virtual company
DESCRIPTION
Group 8. Presentation Date: 26 -27 June 2012. Virtual Company. Content. Introduction Objective of Virtual Company Introduction of Network Infrastructure in Virtual Company Operating System and Services in Company usage Security in Company Switch and Router CISCO Problems and solutions - PowerPoint PPT PresentationTRANSCRIPT
Virtual Company
Group 8
Presentation Date: 26 -27 June 2012
2
Content• Introduction• Objective of Virtual Company• Introduction of Network Infrastructure in Virtual Company• Operating System and Services in Company usage• Security in Company• Switch and Router CISCO• Problems and solutions• Completed and Uncompleted Tasks • Experiences of Virtual Company• References of Services in Virtual Company • Questions and Answers
3
Introduction
• Group number : 8• Supervisor : HY Leapcheang• Manager : LONG Chanthorn• Group Member :
CHHOEUN SambathHOEUNG KuntheaMEN AmaraNHEAN SophanNY SreypechSIN SokhengSORY Sokuntheara
4
Objective of Virtual Company
• Understand the real network infrastructure of company
• Understand the security in the company
• Install and configure services : AD, DNS, DHCP, File Server, Proxy, Firewall, Mail and Webmail, Web, FTP, VPN, and DHCP Relay Agent.
• Understand the rules allow or deny in firewall
• Team work
• Understand problem solving
• Improve self-learning
5
Introduction to Network Infrastructure Virtual Company
6
Operating Systems and Services in Company usage
• The company use two Operating Systems :
– Microsoft :
• Windows Server 2008 (File Server, AD,DNS and DHCP)
• Windows 7
– Linux :
• Red Hat 6 (Mail, Web, FTP, Firewall and Monitoring)
7
Operating Systems and Services in Company usage
1. Microsoft : Window Server 2008
– The first server: (192.168.8.2/29)
• AD : group8.lan
• DNS : group8.lan
• Backup network : use Backup4all Professional 4 setup wizard tool(software from internet)
– Backup data from file server
• DHCP : g8-ad.group8.lan
– Scope : 172.16.8.0/26
– Range : 172.16.8.1 – 172.16.8.62
– Excluded: 172.16.8.1 – 172.16.8.8
• Some services : Backup, Anti virus, Nsclient….
8
Operating Systems and Services in Company usage
– The second server: (192.168.8.3/29)• File server : sharing data and assign permission
– There are 5 folder Common, Finance, HR, IT and Marketing
– Assign permission for manager and staff • Disk quotas : limited space for clients
–Home_user : 60GB(one user 5GB)– Data : 122GB
Common(42GB)and Finance, HR, IT and Marketing(20GB)
– Windows 7 : setup as clients• IP from DHCP server
9
Operating Systems and Services in Company usage
2. Linux : There are three machines using Red Hat 6
- First server: Web server and FTP server(192.168.8.10/26)
• Web server :
– www.group8.lan : Joomla website (port 443)
– movie.group8.lan : Movie website (port 80)
– flowershop.group8.lan: Flower Shop (port 80)
10
Operating Systems and Services in Company usage
• FTP server :– Use service pure-ftpd (download from
internet)– There are four groups (department of client)– There is a directory and has four sub-
directories for clients can download and upload
– Quota: 3GB for each (IT and Finance Department) and 2GB for each (HR and Marketing Department)
11
Operating Systems and Services in Company usage
• Second server: Mail and Webmail (192.168.8.11/26)
‾ Mail server using Zimbra (download from internet)
‾ Webmail name g8mail.group8.lan and using security port (https or 443)
‾ Authentication with certificate (log fail only 3 time)
‾ There are three groups user IT, HR, Finance and Marketing department
12
Operating Systems and Services in Company usage
• Third server: setup as firewall, VPN, Proxy server, DHCP Relay Agent and Monitoring
‾ IP : 192.186.8.1/29 LAN Server interface172.16.8.1/26 LAN Client
interface192.168.8.12/29 LAN DMZ interface
• Rule firewall‾ Allow client request IP from DHCP server, use
DNS, Join Domain, Access file sever, .etc.‾ Allow LAN Client, LAN Server, LAN DMZ can
access to internet by using proxy‾ NAT Post Routing and Pre-routing‾ Allow DNS local can forward to DNS public ‾ Allow VPN, etc.
13
Operating Systems and Services in Company usage
• VPN server
– Use packet openvpn-as-1.8.3-RHEL5.x86_64.rpm (download from internet)
– Open VPN provide IP address to clients network address range 10.10.10.0/26 (Secure IP address of VPN)
– Allow Open VPN’s users use local DNS and access File Server (IP address 192.168.8.2) by use port 138,139,443,445,538
and port 943 with protocol TCP and UDP.
14
Operating Systems and Services in Company usage
• Proxy server: (Port 3128)
– Use service Squid
– Sharing internet to client and filter contents
– Proxy configure authentication with all user in AD
– All staff can’t access to website www.youtube.com, but Manager has full access to any websites
– Delay pool (Limit speed download and upload)
• Client can download only 10KB/s.
• Manager can download only 20KB/s
15
Operating Systems and Services in Company usage
• DHCP Relay Agent
– Relay from LAN Client interface to LAN Server interface in the router (Enable client gets IP address)
• Monitoring
– Configure with Nagios
– Monitor on hosts and services (Up or Down)
16
Company Security
• Network Security
‾ Firewall (IPTABLE)
‾ DMZ : allow external can access webhosting
‾ Proxy - Squid (User Authentication)
‾ Configure SSL Web Application for hosting
‾ VPN (authentication, Provide password for Open VPN’s users )
‾ Antivirus
17
Company Security
• Data Security
– Permission data share
– Back up local (configuration)
– Backup Network (data ,file share and configuration …….)
18
Router and Switch (CISCO and HP)
1. Router:
- Sub interface
- Dynamic NAT
2. Switch:
- VLAN
- Trunk port
- Native VLAN
19
Problems and Solutions
1. Network Problem:
‾ Configure router CISCO
‾ Network monitoring
2. System Problems:
‾ Can not map home folder to the clients on Windows 2008 64bit standard
‾ Can not install Acronis on Win 2008 64bit standard
‾ Can not install packages on Redhat 6,
‾ Firewall machine getting down, full of Kdump file
‾ Clients VPN can not login to the server
20
Problem and Solution
2. System Solution:‾ Reinstall Windows Server 2008 32bit
‾ Changing the repository on install the packages from the CD (Redhat 6)
‾ Reinstall the new Redhat 6 with non GUI
‾ Checking on iptables rules
21
Completed and Uncompleted Tasks
Task Completed: 1.File Server and Quota
‾ Map home folder, and Map drive‾ Assigned Permission to Each directory‾ Setting Quota
2.AD, DNS, DHCP‾ Domain Controller‾ Create users and Groups ‾ DNS update automatically from DHCP server (DDNS)‾ Provide IP address from DHCP server to clients
22
Completed and Uncompleted Tasks
3. Web Server‾ Creating hosting website (3 websites), one with SSL
4. Proxy Server‾ Sharing Internet‾ Blocking domain‾ Limit Upload and Download Bandwidth ‾ User Authentication
5. File Transfer Protocol (FTP)‾ All staffs can read data in their department‾ Manager have full control on their department‾ Only manager can delete the data on their
department
23
Completed and Uncompleted Tasks
6. Virtual Private Network
Allow VPN’s clients to access from Outside network
7. Mail
‾ Set up mail and webmail server with SSL (SSL Encryption and Certificate)
8. Backup
‾ Backup data on each department
‾ Backup Configuration file on Mail, Webmail, Proxy, Firewall, FTP…
24
Completed and Uncompleted Tasks
Uncompleted Tasks:
1. File Transfer Protocol
‾ Clients Can not access FTP server from Outside network
2.Web server
‾ Can not hosting webmail to Internet
3.Mail and Webmail Server
‾ Can not hosting webmail to Internet
25
Experiences of Virtual Company
• Non _Technical
- Understand the important of team work
‾Understand how to adapt myself to work in team
‾Solidarity in team
‾To know how to deliver task for members in group
‾To know about responsibility for our task
‾To know about tasks organization and task priority
‾Improve self-learning by using searching skill.
26
Experiences of Virtual Company
• Related _Technical
‾ Get familiar with the installation of services such as Proxy, File server, DNS, DHCP especially DMZ, mail hosting, web hosting, webmail hosting, Firewall and network monitoring, etc.
‾ Understand Network and Data security
‾ Understand how to designed Network Infrastructure
‾ Understand IP sub netting to assign for each computer (LAN)
27
Referent Service Virtual Company
• http://www.irtaza.com/servers/linux/how-to-setup-ftp-server-on-linux-pureftp/
• http://manyrootsofallevilrants.blogspot.com/2012/02/join-rhel-6-server-to-windows-2003.html
• http://www.softpanorama.org/Commercial_linuxes/Devices/disk_partitioning.shtml
• http://www.installationwiki.org/OpenVPN
• http://www.generationip.com/documentation/Howto/137-howto-install-zimbra-collaboration-suite-6-0
• http://www.linuxquestions.org/questions/linux-server-73/directory-quota-601140/
• http://souptonuts.sourceforge.net/quota_tutorial.html
• http://magazine.redhat.com/2007/04/11/squid-in-5-minutes/
• http://www.redhat.com/magazine/022aug06/features/webserver/
• http://docs.redhat.com/docs/en-US/JBoss_Enterprise_Web_Server/1.0/html/Installation_Guide/ch-Installing_EWS_on_Red_Hat_Enterprise_Linux.html
• http://www.cyberciti.biz/tips/howto-rhel-centos-fedora-squid-installation-configuration.html
28
Question and Answer
Thanks for Your Paying Attention!