Creative Letting Ltd Network Implementation Report - Windows Server
VerifiedAdded on 2020/05/01
|25
|4326
|173
Report
AI Summary
This report outlines the network implementation strategy for Creative Letting Ltd, aiming to connect its Paris departments and provide internet access to employees. It details the selection of a suitable network topology and the procurement of necessary networking devices, including Cisco products. The network will be managed using Windows Server 2008, which will host DHCP, DNS, WINS, IIS, and other essential services. The report covers key aspects such as designing and implementing automatic IP addressing mechanisms, including routed and flat networks, dynamic IP addressing, and the functions and benefits of a DHCP server. It also addresses domain naming strategies, including installing DNS services, creating forward and reverse lookup zones, and integrating DHCP and DNS. Furthermore, the report discusses configuring and supporting routing and remote access, including troubleshooting, backup strategies, network health monitoring, and connectivity solutions. Network security is a major focus, with discussions on VPN configuration, security threats, Certificate Authority (CA), and IPsec implementation. The report concludes with an overview of the implemented network, its components, and its security considerations.
Creative Letting Ltd Network Implementation Report
Name
Institution
Date
Name
Institution
Date
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Contents
Chapter 1.....................................................................................................................................................4
Introduction.............................................................................................................................................4
Chapter 2.....................................................................................................................................................4
Implement Name Resolution Services.....................................................................................................4
2.1 Designing and implementing an automatic IP addressing mechanism.....................................4
2.1.0 Routed and Flat Networks..........................................................................................................4
2.1.1 IP Addressing Mechanism...........................................................................................................5
2.1.2 Dynamic IP addressing................................................................................................................5
2.1.3 Functions of a DHCP server.........................................................................................................7
2.1.4 Benefits of using a DHCP server..................................................................................................7
2.1.5 The DHCP DORA Process.............................................................................................................7
2.1.6 Installation of a DHCP server......................................................................................................7
2.1.7 Steps to installing the DHCP Relay agents..................................................................................8
2.2 Designing and implementing a domain naming strategy.................................................................10
2.2.1 Installing the DNS service.........................................................................................................10
2.2.2 Creating a forward lookup zone................................................................................................11
2.2.3 Creating a reverse lookup zone................................................................................................11
2.2.4 NetBIOS Name resolution.........................................................................................................12
2.2.5 Installing WINS..........................................................................................................................13
2.2.6 Adding static WINS records for non-WINS clients.....................................................................13
2.2.7 PUSH and PULL replication configuration.................................................................................13
2.2.8 Integration of DHCP and DNS in a network...............................................................................14
Chapter 3...................................................................................................................................................14
Configuring and Supporting Routing and Remote Access.....................................................................14
3.1 Troubleshooting, backup and fault tolerance strategy..................................................................14
3.1.1 Backup Strategy........................................................................................................................15
3.1.2 Backup strategy for DNS...........................................................................................................15
3.1.4 Backup strategy for DHCP.........................................................................................................15
3.2 Network health and monitoring analysis..........................................................................................15
Ipconfig..............................................................................................................................................16
Tracert...............................................................................................................................................17
Chapter 1.....................................................................................................................................................4
Introduction.............................................................................................................................................4
Chapter 2.....................................................................................................................................................4
Implement Name Resolution Services.....................................................................................................4
2.1 Designing and implementing an automatic IP addressing mechanism.....................................4
2.1.0 Routed and Flat Networks..........................................................................................................4
2.1.1 IP Addressing Mechanism...........................................................................................................5
2.1.2 Dynamic IP addressing................................................................................................................5
2.1.3 Functions of a DHCP server.........................................................................................................7
2.1.4 Benefits of using a DHCP server..................................................................................................7
2.1.5 The DHCP DORA Process.............................................................................................................7
2.1.6 Installation of a DHCP server......................................................................................................7
2.1.7 Steps to installing the DHCP Relay agents..................................................................................8
2.2 Designing and implementing a domain naming strategy.................................................................10
2.2.1 Installing the DNS service.........................................................................................................10
2.2.2 Creating a forward lookup zone................................................................................................11
2.2.3 Creating a reverse lookup zone................................................................................................11
2.2.4 NetBIOS Name resolution.........................................................................................................12
2.2.5 Installing WINS..........................................................................................................................13
2.2.6 Adding static WINS records for non-WINS clients.....................................................................13
2.2.7 PUSH and PULL replication configuration.................................................................................13
2.2.8 Integration of DHCP and DNS in a network...............................................................................14
Chapter 3...................................................................................................................................................14
Configuring and Supporting Routing and Remote Access.....................................................................14
3.1 Troubleshooting, backup and fault tolerance strategy..................................................................14
3.1.1 Backup Strategy........................................................................................................................15
3.1.2 Backup strategy for DNS...........................................................................................................15
3.1.4 Backup strategy for DHCP.........................................................................................................15
3.2 Network health and monitoring analysis..........................................................................................15
Ipconfig..............................................................................................................................................16
Tracert...............................................................................................................................................17
3
Telnet.................................................................................................................................................18
3.3 Connectivity Solutions.....................................................................................................................19
Chapter 4...................................................................................................................................................20
Configuring Network Security...............................................................................................................20
4.1 Networking design and implementation report for Remote Access.............................................20
4.1.0 Benefits of VPNS.......................................................................................................................20
4.1.1 RRAS configuration...................................................................................................................20
4.1.2 Configuring inbound and outbound VPN connections..............................................................21
4.1.2 Role of the RADIUS server........................................................................................................21
4.2 Security threats faced by modern computer networks...............................................................22
4.3 Certificate Authority (CA) and IPsec...........................................................................................22
4.3.1 Role of CA.................................................................................................................................22
4.3.2 Importance of digital certificates..............................................................................................23
4.3.3 IPsec..........................................................................................................................................23
Chapter 5...................................................................................................................................................24
Conclusion.............................................................................................................................................24
Bibliography...............................................................................................................................................25
Telnet.................................................................................................................................................18
3.3 Connectivity Solutions.....................................................................................................................19
Chapter 4...................................................................................................................................................20
Configuring Network Security...............................................................................................................20
4.1 Networking design and implementation report for Remote Access.............................................20
4.1.0 Benefits of VPNS.......................................................................................................................20
4.1.1 RRAS configuration...................................................................................................................20
4.1.2 Configuring inbound and outbound VPN connections..............................................................21
4.1.2 Role of the RADIUS server........................................................................................................21
4.2 Security threats faced by modern computer networks...............................................................22
4.3 Certificate Authority (CA) and IPsec...........................................................................................22
4.3.1 Role of CA.................................................................................................................................22
4.3.2 Importance of digital certificates..............................................................................................23
4.3.3 IPsec..........................................................................................................................................23
Chapter 5...................................................................................................................................................24
Conclusion.............................................................................................................................................24
Bibliography...............................................................................................................................................25
Chapter 1
Introduction
Creative Letting Ltd. needs to implement a network which will connect all of its
departments in Paris and also provide internet connection to its employees. In order to
successfully achieve this, an appropriate network topology will be formulated and all required
networking devices must be procured i.e. from Cisco. The network will be managed on
Windows server 2008 which will host the DHCP server, DNS WINS, IIS and many other
services required in the network. The company must ensure implementation of networking
technologies that aim at keeping secure the network and the integrity of its data (Mori, 2016).
Chapter 2
Implement Name Resolution Services.
2.1 Designing and implementing an automatic IP addressing mechanism
2.1.0 Routed and Flat Networks
A routed network is a type of network that is mostly implemented when a bridged
network is not available because of hosting provider restrictions (Jia, 2015).
A flat network is a network where all stations are able to reach each other without
having to go via intermediary hardware devices such as a router. A flat network is one network
segment.
Differences: A flat network would allow any traffic to any workstation or server while
a routed network would not always allow traffic to any workstation or server.
Introduction
Creative Letting Ltd. needs to implement a network which will connect all of its
departments in Paris and also provide internet connection to its employees. In order to
successfully achieve this, an appropriate network topology will be formulated and all required
networking devices must be procured i.e. from Cisco. The network will be managed on
Windows server 2008 which will host the DHCP server, DNS WINS, IIS and many other
services required in the network. The company must ensure implementation of networking
technologies that aim at keeping secure the network and the integrity of its data (Mori, 2016).
Chapter 2
Implement Name Resolution Services.
2.1 Designing and implementing an automatic IP addressing mechanism
2.1.0 Routed and Flat Networks
A routed network is a type of network that is mostly implemented when a bridged
network is not available because of hosting provider restrictions (Jia, 2015).
A flat network is a network where all stations are able to reach each other without
having to go via intermediary hardware devices such as a router. A flat network is one network
segment.
Differences: A flat network would allow any traffic to any workstation or server while
a routed network would not always allow traffic to any workstation or server.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
5
A routed network is good because one will have better control of what users see and it
is easier to keep a good structure of the network especially when it is spread over 10 buildings.
2.1.1 IP Addressing Mechanism
A static IP addressing is a mechanism where hosts are given permanent IP address
which does not change even after the computer reboots.
A dynamic IP address is an IP address that is dynamically assigned to a computer and
every time the computer reboots, it is assigned a different IP address using the DHCP protocol.
The dynamic IP addressing mechanism is mostly recommended since it gives more
privacy and is cheaper and easier to set it up than static IP addressing.
2.1.2 Dynamic IP addressing
This is a class C network
IP address: 192.168.1.143
Subnet Mask: 255.255.255.0
Binary= 11111111.11111111.11111111.00000000
Number of subnet = 2^8 =256
Block size = 256-255 =1
Number of hosts per subnet = 2^8 =256-2=254
Therefore Subnet Address = 192.168.1.0
Broadcast Address: 192.168.1.255
Number of hosts in this network = 254
Address range = 192.168.1.1 to 192.168.1.254
A routed network is good because one will have better control of what users see and it
is easier to keep a good structure of the network especially when it is spread over 10 buildings.
2.1.1 IP Addressing Mechanism
A static IP addressing is a mechanism where hosts are given permanent IP address
which does not change even after the computer reboots.
A dynamic IP address is an IP address that is dynamically assigned to a computer and
every time the computer reboots, it is assigned a different IP address using the DHCP protocol.
The dynamic IP addressing mechanism is mostly recommended since it gives more
privacy and is cheaper and easier to set it up than static IP addressing.
2.1.2 Dynamic IP addressing
This is a class C network
IP address: 192.168.1.143
Subnet Mask: 255.255.255.0
Binary= 11111111.11111111.11111111.00000000
Number of subnet = 2^8 =256
Block size = 256-255 =1
Number of hosts per subnet = 2^8 =256-2=254
Therefore Subnet Address = 192.168.1.0
Broadcast Address: 192.168.1.255
Number of hosts in this network = 254
Address range = 192.168.1.1 to 192.168.1.254
Subnet Name Host IP
Address
Broadcast
Address
Number of
hosts
Block Size Subnet mask Network ID
Department 1 192.168.1.1 to
192.168.1.254
192.168.1.255 254 1 255.255.255.0 192.168.1.143
The configuration below illustrates a Dynamic Ip addressing infrastructure where the
Router is configured to automatically assign IP addresses to all the other nodes.
Image Source: http://www.highteck.net
Address
Broadcast
Address
Number of
hosts
Block Size Subnet mask Network ID
Department 1 192.168.1.1 to
192.168.1.254
192.168.1.255 254 1 255.255.255.0 192.168.1.143
The configuration below illustrates a Dynamic Ip addressing infrastructure where the
Router is configured to automatically assign IP addresses to all the other nodes.
Image Source: http://www.highteck.net
7
2.1.3 Functions of a DHCP server.
Used to assign IP, DNS, and Gateway address to computers in a network dynamically.
DHCP stands for Dynamic Host Configuration Protocol.
2.1.4 Benefits of using a DHCP server.
Offers easier management of IP addresses.
Offers a centralized network client configuration.
Responds to requests from BOOTP clients.
Allows for network booting.
Supports very large networks by utilizing multithreading process of accepting client
requests simultaneously.
You can have multiple DHCP servers on the network while utilizing the DORA
principle.
2.1.5 The DHCP DORA Process
Discovery – the client broadcasts a message on the local network that it is connected to
in order to discover available DHCP servers.
Offer – An appropriately configured DHCP server gets requests from a client and then
it offers an address to it from a pool of available addresses.
Acknowledgement – The request is acknowledged by the server, and it informs the
client on the lease validity of the address and other information that is needed by the client.
2.1.6 Installation of a DHCP server.
A DHCP server can be set up on Windows Server 2008 and later. The server should be
correctly configured with a static IP address and you must know the network’s IP address
2.1.3 Functions of a DHCP server.
Used to assign IP, DNS, and Gateway address to computers in a network dynamically.
DHCP stands for Dynamic Host Configuration Protocol.
2.1.4 Benefits of using a DHCP server.
Offers easier management of IP addresses.
Offers a centralized network client configuration.
Responds to requests from BOOTP clients.
Allows for network booting.
Supports very large networks by utilizing multithreading process of accepting client
requests simultaneously.
You can have multiple DHCP servers on the network while utilizing the DORA
principle.
2.1.5 The DHCP DORA Process
Discovery – the client broadcasts a message on the local network that it is connected to
in order to discover available DHCP servers.
Offer – An appropriately configured DHCP server gets requests from a client and then
it offers an address to it from a pool of available addresses.
Acknowledgement – The request is acknowledged by the server, and it informs the
client on the lease validity of the address and other information that is needed by the client.
2.1.6 Installation of a DHCP server.
A DHCP server can be set up on Windows Server 2008 and later. The server should be
correctly configured with a static IP address and you must know the network’s IP address
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
range. The grouping of computers on a subnet which uses the DHCP service is called a scope.
At the beginning, a scope is created for each physical subnet.
You must at least be a member of the DHCP administrators group in order to create a
scope. Here are the steps we would use to create a DHCP server for Creative Letting Ltd:
Go to DHCP Microsoft Management snap in.
Click on the DHCP server with which you want to configure.
Right click on IPv4 or IPv6 and select New Scope Next, follow the steps you are given in the new scope window.
source: techgenix.com
DHCP Relay agents will be installed on the network. This will be done so that different
networks can be linked together without having to install yet a different DHCP server (Volz,
2017).
2.1.7 Steps to installing the DHCP Relay agents
On the server manager, click on ‘Add roles” and choose ‘Network Policy and Access
services’
At the beginning, a scope is created for each physical subnet.
You must at least be a member of the DHCP administrators group in order to create a
scope. Here are the steps we would use to create a DHCP server for Creative Letting Ltd:
Go to DHCP Microsoft Management snap in.
Click on the DHCP server with which you want to configure.
Right click on IPv4 or IPv6 and select New Scope Next, follow the steps you are given in the new scope window.
source: techgenix.com
DHCP Relay agents will be installed on the network. This will be done so that different
networks can be linked together without having to install yet a different DHCP server (Volz,
2017).
2.1.7 Steps to installing the DHCP Relay agents
On the server manager, click on ‘Add roles” and choose ‘Network Policy and Access
services’
9
Choose Routing and remote access services and press next. Confirm Installation by
accepting the terms.
Go to start menu, admin tools and chose Routing and Remote Access. Go to the server
and right click on it and then choose the option to configure and enable routing remote access.
Yes, it will be important to have reserved IP addresses within our network range. These
reserved IP addresses will not be routed through the internet, they will be meant for devices
positioned behind the router or a proxy server. A pop up window will appear and you will tick
on LAN routing (if it is not ticked by default) and finish. At this step, Routing and remote
access service is active and we now need to install the DHCP Relay Agent Protocol. Go again
to admin tools, choose Routing ad remote access and expand the server name you want to
configure. On IPv4, expand again and right click on the general option and choose New
Routing Protocol. A pop up window is shown where you will select DHCP relay agent and
proceed. Now the DHCP relay agent will be added to the IPv4 option tree. Right click on it and
go to New Interface. On the new window, choose ‘internal’ and ok. Another window will pop p
where we give the number of relay agents the packets will go through from the PC and go to
‘ok’. Finally, a window for setting the destination address for DHCP pops up. Input the
destination address and click ‘ok’ (Volz, 2017).
Choose Routing and remote access services and press next. Confirm Installation by
accepting the terms.
Go to start menu, admin tools and chose Routing and Remote Access. Go to the server
and right click on it and then choose the option to configure and enable routing remote access.
Yes, it will be important to have reserved IP addresses within our network range. These
reserved IP addresses will not be routed through the internet, they will be meant for devices
positioned behind the router or a proxy server. A pop up window will appear and you will tick
on LAN routing (if it is not ticked by default) and finish. At this step, Routing and remote
access service is active and we now need to install the DHCP Relay Agent Protocol. Go again
to admin tools, choose Routing ad remote access and expand the server name you want to
configure. On IPv4, expand again and right click on the general option and choose New
Routing Protocol. A pop up window is shown where you will select DHCP relay agent and
proceed. Now the DHCP relay agent will be added to the IPv4 option tree. Right click on it and
go to New Interface. On the new window, choose ‘internal’ and ok. Another window will pop p
where we give the number of relay agents the packets will go through from the PC and go to
‘ok’. Finally, a window for setting the destination address for DHCP pops up. Input the
destination address and click ‘ok’ (Volz, 2017).
Source: computerperformance.co.uk
2.2 Designing and implementing a domain naming strategy
Domain Name System (DNS) is a naming system for computers and other resources on
the public internet or on a private network.
The forward lookup zone was created to support the mail function of the Domain Name
System. It aids in the resolution of host names to IP addresses. Reverse lookup zones, on the
other hand, is quite the opposite of forward lookup: they give back the fully qualified domain
name of a host depending on its IP address.
2.2.1 Installing the DNS service
On the server manager, choose ‘add roles’ and click on ‘DNS server’. To continue click
‘next’ then start the installation by choosing ‘install’. The installation process will take a few
seconds as the roles services and features are being added. Installation results are shown after
which you click on close.
2.2 Designing and implementing a domain naming strategy
Domain Name System (DNS) is a naming system for computers and other resources on
the public internet or on a private network.
The forward lookup zone was created to support the mail function of the Domain Name
System. It aids in the resolution of host names to IP addresses. Reverse lookup zones, on the
other hand, is quite the opposite of forward lookup: they give back the fully qualified domain
name of a host depending on its IP address.
2.2.1 Installing the DNS service
On the server manager, choose ‘add roles’ and click on ‘DNS server’. To continue click
‘next’ then start the installation by choosing ‘install’. The installation process will take a few
seconds as the roles services and features are being added. Installation results are shown after
which you click on close.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
11
Source: http://www.support.appliedi.net
2.2.2 Creating a forward lookup zone
This instruct able applies to Windows Server 2008.
Go to start and then select administrative tools and click on DNS in order to open the
DNS manager.
Then click a DNS server and right click on ‘Forward Lookup Zones’ and afterwards
select New Zone so as to open the new zone wizard. Choose ‘Primary Zone’ then enable ‘store
zone in Ac’ and then ‘next. On the new window, choose ‘to all dns servers in this domain’ and
then ‘next’ to give the name of the zone and go to next. Finally choose ‘allow only secure
dynamic updates’ and click next to finish the installation.
2.2.3 Creating a reverse lookup zone
Open the DNS manager
Double click on the server name to expand it.
Choose reverse lookup zones and then right click on it and click New Zone.
Source: http://www.support.appliedi.net
2.2.2 Creating a forward lookup zone
This instruct able applies to Windows Server 2008.
Go to start and then select administrative tools and click on DNS in order to open the
DNS manager.
Then click a DNS server and right click on ‘Forward Lookup Zones’ and afterwards
select New Zone so as to open the new zone wizard. Choose ‘Primary Zone’ then enable ‘store
zone in Ac’ and then ‘next. On the new window, choose ‘to all dns servers in this domain’ and
then ‘next’ to give the name of the zone and go to next. Finally choose ‘allow only secure
dynamic updates’ and click next to finish the installation.
2.2.3 Creating a reverse lookup zone
Open the DNS manager
Double click on the server name to expand it.
Choose reverse lookup zones and then right click on it and click New Zone.
Use the New Zone wizard to step by step create a primary zone, secondary zone, and a
stub zone just as we did in the forward lookup zone above.
Finally, store the zone in Active Directory and select the dynamic updates you want to
enable.
Source: technet.microsoft.com
2.2.4 NetBIOS Name resolution
NetBIOS is able to broadcast names to all nodes that are listening nodes on the network.
Via the Windows Internet Service (WINS), a NetBIOS name is resolved to an IP address.
NetBIOS uses a User Datagram Protocol. When an operating system is installed, the NetBIOS
name will be assigned by the administrator.
Yes, I would Use NetBIOS name resolution because it uses existing TCP/IP protocols
such that it is able to be routed across the internet and other Wide Area Networks. This will
keep Creative Letting LTD always connected to the internet and can be scalable pretty easy.
Windows Internet Name Service (WINS) is the implementation of NetBIOS by
Microsoft. It is known the world over that just as DNS is to domain names, WINS is to
stub zone just as we did in the forward lookup zone above.
Finally, store the zone in Active Directory and select the dynamic updates you want to
enable.
Source: technet.microsoft.com
2.2.4 NetBIOS Name resolution
NetBIOS is able to broadcast names to all nodes that are listening nodes on the network.
Via the Windows Internet Service (WINS), a NetBIOS name is resolved to an IP address.
NetBIOS uses a User Datagram Protocol. When an operating system is installed, the NetBIOS
name will be assigned by the administrator.
Yes, I would Use NetBIOS name resolution because it uses existing TCP/IP protocols
such that it is able to be routed across the internet and other Wide Area Networks. This will
keep Creative Letting LTD always connected to the internet and can be scalable pretty easy.
Windows Internet Name Service (WINS) is the implementation of NetBIOS by
Microsoft. It is known the world over that just as DNS is to domain names, WINS is to
13
NetBIOS. WINS is implemented in two parts, a server service and a TCP/IP client component
that is tasked with the management of client registrations and name renewal (Hicks, 2016).
WINS must be implemented in this case scenario. We have configured the network
DHCP server to use NetBIOS names. WINS is required in any environment where users access
resources which contain NetBIOS names. WINS is bound to support NetBIOS via TCP/IP.
DNS Zone: A DNS zone is a contiguous part of the domain name space which
administrative responsibility has been tasked to one manager.
I will create three DNS zones, Primary zone, Secondary, and Stub zone. The reason, all
these three zones will work in harmony to ensure a seamless operation of the network. The
primary zone will keep a backup of files while the secondary zone will help copy data from the
primary zone. On the other hand, the stub zone is able to update and manage name server
records of other servers.
2.2.5 Installing WINS
Select ‘features’ on server manager and choose ‘add features’. Then look for WINS
server in the list and tick on it. Click ‘next’ to install. Close after installation is done. A window
for inputting PC name, and IP address pops up. Give the name and IP and then click ‘ok’
2.2.6 Adding static WINS records for non-WINS clients
Go to administrator tools, choose WINS, double click on server name and then right
click on ‘active registration.
2.2.7 PUSH and PULL replication configuration
Go to administrator tools, choose WINS, right click on server name and then click on
‘push or pull replication’. A window to input the IP address of the WINS server pops up. Give
NetBIOS. WINS is implemented in two parts, a server service and a TCP/IP client component
that is tasked with the management of client registrations and name renewal (Hicks, 2016).
WINS must be implemented in this case scenario. We have configured the network
DHCP server to use NetBIOS names. WINS is required in any environment where users access
resources which contain NetBIOS names. WINS is bound to support NetBIOS via TCP/IP.
DNS Zone: A DNS zone is a contiguous part of the domain name space which
administrative responsibility has been tasked to one manager.
I will create three DNS zones, Primary zone, Secondary, and Stub zone. The reason, all
these three zones will work in harmony to ensure a seamless operation of the network. The
primary zone will keep a backup of files while the secondary zone will help copy data from the
primary zone. On the other hand, the stub zone is able to update and manage name server
records of other servers.
2.2.5 Installing WINS
Select ‘features’ on server manager and choose ‘add features’. Then look for WINS
server in the list and tick on it. Click ‘next’ to install. Close after installation is done. A window
for inputting PC name, and IP address pops up. Give the name and IP and then click ‘ok’
2.2.6 Adding static WINS records for non-WINS clients
Go to administrator tools, choose WINS, double click on server name and then right
click on ‘active registration.
2.2.7 PUSH and PULL replication configuration
Go to administrator tools, choose WINS, right click on server name and then click on
‘push or pull replication’. A window to input the IP address of the WINS server pops up. Give
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
the IP and click ‘next’. Moving on, choose the method of replication needed e.g. ‘start for
partner only’ and then click ‘ok’.
2.2.8 Integration of DHCP and DNS in a network
Domain name resolution services are provided by DNS servers and they associate
TCP/IP addresses assigned by DHCP. Such an association will need a change in the address or
the name in the DNS. In such events, the DHCP protocol will not update DNS automatically.
To enable this interaction, the Windows 2008 server and DHCP will have to register with DNS
to allow interaction of the two (Warrick, 2017).
Chapter 3.
Configuring and Supporting Routing and Remote Access
3.1 Troubleshooting, backup and fault tolerance strategy
I would recommend using the Network Monitor to troubleshoot any IP addressing
complications. Network Monitor will allow one to compare their configuration to a working
configuration. Ipconfig/all will be used to display the configuration.
The ping command can also be used to ping the default gateway, any working machine
and the DNS server to check for any connection errors.
I would also recommend that the Windows server 2008 Support tools are installed in
order to perform a series of tests on the server and the entire network and help address issues
effectively.
partner only’ and then click ‘ok’.
2.2.8 Integration of DHCP and DNS in a network
Domain name resolution services are provided by DNS servers and they associate
TCP/IP addresses assigned by DHCP. Such an association will need a change in the address or
the name in the DNS. In such events, the DHCP protocol will not update DNS automatically.
To enable this interaction, the Windows 2008 server and DHCP will have to register with DNS
to allow interaction of the two (Warrick, 2017).
Chapter 3.
Configuring and Supporting Routing and Remote Access
3.1 Troubleshooting, backup and fault tolerance strategy
I would recommend using the Network Monitor to troubleshoot any IP addressing
complications. Network Monitor will allow one to compare their configuration to a working
configuration. Ipconfig/all will be used to display the configuration.
The ping command can also be used to ping the default gateway, any working machine
and the DNS server to check for any connection errors.
I would also recommend that the Windows server 2008 Support tools are installed in
order to perform a series of tests on the server and the entire network and help address issues
effectively.
15
3.1.1 Backup Strategy
Keeping the integrity of the system state information is very critical for our network.
Thus backing up the state of the system regularly is a valuable undertaking for our overall
backup strategy.
3.1.2 Backup strategy for DNS
Most enterprises having Active Directory use AD Integrated zones thus there is a need
for backing up DNS zone information differently; Normal domain controller backups do that as
everything is stored in the Active Directory.
3.1.3 Backup strategy for WINS
The WINS server will be configured to perform automatic backups of the WINS
database. This is done by going to the WINS server and on the general tab, select “Backup
database during shutdown”.
3.1.4 Backup strategy for DHCP
By default, the DHCP database is backed up to %SystemRoot%\System32\Dhcp\
Backup after every hour. So we need just to back up the DHCP server information just in case
the server bites the dust.
3.2 Network health and monitoring analysis
Several network monitoring tools are used to capture and analyze the data flow of
networks. It is very important for enterprises to utilize these tools for monitoring network
traffic and track all data in the network. This will help enterprises detect any unusual activity
that may be a lead to cybercrime. This in the end helps in combating criminal activities within
3.1.1 Backup Strategy
Keeping the integrity of the system state information is very critical for our network.
Thus backing up the state of the system regularly is a valuable undertaking for our overall
backup strategy.
3.1.2 Backup strategy for DNS
Most enterprises having Active Directory use AD Integrated zones thus there is a need
for backing up DNS zone information differently; Normal domain controller backups do that as
everything is stored in the Active Directory.
3.1.3 Backup strategy for WINS
The WINS server will be configured to perform automatic backups of the WINS
database. This is done by going to the WINS server and on the general tab, select “Backup
database during shutdown”.
3.1.4 Backup strategy for DHCP
By default, the DHCP database is backed up to %SystemRoot%\System32\Dhcp\
Backup after every hour. So we need just to back up the DHCP server information just in case
the server bites the dust.
3.2 Network health and monitoring analysis
Several network monitoring tools are used to capture and analyze the data flow of
networks. It is very important for enterprises to utilize these tools for monitoring network
traffic and track all data in the network. This will help enterprises detect any unusual activity
that may be a lead to cybercrime. This in the end helps in combating criminal activities within
the network. Some of these network monitoring tools include Wireshark, telnet, tracert and
Ipconfig.
Ipconfig is an IP Configuration utility that displays all the current Transmission
Control Protocol/Internet Protocol network configuration values. It is also used to refresh
DHCP and DNS settings.
Ipconfig.
Ipconfig is an IP Configuration utility that displays all the current Transmission
Control Protocol/Internet Protocol network configuration values. It is also used to refresh
DHCP and DNS settings.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
17
Tracert or TCP/IP Traceroute, on the other hand, is utilized to determine the path to
an internet address. It also gives the time needed to get to every hop. It plays an important role
in troubleshooting connectivity problems on selected network segments.
Tracert or TCP/IP Traceroute, on the other hand, is utilized to determine the path to
an internet address. It also gives the time needed to get to every hop. It plays an important role
in troubleshooting connectivity problems on selected network segments.
Telnet commands allow administrators communicate with remote computers that use
the TELNET protocol. This will involve the use of commands such as tlntadmn. Tlntadmn
allows one to see local server settings and manage a remote computer running a Telnet client
(Seong, 2016).
the TELNET protocol. This will involve the use of commands such as tlntadmn. Tlntadmn
allows one to see local server settings and manage a remote computer running a Telnet client
(Seong, 2016).
19
3.3 Connectivity Solutions
Running different operating systems within the same network can be hazardous atimes.
It may bring about issues of compatibility, software support and cost. I can be cost effective
having more than one operating system, in the long run, it can be expensive to develop a
network system based on multiple operating systems. Network drivers may not be available for
other operating systems especially new one since they are still running beta versions. Further,
the complexities of configuring support software can make it hard for administrators to
integrate multiple operating systems.
In order to overcome the problems of multiple operating systems, we shall recommend
that the firm sets up a one operating system network. This will need to be done by highly
experienced network administrators. Other solutions include making configurations on the
server to allow for different operating system clients to connect to the server. This will involve
3.3 Connectivity Solutions
Running different operating systems within the same network can be hazardous atimes.
It may bring about issues of compatibility, software support and cost. I can be cost effective
having more than one operating system, in the long run, it can be expensive to develop a
network system based on multiple operating systems. Network drivers may not be available for
other operating systems especially new one since they are still running beta versions. Further,
the complexities of configuring support software can make it hard for administrators to
integrate multiple operating systems.
In order to overcome the problems of multiple operating systems, we shall recommend
that the firm sets up a one operating system network. This will need to be done by highly
experienced network administrators. Other solutions include making configurations on the
server to allow for different operating system clients to connect to the server. This will involve
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
installing several services on the server. One more solution is to enable client interoperability
via the redirector. Basically, redirectors assist clients to successfully communicate with other
network nodes that contain distinct and unique operating systems
Chapter 4
Configuring Network Security
4.1 Networking design and implementation report for Remote Access
RRAS is Routing and Remote Access Service that is tasked with managing the flow of
data between segments or subnets. It also allows for remote connections to the server. This
applies where Creative Letting LTD is able to connect all workers to its network.
I would use RRAS for Creative Letting LTD because the company has several mobile
workers who will need remote access to the organization’s network.
4.1.0 Benefits of VPNS
Having a VPN network at Creative Letting LTD will allow for easy network scalability
in the future and also save costs.
VPNs also allow for remote network configurations
Ensures a better security for the network
VPNs can be deployed on Wide Area Local Area Networks
4.1.1 RRAS configuration
So as allow remote clients connect, the VPN and NAT are set up from the web.
On administrator tools, go to routing and remote access, right click on the server name,
then choose configure and enable RRAS and click on ‘next’. Tick on the VPN and NAT button
via the redirector. Basically, redirectors assist clients to successfully communicate with other
network nodes that contain distinct and unique operating systems
Chapter 4
Configuring Network Security
4.1 Networking design and implementation report for Remote Access
RRAS is Routing and Remote Access Service that is tasked with managing the flow of
data between segments or subnets. It also allows for remote connections to the server. This
applies where Creative Letting LTD is able to connect all workers to its network.
I would use RRAS for Creative Letting LTD because the company has several mobile
workers who will need remote access to the organization’s network.
4.1.0 Benefits of VPNS
Having a VPN network at Creative Letting LTD will allow for easy network scalability
in the future and also save costs.
VPNs also allow for remote network configurations
Ensures a better security for the network
VPNs can be deployed on Wide Area Local Area Networks
4.1.1 RRAS configuration
So as allow remote clients connect, the VPN and NAT are set up from the web.
On administrator tools, go to routing and remote access, right click on the server name,
then choose configure and enable RRAS and click on ‘next’. Tick on the VPN and NAT button
21
and go ‘next’. Finally click finish to complete. Clients can connect remotely via the internet
now.
Figure below demonstrates how IPsec VPN is configured.
4.1.2 Configuring inbound and outbound VPN connections
Open administrator tools on the start menu and choose ‘Routing and remote access’.
Double click on IPv4 to expand it and choose ‘General’ thereafter, choose ‘Local Area
Connection’ right click on it and choose properties. Select ‘inbound filters’ and then click ‘ok’.
Once the inbound window opens, give the Ip address and the subnet mask so as to add IP
filters. Click ok and ‘apply’ to commit the VPN changes and ‘ok’ again to finish the procedure.
In order to configure n outbound vpn connection, one will follow the same steps except that
they will use a specified IP address.
4.1.2 Role of the RADIUS server.
Performs authentication, authorization, and accounting.
Negotiates access to digital subscriber line (DSL)
Negotiates to ensure support for wholesaling and corporate clients
and go ‘next’. Finally click finish to complete. Clients can connect remotely via the internet
now.
Figure below demonstrates how IPsec VPN is configured.
4.1.2 Configuring inbound and outbound VPN connections
Open administrator tools on the start menu and choose ‘Routing and remote access’.
Double click on IPv4 to expand it and choose ‘General’ thereafter, choose ‘Local Area
Connection’ right click on it and choose properties. Select ‘inbound filters’ and then click ‘ok’.
Once the inbound window opens, give the Ip address and the subnet mask so as to add IP
filters. Click ok and ‘apply’ to commit the VPN changes and ‘ok’ again to finish the procedure.
In order to configure n outbound vpn connection, one will follow the same steps except that
they will use a specified IP address.
4.1.2 Role of the RADIUS server.
Performs authentication, authorization, and accounting.
Negotiates access to digital subscriber line (DSL)
Negotiates to ensure support for wholesaling and corporate clients
4.2 Security threats faced by modern computer networks
The main security threats to a computer network are Malware, Denial of Service and
Social engineering. Denial of service is an attack in a network by bringing the entire network to
a halt by making loads of traffic that cannot be handled by the network. Filtering of MAC
addresses on the network will greatly help to avoid such attacks. Social engineering on the
other hand is the psychological manipulation of individuals to do what will expose their
confidential information. This threat can be minimized by training employees on the techniques
of social engineering so that they are careful not to fall victims. Malware is another threat
which is a malicious program that can cause harm to a PC user. Malware comprises of worms,
Trojans, and viruses
We can deploy different methods to protect us from these threats. First, we must train
all our employees on the latest methods cyber criminals use to get into networks and cause
havoc. We will also install a secure firewall which will come in handy in protecting the
network against malware and viruses.
4.3 Certificate Authority (CA) and IPsec
4.3.1 Role of CA
Certificate Authority issues and signs Secure Socket Layer digital certificates. CA’s
major role is to guarantee that an individual is granted a factual unique certificate. CA provides
keys and delivers certificates that have a set of attributes and public keys. When there is no
Certificate authority that is trusted, anyone is able to issue their own keys and in so doing, there
will never be good authentication and will bring about chaos.
The main security threats to a computer network are Malware, Denial of Service and
Social engineering. Denial of service is an attack in a network by bringing the entire network to
a halt by making loads of traffic that cannot be handled by the network. Filtering of MAC
addresses on the network will greatly help to avoid such attacks. Social engineering on the
other hand is the psychological manipulation of individuals to do what will expose their
confidential information. This threat can be minimized by training employees on the techniques
of social engineering so that they are careful not to fall victims. Malware is another threat
which is a malicious program that can cause harm to a PC user. Malware comprises of worms,
Trojans, and viruses
We can deploy different methods to protect us from these threats. First, we must train
all our employees on the latest methods cyber criminals use to get into networks and cause
havoc. We will also install a secure firewall which will come in handy in protecting the
network against malware and viruses.
4.3 Certificate Authority (CA) and IPsec
4.3.1 Role of CA
Certificate Authority issues and signs Secure Socket Layer digital certificates. CA’s
major role is to guarantee that an individual is granted a factual unique certificate. CA provides
keys and delivers certificates that have a set of attributes and public keys. When there is no
Certificate authority that is trusted, anyone is able to issue their own keys and in so doing, there
will never be good authentication and will bring about chaos.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
23
4.3.2 Importance of digital certificates
Digital certificates authenticate and ensure trustworthiness of businesses and
organizations. For a large organization like Creative Letting LTD, they must have a digital
certificate management software solution and get rid of utilizing spreadsheets. Maintaining the
organizational infrastructure healthy is very crucial for having the Public Key Infrastructure
stronger. This keeps a good level of assurance that the organization won’t be compromised at
any point in time.
4.3.3 IPsec
IPsec is a framework that has been designed to work with a set of protocols in ensuring
the security of the network. IPsec is important in implementing virtual private networks which
are aimed at encrypting all data before transit. Further, IPsec gives a security service called
Encapsulating Security Payload will provide for the authentication of the sender and encryption
of data too. Due to this, IPsec is an important resource in ensuring the encryption of data within
and without the network.
4.3.2 Importance of digital certificates
Digital certificates authenticate and ensure trustworthiness of businesses and
organizations. For a large organization like Creative Letting LTD, they must have a digital
certificate management software solution and get rid of utilizing spreadsheets. Maintaining the
organizational infrastructure healthy is very crucial for having the Public Key Infrastructure
stronger. This keeps a good level of assurance that the organization won’t be compromised at
any point in time.
4.3.3 IPsec
IPsec is a framework that has been designed to work with a set of protocols in ensuring
the security of the network. IPsec is important in implementing virtual private networks which
are aimed at encrypting all data before transit. Further, IPsec gives a security service called
Encapsulating Security Payload will provide for the authentication of the sender and encryption
of data too. Due to this, IPsec is an important resource in ensuring the encryption of data within
and without the network.
Chapter 5
Conclusion
We have looked at how Creative Letting Ltd. Needs to implement a routed network that
will ensure a smooth run of business processes with little or no interference. We have handled
in detail how the workstations in the network will be assigned IP addresses and how the
network and organizational data will be kept secure by backups in case of an attack. We have
further mentioned network monitoring tools that come in handy for the network administrators
when troubleshooting common network problems, the reasons why Creative Letting Ltd. needs
to deploy a virtual private network to improve its data security and so much more.
Conclusion
We have looked at how Creative Letting Ltd. Needs to implement a routed network that
will ensure a smooth run of business processes with little or no interference. We have handled
in detail how the workstations in the network will be assigned IP addresses and how the
network and organizational data will be kept secure by backups in case of an attack. We have
further mentioned network monitoring tools that come in handy for the network administrators
when troubleshooting common network problems, the reasons why Creative Letting Ltd. needs
to deploy a virtual private network to improve its data security and so much more.
25
Bibliography
Hicks, R.M., 2016. Configure DirectAccess with the Remote Access Setup Wizard. In
Implementing DirectAccess with Windows Server 2016 (pp. 57-82). Apress.
Jia, W.K., 2015, November. Architectural Design of an Optimal Routed Network-based
Mobility Management Function for SDN-based EPC Networks. In Proceedings of the 11th
ACM Symposium on QoS and Security for Wireless and Mobile Networks (pp. 67-74). ACM.
MORI, M., SUEDA, Y. and AIHARA, M., 2016. BS-3-12 Performance Evaluation of
Secure Connection Assistance Architecture for M2M/IoT Devices (BS-3. Advanced
Networking Technologies for Innovative Information Networks). 電電電電電電電電電電電電電電電電電,
2016(2).
Seong, J.K., Seo, H.I. and Kim, E.G., 2016. Design and implementation of TELNET
protocol supporting security functionalities. Journal of the Korea Institute of Information and
Communication Engineering, 20(4), pp.769-776.
Volz, B., & Pal, Y. (2017). Security of Messages Exchanged Between Servers and
Relay Agents (No. RFC 8213).
Warrick, P.S., and Ong, D.T., Guest Tek Interactive Entertainment Ltd., 2017. DNS-
based captive portal with an integrated transparent proxy to protect against user device caching
incorrect IP address. U.S. Patent 9,756,019.
Bibliography
Hicks, R.M., 2016. Configure DirectAccess with the Remote Access Setup Wizard. In
Implementing DirectAccess with Windows Server 2016 (pp. 57-82). Apress.
Jia, W.K., 2015, November. Architectural Design of an Optimal Routed Network-based
Mobility Management Function for SDN-based EPC Networks. In Proceedings of the 11th
ACM Symposium on QoS and Security for Wireless and Mobile Networks (pp. 67-74). ACM.
MORI, M., SUEDA, Y. and AIHARA, M., 2016. BS-3-12 Performance Evaluation of
Secure Connection Assistance Architecture for M2M/IoT Devices (BS-3. Advanced
Networking Technologies for Innovative Information Networks). 電電電電電電電電電電電電電電電電電,
2016(2).
Seong, J.K., Seo, H.I. and Kim, E.G., 2016. Design and implementation of TELNET
protocol supporting security functionalities. Journal of the Korea Institute of Information and
Communication Engineering, 20(4), pp.769-776.
Volz, B., & Pal, Y. (2017). Security of Messages Exchanged Between Servers and
Relay Agents (No. RFC 8213).
Warrick, P.S., and Ong, D.T., Guest Tek Interactive Entertainment Ltd., 2017. DNS-
based captive portal with an integrated transparent proxy to protect against user device caching
incorrect IP address. U.S. Patent 9,756,019.
1 out of 25
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.