king fahd university of petroleum and minerals computer engineering dept. coe – 444 internetwork...
TRANSCRIPT
King Fahd University of Petroleum And MineralsKing Fahd University of Petroleum And Minerals
Computer Engineering DeptComputer Engineering Dept..
COE – 444COE – 444
Internetwork Design & MGTInternetwork Design & MGT
A structured Data Network Design and A structured Data Network Design and Upgrade for CCSE NetworkUpgrade for CCSE Network
““Server Placement”Server Placement”
Group#11
Muhammad Al-Abdul-Hadi 205169 Ahamd Mosaic
208601 Amjad Muslih 208503 Haider A. Al-Mubarac
203749 Muhammad AL-Saeed 995238
OUTLINE
Recommendations for Server Placement
Main Factors in Security Aspect New Proposed Design Problems Faced
Recommendations for Server Placement
CCSE-PSRV2 (Student print server, Antivirus server)
o Remove it from VLAN 67(administration).o Put it in VLAN 172 (Student).
VLSI (COE Faculty Printer Server)o no need to place in the shared VLAN
o suggest to place it in Faculty subnet, VLAN 65.
o place it on 3Com335-1-156 since it connects all faculty switches together.
Recommendations for Server Placement (Cont.)
CCSE-DBP2 (Student publishing and database platform)
o used mainly by students.o Remove from VLAN67
o Place it in students VLAN172
CCSE-DBP1 (Database platform; publishing setup)
o Remove it from VLAN67o place on VLAN 65 o assuming it will be used mainly by faculty.
Recommendations for Server Placement (Cont.)
MAKKAH (CCSE web server): Remove from VLAN64 Place in VLAN172 frequently accessed by student
CCSE-MATERIAL (MatLab Server):
traffic of 51% (peak hour). Replace the 100 Mbps with 1 Gbps & connect it to switch
3Com335-1-102/103.
CCSE-SOFTWARE: traffic of 45% (peak hour). replace the 100 Mbps with 1 Gbps. Upgrade server
Recommendations for Server Placement (Cont.) KUZAMA, Bareed (mail server):
o Old Workstation used as a server.o Upgrade it to a higher performance server
Recommendations for Server Placement (Cont.)
Soldier(POP3 Server, Mailbox Server, CCSE Network Time server):
o Peak traffic 84.4%(high)o seems to be a loaded all the time. o Keep it in faculty VLAN65o Duplicate one to VLAN172
Main Factors in Security Aspect
Physical Access.o Physical place restricted to authorized people.
Administrative Delegation.o Deciding who will have administrative authority over the
server User Authentication.
o To verify that users are who they declare themselves to be.
User Authorization.o Regulating what users have access to log on and what
server resources they can access.
Main factors in security aspect System Privileges and Restrictions.
o Setting the access permissions to the applications.
Application Privileges and Restrictions.o Access to the applications on a server should be restricted
to a subset of users based on their job function.
System Auditing.o Needed for monitoring effectiveness of the configuration.
Security Patches Management.o Poor patch management can be particularly damaging to a
server environment.
Security
From the above assessment it can be seen that the security used in CCSE servers is good and does not need any further improvement.
3com335-1-76
CC
SE
-DB
P1
CC
SE
-DB
P2
CC
SE
-PD
C
CC
SE
-PS
RV
2
CC
SE
-AA
PS
2
Unmanaged Hub
CCSENETMON5
CCSE-RADIUS
CCSENETMON3
CCSENETMON7CCSENETMON1
196.1.67.0/24
CC
SE
-DB
P3
VL
AN
17
2
VL
AN
17
2
VL
AN
65
3com335-1-102/103
CC
SE
-BA
RIU
M
CC
SE
-AP
PS
3
CC
SE
-MA
TE
RIA
L
CC
SE
-XE
ON
CC
SE
-NE
ON
ics-
db
serv
er1
ics-
db
serv
er2
3com336-142/143
3com335-1-64[Bridging Mode]
3com335-1-130/169
172.16.0.0/16
CC
SE
-SO
FT
WA
RE
CC
SE
-AT
OM
VLAN 64 (Administration and Monitoring)
VLAN 172 (Student/Labs)
3com338-77
COLO
NEL
SOLD
IER
GEN
ERAL
SHAM
SI
SPID
ER
KABS
A
PEAR
L,W
WW
Solaris Stations [Sunfire1, Sunfire2.. Sunfire9]
3com338-65
Hear
tBea
t1He
artB
eat2
Nasr
een
Mar
s
Vlsi
ccse
Khuz
ama
Peng
uin
Dhah
ran
File
r
3com338-99
Tom
cat
Unai
za
Fire
flyJu
pito
r
Nept
une
Mer
cury
Java
serv
3com338-166
Taif
Mak
kah
Mad
inah
Venu
s
196.1.64.0/24
3com335-1-128
VLAN
172
&6
5
VLAN
65
VALN
65
VLAN
172
VALN 64 (UNIX Servers)
Problems
Lack of information:o Who uses what?o How many users use the application?o How frequently the application is needed
by users? Delay in getting the required
information. The traffic analysis doesn’t help in
making decisions.
?