-INFO8550-Portfolio 3 PDF

Preview

Summary

Download -INFO8550-Portfolio 3 PDF

Description

Portfolio-3 Contingency Planning & Disaster INFO8550

Sarav Patel 8671748

Table of Contents Portfolio 3.............................................................................................................................3 Description......................................................................................................................................3 Preparation......................................................................................................................................3 Observation.....................................................................................................................................3 Network Schematic........................................................................................................................5 Screenshots.....................................................................................................................................7 Issues..............................................................................................................................................15 Gap & Risk Analysis.....................................................................................................................16 Contingency and Disaster Recovery Planning.......................................................................16 Reflection.......................................................................................................................................16 References.....................................................................................................................................17

Portfolio, Sarav Patel, INFO8550

2|Page

Portfolio 3 Description I must create an environment in this portfolio that consists of six servers and three workstations to be a combination of all the labs. I must build an infrastructure where some database servers, domain controllers, backup servers and workstations are essential. I will build a domain and sub domain controller that will link all windows and Linux servers to the domain controller. I will then build a sharing folder that will be accessible via all the servers. Where the sharing folder is accessed under Linux using CIFS. The DNS and DHCP configuration will then be seen on domain controllers where one is DHCP and another is DNS. Where DHCP configures workstations IP. The aim is to ensure that they automatically obtain IP addresses and also to make sure that they can fix DNS as well. I'm downloading MYSQL servers and creating database in both. Then we need to add the Agent VEEAM and Backup VEEAM. Finally, the cluster on one of the Windows database servers would be configured and the final move will be to test the connectivity between servers by ping and testing whether or not DNS can resolve their name. Preparation.     

Network schematics Need to configure all the servers as per the requirements and using the network which is assigned. Also use the templates as well as ISO file while creating the all kind of the machine. In one of the Linux servers we need to install VEEAM backup server and VEEAM agent software. In addition, we need to install Microsoft SQL management for the performing the query regarding to the database.

Observation  Firstly, we need to create all the servers and machines for that we need to use the PowerShell script to configure as per the requirements.  Then configure with the respected IPs which is assigned to us.  After that we need to add all the servers and workstations to the domain controllers as well as in the sub domain if we want.  While we are working with the Linux machine we were performing the realm to join the server with the domain. And create one accessible folder which were used from any of the workstation. As well as If we want to access that same folder from another Linux machine we need to mount the directory into the other Linux server using mount.cifs command for access the folder.  As the further we go we need to install the apache server into the domain server as well as one of the Linux servers for the connected with the database and use the services.  On the other side we need to Install and configure the IIS server in one of the windows workstations and test the connectivity.  DHCP is established in the domain controller and all machines were able to get the IP address automatically using the DHCP which will be added to the domain. Appropriate server IP

Portfolio, Sarav Patel, INFO8550

3|Page

 





  



addresses have been added to the IP reservation pool and all IP address information are specified in the DHCP pool's Address Lease. In the secondary domain controller, the DNS configuration works perfect. Forward and Reverse Lookup zones are designed to help us complete the DNS setup. Then I change the IP configuration of all the machines from manual to automatic ones that were not reserved. As well as with that we need two new servers which added and named SP1748SQL1 and SP1748-SQL2 respectively for perform the database operation as well as configuring the clustering. And in both the windows server I built MSSQL application management and SQL server. Then I download VEEAM back and backup on all other servers in my Windows Backup system and VEEAM agent. Alright everything went well but it gave me the error at the end of the validation. Saying the validation isn't sufficient for clustering. But after a lot of troubleshooting I found out that the user we are developing should have administrators’ privilege, but somehow that user should also have domain administrators’ rights and only then can you create a cluster successfully. So, I made domain administrators sp1748 user member. Then I configured cluster again, and successfully configured cluster this time. After that we need to working in the MSSQL management studio for the database operations and crating the table as per the requirements. I downloaded the rpm file on Linux machines, and kept it in my windows server's sharing folder and installed it on the Linux machine. I built the repositories after that, and built the Veeam afterwards. I have applied the clustering for the failover to the database server. In conclusion, I was able to see the specifics of the Failover cluster popping up even in the Domain Controller system. This move completes my setup for the failover cluster.

Portfolio, Sarav Patel, INFO8550

4|Page

Network Schematic

Figure 1.1 Topology of the Network.

Name of Virtual

Operating Memory Disk

Machine Spatel1748-WS1

System Windows

4

Space r Accounts 40 SP1748

Server Spatel1748-WS2

2016 Windows Server

Portfolio, Sarav Patel, INFO8550

4

Administrato

40

Function

Network

of VM Active

Information 10.174.103.4

Secret55

domain

SP1748

Sub AD

10.174.103.5

Secret55 5|Page

Spatel1748-L1

2016 CentOS 7

1

4

SP1748

Linux

10.174.103.6

Server Linux

10.174.103.7 10.174.103.3

Spatel1748-L2

CentOS7

1

4

Secret55 SP1748

Spatel1748-LW1

CentOS7

1

4

Secret55 SP1748

Server Linux

Spatel1748-

Windows

2

32

Secret55 SP1748

Workstation Workstation 10.174.103.2

Windows1

Server

Spatel1748-

2016 Windows

Windows2

Server

SP1748-SQL1

2016 Windows

Secret55 4

4

40

40

Server SP1748-SQL2

2016 Windows

SP1748

Backup

Secret55

Machine SQL

10.174.103.20

machine for 4

40

backup SQL

10.174.103.21

Server

machine for

2016

backup

Portfolio, Sarav Patel, INFO8550

10.174.103.9

6|Page

Screenshots

Figure 1.2 Showing the list of All VMs.

Figure 1.3 Added to the domain successfully.

Portfolio, Sarav Patel, INFO8550

7|Page

Figure 1.4 All the Computers are added to the domain controller.

Figure 1.5 Showing the table details which is we created.

Portfolio, Sarav Patel, INFO8550

8|Page

Figure 1.6 Validating the Cluster.

Figure 1.7 Failover Clustering

Portfolio, Sarav Patel, INFO8550

9|Page

Figure 1.7 Adding the user.

Figure 1.8 Configuring the cluster.

Portfolio, Sarav Patel, INFO8550

10 | P a g e

Figure 1.9 successfully cluster is configured.

Figure 1.10 We can see that it is added and we can see it in the description.

Portfolio, Sarav Patel, INFO8550

11 | P a g e

Figure 1.11 Table creating in the Microsoft server management studio.

Figure 1.12 Veeam backup and replication installed successfully.

Portfolio, Sarav Patel, INFO8550

12 | P a g e

Figure 1.13 Tried to connect with server after successfully installation.

Figure 1.14 Community version for the Veeam backup working fine.

Portfolio, Sarav Patel, INFO8550

13 | P a g e

Figure 1.15 Agent is properly installed in one of the new SQL machine.

Portfolio, Sarav Patel, INFO8550

14 | P a g e

Figure 1.16 Veeam agent installed in the Linux server.

Issues Issues that I face when doing all the laboratories are that have some errors when entering Linux servers to domain controllers that I didn't know so later I noticed that we can use the realm to solve the problem with the help of it. I was able to enter all of the Linux servers into my domain. Some frames I didn't know what went wrong when I was uploading information. In file-sharing, I wasn't able to connect to my domain so I installed CIFS utilities and then I could access file sharing. Else ISS database was good only, when I faced problems while doing the VEEAM agent was hard disc space that took a while but was taken care of. When I built two windows servers and added the failover cluster feature, the most important and big issue I got was on clustering. The validation setup failed because it showed me an error in the active directory or domain name so I tried to change the NETBIOS name as it told me when I checked for this error that NETBIOS doesn’t takes more than 15 characters in it. So I moved to five characters, the dilemma that I was facing too. And I tried to log in using that but got the same error. Then I worked out a plan. Second, you can't use administrator to verify or modify the cluster because it's a local administrator so we need to build a user and that user will have administrators + domain administrator rights. So I built a user name sp1748 and I made that user a member of both groups then I tried to configure the cluster and I validated it successfully. I was produced cluster witness with that as well. So these were the things I had to deal with during the labs and that's how I address them.

Portfolio, Sarav Patel, INFO8550

15 | P a g e

Gap & Risk Analysis

While doing this, I noticed we should keep upgrading our system and have a firewall, antivirus then we can set the NAT firewall's honey pot too. Another is that we should set up all machine s and severs as a static IP address instead of doing dynamic IP addresses that will save us for configuration confusion, only the main server will have the static IP address. Well, the interesting and crucial thing that login password is the same for any computer that isn't a good idea and that makes it easy to get the systems under attack. Intruder will use network scanning to join in NETBIOS. One is, later on, we set up DHCP and the things are that it gives IP to all other machines if it goes down or crashes, then all other machines can be disconnected from the network so it can stop working. But because we have two domain controllers So, if it goes down then we have others to sue, yes we will have some network issues but still we will be linked. Talking about the database, we built databases on four servers but first, none of them linked the sharing of databases. Second, none of them have a backup so the chances of losing data are probable. so, it should be backed up which can decrease the chances of risk the reason is that we have installed VEEAM backup and through the VEEAM agent we can do backup and can access that data. We need to keep our firewall protection more stable, and we should identify and address vulnerabilities before any identify a loophole and get into our servers

Contingency and Disaster Recovery Planning For disaster, I have all my environment plans that I have generated topology as well as data about which server has which IP address and user information. The second one on my other domain controller should have a backup. I'd then like to have NDS and DHCP on the same server but backup on another server. So if anything happens they will get on to the other server and can keep it from stopping running. I use RAID technology as far as data is concerned, which also gives me redundancy. RAID 1 will be better for a small company where, if you go down, you can place the new one outdrive so that the new drive acts as a backup and the backup acts as a primary drive. Instead of using GUI we can use Script for server settings. It's nice to come down to protect a solid DMZ firewall with proxy, honey pot. We have to keep track of any hacking attempts with that as well. Each of the acts should be reviewed and properly reported. We can configure packet filtering with the firewall, then outbound inbound. Reflection Firstly, I learn how to build an existing domain controller by pouting the lab. Then I learned how to use the realm to install Linux servers in windows. Then it was very important to understand CIFS, which showed how we can share files, and learning how to access the same files and directories in both Linux and Windows was a whole new thing for me. I have also discovered what a subdomain can be of help in disaster situations. Another dimension of learning relates to DNS and DHCP. I have had to know about resolving the loan. It was all-important to know about the reverse pointer, and then how scopes are made. All the servers fixed their DNS name because there were no problems with that. The problem I faced with the hard disc was solved Portfolio, Sarav Patel, INFO8550

16 | P a g e

just because I had so little space and what happens when we have to install those big file size applications. In setting up a database on the Linux server, a password had to be provided to root in, and the tables had to be granted to access the database which was also a good learning. The cluster issue that was a big learning for me, as I state in issues what I found out about it and how I solved my problem. It was genuinely important to know about the administrator and local administrator. Otherwise, there were not many problems that I faced when conducting the laboratories but I learned a lot of small things and it was a good experience but I got to learn more about Linux. Overall I've learned a lot of things and in the future, this will be helpful.

References https://linuxize.com/post/how-to-mount-and-unmount-file-systems-in-linux/

Portfolio, Sarav Patel, INFO8550

17 | P a g e...