1 / 39

CONTENTS

Islamic Republic Of Afghanistan Kabul University Computer science Faculty Proposal I mplementing LAN Kabul University Kabul Afghanistan. Design and Documentation By: Computer Science Student Third Class. CONTENTS. PROPOSED Systems Map Servers Design. PROPOSED SYSTEM.

signe-vaughn
Download Presentation

CONTENTS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Islamic Republic Of Afghanistan Kabul UniversityComputer science Faculty ProposalImplementing LAN Kabul University Kabul Afghanistan.Design and Documentation By:Computer Science Student Third Class

  2. CONTENTS • PROPOSED Systems • Map • Servers • Design

  3. PROPOSED SYSTEM • The proposed system is capable of meeting all requirements of Kabul University and eliminates the drawbacks, which makes LAN efficient and highly secure and demanding. • It will also result in reduced operating cost and significant improvement in the ability of organization to provide more improved and quick services to users and consequently, to general public.

  4. ADVANTAGES OF PROPOSED SYSTEM • Security: • Now days in world of I.T the main concern of organizations from all over the word is security. There are two different aspect of security. One focuses mainly on external threats and other on internal threats with in the organization. The internal network must be protected from both these threats. The LAN must be kept highly secure and in order to ensure that all the important data and valuable asset of organization are hidden from the snooping eye. • The proposed system is highly secure and it will impose all security measures for external and internal threats. It will consist of strong firewall protection on the gateway to internet and external access. Network will be controlled from centralized location using active directory domain.

  5. Centralized control • Proposed system is constructed on the principle of centralized controlled i.e. the whole network operation is controlled from a central location. This will give granolas control to the system administrator over all the network resources and no one will be able to miss use any important assets of the organization without proper permission over it.

  6. GREATER PROCESSING SPEED • The proposed system will be constructed using the latest and fasted technology available in the market due to which end users will experience greater processing speed both in the LAN as well as WAN side access. Response time will increase where as decreasing the delay time.

  7. FASTER INFORMATION RETRIEVEL • Important information will always available to users in no time. A separate servers is responsible of hosting different information and will be capable of handling all users request smoothly thus minimizing response time.

  8. 99.99% data availability & uptime • The proposed system will be constructed in such a manner that ensures 99.99%data availability &uptime. Latest equipments and technology will be used in order to achieve this goal.

  9. FLEXIBILITY • The proposed system is very flexible system and is capable of accommodating any change that occurs in future both in the physical and logical layout of the Building

  10. BETTER ACCURACY AND IMPROVED CONSISTENCY • Some times information system projects are initiated to improve the accuracy of the processing data or ensure that a procedure prescribing how to do a specific task is always followed. I f properly designed and implemented, there is no change of error on part of computer, A computer can maintain accurate and consistent database, hence resulting in an improved performance.

  11. RELIABILITY • A high degree of reliability is designed in the system by incorporating good internal controls.

  12. Map

  13. Map

  14. Faculty Map

  15. Server Farm

  16. DMZ

  17. Domain controller • A collection of computers & servers that are part of the same centralized database . • Centralized User/Group Authentication -the ability to log on one . • time and access resources throughout the domain. • Centralized Security -the ability to control the user/computer environment, from one computer, across the whole network . • Searchable Database of resources including users , computers ,shared folders printers and more. • Very Scaleable - small companies and large companies

  18. Backup domain controller and secondary DNS • IF a problem occur with server that has install domain controller and primary DNS administrator also capable to manage and control network without a problem.

  19. DNS server • In using of domain it is necessary to use DNS-server. • This server change ip to name and name to ip. • For flexibility user used from name instead of IP.

  20. Log server • It use for monitoring of network. • This server store all information that occur in the entire network. For example: if someone want hack our network it will be store in log server so we can find hacker.

  21. FTP server • It is use for uploading and downloading files in network. • In this server, permission create that who can upload and download data in specific size of information.

  22. File server • It use for storing data. • This server contain all information and books for every faculty. • It contain folders for every subject. • Administrator determine who (students and teachers) should use which folder.

  23. WSUS server • If use license OS . • It is necessary for get updating • You will read how to update and configure Automatic Updates on client workstations and servers that will be updated by WSUS

  24. SQL server • It provides an environment used to generate databases that can be accessed from workstations, the web, or other media such as a personal digital assistant (PDA). • It is used for Kabul-University database that contain all information about students and teachers.

  25. Exchange server • Also called mail server. • It make local mail if source and destination are in same domain. • It make mail secure and fast forward. • Administrator can reset password if user forgot password.

  26. SMTP server • A SMTP relay is a machine that will accept incoming and outgoing emails and that will then forward them on to their configured destinations. • Increases security by preventing Internet SMTP servers from directly contacting the Exchange Server. • Can filter inbound email for viruses or SPAM BEFORE they reach the Exchange Server. • Can filter outbound email for viruses before they are sent over the Internet. • Decreases the workload on the Exchange Server by taking care of CPU-intensive tasks before forwarding the email on to the Exchange Server. • Can be configured to provide a secure, SMTP server so that your remote users can send email over the Internet when they are out of the office.

  27. Proxy server • For security, legal compliance and also monitoring reasons, in a business environment, some enterprises install a proxy server within the DMZ. • Obliges the internal users (usually employees) to use the proxy to get Internet access. • · Allows the company to reduce Internet access bandwidth requirements because some of the web content may be cached by the proxy server. • · Simplifies the recording and monitoring of user activities and block content violating acceptable use policies.

  28. Reverse proxy servers • A reverse proxy server provides the same service as a proxy server, but the other way around. Instead of providing a service to internal users, it provides indirect access to internal resources from an external network (usually the Internet). A back office application access, such as an email system, can be provided to external users (to read emails while outside the company) but the remote user does not have direct access to his email server. Only the reverse proxy server can physically access the internal email server. This is an extra layer of security, which is particularly recommended when internal resources need to be accessed from the outside. Usually such a reverse proxy mechanism is provided by using an application layer firewall as they focus on the specific shape of the traffic rather than controlling access to specific TCP and UDP ports as a packet filter firewall does.

  29. Vioce server • Because using of Ip-telephony it is need for control of calls and signalings.

  30. Web server • Web server may need to communicate with an internal database to provide some specialized services. • It has information and news about Kabul-University that other people can aware.

  31. VPN server • It is used for client that from outside of network want access. • The access is secure and fast. • There is software base vpn but it make load to network. • Also can configure this server in firewall if it support this.

  32. Anti Virus server • It runs anti virus software in all computer that are under control of domain. • It also send update anti virus software to all computers in specific time. • It use less bandwidth during update time for all clients.

  33. OSPF protocol • The biggest advantage of OSPF is that it is efficient; OSPF requires very little network overhead even in very large networks. The biggest disadvantage of OSPF is its complexity; OSPF requires proper planning and is more difficult to configure and administer. • OSPF uses a Shortest Path First (SPF) algorithm to compute routes in the routing table. The SPF algorithm computes the shortest (least cost) path between the router and all the subnets of the network. SPF-calculated routes are always loop-free. • Changes to network topology are efficiently flooded across the entire network to ensure that the link state database on each router is synchronized and accurate at all times. Upon receiving changes to the link state database, the routing table is recalculated. • As the size of the link state database increases, memory requirements and route computation times increase. To address this scaling problem, OSPF divides the network into areas (collections of contiguous networks) that are connected to each other through a backbone area. Each router only keeps a link state database for those areas that are connected to the router. Area border routers (ABRs) connect the backbone area to other areas.

  34. Juniper Firewall • For security of network and prevent of hacking we install hardware firewall. • Juniper model 5600 is very public today. • It can support proxy server and reverse proxy server.

  35. Design • Servers: LAN will include Domain controller, Backup domain controller, DNS, Log server, FTP Server, File Server, WSUS server, SQL server, Exchange server, SMTP server, Anti virus server, Web servers, VPN server and Anti virus server. • All servers have install Unix Os.

  36. Design • Add redundant router in NOC. • Add redundant swiths in NOC. • Use redundant UPS in server form. • Add muliplixer, camera and other devices for video conferancig in server farm of every faculty and connect to swith. • Add voip device in every faculty. • Use OSPF protocol.

  37. Design • Add patch panel in every faculty and connect two core of fiber optic cable for power redundancy and load balancing. • Map one public in NOC router ip address for every video conferancig device in each faculty that can use video services. • In NOC router configure bandwidth that every faculty use specific bandwidth during using of internet. • Configure DHCP in every switch faculty. • Configure NAT mechanism in NOC router.

  38. Design • Remove previous firewall , because network is secure and they make load. • It is use duel firewall so need two same juniper firewall. • Configure QOS and periority in swiths and routers. • If do not use this kind of firewall may need proxy server and reverse proxy server.

  39. Prepared by: • Fatima ‘Afzali’ • Farangis ‘Jamalzada’ • Diana ‘Farahmand’ • Zahra ‘Shefa’ • Zarmina ‘Addel’ • Jamila ‘Jalalzai’ • Arezo ‘Muahmadi’ • Sediqa ‘Ahmady’ • Mushtary ‘Khawjazada’ • Aria ‘Kazim’

More Related