Issuu on Google+

New World Training Associates (Glasgow) Proposals, Development and Evaluation ALAN DAVIE - JUNE 2010 – v1.1

JUNE 2010

This document contains the planning, development and implementation solutions for the New World Training Associates project, which were concluded after various meetings with the client to ascertain their requirements and specifications for the centre.

DISCLAIMER This report is the culmination of the author‟s knowledge gained from the HND Computing: Technical Support course at Central College of Commerce and documented research carried out in relation to the project.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

1|Page


Stage 1: The Planning Stage 1. Aims of the Project 1.1 Establishing Requirements Proposed Profile of NWTA Glasgow 1.2 Analysis of Project Requirements 1.2.1 User Requirements 1.2.2 Constraints to be identified Financial Constraints Time Constraints Personnel and Technical Support 1.2.4 Hardware Requirements 1.2.5 Network Hardware 1.2.6 Software Requirements 1.2.7 Requirements of Users and Groups Hierarchical Structure of NWTA Glasgow 1.2.8 Data Security Strategy 1.2.9 Backup Strategy 1.3 Influential factors affecting the project 1.3.1 Economic Factors 1.3.2 Technical Factors 1.3.3 Time Factors 1.4 Design of the Establishment 1.4.1 Floor Plan 1.4.2 Wiring Diagram Hardware and Software Specifications Workstation Specifications Network Server Specifications Network Router Specifications Network Switches Network Security Network Printers Business Security Solution Backup Solution Additional Solutions and Proposals 1.4.3 Software Solutions 1.4.4 Operating Systems and Related Items 1.4.5 Network Topology Training Suite Wiring Diagram 1.4.6 IP Addressing Scheme Proposed Network Rack Structure 1.4.7 Applicable Legislation Health and Safety at Work Act (1974) The Data Protection Act (1998) The Computer Misuse Act (1990) 1.5 Project Management aspects involved 1.6 Justifying the Approach Taken

Alan Davie

HND Computing: Technical Support – Graded Unit 2

4 5 6 7 8 8 9 9 9 10 11 12 13 14 15 16 17 18 18 18 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 38 38 38 39 42

2|Page


Stage 2: Development of the Solution 2. 1 Installation and Configuration of components 2.1.1 Installation of Windows Server 2008 Enterprise 2.1.2 Test Server Screenshots 2.1.3 Workstation Configuration Windows 7 Enterprise – Installation Guide Other Installations 2.1.4 Router Configuration Cisco Router Commands Output from the NWTA-R1 router showing the Running Config Output showing VLANs configured on the sub-interfaces Cisco Router and Security Device Manager (SDM) 2.1.5 Switch Configuration Cisco Switch Commands 2.1.6 Active Directory / Group Structure 2.1.7 Mapped Drives 2.2 Test Plans and Results 2.2.1 Test Plan (Server) 2.2.2 Test Log (Server) 2.2.3 Test Plan (Workstation) 2.2.4 Test Log (Workstation) 2.2.5 Test Plan (Switches) 2.2.6 Test Log (Switches)

Stage 3: Evaluation of the Solution 3.1 Evaluation of the Produced Solution 3.2 Personal Evaluation Performance Bibliography and References Index and References

Alan Davie

HND Computing: Technical Support – Graded Unit 2

43 44 45 46 48 49 51 52 53 56 59 60 61 62 64 66 68 69 70 71 72 73 74

78 79 81 82 84

3|Page


Stage 1: The Planning Stage

Alan Davie

HND Computing: Technical Support – Graded Unit 2

4|Page


1. Aims of the Project The project for the New World Training Agency facility, based in Western Business Park Glasgow, aims to provide a design to fulfil the needs of the client, as determined by the project specifications, and meetings with the client, which are detailed in the project management schedule. The project will research, develop, evaluate and finally recommend the proposed solution for the entire IT infrastructure, including Networks, Hardware to the client. The hardware and software will be selected according to task, and the entire solution will be a cohesive, adaptable and easily expanded, yet industrially robust solution, giving NWTA scope for expansion. The task of procurement of such hardware and software for this establishment will also be carried out, and although the project has been given an uncapped budget, the costing of such items will be entered where appropriate to enable the project to reflect real world procurement in its entirety. It is then, after confirmation from the client, that the project will enter the implementation stage, when all approved hardware and software is implemented into the actual facility. After the installation stage, our staff will be on site to support, and offer guidance, to staff and answer any questions regarding the implemented solution, and also any technical queries they may have.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

5|Page


1.1 Establishing Requirements In the initial project brief that was received, the bulleted points below were stipulated as essential elements of the project. 

Five training suites containing 8 workstations per suite

Staff network containing an additional 8 workstations

Software for the proposed Microsoft and EDL courses

Software for the proposed programming language courses

Dedicated facilities for management of pre-configured images

Private storage area for all training staff

Interview / Private meeting room

Toilet facilities

In order to clarify those points, and further elaborate on them, meetings were set up with the Training Centre Manager, Training Co-ordinator and Admin supervisor of the facility to gather information on the specific nature of the courses offered, and for background information of the New World Training Agency and its current, and future aims. The Training Centre Manager / Systems Administrator, Mr Colin Ewing specified that the centre offered a range of courses to cater for students of varying levels, and all ages. On a national level, NWTA have always offered both the ECDL courses and the Microsoft MCDST courses at other facilities, with the ECDL course being very popular amongst beginners. Recently, NWTA have successfully trialled programming courses at their newest facilities, and have concluded, after a successful feasibility study conducted by NWTA in the catchment area of the proposed facility, to replicate this national strategy at the Glasgow facility. We have also established that as this is a newly constructed facility, there was no IT infrastructure previously installed, and the facility is in a „bare bones‟ state, with the relevant partitions and rooms created as specified by the client prior to our involvement in the project. As this is the case, there will be no need to document existing workstations and hardware currently installed at the facility.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

6|Page


Proposed Profile of NWTA Glasgow Before beginning any development, or upgrade, we must consider the current profile of equipment and staffing at the NWTA Glasgow facility. As we can ascertain, there is currently no hardware or IT infrastructure installed, as this is a brand new facility, so we have gleaned the relevant requirements from the Training Centre Manager, Mr Colin Ewing.

Area

Workstations Required

Printers Required

Users

Centre Manager

1

1

1

Training Coordinator

1

1

1

Admin Supervisor

1

1

1

Training Staff Room

3

1

3

Used for managing system images, and general work

Admin / Reception

2

1

1

1 workstation located in reception, the other in the Admin office

Staff Room

0

0

0

Training Suite 1

8

1

8

Training Suite 2

8

1

8

Training Suite 3

8

1

8

Training Suite 4

8

1

8

Training Suite 5

8

1

8

Comments

The partition between Training Suite 2 and 3 can be removed to provide a double sized room for larger classes.

Table showing the current infrastructure at the facility From a Network Design perspective, the network will have a maximum of 48 users, but facility for increased users will be implemented to support expansion of the business. The network is not a bandwidth intensive media network, and as such, will not require top of the range style equipment to fulfil the brief. All specifications for hardware and software will be detailed in the preceding sections of this report

Alan Davie

HND Computing: Technical Support – Graded Unit 2

7|Page


1.2 Analysis of Project Requirements In this section, the aims are to outline any specifications of hardware and software proposed for the project, and any requirements detailed in the project brief received from the client. Also included are constraints that may, or may not, hinder the project.

1.2.1 User Requirements The user requirements proposed for this facility, for both students and staff alike, are for a general purpose workstation to ensure that the client can fulfil the courses that the students will undertake, and that staff members can carry out their various duties in the facility with ease. It is apparent that, even with the facility offering a variety of proposed programming courses, that there will be no need for high-end machines within the facility. This will ensure that all machines are equivalent, and inter-operable, with the same hardware specifications being emulated in each workstation, which is an important consideration when the imaging of machines is proposed to install groups of packages, or an entire Operating System and Packages should the workstation need to have a clean install.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

8|Page


1.2.2 Constraints to be identified The following is a list of the constraints that have been identified for the NWTA project, and how each constraint will be addressed in the course of the project.

Name

Financial Constraints

Time Constraints

Scalability Constraints

Proposals

Although the project has not formally been allocated a budget, it is vital to reduce costs, but still retain maximum functionality and flexibility for the client. Therefore, careful consideration will be given to current needs, balanced with a proposed growth of the facility and its IT infrastructure. This should be done by ascertaining the threshold of the network hardware, and this should facilitate an expansion of the facility without resorting to a major upgrade of hardware, and further costs. Equipment costs and any other relevant costing shall be implemented into the report in order to give an idea of the value of the equipment. This will be useful when the company obtains insurance for their premises.

The time constraints on the project reflect the need for stage completion on a defined date, otherwise the project timescale will be infinite. The stages will be cohesive, and this should result in project fluidity throughout the timescale of the project.

It is well understood that investments are important business decisions, that NWTA is a growing company, and that you would like to continue growing. As such, we have designed a network with scalability to insure your future upgrades are well in line with your budget. With our design, there will be no need to replace hardware for years to come.

Security is a very important factor in business. Security Constraints

Alan Davie

The security measures that will be proposed not only insure no outside interference, but with the implementation of both hardware and software firewalls, coupled with anti-virus / spyware / malware protection, it is yet another measure taken to make sure intruders stay out of your network

HND Computing: Technical Support – Graded Unit 2

9|Page


1.2.3 Staff Training and Familiarisation This will run in parallel with the agreed hardware and software procurement. Although staff may have prior knowledge of the software, knowledge of the network and its topology will be beneficial should a malfunction of occur. Staff will be trained in the logon procedures that will allow them to access resources on the network, and also to train students in the correct logon procedure.

Personnel and Technical Support Our personnel will be available for a period of 90 days after each phase to assist with employee questions and concerns. Any issues found will be diagnosed and corrected by our staff. In the event of hardware failure the appropriate hardware manufacturer will handle any warranties such as replacement hardware and such.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

10 | P a g e


1.2.4 Hardware Requirements Workstations A brief description of the hardware required will be given, but each hardware item will be detailed and expanded greatly in Section 1.4 of this report. The obvious main hardware requirements would be workstations, which are the way Students, Staff and the Systems Administrator will access programs, resources and other internal or external resources either on the server, or other workstations. In order to maintain impartiality, several manufacturers‟ websites will be checked for product suitability, and overall cost. Considering this will be effectively a “bulk buy” the corporate discounts offered will also be considered in the result. As mentioned, these specifications will be detailed in later stages of this report, but in principle the workstations will each have the same specifications, and hardware, in order to facilitate cross compatibility, as well as minimize errors, when the systems are imaged / reimaged as specified by the project brief.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

11 | P a g e


1.2.5 Network Hardware Network hardware will ensure the fluid operation of the network and its related functions, and will also have the capacity to facilitate future expansion of the network, and the company, without having to replace the entire hardware installed.

Client Request

Proposed Solution The proposals are for 2 Routers to be installed.

Network Routers

Of which the main, Router 1 will be the designated router. The additional router, Router 2, will also function to enhance load balancing on the network and mirror Router 1, but it will primarily be installed as a backup in the event that Router 1 malfunctions and renders the network unusable. This is known as a failover pair. There will be 2 switches to support the training suites, and the staff network, including network hardware, e.g. servers.

Network Switches

Both switches will have Power Over Ethernet, PoE, which means that other items of hardware, such as Network Cameras, Access Points and VOIP phones can be powered directly from the switch over Ethernet cabling, with no additional power required. The proposed cabling category to be installed in the facility will be Cat6 cabling. This is a newly built facility with no IT infrastructure, so it makes sense to install this category of cabling which facilitates network speeds of 1 Gigabit, should the client wish to upgrade all hardware to gigabit compatibility, and also future proofs the network until the next proposed major upgrade.

Network Cabling

The cabling runs will extend inside the false ceiling already installed, and once it enters any area with workstations, or hardware needing an Ethernet connection, the cabling will be encased in PVC trunking until the endpoint with the workstation, or other hardware in the location. As all cabling runs will span no longer than 100 metres, the maximum cable run, this means that all network hardware can be terminated in the one switch room that is located in the building (See Diagram in Section 1.4)

Alan Davie

HND Computing: Technical Support – Graded Unit 2

12 | P a g e


1.2.6 Software Requirements Detailed below is the various specified software requirements stipulated by the client during various project meetings, and adjacent is the proposed solution.

Client Request

Proposed Solution

All staff should have access to a generic office suite.

Microsoft Office 2007 Standard is proposed for this solution, as most users are familiar with its functionality and layout, and therefore, would need minimal, if any, training on this product.

Training Suite should have access to Microsoft Project 2003.

Microsoft Project 2007 will be installed for this solution. It is an upgrade from MS Project 2003 which is now becoming phased out in favour of cross functionality with MS Office 2007 and improved aesthetics. It is proposed that Microsoft Visual Studio 2008 will be installed, as it encompasses all the programming languages that the Training Centre manager wishes to offer in this facility.

A range of programming tools and platforms to be accessed.

It was originally proposed that the free Visual Express editions of these programming languages by Microsoft be installed. This idea was sidelined due to the fact that those editions do not possess the full functionality required by the courses offered, although, they will be advised for students to download in order to aid with study at home. It is proposed that Sophos Anti-Virus will be purchased with a 50 client user package. This version is an all-in-one antivirus, firewall, spyware and malware package for security and user protection.

The network should be secured against virus or hacker attacks from external sources.

The benefit with this software is that all virus definitions on each workstation can be updated from a central location, e.g. server, so workstations always have the current virus definitions. An external hardware firewall solution will also be proposed and specified in the hardware section.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

13 | P a g e


1.2.7 Requirements of Users and Groups Listed below are the requirements for the management of users, groups and the permissions and polices that govern their access and restrictions on the network.

Client Request

Proposed Solution

Each student and member of staff should have their own networked PC

Adequate space and resources to implement this request, with scope for further expansion by adding more workstations.

Training Staff should have access to all training software.

All software will be installed onto the training staff machines either manually, or using images created for that specific group.

Each member of staff should have access to their own private file storage space, and facilities for training room image management.

This can be achieved by using a logon script on the proposed server to created mapped drives for each account that is placed into the Training Suite group on the proposed server.

Admin Staff should be placed in their own group in the server structure

This can easily be accomplished in any proposed server, and will facilitate the next requirements for the Admin supervisor.

Training Co-ordinator and Admin Supervisor should have access to all the files and storage areas belonging to the staff within their own section.

Both the Training Co-ordinator and Admin supervisor will be placed at the top of their own staff group. This group will then be given „Take Ownershipâ€&#x; permissions of the staff group relevant to them, thereby giving them overall control to view any files contained in this group.

Training Centre Manager should have access to all files and storage areas.

This can be accomplished by allocating Administrator rights to this user, giving them overall control of the network, and the ability to access all files and folders on the network.

Printers to be restricted to members of that section, and restricted users in the particular Training Suite.

The printer corresponding to each group, or section, will be placed in the group container, and relevant members will be allocated permission to use that printer by using group policy.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

14 | P a g e


Hierarchical Structure of NWTA Glasgow

Alan Davie

HND Computing: Technical Support – Graded Unit 2

15 | P a g e


1.2.8 Data Security Strategy Due to the nature of the organisation, the content that will be and generated, and consequently stored, it is essential to protect that data in order to safeguard the company, its staff, and ultimately the personal details of both staff and students in the facility from an unauthorised access. In order to accomplish this, a major part of this category will be network security which includes the structure and hardware proposed to implement this, such as firewalls to block any potential intruders into the network, and antivirus installed onto every workstation to detect and eradicate any potential threats. All users will be placed in the hierarchical tree of the network according to their needs and / or status in the organisation, with only one person, the System Administrator, having overall access and control of all files, folders and users. In reference to backups, which are mentioned in the next point, it is proposed that the backups will be encrypted with a strong algorithm by the backup solution to ensure that if backups were to go astray, especially when going off site to secure storage, no-one can gain access to the data recorded onto the tapes.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

16 | P a g e


1.2.9 Backup Strategy The backup strategy will consist of a weekly full backup, to back up the entire network, followed by incremental daily backups. All backups are scheduled to take place after the centre has closed at night, thus greatly negating a drain on bandwidth, with the full system backup taking place on a Sunday when the business is scheduled to be closed. This strategy should reduce the time needed to restore the system should a disaster occur, by using a combination of the full backup and incremental backup tapes to restore the data to its original state. The backups will also be replicated, with one set being stored on site, for quick access, and the other set stored at a secure off site location in case of fire or other destructive instances. The backup solution proposed will also be easily accommodated into the network, and will be situated in the rack.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

17 | P a g e


1.3 Influential factors affecting the project There are 3 main categories of factors that will influence this project, and it is better for them to be identified just now in order to make everyone concerned with this project.

1.3.1 Economic Factors These factors apply to items related to budget, economy and other financially related parameters. Items in this category will be financing for the project, using loans, corporate or public investments, even shares in the company. Although the project has been given an open ended budget, the aim is to keep costing as realistic as possible and to specify equipment, both hardware and software, relevant to the tasks noted in the project brief, and not opt for top end equipment just because of the open ended budget.

1.3.2 Technical Factors These are self explanatory factors that entail the vast realm of anything technical, and any challenges faced by the team, problems solved or problems created, and any alternative hardware that can be substituted if the proposed setup does not perform to specification expected. Technical staff will be on hand to train staff on the logon procedures, and network procedures and expectations before NWTA Glasgow becomes live, and the team will also inevitably be on site during the break in phase to alleviate any problems or system / network problems encountered once the system is live.

1.3.3 Time Factors These will be prevalent throughout the project, and are essentially the boundaries of each stage of the project. The time factors are specified in considerable detail, by each specific task, in Section 1.5 which contains the project management specifics, and what tasks are reliant on which others to continue. First stage will be completed by 07/05/2010, with the Second stage, Development, being completed by 2 weeks after this date. The final stage, evaluation, is proposed to be completed by a week after this after the client has agreed that the project meets their verification checklist and is signed off as completed by both the client and the team leader.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

18 | P a g e


1.4 Design of the Establishment Within this section shall be a multitude of design related documents containing the various diagrams and schematics relating to the layout of the establishment, the wiring placement, and the hardware placement. Also included will be the proposed specification for the hardware and software to be installed into the centre and any legislation issues that will be applied to the company.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

19 | P a g e


1.4.1 Floor Plan Firstly, is a diagram of the entire establishment, with all relevant equipment documented and placed to meet the requirements of the client.

Here you can see the internal layout of the centre, and its proposed room locations to meet the clientâ€&#x;s requests. Also included are hardware placements to give a sense of the hardware quantity required for this project.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

20 | P a g e


1.4.2 Wiring Diagram This diagram shows the infrastructure of the cabling proposed at NWTA, and also shows the connectivity between devices such as the servers, routers, switches and workstations in this location.

The red line denotes the path of the bundled wiring room throughout the facility

Alan Davie

HND Computing: Technical Support – Graded Unit 2

21 | P a g e


Hardware and Software Specifications In the corresponding section, the details regarding Hardware proposals, specifications and other relevant details will be contained. Concurrently, the Software Specifications requested by the client and their proposed solutions will be documented and detailed in order to meet the clientâ€&#x;s requirements. Wireless networking was not requested, but can easily be accommodated should the client wish to follow this route, and this is why I have included a proposal for a wireless router, and also proposals for VOIP hardware should the client wish to upgrade their network.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

22 | P a g e


Workstation Specifications The workstation proposed is the: Dell Optiplex 380 This is detailed below, and exceeds the specifications required by the intended courses offered in the facility. The solution was reached after careful consideration amongst various manufacturers, and also a bulk discount offered by Dell at the start of the lease period. As such, at the end of the 2 year lease period, if the business renews the lease, then all remaining workstations will be replaced by current models, saving the business considerable upgrade costs, and also negating a large initial payout for the workstations.

Component

Specification

Processor

Intel Core 2 Duo E7500(2.93GHz,1066MHz,3MB)

Operating System

Windows® 7 Professional 32 Bit with Media Supplied1

Memory

2GB (2x1024MB) 1066Mhz DDR3 Dual Channel

Monitor

Dell E-series E190S 19" 48 cm Std monitor, (1280x1024)

Hard Drives Optical Drives Case Type Cost

160GB Serial ATA II 3Gb/s (7200RPM) Hard Drive 16X DVD +/-RW Drive Desktop, or vertically mounted £349 per Workstation (Bulk Discount applied)

1

The reason that Windows 7 Professional was specified is that it allows workstations to join a domain, which will be controlled by the network servers. Other versions of Windows 7 lack this crucial functionality, and do not allow workstations to join a domain.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

23 | P a g e


Network Server Specifications The network server proposed is the: HP ProLiant DL380 G6 Server Which, after careful consideration, was deemed to be the most suitable, and effective, solution for the customer‟s requirements at this time. It is easily managed and will also offer further scope for additional network servers when the business expands in due course. Two of these servers are proposed as a failover pair in the event of one server failure the network will function as normal and reduce downtime in the event of failure, additionally both servers will facilitate Network Load Balancing (NLB) to share the network load, and increase the users experience by retaining speed in those peak periods.

Component

Specification

Processor

2 x Intel® Xeon® 5500 series

Operating System

Windows® Server 2008 Enterprise

Memory

Monitor

PC3-10600R RDIMMs DDR3 or PC3-10600E UDIMMs DDR3 16GB DDR3 Supplied, Upgradable to a Maximum of 192GB HP LE1901w 19-inch Widescreen LCD Monitor Maximum of 8 drives supported, in the following formats:

Hard Drives

Hot plug 2.5 / 3.5 -inch SAS Hot plug 2.5 / 3.5-inch SATA

Optical Drives

16X DVD +/-RW Drive

Case Type

Rack Mounted, using 2u of rack space.

Cost

Price per server is: £689

Alan Davie

HND Computing: Technical Support – Graded Unit 2

24 | P a g e


Network Router Specifications The network router proposed is the: Cisco 2911 Integrated Services Router After careful consideration of other manufacturers, the vast range Cisco offered allowed us to customise the proposed solution to the customer‟s requirements and intentions. The router offers a versatile solution product also offers supplied Cisco IOS with this software.

robust, secure but from Cisco. The a Firewall and Intrusion Detection system that is embedded with the image, but a separate external solution is proposed due to limitations

Also featured are VPN and VOIP capabilities, which can be tailored to suit the customer when they are required to be configured to expand the network. VOIP, Voice-Over IP, will allow telephone calls to be used over the internet connection, thereby greatly reducing phone costs for any company.

Component

Specification

Ports Available

Memory

Alan Davie

x x x x x

Type A USB RJ-45 RS-232 Console Type B USB Management RJ-45 10/100/1000Base-T Network WAN RJ-45 RS-232 Auxiliary Management

512MB Supplied, 2GB Maximum

Operating System Cost

2 1 1 3 1

Cisco IOS 12.4 £1,562

HND Computing: Technical Support – Graded Unit 2

25 | P a g e


Network Switches The network switches proposed are: Cisco Catalyst WS-C3570-48PS-S Cisco Catalyst WS-C3570-24PS-S The proposed switches both facilitate the existing network, and will also accommodate a substantial expansion of the business without a major hardware upgrade. Both switches also offer router functions, or Layer 3 functionality, which allow the switch to be utilised in a variety of environments, and coupled with the Layer 3 switching element, the switches will perform well in the NWTA environment, and in the event of higher traffic, e.g. media, VOIP, the switches will still perform exceedingly well with high data rates.

Component

Specification 48 x RJ-45 10/100Base-TX LAN, 1 x RJ-45 Console Management

Number of Ports

24 x RJ-45 10/100Base-TX LAN, 1 x RJ-45 Console Management Giving a total of 72 Ports

Memory Data Transfer Rate Standards Supported

Management

Cost

Alan Davie

64MB installed 100Mbps

IEEE 802.1D, IEEE 802.1p, IEEE 802.1Q, IEEE 802.1w, IEEE 802.1x, IEEE 802.3, IEEE 802.3ab, IEEE 802.3U, IEEE 802.3x, IEEE 802.3z

Web-based Cisco CMS Software CiscoWorks Network Management Software IEEE 802.1p QoS IEEE 802.1Q VLAN Telnet Interface 48 Port Switch: £3386 and the 24 Port Switch: £2420

HND Computing: Technical Support – Graded Unit 2

26 | P a g e


Network Security After considering several different options, it has been proposed that external firewall device for the project will be the: Cisco ASA 5505 Firewall The proposed solution is designed toward the small business, although it is capable of supporting many large scale environments due to its capacity and robust design. It offers users the security of Cisco Intrusion Prevention system, and adaptable firewall to offer consistent protection to the entire network. It also supports Virtual Private Networking, which is an additional feature that the company may choose to implement in the future.

Component Maximum firewall connections Maximum firewall throughput Data Transfer Rate Memory

Integrated Ports

Cost

Alan Davie

Specification

25,000

150Mbps

100Mbps 256MB 8 port 10/100 switch 2 Power over Ethernet ports

ÂŁ296

HND Computing: Technical Support – Graded Unit 2

27 | P a g e


Network Printers The proposed printers for the establishment are: Hewlett Packard HP JET P3005N The proposed printer is resilient, reliable and will produce consistently good printouts time after time for all staff and students for their differing needs. HP have an established worldwide recognition of reliability, and to backup this statement, there is a concise web of support across the world should the users need to seek support for this product.

Component

Specification

Output Type

Colour Printer, Monochrome Printer

Printer Technology

Laser Printer

Output Resolution Print Speed Printer Memory

1,200 dpi 35 ppm 80 MB 1 x Multipurpose Tray 100 Sheet

Media Handling

1 x Input Tray 500 Sheet 1 x Output Bin 350 Sheet

Network Technology Cost

Alan Davie

Fast Ethernet

ÂŁ616

HND Computing: Technical Support – Graded Unit 2

28 | P a g e


Business Security Solution It is proposed that an additional solution will be offered that will enhance, and greatly increase, security, thereby benefiting all staff and students alike. It will also be a welcome addition in exam rooms in the centre to offer secure conditions for assessments, formal exams and vendor qualifications exams. The product offers easy setup with the proposed Power Over Ethernet (PoE) switches, only using an Ethernet cable to deliver power and data. The cameras can be viewed by means of a normal web browser, so permitted persons may view the camera system either in-house, or remotely from anywhere in the world using the secure browser and HTTPS facility. The cameras are relatively easily installed, and up to 16 cameras are supported on the supplied Cisco Video monitoring software which is installed on first use, and as long as there are ports available on the compatible PoE switches.

Component Product Name

Digital Zoom

Audio Support Night Vision

Details Cisco PVC300

Yes, up to 4x digital zoom offered Yes, the product supports 2 way audio

Yes, the product has IR functionality for night vision

Secure Viewing

HTTPS protocol supported

Other features

Pan and tilt facility Video monitoring software supplied Snapshot facility

Alan Davie

HND Computing: Technical Support – Graded Unit 2

29 | P a g e


Backup Solution It is proposed that the: HP Storageworks 1/8 G2 Tape Autoloader System Will be the desired backup solution for the NWTA Network. It will be used in conjunction with a rack mount kit to maximise space, and will easily support other backup units when the business expands. This solution provides ample backup capacity for the entire network, and even if an expansion is proposed the storage available would most likely still be more than adequate for the company needs.

Component Storage Capacity

Data Transfer Speed

Cost

Alan Davie

3.20 TB (Native), 3.20 TB (Native)/6.40 TB (Compressed)

1 x USB 1 x RJ-45 Ethernet 2 x 68-pin HD-68 LVD/SE Ultra320 SCSI – SCSI

Interfaces

Configuration

Specification

120 MBps Compressed 122.88 MBps Compressed 60 MBps Native 61.44 MBps Native 1 Drive, with 8 slots for tapes. £784

HND Computing: Technical Support – Graded Unit 2

30 | P a g e


Additional Solutions and Proposals Wireless Solution Although not specified in the project brief, it would be wise to foresee the inclusion of a wireless solution for NWTA Glasgow, should they require access for staff in the staff room, or for students in reception, or simply additional workstations where a cable run would not be cost effective. The Cisco 871 Dual Ethernet Security Router with Wireless is an ideal candidate for this task. It offers the following main points: 

High performance for small to medium businesses

4-port 10/100 managed switch with VLAN support

Secure WLAN 802.11b/g option with use of multiple antennas

Easy setup, deployment, and remote management capabilities through Webbased tools and Cisco IOS® Software

VOIP Solution Again, not specified in the brief, but a technology currently in use in numerous businesses of all sizes is Voice Over IP, VOIP. It allows users to make telephone calls using the network hardware and cabling, opposed to a conventional handset, and offers a substantial reduction in telephone costs. The proposed VOIP solution is the Cisco 7960G, which comes packaged with a one user licence per handset, and has the following main features:

Main Features: Integrated Ethernet switch

VoIP Protocols: H.323, MGCP, SCCP, SIP

Caller ID: Built-in

Voice Mail Capability: Built-in

Network Ports Qty: 2 x Ethernet 10Base-T/100Base-TX

Compatible Software: Cisco Call Manager 3.3(3) or later

Alan Davie

HND Computing: Technical Support – Graded Unit 2

31 | P a g e


1.4.3 Software Solutions The software solutions proposed below have been taken from the requirements, and to which the proposed solution to the request is given.

clients

Client Request

Proposed Solution

All staff should have access to a generic office suite.

Microsoft Office 2007 Standard is proposed for this solution, as most users are familiar with its functionality and layout, and therefore, would need minimal, if any, training on this product.

Training Suite should have access to Microsoft Project 2003.

A range of programming tools and platforms to be accessed.

The network should be secured against virus or hacker attacks from external sources.

Microsoft Project 2007 will be installed for this solution. It is an upgrade from MS Project 2003 which is now becoming phased out in favour of cross functionality with MS Office 2007 and improved aesthetics. Other project management packages do exist, such as PRINCE2, but Microsoft Project is less complex, and easier for students to use as their initial project management software. It is proposed that Microsoft Visual Studio 2008 will be installed, as it encompasses all the programming languages that the Training Centre manager wishes to offer in this facility. It was originally proposed that the free Visual Express editions of these programming languages by Microsoft be installed. This idea was sidelined due to the fact that those editions do not possess the full functionality required by the courses offered, although, they will be advised for students to download in order to aid with study at home. It is proposed that Sophos Anti-Virus will be purchased with a 50 client user package. The benefit with this software is that all virus definitions on each workstation can be updated from a central location, so always remain current. An external hardware firewall solution has also been proposed in the hardware section.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

32 | P a g e


1.4.4 Operating Systems and Related Items The Operating systems for the NWTA network and workstations are as follows: Hardware Item

Network Servers

Proposed Solution These shall be installed with Windows Server 2008 Enterprise Operating System. This operating system is the latest evolution in Microsoft Server operating systems, and will seamlessly support the Windows 7 Operating System, as well as numerous other systems, with ease. Windows server systems have a licensing system, whereby a licence has to be purchased. Depending on the system, the licence varies, for example, a customer licensed with proposed Windows Server 2008 R2 Enterprise may run one instance of the server software in the physical operating system environment. So for 2 servers, 2 licences have to be purchased. The operating system is a substantial upgrade from the predecessor, Windows Server 2003 version, and in order to lessen system downtime, if Server 2003 were installed, and maximise productivity this is the preferred server operating system. It allows members to be placed into groups, given permissions to access items on the network, as well as numerous other tasks.

Workstations

These shall be installed with the Windows 7 Professional Operating System. Windows 7 has been tested in previous setups within the team, and has surpassed the previous operating system, Windows Vista, which has been known to be incompatible with numerous types of hardware and software, not to mention the software bloat which substantially impedes the performance of the operating system. Although there are other versions of this operating system available, Windows 7 Professional, and the versions above, are the only versions that will allow, and support, the workstation connecting to a domain that will be managed by the network server and its operating system.

Printers

All printers come with device drivers and printer software supplied in the packing of the supplied printer. Most printers are detected, and installed automatically by the Windows Operating System using the Plug-n-Play service which detects the device. Printers will also be managed by each VLAN having designated printers, by means of adding users via the Printer Operators group in Windows Server 2008.

Network Routers and Switches

These pieces of hardware utilise a special operating system supplied only by Cisco. The Cisco IOS, Internetworking Operating System, supplied will the current version for those devices, and include the appropriate functions and commands for those device. The current Cisco IOS is version 12.4, and access will be given to the Cisco Support website to update any IOS, or for documentation, assistance with the Cisco products that are used.

Network Firewall

Like above, this Cisco hardware also utilises a specialist IOS. The Cisco firewall system also employ a similar ASA / PIX operating system which, like above, can be accessed by using the Cisco CLI or SDM. The latest version of the IOS is always supplied with Cisco Products.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

33 | P a g e


1.4.5 Network Topology The proposed network structure for New World Training Associates, NWTA, will consist of a standard star, or effectively an extended star, topology that will be emulated throughout the network required offering reliability and easier expansion of the network. The routers will have a connection to each other, and also to both switches primarily to facilitate network redundancy, like server 2, in the event of failure. Otherwise, router 2 will support router 1 in load balancing the network and increasing the overall speed of the network during peak times by doing so.

The above diagram shows details of the topology and proposed components There will be a maximum of 8 workstations per training suite and a networked printer per training suite, with each training suite configured using a separate VLAN that is subnet accordingly, facilitating network expansion by simply changing the subnet mask of the current addressing scheme to increase hosts. The same system will be applied to the staff network which will contain the final VLAN in the network.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

34 | P a g e


Training Suite Wiring Diagram The network layout in each training suite will consist of all workstations being wired individually using Category 6 cabling, to future proof the network for any upgrades. The wiring loom will also include a network printer connection, and will exit each training suite through the suspended ceiling that runs throughout the establishment, to the Cisco Switch assigned to that sector. No cable run will exceed 100m, so the capabilities of the cabling system will remain well within the boundaries it was designed for.

The above graphic shows the proposed wiring structure which will be emulated throughout each training suite, and will be adapted for other areas such as admin and training staff that also house multiple workstations, as well as single nodes.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

35 | P a g e


1.4.6 IP Addressing Scheme As you can determine from the network schematic on the previous page, the network will consist of 6 VLANS. Of this, 5 VLANS will be allocated to the Training Suites, and 1 will be allocated to the Staff network. It is proposed that the IP addresses will be allocated by the Router which will have DHCP pools programmed using the subnet range of the VLAN. Although DHCP can be administered and allocated using Windows Server, using the router in this way is perfectly acceptable for Small Businesses. If the company were to expand, then the DHCP scope allocation could be transferred to a dedicated server, and the corresponding subnet masked altered to accommodate additional hosts with the network.

Proposed IP addressing scheme for the NWTA Glasgow establishment Network Name

Network ID

Subnet Mask

Useable Range

Hosts

Network Equipment

192.168.0.0

255.255.255.240

192.168.0.1 – 14

14

Management VLAN 1

192.168.1.0

255.255.255.240

192.168.1.1 - 14

14

Training Suite 1 VLAN10

192.168.10.0

255.255.255.240

192.168.10.1 - 14

14

Training Suite 2 VLAN20

192.168.20.0

255.255.255.240

192.168.20.1 - 14

14

Training Suite 3 VLAN30

192.168.30.0

255.255.255.240

192.168.30.1 - 14

14

Training Suite 4 VLAN40

192.168.40.0

255.255.255.240

192.168.40.1 - 14

14

Training Suite 5 VLAN50

192.168.50.0

255.255.255.240

192.168.50.1 - 14

14

Staff Network VLAN60

192.168.60.0

255.255.255.240

192.168.60.1 - 14

14

Alan Davie

HND Computing: Technical Support – Graded Unit 2

36 | P a g e


Proposed Network Rack Structure Below is shown the proposed network rack structure for the NWTA network, and is designed to give an idea of what the finalised system will look like.

NWTA Router 01

NWTA Router 02

NWTA Switch 01

2 x Routers to offers adequate redundancy, and load balancing, to increase network efficiency.

2 x switches will accommodate up to 72 hosts without the need for future expenditure, and offer expansion using PoE compliant devices such as IP Cameras and VOIP telephones.

LCD monitor and keyboard for Server Administration

Rack mounted Tape Backup system

2 x Servers which should offer redundancy should one fail

2 x Servers utilising Windows 2008 Enterprise

1 x UPS, should the power be compromised to the rack, and give the network additional redundancy until power resumes.

NWTA Switch 02

Firewall Solution LCD Monitor Keyboard Tape Backup System

NWTA Server 01

NWTA Server 02

NWTA UPS

Alan Davie

HND Computing: Technical Support – Graded Unit 2

37 | P a g e


1.4.7 Applicable Legislation In any establishment, be it corporate or a home network, there are a number of parts of legislation that govern the Health and Safety of the premises, and although the main legislation parts will be outlined, it is up to the users, and network administrator to ensure these practices are used, and enforced in the workplace.

Health and Safety at Work Act (1974) This Act provides a framework for ensuring the health and safety of all employees in any work activity. It also provides for the health and safety of anyone who may be affected by work activities in e.g. pupils/students and visitors to educational sites, including parents and contractors. This act ensures that all equipment, and fixtures and fittings in the NWTA establishment shall adhere to the Health and Safety at Work act.

The Data Protection Act (1998) The Data Protection Act ensure that all personal and identifiable information is handled properly The Data Protection Act was drafted to ensure the privacy of personal information stored electronically on computers nationwide. The Act aims to promote high standards in the handling of personal information, and so to protect the individualâ€&#x;s right to privacy. Anyone holding data relating to living individuals in electronic format must be able to justify the storage of the data, and if the data is no longer required by the company is must be securely deleted and removed. This act reflects on the nature of business NWTA is employed in, and reference to all data records e.g. Students, Staff.

The Computer Misuse Act (1990) The Act was created to criminalize unauthorized access to computer systems and to Discourage the more serious criminals from using a computer to assist in committing A criminal offence or from impairing or hindering access to data stored in a computer. All network activity will be logged at NWTA Glasgow, including websites visited, with the data only being made available to the System Administrator / Network Manager, and any other authorities should the need arise to escalate the case.

In addition, it is recommended, that all staff employed in the centre are scrutinised using the Standard Disclosure offered by Disclosure Scotland. This is a scheme which thoroughly investigates a prospective employee’s background and their suitability to work in any business, not necessarily confined to the education sector, which consists of working with persons of all ages and backgrounds, and in all environments.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

38 | P a g e


1.5 Project Management aspects involved No project would be reputable if it did not have a substantial element of Project Management involved. It not only defines the parameters and time constraints of the project, but also allocates tasks and resources to staff members, in order that they are aware of their role, or future roles in the project. The image below shows the project management schedule created for this project, complete with meetings schedule and project milestones.

Aside from the task list above, another element of a project management plan is the Gannt Chart, which is the graphical representation showing all tasks, and all dependant or related tasks that rely on a particular task finishing before the task can be commenced. This is an easier to follow representation of tasks completed in a graphical form.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

39 | P a g e


The image below shows the Gannt Chart created for this project.

The image on the next page shows the Task List and Gannt chart combined in order to relate the task to the visual reference of the Gannt Chart. It was felt as, there is only one person involved in this project, that a resource sheet listing would be inappropriate.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

40 | P a g e


This image shows the Task List and corresponding Gannt Chart

Alan Davie

HND Computing: Technical Support – Graded Unit 2

41 | P a g e


1.6 Justifying the Approach Taken The approach taken was one using the Lifecycle Development Model. The stages of this model are: 

Concept

Requirements

Architectural design

Detailed design

Development

Testing and implementation

The benefits of this approach include: 

Offers a well tried and tested system

It is a widely and used understood methodology

Uses a cyclical system from start to end

Continually evolving, for example, if new hardware is requested, the lifecycle model will restart from the stage 1.

There are very few networking client / server installations that are problem free from start to finish. This is because at technology evolves, the network installation you installed before, cannot be replicated again without errors and faults due to conflicts, either hardware, software or human error, thereby increasing the potential for faults. To reflect, any problems encountered will be used constructively. This greatly helps in order for us to understand what works, what doesn‟t and what could be improved the next time around.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

42 | P a g e


Stage 2: Development of the Solution

Alan Davie

HND Computing: Technical Support – Graded Unit 2

43 | P a g e


2. 1 Installation and Configuration of components In Stage 2, the development is progressed to physical installation and setup of the proposed hardware and software. Although impossible to emulate in a test lab, the network layout, router and switch configuration proposed will be scaled down to a manageable size, and if functioning as proposed, the solution can easily be scaled up to the actual size proposed.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

44 | P a g e


2.1.1 Installation of Windows Server 2008 Enterprise There will be several screenshots to briefly describe the installation, in a concise, but nonexhaustive way. The server is started with the setup CD inserted, allowing the automated setup process to ensue. User interaction is only required when Serial Number, Keyboard and Time Zone / Location settings are requested.

1. Dialogue box showing language, time and keyboard setup selections

2. User is prompted to enter the product key to activate Windows Server 2008

3. User is prompted to select the version of Windows Server 2008 to be installed

4. First login screen that is displayed after the installation finishes

Alan Davie

HND Computing: Technical Support – Graded Unit 2

45 | P a g e


2.1.2 Test Server Screenshots After initial installation, services corresponding to the networks needs and intentions are installed and configured, such as DNS, DHCP and Domain controllers.

Image above showing the Windows 2008 Server Administrator logon screen

Image above showing the Server Information, including Domain details

Alan Davie

HND Computing: Technical Support – Graded Unit 2

46 | P a g e


Enlarged image of the Network Services and Domain Details screen

Alan Davie

HND Computing: Technical Support – Graded Unit 2

47 | P a g e


2.1.3 Workstation Configuration The workstations specified are shipped from the manufacturer, Dell, with an OEM version of the Operating System, Windows 7 Enterprise, already installed and preconfigured. However, an installation guide will be documented for posterity, and to give an insight into the installation process for this operating system. This saves valuable time installing the Operating System onto all of the workstations, although if manual installation was required, the process can be streamlined by using other methods, such as network installation, or automated installation, using a reference answer file to respond to the user input screens, to speed up the process. Another method is by using an image of the whole system, with all applications installed, to recover a workstation should it have to be completely formatted due to a major error, thereby negating the need to install each application one by one.

A screenshot of the Operating System installed in Training Suite 1, PC1

Alan Davie

HND Computing: Technical Support – Graded Unit 2

48 | P a g e


Windows 7 Enterprise – Installation Guide Below will be a brief installation guide to implement Windows 7 Enterprise. Most people have an understanding of the basic installation process so this guide will be relatively brief in its content.

1. Dialogue box showing language, time and keyboard setup selections

2. User is prompted to read and accept the conditions of the EULA.

3. Installation of Windows 7 Enterprise finalizing 4. First screen that is displayed after the installation finishes

Alan Davie

HND Computing: Technical Support – Graded Unit 2

49 | P a g e


Image above shows the specifications of the operating system on TS1-1, with details such as Processor, Memory, Computer Name and domain details, with access to other features such as device manager.

Image left shows the workstation is setup to obtain a DHCP address from the pools allocated on the DHCP server. Alternate configurations can be manually entered to use specific DNS servers, as well as IP address and subnet mask. Manual configuration is not a viable solution for this project, so a DHCP solution is configured to provide a consistent and

Alan Davie

HND Computing: Technical Support – Graded Unit 2

50 | P a g e


Other Installations In order to refrain from saturating this report with screenshots and documentation of every piece of software installed, in this section I will summarise the somewhat generic procedures for several software solutions. The installation procedure for the following: 

Microsoft Office Standard

Microsoft Project 2007

Microsoft Visual Studio 2008

Is relatively generic in their installation, by means of: 

Inserting the CD/DVD

Following the on screen setup wizard

Choose the items to install using custom installation, if required

Enter the registration key supplied

The installation of Sophos Anti-Virus is similar, with the only difference being that after the installation users are prompted to update the virus definitions, to ensure current protection, and to scan the workstation

Alan Davie

HND Computing: Technical Support – Graded Unit 2

51 | P a g e


2.1.4 Router Configuration The two network routers will process users on the network using a series of VLANs. These are virtual LAN networks that allow users to access a particular sector, or department in the business. Whether they are on the next PC, or the next building, the VLANs can be configured to allow users to access the same group regardless of location. Routers are programmed with a series of commands to create network parameters like subnets and protocols, and as the whole command list and itâ€&#x;s explanation is beyond the scope of this report, the details will endeavour to give everyone an understanding of their usage. The screenshots are from a freeware client called Putty, as Windows 7 does not have Hyper terminal included, so this alternative client was used.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

52 | P a g e


Cisco Router Commands The commands below are a brief guide to configuring a VLAN on the Router. The commands are used in conjunction with corresponding commands entered onto the Switches used, in order to allocate a sub-interface to a specific VLAN, to manage access to those VLANs, as well as allowing VLANâ€&#x;s to communicate through the router.

Command

Purpose

Configure Terminal

Enters router configuration mode

Interface fa0/0

Configure an interface with various parameters such as IP address.

Interface fa0/0.10

Configure the sub-interface, which will be used for VLAN 10

Encapsulation dot1q 10

Enables the 802.1q trunking protocol on the specified interface. This allows VLAN communication with devices from a different manufacturer or model.

IP address

Enter the IP address and subnet mask for the interface, then the sub-interface

Description

Gives the interface a meaningful name

Below is an example using the above commands NWTA-R1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. NWTA-R1(config)#interface fa0/0 NWTA-R1(config-if)#ip address 192.168.1.1 255.255.255.240 NWTA-R1(config-if)#int fa0/0.10 NWTA-R1(config-subif)#ip address 192.168.1.17 255.255.255.240 NWTA-R1(config-subif)#encapsulation dot1Q 10 NWTA-R1(config-subif)#ip address 192.168.1.17 255.255.255.240 NWTA-R1(config-subif)#description VLAN 10 NWTA-R1(config-subif)#

Alan Davie

HND Computing: Technical Support – Graded Unit 2

53 | P a g e


Above image showing the running configuration of the Router, and the DHCP pools that allocate specific IP addresses to users of each VLAN, as well as DNS and Domain name configuration parameters.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

54 | P a g e


Above image showing the DHCP pools programmed to allocate IP addresses corresponding to users of each VLAN, as well as the range of those addresses.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

55 | P a g e


Output from the NWTA-R1 router showing the Running Config Below shows the output after entering the show running-config command on the NWTA-R1 router. Also shown are IP addresses for all interfaces, as well as the previously mentioned DHCP pools, and other relevant details. There will not be a DHCP pool for that 192.168.0.0 network, as this will be used to supply static IP addresses to network equipment. Also include is an example of an access list that allow or restrict access to sectors of the network. !version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname NWTA-R1 ! enable secret 5 $1$WHzA$OlxCvU6yNVorpzgzswbzy. ! no network-clock-participate slot 1 no network-clock-participate wic 0 no aaa new-model ip subnet-zero ! no ip domain lookup ip name-server 192.168.1.5 ! ip dhcp pool Management network 192.168.1.1 255.255.255.240 domain-name management.nwta.glasgow.com default-router 192.168.1.5 dns-server 192.168.1.6 lease infinte ! ip dhcp pool Students-TS1 network 192.168.10.1 255.255.255.240 domain-name ts1.nwta.glasgow.com default-router 192.168.1.5 dns-server 192.168.1.6 lease infinte ! ip dhcp pool Students-TS2 network 192.168.20.1 255.255.255.240 domain-name ts2.nwta.glasgow.com default-router 192.168.1.5 dns-server 192.168.1.6 lease infinite ! ip dhcp pool Students-TS3 network 192.168.30.1 255.255.255.240 domain-name ts3.nwta.glasgow.com default-router 192.168.1.5 dns-server 192.168.1.6 lease infinite

Alan Davie

HND Computing: Technical Support – Graded Unit 2

56 | P a g e


! ip dhcp pool Students-TS4 network 192.168.40.1 255.255.255.240 domain-name ts4.nwta.glasgow.com default-router 192.168.1.5 dns-server 192.168.1.6 lease infinite ! ip dhcp pool Students-TS5 network 192.168.50.1 255.255.255.240 domain-name ts5.nwta.glasgow.com default-router 192.168.1.5 dns-server 192.168.1.6 lease infinite ip dhcp pool Staff network 192.168.60.1 255.255.255.240 domain-name staff.nwta.glasgow.com default-router 192.168.1.5 dns-server 192.168.1.6 lease infinite ! interface FastEthernet0/0 description $ETH-LAN$ ip address 10.10.10.1 255.255.255.248 ip access-group 101 in ip access-group 101 out ip nat outside duplex auto speed auto ! interface Serial0/0 no ip address shutdown ! interface FastEthernet0/1 ip address 192.168.1.5 255.255.255.252 duplex auto speed auto ! interface FastEthernet0/1.10 encapsulation dot1Q 10 ip address 192.168.1.10 255.255.255.240 ip nat inside ! interface FastEthernet0/1.20 encapsulation dot1Q 20 ip address 192.168.1.20 255.255.255.240 ip nat inside ! interface FastEthernet0/1.30 encapsulation dot1Q 30 ip address 192.168.1.30 255.255.255.240 ip nat inside

Alan Davie

HND Computing: Technical Support – Graded Unit 2

57 | P a g e


! interface FastEthernet0/1.40 encapsulation dot1Q 40 ip address 192.168.1.40 255.255.255.240 ip nat inside interface FastEthernet0/1.50 encapsulation dot1Q 50 ip address 192.168.1.50 255.255.255.240 ip nat inside interface FastEthernet0/1.60 encapsulation dot1Q 60 ip address 192.168.1.60 255.255.255.240 ip nat inside interface FastEthernet0/1.70 encapsulation dot1Q 70 ip address 192.168.1.70 255.255.255.240 ip nat inside ! router eigrp 1 network 10.0.0.0 network 192.168.1.0 network 192.168.2.0 auto-summary ! ip nat inside source list 2 interface FastEthernet0/0 overload ip http server no ip http secure-server ip classless ip route 0.0.0.0 0.0.0.0 FastEthernet0/0 ! ip dns server ip dns primary 192.168.6.1 ! access-list 101 permit icmp any any access-list 101 permit tcp any any eq 443 access-list 101 permit tcp 192.168.1.0 0.0.0.255 any eq ftp access-list 101 permit ip any any access-list 101 permit tcp any any access-list 101 permit udp any any ! tftp-server nvram:192.168.2.2 tftp-server flash1 tftp-server flash:c2600-ik9s-mz.124-22.bin ! line con 0 line aux 0 line vty 0 4 password class login ! end

Alan Davie

HND Computing: Technical Support – Graded Unit 2

58 | P a g e


Output showing VLANs configured on the sub-interfaces The below output shows the sub-interface configuration on NWTA-R1, where each sub-interface is assigned to a VLAN using the appropriate commands, also shown is that status of the sub-interfaces.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

59 | P a g e


Cisco Router and Security Device Manager (SDM) SDM is an alternative to using the using the Command Line Interface, CLI, on the Cisco Routers and Switches, and is a more user friendly way to configure devices that incorporates a GUI and wizards to create various functions, such as ACLâ€&#x;s and NAT. A few screenshots are seen below, as this will just be a brief description of this alternative.

The home page showing the device status and various system details

The connections tab showing the current VLAN configuration for NWTA

Alan Davie

HND Computing: Technical Support – Graded Unit 2

60 | P a g e


2.1.5 Switch Configuration The switch configuration for this project uses the same VLAN concept as the router configuration, an in order for the VLAN to function correctly the parameters set in the router configuration must be emulated onto the switch configuration, otherwise the VLAN will not function correctly, or at all.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

61 | P a g e


Cisco Switch Commands The commands below are a brief guide to configuring a VLAN on the Switch. The commands are used in conjunction with corresponding commands entered onto the Routers used, in order to allocate switch ports to a specific VLAN, and to advertise those VLANs to other switches, as well as communicate with the router.

Command

Purpose

Enable

Enables the switch

Configure Terminal

Enters router configuration mode

Vlan 10

Creates VLAN 10 on the switch

Name TS1

Names VLAN 10 with a description as TS1 Defines the mode the switchport will be configured as.

Switchport mode access

In this case itâ€&#x;s access, other modes are trunk and dynamic. Configures the switchport to access VLAN10.

Switchport access VLAN 10

Other methods are native and voice, which can be used with VOIP applications.

Below is an example using the above commands NWTA-SW1> enable NWTA-SW1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. NWTA-SW1(config)#vlan 10 NWTA-SW1(config-vlan)#name TS1 NWTA-SW1(config-vlan)#exit NWTA-SW1(config)#int NWTA-SW1(config)#interface fa0/1 NWTA-SW1(config-if)#switchport mode access NWTA-SW1(config-if)#switchport access vlan 10

Alan Davie

HND Computing: Technical Support – Graded Unit 2

62 | P a g e


A screenshot showing the VLAN configuration on the switch, and the switchports allocated to each VLAN. As this is a test configuration, one port per VLAN was allocated, and this will be scaled up to replicate the projects final specifications

Alan Davie

HND Computing: Technical Support – Graded Unit 2

63 | P a g e


2.1.6 Active Directory / Group Structure The Active Directory and Group Structure, in essence, resembles the hierarchy of the network, with users who have the most experience / trust are denoted as Administrators, who have access to the entire system. As such, an amended version of the hierarchy structure chart will depict the users and the relevant groups they will be placed into in the Active Directory group structure. In addition to the below structure, it is assumed that all groups will also be members of the Print Operators group within their own VLAN / Department in order to facilitate, and control print queues, on the local network printer.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

64 | P a g e


Below is a screenshot showing the Active Directory and group structure developed to accommodate the proposed system users and their corresponding groups and sections.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

65 | P a g e


2.1.7 Mapped Drives In order to facilitate the requirements of storage space for courseware development, it has been decided to implement a mapped drives strategy.

This uses a logon script that allocates an amount of storage space, on the server, to the user from the group who has been permitted to use this space. The mapped drives can be seen when the users opens My Computer, and the drives will be visible under the “Network Drives” section.

The context of the logon script is: NET USE H: \\SERVER01\Share01\Username This defines the area of the server that has been allocated as storage to the user, entered into the “Location” box below. The command can also be entered from a command prompt should there be a problem with script. Alternatively, due to the relatively small number of mapped drives to be allocated, the “map network drive” option can be selected in “My Computer” and the process can be followed from there, allowing the drive to be reconnected at logon.

Image left, shows the dialogue box if the user chooses to map a drive using the alternative method available in Windows 7.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

66 | P a g e


Image above shows the Group Policy editor in Windows Server 2008

Image left, shows the network share properties dialogue, where the parameters, or path, to the network drive can be entered to map the drive to the user, and also the share name.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

67 | P a g e


2.2 Test Plans and Results The purpose of testing is to show evidence of the initial configuration of the hardware and software elements of the solution. Testing ensures the proper running of the system to normal specifications, and also to ensure all additional software and hardware is compatible and function cohesively with each other. Testing and configuration will also be applied to not only the Servers, but also to Workstations, Network Routers, Network Switches and other hardware that is utilised on the network in order to verify the correct setup, parameters, and functionality of the item.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

68 | P a g e


2.2.1 Test Plan (Server) TEST PLAN: SERVER TESTING PLAN TEST NO 1

PURPOSE OF TEST Cold start of Server 01 running Windows Server 2008, to ensure the system initialises correctly and loads all dependent drivers and services.

2

Cold start of Server 02 running Windows Server 2008, to ensure the system initialises correctly and loads all dependent drivers and services.

3

Ensure Server 01 and Server 02 accepts the correct Administrator name and Passwords that were created for a successful login.

4

Run the IPCONFIG /ALL command from the command prompt and check the results for verification that DHCP Server and DNS Server services are working and have the correct IP addresses.

5

Confirm the Active Directory structure and hierarchy exists in both servers to assist in redundancy procedures in the event of a server failure.

6

Ensure the list of users is correct, and in the correct OU container.

7

Confirm the status of services installed, and if any additional services are to be installed, to ensure the functionality of network server.

8

After configuring the mapped drives parameters, ensure that only the allocated users have, and can access, the mapped drives.

9

To confirm that each VLAN is segmented and that no access from another VLAN will be permitted.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

69 | P a g e


2.2.2 Test Log (Server) TEST DATA: SERVER TESTING LOGS TEST NO

INPUT

EXPECTED RESULT

ACTUAL RESULT

1

Powered On

Successful Boot

Successful Boot

2

Powered On

Successful Boot

Successful Boot

3

Login and Password data

Successful login attempt

Upper case character entered, but successful after correct case used.

4

IPCONFIG /ALL from command prompt

a

IP addresses of DHCP and DNS server displayed

IP address of DNS and DHCP servers displayed.

5

Opened the Directory console

Active

Correct active directory structure shown on both servers.

Correct structure shown on server 01, and replicated on server 02

6

To verify integrity of Active Directory and users

Correct structure and user structure.

2 users were placed in their correct directory.

Administrative Serer Manager

>

Detailed information of the server, its roles and services installed, with options to install other server roles.

Information expected to was shown as described.

Logon as Training Staff member, to ensure the mapped drives are functioning. Then logn as a another user from another department to verify that they do not have mapped drives.

Browse in My Computer, and see thye mapped drives name and location in the Network Drives section

Test document sent from Training Suite 1, to a Printer in Training Suite 5

Document will not be printed due to VLAN security, and TS1 users are not part or TS5 ptiner operators group/

Mapped drives were not visible in the selected users accounts. The path was subsequently altered in the setup parameters, and after this the mapped drives were visible and accessible.

7

8

9

Alan Davie

tools

HND Computing: Technical Support – Graded Unit 2

70 | P a g e


2.2.3 Test Plan (Workstation) TEST PLAN: WORKSTATION TESTING PLAN TEST NO

PURPOSE OF TEST

1

To ensure system performs a cold start

2

To verify users credentials and password, and a successful logon

3

To verify that the computers name and domain are correctly established

4

To verify the user of the computer has a mapped drive ( if applicable )

5

To ensure basic connectivity between workstation and server.

6

To install any updates, security or otherwise, for the operating system

7

To test that Microsoft Office installed correctly, and can be executed

8

To test that Microsoft Visual studio and its various components installed correctly and can be executed.

9

To test that the Sophos Anti Virus software package is installed, and the virus definitions are up to date.

10

Test page sent to printer to ensure printer setup, and able to print the full range of colours.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

71 | P a g e


2.2.4 Test Log (Workstation) TEST DATA: WORKSTATION TESTING LOGS TEST NO

INPUT

EXPECTED RESULT

ACTUAL RESULT

1

Powered On

Successful Boot

Successful Boot

2

Username and Password

Successful Logon

Successful Boot

3

Control Panel >> System and Security >> System

Correct domain name displayed, and workstation naming convention relevant to its location.

Correct information seen, and workstation possessed a relevant naming convention

4

Open My Computer, and checked for mapped drives under “Network Location”

Mapped drives shown in the specified section, if applicable to the user.

Mapped drives were shown dependant on the user account.

5

Ping 192.168.0.1

Successful ping reply ensuring basic connectivity between the 2 devices

Successful received.

6

Start Menu >> Windows Updates

Detailed information of the updates and security patches / service packs available

Successful download and installation of all updates relevant to the OS.

Start Menu >> click on MS Word, Access, Excel, Powerpoint and Publisher

Selected program to execute with no errors, and full range of functions

Result as expected.

Execute Visual Studio, and run the VB.net program, the Visual C++ program, and other components needed.

Each executable program successfully operated within its own environment, with no errors or conflicts.

Tests were completed as predicted, with the programs correctly executing in their own environments.

Execute Sophos interface and check for errors, and check the latest virus definition date.

No errors encountered, definitions to be current, as they are all installed from a central location.

No conflicts or errors seen, but prompted to execute a full system scan for the first time

From MS Word, create text then print file.

File to be printed on the network printer

File printed successfully.

7

8

9

10

Alan Davie

HND Computing: Technical Support – Graded Unit 2

ping

reply

72 | P a g e


2.2.5 Test Plan (Switches) TEST PLAN: SWITCH TESTING PLAN TEST NO 1

PURPOSE OF TEST Show a list of the current switch configuration, the running config

2

Shows a listing of the current VLAN configuration, and port allocations

3

To ensure connectivity to the assigned gateway IP address of each VLAN, and to ensure that the interface is on and running correctly.

4

To show the VLAN interfaces configure to a specific VLAN

5

Shows the trunking details of all interfaces

6

To ensure that the current IOS version supports the required commands

7

Save the current running configuration to the start up configuration.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

73 | P a g e


2.2.6 Test Log (Switches) TEST DATA: SWITCH TESTING LOGS TEST NO

1

2

3

INPUT

EXPECTED RESULT

ACTUAL RESULT

Show Run

Shows the current configuration of the switch.

Result as expected

Listing of the current VLAN configuration, and ports allocated to each VLAN

Current VLAN port configuration was show to be configured wrongly, amendments were made to allocate ports to correct VLANs

A successful ping reply will be displayed on the CLI of the relevant switch.

A successful ping reply was displayed on the CLI of the relevant switch

Show VLAN

Ping Ping Ping Ping Ping Ping Ping

192.168.10.1 192.168.20.1 192.168.30.1 192.168.40.1 192.168.50.1 192.168.60.1 192.168.70.1

4

Show Interfaces VLAN XX

Detailed information on interfaces assigned to each VLAN entered, to be displayed and correct.

Correct information observed that was relevant to the VLANs configured earlier.

5

Show int trunk

Output showing the trunking characteristics and protocols used

Output was shown as expected and detailed the interfaces

6

Show version

Switch model, IOS version and manufacturers details to be shown

As expected.

Successful confirmation message shown

Confirmation observed.

7

Alan Davie

Copy run start

HND Computing: Technical Support – Graded Unit 2

message

74 | P a g e


2.2.7 Test Plan (Routers) TEST PLAN: ROUTER TESTING PLAN TEST NO 1

PURPOSE OF TEST Show a list of the current router configuration, the running config

2

Shows a detailed report of the interface, and sub-interfaces configuration

3

To ensure connectivity to the assigned gateway IP address of each VLAN, and to verify that the interface is on and running correctly

4

Verify the DHCP Pool configuration, and their allocated ranges / scopes are correct, as well as other parameters such as DNS servers and Router addresses.

5

To ensure that the current IOS version supports the needed commands

SYSTEM

Alan Davie

AUTHOR:

DATE:

HND Computing: Technical Support – Graded Unit 2

75 | P a g e


2.2.8 Test Log (Routers) TEST DATA: ROUTER TESTING LOGS TEST NO

INPUT

EXPECTED RESULT

ACTUAL RESULT

1

Show run

The current running configuration of the router to be displayed on screen

The running config successfully shown screen.

2

Show ip interface

Detailed listing of all the fast Ethernet / serial ports, and all sub-interfaces configured to VLANs

The required listing was observed, and all relevant VLAN configurations confirmed

3

Ping Ping Ping Ping Ping Ping Ping

Successful ping result from each VLAN gateway address.

Successful replies received from all interfaces verifying their status

192.168.10.1 192.168.20.1 192.168.30.1 192.168.40.1 192.168.50.1 192.168.60.1 192.168.70.1

was on

4

Show ip dhcp pool

Shows a list on DHCP Pool details, showing address leases and ranges, similar to that sown on Page 55.

Correct DHCP Pool details, the correct address ranges and the other parameters were seen to be correct.

5

Show version

Output showing the System manufacturer, the model of router, and its current IOS.

As expected.

SYSTEM:

Alan Davie

AUTHOR:

DATE:

HND Computing: Technical Support – Graded Unit 2

76 | P a g e


2.3 Project Schedules The corresponding Project Management schedule was checked in order to verify the schedule was being adhered to in its entirety. It was found that certain tasks were being allowed to continue longer than were allocated, and as a result of this, the project schedule was amended to include Saturday working any proposed public holidays, in order to ensure the project schedule was accurate, and the project would be delivered on time to the client.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

77 | P a g e


Stage 3: Evaluation of the Solution

Alan Davie

HND Computing: Technical Support ��€“ Graded Unit 2

78 | P a g e


3.1 Evaluation of the Produced Solution Below is a detailed inventory of the produced solution, including major stages such as Analysis, Planning, Design and Implementation

Stage

Comments

Analysis of the Project Brief

The project brief was detailed and allowed for an overall image to be created of the structure of the NWTA premises, detailing the Staffing Hierarchy and the proposed network requirements, as well as Software requirements to fulfil the proposed courses offered. Other additional parameters like mapped drives, and allowing management to view the storage space of section members were also noted.

Organising, and planning of the Project Plan

Solution Effectiveness

After the project brief was digested, it was placed into the melting pot and a list of all the project stages was created, and, in addition, numerous tasks were created and attached to those stages. This information was fed into the Project Plan, using MS Project 2007, to which date and time parameters were added, and agreed to, which then resulted in a graphical format of the entire project plan being produced, which enabled everyone concerned to see their allocated tasks and the time scale allotted to those tasks.

The proposed solution was a viable design that, form experience, is how networks in this scenario are constructed, and function effectively, using VLANâ€&#x;s to segment, and limit, the broadcast domains, and also restrict other users from encroaching into another VLAN sector. Appropriate redundancy capabilities in the event of failure should the network sustain a hardware failure.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

79 | P a g e


Stage

Comments

Overall strengths were the scope for future expansion of the network, by including equipment that offer different services to be configured, such as VOIP, VPN etc, and including Cat6 cabling, as opposed to Cat5e.

Strengths

The solution was weak in the conception due to a redundancy capability not being included, but after this was included the network appeared robust.

Weaknesses

Implementation of the Solution

Testing of the Solution

Documentation Created

Alan Davie

The solution was implemented systematically, and each detail specified by the client was configured accordingly to ensure it functioned correctly in the context of the designed network. The solution was scaled down due to space constraints in the network labs, but adequate workstations were configured to each VLAN, and replicated the Active Directory hierarchy previously shown.

Testing, like implementation, was done systematically, and the parameters influencing each component, and its functionality in the network context were tested to ensure the configurations were correct, and all systems were working as planned. VLAN specifications were also tested and configured to ensure that no additional traffic could enter the VLAN, e.g TS1 sending data to the printer on TS5, thereby reducing the broadcast domain and segmenting the network as deigned to do.

The documentation produced was a clear and informative report consisting of 3 Stages. Other documentation produced includes the work log detailing the progression through the solution, and its other components.

HND Computing: Technical Support – Graded Unit 2

80 | P a g e


3.2 Personal Evaluation Performance Evaluation Criteria The criteria for evaluation are based on personal experience, personal input and overall impressions of the entire activity. This is a personal evaluation hence the personal criteria and does not reflect the overall production.

Appropriate Evidence Appropriate evidence provided ranges from comparisons of the customers current infrastructure, various hardware models, network topology scenarios, through to configuration of the routers and switches with the appropriate data, e.g. IP schemes, in order for the network, and VLAN, foundation to function correctly. The Windows Server 2008 system was configured with an appropriate Active Directory structure to reflect the company structure, and from this permissions and group policy were implemented as required by the customerâ€&#x;s requirements.

Evaluating the effectiveness of the activity The activity was effective due to a culmination of my acquired knowledge from other courses, and from thorough research carried out in the process of selection and evaluation for the different stages of this project. It was an effective project due its concept and its complexity, which was not apparent to me until the project evolved and revealed unforeseen tasks, which implemented more stringent time constraints, and an alteration of the corresponding Project Management schedule. Conclusion and Improvements The process could have been made a lot easier if it was part of a group activity, but due to circumstances, I have completed this project myself, hence the reason no-one else is mentioned in the contents. Specifications of what to include, and what would not be appropriate in the project could be more consistent, as opinions differed from week to week on what was the right thing, or right way to do a particular stage.

Future Recommendations A concise outlay should be developed in order to inform students what items, such as Operating Systems, should be used, and better access to facilities. As an individual, i felt i was rather excluded from the development due the fact that most groups took over the available kit. I have a complement of routers and switches available at home which helped me greatly, and evidence was produced of the working project from these, and if was not for these, i very much doubt the available kit would suffice.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

81 | P a g e


Bibliography and References In this section there will be evidence of how the documentation in this report was constructed, such as websites visited, books read etc.

Resource Name

Reason

Date used

http://www1.euro.dell.com/

Workstations

03/10

http://welcome.hp.com/uk/en/smb/desktops.html

Workstations

http://welcome.hp.com/uk/en/smb/index.html

Printers Backup Devices

03/10

http://www.cisco.com/en/US/prod/collateral/switches /ps5718/ps5528/product_data_sheet.html

Data sheet and spec of various switches

04/10

http://www.cisco.com/cisco/web/solutions/small_bus iness/index.html

Cisco small business resource website

04/10

http://packardbell.co.uk /desktops-28.html

Workstation

04/10

http://www.nextag.co.uk/ http://www.bizrate.co.uk

Specification and price search for hardware resources

03 - 04/10

http://www.sophos.com/products/small-business/

Anti Virus solutions

05/10

http://office.microsoft.com/en-gb/default.aspx

Office 2007 Software

05/10

http://www.microsoft.com/visualstudio/en-us/

Programming languages software package

05/10

http://www.microsoft.com/express/downloads/

Express version downloads of the above

http://www.microsoft.com/windowsserver2008/en/us /default.aspx

Server 2008 product page and licensing.

Alan Davie

HND Computing: Technical Support – Graded Unit 2

03/10

05/10

05/10

82 | P a g e


Resource Name

Reason

Date used

http://www.microsoft.com/windows/windows7/compare/default.aspx

Windows 7 comparison page

http://www.poweroverethernet.com/products.php?su b_cat=18

Power Over product listings

http://uk.insight.com/content/homepage/

Product listings and prices

feature

Ethernet

05/10

04/10

04/10 http://www.cisco.com/en/US/prod/collateral/vpndevc /ps6918/ps9692/ps9944/ps9950/data_sheet_c78508956.pdf

Cisco PoE camera brochure 04/10

Network Design and Case Studies (2nd Edition) Network design schematics and principles

Cisco CCNA ICND1 and 2 Guide

05/10

VLAN information, setups, routing. 05/10

Cisco Networking Fundamentals

Switching and networking protocols, networking topology and basics.

Cisco Routing Protocols and Concepts

Creating and Maintaining VLANs

Alan Davie

05/10

Cisco technical PDF

05/10

document on VLANs

06/10

HND Computing: Technical Support – Graded Unit 2

83 | P a g e


Index and References H

R

Hosts · 34 Request · 11, 12, 13, 22, 23, 25, 26, 27, 28, 30, 31

N NWTA · 33

Alan Davie

S scope · 13 Subnet · 34

HND Computing: Technical Support – Graded Unit 2

84 | P a g e


gu2