NSM Notes - Unit 5.pdf
Document Details
Uploaded by AppreciatedAloe
Full Transcript
NETWORK SECURITY & MANAGEMENT UNIT-5 NETWORK PLANNING AND IMPLEMENTATION 5.1 NETWORK NEEDS A computer network is a collection of interconnected computers, servers, and other devices that can communicate with each other, either wir...
NETWORK SECURITY & MANAGEMENT UNIT-5 NETWORK PLANNING AND IMPLEMENTATION 5.1 NETWORK NEEDS A computer network is a collection of interconnected computers, servers, and other devices that can communicate with each other, either wirelessly or through physical connections like cables or fiber optics. These interconnected devices can share resources such as files, printers and internet connections, and they can also facilitate communication through email, messaging, and other means. Computer networks can vary in size and complexity, ranging from small local networks within a home or office to large-scale global networks like the Internet. Networks serve various purposes and fulfill multiple needs for individuals, businesses and organizations. Some of the key needs of a network include: 1) Communication: Networks enable communication between individuals, devices and systems regardless of their physical location. This includes email, instant messaging, voice and video calls and data sharing. 2) Resource Sharing: Networks allow for the sharing of hardware resources such as printers, scanners and storage devices, as well as software resources like applications and databases. 3) Data Transfer and Access: Networks facilitate the transfer of data between devices and provide access to shared data repositories, allowing users to retrieve, store and manipulate information. 4) Collaboration: Networks support collaboration among users by enabling them to work together on projects, share documents and coordinate tasks in real-time, regardless of their geographical location. 5) Remote Access: Networks enable remote access to resources and services, allowing users to connect to their organization's network from external locations securely. 6) Internet Access: Networks provide connectivity to the Internet, allowing users to access a vast array of online resources, services and information. 7) Centralized Management: Networks allow for centralized management of resources, user accounts, security policies and network configurations, streamlining administration and maintenance tasks. 8) Backup and Disaster Recovery: Networks facilitate backup and replication of data to remote locations, ensuring data integrity and enabling disaster recovery in case of hardware failures, natural disasters or cyberattacks. 9) Scalability: Networks can be scaled to accommodate the growth of an organization by adding additional devices, expanding infrastructure capacity, and adapting to changing requirements. 10) Security: Networks provide security mechanisms such as firewalls, encryption, access controls and intrusion detection systems to protect against unauthorized access, data breaches and cyber threats. NETWORK SECURITY & MANAGEMENT 5.2 INSTALL AND CONFIGURE WINDOWS SERVER Windows Server 2012 R2 Hardware Requirements: As with previous Windows versions, your hardware must meet certain requirements for Windows Server 2012 R2 to function properly. First of all, Windows Server 2012 R2 requires a 64-bit processor. Component Minimum Requirement Microsoft Recommended Processor 1.4 GHz 2 GHz or faster Memory 512 MB RAM 2 GB RAM or greater Available Disk Space 32 GB 40 GB or greater Optical Drive DVD-ROM drive DVD-ROM drive Display Super VGA (800x600) monitor XGA (1024x768) monitor In addition, you must have the usual I/O peripherals, including a keyboard and mouse or compatible pointing device and a wired or wireless network interface card (NIC). If you can connect to a network location on which you have copied the contents of the Windows Server 2012 R2 DVD-ROM, you are not required to have a DVD-ROM drive on your computer. Microsoft recommends that you also perform the following actions before installing Windows Server 2012 R2: 1) Disconnect uninterruptible power supply (UPS) devices 2) Back up data 3) Disable antivirus software 4) Provide mass storage drivers if needed 5) Note that Windows Firewall is on by default 6) Prepare your Active Directory environment for Windows Server 2012 R2 Steps to install Windows Server 2012: 1. Insert the Windows Server 2012 R2 DVD-ROM and turn on your computer. You should see a message informing you that Windows is copying temporary files; if not, you should access the BIOS setup program included with your computer and modify the boot sequence so that the computer boots from the DVD. NETWORK SECURITY & MANAGEMENT 2. Once booted, you should see Windows loading the necessary setup files. 3. In the Windows Setup dialog, set the language, time and currency format, keyboard and input method then press Next. 4. Click on Install now NETWORK SECURITY & MANAGEMENT 5. Select the operating system that you wish to install. Regardless if you install the Server 2012 R2 Datacenter or the 2012 R2 Standard version, you want the installing package that includes the GUI. Otherwise, you end up with just the Server 2012 Core and no GUI. 6. Accept the license agreement. NETWORK SECURITY & MANAGEMENT 7. Select Custom Install Windows only (advanced). 8. Click Next. NETWORK SECURITY & MANAGEMENT 9. Server 2012 R2 beings the file copy process. 10. The server will restart automatically and installation will continue further. 11. Before Server 2012 will allow you to log in, you must configure the password for the administrator account. 12. Click Finish. Welcome to Windows Server 2012 R2! NETWORK SECURITY & MANAGEMENT The steps to Change the Server Name are: 1. Open Server manager 2. Click on Configure this local server NETWORK SECURITY & MANAGEMENT 3. Click on default Computer name which was given while server 2012 was installed. 4. Click Change in System Properties window NETWORK SECURITY & MANAGEMENT 5. Give a new Computer name which is easy to remember. 6. Click OK and Restart your computer. NETWORK SECURITY & MANAGEMENT 7. After Restarting your computer server name will be changed 5.3 STEPS TO CREATE DOMAIN CONTROLLER Set a static IP address To start, you’ll want to ensure your domain controller has a static IP address (that isn’t in a DHCP range either) to ensure it cannot change automatically. Install the Role From the Server Manager click Manage > Add Roles and Features this will open up the Add Roles and Features Wizard. Once open, click next until you reach the Server Roles section. Once there click the check box next to Active Directory Domain Services. Another window should open asking if you want to install Active Directory Administrative Center and the AD DS Snap-in and Command Line Tools. We recommend you accept this and click the Add Features button with the Include Management tools (if applicable) box checked as well. That will be the only role to include this time so you can click next and you can also click next through the features section as well. NETWORK SECURITY & MANAGEMENT Once you reach the confirmation section it will display the list of roles and features to be installed; it should match the image below. Click install and now we wait! Promoting Server 2012 R2 to a Domain Controller Once the Active Directory Domain Services role has been installed, we can promote our server to a Domain Controller by following the below steps. 1. When we return to Server Manager, there is an information message waiting for us. This is the second part of the role installation that converts the server to a domain controller. 2. Click on Notification you will see the option “Promote this server to a domain controller.” Click on this link for role promotion. If we click on the message, “Promote this server to a domain controller” the second wizard will start. NETWORK SECURITY & MANAGEMENT 3. Click on the “Add a new forest” radio button and enter the name of the new root domain. Click Next 4. If we did not have DNS installed, the option to install DNS would be provided. Check the box to install DNS as it is a requirement for Active Directory. If it is grayed out, you already have it installed and running. Leave the function for Server 2012 R2 as is. If we had server 2008 running on the network, we downgrade the function to accommodate the need for a backward capability. Type the Directory Services Restore Mode (DSRM) password in the Domain Controller Options window. NETWORK SECURITY & MANAGEMENT 5. Uncheck the box DNS delegation if authoritative zone is available. Click next. NETWORK SECURITY & MANAGEMENT 6. Setup will find the NetBIOS domain name. Once found, click on Next. 7. Confirm the location of the database, log files and SYSVOL folders. NETWORK SECURITY & MANAGEMENT 8. Review the summary and click Next to promote the server to Domain Controller. 9. Once prerequisites have passed successfully, click on Install. 10. The system may restart once the installation is completed. Be patient! When the machine restarts and comes back up, you will have an Active Directory Domain controller. To verify if Active Directory tools have been installed, click on the start button, and the Administrative Tools tile. Check out your NETWORK SECURITY & MANAGEMENT Active Directory tools! The main snap-in for managing users and computers is the Active Directory Users and Computers snap-in. 5.3 ADDING FILE SERVER AND PRINTER SERVER Printer Server 1. Go to Server Manager → Manage → Add Roles and Features → Next → Check on the Role- based or feature-based installation box and → Check on Select a server from the server pool and then → Next. Once it is done then, at the list of the roles find Print and Document Services → A popup window will open. NETWORK SECURITY & MANAGEMENT 2. Click on Add features and then → Next → Next → Next. 3. Check on the Print Server box and → Next. NETWORK SECURITY & MANAGEMENT 4. Click Install. File Server 1. Go to Server Manager → Manage → Add Roles and Features → Next → Check on the Role-based or feature-based installation box → Check on the Select a server from the server pool box → Next. Then, at the list of the roles find File and Storage Services and expand it. After this, expand the Files and iSCSI Services → Check on the File Server Resource Manager box and then a pop-up window will open. NETWORK SECURITY & MANAGEMENT 2. Click on Add features and then → Next. 3. Click the Next button. NETWORK SECURITY & MANAGEMENT 4. Click the Install button. Now that we installed the File Server Resource Manager, let us open it by following the path given below. 1. Click on Server Manager → Tools → File Server Resource Manager. To set quota to a folder, we should follow the steps as below. NETWORK SECURITY & MANAGEMENT 2. On the left panel click on Quota Management → expand Quota Templates → click on Create Quota Template… on the right-hand side panel as shown in the screenshot given below. 3. A new table will be opened, where the most important aspect to put is Space Limit depending on the need. Here, we will put 2GB and then → OK. 4. You must put the threshold for it and once the folder reaches the capacity, it will send you a notification where you will have an option to put the email. NETWORK SECURITY & MANAGEMENT 5. Click OK. NETWORK SECURITY & MANAGEMENT 6. Then to attach this quota to a folder – Right Click on the template → click on Create Quota from Template. 7. Click on Browse… and then select your folder → Create. NETWORK SECURITY & MANAGEMENT 8. To put a file restriction to your folders, you can go to the left pane File Screening Management → File screening templates → Click on the left panel Create File Screen Template. NETWORK SECURITY & MANAGEMENT 9. Click on Browse… and find the folder that you want → Create.