructions for web developer to access web server, instructions for all staff to access SSH server).

3. Instructions for staff to manage the digital certificates (e.g. when to renew, how).

Attachment:- System and Network Admin Project.rar

Reference no: EM132923142

Questions Cloud

How managers can improve intergroup relations-performance : Discuss how managers can improve intergroup relations and performance.
What is considered a fever in child : Write out a script parental education that would tell a parent with a child with fever. What non-medication intervention can be done to decrease fever?
Demonstrate on the order of events : 1. Demonstrate on the order of events while squeezing cooling rate in the die casting process.
Technology compliance issues associated with federal laws : Prepare an analysis in which you examine technology compliance issues associated with federal laws by analyzing the past role
Details of a password policy and its implementation : Details of a password policy and its implementation. The policy should be appropriate to the organisation, and detail exactly how it is implemented
Discuss effect these trends have on managed care : Explain how these trends will continue to influence managed care in the future. Discuss the effect these trends have on managed care.
Create table of desired outcomes and goals. : Create a table of desired outcomes and goals. Describe the value of a mission statement and outcomes.
What is the best way to keep up : What is the best way to keep up with research sources and citations?
Foreign exchange risk management : Research about the following company and answer the questions. what is their approach to foreign exchange risk management?

Reviews

Write a Review

Other Subject Questions & Answers

  Explain the argument expressed by sir thomas more

Explain the argument expressed by Sir Thomas More in his book Based on your reading of the excerpt from Utopia in our Barnet book, is Moore describing

  Discuss a patient is prescribed albuterol 2 puffs

A patient is prescribed albuterol, 2 puffs every 4 hours as needed for wheezing. The dosage of the albulterol is 90 mcg/spray

  Pick a contemporary story in the form of a novel

Pick a contemporary story in the form of a novel, movie, or video game that is inspired by a mythological epic or journey of a hero's quest.

  Feel daycare is harmful or beneficial

Do you feel daycare is harmful or beneficial? Be specific in your responses.

  Identify the problems that appear to exist in ferguson

As they were walking, Tom Emory spoke: "Boy, I hate those meetings! I never know whether my department's accounting reports will show good or bad performance. I'm beginning to expect the worst. If the accountants say I saved the company a dollar, ..

  I want someone to write political science reserch paper for

i want someone to write political science reserch paper for me that should be 6 to 8 pgs double spaced. it has to have

  How the federal government is prepared to assist

The private sector's roles in supporting homeland security initiatives. How the federal government is prepared to assist the selected critical infrastructure?

  Do you think blockchain is disrupting supply chain industry

Do you think blockchain is disrupting the supply chain industry? Yes or No please provide your insights. Do you think the transactions come in order in which.

  Why four gospels

The title for the first paper is "Why four Gospels?"

  Are your managers culturally competent

As always, there are no right or wrong answers. Let's hear your thoughts or if you prefer you can answer the questions at the end of the case study.

  What responsibilities do MNEs have

A "race-to-the-bottom" process may set in as MNEs search for ever-lower-cost locations. Discuss the trade-offs between the positive effects of raising.

  Discuss laryngectomy along with a radical neck dissection

If multiple arthroscopy procedures are performed on a patient, which modifier should be appended to the CPT code

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd