Upload
daudelbert
View
146
Download
9
Embed Size (px)
Citation preview
•MAKLUMAT GITN SDN BERHAD
•1) Headquarters :
•Level 31, Menara TM
•Jalan Pantai Baharu
•50672 Kuala Lumpur
•Tel : 03-2245 0000
•Fax : 03-2240 0709
•2) Network Operation Centre :
•Level 2, TM IT Complex
•3300 Lingkaran Usahawan 1 Timur,Cyberjaya
•Selangor Darul Ehsan
•Tel : 03-8314 3888
•Fax : 03-8319 4775
•Meja Bantuan : 1300-88-2888
•3) GSB Data Centre :
•Level 1, Pusat Data
•3400 Lingkaran Usahawan1 Timur, Cyberjaya
•Selangor Darul Ehsan
TAKLIMAT SCHOOLNET
BAGI SCHOOLNET ADSL & MANAGED SECURITY SERVICES
PENGENALAN SCHOOLNET
“ membekal, menghantar, memasang, menguji,
mentauliah, mengoperasi, mengurus,
menyelenggara dan memberikan latihan untuk
merangkaikan 10,000 buah institusi pendidikan
menggunakan Rangkaian Persendirian Maya yang
selamat dikenali sebagai SchoolNet”
ISI KANDUNGAN
BAB 1: Pengenalan SchoolNet
BAB 2: Pengenalan MSS SchoolNet
BAB 3: SchoolNet Troubleshooting
BAB 1
PENGENALAN SCHOOLNET
Kontrak ditandatangani antara Kementerian Tenaga, Air &Komunikasi (KTAK) dengan GITN Sdn. Berhad (GSB)
eB dan Jaring adalah nominated sub-contractor yang dipilih olehKementerian Kewangan dan KTAK
Lebarjalur :
– Muat naik : 128 kbps
– Muat turun : 1 Mbps
Teknologi yang ditentukan oleh KTAK adalah :
i. ADSL
ii. Wayarles
iii. VSAT
*Bergantung kepada kesesuaian lokasi sekolah dan infrastruktur telekomunikasi yang sediada.
•PENGENALAN SCHOOLNET
DIAGRAM SCHOOLNET
SERVICE LEVEL GUARANTEE (SLG)
SLG untuk pembaikan (restoration) :
i. Sekolah di kawasan bandar – 24 jam
ii. Sekolah di kawasan luar bandar – 48 jam
iii. Sekolah di kawasan pedalaman – 72 jam
Kesediaan (availability) untuk setiap sekolah adalah
97%
•
•
•
•SKOP KERJA SCHOOLNET
Pelayan
SchoolNet MISInternet
LAN
Router
GITN
IP Node
GITN
IP Node
GITN
IP Node
Lebarjalur
1 Mbps/128 kbps
PC
PC
Pelayan
GITN Sdn BerhadKontraktor
PeyelenggaraanPembekal Perkhidmatan
Internet
•Peranan Pembekal
•Dilantik oleh KPM
OPERASI - KAKITANGAN SOKONGAN
Pusat Panggilan
i. 24 jam x 7 hari
ii. 9 orang kakitangan untuk menjawab panggilan dalam satu
masa setiap syif untuk projek SchoolNet (7am – 7pm)
Kakitangan Teknikal
i. GSB : 80 orang (ibupejabat dan setiap negeri)
ii. Kontraktor GSB : 19 kontraktor Bumiputera seluruh negara
iii. TM : seluruh negara
iv. Rakan niaga - eB dan Jaring
•Fault Management Overview
•Lodge fault
•report
•Issues Trouble Ticket #
•CALL CENTRE
•1st LEVEL•USERS
•Gather Problem
•Information
•Update SD
•FMT/TECHNICAL
•SUPPORT
•2nd LEVEL
•ON-SITE SUPPORT/
•TELCO
•3rd LEVEL
•On-site/Network/Security Support:
• Attending site and conducting
• problem restoration.
• Check physically GSB network
• equipment (i.e router, firewall,
• internal wiring etc)
• Faulty equipment replacement.
• Liaise with district Telco provider,
• contractor, on-site users.
• Ensure service is restored
•Remote Troubleshooting
•Check IPVPN Network
•Check configuration &
• routing
•Check Firewall
•Check Internet GW
•Check DNS
•Check the Session
•Update
•WITHIN SLG
•Not Resolved
•Escalate to
•Minor Troubleshooting
•Not Resolved
•Escalate to
•UPDATE SD •UPDATE SD
•UPDATE SD
BAB 2
PENGENALAN MSS SCHOOLNET
PENGENALAN MSS SCHOOLNET
“membekalkan perkhidmatan pengurusan keselamatan
rangkaian SchoolNet bagi menjadikan rangkaian
SchoolNet satu rangkaian yang lebih selamat dikenali
sebagai MSS SchoolNet”
• MSS SchoolNet merangkumi perkhidmatan terurus :
– Anti-virus
– Pengurusan tampalan (patch management)
– Penapis kandungan (content filtering)
– Penguatkuasaan polisi (policy enforcement)
• Pusat sokongan (menguruskan & mengoperasi)
• Corrective dan preventive maintenance
• Meja bantuan
• Pusat Operasi Keselamatan (SOC)
• Memberikan latihan kepada dua orang guru dari setiapsekolah
•ASAS MSS SCHOOLNET
LOKASI PEMASANGAN
• Anti-virus & Pengurusan Tampalan
– Komputer yang dirangkaikan ke SchoolNet
• Penapis Kandungan & Penguatkuasaan polisi
– Setiap pintu keluar laluan ke Internet bagi rangkaian SchoolNet
i. Cyberjaya
ii. Komtar
iii. Taman Teknologi Malaysia
•Internet•SchoolNet
•Agen Anti-Virus
•Agen Pengurusan Tampalan
• Master Server
• Anti-Virus
• Pengurusan Tampalan
• Penapis Kandungan
• Penguatkuasaan Polisi•Alert!
•Pusat Operasi
•Keselamatan
•Mirror server
•Kaspersky
•LOKASI PEMASANGAN
SKOP KONTRAK MSS SCHOOLNET
a) Di antara Kerajaan Malaysia diwakili oleh
Kementerian Pelajaran Malaysia (KPM) dan
GITN Sdn. Berhad
b) Jangkamasa perkhidmatan tiga (3) tahun
bermula 1 Oktober 2006 hingga 1 Oktober
2009
PENYERAGAMAN NAMA HOS
(Kod Sekolah)(D/N/S)(No PC)(tahun)(R/P)
D = Desktop, N = Notebook, S = Server
R = Refurbish, P = PIBG/ Sumbangan
Contoh
BBA9230D06404P
ANTIVIRUS - FUNGSI
• Memberikan komputer satu sistem pertahanan untuk mengesan penyebaran virus, menghalang dan
membunuh bagi melindungi maklumat yang ada.
• Komputer atau komputer riba yang tidak mempunyai anti-virus yang dibenarkan oleh KPM tidak akan
dibenarkan melayari Internet melalui SchoolNet atas
sebab-sebab keselamatan Rangkaian SchoolNet.
ANTIVIRUS – KESAN KETIADAAN
ANTIVIRUS – JENIS DIBENARKAN
• Sistem Operasi (OS) Windows & Linux
– Kaspersky
– Trend Micro
• Sistem Operasi (OS) Apple
– McAfee
ANTIVIRUS - POLISI
•Prinsipal•Pelayan
•Pusat Data
•Pelayan
•Sekolah•PC
•Polisi Anti-Virus Desktop
•Pangkalan Data
•Polisi Anti-Virus Pelayan
•Pangkalan Data
•Polisi Berpusat
•Pangkalan Data
• Hanya 1 jenis anti-virus saja di dalam setiap komputer dan pelayan
• Menyingkir semua anti-virus kecuali yang
dibenarkan oleh KPM
ANTIVIRUS - POLISI
ANTIVIRUS - GUI
PENGURUSAN TAMPALAN - FUNGSI
• Memastikan komputer mematuhi polisi
keselamatan dengan mempunyai Tampalan
Sistem Operasi (OS Patches) dan Service Pack
terkini yang bersesuaian
• Komputer atau komputer riba yang tidak mempunyai pengurusan tampalan yang dibenarkan oleh KPM
tidak akan dibenarkan melayari Internet melalui
SchoolNet supaya setiap pengguna SchoolNet yang
melayari Internet mempunyai Tampalan Sistem Operasi (OS Patches) dan Service Pack terkini yang
bersesuaian
PENGURUSAN TAMPALAN – KESAN KETIADAAN
PENAPIS KANDUNGAN - FUNGSI
• Memantau penggunaan Internet melalui
SchoolNet dan menghalang dari
pengaksesan laman web yang berunsur
negatif
•Internet•School*Net
•Pelayan Prinsipal
•Anti-Virus
•Penapis Kandungan
•Tampalan
•Pelayan Penapis Kandungan
•Alert!•Pusat Operasi
Keselamatan (SOC)•KPM*Net
•(kecuali PCN)
PENAPIS KANDUNGAN
PENAPIS KANDUNGAN - POLISI
a) Ditetapkan oleh Kementerian Pelajaran Malaysia (KPM)
b) Jenis – jenis polisi :
i. Sekolah Kebangsaan
ii. Sekolah Menengah
iii. Kolej & Institusi Pendidikan Guru
iv. Pentadbiran (Cawangan KPM – JPN, IAB dll)
POLISI PENAPIS KANDUNGAN
a) Benar (Permit)
– Kategori dibenarkan akses ke aplikasi dan kandungan di
dalam kategori pilihan
b) Halang (Block)
– Kategori halang akses ke aplikasi dan kandungan di dalam kategori pilihan
c) Log
– Hantar maklumat penggunaan ke pangkalan data
– Analisa dan laporan untuk KPM
– Simpan log penggunaan
Top Categories by Hits
Top Destinations by Bytes Transferred
Top Categories by Blocked Internet
Access
Top Destinations by Blocked Internet
Access
PENGUATKUASAAN POLISI - FUNGSI
• Memastikan komputer mematuhi polisi keselamatan sebelum melayar Internet dengan mempunyai
1. Perisian anti-virus dengan pengkalan data terkini
2. Tampalan OS (OS Patches) dan service pack terkini
KEPERLUAN SEMAKAN SEMULA POLISI
• Kandungan dan ancaman keselamatan adalah
dinamik
• Keperluan pengguna berubah dengan
– Kurikulum
– Pengajaran & Pembelajaran
– Pentadbiran
– Isu-isu semasa
– Polisi Kerajaan
CARA PERMOHONAN
• Keperluan maklumat
– Nama pemohon dan jawatan
– Nama sekolah/kolej/instituti, alamat, telefon & e-mel
– No IC, Kod sekolah/kolej/instituti
– Nama pelapor/pengesah dan jawatan
– Apa yang dipohon?
– Untuk apa/sebab dipohon?
– Tempoh perubahan polisi?
• Kekal
• Sementara
KAEDAH PERMOHONANAN
• Kaedah permohonan
– Emel : [email protected]
– Bertulis – surat & faks
- GITN SDN. BERHAD
Aras 31, Menara TM
Jalan Pantai Baharu
50672, Kuala Lumpur
(U.P: Pengurus Akaun KPM)
- Faks : 03 – 22400709
– Telefon – 1 300 88 2888
KELULUSAN
• Bergantung kepada
kelulusan Jawatankuasa
Pelaksanaan MSS
SchoolNet di bawah
kelolaan KPM
OPERASI MSS SCHOOLNET- KAKITANGAN SOKONGAN
a) Pusat Panggilan
24 jam x 7 hari
9 orang kakitangan untuk menjawab panggilan dalam
masa syif (7am – 7pm) untuk projek SchoolNet.
b) Kakitangan Teknikal
GSB : 220 orang (ibupejabat dan setiap negeri)
c) Pusat Operasi Keselamatan (SOC)
14 orang - 6 eksekutif & 8 pembantu teknikal
BAB 3
SCHOOLNET TROUBLESHOOTING
ADSL Installation
TCP/IP Configuration
Troubleshooting
Do & Don’ts
ADSL INSTALLATION
BASIC UNIT
ADSL Router unit (Front) ADSL Router Unit (Rear)
ON
ADSL
RESET
1234
10/100 BASE TX SWITCH
DC 12V
Phone line
connect hereRJ-45 Connect here Power
PointON Switch
Standard unit that given to School during installation and maintenance
RJ-45 Cable (UTP Cable) RJ-11 Cable (Phone Cable)
Power Adapter
INSTALLATION
STEP 1: Connect Power Cable
STEP 2: Connect Phone Line
INSTALLATION
•INSTALLATION
STEP 3: Connect first UTP Cable (RJ-45 Cable) end to ADSL Router
•INSTALLATION
STEP 4: Connect other UTP Cable end to LAN Socket (behind the CPU)
•INSTALLATION
STEP 6: And the Power Adaptor to Power Outlet
•INSTALLATION
STEP 8: Press the ON/OFF Button and….
•INSTALLATION
DONE!!!
•NOTE:
During installation, the contractor will install ADSL Router, Power Adapter, Splitter (if the using existing line), RJ-11 and RJ-45 to one PC / IT Teacher notebook.
During maintenance, the contractor only replaced the faulty item based on situation and condition.
TCP/IP CONFIGURATION
• NIC CONFIGURATION
• Set the properties of the Internet Protocol (TCP/IP)
• Change the IP address and DNS server addresses
•IP address : 10.121.194.194
•Subnet mask : 255.255.255.192 (fixed)
•Default gateway : 10.121.194.193
•Preferred DNS server : 10.251.3.2 (fixed)
•Alternate DNS server : 10.253.0.13 (fixed)
•Domain Name Server (DNS)
•- The Domain Name System (DNS) is a distributed Internet directory service.
DNS is used mostly to translate between domain names and IP addresses,
and to control Internet email delivery. Most Internet services rely on DNS to
work, and if DNS fails, web sites cannot be located and email delivery stalls.
Internet Protocol Configuration
(Microsoft XP)
STEP 1: Click Start Menu and Control Panel
STEP 2: Click Network Connection
STEP 3: Click Local Area Connection
STEP 4: Click Properties and Internet Protocol (TCP/IP)
STEP 5: Click Use The Following IP Address
EXAMPLE
Insert : 1. IP address : 10.131.224.2 - 10.131.224.62 (60 PC)
2. Subnet mask (SchoolNet) : 255.255.255.192
3. Default gateway : 10.131.224.1
4. Preferred DNS server : 10.251.3.2
5. Alternate DNS server : 10.253.0.13
STEP 6: Click OK
STEP 7: Click Internet Explorer
Snap Shot – Internet Protocol Properties
Internet Protocol Configuration
(Microsoft 98)
STEP 1: Click Start Menu and Control Panel
STEP 2: Click Network
STEP 3: Click TCP/IP (Network Card Name)
Note: Don’t Choose TCP/IP for Dail Up
STEP 4: Click Specify An IP Address
Note: Insert IP address and
Subnet Mask SchoolNet: 255.255.255.192
STEP 5: Click Sheet Gateway
Note: Insert New gateway
STEP 6: Click Sheet DNS Configuration and
Click Enable DNS
Note: Preferred DNS - 10.251.3.2, Alternate DNS - 10.253.0.13
02/27/06
STEP 7: Click Ok and Computer will restart
STEP 8: Click Internet Explorer
Note:
Preferred DNS for ADSL, Wireless ,VSAT GSB & USP: 10.251.3.2
Preferred DNS for VSAT JARING : 161.142.201.17 &161.142.2.17
TROUBLESHOOTING
02/27/06
ADSL
FIRST LEVEL TROUBLESHOOTING
02/27/06
•1) Power
•Lights up when power is supplied to the AT-AR250E.
•2) Ethernet
• Lights up only if the Ethernet cable is properly connected to
the corresponding port.
• Blinking when the Ethernet is transmitting / receiving data.
•3) ADSL
• Lights up when the ADSL connection is established.
• Blinking at fast interval when the ADSL is transmitting / receiving
data. Blinking at slower interval when trying to establish a
connection.
ADSL Router (ATI)
a) ADSL Router AT-250e
02/27/06
b) ADSL Router Aztech 3100R
1 2 3 41) Power
Lights up when power is supplied to ADSL Router.
2) Ethernet
Lights up when the Ethernet cable is properly connected from ADSL
Router to the Ethernet card. Flickers when the ADSL is transmitting/
receiving data.
3) DSL
Lights up when the ADSL connection is established. Blinking when ADSL is trying to establish a connection with ADSL Service Provider.
4) PPP
Lights up when PPP connection to ISP is established.
ADSL Router (Aztech)
02/27/06
Problem Troubleshooting Suggestion
Power LED does not illuminate
after product is turned on
End-user must verify that they are using the
AC adapter provided with the device. It must
securely connect to ADSL Router and a wall
socket/power strip.
DSL LED does not illuminate
after phone cable is
attached
Make sure to use a standard telephone line
(provided with the device). Make sure you
had correctly connected the device. Wait 30
seconds to allow ADSL Router to negotiate a
connection with ADSL service provider.
Ethernet LED does not
illuminate after Ethernet cable
is attached.
End-user must verify that the Ethernet cable is
securely connected to the hub/PC and to
ADSL Router. Make sure the PC/hub is turned
ON.
End-user must verify that they are using a
“straight-through” cable to connect to the
uplink port of a hub/switch or using a
“straight-through” cable to connect to a
computer.
ADSL FIRST LEVEL TROUBLESHOOTING
02/27/06
Problem Troubleshooting Suggestion
PC cannot access the
Internet
Use the ping utility to check whether your PC
can communicate with ADSL Router LAN IP
address. If it cannot, check the Ethernet
cabling, and check the LED status.
Check the gateway IP Address on the
computer is a valid IP address, if it is not,
correct the address.
Verify with GITN the DNS server specified for
the PC is valid.
PCs cannot display web
pages on the Internet.
Verify that the DNS server specified on the
PC’s is correct. You can use the ping utility to
test connectivity.
Note:
LAN or Gateway IP Address is an IP Address belonging to the ADSL Router.
DNS IP Addresses are 10.251.3.2 and 10.253.0.13.
ADSL FIRST LEVEL TROUBLESHOOTING
02/27/06
BASIC TROUBLESHOOTING
02/27/06
BASIC TROUBLESHOOTING
What should you do
when you see this
page ?
02/27/06
Do not panic and please follow this checklist.
Ensure the Router is ON.
UTP cable is tightly connected to the Router/IDU and PC.
Telephone line is connected to the Router/IDU.
Correct IP address, default getaway and DNS IP addresses
inserted.
Next are the easy step by step procedures for basic
troubleshooting
Note: Same method can be used for Win 98
Step 1: Click START and move the cursor to RUN
Step 2: Type command and Command prompt
(black screen) will appear
Step 3: Check your IP
• Type ipconfig
• Example, IP of PC is 10.39.155.2
Important Information to remember
IP Address = Current IP used (PC)
Subnet Mask = 255.255.255.192 (fixed for all)
Default Getaway = Router’s IP
Step 4: PING Command
The purposes for ping command
are:
• Verify hardware connection
• Test IP Network connectivity
For SchoolNet, 2 steps of ping test
need to be conducted:
1) Ping ADSL Router IP
Purpose : To check router connection
Example : ping 10.39.155.1
Refer Figure 1
2) Ping DNS IP addresses
Purpose : To check Internet browsing
Example : ping 10.251.3.2
ping 10.253.0.13
Refer Figure 2
Figure 1
Figure 2
Note:
If ping test fails,
request timed out will appear.
It means connection is not
established.
Step 5: Tracert Command
Shows interface addresses used to reach the destination
Example : tracert 10.39.155.1
Finally, if all of the steps taken fail…
Please call GITN Helpdesk Centre
1-300-88-2888
02/27/06
ADSL
DO’S AND DON’TS
02/27/06
DO’S
The power on the router shall be ON 24 hours.
Air vents must have free access to the room
ambient air for cooling. Maximum ambient
temperature is 40o C.
Please report any faulty to SchoolNet Helpdesk
(1-300-88-2888)
02/27/06
DON’TS
Do not disconnect power cable from ADSL router.
Do not expose ADSL router to rain or moisture.
Do not spills liquid on or near the ADSL router. Use a
soft, dry cloth for cleaning
Do not open the cover of the ADSL router.
Do not press the reset button (small hole) at the
back of the ADSL router.
02/27/06
Do not unplug any cables from the ADSL router.
Do not expose the ADSL router to direct sunlight.
Do not put any hot devices close to the ADSL router as it may degrade or cause damage to it.
Do not place the ADSL router on an unstable stand or table. The ADSL Router may drop and become damaged.
Do not put any heavy object on top of the ADSL router.
DON’TS
THANK YOU