Setup and install a small network and set of servers

Assignment Help Computer Networking
Reference no: EM131073379

Subject - System and network administration

Project Requirements

Overview

You are required to setup and install a small network and set of servers to support a small company which operates a tomato packing plant. The plant operates in a small regional town and has 10 permanent employees and around 25 part-time and casual employees.

The company requires a forward facing (connected to the Internet) Web Server that is located onsite in the main office. The National Broadband Network has just been enabled in the area so a high speed Internet connection is now available.

An existing file server, TommyToe, used by the permanent employees to store various documents, spreadsheets, databases, etc., will need to be integrated into the new network. TommyToe runs Microsoft Windows Server as the operating system and is backed up daily via an attached high speed tape drive with suitable software. All new servers should mount a shared space on TommyToe to save backups to. These will then form part of the backup process already operating on the TommyToe server.

The Network

Summary

A single internal network is to be created using DHCP for all networked device configuration. All servers (including TommyToe) should be allocated a fixed IP address by the DHCP server and have a fixed server name (server names are provided below). All other client hosts should be allocated an IP address from a range of IP addresses.

The internal network should be protected using a single gateway/firewall server.

The Servers

General

To provide simple, robust and secure systems throughout the company the following standards and recommendations have been agreed to and must be adhered to, for all systems:

* all servers will be Ubuntu based (excluding TommyToe)
* lighttpd will be used for all web servers
* MySQL will be used for all new databases where possible
* Samba is used for all internal file sharing requirements
* all new systems must be hardened and scanned for security issues prior to being made available for use
* an intrusion detection and prevention systems (IDPS) must be running at all times
* appropriate password aging must be implemented on all servers

DHCP Server [Cherry]

A small, secure, dedicated server should be created that provides automatic server and client network configuration using DHCP. Only support staff will have access to this server. DHCP configuration must be backed up regularly and a simple recovery procedure must be developed in the event of server failure.

It is suggested that one of the other servers be setup as a manual failover DHCP server with changeover details listed in the recovery procedure.

All servers should have permanent IP addresses assigned to them from the DHCP server, based on MAC addresses. The internal network IP address range to be used is 192.168.33.0/24.

Web Server [BigBeef]

The Web Server offers an overview of the organisation and provides potential casual staff with all necessary details to apply for a position within the company.

The Web content is handled by an external web developer. The only requirements are that lighttpd and php5 be available on the server and that the server be very secure. Only support staff and the web developer should have access to the Web Server itself.

File Server [TommyToe]

The existing Microsoft Windows Server with MAC address: 08-00-27-00-CC-77.

Client machines vary on the internal network - they are a mix of Windows, Mac OS and Linux, however all will access the File Server using Samba shares. All client machines will receive network configuration from the DHCP server.

All of the organisations servers and data should be backed up to the central File Server over the network. All backup procedures must be scripted, well documented and limited to a backup group of staff members. The File Server will hold the most recent backups of all systems, data and files, on disk, to allow for fast retrieval/restore of data, files and systems. All long term backups will be removed from the server once they have been written to tape by third party backup software and stored offsite.

Server backup scripts must generate a text file list of all files that were backed up, including timestamp and ownership details, which should be stored with the backup file (use the same name but with a different extension).

Third party backup software is installed on the File Server that automates the process of writing backups to a tape backup system (assume it just works). It simply requires that all backups be named appropriately and placed into a single directory, \\TommyToe\backup, on the server. Retrieval of long term backup file sets is simply a matter of typing the backup file set name into the third party software and it will prompt for the required tape to be inserted and restore the file set to the \\TommyToe\restore directory on the File Server.

Gateway/Firewall [Roma]

A hardened Gateway/Firewall should be placed between the internal network and the Internet. At this time there are no restrictions on staff access to external networks. External access should be limited to the organisations Web Server and support staff SSH access to maintain systems.

IDPS [BlackRussian]

A suitable server for detecting, reporting and preventing all suspicious activity on the network, should be installed and configured.

Email

The organisation finds it much easier to use Gmail for all of its Email requirements. So no internal Email server is required. However, all server 'alerts' should be sent to a generic support email address (use your own for this).

The document must include the following:

a) Installation and configuration details of all servers.

b) Backup and recovery procedures to allow staff to perform backup and recovery of all servers.

c) Failover procedures in the event of failure of the DHCP server.

d) Details of the network configuration. This should include a table of servers with MAC addresses, allocated IP addresses, client IP address ranges and a well labelled diagram of the entire network.

e) Details of general procedures and actions required to be taken in the event of an attempted attack/security breach.

f) Details of general procedures and actions to be taken in the event of a significant security breach occurring e.g. unauthorised access to the Web Server.

g) Details of how support staff gain access to internal systems from outside of the network.

h) Details on how all servers have been hardened against security attacks.

i) Details of system/security alerts - what/where alerts are generated and where they are sent.

j) Details of the password aging implementation.

Tips:

i. Keep notes on each server as you progress. You can use these to provide the required details listed above.

ii. Backup notes and configuration files regularly - loss of these due to hardware or software failure will not be accepted as a reason for problems with submitting the project.

iii. Do not repeat yourself e.g. if you list details for a base server installation, which is used by most/all servers, only do that once. Do not include details about VirtualBox installation or configuration - we are only interested in the servers and network details.

2. Submit the following configuration files and scripts:

a) All backup scripts which must be well documented and clearly referred to in the TommatoPlant.docx document. Sample backup script output for each server named as $SN.BackupOutput.txt, where $SN is the server name. Include a backup.readme.txt file that summarises the files you have submitted.

b) iptables rules used on the gateway/firewall - submit as a well-documented script. Ensure it is named appropriately.

c) /etc/passwd, /etc/group and /etc/sudoers (or sudoers.d) files for all servers. Name them as follows, substituting the server name for $SN:
$SN.passwd e.g. Roma.passwd
$SN.group e.g. BigBeef.group
$SN.sudoers e.g. Cherry.sudoers or Cherry.sudoers.d.xxx

3. Summarise results of security scans performed on each server. Submit as a single Word document named SecurityScans.docx.

4. The hard disk on the Web Server has failed. Rebuild the entire server using your recovery procedures in 1 (b). Provide full details of the process including details of where your recovery procedures failed or can be improved.

You must provide 'proof' that you have rebuilt your Web Server with screen shots of the recovery process where appropriate. Include relevant sections of the /var/log/auth.log file showing the relevant commands being performed using sudo. These must be full entries including date/time stamps etc.

5. The idea to move the main web server offsite has been raised - moving it into the 'cloud'. Write an overview of the requirements to do this. List three providers including: Amazon ec2 (Amazon Elastic Compute Cloud), linode (Linode Cloud) and one of your choosing. Highlight associated costs/savings/pros/cons for doing this.

Reference no: EM131073379

Questions Cloud

Degree of operating leverage-percent will profit increase : You have computed your healthcare facility's degree of operating leverage (DOL) at a projected volume of 10000 patient visits and found this value to be 8.49. Using this information, if volume increases by 12 percent, by what percent will profit incr..
Consider the four components making up the system : In this assignment, you will consider the four components making up the system of one of the six focus organizations (Netflix, Ford Motor Company, Oracle Corporation, Groupon, Dyson, and QuikTrip) referred to in your text.
What is an example of a recent creative sourcing strategy : What is an example of a recent creative sourcing strategy used by a company and how successful was it? Share other sourcing strategies you personally think are creative.
What is the decision making process normally used by you : How would the decision-making process help resolve this conflict? Consider the special challenge of working to make a company decision with family involvement.
Setup and install a small network and set of servers : COIT13146 - System and Network Administration - You are required to setup and install a small network and set of servers to support a small company which operates a tomato packing plant. The plant operates in a small regional town and has 10 perman..
Element of managing an on-site event production : 1. Select and explain one element of managing an on-site event production. How does it enhance or diminish the event or function? 2. Conduct an Internet search to find an example of an event on-site production contract and highlight the various i..
Financial projections-after-tax profit : You are considering starting a walk-in clinic. Your financial projections for the first year of operations are as follows: Revenue (10000 visits) $409699 Wages and benefit $226160 Rent $5349 Depreciation $25568 Utilities $2442 Medical supplies $48524..
Exceptional knowledge of the engineering : Zack has been with your company for 20 years. He has an exceptional knowledge of the engineering aspects of a large project that the company is implementing.
What number of visits is required to break even : You are considering starting a walk-in clinic. Your financial projections for the first year of operations are as follows: Revenue (10000 visits) $416541 Wages and benefit $205597 Rent $4129 Depreciation $28555 Utilities $2495 Medical supplies $45344..

Reviews

Write a Review

Computer Networking Questions & Answers

  Networking and types of networking

This assignment explains the networking features, different kinds of networks and also how they are arranged.

  National and Global economic environment and ICICI Bank

While working in an economy, it has a separate identity but cannot operate insolently.

  Ssh or openssh server services

Write about SSH or OpenSSH server services discussion questions

  Network simulation

Network simulation on Hierarchical Network Rerouting against wormhole attacks

  Small internet works

Prepare a network simulation

  Solidify the concepts of client/server computing

One-way to solidify the concepts of client/server computing and interprocess communication is to develop the requirements for a computer game which plays "Rock, Paper, Scissors" using these techniques.

  Identify the various costs associated with the deployment

Identify the various costs associated with the deployment, operation and maintenance of a mobile-access system. Identify the benefits to the various categories of user, arising from the addition of a mobile-access facility.

  Describe how the modern view of customer service

Describe how the greater reach of telecommunication networks today affects the security of resources which an organisation provides for its employees and customers.

  Technology in improving the relationship building process

Discuss the role of Technology in improving the relationship building process Do you think that the setting of a PR department may be helpful for the ISP provider? Why?

  Remote access networks and vpns

safekeeping posture of enterprise (venture) wired and wireless LANs (WLANs), steps listed in OWASP, Securing User Services, IPV4 ip address, IPV6 address format, V4 address, VPN, Deploying Voice over IP, Remote Management of Applications and Ser..

  Dns

problems of IPV, DNS server software, TCP SYN attack, Ping of Death, Land attack, Teardrop attack, Smurf attack, Fraggle attack

  Outline the difference between an intranet and an extranet

Outline the difference between an intranet and an extranet A programmer is trying to produce an applet with the display shown in Figure 1 below such that whenever one of the checkboxes is selected the label changes to indicate correctly what has..

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd