Sie sind auf Seite 1von 166

1

Analyze an Existing Network and


Design a New Network Infrastructure
with Implementation

Project I: Hardware and Networking

Done By

Guided By Thoufeeq Ahmed Syed

Methodology:
2

We are using waterfall model (development model) for our project. With
waterfall the development moves from concept through different process
(Analyze Requirements, design ,implementation ,Verification and
Maintenance). Each processed starts when the pervious processed is
completed without any overlapping steps .
3

Abstract:

This project is about al saf arabi ask us to improve their network and develop it in
such way to be fast and secure network and able to be growth.
In our survey we found that there were many missing in the network configuration
and network security in company. In additional we found some hardware need to be
upgrade and some need to be replaced.
Moreover the network did not exist in some places in the building because al saf arabi
Company consists of three floors and the network services unfortunately not available
in some locations.
After we analyzed we design a network solution for Al saf arabi Company through
install new servers with high level of security. For network availability we added
some access points in order to cover all floors.
Finally, we implemented software and hardware and configured network features like:

 Windows 2003 Server


 ISA Server
 New switches
 Access Points
4

Acknowledgment

We would like to take this chance to thank all the faculty members of Middle Eastern
College of Information Technology for all the help given that we needed desperately.
I would like starting thanking Mr.Taufeeq our project teacher in Middle East College
of Information Technology, for all his guidance throughout these gainful years that
passed.

I would like also to thank Mr.Salim Al Fahdi G.M of Al saf Alarabi Company and all
staff and members for coordinate us to finish this project.

We would like also to thank our friends for their ideas that helped us put our project
together.
5

Our requirements for our project:

 Hardware:

1- 2 New Servers.
2- 9 Wireless Access Point
3- 11 Wireless Networks Card.
4- 2 Cisco Switch with 24 ports each supporting for Ethernet Power.
5- 30 cable cat 6 size of “1 m “to use between switch and patch panel (Ready
Made).
6- 30 cables cat 6 sizes of 5 meters (Ready Made) to use it between points and
clients.
7- 2 cross cable (Ready Made) to use it between switch.
8- One Cabinet with size of 3 meters.
9- One UPS with Two KV.
10- One ADSL modem with wireless
11-

 Software:

1- Win 2003 Server standard Edition.


2- ISA (Internet Security Accelerator) Software.
3- Win XP with SP2.
4- MS Office 2003.
5- KasperSky Antivirus.
Operating System:
1- Windows 2003 Server Standard Edition
2- Windows XP with at least SP2
6

Introduction:

The networks play an important role in every organization either its public sectors or
private sectors. All processes are done by using computation through the networking
technology. By using the network you can perform many tasks in and jobs in easy and
fast way. In addition, multi tasks can be done at a same time which helps
organizations to save the time and have a good work performance.

The network provides many features and facilities such as: sharing files and
recourses, printing sharing, saving files….etc

In fact, all technologies growth up during the time .As the network is one of the most
important technologies which growth very fast and daily develop, so we have to
follow and keep track with this capering in the network. The capering in this case is
an upgrade in network components which consists of hardware devices (like switches
and routers)and software application(like operating system and security applications).

The organization must follow the development of technologies to be successful and to


make a good picture about its business and services to its customers. The weak
network performance may affect the organization ability in the business environment
and the organizations will have bad picture that affect it to loss their customers which
make a real problem for the organization. So the organization must come up with the
growing of the technologies and upgrade its network as the requirement of their
business activities.

For that reason we determined to design network for Alsaf Alarabi Company which
had already an existing network. The title of our project "Analyze an existing network
and design new network infrastructure with implementation".

Our project passed through three steps. Those steps are:

Analyze the existing network


Design new network
Implementation of the network

Each of those steps has sub steps and process in analyze steps we studied the existing
network components (hardware and software) in order to determine which
components are useful and which are useless.

in design step according to our analyzed we prepared our design for the new network
for AL Saf AL Arabi Company.

Finally, we implemented our design and test the network.


7

Our team of the project consists of four members and we distribute the tasks and jobs
between us. We cooperate each other till we finished the project. We are working as
succeed cooperation team and w are using
Many methods of commotions between us like (meeting, e_mails, SMS and
telephones) the purpose is to exchange the ideals and to discuss about our project.

We generate a weekly meeting to study the task that be done by each member of the
team. The uniquely features in our project is that each member has to teach other
about his work and task.

In fact, from this features we gain my advantages like improve our skill and
knowledge in network world technology. For example, in wireless configuration and
in group policy.
8

Analyze
9

Analyze Stages:

We met Mr. Salim Al-Fahdi who is the general manager of the Al-Saf Al-arabi
Company to discuss all details about network. Our discussion is including many
points about the exiting network and what are the requirements of the company. Then
we discuss how we will upgrade the exiting network.

Through this meeting we collected the details about Hardware, Software used in the
company and how many number of users who used the network. Then we toke about
the level of security the need it.

In addition, we met with some managers and head of offices to get some more details
that we have to consider it in our project.

From that meeting we collected many details. And according to that we determine and
classification our requirements into:

1. Hardware (HW):

 Servers:

The company had one server with specifications as shown below:


Brand Name: IBM
Operating System: Win NT Server.
RAM: 256 MB.
Hard Desk: 20 GB
CPU: 1.8 MHz.

So, we can’t use it or even upgrade it because it’s very old. For that we have to
replace it by new one with very high specifications.

 Clients:

The table below is show the clients used in the company with specifications:

Number of Computers Operating System CPU RAM Hard disk


size

4 MS Windows XP P4 2.0 GHz 512 MB 80 GB

9 MS Windows 2000 P4 2.0 GHz 256 MB 60 GB

12 MS Windows 2000 P3 1.4 GHz 256 MB 60 GB


10

5 MS Windows 2000 P3 1.4 GHz 128 MB 40 GB

 Network:

 We had 30 NW points in different floors in the building.


 Some PCs cannot be connected to the network because of limited NW point
number in some locations.

 Switches:

 The exiting switches used in the company is (3Com with 12 ports, and some
hubs)

 Cables:

The company used CAT5 cables inside network trunk.

 Network Cabinet:

They company didn’t have a cabinet for the network (for the servers).

 UPS

The Company network did not have any disaster recovery for the electrical power.

 Internet:

The company used dial up service to browsing the internet.

2. Software:

The software we need it to implement our project is:

The company used Windows NT server operating system on the server and windows
2000 in its clients PCs

 Security management
The company did not have any mean of security management such as
firewall.

 Application
The company used office 2000
11

Design
12

Design Stages:

In design stages we started from results of analyzed points to fix the missing
weakness of the existing network in Al Saf Al Arabi Company.

Project Requirements

Servers:
According to our requirement, we need for three servers. Those servers are use to
implement Win 2003 Server in order to use in:

1. Active Directory ( Domain, DHCP, GPO)


2. Back Server
3. ISA Application. ( using for internet security)

Specification of the servers

HP Proliant ML 350 G5 Tower Sever (1) Quad-Core Intel Xeon E5405 Processor 2.0
GHz, 80 Watt, 1333 FSB
4GB PC2-5300 Fully Buffered DIMMs (DDR2-667)
3 × HP 146 GB SAS 10K HDD
Smart Array E200, 128 Controller (RAID 0/1/1+0/5)
Internal DVD Writer DL
Embedded NC373i Multifunction Gigabit Sever Adapters
Additional HP NC 373i PCIe Gigabit Network Card Six expansion slots: one 64-
bit/133-MHz PCI-X, two 64-bit/100 MHz PCI-X, and x4 PCI Express (with x8
connectors)
Redundant Hot Plug Power Supply & Redundant FAN
HP Ultrium LTO: 448 Internal SCSI Tape Drive
Hp single Channel U320 SCSI Host Bus Adapter
400 GB Compressed Data cartridge 4 Qty & 1 Cleaning Cartridge
HP19" TFT LCD WIDE SCREEN Monitor

 Clients:

The table below is show the clients used in the company with specifications:
13

Number of Computers Operating System CPU RAM Hard disk


size

4 MS Windows XP P4 2.0 GHz 512 MB 80 GB

9 MS Windows 2000 P4 2.0 GHz 256 MB 60 GB

12 MS Windows 2000 P3 1.4 GHz 256 MB 60 GB

5 MS Windows 2000 P3 1.4 GHz 128 MB 40 GB

From the table we see that some client needs to upgrade. All clients should be at least
with the following specification:
Operating System: Win XP with at least SP2
RAM: 512 MB
Hard Disk: 40 GB
All this specifications provide more efficient performance for the client PCs.

 Network:

 The company had 30 NW points in different locations on the building of the


company and we are using some of an exiting NW points as possible as we
can. Because some locations we need more points and we need accessing to
the network, so we will going to use wireless network in each floor.

 Wireless Network:

 We will use wireless network in the location to cover the area which is not
reachable by wiring cable. From the company chart we need at least two
Access Points in each floor.

 Switches:

 We will replace the old one by new switches (Cisco with 24 ports)
 We need three Switches for our upgrading of the network.

No. Access Point Type Quantity Used For Specifications


1 Access Point Linksys 10 For Network…
distributor
2 Internet Modem 1 For Internet
Linksys

 Cables:

We are going to use:


Standard cable for:

 Used for: connect the switch and patch panel.


14

Type: Cat6
Size: 1 Meter

 Using to connect between computer and network points


Type: Cat6
Size: 5 Meters.

Cross cable
 Using to connect between switches.
Type: Cat6
Size: 1 Meter

As shown in the table below:

No. Cable Type Size in Quantity Used For


Meter
1 Cat6 6M 30 To connect between switch
and patch panel
2 Cat6 5M 30 To connect between network
points and clients.
3 Cat6 1m 3 To connect between
switches

 Network Cabinet:

They company didn’t have a cabinet for the network (for the servers).
We will going to use one network cabinet size of 3 Meters for server.

 UPS:

We must have one UPS to avoid any bad case that may happen for clients or servers
that will be effect in it. Like electricity break.

 Internet:

For internet using we are looking to replace the current exiting service which is dialup
connection.
Because it’s very slow so we are looking to use ADSL service and for that case we
require one ADSL modem with wireless feature.

3. Software:

The software we need it to implement our project is:

 Win 2003 Server Standard Edition.


To install in Server and using as operating system
15

 ISA (Internet Security Accelerator)


Using for internet services and security.

 Win XP with at least SP2


For clients

 Ms Office 2003

 Antivirus (like KasperSky for example)


To protect the network from virus.

 Operating System:

Win 2003 Server Standard Edition.


Win XP with at least SP2
Ms Office 2003

No. Software Or Operating Quantity Used For Memo


System Name
1 Ms Win2003 Server 1 To Install in
standard Edition Servers
2 Ms Win XP with SP2 27 To install in the
clients
3 ISA Packet 1 To Install in
ISA server
4 Ms Office 2003 30 For All
Computers
5 KasperSky Antivirus 1 To Install to all
Computers
16

In ground floor we used 8 NW points 2 for access points, 5 for clients PCs and one for
a printer. We had 4 wireless computers and one wireless printer

In first floor we allocate one room to be as a server room (includes servers, switches
and patch panel). We used 8 NW points, 6 for clients PCs and 2 for access points.
There are 5 wireless computers and 2 wireless printers.
17

In second floor there are 12 NW points used, 9 for client PCs and 3 for access point
also there are 2 wireless PCs and 3 wireless printers.

We put three servers for:


Active Directory: we used it for creating Domain Name, Organization Units, Users,
Groups and Group Policy.
Domain Name: Al saf .om
OU: we will create one OU(Organizational Unit)
Creating Group Policy: first we will put all users and group of the department staffs in
the Department Staff OU and then we create group policy object for this OU in which
the users can't access to the control panel , the run menu is removed from the start
menu and the properties of My Computer is removed. The mangers will not affected
by this GPO so they have full access on their PCs.

DHCP(Dynamic Host Configuration Protocol): The IP Address is automatically


distributed to the client PCs by creating scope with following configuration:
The scope start with 192.18.1.1 and end with 192.18.1.254
IP Address from 192.18.1.1 to 192.18.1.35 will be excluded.
IP Address from 192.18.1.1 to 192.18.1.10 for servers
IP Address from 192.18.1.11 to 192.18.1.20 for access points
IP Address from 192.18.1.21 to 192.18.1.30 for printers
The remaining will be distributed for the client PCs
18

Backup Server
Backup server acts as additional domain and used for perform backup for the Active
Directory database, users resources and profiles. In addition we used it for sharing
folders.

Internet Security Acceleration 2004 (ISA)

ISA is used for internet browsing and security to improve the performance of the
internet security and speed.
19

Implementation
20

Implementation:

In this stage we started implement and install the following:


 Windows 2003 servers
Including:
 Active Directory.
 Domain Name
 Organization Unit
 Create Users
 Create Group Policy.

 Win XP with SP2


For all clients.
 ISA 2004
 Wireless Access Point

First Windows Server 2003:

Installing of Hp Proliant Server Using Smart Start

Step1
Boot the server with the HP Smart CD in the CD Rom
F1 to continue
(HP Smart Start will load all drivers required for the particular Server

Step2
Select the Language to use during the smart start process
ENGLISH

Select the Keyboard to be use with this system


ENGLISH

Continue

Step3
Accept the end user license.(Agree)

Step4
In Smart Start Home
Click Deploy Server
21

Click Launce ACU

Step 5
In Configuration View
Click Smart Array 200i Embedded Slot

Step 6
In Command Tasks
Click Create Array
In Select the Physical Drives and on the New Array
Select All
Ok

Step 7
In configuration View
Unused Space 209925 M

Step 8
In Common Task
Click Create Logical Drive
Fault Tolerance: RAID 5
Stript Size: 64 KB
Size: 139947 MB
139947 MB Max
Max Boot
Disable

Array Accelerator
Enable

Ok

Step 9
In Controller State

Click Save
Ok
Exit from ACU

Continue

Step 10
Select Specific O/S version

Windows 2003 Server Standard Edition


Continue

Step 11
Specify Operation System Media Source
Specify Operation System Source Type
22

CD Rom

Specify Operation System Source Format


Flat File

Continue

Step 12
Disk Partitioning option
Select File System
File System: NTF
Select Boot Partition Size
Custom
10240 MB

Step 13
Select the Operation System Configuration Information
User Name: (ALSAF) “company name”
Organization Name: ALSAF

Product Key: KRTKQ-R4KPR-38TX6-B62DH-YTH3Y (CD KEY)

License Type: Per Seat

Continue

Step14
SNMP Configuration “Simple Network Management Protocol”
Install SNMP
Yes

Monitor Community String: Public


Control Community String: Private.

Step15
Start the Preparation of hard Drive
(Wait till computer operate the following process)
Erasing
Creating Partition
Copying Drivers & utilities

Step 16
Remove Smart Start CD and insert the Operating System CD (Windows 2003
Server Standard Edition) when prompted
Copying the Data files to HDD

Continue
23

Windows Setup:
Next

Regional and Language Options:


- Customize..
- Languages
Install files for complex script
OK
Apply
Details
Add
Input language
Arabic (Oman)
Arabic 101
Apply
OK.

- Advanced
Select a language to match the language version of the non-Unicode..
Arabic (Oman)
Apply
Ok.

Next

Your Product Key:


- Product Key:
Next
24

Computer Name and Administrator Password


Computer Name:
ALSAF-ISA

Type an administrator Password


Administrator Password P@ssw0rd

Confirm Password P@ssword

Next

Date and Time Settings


Date & Time

Select Date Select Time

Time Zone

Select Time Zone

Next

Networking Settings
o Typical settings

Next

Workgroup or Computer Domain


- Do you want this computer to be ….

o No, this computer is not on a network, or is …..

WORKGROUP

Next
25

“Wait till the installation complete, computer will restart several times automatically”

3.1.1 Installing Windows Server 2003 Operating System:

1. To initiate the installation insert Microsoft Windows Server 2003


CD in the CD-Rom.
2. Then restart the computer.
3. A message will appear on the screen saying
“Press any key to boot from CD…”
And press any key from the keyboard within 5 seconds.
4. Windows XP setup will start and load all the necessary folders and
files on the RAM.
5. A welcoming part saying “Welcome to setup” will appear, press
enter to continue.
6. “Windows XP License Agreement” will show up, in order to accept
press F8.

7. Windows XP setup will bring a Creating and Deleting partition


screen. This helps in making a new partition by pressing “C” or
deleting the existing partition by pressing “D” but to continue on
the existing press enter.
8. A format the hard disk screen will show up where you can format
the hard disk by using FAT or NTFS file system.
26

9. After formatting the hard disk partition Windows Setup will start
copying files to the hard disk for continuing the GUI setup
program.
27

10. A restart your computer screen will show up and the computer will
restart within 10 seconds.
11. Through the Graphical Users Interface (GUI) of windows setup, it
will install drivers for your computers hardware components.
12. A “Personalize your software” window will show up where you
have to enter your name and your organizations name.
13. Enter the product key in the upcoming product key window.
28

14. Now enter the “Computer Name” and “Administrative Password”


in the next window.

15. In the “date and time setting” window, choose the international
“Time Zone”, “Time” and “Date”.
29
30

16. Now a “Network Setting” window will show. Choose the “Typical
Setting”.
31

Now windows will continue automatically and install Device .17


Drivers, Copy files, Register Components, Save Settings and then
.the computer will restart automatically
32

After the restart there will be a welcoming screen. That means the installation is
.completed successfully
33

Assign IP Address

Right Click My Network Places , select properties, right click “Local Area
Connection”, select properties select TCP/IP, click properties button and assign the IP
address as required.
34

Run the DCPROMO Command


Start run and type “dcpromo” press OK to execute the command

Active directory installation wizard


Click next to continue the wizard
35

Operating system compatibility


Click next to continue the wizard
36

Domain controller type


Select “Domain controller for new domain” option and click next to continue

Select “Domain in new forest” and click next to continue


37

Write Full DNS name for new domain (alsaf.om)

NetBIOS domain name


Enter the NetBIOS domain as per function specification
38

Database and Log folders


Leave the default values as it as and click next to continue

Shared system volume path


Leave the default value as it is and click next to continue
39

Select Install and configure DNS server on this computer, and set this computer to use
the DNS server as preferred DNS Server.

Permission compatibility

Select, “Permission compatible only with windows 2000 or windows server 2003
operating systems” and click next to continue the wizard.
40

Restore mode administrator password

Enter the restore mode password as “Alsaf12345” and click next to continue

Alsaf12345

Review summary of inputs


Click next to continue the wizard
41

Installation progress

Please wait whie the system is getting configured

Completing the installation


Finish the configuration by clicking finish
42

Restart the server


Restart the server by clicking restart now button.
43

Configure the Scope

1- Go to Start – Program – Administrative Tools – DHCP

2- Right Click Alsaf-DC1.Alsaf.om and Choose New Scope


44

In the Welcome to thee New Scope Wizard Click Next

In the New Scope Wizard screen type the Scope Name as Alsaf Scop.Then Click Next
45

In the IP Address Range type


Start IP address 192.18.1.1
End IP address type 192.18.1.254
Length 24
Subnet mask 255.255.255.0
Then Click Next

In Add Exclusions Screen enter


Start IP address 192.18.1.1
End IP address 192.18.1.35
And Click Add Then Click Next
46

In Lease Duration Click Next

In Configure DHCP Options Keep as it is and Click Next


47

In Router (Default Gateway) enter 192.18.1.254 and click Add Then Click Next

In the Domain Name and DNS Server enter parent domain as alsaf.om
In server name enter alsaf-dc1 and click Resolve The click add and Click Next
48

In WINS Servers Screen keep as it is blank and Click Next

In Activate Scope Choose Yess I want to activate this scope now and Click Next
49

Click Finish in the Completing the New Scope Wizard

Assign IP Address

Right click my network places, select properties, right click "local area
connection", select properties, select TCP/IP, click properties button and
.assign the IP address as required
50

Run the DCPROMO Command


Start run and type “dcpromo” press OK to execute the command

Active directory installation wizard


Click next to continue the wizard
51

Operating system compatibility


Click next to continue the wizard

Domain controller type


Select “Additional domain controller for and existing domain” option and click next
to continue
52

Network Credentials
Type the user name “Administrator” and the password. Enter the Domain you want to
"join “e.g. Alsaf.om

Additional Domain Controller


”Enter the Domain you want to join “e.g. Alsaf.om
53

Database and Log folders


Leave the default values as it as and click next to continue

Shared system volume path


Leave the default value as it is and click next to continue
54

Restore mode administrator password


Enter the restore mode password as “Alsaf12345"next to continue

Review summary of inputs


Click next to continue the waizard
55

Installation progress
Please wait while the system is getting configured

Completing the installation


Finish the configuration by clicking finish
56

Restart the server


.Restart the server by clicking restart now button
57

Enable Remote Desktop

Right “click my computer” select remote tab select “Allow users to connect
remotely to your computer” and press OK.

Classic Start menu.

Right click taskbar  Properties


58

Assign IP Address

Right click my network places, select properties, right click "local area
connection", select properties, select TCP/IP, click properties button and
assign the IP address as required.

Create Users
1. go to Start then Program and choose Active Directory Users and
Computers.
59

2. Expand ALSAF.OM and right click to Users Folder, choose New User.
60

3. Fill the First Name , Last Name and the username then click Next

4. Write the Password, Confirm password and choose "User must


password at next logon" and Click Next
61

5. Then Click Finish.

6. Right click on the user "Ahmed" and choose properties


62

7. You can change or insert information about the user, choose Account
tab.

8. choose End of and choose end date of the password ,so the user must
change the password in that day.

9. Click ok to save the change.


63

Creating Groups
1- Co to Start – Programs – Administrator Tools – Active Directory Users and
Computers.

2- From the screen Appears Expand the Alsaf.om Domain – Right Click Users – New
– Then Choose Group

3- Fill Group name field for example HR Then Click Ok


64

4- To Add user to Group Right Click Group Name For Example HR


65

5. HR proprieties will be shown

6. Choose Member tab and click add

7. Write the name of the user or username of the user that you want to ad
66

8. Click Check Names then click OK


67

7. the user now in the group member list

8. Add the remaining users to the group using the same steps above and click Apply
then OK.
68

Windows XP Operating System 3.2


Windows XP operating system is used for the clients of the network. It is considered
that second last version for desk top computer operating systems. We used XP
because of the familiarity of its uses and because of the negative feedback about
.Windows Vista which is the latest version of Microsoft Operating systems

:Installing Windows XP operating system 3.2.1


1. To initiate the installation insert Microsoft Windows XP CD in the
CD-Rom.
2. Then restart the computer.
3. A message will appear on the screen saying
“Press any key to boot from CD…”
And press any key from the keyboard within 5 seconds.
4. Windows XP setup will start and load all the necessary folders and
files on the RAM.
5. A welcoming part saying “Welcome to setup” will appear, press
enter to continue.
6. “Windows XP License Agreement” will show up, in order to accept
press F8.
7. Windows XP setup will bring a Creating and Deleting partition
screen. This helps in making a new partition by pressing “C” or
deleting the existing partition by pressing “D” but to continue on
the existing press enter.
69

8. A format the hard disk screen will show up where you can format
the hard disk by using FAT or NTFS file system.
70

9. After formatting the hard disk partition Windows Setup will start
copying files to the hard disk for continuing the GUI setup
program.
10. A restart your computer screen will show up and the computer will
restart within 10 seconds.
11. Through the Graphical Users Interface (GUI) of windows setup, it
will install drivers for your computers hardware components.
12. A “Personalize your software” window will show up where you
have to enter your name and your organizations name.
13. Enter the product key in the upcoming product key window.
71

14. Now enter the “Computer Name” and “Administrative Password”


in the next window.
72

15. In the “date and time setting” window, choose the international
“Time Zone”, “Time” and “Date”.
73

16. Now a “Network Setting” window will show. Choose the “Typical
Setting”.
74

Now windows will continue automatically and install Device .17


Drivers, Copy files, Register Components, Save Settings and then
.the computer will restart automatically
75

Join PC to domain

Steps to join the client pc to the domain


Wright click on My Computer and choose Perporties.

2) Choose Computer Name tab and click Change button


76

3) Choose Domain and write the domain name that you want the client to be joined
then click ok
4) write the user name and the password of an account with permission to join to the
domain
77

5) after few seconds you will see "Welcome to alsaf domain" message, press ok and then click ok

6) You must restart the computer before the new setting will take affect. Click ok
78

7) Click Yes to restart the computer

The following Picutre display that the client PC is joining to the alsaf.om domain
79

Configure Group Policy

First we create Organizational Unit (OU)


Steps to create OU
1. Go to start then choose Administrative Tools then Active Directory Users and
Computers.
80

2. Go to alsaf.om with right click and choose New Organizational Unit.

3. Write the name of OU for example (Department Staff) and click ok


81

The OU is created now.

4. Transfer users and groups that you want to apply the group policy to them by
selecting them and put them in the Department Staff OU
82

The users and group now in the Department Staff OU

To create the Group Policy Object we have to do the following steps


1.right click to Department Staff OU and choose properties.
83

2. go to Group Policy Tab and click New then write the name of the new Group
Policy Object (GPO) then click edit
84

3. Group Policy Object Editor will be shown.


85

4.Go to User configuration ,then Start Menu and Toolbar from administrative
Templates. You will see list of option right click to Remove Run menu from Start
Menu and choose Properties.
5.Choose Enabled to enable the option and click Ok

6.Go to Desktop from administrative Templates and with right click choose Remove
Properties form the My Computer context menu and choose Properties
86

7.choose Enable to apply the option and click ok.

8.Go Control Panel From administrative Templates and right click to Prohibit access
to the control Panel then choose Properties.
87

9. Enable the option by choosing Enabled and click OK


88

10.To apply the GPO to the users select the Department Staff GPO and click
Properties.

Choose Security tab and from list of group and users select Authenticated Users and
make sure that the Apply Group Policy allow box is checked . Then click ok.
89

To test the Group Policy effect log on to client PC as user from the list of Department
Staff and the pictures below show the effects
1. Run menu is removed

2. Control panel is removed

The picture below shows that the properties of the My Computer is removed.
90

When the user click right click to the desktop and choose properties the following
massege will be shown.
91

Install MS office 2003:

After that the installation gives you the summery of your selection, if you accept click
next to start install.

Insert the MS office 2003 CD. Wait some seconds.

Enter the CD product Key. Then click next.


92

Write the user name and the organization name. Then click next.

Click on the check box for accepting the agreement. Then click next.

Than click on the custom check box to select it. Because the custom allows you to
select which application you want to install. Then click next.
93

From this screen you choose what application you want, just by click on it. Then click
next.

Then right click and select “Run All from computer” to install all application features.
Then click next to move the next step.
94

The installation is starting.

Finally, Click “Finish” which your installation is completed successfully.

- FIREWALL

An Internet firewall is a security mechanism that allows limited access to your site
from the Internet, allowing approved traffic in and out according to a thought-out
plan. This lets you select the services appropriate to your business needs, while
barring others which may have significant security holes.

1.1Required components of firewall

Hardware:
95

 appropriate processors on which to run the firewall software with sufficient


processing speed to meet performance requirements
 adequate RAM to meet performance requirements
 devices necessary for software installation (e.g., CD-ROM, floppy drives,
keyboard, display, mouse)
 Adequate hard disk space to accommodate the operating system, the firewall
software, and additional requirements such as log files.
 firewall client administration workstation(s)
 network interface cards
 backup devices and media
 physical space such as rack mount space
 appropriate power (e.g., plug strips, redundant power supplies, continuous
power)
 appropriate cabling (e.g., network and console cables)
 testing devices (e.g., network traffic generators and monitors)
 surrounding network infrastructure (e.g., routers, switches, and hubs)
 telecommunications facilities
 spare parts as required

Software:

 host operating systems


 patches and fixes to secure the operating system and bring it up to the most
current version
 device drivers for all adapters and interfaces required
 any tools that are required to perform software reconfiguration
 firewall software components
 support utilities
 Network monitoring tools such as tcpdump to view network traffic during
testing and operations
 patches and fixes to secure all software components

1.2 Advantages of Hardware Firewalls

Hardware firewalls are important because they provide a strong degree of protection
from most forms of attack coming from the outside world. Additionally, in most cases,
they can be effective with little or no configuration, and they can protect every
machine on a local network.

A hardware firewall in a typical broadband router employs a technique called packet


filtering, which examines the header of a packet to determine its source and
destination addresses. This information is compared to a set of predefined and/or user-
created rules that determine whether the packet is to be forwarded or dropped. A more
advanced technique called Stateful Packet Inspection (SPI), looks at additional
characteristics such as a packet's actual origin (i.e. did it come from the Internet or
96

from the local network) and whether incoming traffic is a response to existing
outgoing connections, like a request for a Web page.

But most hardware residential firewalls have an Achilles' heel in that they typically
treat any kind of traffic traveling from the local network out to the Internet as safe,
which can sometimes be a problem.

Consider this scenario: What would happen if you received an e-mail message or
visited a website that contained a concealed program? Let's say this program was
designed to install itself on your machine and then surreptitiously communicate with
someone via the Internet — a distributed denial of service (DDoS) attack zombie or a
keystroke logger, for example? And trust me, this is by no means an unlikely scenario.

To most broadband hardware firewalls, the traffic generated by such programs would
appear legitimate since it originated inside your network and would most likely be let
through. This malevolent traffic might be blocked if the hardware firewall was
configured to block outgoing traffic on the specific Transmission Control
Protocol/Internet Protocol (TCP/IP) port(s) the program was using, but given that
there are over 65,000 possible ports and there's no way to know which ports a
program of this nature might use, the odds of the right ones being blocked are slim.

Moreover, blocking too many ports would almost certainly adversely affect your
ability to use some programs (many games, for instance). Also, some broadband
router firewalls don't even provide the ability to restrict outgoing traffic, only
incoming traffic.

1.3 Advantages of Software Firewalls


Now consider what a software firewall might do in the aforementioned scenario.
When you first set up a software firewall, you can specify which applications are
allowed to communicate over the Internet from that PC. Programs that aren't
explicitly allowed to do so are either blocked or else the user is prompted for
confirmation before the traffic is allowed to pass. Therefore, it would likely intercept
this kind of traffic before it left your computer.

Another potential scenario where a software firewall would be useful is in the case of
an e-mail worm with its own e-mail sever, like the recent "So Big" worm. Its built-in
mail server could attempt to send mail on the valid Simple Mail Transfer Protocol
(SMTP) port (25), which would probably pass through the router because of its
trusted origin.

On the other hand, a software firewall could be configured to only allow Microsoft
Outlook to use port 25 (assuming Outlook is your e-mail client). Any attempt by
another application to use the port would be dropped, or blocked pending user
confirmation. For that matter, the application's attempt to use any port would be
blocked if the firewall was configured that way.
97

By comparison, a hardware firewall that had the ability to filter outgoing traffic might
allow you to block most kinds of traffic from a particular PC, but it wouldn't be able
to flag you and alert you to repeated attempts to infiltrate your computer.

One obvious downside to software firewalls is that they can only protect the machine
they're installed on, so if you have multiple computers (which many small offices do),
you need to buy, install, and configure a software firewall separately on each machine.
This can get expensive and can be difficult to manage if you have a lot of computers.

But the fact of the matter is that software firewalls generally offer the best measure of
protection against certain types of situations like Trojan programs or e-mail worms.
Speaking of which, a firewall isn't the only protection method available to you.
Whether you end up using a software firewall or a hardware firewall, you should
always supplement it with anti-virus software.

A good anti-virus package is just as important as a firewall, and I would seriously


suggest that you invest in a good one (I'm partial to both Norton and McAfee myself).
However, keeping your virus definitions updated is far more important than which
program you use. I cannot stress the importance of this enough. Making sure your
definitions are current is absolutely critical to maintaining your protection. Many
Anti-virus programs today can be configured to automatically update themselves, so
you have no excuse for not maintaining them.

The bottom line is that with any home-office broadband connection, a hardware
firewall should be considered a bare minimum and supplementing it with software
firewall on one or more computers (and don't forget anti-virus software) is almost
always a good idea.

2- ISA Server
Microsoft Internet Security and Acceleration (ISA) Server 2004 is the advanced
tasteful packet and application-layer inspection firewall, virtual private network
(VPN), and Web cache solution that enables enterprise customers to easily maximize
existing information technology (IT) investments by improving network security and
performance. ISA Server 2004 is available in two versions: standard edition and
enterprise edition. Information included in this product overview includes features
and capabilities in both versions, unless otherwise specified.
ISA Server 2004 provides advanced protection, ease of use, and fast, secure access for
all types of networks. ISA Server is particularly well suited for protecting large
enterprise network configurations requiring multiple firewall arrays in disparate
locations that are running Microsoft client and server applications, such as Microsoft
Office, Office Outlook Web Access 2003, Office Share Point Portal Server 2003,
98

Internet Information Services (IIS), Routing and Remote Access, Active Directory
directory service, and many other Microsoft applications, servers, and services.
ISA Server contains a full featured, application-layer aware firewall that helps protect
organizations of all sizes from attack by both external and internal threats. ISA Server
performs deep inspection of Internet protocols such as Hypertext Transfer Protocol
(HTTP), which enables it to detect many threats that traditional firewalls cannot
detect. The integrated firewall and VPN architecture of ISA Server support stateful
filtering and inspection of all VPN traffic. The firewall also provides VPN client
inspection for Microsoft Windows Server 2003-based quarantine solutions, helping to
protect networks from attacks that enter through a VPN connection. In addition, a
completely new user interface, wizards, templates, and a host of management tools
help administrators avoid common security configuration errors.

2.1 Features of ISA Server 2004:


ISA Server 2004 includes many new features and improvements, particularly when
installed on a system running Microsoft Windows Server 2003, including:
 Support for multiple networks
 Support for enterprise networks (Enterprise Edition only)
 Flexible integration of enterprise policy with array policy (Enterprise Edition
only)
 Enhanced policy backup to .xml file
 Improved VPN support
 VPN quarantine capabilities
 Ability to create custom firewall user groups
 More extensive protocol support
 Customized protocol definitions
 Outlook Web Access Publishing Wizard
 A new, simplified user interface
 Improved Web publishing
 Improved support for FTP upload/download policy
 Port redirection for server publishing rules
 Improved cache rules for centralized object storage
 Path mapping for Web publishing rules
 RADIUS support for Web proxy client authentication
99

 Delegation of basic authentication


 Secure ID authentication
 Firewall-generated forms (forms-based authentication)
 Improved SMTP Message Screener
 Improved HTTP filtering
 Link translation
 Improved monitoring and reporting
 Integrated support for Network Load Balancing (NLB) for firewall high
availability (Enterprise Edition only)
 Active Directory Application Mode (ADAM) used for firewall policy storage
(Enterprise Edition only)

2.2 Comparison of Standard and Enterprise Editions for ISA Server 2004

Internet Acceleration and Security (ISA) Server 2004 builds on the previous version of ISA
Server as well as Microsoft Windows Server 2003 technology to provide a robust, effective, and
easy-to-use firewall. Two versions of ISA Server 2004 are available: Standard Edition and
Enterprise Edition. The following table compares and contrasts the features of the two editions.

Feature Standard Edition Enterprise Edition


Scalability
Networks Unlimited Unlimited
Adds enterprise networks
Scale up Up to 4 CPUs, 2-gigabyte Unlimited (per operating
(GB) RAM system)
Scale out Single server Up to 32 nodes through
Network Load Balancing
100

Feature Standard Edition Enterprise Edition


(NLB)
Caching Single server store Unlimited (through Cache
Array Routing Protocol
[CARP])
Availability
Windows Network Load Not supported Yes (integrated)
Balancing (NLB) support
Manageability
Policies Local Array and enterprise policies
use Active Directory
Application Mode (ADAM)
Branch office Through the manual Enterprise-level and array-level
import and export of policies
policy
Monitoring/alerting Single-server monitoring Multiserver monitoring console
console MOM Management Pack
Microsoft Operations
Manager (MOM)
Management Pack
Multiple networks Templates Templates
3- Asafa Company Diagram

Switch A B

ISA server and VPN server


Private IP Address

VPN client

Staff department Student department

C D
B

Firewall
Internet
Administration HR department
department
101

Server room:

We have to assign IP address for


1-Private IP address for ISA server is 192.168.0.1
2-Public IP address for ISA server is 193.0.0.1

Administration Department:

1- IP address range will start from 192.168.0.2 to 192.168.0.100


2- They can access internet 24 hours
3- They are allowed to access all type of resources in Public network.

Staff Department:

1- IP address range will start from 192.168.0.101 to 192.168.0.110


2- They can access internet from 9:00 AM to 1:30 PM
3- They are allowed to access only the HTTP contents.

HR Department:

1- IP address range will start from 192.168.0.111 to 192.168.0.170


2- They can access internet from 8:00 AM to 8:00 PM
3-They are allowed to access all protocols except Telnet and FTP protocol.

Student Department:

1-IP address range will start from 192.168.0.171 to 192.168.0.400


2-They can access internet from 12:00 PM to 4:00 PM
3-They are not allowed to access any protocol except HTTP protocol.

4- Installation of ISA server 2004

The following steps are used for installing ISA server 2004.

Step: 1 -> Click Install ISA Server 2004 to start the ISA server 2004
102

Step: 2 -> Click next to continue

Step: 3 -> Select first option to accept the terms and conditions and click next.
103

Step: 4 -> Type username and CD-key and click next.

Step: 5 -> Select custom to choose the services you want install and click next.
104

Step: 6 -> Select the services and programs to install.

Step: 7-> Click Add to specify the local network address range.
105

Step: 8 -> Specify the address arrange that is provided for the internal network and
click add

Step: 9 -> The below screen appears after specifying the internal network address
range. Click next
106

Step: 10 -> Select the below option to allow earlier versions of windows to connect to
ISA server.

Step: 11 -> Click install to start the installation.


107

Note: click cancel if you want stop the setup

Step: 12 -> Click Finish to complete the installation.


108

Step: 13 -> You have to restart the system to ISA server take effect

5- Creating User Set


109

Step: 1 -> In the Microsoft Internet Security and Acceleration Server 2004
management console, click new user set to create users

Step: 2 -> On the Welcome to the New user sets Wizard page, enter user set name
in the text box. Click OK.

Step: 3 -> click add to select users to include in user set


110

Step: 4 ->click next after select the set users

Step:5 -> click finish to complete


111

6- Schedule

Step: 1 -> In the Microsoft Internet Security and Acceleration Server 2004
management console, click new schedule to create time table to restrictions the users
112

Step: 2 -> highlight the times and click ok (active-inactive).

7- Creating an "All Open" Outbound Access Policy

Step: 1 -> In the Microsoft Internet Security and Acceleration Server 2004
management console, click the Show/Hide Console Tree button to expose the scope
pane. Right click the Firewall Policy node, point to New and click Access Rule.
113

Step: 2 -> On the Welcome to the New Access Rule Wizard page, enter All Open
Outbound in the Access policy rule name text box. Click OK.

Step: 3 -> On the Rule Action page, select the Allow option, then click Next
114

Step: 4 -> On the Protocols page, select the All outbound protocols option and
click Next.

Step: 5 -> On the Access Rule Sources page, click the Add button. In the Add
Network Entities dialog box, click on the Networks folder. Double click on the
Internal network, then click the Close button in the Add Network Entities dialog
box. You may want to click on each of the folders so that you can see the Network
Entities that come predefined with the ISA Server 2004 firewall. These Network
Entities give you very fined tuned control over inbound and outbound access control.
Click Next in the Access Rule Sources dialog box.
115

Step: 6 -> Click the Add button on the Access Rule Destinations page. In the Add
Network Entities dialog box, click the Networks folder. Double click the External
entry and click Close in the Add Network Entities dialog box. Click Next on the
Access Rule Destinations page.

Step: 7-> On the User Sets page, accept the default setting of All Users. ISA Server
2004 enables you to create custom user sets based on Active Directory or local SAM
groups. This enables the firewall administrator to create custom firewall user groups
without requiring access to the Active Directory and creating groups there. Click
Next.
116

Step: 8 -> Click Finish to complete

8- PUBLISHING WEB SERVER (HTTP and FTP)

Server Publishing Rules

ISA Server uses server publishing to process incoming requests to internal servers,
such as File Transfer Protocol (FTP) servers, Structured Query Language (SQL)
servers, and others. Requests are forwarded downstream to an internal server, located
behind the ISA Server computer.
117

Server publishing allows virtually any computer on your internal network to publish
to the Internet. Security is not compromised because all incoming requests and
outgoing responses pass through ISA Server. When a server is published by an ISA
Server computer, the IP addresses that are published are actually the IP addresses of
the ISA Server computer. Users who request objects assume that they are
communicating with the ISA Server computer” whose name or IP address they
specify when requesting the object” while they are actually requesting the information
from the publishing server. This is true when the network on which the published
server is located has a network address translation (NAT) relationship from the
network on which the clients accessing the published server are located. When you
configure a routed network relationship, the clients use the actual IP address of the
published server to access it.

HTTP

Step: 1 ->in the task pane, on the Tasks tab, selects Create web Server Publishing
Rule to start the New Server Publishing Rule Wizard.

Step: 2 ->On the Welcome page, type a name for the new web server publishing rule.
Use a descriptive name, such as Publish http then click Next.
118

Step: 3 -> On the Rule Action page, select the Allow option, then click Next

Step: 4 -> Type the IP address of the Web Server in Internal Network.
119

Step: 5 -> Select [This domain name] and type the domain name in Public name
option.

Step: 6 -> The following Steps create a new web listener.


Click New to start the “Web Listener Wizard”.
120

Step: 7 -> Type the Web Server Name.

Step: 8 -> Select the appropriate option that specifies the ip addresses of ISA Server,
which receives the incoming web requests.
121

Step: 9-> This window help us to specify the HTTP port number and also enables
Secure Web Site (SSL).

Step: 10 -> Click Finish to complete the web Listener wizard.


122

Note: You can see the Web listener name that has been configured. And click
Next to continue.

Step 11: -> Click Add to add users to accessing the Web Site.
123

Step: 12 -> Click Finish to complete the Web Server Publishing Wizard.

Note: After completion of the above steps. It is necessary to save the changes
made in ISA server.
124

FTP

Step: 1 ->in the task pane, on the Tasks tab, selects Create New Server Publishing
Rule to start the New Server Publishing Rule Wizard.

Step: 2 ->On the Welcome page, type a name for the new server publishing rule. Use
a descriptive name, such as Publish FTP server in Internal network. And then click
Next.
125

Step: 3 ->On the Select Server page, provide the IP address of the server that you are
publishing, and then click Next.

Step: 4 ->On the Selected Protocol page, select FTP Server, and then click Next
126

Step: 5 ->Select the network IP addresses that will listen for requests intended for the
published server. Because you are publishing the server to the Internet, select All
Network (and local Host). Click Next.

Step: 6 ->Review the information on the wizard summary page, and then click
Finish.
127

9- Configuration of Virtual Private Networks (VPN)

Definition of Virtual Private Network

A Virtual Private Network (VPN) is simply a secure connection between remote users
or offices over the Internet. Depending on the make and model, a firewall may include
the ability to run a VPN.
VPNs run across the Internet and the speed of the data transferred depends on the type
of connection used. A secure VPN "tunnel" is created between the client and the
firewall, where all data passing over the tunnel is encrypted before sending it. Again,
depending on the type of firewall, a number of concurrent tunnels can be created so
that multiple remote users can connect over secure private links to the office for
example. A VPN can be created directly between firewalls, or between firewalls and
remote users running the VPN client software on their remote machines.
When running a VPN, the link is secure and so no one can have access to the data that
passes over it. It essentially allows users to connect to remote machine from wherever
they have an Internet connection, which could be anywhere in the world. Using a
VPN for remote access is far better than setting up dedicated remote access phone
lines for remote users to dial in to because:
1. A VPN tunnel can be set up from anywhere in the world
2. Multiple users can connect over multiple VPN tunnels
3. A VPN can be set up over an existing Internet connection, negating the need to
install dedicated remote access phone lines

One important consideration when setting up the remote users over a VPN however is
the all remote users need to be secure. This is easily achieved by installing a software
firewall onto the remote machines.
128

Benefits of VPN

1-Lower cost than private networks-Total cost of ownership is reduced through lower-
cost transport bandwidth, backbone equipment, and operations.

2-Enabling the Internet economy through enterprise network agility-VPNs are


inherently more flexible and scalable network architectures than classic WANs,
thereby enabling enterprises to quickly and cost-effectively extend connectivity,
facilitating connection or disconnection of remote offices, international locations,
telecommuters, roaming mobile users, and external business partners as business
requirements demand.

3-Reduced management burdens compared to owning and operating a private network


infrastructure-Enterprises may outsource some or all of their WAN functions to a
service provider, enabling enterprises to focus on core business objectives, instead of
managing a WAN or dial-access network.

4-Simplify network topologies, thus reducing management burdens-Utilizing an IP


backbone eliminates static permanent virtual circuits (PVCs) associated with
connection-oriented protocols such as Frame Relay and ATM, thereby creating a fully
meshed network topology while actually decreasing network complexity and cost.

Step: 1 ->in the task pane, on the Tasks tab, selects Virtual Private Networks
129

Step: 2 -> From Access Networks selects External

Step: 3 ->From Address Assignment select static address to set ip address ranges.
130

Step: 4 ->Click on the Authentication tab. Note that the default setting is to enable
only Microsoft encrypted authentication version 2 (MS-CHAPv2).

10- Monitoring

Sessions

You can view all active connections. From a Session view, you can sort or disconnect
individual or groups of sessions. In addition, you can filter the entries in the session's
interface to focus on the sessions of interest using the built-in sessions filtering
facility.
131

Services

You can use the Services view in monitoring to check the status of ISA Server
services, and to stop and start the Microsoft Firewall service, Microsoft ISA Server
Job Scheduler service, and the Microsoft Data Engine service.

Reports

You can use the reporting features to summarize and analyze usage patterns, and to
monitor the security of your network.
Add new Report

Step: 1 ->select Reports from Monitoring and click Generate New Report
132

Step: 2 ->Add Report name in welcome wizard and click Next

Step: 3 ->In Report Content select which content has to be monitored


133

Step: 4 ->Choose starting date and ending date to be monitored

Step: 5 -> Enable the below option and type the directory path for storing the Report
files
134

Step: 6 -> In completing wizard click Finish to completed

Alerts

ISA Server alerts notify you when specified events occur. You can configure alert
definitions to trigger a series of actions when an event occurs. The ISA Server alert
service acts as a dispatcher and as an event filter. It is responsible for catching events,
checking whether certain conditions are met, and taking corresponding actions.
135

Dashboard

The ISA Server Dashboard summarizes monitoring information about sessions, alerts,
services, reports, connectivity, and general system health. The Dashboard provides
you with a quick view on how your network is functioning.
136

Connectivity
You can use connectivity verifiers to check connections to a specific computer name,
IP address, or Uniform Resource Locator (URL). Use the following methods to
determine connectivity: Ping, Transmission Control Protocol (TCP) connects to a
port, or Hypertext Transfer Protocol (HTTP) GET.

Logging

You can view firewall and Web Proxy logs in real time. You can query the log files
using the built-in log query facility. Microsoft Data Engine (MSDE) logs can be
queried for information contained in any field recorded in the logs.
137

11- Installation client firewall

Step: 1 ->Click setup to start the installation

Step: 2 ->In welcome wizard click Next to complete


138

Step: 3 ->Click change to install to a different folder then click Next

Step: 4 ->Select Automatically detect to connect Automatically to ISA server


139

Step: 5 ->If you want to connect statically to ISA server select connect to this ISA
server first option and type ISA server IP address

Step: 6 ->Click Install to start the Installation


140

Step: 7 ->Click Finish to complete the Installation

Installing Antivirus:
Insert the anti-virus CD (KasperSky). And follow the steps. Click next.
141

Accept the agreement and click next.

Press the complete button to install all program features.


142

The program features you selected are being installed.

Then the installation completed successfully. Then click next to start the initial setup
wizard.
143

In this screen used for license activation. Then click next

Select the basic protection which is recommended for most users.


144

In update mode select automatically to automate update the antivirus from the
internet. Then press setting command to select the source of the internet.

In LAN setting select


you proxy server
setting as it shown
below.

Then click next.

In password screen
click next.

In anti-Hacker screen
press next.
145

In summary about Anti-Hacker press next.

Last step click finish to restart the computer. Which means the installation complete.
146

After doing research on how to make the network safer and last longer, we reached an
agreement of putting more than one antivirus to help protect the computer. Each
antivirus will have its own speciality. We choose to put three antiviruses which are:
1. Norton Antivirus:
Prevents Spy ware.
2. McAfee Antivirus:
Maintenance of a clean and virus free computer
3. ESET NOD 32 antivirus:
Hacker and patch proof. Does not mean that a hacker can
hack this computer or patch it, but will have a very hard time doing so.
147

Wireless
Implementation

Wireless:
148

Wireless network is new technology in network services. It now use by many


organizations in the world. Wireless network has many advantages. The most obvious
advantages of wireless is mobility. Which means Wireless networking users can
connect to existing networks and are then allowed to roam. Wirelesses networking
typically have a great deal of flexibility. Once the infrastructure is built, adding a user
to a wireless network is mostly a matter of authorization.

Standards of WNIC kinds:

We have three most important standards in wireless as shown below:

IEEE Standards Speed Frequency Band


802.11a Up to 54 Mbps 5 GHz
802.11b From 5.5 to 11 Mbps 2.4 GHz
802.11g Up to 54 Mbps 2.4 GHz

Standard:
The standard passed through many stages till its coming like this. A group was
developing in the early 1990’s by the Institute of Electrical and Electronics
Engineering (IEEE) to create and develop a standard for wireless equipments. After
researching and developments a standard was finally developed in the year of 1997.
This standard was called 802.11. It specified that there can be no modification to the
upper layer of the OSI model and Wireless Local Area Networks must be
implemented on the physical and data link layers. This helped the connection between
a Local Area Network and Wireless LAN, where it provides ability to run any
operating system on either type of network without any modifications.

802.11:
This frame contains a duration field in which the sending station explicitly indicates
the length of time that its frame will be transmitting on the channel. This value
enables other stations to determine the minimum amount of time (network allocation
vector NAV) for which they defer their access.

We have three standards of 802.11. Those standards are:


 802.11 B
149

 802.11 A
 802.11 G
Each of them has its features as shown the details below:
802.11 B:
This standard was developed in the end of the year 1999 and it enables the
transmission of 11 Mbps on the wireless LAN or 5.5 Mbps, which in comparison to
the 802.11 standard which only offered 2 Mbps speed. The 802.11 standard was not
efficient enough for most of the network needs which is why 802.11 B was developed.

802.11 A:
When the 802.11B was developed, the 802.11A was also made. This was an upgrade
to the 802.11B, where it has a maximum speed of 54 Mbps and supported speeds from
48 Mbps to the 6 Mbps at a frequency of 5 GHz. The MAC layer functions are the
same but differ in the way they operate in the physical layer. 802.11A is faster because
of an efficient error checking mechanism and sophisticated modulation. Although they
were brought out at the same time in 1999, the 802.11A was not released until late
2001. This was because it was costlier and it caused a backward compatibility with
the 802.11B network.

802.11 G:
Since the 802.11B was cost sufficient but slower than the 802.11A, the IEEE
members decided to combine the best of both types. They finalized there work with
the development of the 802.11G. This new standard was developed to keep the stable
and accepted features of the 802.11B but increase the data speed standards so that it is
comparable to the 802.11A. 802.11G runs on the same RF band as 802.11B which is
2.4 GHz but uses the transmission techniques of 802.11A. The 802.11G permits
vendors to incorporate proprietary techniques that can potentially move the speed of
802.11G to 108 Mbps.

Wireless Configurations:

There are many types of Access Points and wireless network cards Such as (Linksys,
3Com and Cisco. Any one of has its specifications and features.
150

In our project we used 3Com Access points. Because it has many advantages over
others wireless access points especially in the security functions. 3Com access points
not easy to attack or hack because of the type of security and authentication options.

We use in our case 802.11g standard because this type provide many facilities and
advantages then other standards. This kind or this standard is more common than
802.11a and the cost or the prices are coming down. The communications on 2.4 GHz
Frequency. Is backward compatible with 802.11b and Maximum data transmission
rate of 54Mbps. This standard is good indoor range of about 150 feet. Its supporting
and improved security.

Steps to configure Access Points:

We use 3Com wireless access points which has little different configure than other
access points.

First you have to give you computer static IP address for example: 192.168.1.2.
Insert the CD to auto search for access points.
151

First Inset the CD to run discovery application


152

Click next to start search for access point

Click next to get IP address for the access point.


153

Click finish to complete discovery application. From this step access got an IP address

Write the password to configure access point setting


154

Select the country

Wait to save the data as shown below


155

Select 802.11 b/g and change ESSID to Saf 1-1 (1 mean first floor- 1 first access
point)

From this screen we change the IP address and disable DHCP by select Fixed IP
address mode.
156

In security option we have to select WPA which provide more security and
authentication.

In this screen we have to set a password for accessing the access point for secure
purpose. So body can connect to the access point unless has the password.
157

To secure more the LAN from access we used MAC Filtering as shown figure below.
158

To get MAC address use DOS prompt screen and type IPconfig /all
159

The last step show full details about access point configuration

To view available wireless network right click on wireless network connectivity

Select Saf 1-1 wireless network


160

Enter password to access wireless network


161

Wait to connect the wireless network

ADSL CONFIGURATION
First select PPPoE internet connection type
162

Enter username and Password

After that Type Router name


163

Then disable DHCP Server option

Press Save to save the settings


164

Select Wireless option from menu bar the change the Wireless Network Name (SIDD)

Then go to security option and enable firewall protection option .


165

If you want to block games site or any site that threat of virus.

If you want to change router administer password


166

Here is full ADSL configuration