Transcript Operating Systems and Services in Company usage

Virtual Company
Group 8
Presentation Date: 26 -27 June 2012
Content
•
•
•
•
•
•
•
•
•
•
•
Introduction
Objective of Virtual Company
Introduction of Network Infrastructure in Virtual Company
Operating System and Services in Company usage
Security in Company
Switch and Router CISCO
Problems and solutions
Completed and Uncompleted Tasks
Experiences of Virtual Company
References of Services in Virtual Company
Questions and Answers
2
Introduction
•
•
•
•
Group number
:8
Supervisor
: HY Leapcheang
Manager
: LONG Chanthorn
Group Member
:
CHHOEUN Sambath
HOEUNG Kunthea
MEN Amara
NHEAN Sophan
NY Sreypech
SIN Sokheng
SORY Sokuntheara
3
Objective of Virtual Company
• Understand the real network infrastructure of company
• Understand the security in the company
• Install and configure services : AD, DNS, DHCP, File
Server, Proxy, Firewall, Mail and Webmail, Web, FTP,
VPN, and DHCP Relay Agent.
• Understand the rules allow or deny in firewall
• Team work
• Understand problem solving
• Improve self-learning
4
Introduction to Network Infrastructure
Virtual Company
5
Operating Systems and Services in
Company usage
• The company use two Operating Systems :
– Microsoft :
• Windows Server 2008 (File Server, AD,DNS and
DHCP)
• Windows 7
– Linux :
• Red Hat 6 (Mail, Web, FTP, Firewall and
Monitoring)
6
Operating Systems and Services in Company
usage
1. Microsoft : Window Server 2008
– The first server: (192.168.8.2/29)
• AD
: group8.lan
• DNS
: group8.lan
• Backup network : use Backup4all Professional 4
setup wizard tool(software from internet)
– Backup data from file server
• DHCP
: g8-ad.group8.lan
– Scope : 172.16.8.0/26
– Range : 172.16.8.1 – 172.16.8.62
– Excluded: 172.16.8.1 – 172.16.8.8
• Some services : Backup, Anti virus, Nsclient….
7
Operating Systems and Services in
Company usage
– The second server: (192.168.8.3/29)
• File server : sharing data and assign permission
– There are 5 folder Common, Finance, HR, IT
and Marketing
– Assign permission for manager and staff
• Disk quotas
: limited space for clients
– Home_user
: 60GB(one user 5GB)
– Data
: 122GB Common(42GB)and
Finance, HR, IT and Marketing(20GB)
– Windows 7
: setup as clients
• IP from DHCP server
8
Operating Systems and Services in
Company usage
2. Linux : There are three machines using Red Hat 6
-
First server: Web server and FTP server(192.168.8.10/26)
•
Web server :
– www.group8.lan : Joomla website (port 443)
– movie.group8.lan : Movie website (port 80)
– flowershop.group8.lan: Flower Shop (port 80)
9
Operating Systems and Services in
Company usage
•
FTP server :
– Use service pure-ftpd (download from
internet)
– There are four groups (department of client)
– There is a directory and has four subdirectories for clients can download and
upload
– Quota: 3GB for each (IT and Finance
Department) and 2GB for each (HR and
Marketing Department)
10
Operating Systems and Services in
Company usage
• Second server: Mail and Webmail (192.168.8.11/26)
‾ Mail server using Zimbra (download from internet)
‾ Webmail name g8mail.group8.lan and using security
port (https or 443)
‾ Authentication with certificate (log fail only 3 time)
‾ There are three groups user IT, HR, Finance and
Marketing department
11
Operating Systems and Services in
Company usage
• Third server: setup as firewall, VPN, Proxy server,
DHCP Relay Agent and Monitoring
‾ IP : 192.186.8.1/29 LAN Server interface
172.16.8.1/26 LAN Client interface
192.168.8.12/29 LAN DMZ interface
• Rule firewall
‾ Allow client request IP from DHCP server, use
DNS, Join Domain, Access file sever, .etc.
‾ Allow LAN Client, LAN Server, LAN DMZ can
access to internet by using proxy
‾ NAT Post Routing and Pre-routing
‾ Allow DNS local can forward to DNS public
‾ Allow VPN, etc.
12
Operating Systems and Services in
Company usage
•
VPN server
– Use packet openvpn-as-1.8.3-RHEL5.x86_64.rpm
(download from internet)
– Open VPN provide IP address to clients network address
range 10.10.10.0/26 (Secure IP address of VPN)
– Allow Open VPN’s users use local DNS and access File
Server (IP address 192.168.8.2) by use port
138,139,443,445,538
and port 943 with protocol TCP and UDP.
13
Operating Systems and Services in
Company usage
•
Proxy server:
(Port 3128)
– Use service Squid
– Sharing internet to client and filter contents
– Proxy configure authentication with all user in AD
– All staff can’t access to website www.youtube.com,
but Manager has full access to any websites
– Delay pool (Limit speed download and upload)
• Client can download only 10KB/s.
• Manager can download only 20KB/s
14
Operating Systems and Services in
Company usage
•
DHCP Relay Agent
– Relay from LAN Client interface to LAN Server
interface in the router (Enable client gets IP address)
• Monitoring
– Configure with Nagios
– Monitor on hosts and services (Up or Down)
15
Company Security
• Network Security
‾ Firewall (IPTABLE)
‾ DMZ : allow external can access webhosting
‾ Proxy - Squid (User Authentication)
‾ Configure SSL Web Application for hosting
‾ VPN (authentication, Provide password for Open
VPN’s users )
‾ Antivirus
16
Company Security
• Data Security
– Permission data share
– Back up local (configuration)
– Backup Network (data ,file share and configuration
…….)
17
Router and Switch (CISCO and HP)
1.
2.
Router:
- Sub interface
- Dynamic NAT
Switch:
- VLAN
- Trunk port
- Native VLAN
18
Problems and Solutions
1. Network Problem:
‾ Configure router CISCO
‾ Network monitoring
2. System Problems:
‾ Can not map home folder to the clients on Windows
2008 64bit standard
‾ Can not install Acronis on Win 2008 64bit standard
‾ Can not install packages on Redhat 6,
‾ Firewall machine getting down, full of Kdump file
‾ Clients VPN can not login to the server
19
Problem and Solution
2. System Solution:
‾
‾
‾
‾
Reinstall Windows Server 2008 32bit
Changing the repository on install the packages from
the CD (Redhat 6)
Reinstall the new Redhat 6 with non GUI
Checking on iptables rules
20
Completed and Uncompleted Tasks
Task Completed:
1. File Server and Quota
‾ Map home folder, and Map drive
‾ Assigned Permission to Each directory
‾ Setting Quota
2. AD, DNS, DHCP
‾ Domain Controller
‾ Create users and Groups
‾ DNS update automatically from DHCP server (DDNS)
‾ Provide IP address from DHCP server to clients
21
Completed and Uncompleted Tasks
3. Web Server
‾ Creating hosting website (3 websites), one with SSL
4. Proxy Server
‾ Sharing Internet
‾ Blocking domain
‾ Limit Upload and Download Bandwidth
‾ User Authentication
5. File Transfer Protocol (FTP)
‾ All staffs can read data in their department
‾ Manager have full control on their department
‾ Only manager can delete the data on their department
22
Completed and Uncompleted Tasks
6. Virtual Private Network
Allow VPN’s clients to access from Outside network
7. Mail
‾ Set up mail and webmail server with SSL (SSL
Encryption and Certificate)
8. Backup
‾ Backup data on each department
‾ Backup Configuration file on Mail, Webmail, Proxy,
Firewall, FTP…
23
Completed and Uncompleted Tasks
Uncompleted Tasks:
1. File Transfer Protocol
‾ Clients Can not access FTP server from Outside
network
2. Web server
‾ Can not hosting webmail to Internet
3. Mail and Webmail Server
‾ Can not hosting webmail to Internet
24
Experiences of Virtual Company
• Non _Technical
- Understand the important of team work
‾ Understand how to adapt myself to work in team
‾ Solidarity in team
‾ To know how to deliver task for members in group
‾ To know about responsibility for our task
‾ To know about tasks organization and task priority
‾ Improve self-learning by using searching skill.
25
Experiences of Virtual Company
• Related _Technical
‾ Get familiar with the installation of services such as
Proxy, File server, DNS, DHCP especially DMZ, mail
hosting, web hosting, webmail hosting, Firewall and
network monitoring, etc.
‾ Understand Network and Data security
‾ Understand how to designed Network Infrastructure
‾ Understand IP sub netting to assign for each computer
(LAN)
26
Referent Service Virtual Company
•
•
•
•
•
•
•
•
•
•
•
http://www.irtaza.com/servers/linux/how-to-setup-ftp-server-on-linux-pureftp/
http://manyrootsofallevilrants.blogspot.com/2012/02/join-rhel-6-server-to-windows2003.html
http://www.softpanorama.org/Commercial_linuxes/Devices/disk_partitioning.shtml
http://www.installationwiki.org/OpenVPN
http://www.generationip.com/documentation/Howto/137-howto-install-zimbracollaboration-suite-6-0
http://www.linuxquestions.org/questions/linux-server-73/directory-quota-601140/
http://souptonuts.sourceforge.net/quota_tutorial.html
http://magazine.redhat.com/2007/04/11/squid-in-5-minutes/
http://www.redhat.com/magazine/022aug06/features/webserver/
http://docs.redhat.com/docs/enUS/JBoss_Enterprise_Web_Server/1.0/html/Installation_Guide/chInstalling_EWS_on_Red_Hat_Enterprise_Linux.html
http://www.cyberciti.biz/tips/howto-rhel-centos-fedora-squid-installationconfiguration.html
27
Question and Answer
Thanks for Your Paying Attention!
28