NSM Notes - Unit 5.pdf

Full Transcript

NETWORK SECURITY & MANAGEMENT

UNIT-5
NETWORK PLANNING AND IMPLEMENTATION
5.1 NETWORK NEEDS
A computer network is a collection of interconnected computers, servers, and other devices that can
communicate with each other, either wirelessly or through physical connections like cables or fiber optics.
These interconnected devices can share resources such as files, printers and internet connections, and they can
also facilitate communication through email, messaging, and other means. Computer networks can vary in
size and complexity, ranging from small local networks within a home or office to large-scale global networks
like the Internet.
Networks serve various purposes and fulfill multiple needs for individuals, businesses and organizations.
Some of the key needs of a network include:
1) Communication: Networks enable communication between individuals, devices and systems regardless
of their physical location. This includes email, instant messaging, voice and video calls and data sharing.
2) Resource Sharing: Networks allow for the sharing of hardware resources such as printers, scanners and
storage devices, as well as software resources like applications and databases.
3) Data Transfer and Access: Networks facilitate the transfer of data between devices and provide access to
shared data repositories, allowing users to retrieve, store and manipulate information.
4) Collaboration: Networks support collaboration among users by enabling them to work together on
projects, share documents and coordinate tasks in real-time, regardless of their geographical location.
5) Remote Access: Networks enable remote access to resources and services, allowing users to connect to
their organization's network from external locations securely.
6) Internet Access: Networks provide connectivity to the Internet, allowing users to access a vast array of
online resources, services and information.
7) Centralized Management: Networks allow for centralized management of resources, user accounts,
security policies and network configurations, streamlining administration and maintenance tasks.
8) Backup and Disaster Recovery: Networks facilitate backup and replication of data to remote locations,
ensuring data integrity and enabling disaster recovery in case of hardware failures, natural disasters or
cyberattacks.
9) Scalability: Networks can be scaled to accommodate the growth of an organization by adding additional
devices, expanding infrastructure capacity, and adapting to changing requirements.
10) Security: Networks provide security mechanisms such as firewalls, encryption, access controls and
intrusion detection systems to protect against unauthorized access, data breaches and cyber threats.
 NETWORK SECURITY & MANAGEMENT

5.2 INSTALL AND CONFIGURE WINDOWS SERVER
Windows Server 2012 R2 Hardware Requirements:
As with previous Windows versions, your hardware must meet certain requirements for Windows Server
2012 R2 to function properly. First of all, Windows Server 2012 R2 requires a 64-bit processor.

Component Minimum Requirement Microsoft Recommended

Processor 1.4 GHz 2 GHz or faster

Memory 512 MB RAM 2 GB RAM or greater

Available Disk Space 32 GB 40 GB or greater

Optical Drive DVD-ROM drive DVD-ROM drive

Display Super VGA (800x600) monitor XGA (1024x768) monitor

In addition, you must have the usual I/O peripherals, including a keyboard and mouse or compatible pointing
device and a wired or wireless network interface card (NIC). If you can connect to a network location on
which you have copied the contents of the Windows Server 2012 R2 DVD-ROM, you are not required to have
a DVD-ROM drive on your computer.

Microsoft recommends that you also perform the following actions before installing Windows Server 2012
R2:
1) Disconnect uninterruptible power supply (UPS) devices
2) Back up data
3) Disable antivirus software
4) Provide mass storage drivers if needed
5) Note that Windows Firewall is on by default
6) Prepare your Active Directory environment for Windows Server 2012 R2

Steps to install Windows Server 2012:
1. Insert the Windows Server 2012 R2 DVD-ROM and turn on your computer. You should see a message
informing you that Windows is copying temporary files; if not, you should access the BIOS setup
program included with your computer and modify the boot sequence so that the computer boots from
the DVD.
 NETWORK SECURITY & MANAGEMENT

2. Once booted, you should see Windows loading the necessary setup files.

3. In the Windows Setup dialog, set the language, time and currency format, keyboard and input method
then press Next.

4. Click on Install now
 NETWORK SECURITY & MANAGEMENT

5. Select the operating system that you wish to install. Regardless if you install the Server 2012 R2
Datacenter or the 2012 R2 Standard version, you want the installing package that includes the GUI.
Otherwise, you end up with just the Server 2012 Core and no GUI.

6. Accept the license agreement.
 NETWORK SECURITY & MANAGEMENT

7. Select Custom Install Windows only (advanced).

8. Click Next.
 NETWORK SECURITY & MANAGEMENT

9. Server 2012 R2 beings the file copy process.

10. The server will restart automatically and installation will continue further.

11. Before Server 2012 will allow you to log in, you must configure the password for the administrator
account.
12. Click Finish. Welcome to Windows Server 2012 R2!
 NETWORK SECURITY & MANAGEMENT

The steps to Change the Server Name are:
1. Open Server manager

2. Click on Configure this local server
 NETWORK SECURITY & MANAGEMENT

3. Click on default Computer name which was given while server 2012 was installed.

4. Click Change in System Properties window
 NETWORK SECURITY & MANAGEMENT

5. Give a new Computer name which is easy to remember.

6. Click OK and Restart your computer.
 NETWORK SECURITY & MANAGEMENT

7. After Restarting your computer server name will be changed

5.3 STEPS TO CREATE DOMAIN CONTROLLER
Set a static IP address
To start, you’ll want to ensure your domain controller has a static IP address (that isn’t in a DHCP range either)
to ensure it cannot change automatically.
Install the Role
From the Server Manager click Manage > Add Roles and Features this will open up the Add Roles and Features
Wizard.
Once open, click next until you reach the Server Roles section.
Once there click the check box next to Active Directory Domain Services.
Another window should open asking if you want to install Active Directory Administrative Center and the
AD DS Snap-in and Command Line Tools.
We recommend you accept this and click the Add Features button with the Include Management tools (if
applicable) box checked as well.
That will be the only role to include this time so you can click next and you can also click next through the
features section as well.
 NETWORK SECURITY & MANAGEMENT

Once you reach the confirmation section it will display the list of roles and features to be installed; it should
match the image below.
Click install and now we wait!

Promoting Server 2012 R2 to a Domain Controller
Once the Active Directory Domain Services role has been installed, we can promote our server to a Domain
Controller by following the below steps.
1. When we return to Server Manager, there is an information message waiting for us. This is the second
part of the role installation that converts the server to a domain controller.

2. Click on Notification you will see the option “Promote this server to a domain controller.” Click on
this link for role promotion.
If we click on the message, “Promote this server to a domain controller” the second wizard will start.
 NETWORK SECURITY & MANAGEMENT

3. Click on the “Add a new forest” radio button and enter the name of the new root domain. Click Next

4. If we did not have DNS installed, the option to install DNS would be provided. Check the box to install
DNS as it is a requirement for Active Directory. If it is grayed out, you already have it installed and
running. Leave the function for Server 2012 R2 as is. If we had server 2008 running on the network,
we downgrade the function to accommodate the need for a backward capability. Type the Directory
Services Restore Mode (DSRM) password in the Domain Controller Options window.
 NETWORK SECURITY & MANAGEMENT

5. Uncheck the box DNS delegation if authoritative zone is available. Click next.
 NETWORK SECURITY & MANAGEMENT

6. Setup will find the NetBIOS domain name. Once found, click on Next.

7. Confirm the location of the database, log files and SYSVOL folders.
 NETWORK SECURITY & MANAGEMENT

8. Review the summary and click Next to promote the server to Domain Controller.

9. Once prerequisites have passed successfully, click on Install.

10. The system may restart once the installation is completed. Be patient! When the machine restarts and
comes back up, you will have an Active Directory Domain controller. To verify if Active Directory
tools have been installed, click on the start button, and the Administrative Tools tile. Check out your
 NETWORK SECURITY & MANAGEMENT

Active Directory tools! The main snap-in for managing users and computers is the Active Directory
Users and Computers snap-in.

5.3 ADDING FILE SERVER AND PRINTER SERVER
Printer Server
1. Go to Server Manager → Manage → Add Roles and Features → Next → Check on the Role-
based or feature-based installation box and → Check on Select a server from the server pool and then
→ Next. Once it is done then, at the list of the roles find Print and Document Services → A popup
window will open.
 NETWORK SECURITY & MANAGEMENT

2. Click on Add features and then → Next → Next → Next.

3. Check on the Print Server box and → Next.
 NETWORK SECURITY & MANAGEMENT

4. Click Install.

File Server
1. Go to Server Manager → Manage → Add Roles and Features → Next → Check on the Role-based
or feature-based installation box → Check on the Select a server from the server pool box → Next.
Then, at the list of the roles find File and Storage Services and expand it. After this, expand the Files
and iSCSI Services → Check on the File Server Resource Manager box and then a pop-up window
will open.
 NETWORK SECURITY & MANAGEMENT

2. Click on Add features and then → Next.

3. Click the Next button.
 NETWORK SECURITY & MANAGEMENT

4. Click the Install button.

Now that we installed the File Server Resource Manager, let us open it by following the path given below.

1. Click on Server Manager → Tools → File Server Resource Manager.

To set quota to a folder, we should follow the steps as below.
 NETWORK SECURITY & MANAGEMENT

2. On the left panel click on Quota Management → expand Quota Templates → click on Create Quota
Template… on the right-hand side panel as shown in the screenshot given below.

3. A new table will be opened, where the most important aspect to put is Space Limit depending on the
need. Here, we will put 2GB and then → OK.

4. You must put the threshold for it and once the folder reaches the capacity, it will send you a
notification where you will have an option to put the email.
 NETWORK SECURITY & MANAGEMENT

5. Click OK.
 NETWORK SECURITY & MANAGEMENT

6. Then to attach this quota to a folder – Right Click on the template → click on Create Quota from
Template.

7. Click on Browse… and then select your folder → Create.
 NETWORK SECURITY & MANAGEMENT

8. To put a file restriction to your folders, you can go to the left pane File Screening Management → File
screening templates → Click on the left panel Create File Screen Template.
 NETWORK SECURITY & MANAGEMENT

9. Click on Browse… and find the folder that you want → Create.