Understanding Network Infrastructure

Verified

Added on 2020/06/04

AI Summary

This assignment delves into the fundamental aspects of network infrastructure. It defines key terms, outlines the essential components that comprise a network, and provides examples of how these infrastructures are utilized in various contexts. The provided text covers topics such as energy-efficient content distribution, security models for IPv6 networks, and shared sensor networks. It also highlights the importance of network infrastructure in modern technologies like image recognition and human re-identification.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Network Infrastructure

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

TABLE OF CONTENTS
INTRODUCTION...........................................................................................................................1
TASK 1............................................................................................................................................1
P1.1 Evaluation of DNS in MS windows and active directory in MS windows....................1
P 1.2 The technologies that support network infrastructure management.............................6
P 1.3 The security resources available in network infrastructure management.....................8
TASK 2..........................................................................................................................................10
P 2.1 Designing a network infrastructure.............................................................................10
M2 Evaluation of server with respect to network infrastructure..........................................14
P 2.2 Addressing and deployment solutions for the network...............................................15
P 2.3 Evaluating rights and security requirements...............................................................16
TASK-3 ........................................................................................................................................20
3.1 The implementation of network infrastructure ..............................................................20
M3 Implementation of potential security threats in a network ............................................23
TASK 4..........................................................................................................................................24
P 4.1 Review and testing the network implementation........................................................24
P 4.2 Evaluation of the network and user assurance of the network....................................27
CONCLUSION..............................................................................................................................28
REFERENCES..............................................................................................................................30

INTRODUCTION
Network infrastructure is considered as the resources of a complete network, with the
help of which the network connectivity can be enabled. The resources can be software's as well
as hardware's. It also involves the internal and external operations along with the communication
within an enterprise network (Xu and et.al., 2011). The entire structure of network is connected
inside the network, which means all the systems are connected to the servers and produces
internal as well as external communications. Along with the hardware and software, there are
various network services as well that are implied in the network infrastructure. The report is
about understanding the principles of the management of network infrastructure and representing
the same for Net Enterprise Solutions as they are recruiting for surging their client's needs.
TASK 1
To a group of connected computer systems the term of network infrastructure is used. The
parts of computers such as cables , switches, wireless access points etc are included in this
network infrastructure. The global intranet and corporate intranets are most probably same
but in a closed network architecture they operates. Within it only they are both are
accessible.
On a central data storage they are reliable and also included computers which after called as
severs (Agyapong and Benjebbour, 2014.). The central storage is accessed by routers,
switches, Ethernet cabling etc. In order to be functional the network architecture also needs
software requirements aside from having suitable hardware.
P1.1 Evaluation of DNS in MS windows and active directory in MS windows
The set of rules that is known as internet protocols are the most prominent among the
services in order to handle network infrastructure .Within networks and over the internet
they govern the formation which transfer of data that takes place. In every network
infrastructure the most common internet protocols that is sued in the domain name
service(DNS).In the IP address it is primary services that discovers and translated internet
1

domain names into IP addresses. The name that is been typed in the web browser is
converted automatically by DNS to the corresponding web sites servers IP addresses in
order to store name and address information of all public hots the service make use of
distributed database on the internet .As it an easier way to get connected to distinct
websites(Gupta and Jha, 2015).
The caching request and redundancy is also provided by DNS services. With primary,
secondary and tertiary DNS serves it is not uncommon to discover operating system
configured in order to allow recreation. With the computers the service itself works on
client/server architecture. The clients of DNS want to make use of service that are needed
to have service configured on their network. The static IP addresses are assigned to the
DNS servers thus making it simpler for users to access the service during any query. In
order to discover the right severs for delivering internet e-mails the DNS is also used. The
domain names is covered back from IP addresses by making use of reverse look ups(Zheng
and Lei, 2016.).
In order to handle communication and request that is been sent over the network the
internet protocols such as DNS that is been used. Also it is important to have some inside
tools that can be sued to mange and con troll the resources over the network. In order to
centralize the network information most of the organization make use of directory service.
With Windows’s Active directory most of the vendors offer this .Most probably these are
being deployed in smaller business. The web-based relationships and the internal relations
are been manged by using service software such as Novell’s e- directory. This more
preferred by corporate people and also it is used as centralising agent. It can also be
utilized as web service that can be accessed by both internal and external users through
authentic logons. From an added access to web service both active directory and e-
directory have much more to provide.
The main difference between them is as follows-:
2

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Manageability
The windows active directory providers straightforward and manageable consoles that
can be expanded .So, over the infrastructure of organization it offers a greater converge.
However in comparison with Novell’s e Directory to provided differ types of tools in order
to make easy the management across various platforms.
Scalability
In Windows active directory, the multiple directory servers host the similar directory that
is allowed by multi-master model. In the event of master failures the limited management
functionalities is been offered by Windows’s FSMO (Kasapaki and Sparsø, 2016.).
However, in Novell e-directory the multi-master model is also offered but only the
certified employees are giving permission for performing tasks such as updation of
schemes etc.
Security
The small attack service is provided by both services bout through proper
directory implementation it can be available. In order to manage network client’s the active
directory is offered by group policy. For the clients of windows only it is applicable.
However on other hand, the client/desktop management is offered by e-directory
ZENworks suite. Arcos various platforms the Novell’s security tools are capable of
monitoring and administrating clients.
Compatibility
On the windows OS only active directory can be installed and the endpoint-to end-point
solutions frae been provided by them .So, this make installation across various devices and
OS very easy(King and Farrel, 2015). However on other hand, for its support for multi-
platform Novell is known.
Reliability
3

The Novell’s up time reputations is not been able to catch up by windows. An
array of service packs , hotfixes etc have been offered by windows. However on other
hand it is highly reliable to install novell’s e-directory on a Novell NetWare server.
The networking architecture the additional management concern is also faced.
The rights are either accessed to management of users or resources etc. Through different
tools different operating systems deal with these concerns. In order to tackle with each
Susie windows server OS provides a variety of feature. These features handle these type of
tasks which are as follows-:
Resource management
By large IT corporation and the infrastructure resource management is been
used. The high-end resource management is been required by large IT corporations such as
data centres. In order to deliver established level of service this resources are been used.
The extensive management methods are not used by smaller organization. For an instance
the allocation of resources is enables by CPU and memory by making use of window’s
system resource manager. The limits are being addressed by the administrators .Among
multiple applications that are running in a network WSRM is able to allocate resources.
User management
In order to build a network the most essential task is to secure a network on the
outside. But it is necessary to protect the network from inside. The network security
polices need to be configured and also the user permissions ned to be granted. To the
resources of organization the same level of access to all in the organization is not been
provided. Through proper user-management a lot of issues can be handled by
administrators
Novice internet users
4

There are chances that sensitive private information of the organization can be
exposed to the world outside. These people are not expertise but there they are not having
any dangerous intentions.
Intensive bandwidth users
In the workflow of organization, the serious threat is been posed by bandwidth
logging (Merolla and Brezzo, 2014.). The bandwidth network is been clogged by
unnecessary downloads. By allocating bandwidths can also be handled by this.
Password assignments
For the organization a serious threat is been posed by weak passwords. In order
to make sure that certain needs are been met by the passwords the polices are also
applauded to it.
Within the organization the Windows’ active directory can also be utilized in order to
crate and centralised users (Krienen and Sherwood, 2016.).
Access control
In order to protect internal network the additional features are been proved. These
involve access control. The polices to users, group and computers are being assigned
through access control administrators. The various methods such as permission, user-rights
object auditing etc. can be implemented by using access control
Permissions
The access to a user, group or object are defined by the type of access that is
defined in permissions. For objects such as files, registry, process NTFS permission is set
by administrators through access control. On the type of object the permission that is
viable for an object can change .The read, modify, change owner etc are been assigned to
most of the objects. The inherited permission is also given to access control users. All the
inherited permission that is there in containers is inherited by that container
User rights
5

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Within the network the specific privileges and logon rights are been granted by
user rights. To a group or individual user-accounts administrations can assign particular
rights. The specific actions are been authorized from these rights .The actions such as
logging in the system, backing up the fields etc are been done .The permissions and the
user rights are not same they differ from each other. The permissions are attached to
object’s. However, user rights are attached to users.
Object auditing
Within the network by using this feature one can monitor and examine the
policies and permissions that is been assigned. In order to access attempts to object it allows
administration to log both successful and unsuccessful access.
P 1.2 The technologies that support network infrastructure management
The most of the functions of the organization is bene supported by the server which is a
network hardware(Zhao, Mathieu and LeCun, 2016). It also known as the backbone of the
infrastructure. The networking hardware need to be selected in a way that is compatible with the
infrastructure. The organization collection of serves is not just referred by the term
infrastructure but also all the devices that is connected to the network. On the requirements of
hardware the functionality of a network structure is dependent(Szegedy and Wojna, 2016) .It is
essential that hardware on the network need to be implemented properly so that infrastructure to
be functional. It can be done by continuing monitoring it and also the operations and serves need
to be managed.
The powerful servers are been required in larger infrastructures such as data centres. The
most of them settle for rack servers. The smaller tower severs can be used by small organizations
depending on the size they can make use of these servers. The tasks that is been deployed by the
6

servers can only be handled by them. The software such as operating system need to be
monitored. On the requirement and size of infrastructure the OS is chosen .With Micros fit
server OS a small organization can make a couple of (HP) ProLiant severs .A variety of
management tools is been offered by Windows Server OS. The various tools can be Resource
monitor and access control. There are various devices and hardware that is needed to build fully
operational networking infrastructure. They are as follows-:
Routers and switches
Across the network routers and switches are responsible for transferring of data. The
devices, applications, and network connection grows in the number of IT infrastructure and the
there is an increase in traffic of volume. So, in the overall performance of network and
productivity of user the importance of switches and routers also increases. The packet loss
protection is there is the router and switches in the organization are up to date. Also the high
performance will also be achieved by the organization due to updating of routers and switches as
well as it will also support redundancy support.
Firewalls
There is high dependence on each other of firewall configuration and infrastructure
security. With proper configurations having a robust firewall can maintain security of network.
In both hardware and software it can implement. The unauthorized interactive logins from the
outside world is being secured by firewall. It will give protection to the system.
Wireless access
In order to provide an effective network management strategy a secure and efficient
wireless access need to be given. The cost that is need in wired network is also reduced by
wireless access. The larger platform is being opened in order to access the resources of network
by wireless access. It is a cost -effective process for any organization or infrastructure.
Remote access-
7

The remote access also need to be configured while setting up the management solutions
for a network, The cost effective mode of network management is not presented by remote
access.
P 1.3 The security resources available in network infrastructure management
On the software supporting the infrastructure the security resources that are thee are highly
dependent. Different level of support is bene given by different OS .The Microsoft windows
servers 2008 offered a variety of management and support tools. Among these tools the most
commonly are as follows-:
Rights management – Through its active directory right management services windows server
manages its assignments of rights. The digital information against the unauthorized users can be
secured by using AD RMS administrations. Both online and offline digital information can be
safeguarded from it. To the files the rights that is configured are applied. Theses policies can also
be applied to a third -party formats of documents through add-ons administration.
User management – Through the active directory users and features of computers of the
windows OS the user accounts and the activities such as creating , monitoring and administrating
user accounts can be gathered. The local user accounts, reset passwords, disable or active
accounts etc can be created through users and computers administrator.
Allocation of group – For a group related work the group allocation of resources is been done.
The allocation of different resource is been handled by the different server 2008 features. The
hardware resources is been allocated by the windows system resource managers .The hardware
resources such as memory and processor to high-end application and functions are being
allocated by them. For each user the storage space can also be allocated by configuring certain
policies on user accounts.
Encryption -Every organization have a fear that the customers information need to be maintained
securely by them and it should not be disclosed to another person. Both financial information and
8

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

database of customers are valuable for the organization and they have frets over the accidental
disclosure (Varior, Haloi and Wang, 2016,). The best way to make sure that valuable
information does not get leak is that encrypting method’s can be used .The non-authentic user
will not able to see the private information. The task of encrypting each file and storing it in a
folder can be difficult. But the windows encrypting file system makes it easier by storing the
encrypted files and folders on servers and clients as well. The polices of EFS are not only
applicable to the devises that ae within the network but are also applicable to also remote service
and clients as well. The restrict is accessed by the EFS administrator to an extent where the
access to the services and its final systems are not able to see the data that they should not.
Virtual private network – Over the less protected network VPN is used and it is also a form of
encrypted connections. The appropriate level of security is been ensured by VPN. Alone the
network infrastructure cannot provided the security. The cost-efficient is enabled by the VPN
connections. The remote access to private network is also provided by VP connections. The
advantage of the internet is been taken by administration that will help to give protection and
functionality of private WAN connection. In order to protect communication it will make use of
cryptographic security service over the internet protocol networks. This will makes the network
infrastructure management is more accessible.
Radius – The centralized connection authentication and authorization is been given by remote
access dial in support. It is a type of windows platform.
IPSec- It is a type of Windows Sever OS features .The network peer authentication, data
integrity, data confidentiality etc are also been supported by IP sec at less price. Via the windows
firewall with advanced security snap-in IPSec polices can be configured.
9

TASK 2
P 2.1 Designing a network infrastructure
While designing the network infrastructure of Net Enterprise Solutions, it is very
important to keep the essentials that the company requires (Fodor and et.al., 2012). The
requirement here is to develop and design a prototype client server network architecture for
Khepri as well as for Associates Ltd. It also involves the setting up of all the hardware and
network resources. Network
10

As it is clear in the diagram, the server is located in between and as it is cleared in the
definition also, all the systems inside are interconnected to each other. So, the server is also
connected to each other system. Various systems are connected to the server and the server holds
the information of all the systems located within its coverage. There are two areas, internal and
external. In between the both, there is a firewall present. The area before the firewall, in which
the systems are connected to the server is considered as the internal area whereas the area on the
other side of the firewall is the external area in which there are external bodies. Firewall is
11
Illustration 1: Network Infrastructure
(Source : Infrastructure support, 2017)

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

termed as a network security system which is responsible for maintaining the traffic of both the
incoming and on the outgoing sides. For this, there are some predetermined rules that needs to be
followed. They act as a very critical part of the network because it helps in maintaining the
security of the network. Also, it helps in blocking any unauthorised access so that no other
external body can be able to steal the information that is inside the network. It does not permit
any access from the untrusted zone (Fodor and et.al., 2012). The firewall can be classified in
various parts such as the proxy firewalls, stateful inspection firewall etc. The proxy firewalls are
the ones that act as the middlemen. They are responsible for accepting the traffic requests that
are trying to come in the network.
In this, designing of a prototype client server network architecture is to be done for Associates
Ltd and Khepri. In Khepri, there are five different departments that involves Sales, Accounts, IT
support, Executive and the operations (Xu and et.al., 2011). A network infrastructure as depicted
in the scenario is represented as following :
12

The designed structure is for Khepri as well as for Associates Ltd. As there are various
departments at Khepric namely, Sales, IT management and support, accounts, operations and
executive, all must be compiled in the active directory of the system. In all these departments,
there are some specific number of users as in the account's department, there are 5 local users but
they do not have unlimited access like the other users (Wählisch, Schmidt and Vahlenkamp,
2013). They have limited access from 9 : 00 to 17 : 00. The same way, there are seven users in
the sales department whose timing is same as well. There can be two users in the Executive
department and both these users are not bound to a limited access, rather both these users have
unlimited access. There are two technicians in the IT support and management and they play a
very important role because if sometimes, any error occurs in the system or the server, the
managers of IT can immediately resolve the issue because if the issue will be resolved later on,
13

then it can cause many complications such as the tarffic and the data packets will continue
coming and it cannot be transferred further, so in between there may cause blockage of the data
packets which can cause huge complications for the whole system. So, the users in the IT
management and support play a very important role. In the operation's department of Khepri and
Associates Ltd, there are 2 users also but they do not have any access to any other folder or
department. This is maintained for security reasons. One network printer is connected as well to
all the devices. Printer, here is considered as an external output device because it will be used to
exclude the information inside the system in a form that is readable and accessible to the other
bodies as well.
M2 Evaluation of server with respect to network infrastructure
Evaluation of server can be done in various steps but one of the essential component is to
identify a hardware platform but there is a small condition for that as well as the hardware
platform must be an independent software vendor, that is ISV enthusiasm so that the port and
application can be developed well and efficiently so that it can help in a better server evaluation.
As in the illustration 1, Network infrastructure, it is clear enough that the server remains at the
middle of the whole architecture. It is because the server is connected to all the devices that are
present on the network such as in the diagram, the server is connected to the workstations and the
internet service provider. So the server must be connected through all the systems because it
stores the data and information on the server. It is being stored on the server because if in case
there is some issue in the system and data is being lost, so in that case one can take the back up
from server and can retain all the data easily. So, server plays a very important role here. There is
a firewall as well which is also connected to the server and it also plays a equal role as it helps in
blocking all the spams and viruses from entering in the system as it can damage or the data can
be cached as well for some external bodies, so it helps in maintaining the security factors.
14

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

P 2.2 Addressing and deployment solutions for the network
Two types of servers are essential for the configuration of the network and these are DNS
and DHPC. Addresses are also classified in three categories namely, host address, network
address and the broadcast address. The host address is considered as the address that is being
assigned to the user in the network. It helps in distinguishing a single node from all the nodes of
the network. Network address is termed as the standard form of address such as iPv6 and iPv4.
A very well known and common example of this is 192.168.1.1. It is also referred as the
universal address for almost networks. Whenever a host is connected to a network, it carries
along the IP address, specially, the first four numbers. From the last digit, the host address is
being created. Broadcast address is responsible for providing communication within each host
and nodes as well (Mandal and et.al, 2011).
Among all the addresses in the network, it is considered as the highest address. All these
three addresses are interconnected to each other and are dependent as well on the support and
communication network. Domain name system (DNS) and Dynamic Host Configuration
Protocol (DHPC) act very essential servers as DHPC is responsible for requesting an IP address
through broadcasting a discover message to the local subnet. In this, an address is being offered
to the client along with a message that contains the IP address and the information related to the
configuration. A domain name server (DNS) helps in managing the directory of the domain
names and then their translation in the addresses of the internet protocol (IP). Whenever an URL
is being entered in a web browser, the DNS server takes use of it for resolving the name in the IP
addresses (Efstratiou and et.al., 2010).
The model of DHPC is a connectionless service model which makes use of various
protocols and the most important protocol is the user datagram protocol (UDP). Two port
numbers are required in its implementation. 67 is considered as that port number of UDP for a
15

server and 68 is to be used by the clients. The dynamic host configuration protocol deals with
four general phases such as IP lease offer, server discovery, IP lease request and the IP lease. The
addressing of clients by DHPC is being done by various methods such as the turning on of the
DHPC client, a request has been called and then sent out to the DHPC server. Redirection of the
packet is also being done by the router and it is just for the appropriate and efficient DHPC
server (Wählisch, Schmidt and Vahlenkamp, 2013).
Once the request packet receives the packet, then allocation of IP address is being done to
the clients. It is based on the availabilities and the policies set according to the usages. To the
client, an offer is being sent by the server which contains all the essential information. Often, the
server also configures WINS, DNS, NTP etc., and all their settings for the client. The IP
addresses are being assigned by the DHPC servers on a lease basis. So, it is very important for
the administrators to manage and control a check over the ranges of the IP addresses. There are
various other factors as well which are important for the management of the DHPC servers and
these includes setting the ranges to the scope, developing reservations for the IP addresses,
managing the length of lease durations etc. So, Khepri and Associates Ltd., can ensure these
addressing and deployment solutions for their network and it can help the organisations in a
proper and efficient management of the network.
P 2.3 Evaluating rights and security requirements
For any network, there are some specific rights and security requirements for the
network. The security of the network is very important because it helps in protecting the integrity
of the network as well as the information and data. Managing and controlling the security of the
data is the most important factor as the systems must be implied with a huge amount of personal
data, whether it would be of the employees, the organisation or the productions of it. It should all
be maintained in a proper way so that no external body can be able to access it and proper
blockage of these bodies will be done by the firewall present and dealing with both the internal
16

and external bodies (Mandal and et.al, 2011). There are various types of network security that the
Khepri and Associates Ltd. Can go for. These are discussed as under :
Access Controlling
Access control is important because there are various users in a network but it is not
important that every user should have control over the network. So, Khepri and Associates Ltd.
Should ensure the fact that they should provide access to some authorised and trusted employees
only because any new employee or member can steal the information and forward the same to
some external body. Instead of blocking the whole access, the companies can also provide them
limited access. This whole process is considered as network access control (NAC).
Antivirus and anti Malware Options
Antivirus is meant for fighting with the viruses and anti malware options are for dealing
with the malware which can be worms, Trojans, spyware etc. Often, malware infects the whole
system but is detected after a long time. Till that time, it steals the whole information and
damages the internal body of the system. Khepri and Associates Ltd. can also go for various anti
malware solutions to keep their systems safe and secure from any threat or virus. Along with it, it
after being installed, it blocks the infected files and cookies from entering in the system and
make its permanent blocking.
Security of the application
Whenever an application or software is being run, there are some chances of it being
infected or malicious. So, application security helps in maintaining the level of security because
whether it is an in built application or the purchased one, there are some chances of it being
vulnerable, so it is required to make use of the application security for ensuring the protection of
these applications and software's.
Prevention from data loss
Associates Ltd and Khepri should also ensure the fact that the data and information that is
being saved and done in the systems of the organisation, it is not being send to any external body
17

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

without the permit of the higher authorities. So, access should be given to the trusted employees
only so that there has been no risk in the data loss (Wählisch, Schmidt and Vahlenkamp, 2013).
There are various technologies as well that can stop people from uploading and downloading the
critical data and information and in an unsafe manner. Various online portals also have a report
function in which a person can request for the deletion of their own some personal video or
photo. After a little while, that photo and video seems unavailable from the specific site as well.
Firewalls
Firewalls act as a main barrier between the trusted source and the untrusted parties that
come to steal or destroy the data. They follow a set of rules for blocking the traffic because in
every real second, the data packets are being send and received., so it is equally important to
manage these because if it is not being managed, then, data packets may get collected at a single
place which will cause the blockage of the traffic., so from these using various hacking features,
the data can be transferred to some other route which causes loss of data. So, the companies
should ensure the fact that firewalls are a must and can help in protecting the data and keep it
safe and secure.
There are various remote and routing access services as well which can act helpful for the
system. These are discussed as under :
Virtual Private Network (VPN)
A virtual private network is considered as a private network across the public network. It
helps in sending the packets of data and then receiving the same, in short it can be termed as the
transfer of data packets from one source to the another. All the devices inside the network are
connected to each other with a server. The server holds the information and data of all the
systems that are connected to it. VPN helps in permitting a secure access to the people even if
they are outside the workplace. So, it is not important to make use of it only inside the work
place, it can be used outside as well (Fall and et.al., 2011). A virtual private network is actually a
point to point network with the help of a huge number of virtual connections. The connections
18

may be internal as well as external. A virtual private network also helps in providing some
benefits of a wide area network (WAN). If this can be seen from a user's end, it is very
beneficial. There are various websites which does not allows the access of virtual private
network. Because of some security issues, these do not allow the use of a virtual private network
and various internet websites block it in the initial phase only.
Dial up connections
Dial up refers to using the internet connection with the help of a public switch telephone
network (PSTN). It is because PSTN helps in making a direct connection with the service
provider of the internet and this process is considered simple and can be done by dialling a
telephone number on a telephone line. It makes the connection and then the person can be able to
make use of the internet. If any factor comes as a barrier in the connection, it can affect the
internet as well because as it is a dial up connection, any barricade to the connection lines or
servers can shut down the internet as well. So, some authorities are kept at servers as well which
can help in resolving any complex or complicated issues if comes in the way of sharing the
information or data within the systems or with the server as well.
Trust management
There are a various collection of trusts that can be implemented across domains and it can
help as well to a huge extent. Some of these are discussed as below :
External trusts
The external trust helps in giving the access to all the processes and operations that are
situated on the domains and the main purpose of this is to connect and share the necessary data
and information with each other. It cannot be classified in any one direction. Rather, it can be
termed within one way or two way. The path is completely dependent on the environment.
Realm Trusts
19

These trusts are being used for making the trusting relationship with two bodies and these
two bodies can be classified as AD domain and a non windows realm.
Forest trusts
Forest trusts are being used for sharing the data and information, along with the resources
that are compiled between the domains that are of the same species (Wählisch, Schmidt and
Vahlenkamp, 2013).
Short cut trusts
Short cut trust can be applied to a single body. But these are being used for improving the
login time of the users. It helps in doing so by increasing the speed and rate of each activity of
the user, thus, it can result in a faster number of activities.
TASK-3
3.1 The implementation of network infrastructure
DNS addressing – In order to address system for any company the first setup to
configure a DNS server. Via the server manager the DNS server can be installed .And it is the
most easy way to install it(Shi, Bai and Yao, 2017) .Any special efforts is not need in the
installation of DNS sever. The services that is been provided by the network is been configured
during the installation. The forward and reverse lookup zones us been set up during the
configuration of DNS server. The few options such as active directory integrated, standards
primary etc are there in the zone themselves affects the configuration of forwards and reverse
lookup zone, for the said domain the administrator is need to specify the name servers. There has
been addition of name server and there is a need to configure the additiu0onal settings. The Host
A and PTIR records etc are included in the additional settings. In order to map host name to IP
address the responsibility is been given to host A .In the forward lookup zones it makes it simple
to find out external servers. In the reverse lookups zones the pointer records can create the proper
entries .
20

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

After setting up the DNS severs , the DHCP sever need to be configured by the
administrator. It is one of the sources from which the clients on the network can be addressed.
Addressing – DHCP
Via the server manager another sever roles that is installed. The DNS service need to be
operational in order to configure DHCP. For name solutions the DNS IP address make use of
DHCP clients.
The naming the scope, specifying the first available address for clients, specifying the last
available address for clients , specifying subnet and the default gateway address are specified.
Right management
To the user accounts the right management involves assigning of permissions and
polices. The permission and polices are also assigned part of the domain. To file services and
shared resources the permission are applicable. For the printers, storage and folders the
permission are applicable. Through two set of permission entries the access to these resources
can be defined. On a folder share permission is set. By taking into consideration the share
permission and NTFS permission are determined by the final access permissions. For every
group the full control is applied by the administrator and in order to prohibit restriction it can
depend on NTFS permission.
In one of the ways NTFS permissions for shared folders can be configured
New shared resources
Before it is shared on the network the NTFS permission for the particular folder is
changed .The permissions for NTFS can be applied locally and when the access of resources is
there on the network then it can also be applied.
Existing shared resources
To the existing shared resources these setting can be applied .By accessing permission tab
on the folder or volume the NTFS permission’s can be modified or changed. The shared
permission can grant full grant permission in which the file can be read, write , change and delete
21

. The modify permission is also given in which the file can be read, write and delete the file. In
the read and execute permission which is given fort eh file in the contents of the file can be
viewed and also it can be executed. In the write permission, the permission is granted to write in
a file. However, in a read permission the contents of the file can be viewed.
Also, the group policies can also be implemented by the administrator.The group policies
are also been implemented by the administrator and it also gives easy mode of administration.
The default domain [policy is also contained in it. After, the installation of the AD DS sever
roles this policy is created automated. The policy settings are contained in it that is applicable to
all users and computers. It is a type of group policy object that is connected to the organization
units.
With everything the GPO is linked .To the individual OU ‘s the GPO’s can be linked by
the administrator in order to avoid GPO’s from overlapping. The GPO can be edited in order to
provide details of the polices.
Security management – The VPN services can implemented by the administrator as the preferred
mode of remote access. With DHCP, DNS and certificate services the network need to be
configured in order for the VPN service setup to be functional(Miraglia and Rossini, 2016). In
order to establish VPN sever these all steps need to followed-:
 On the VPN server the IIS need to be installed
 For the VPN service through IIS the certificate need to be requested.
 On the dedicated server the RRAS role need to be installed.
 In order to operate as a VPN server the RRAS role need to be configured.
Before enabling the VPN sever feature and NAT service the administrator need to enable
the RRAS services once the RRAS sever role has been installed. It is important to enable NAT
service has it gives permission for the external clients to gain access to certificate service. This
will also help to establish SSTP VPN connection.
22

Remote desktop – There is also a need to install the remote desktop service. Windows based
programs need to be accessed by the users through remote desktop services’ the same way
similar to server role by server manager the installation of remote desktop service is been
handled. After the role that is been chosen by the administrator later it provides the sub-roles that
is needed by the network and according to it configures it. The remote desktop session host are
included in the RDS. The roles such as remote desktop gateway and remote desktop web access
are also included in it. They remote desktop licensing and remote desktop web access need to be
configured by the most proper for the current environment.
Security audit policies – The security audit policies are also configured by the administrator. In
order to maintain a secure environment a well- defined, timely auditing strategy is important.
The Window’s advanced audit policy setting is been utilized by the administrator in order to
configure the required settings. Within the domain the users, computers and resource etc. are
been covered in the audit strategy. In the audit strategy it is need to classify the type of user
account.
In terms of user accessibility the resources and data need to be specified. The administration user
accounts activities need to be monitored. The activities such as attempts to create, delete,
security groups etc. are being monitored by the account management(Merolla and Brezzo,
2014.).
M3 Implementation of potential security threats in a network
There are a variety of threats that can act as a barrier or challenge while execution of the
network. These can be related to the data security or regarding the viruses or spams that external
bodies make use of for having the internal information of a company. Some very well known and
common threats are discussed as under :
Cyber vandalism- It accounts to the act of damaging the data of someone from the computer that
will disrupts the business of victims .In this the data is been edited to something invasive,
embarrassing or absurd that can disrupt the image of victim. The malevolent programs are been
23

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

created by thieves. To the data of hard kids or login credential it can proved injurious. In the
punishment of vandalism new laws have also been updated (Shi, Bai and Yao, 2017).
Measures to prevent cyber attacks and physical security for the network that is been implemented
will be as follows-:
1. The sensitive data need to be identified by the network and need to educate the staff
about it. In place the security policy need to be put (Oh and et.al., 2011).
2. By using anti-virus/malware software the servers and computers can be secured.
3. Laptops and portables to target need to be encrypted as standards
4. Firewall can be used as it will limit connections between the local network and the
internet.
5. The public Wi-Fi need to be avoided. And regular backups need to be taken.
TASK 4
P 4.1 Review and testing the network implementation
For review and testing the whole implementation of the network, a test plan can help in
analysing and it is being represented as following :
24

S. No Feature of
Network
Infrastructure
Objective Output Analysis
1 DNS- Addressing It helps in
addressing the
network clients,
thus they can be
able to access the
network
resources.
It outputs a
received message
from the list of
messages that is
being sent on the
devices on the
network
(Choudhary and
Sekelsky, 2010).
The
configurations of
DNS are efficient
and accessible as
compared to
various other
devices on the
network.
2 DHPC-
Addressing
It helps in the
verification of the
clients that
received the IP
addresses that
have been already
defined in the
scope of the
DHPC (Fall and
et.al., 2011).
It results in
assigning the IP
addresses for the
client machines
that are present
on the network.
All the scopes of
the DHPC server
are active and
also are capable
of giving the IP
addresses to the
devices (Mandal
and et.al, 2011).
3 User rights
Logon rights
It manages the
verification of the
All the users
having the
The linking of the
configurations
25

users and the
administrative
rights
administrative
rights are able to
have access on
the files and the
folders on the
server.
and policies have
been linked
together (Oh and
et.al., 2011).
4 User rights
Shared resources
It manages the
verification of
accounts of
various users for
the folders and
files that have
been shared.
A few users of the
designated group
are permitted to
do any
modifications and
improvements in
the folders or
files.
The primary
sources here can
be considered as
the NTFS
permissions that
helps in
accelerate the
folder nights.
5 Settings of group
policy- User
rights
This manages the
passwords and
logout operations
for logging in and
out of the system
(Berman and
et.al, 2014).
The password of
each user account
needs to be
changed within
every 7 days.
The configuration
between the
GPOs and OUs
are being done
successfully and
efficiently.
6 Remote Access
Security
It verifies the
successful user
access.
Those remote
users will be able
to login by secure
VPN.
The SSL features
will stay active
and will help the
users in getting
26

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

the required level
of authentication.
7 Audit logs
Security
This manages the
efficient and
appropriate
implementation
of all the policies
and procedures of
the Associates
Ltd. and Khepri
(Choudhary and
Sekelsky, 2010).
These logs helps
in representing
the attempts that
have been
successful and
unsuccessful as
well. Both of
these are meant
for accessing the
resources of the
network.
This logging is
being used for
preserving all the
important
components
within the whole
management of
the network
infrastructure.
P 4.2 Evaluation of the network and user assurance of the network
After completing the analysis, it is the final step to evaluate the whole network and check
whether there are some operations and services left that needs to be modified or improvised. The
evaluation should be done of both the user assurance and the system. The evaluation report can
be described as under :
After the system has been implemented successfully and then, its configuration is being
done, the firewall is being tested and checked by the administrator and not for once but for
various small sessions. The settings of the SSL were also being analysed once again and after
being analysed, these are made to be applied to the VPN server of the network administrator
along with the involvement of the features of the remote access. For ensuring the complete
27

security of the system, various users and members are being invited by the administrator but
while inviting, it is better to keep in mind that the remote access group cannot be called or any
member of it is permitted to have access from any personal device. The configuration system
provided by the VPN to the SSL helps in providing a bi directional way of the transportation
which requires some sort of authentication on the end of the server side. The SSL makes it very
difficult for all the rivals, competitors and attackers to steal any sort of data or information from
the internal systems. Therefore, it guarantees maintaining the confidentiality and security of all
the data and information (Oh and et.al., 2011). A database system of a company must be
compiling the information and data of the employees, staff, operations etc. IT may contain
personal and official data as well, so it helps in maintaining the security features, thus Net
Enterprise Solutions can consider involving all these features for a better, safe and secure
environment.
Along with these measures, the administrator can also test the accessibility of the system,
the policy settings and the ones that are being associated with the inheritance. Inheritance is
considered as the process in which from the main body, various other bodies can be inherited as
well and the the inherited bodies must be compiling the features and properties of the main body
from which all other bodies have been inherited, that is the base class (Berman and et.al, 2014).
Derived classes are those classes that are being inherited from the base class and all the derived
classes consists all features and properties of the base class. Inherited permissions are also
important as they can act applicable for all the folders as well as files. It helps in making the
whole process easy of the management of the tasks and permissions and also helps in giving the
surety of the consistency of the rules and regulations within a specific operation or task.
CONCLUSION
Thus summing up the above report it can be concluded that the communication in
a network can be handled through a DNS .By most of the organization the directory services are
28

being deployed. The Novell’s’ e-directory is used to handle and manage internal and web-based
relations. By large IT corporation infrastructure resource management is been used. The
permission’s, user rights etc are being implemented by the access control. Firewall can be used
in to provide security to the field and the data that is stored in it. The cost is reduced by making
use of wireless access. Both DNS and DHSP need to be configured by administrator during
implementation of network. The network resources can be addressed by the DNS and the service
can be verified by user rights. It can be concluded from the report that designing a network
infrastructure can compile all the essential requirements such as the server that is interconnected
to the systems. Along with it, there is a firewall that helps in protecting the transfer of data from
internal bodies to the external. There are various security requirements as well which needs to be
followed for the implementation of a proper and accurate network infrastructure for Net
Enterprise solutions.
29

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

REFERENCES
Books and Journals
Berman, M. and et.al., 2014. GENI: A federated testbed for innovative network
experiments. Computer Networks. 61. pp.5-23.
Fall K. and et.al., Routebricks: enabling general purpose network infrastructure. ACM SIGOPS
Operating Systems Review. 2011 Feb 18;45(1):112-25.
Fodor, G. and et.al., 2012. Design aspects of network assisted device-to-device
communications. IEEE Communications Magazine. 50(3).
Oh, E. and et.al., 2011. Toward dynamic energy-efficient operation of cellular network
infrastructure. IEEE Communications Magazine. 49(6).
Wählisch, M., Schmidt, T. C. and Vahlenkamp, M., 2013. Backscatter from the data plane–
threats to stability and security in information-centric network infrastructure. Computer
Networks. 57(16). pp.3192-3206.
Agyapong, P.K. and Benjebbour, A., 2014. Design considerations for a 5G network
architecture. IEEE Communications Magazine, 52(11), pp.65-75.
Gupta, A. and Jha, R.K., 2015. A survey of 5G network: Architecture and emerging
technologies. IEEE access, 3, pp.1206-1232.
Kasapaki, E. and Sparsø, J., 2016. Argo: A real-time network-on-chip architecture with an
efficient GALS implementation. IEEE Transactions on Very Large Scale Integration (VLSI)
Systems, 24(2), pp.479-492.
King, D. and Farrel, A., 2015. A PCE-based architecture for application-based network
operations.
Krienen, F.M. and Sherwood, C.C., 2016. Transcriptional profiles of supragranular-enriched
genes associate with corticocortical network architecture in the human brain. Proceedings of
the National Academy of Sciences, 113(4), pp.E469-E478.
30

Merolla, P.A. and Brezzo, B., 2014. A million spiking-neuron integrated circuit with a scalable
communication network and interface. Science, 345(6197), pp.668-673.
Miraglia, F. and Rossini, P.M., 2016. EEG characteristics in “eyes-open” versus “eyes-closed”
conditions: small-world network architecture in healthy aging and age-related brain
degeneration. Clinical Neurophysiology, 127(2), pp.1261-1268.
Shi, B., Bai, X. and Yao, C., 2017. An end-to-end trainable neural network for image-based
sequence recognition and its application to scene text recognition. IEEE transactions on
pattern analysis and machine intelligence, 39(11), pp.2298-2304.
Szegedy, C. and Wojna, Z., 2016. Rethinking the inception architecture for computer vision.
In Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition (pp.
2818-2826).
Zhao, J., Mathieu, M. and LeCun, Y., 2016. Energy-based generative adversarial network. arXiv
preprint arXiv:1609.03126.
Zheng, K. and Lei, L., 2016. Soft-defined heterogeneous vehicular network: Architecture and
challenges. IEEE Network, 30(4), pp.72-80.
Choudhary, A. R. and Sekelsky, A., 2010, November. Securing IPv6 network infrastructure: A
new security model. In Technologies for Homeland Security (HST), 2010 IEEE
International Conference on (pp. 500-506). IEEE.
Efstratiou, C. and et.al., 2010, November. A shared sensor network infrastructure.
In Proceedings of the 8th ACM Conference on Embedded Networked Sensor Systems (pp.
367-368). ACM.
Mandal, U. and et.al., 2011, June. Energy-efficient content distribution over telecom network
infrastructure. In Transparent Optical Networks (ICTON), 2011 13th International
Conference on (pp. 1-4). IEEE.
31

Xu, Q. and et.al., 2011, June. Cellular data network infrastructure characterization and
implication on mobile content placement. In Proceedings of the ACM SIGMETRICS joint
international conference on Measurement and modeling of computer systems (pp. 317-
328). ACM.
Varior, R.R., Haloi, M. and Wang, G., 2016, October. Gated siamese convolutional neural
network architecture for human re-identification. In European Conference on Computer
Vision(pp. 791-808). Springer International Publishing.
Online
Infrastructure Support. 2017. Available on: <http://www.asapcomputer.com/network-
infrastructure.html>.
32