Course : Bachelor of Science (Hons) Cybersecurity and Networks
(BNSE2 1902A, BNSE2 1801A)
Module Code and Title : CIS2018-N Server Administration
CIS2018-N Server Administration ICA
Design and Implementation of a Secure Server Network
This ICA involves designing and implementing an Internet-connected secure server network for
a client (Smith Logistics) which is a medium sized warehouse and logistics company.
A recent minor outage has alerted senior management to the importance that their IT systems
have on the day to day operations and has given your companies recommendation for upgrading
more weight.
Their existing network infrastructure has been shoe-horned onto an ageing server which is
running Windows 2003 Small Business Server with clients as old as Windows XP and some as new
as Windows 8.1. The company acknowledge that given recent network and computer system
breaches such as WannaCry that they need to update their IT infrastructure and are looking to
create a more secure IT infrastructure with room for expansion.
Although Small Business Server has Exchange server built in, the already utilize Office 365 as they
have previously had problems with deliverability of emails both sending and receiving.
The plan is to upgrade their current network and spread existing workloads across three servers.
You will also need to build a Windows 10 client which you can join to the domain to use to help
document that all of the services are working correctly.
2 x Windows Server 2016 Servers with these workloads spread across them:
- Active Directory Domain Services
- File Server
- DNS
- DHCP
- IIS with two or more websites each with their own custom DNS name
1 x Ubuntu 18.04 Server with:
- Externally facing Apache Web Server
- MySQL
- PHP
- DNS records setup for this server to be the main company website
Smith Logistics has emphasized that they want to take this opportunity to strengthen their
network security and are looking for you to explain what security considerations and/or
improvements you can make as you outline the solution.
Smith Logistics store a lot of information and data, and they want to ensure that their servers, in
particular their file server has the appropriate disk redundancy in place so that they can tolerate
disk failures without having to depend upon a backup solution. They also acknowledge that given
BNSE21902A, BNSE21801A _CIS2018-N Server Administration,
Individual Report: 30 April 2019 Page 4 of 5
they are rebuilding their entire server infrastructure they will also need to revisit backup options
and have therefore asked you for advice both on disk redundancy and backup solutions.
They are also concerned about application compatibility so have requested that you create a
mock-up of the proposed environment which they can then use to test their in-house applications
and externally facing website. This will allow them, in the event they are any issues to resolve
these before the final switch is made. As such you will be required to make detailed
documentation of the environment you create for testing to ensure that it can be accurately re-
created for the live migration.
Assignment
You are to assume the role of the assigned technical lead for this proposal and have been tasked
with creating the initial mock environment and associated documentation.
Write a report (3,000 to 3,500) which should at a minimum contain:
- A network diagram, including IP addresses.
- A rationale of the workload balance chosen.
- A recommendation and explanation of chosen disk redundancy and backup solutions for
the final build (does not need simulating).
- Documentation for each network component, describing briefly it’s function and
explaining what dependencies it may have and/or how it interacts with other components
on the network
- Documentation might include IP Addresses of servers, DHCP Options, DNS
Forward Lookup zones configured and/or websites setup etc.
- Documentation of a proof of concept network, evidencing the setup and configurations
made using screenshots.
- Client machine evidence should be used to demonstrate that the wider system
works.
- Internet connectivity is expected for both servers and clients.
? Recommendations of potential hardware based upon recommended specifications for
operating systems and services along with indicative pricing.
The report is expected to address any potential legal, ethical or security issue that may be present
throughout the body of work.
Your report could also optionally include:
- Pro-active advice on identifying single points of failure and possible recommendations to