Network Infrastructure Upgrade for TTF
VerifiedAdded on 2023/04/19
|14
|1973
|98
AI Summary
This document provides information about the network infrastructure upgrade for TTF, including the directory structure, server specifications, router specifications, and more. It also offers solutions for assignments and essays related to this topic.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: NETWORK INFRASTRUCTURE UPGRADE FOR TTF
Network infrastructure upgrade for TTF
Name of the Student
Name of the University
Authors note
Network infrastructure upgrade for TTF
Name of the Student
Name of the University
Authors note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1NETWORK INFRASTRUCTURE UPGRADE FOR TTF
Table of Contents
Network design for the Organization and different branches....................................................2
Directory Structure.....................................................................................................................3
Server Specification...................................................................................................................4
Vendor 1.....................................................................................................................4
Vendor 2.....................................................................................................................5
Server Build task list..................................................................................................................6
Server Test plan..........................................................................................................................7
Server maintenance plan............................................................................................................8
Router specifications..................................................................................................................9
Plan for implementation.............................................................................................9
Cable types Required...............................................................................................10
Protocols used..........................................................................................................10
Traffic monitoring process.......................................................................................10
Security policy and plan...........................................................................................................11
User documentation.................................................................................................................12
Ongoing maintenance support..................................................................................................12
Table of Contents
Network design for the Organization and different branches....................................................2
Directory Structure.....................................................................................................................3
Server Specification...................................................................................................................4
Vendor 1.....................................................................................................................4
Vendor 2.....................................................................................................................5
Server Build task list..................................................................................................................6
Server Test plan..........................................................................................................................7
Server maintenance plan............................................................................................................8
Router specifications..................................................................................................................9
Plan for implementation.............................................................................................9
Cable types Required...............................................................................................10
Protocols used..........................................................................................................10
Traffic monitoring process.......................................................................................10
Security policy and plan...........................................................................................................11
User documentation.................................................................................................................12
Ongoing maintenance support..................................................................................................12
2NETWORK INFRASTRUCTURE UPGRADE FOR TTF
Network design for the Organization and different branches
Figure 1: Proposed network infrastructure for TTF
(Source: Created by author using Microsoft Visio)
Network design for the Organization and different branches
Figure 1: Proposed network infrastructure for TTF
(Source: Created by author using Microsoft Visio)
3NETWORK INFRASTRUCTURE UPGRADE FOR TTF
Directory Structure
As the organization operates from multiple locations with numerous users, computers
and other objects using the Windows servers therefore the optimized and secured active
Directory structure will be helpful in providing flexibility as well as control over the
complete environments. For this case the directory the structure will be developed
depending on the Sites (different branches), organizational unit (OU), group structure
tailored to fit the business needs of the organization.
Following is the directory structure for the TTF according to their locations,
organizational units and groups.
For the groups; Group Policy Objects are used in the Active Directory structure. In
this way it is possible to set rules about the different user environment. In this architecture
they are treated as detached objects as they can be linked to different Organizational Units.
With this architecture, it provides the flexibility of creating different set of rules and their
application to different Organizational units.
Following is the proposed architecture;
Directory Structure
As the organization operates from multiple locations with numerous users, computers
and other objects using the Windows servers therefore the optimized and secured active
Directory structure will be helpful in providing flexibility as well as control over the
complete environments. For this case the directory the structure will be developed
depending on the Sites (different branches), organizational unit (OU), group structure
tailored to fit the business needs of the organization.
Following is the directory structure for the TTF according to their locations,
organizational units and groups.
For the groups; Group Policy Objects are used in the Active Directory structure. In
this way it is possible to set rules about the different user environment. In this architecture
they are treated as detached objects as they can be linked to different Organizational Units.
With this architecture, it provides the flexibility of creating different set of rules and their
application to different Organizational units.
Following is the proposed architecture;
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4NETWORK INFRASTRUCTURE UPGRADE FOR TTF
Figure 2: Directory structure for the TTF
(Source: Created by author using Visio)
Server Specification
Vendor 1
Cisco UCS C220 M4 Rack Server
Hot swappable SATA and SSD driver availability: NVMe PCIe SSDs
SATA SSDs
Figure 2: Directory structure for the TTF
(Source: Created by author using Visio)
Server Specification
Vendor 1
Cisco UCS C220 M4 Rack Server
Hot swappable SATA and SSD driver availability: NVMe PCIe SSDs
SATA SSDs
5NETWORK INFRASTRUCTURE UPGRADE FOR TTF
10,000-rpm SAS drives
15,000-rpm SAS drives
7200-rpm SATA drives with high capacity
Virtualization specification: With the help of the Cisco Data Center VM-FEX and
Adapter-FEX technologies, I/O virtualization, and Intel Xeon processor E5-2600 v3 product
family features, extending the network directly to virtual machines.
The server is capable of scalable and consistent operational model.
Improved efficiency and security while maintaining the reduced complexity for
maintenance.
Vendor 2
Dell PowerEdge R740 Rack Server
Processor specification
2nd Generation Intel® Xeon® Scalable processors, (That may go up to 28 cores every
processor)
Operating Systems supported
Canonical® Ubuntu® LTS
Citrix® XenServer®
Microsoft Windows Server® with Hyper-V
SUSE® Linux Enterprise Server
VMware® ESXi
Red Hat® Enterprise Linux
10,000-rpm SAS drives
15,000-rpm SAS drives
7200-rpm SATA drives with high capacity
Virtualization specification: With the help of the Cisco Data Center VM-FEX and
Adapter-FEX technologies, I/O virtualization, and Intel Xeon processor E5-2600 v3 product
family features, extending the network directly to virtual machines.
The server is capable of scalable and consistent operational model.
Improved efficiency and security while maintaining the reduced complexity for
maintenance.
Vendor 2
Dell PowerEdge R740 Rack Server
Processor specification
2nd Generation Intel® Xeon® Scalable processors, (That may go up to 28 cores every
processor)
Operating Systems supported
Canonical® Ubuntu® LTS
Citrix® XenServer®
Microsoft Windows Server® with Hyper-V
SUSE® Linux Enterprise Server
VMware® ESXi
Red Hat® Enterprise Linux
6NETWORK INFRASTRUCTURE UPGRADE FOR TTF
Data Protection schemes available
Secure Boot
System Lockdown
Secure erase
Port Specification
Network card options available:
4 x 1GE
2 x 10GE + 2 x 1GE
4 x 10GE or 2 x 25GE
Ports in the front
Video, 2 x USB 2.0, available USB 3.0.
Direct Micro-USB Rear ports:
Video, serial, 2 x USB 3.0, dedicated iDRAC network port
PCIe:
Up to 8 x Gen3 slots, Up to 4 x16
Server Build task list
As the server will be used for internet connectivity and virtualization thus it is
important to Install httpd and mod_ssl packages.
It is important to the remove the gcc compiler in order to secure the servers.
Create local user accounts for administrators and the normal users.
Data Protection schemes available
Secure Boot
System Lockdown
Secure erase
Port Specification
Network card options available:
4 x 1GE
2 x 10GE + 2 x 1GE
4 x 10GE or 2 x 25GE
Ports in the front
Video, 2 x USB 2.0, available USB 3.0.
Direct Micro-USB Rear ports:
Video, serial, 2 x USB 3.0, dedicated iDRAC network port
PCIe:
Up to 8 x Gen3 slots, Up to 4 x16
Server Build task list
As the server will be used for internet connectivity and virtualization thus it is
important to Install httpd and mod_ssl packages.
It is important to the remove the gcc compiler in order to secure the servers.
Create local user accounts for administrators and the normal users.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
7NETWORK INFRASTRUCTURE UPGRADE FOR TTF
It has to make sure that the servers are sending all logs to 2 central syslog servers.
Furthermore the following checklist must be managed for proper management of the servers.
Ite
m No.
Description of Task Check/Uncheck
1
For the servers the minimum Disk Configuration
should be done using disk mirroring or the RAID 1.
2
Use at least 2 power supply cables in order to provide
dual power redundancy to the system for backup in case of
any kind of failure.
4
Utilization of the appropriate cable management
mounting kit so that all the cables can be managed neatly.
5
It has to be made sure that Memory Mirroring
option is disabled in BIOS of the server.
6
Labelling of the network cables along with other
fiber cables through the use of scheme defined in OS
configuration also needs to be done.
7
Disable the DRAC depending on the locations
and user scenarios.
Server Test plan
Security test Testing related to the extraneous services
It has to make sure that the servers are sending all logs to 2 central syslog servers.
Furthermore the following checklist must be managed for proper management of the servers.
Ite
m No.
Description of Task Check/Uncheck
1
For the servers the minimum Disk Configuration
should be done using disk mirroring or the RAID 1.
2
Use at least 2 power supply cables in order to provide
dual power redundancy to the system for backup in case of
any kind of failure.
4
Utilization of the appropriate cable management
mounting kit so that all the cables can be managed neatly.
5
It has to be made sure that Memory Mirroring
option is disabled in BIOS of the server.
6
Labelling of the network cables along with other
fiber cables through the use of scheme defined in OS
configuration also needs to be done.
7
Disable the DRAC depending on the locations
and user scenarios.
Server Test plan
Security test Testing related to the extraneous services
8NETWORK INFRASTRUCTURE UPGRADE FOR TTF
Testing of the extraneous ICMP
functionality
Testing of the extraneous enabled network
protocols
firewall evasion checking through the use of
common techniques.
Authentication and Authorization related
testing
Test all services for omitted authentication
or authorization
Testing of the services with the predictable
credentials that can be used for attack.
Testing of the all services for default, test,
guest and obsolete accounts
Server maintenance plan
In order get the best performance from the deployed servers there are tasks that needs
to be done for health checks of the servers that should be carried out daily, weekly, monthly
and bi-monthly basis.
Daily
Updates: Software updates such as Anti-virus and patches must be updated regularly
on daily basis.
Log reviews: The administrators must be review different logs in order to detect the
abusive users, bot intrusions that can lead to the loss of data and resources from the legitimate
users inside the network.
Testing of the extraneous ICMP
functionality
Testing of the extraneous enabled network
protocols
firewall evasion checking through the use of
common techniques.
Authentication and Authorization related
testing
Test all services for omitted authentication
or authorization
Testing of the services with the predictable
credentials that can be used for attack.
Testing of the all services for default, test,
guest and obsolete accounts
Server maintenance plan
In order get the best performance from the deployed servers there are tasks that needs
to be done for health checks of the servers that should be carried out daily, weekly, monthly
and bi-monthly basis.
Daily
Updates: Software updates such as Anti-virus and patches must be updated regularly
on daily basis.
Log reviews: The administrators must be review different logs in order to detect the
abusive users, bot intrusions that can lead to the loss of data and resources from the legitimate
users inside the network.
9NETWORK INFRASTRUCTURE UPGRADE FOR TTF
Weekly maintenance
Backup: Backup of the business data must be done weekly in order to maintain the
continuity in case of any vulnerability exploitation.
Bi-Weekly
Server disk usage audit – The disk usage by different applications and users are
important in order to detect stale user accounts, removal of the old temporary files,
completion of unfinished backups can help in the reduction of unnecessary disk space which
are the ain reasons for storage bottleneck.
Monthly
Database optimization must be done in order to avoid the 3% – 5% fragmentation in a
month.
Application tuning for better performance: As the usage traffic patterns can fluctuate
in different times and thus the access speed is also affected. With the optimized settings
access to the basic applications can be improved from different locations.
Router specifications
For connecting all the sites with each other it is suggested to use the Cisco 7600
series Routers. The Cisco 7600 SIP-200 helps enable high-performance, intelligent WAN
services. Enterprises and service providers can take full advantage of the increased
scalability, performance, and rich features.
Weekly maintenance
Backup: Backup of the business data must be done weekly in order to maintain the
continuity in case of any vulnerability exploitation.
Bi-Weekly
Server disk usage audit – The disk usage by different applications and users are
important in order to detect stale user accounts, removal of the old temporary files,
completion of unfinished backups can help in the reduction of unnecessary disk space which
are the ain reasons for storage bottleneck.
Monthly
Database optimization must be done in order to avoid the 3% – 5% fragmentation in a
month.
Application tuning for better performance: As the usage traffic patterns can fluctuate
in different times and thus the access speed is also affected. With the optimized settings
access to the basic applications can be improved from different locations.
Router specifications
For connecting all the sites with each other it is suggested to use the Cisco 7600
series Routers. The Cisco 7600 SIP-200 helps enable high-performance, intelligent WAN
services. Enterprises and service providers can take full advantage of the increased
scalability, performance, and rich features.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10NETWORK INFRASTRUCTURE UPGRADE FOR TTF
Plan for implementation
In order connect all the branches with the head quarter it is determined to use the
hop-by-hop packet routing systems. In this technique each router in the network freely
chooses the outgoing path for delivery of the path. In addition to that, it is also suggested to
use asymmetric routing in order to ensure that the traffic does not traverse similar path in
both directions of delivery of the data packets.
As according to the requirements some branch site may have multiple WAN
connections, with single or multiple routers in the office. This situation is always prone to
asymmetric routing process in the network. This happens due to the fact that routing protocol
on receiver and sender end selects different paths depending on load or session balancing or
through the use of the optimization technique.
Cable types Required
In order to connect to the different locations it is suggested to use the optical fibre
and in case of connecting the computers to the network it is suggested to use the Ethernet
cables.
Protocols used
For fast and secure connection between the different locations of the organization it is
suggested to use the MPLS Protocol.
Traffic monitoring process
Along with the system security policies it is also suggested to use the internet control
message protocol (ICMP) pings, simple network management protocol queries are also
important to manage data traffic in the network. In addition to that, scanning of the Log files
Plan for implementation
In order connect all the branches with the head quarter it is determined to use the
hop-by-hop packet routing systems. In this technique each router in the network freely
chooses the outgoing path for delivery of the path. In addition to that, it is also suggested to
use asymmetric routing in order to ensure that the traffic does not traverse similar path in
both directions of delivery of the data packets.
As according to the requirements some branch site may have multiple WAN
connections, with single or multiple routers in the office. This situation is always prone to
asymmetric routing process in the network. This happens due to the fact that routing protocol
on receiver and sender end selects different paths depending on load or session balancing or
through the use of the optimization technique.
Cable types Required
In order to connect to the different locations it is suggested to use the optical fibre
and in case of connecting the computers to the network it is suggested to use the Ethernet
cables.
Protocols used
For fast and secure connection between the different locations of the organization it is
suggested to use the MPLS Protocol.
Traffic monitoring process
Along with the system security policies it is also suggested to use the internet control
message protocol (ICMP) pings, simple network management protocol queries are also
important to manage data traffic in the network. In addition to that, scanning of the Log files
11NETWORK INFRASTRUCTURE UPGRADE FOR TTF
such as routers, devices, firewalls, hosts are also important. Furthermore, generation of the
network performance statistics reports can be used to find out any kind of the suspicious
activity.
Security policy and plan
In case of securing the perimeter another important defence mechanism is placing
intrusion protection system. Having properly optimized IPS can help in monitoring and
detecting attackers that have slipped past the first layer of defence mechanism such as
firewall/router. For secure remote access it is suggested to use the VPN Tunnels among the
two locations for communication.
For securing the network of the organization, following are the in depth security
mechanisms that can be added;
Physical controls implementation: With this type of controls that includes security
that prevents physical access to systems, server from unauthorised access.
Technical controls: This controls mechanisms includes the measures which protect
network and other resources through the use of the specialized hardware or software
components like firewall or antivirus program.
In addition to that, following add on security layers can help in protecting the
individual facets of the network:
Access measures: Access to the systems can be protected through the authentication
controls, VPN, biometrics, timed access.
Organizational Data protection: Data protection for securing the organizational data s
include data encrypted data transmission, secure data transmission, hashing as well as
encrypted backups.
such as routers, devices, firewalls, hosts are also important. Furthermore, generation of the
network performance statistics reports can be used to find out any kind of the suspicious
activity.
Security policy and plan
In case of securing the perimeter another important defence mechanism is placing
intrusion protection system. Having properly optimized IPS can help in monitoring and
detecting attackers that have slipped past the first layer of defence mechanism such as
firewall/router. For secure remote access it is suggested to use the VPN Tunnels among the
two locations for communication.
For securing the network of the organization, following are the in depth security
mechanisms that can be added;
Physical controls implementation: With this type of controls that includes security
that prevents physical access to systems, server from unauthorised access.
Technical controls: This controls mechanisms includes the measures which protect
network and other resources through the use of the specialized hardware or software
components like firewall or antivirus program.
In addition to that, following add on security layers can help in protecting the
individual facets of the network:
Access measures: Access to the systems can be protected through the authentication
controls, VPN, biometrics, timed access.
Organizational Data protection: Data protection for securing the organizational data s
include data encrypted data transmission, secure data transmission, hashing as well as
encrypted backups.
12NETWORK INFRASTRUCTURE UPGRADE FOR TTF
User documentation
After the deployment of the servers and services on those servers the users from the
different branches will be able to retrieve and update different business related data in real-
time without any error or discrepancy.
As the servers will be secured through the multiple level access rights thus any
unauthorized access to the different user directories may be logged in order to detect any
suspicious access and activity.
Ongoing maintenance support
Administrative control and support: after the deployment the users will be provided as
the protective controls that can consist of policies or procedures as required by the
organization requirement. In addition to that it can also help the organization and employees
such as instructing users to tag sensitive information as “confidential” to secure it.
User documentation
After the deployment of the servers and services on those servers the users from the
different branches will be able to retrieve and update different business related data in real-
time without any error or discrepancy.
As the servers will be secured through the multiple level access rights thus any
unauthorized access to the different user directories may be logged in order to detect any
suspicious access and activity.
Ongoing maintenance support
Administrative control and support: after the deployment the users will be provided as
the protective controls that can consist of policies or procedures as required by the
organization requirement. In addition to that it can also help the organization and employees
such as instructing users to tag sensitive information as “confidential” to secure it.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
13NETWORK INFRASTRUCTURE UPGRADE FOR TTF
Bibliography
Draft, I. I., and Scott Long. "Commands for Changing the Working Directory." (2018).
Lundström, Johan. "Leveraging an Active Directory for the Generation of Honeywords."
(2018).
Mohan, Tanuj. "User control of an environmental parameter of a structure." U.S. Patent No.
9,226,371. 29 Dec. 2015.
Moore, Paul. "Method and apparatus for creating compliant zone records in an LDAP
directory without schema extensions." U.S. Patent No. 9,965,496. 8 May 2018.
Serlet, Bertrand. "Representing directory structure in content-addressable storage systems."
U.S. Patent No. 9,183,212. 10 Nov. 2015.
Bibliography
Draft, I. I., and Scott Long. "Commands for Changing the Working Directory." (2018).
Lundström, Johan. "Leveraging an Active Directory for the Generation of Honeywords."
(2018).
Mohan, Tanuj. "User control of an environmental parameter of a structure." U.S. Patent No.
9,226,371. 29 Dec. 2015.
Moore, Paul. "Method and apparatus for creating compliant zone records in an LDAP
directory without schema extensions." U.S. Patent No. 9,965,496. 8 May 2018.
Serlet, Bertrand. "Representing directory structure in content-addressable storage systems."
U.S. Patent No. 9,183,212. 10 Nov. 2015.
1 out of 14
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.