Post on 13-Apr-2017
NETWORK DESIGN AND IMPLEMENTATION PLAN
For
TALON TEXTILE FASTENERS
SKILLIAGE I.T
Skilliage IT
Table of ContentsProject Summary..............................................................................................................................................
Network Design ...............................................................................................................................................
Directory Structure .........................................................................................................................................
Sites 5 Organizational Units 5 Groups 6
Server 6
Server considerations ……………………………………………………………………………………6
Number and Locations of server 7Roles of server 7Approval sign off document 8
Server Build Task.............................................................................................................................................
Server Test Plan................................................................................................................................................
Server Maintenance Plan.................................................................................................................................
Routers 10 Plan for implementation................................................................................................................................ Cable types required...................................................................................................................................... Protocols used................................................................................................................................................ Traffic monitoring process............................................................................................................................
Security policy and plan................................................................................................................................. Perimiter Design........................................................................................................................................... Remote access............................................................................................................................................... Site to site links............................................................................................................................................. Defence in depth 13 Security Auditing 1 Risk Analysis 14
User Documentation 15
Ongoing maintenance 17
Skilliage IT
Project Summary
Talon Textile Fasteners (TTF) is a growing company looking to improve their stance in the
competitive business world. Their needs envelope the following aspects:
a) System upgrade
b) Efficiency
c) Cost viability
d) Security
e) Improved sales
Network design
Network design stipulation are guided as per the expectations of various parties as expressed by
the stakeholders.
The aspects of address are:
1. Access time to data
2. Database management and maintenance
3. Inter office communication
4. E-commerce and e-payment
5. Network security
6. Equipment needed
Skilliage IT
As the diagram below illustrates a possible network that is viable for adoption it focusses on:
Centralized server system incorporating database, webserver and email domain.
Security through VLAN network and use of a demilitarized zone for the server to reduce
contact.
Use of current systems and topologies
Skilliage IT
Skilliage IT
Directory Structure
Sites
The (TALON TEXTILE FASTENERS) organization has 4 offices and remote agents that is:
Head office
Mt Burr
Pts. Pirie
Adelaide
The expectation requirements stipulated are to make them network with the intention of:
Data sharing and ease of access
In time communications
Ease cost of operation
Secure all aspects of operations
Organizational Units
These are the points of interactions with network thus each of the parties started below
will be considered on how the network will get implemented and allows the network to
be more manageable.
1. Network administration department
2. Manufacturing department(operations)
3. Sales department
4. Financial department.
5. Management
Skilliage IT
Groups
This acts as a representation of how each organization units are layered to ensure non conflict
between the units. Thus each group has its own deliverable thus eases on managerial tasks.
1. Management- chief information officer CIO, chief financial officer CFO and the
chief executive officer CEO
2. Sales department – data entry officers to fill in the orders and the sales staff.
3. Network administration department- we have the network administrator whose
sole purpose is security and network continuity
4. Operation- manufacturing supervisor and the manager operations at Mt Burr.
Servers
Servers is capable of running software that can be able to accept user requests. The organization
is expecting to achieve the following from the server service:
Website hosting
E-commerce and e-payment service
Database housing
Skilliage IT
SERVER CONSIDERATIONS
In the installation of the server the following two major aspects will help guide what type of
servers to install. The following will be considered:
User friendliness- covers the ability of ease of first time interaction with the server.
Stability-Linux versus windows Linux is considered more stable unlike its counterpart
windows.
Centralized or distributed system-in this there are many consideration to be considered:
1. Cost.
2. Security of data.
3. Data manipulation.
Server operating system to run-the most common run server operating system are the
Linux flavors or windows.
Proposed operation system and database operating system windows server 2008 R2
enterprise and database Microsoft SQL server 2008 SP1
Server types for considerations comparison basis. (Attias, 2013)
SERVER TYPE DELL POWEREDGE R710 HP PROLIANT DL380 G6
PROCESSORS Dual Intel Xeon E5540
2.53GHz
Dual Intel Xeon E5540
2.53GHz
MEMORY Six 8Gbs PC3-8500r ddr3 Six 8Gbs PC3-8500r ddr3
HARDDISK 2*73Gb ,15krpm,SAS 2*73Gb ,15krpm,SAS
POWER SUPPLY 2 Dell A570P-00,570W 2Hp HSTNS-PL14,460W
DISK CONTROLLER Dell PERC 6/i integrated Hp 410i integrated RAID
Skilliage IT
RAID Controller 256Mb
cache and BBWC
Controller 256Mb cache and
BBWC
OPERATING SYSTEM Windows server 2008
enterprise
Windows server 2008
enterprise
DATABASE Microsoft SQL server 2008 Microsoft SQL server 2008
Number and locations of servers
The preferred location for the server would be at the head office and one server would be
efficient.
Roles of server
The server running aspects will encompass:
Web hosting
Request handling
Data processing
mail exchange service
i. Approval sign off
Skilliage IT
HP Proliant dl380 g6
Department: network administration department
Product: hp proliant dl380 g6
Document Owner:
Project: Server Acquisition
Version Date Author Description
Server Proposal
Server Acquisition Approvals
Prepared by:
Project Manager
Approved by:
CFO
CIO
Skilliage IT
Server Build task list
The following as procedural plan on how to well install as and relating aspect relating to the
running of the server.
1. Secure a proper room space to be allocated to server.
2. Connected the server to an uninterrupted power supply (UPS) unit
3. Install the Windows server 2008 enterprise operating system.
4. Install hyper virtualization software.
5. Create virtual machines from the hyper virtualization software.
6. Install the distributed file system that is the Microsoft SQL server 2008 SP1.
7. Install web server.
8. Install the email server.
Server Test plan
After installing the technician should perform the following to ensure that all aspects are running
in the server.
Email service-this will entail both internal email service and outbound email.
Domain control services- this will test the DNS capabilities and DHCP.
Distributed file systems (database)-will test data entry and permissions assigned to
various users.
Web services- test the availability of the e-commerce webpage to the general public.
Skilliage IT
Server Maintenance Plan
Physical maintenance Software maintenance
Cable functionality Disk usage
Heat and air flow to server Window updates
Server casing inspection Updates web server applications
User account check up
Security systems check
Skilliage IT
ROUTERS
Aspects to look for in a router:
Security aspects- access list
VLAN capacity capability
Compatibility with most devices
The router count is four one for each of the sites.
Preferred router for such an enterprise is the Cisco SR 500 Series Secure Router
Cisco 500 router capabilities are:
VPN access: Provide secure connectivity for remote workers
Built-in threat defense, including:
– Stateful packet inspection (SPI) firewall
– Intrusion prevention system (IPS)
4-port 10/100 managed switch with VLAN support
Skilliage IT
Simple deployment, management, and troubleshooting with Cisco Configuration
Assistant.(Cisco, 2015).
Plan for implementation
The cisco 500 router is a plug and play device. Technician has to configure the following for the
security aspects;
a) Access lists
b) VLAN
c) Router passkeys
Cable types required
Red cables will serve connection between routers and switches.
Blue cables will serve connection between switches and servers.
White grey cables are for basic network scheme.
Protocols Used
Internet Protocol Version 4 (IPv4): provides identification for each device.
The Border Gateway Protocol (BGP): Is a protocol that routes traffic between networks.
Enhanced Interior Gateway Routing Protocol (EIGRP): Guarantees loop-free operation and
provides fast router convergence.
Skilliage IT
Internet Group Management Protocol (IGMP) is a communications protocol used by hosts and
routers on IP networks to establish multicast group memberships.(Fcit.usf.edu, 2015)
Traffic Monitoring Process (Wireshark)
Installed on the network administrator computer Wireshark provides for in-depth inspection of
hundreds of protocols and runs on multiple platforms.it captures packets and displays them on
human readable form. To enable a secure network the enterprise technician has to establish a
baseline of what is considered acceptable network behaviour thus any other is considered as an
anomaly.(Howtogeek.com, 2015)
Skilliage IT
Security Policy and Plan
Measures undertaken to ensure optimum security within the network. As a security survey
would suggest most company’s major security is established to establish the following
confidentiality, integrity and availability.
Perimeter Design
This can be implemented through physical security and also wireless.
a) Wireless-strong WI-FI passwords.
b) Physical –VLAN and a demilitarized zone.
Remote Access
This is achievable by use of the cisco secure remote access software. The software is to be
installed on the network administrator computer thus giving him/her a single point of control to
assign access based on the user and device being used. (Cisco, 2015)
.
The benefits accrued:
Surety of a threat free VPN service
Its costs effective
Can support multiple virtual private networks at once
Site to site links
Skilliage IT
A suggestive measure of sharing a common backbone ip address for the whole network and
connect all the sites in a virtual local area network method.
Thus the network administrator will create VLANs for the following sites:
Head office
Demilitarized zone
Mt Burr
Pts. Pirie
Adelaide
Defense in Depth
Overall defense is dependent on a number of factors:
a) Human conduct- training to reduce human error as a security threat.
b) Company’s policies- the company should also formulate a documentation of how
equipment is to be handled thus giving different levels of access to the various levels of
information.
c) Protocols –these protocols aid in securing the network, websites, databases, emails
servers some ensure encryption of such data to ensure reduced exposure.
d) Hardware and software updates- help mitigate outdated systems
Skilliage IT
Security Auditing
A security audit is measure of organizations networks security performance and allows an
investigations to be carried out to point out trends and identified security incidents.
The security audits encompasses:
a) Static data-protocols used, password rules, system definitions and firewall definitions.
b) Activities that have just taken place such as database access user loggings and file
transfers.
The following are some of the software that can perform security audits:
a) Enforcive's Cross Platform Audit (CPA)
b) Nipper Studio
c) Nessus Vulnerability Scanner
d) Nsauditor Network Security Auditor
Risk Analysis
Risk analysis is a procedural method mitigating security attacks where the network administrator
identifies such vulnerabilities by subjecting the system into possible attacks (Mullins, 2007). One
can follow the below four step procedure:
1) Fingerprinting the network.
2) Profiling the devices.
3) Penetration testing.
4) Result analysis.
Skilliage IT
User Documentation
VPN access (Shea, 2015)
1. Select ‘Set up a new connection or network’
2. Select ‘Connect to a workplace’ then next
Skilliage IT
3. Use my Internet connection
4. Enter the following details then select next
5. Enter you TFF user credentials then create, for example;
Skilliage IT
5. Open the network and sharing center and select change adapter settings
6. Right click on the VPN connection and click on the connect button.
Skilliage IT
To create a report SQL Server 2008
1. Click Start, point to All Programs, point to Microsoft SQL Server 2008, and then
click SQL Server Data Tools. If this is the first time you have opened SQL Server Data
Tools, click Business Intelligence Settings for the default environment settings.
2. On the File menu, point to New, and then click Project.
3. In the Installed Templates list, click Business Intelligence.
4. Click Report Server Project.
5. In Name, type Tutorial.
6. Click OK to create the project. The Tutorial project is displayed in Solution Explorer
Ongoing maintenance support
The following are the recurring maintenance activities for a more efficient system:
a) Daily antivirus updates
b) Cold swap disks backup copies
c) Diagnostics server tests every two weeks
d) Support help from hp group of companies concerning the server.
e) Employee training.
Skilliage IT
References
Available at: http://www.techrepublic.com/blog/it-security/take-this-four-phase-approach-to-a-
network-risk-assessment-92188/ [Accessed 9 Aug. 2015].
Cisco, (2015). Cisco ASA 5505 Adaptive Security Appliance for Small Office or Branch
Locations Data Sheet. [online] Available at:
http://www.cisco.com/c/en/us/products/collateral/security/asa-5500-series-next-generation-
firewalls/datasheet-c78-733510.html [Accessed 9 Aug. 2015].
Cisco, (2015). Cisco ASA 5505 Adaptive Security Appliance for Small Office or Branch
Locations Data Sheet. [online] Available at:
http://www.cisco.com/c/en/us/products/collateral/security/asa-5500-series-next-generation-
firewalls/datasheet-c78-733510.html [Accessed 9 Aug. 2015].
Howtogeek.com, (2015). How to Use Wireshark to Capture, Filter and Inspect Packets. [online]
Available at: http://www.howtogeek.com/104278/how-to-use-wireshark-to-capture-filter-and-
inspect-packets/ [Accessed 9 Aug. 2015].
Skilliage IT
Fcit.usf.edu, (2015). Chapter 2: Protocol. [online] Available at:
http://fcit.usf.edu/network/chap2/chap2.htm [Accessed 9 Aug. 2015].
Shea, M. (2015). How to Set Up VPN in Windows 7. [online] PCWorld. Available at:
http://www.pcworld.com/article/210562/how_set_up_vpn_in_windows_7.html [Accessed 9
Aug. 2015].
Attias, (2013). HP versus Dell - A Server Comparison. [online] Slideshare.net. Available at:
http://www.slideshare.net/AlbieAttias/hp-versus-dell?from_action=save [Accessed 9 Aug. 2015].
Skilliage IT