D087 Notes for Labs PDF

Preview

Summary

Data Center Virtualization notes for lab....

Description

Vlan-Dev (Vlan-ID 1) 172.17.0.0/16! Vlan-SysAdmin (Vlan-ID 2) 172.18.0.0/16! Vlan-pfsenseWAN (Vlan-ID 3) 172.19.0.0/16! Vlan-pfsenseLAN (Vlan-ID 0) 172.16.0.0/24 DHCP from Host Machine network! Vlans created in Esxi under port groups, I used the default switch for everything.!

1. Windows Server Standard! DNS Role ! Active Directory Role - Setup Active directory to augustacrissy.lab! DHCP Role - Create Scope to give out IP’s on 172.17.0.0 and 172.18.0.0 network! Net 1 IP 172.17.0.2/16 Static ! Net 2 IP 172.18.0.2/16 Static! Firewall setup! Inbound port 80 TCP HTTP. ! port 443 TCP HTTPS! port 53 TCP UDP DNS! port 67 68 TCP UDP DHCP 172.17.0.0/16 subnet and 172.18.0.0/16! Block port 23 172.16.0.0 /16 subnet! 2. pfsense! Net1 IP 172.16.0.106/24 Static from Host machine network ! Net2 IP 172.19.0.2/16 Static! 3. Windows 10 Enterprise! Setup DHCP and DNS to 172.18.0.2! Join Domain augustacrissy.lab! Net 1 IP 172.17.0.3/16 Static ! Net 2 IP 172.18.0.3/16 Static! Net 3 IP 172.19.0.3/16 Static! 4&5. Windows Datacenter! IIS Role - No config needed! Remote access role - Setup Remote access to give out IP’s from the SysAdmin network! Setup NIC team on adapter 1 and 2! NLB Role - Configure to IP on Dev network! Join Domain augustacrissy.lab! Server1! Net 1 IP 172.16.0.107/24 DHCP from Host machine network! Net 2 IP 172.16.0.108/24 DHCP from Host machine network! Net 3 IP 172.18.0.4/16 Static! Net 4 IP 172.17.0.4/16 Static! Server 2! Net 1 IP 172.16.0.109/24 DHCP from Host machine network! Net 2 IP 172.16.0.110/24 DHCP from Host machine network! Net 3 IP 172.18.0.5/16 Static! Net 4 IP 172.17.0.5/16 Static!

Firewall setup! Permit Inbound port 80, port 443, VPN 172.19.0.0/16 ! Only allow RDP from SysAdmin vlan! All outbound traffic except port 23 ! PA Walkthrough! A. Just come up with three limitations of the current system and summarize why virtualization is needed (Hint: Use the first page of the Company overview and requirements).! B. I wrote the vlans created, the hardware used for each machine and what roles would be installed on each server.! C. C.1 Pick a product for the virus scan system that will be used on each machine. C.2 Write about the rules from the company requirements. C.3 Write about how you will harden the servers. C.4 Write about security groups you will create such as one for each of the companies departments. C.5 Pick an ISO standard, 27001 or 27002 and look it up and write about what domains you will use for this project.! D. Technical detail of how you will set everything up.! E. I wrote about which metrics I would monitor in performance monitor around CPU, Memory and Networking.! F. I wrote about how the traffic would be split on the network load balancer and how to test it.! G. Screenshots from implementation build be sure to include your name and the date in all screenshots.! Presentation! 1. Use Get-nlbcluster in powershell to show network load balancer.! 2. Use Get-nlbclusternode in powershell to show each node of the Network load balancer.! 3. Show port groups you created in Esxi.! 4. RDP into either one of the Data center machines from either the windows server standard machine or the windows 10 machine.! 5. Setup your VPN on the data center machines so that it gives out an IP’s on the VlanSysAdmin network. You will be using the W10 Admin machine that was already setup to test this. Try to RDP into from W10 Admin and it should be denied. Configure W10 admin to use one of the datacenter machines as the vpn server. Connect to the VPN, you will now have an IP on the SysAdmin vlan and will now be able to RDP in.! 6. Just talk about one security service you will use to help with Information Security Management I.e Security Groups, Windows firewall etc.! 7. Create a custom performance monitor data collector with at least 3 metrics each for Processor, Memory, and Network. Let it run for a few minutes and stop it and view the report. Do this before you start the presentation and just have the report pulled up.!...