The Ke Ha Tang Mang Cho Doanh Nghiep

7/29/2019 The Ke Ha Tang Mang Cho Doanh Nghiep

1/19

THIT K H THNG H TNG MNGCHO DOANH NGHIP

THIT K H THNG H TNG MNG CHO DOANH NGHIP

MC LCI.GII THIU D NII.PHN TCH YU CUA.Thng tin v yu cu ca khch hngB.Thng tin qua kho st thc tIII.GII PHPA.Thit k logic v thit k thc tB.La chn thit b v cng nghC.Chi phD.ng truyn kt niIV.PHNG N TRIN KHAIA.Bng phn hoch IPB.Thit k v xy dng h thng1. Thit k v xy dng Domain2. Thit k v xy dng DNS server3. Thit k v xy dng DHCP server4. Thit k v xy dng cu trc File server5. Thit k v xy dng h thng Web server v FTP server6. Thit k v xy dng Printer server

7. Thit k v xy dng h thng antivirus m hnh client-server8. Xy dng h thng v li WSUS9. Trin khai Policy qun l10. Cc dch v h tr khcC.O TO NGI S DNGD.KIM TRA V BN GIAO VN HNHE.CHUYN GIAO TI LIU V KHCH HNG NGHIM THUF.NH GI HIU QUV.PHNG N M RNGI. Gii thiu d nSau hn 25 nm ra i v khng ngng pht trin, mng Internet mang nhng c im ni tri m trongchng ta khng ai c th ph nhn, t kh nng lin kt mnh m n ngun thng tin di do cng nh vn thi gian v tc x l thng tin. Nhng song song vi nhng u im th mng Internet li cha

ng trong n nhng him ha khn lng.Hy tng tng mt ngy p tri no , nhng thng tin mt m chng ta c cng ct giu li b phiby ra trc tt c mi ngi, n b nh cp m ngay chnh bn thn chng ta cng khng bit l n bly i! Thng tin mt ca mt con ngi quan trng, nhng nu n l thng tin mt ca mt cng ty, mtt chc hay cao hn l ca quc gia? iu g s xy ra khi n b nh cp?
http://atoiz.vn/index.php?option=com_content&view=article&id=41:thit-k-h-thng-h-tng-mng-chothit-k-h-thng-h-tng-mng-cho-doanh-nghip-doanh-nghip&catid=31:gp-h-tng-mng&Itemid=36http://atoiz.vn/index.php?option=com_content&view=article&id=41:thit-k-h-thng-h-tng-mng-chothit-k-h-thng-h-tng-mng-cho-doanh-nghip-doanh-nghip&catid=31:gp-h-tng-mng&Itemid=36http://atoiz.vn/images/stories/mmt/1.pnghttp://atoiz.vn/index.php?option=com_content&view=article&id=41:thit-k-h-thng-h-tng-mng-chothit-k-h-thng-h-tng-mng-cho-doanh-nghip-doanh-nghip&catid=31:gp-h-tng-mng&Itemid=36http://atoiz.vn/index.php?option=com_content&view=article&id=41:thit-k-h-thng-h-tng-mng-chothit-k-h-thng-h-tng-mng-cho-doanh-nghip-doanh-nghip&catid=31:gp-h-tng-mng&Itemid=36


2/19

Trong h thng mng Workgroup, thng tin khng c qun l tp trung dn n rt nhiu bt cp trongvn qun l cng nh kh nng bo ton d liu. V vy trong mt cng ty nu s dng mng ny chia s thng tin s v cng nguy him, s dng h thng mng c qun l theo m hnh Domain l iutt yu. Mt cng ty vn cha ng rt nhiu thng tin v trong c nhng thng tin mang tnh chin lccho s pht trin ca cng ty, vn qun l v bo mt thng tin c t ln hng u. c th todng mt h thng thng tin ni b, d dng cho nhn vin s dng, thun tin cho cng vic qun l cngnh vic trao i thng tin th vic xy dng h thng File Server l rt cn thit. T thng tin c qunl tp trung v s dng chin lc Backup Restore hp l trnh tnh trng thng tin b tht thot!Da trn tnh hnh thc t, nhm chng ti nghin cu v pht trin d n Xy dng h thng File

Server - qun l d liu tp trung v xy dng h thng mng Lan cho cng ty vi tnh n nh v bo mtcao.Chng ti tin tng rng, vi n ny, chng ti c th gip cc cng ty qun l, s dng v bo mt ttthng tin cng ty tn dng tt cng ngh v ph hp vi ngun ti chnh ca mt cng ty va v nhang trn pht trin.II. Phn tch yu cui din ca khch hng1. V hin trng cng ty do khc hng cung cp:VNTransportl mt cng ty vn ti ng b. Hin ti cng ty ang ta lc ti mt to nh TP.HCM. hot ng gn 5 nm v mun xy dng h thng mng ni b m hnh domain cho cng ty.Cu trc to nh ca cng ty gm mt tng trt v ba tng lu. Tng mt c s dng cho ba phngban, tng hai cho hai phng ban, tng ba l tng qun l tp trung cc my ch quan trng ca cng ty.Chi tit: Nhn s v phng ban trong cng ty:

Phng Hnh chnh nhn s: 10 ngi (tng 1) Phng K hoch kinh doanh: 10 ngi (tng 1) Phng K Thut: 10 ngi (tng 1) Phng Ti chnh K Ton: 20 ngi (tng 2) Phng Ban Gim c: 4 ngi (tng 2)

2. V yu cu ca khch hng:Xy dng h thng File Server v chin lc sao lu phc hi d liu cho user trong h thng mng caCty vi cc yu cu sau:

Mi Nhn vin u c quyn tng ng trn File Server H thng File Server cha ti nguyn phi c chia s Mi Nhn vin khi logon vo h thng s c 2 a mng (dng chung v dng ring). Xy dng chin lc sao lu v phc hi d liu cho h thng File Server Gi thnh h thng hp l, khng vt qu 500 triu ng cho c h thng

Ni dung chuyn mn cn c: WSUS User & Group: home folder, script (log in). RAID

B. Thng tin qua kho st thc t1. V cu trc ta nh: ng nh thng tin cung cp ca khch hng2. V hin trng cng ty: l cng ty va v nh ang trn pht trin, kh nng ti chnh cng c giihn. V th cn s dng nhng gii php ph hp.Cng ty hin ang s dng mng workgroup m hnh nh sau:
http://atoiz.vn/images/stories/mmt/Drawing1.png


3/19

III. Gii phpA. Thit k logic v thit k vt l

Cng ty cn xy dng mt h thng mng theo m hnh Domain qun l tptrung,to iu kin thun li cho qun tr h thng mng C tc c 5 server, trn mi server chy cc dich v khc nhau tit kim chi ph.Chi tit v cc dch v trn m hnh chc nng sau:

M hnh thit k vt l ca h thng nh sau:

M hnh IP:
http://atoiz.vn/images/stories/mmt/1.pnghttp://atoiz.vn/images/stories/mmt/3.png


4/19

B. La chn thit b v cng nghCc linh kin thit b c:

53 computer cu hnh mnh v va 2 witch 24 port, 1 switch 16 port, 2 switch 8 port 1 my in LaserJet

Cc thit b cn mua mi:

Thit b Yu cu S lng

Server Server 5

Modem ADSL 1

Switch 8 port 2

Printer LaserJet 3

Cable RJ45-ADC 450 m

Cng ngh s dng: Tn dng ti a cng ngh ca Microsoft kt hp thm cc dch v ph trkhc.u im: cng ngh ph bin v gi thnh rNhc im: h thng c th xy ra li do phn mm nn cn c nhn vin k thut chuyn mn htr.Chi tit v cng ngh s dng:

S dng Windows Server 2003 ci t v qun l tc c cc dch v quan trngtrong cng ty File server: Lu tr, chia s, qun l d liu tp trung

Domain Controller, DNS, DHCP server: qun l h thng cc i tng, phn giitn, cp pht IP ng cho ton b vng mng LAN Web, FTP, Printer server: Qun l web, ftp v my in mng.

RIS, WSUS: trin khai h iu hnh, cp nht cc bn v li cho h thng RRAS, Antivirus: lm chc nng router (Lan-Routing, VPN, NAT), qun l vic qutvirus cho cc antivirus client trn my nhn vin v cp nht cc bn dit virus mi tinternet

D. ng truyn kt ni ng truyn trong mng LAN: s dng cp RJ45 tc 100 Mbps ng truyn Internet: s dng gi cc MegaOFFICE ca FPT Tc truy cp Internet ti a Download 3,072 Kbps Upload 640 Kbps Cam kt v tc truy cp Internet ti thiu Download T 128 Kbps Upload T 128Kbps

IV. Phng n trin khai
http://atoiz.vn/images/stories/mmt/jhf.png


5/19

A. Bng phn hoch IP:Deseription Interface IP S.Mask Default Gateway DNS Server Modem ADLS External 192.168.1.113 255.255.255.0 192.168.1.113 DNS ISP

RouterAntivirut

External 192.168.1.5 255.255.255.0 192.168.1.113 DNS ISPInternail_server 192.168.1.6 255.255.255.0LAN_floor1 192.168.1.7 255.255.255.0LAN_floor2 192.168.1.8 255.255.255.0

DC 1DNS 1DHCP 1

Internail_server 192.168.1.9 255.255.255.0 192.168.1.6

192.168.1.7192.168.1.8Form Ader:nISP

DC 2DNS 2DHCP 2

Internail_server 192.168.1.10 255.255.255.0 192.168.1.6

192.168.1.7192.168.1.8Form Ader:nISP

File serverWSUS ServerRIS Server

Internail_server 192.168.1.11 255.255.255.0 192.168.1.6192.168.1.7192.168.1.8

Web ServerMail Server

FTP ServerPrinter Server

Internail_server 192.168.1.12 255.255.255.0 192.168.1.6192.168.1.7

192.168.1.8

Floor 1 LAN_floor1192.168.1.20->192.168.1.60

255.255.255.0 192.168.1.7192.168.1.7192.168.1.8

Floor 2 LAN_floor2192.168.1.60->192.168.1.100

255.255.255.0 192.168.1.8192.168.1.7192.168.1.8

B. Thit k v xy dng s h thng:1. Thit k v xy dng DomainXy dng cu trc Active Directory

Chc nng ca Domain Controller:My DC gip qun l cc i tng nh domain, ou, group, user, my in, v rt nhiu cc i tng khc. my DC hot ng n nh, cu hnh ng l cc k quan trng. Ta tin hnh xy dng 2 DC ng cptrn h thng gip ti u ha kh nng lm vic cng nh s an ton cho h thng.u im:Hai my DC ng cp c c cu Replicate d liu qua li v hot ng ngang hng. Khi c mt user gi yucu ln DC1 x l, thng tin t user th 2 s c tip nhn bi DC2. Hai my ny s thay phin nhau lmvic, gip h thng vn hnh nh nhng hn.Khi c mt my trong h thng khng hot ng na, my DC cn li s c nhim v thc hin ht tc ccc cng vic iu hnh v qun l cc i tng. Gip h thng vn vn hnh tt khi c s c vi mt myDC no .
http://atoiz.vn/images/stories/mmt/4.png


6/19

Khi xy dng 2 dc ng cp, d liu truyn qua gia 2 my ny theo c ch nhn bn (Replicate), bo mtv khng chim qu nhiu bng thng h thng nh qu trnh transfer.Ta xy dng 2 my Domain controller ng cp ln lt nh sau:DC1:

Domain type: Forest Root DomainFull quality domain name: server01.vntransport.vn

DC2:Domain type: Additional DomainFull quality domain name: server02.vntransport.vn

DC1 v DC2 ng cp hot ng ngang hng chia s thc hin cc yu cu t cc client trong h thng. KhiDC1 b s c DC2 c nhim v thc hin qun l cc i tng cho DC11.2 Xy dng cu trc OU v Group

Chin lc Group c s dng: A-G-P, p dng khi forest c mt domain v t user.Gii thch chin lc A-G-P: Account Global Group Permission. Cc User Account (A) c a voGlobal Group (G), v gii hn quyn ti group ny (P).

u im: Cc group khng lng vo nhau nn vic x l s c s d dng hn Ti khon thuc v mt phm vi nhm n l.

Nhc im: Ti mi thi gian mt ngi dng xc nhn vi mt ti nguyn. Server kim tra thnh vinca nhm v xc nh n c phi l member khng S thc thi b gim st vi v nhm global khng c Cache
http://atoiz.vn/images/stories/mmt/ou.png


7/19

Bng thit k Group cho Doanh nghip:

GroupGroup Scope Group Type

OUDomainLocal

Global Universal Security Distribute

BanGiamDoc BanGiamDocThuKy BanGiamDoc

KToan KeToan

HC-NS HanhChinh-NhanSuKT-KD KeHoach-KinhDoanhKThuat KyThuat

1.3. Chin lc Backup v Restore Active Directory. m bo s an ton cho d liu v kh nng hi phc d liu khi cn thit. Ta tin hnh backup vrestore cho Active Directory1.3.1. Yu cu khi thc hin Backup Restore cho Active Directory:

m bo d liu c lu tr tt phc hi sau backup La chn thi ng thi im backup khng gy nh hng hot ng ca my ch S dng cc chin lc restore hp l khi gp nhng s c khc nhau trn AD

1.3.2. nh hng thc hin: S dng thit b lu tr chuyn dng cho vic backup l Tape Driver: Hewlett PackardStorageWorks DAT 24 (DW069A) DAT Tape Drive DAT, 12 GB, USB 2.0 Interface, InternalEnclosure, 1.5 MBps, For: PC Platforms. Gi: 220$

Chn thi gian backup thch hp tt nht l vo nhng lc vng nhn vin lm vic nhvo lc ngh tra hoc sau gi lm vic

S dng cc chin lc restore ph hp nh: Primary, Non-Authoritative, Anthoritative1.3.3.Cch thc hin:a. Backup System State: dng backup li database ca Active Directory. Dng chng trnh backupNTBACKUP c sn ca Windows tin hnh backup system state cho h thng.b. Restore AD: Ty vo cc trng hp khc nhau ca s c Domain Controller ta tin hnh cc kiurestote database khc nhauTrng hp 1: Authoritative RestoreKhi chn cch phc hi ny t my DC1 (file backup trn my ny), d liu c nhn bn (replicate)ngc li t my DC2. Nu mun chn gi li i tng no c to ra sau thi im backup trn DC1 tas chy dng lnh NTDSUNTIL gi li i tng .Gi s mun gi li user NV-Ktoan01 trn DC1 c to ra sau thi im backup, ta ln lt chy dnglnh trn cmd nh sau:NTDSUNTILAuthoritative RestoreRestore Object cn=NV-Ktoan01,ou=Ktoan,ou=KeToan,dc=vntransport,dc=vnQuitRestartTrng hp 2: Non-Authoritative RestoreHnh thc ny s ghi li tnh trng h thng khi tin hnh backup kt hp vi nhng i tng t my DCbn kia sau khi bn backup c to ra, gi s ta to bn backup trn DC1 v sau to user NV-Ktoan01trn DC2. Sau tin hnh restore file backup. Sau khi restore h thng s bao gm nhng i tng khibackup cng vi user NV-Ktoan01 c to ra trn DC2 nhn bn qua.Trng hp 3: Primary RestoreHnh thc ny s ly trng thi mi nht cho file backup v phc hi li cho DC tin hnh restore, h thngt ng ng b cho DC khc trn h thng. Ta s dng cch backup ny khi tc c cc my DC u b mtd liu v mun phc hi li d liu ti thi im backup.1.3.4. Tng kt Backup & Restore ADMt h thng an ton l h thng c backup thng xuyn v s dng chin lc restore ng thi im.S dng chin lc backup restore AD gip d liu trn cc my DC c bo m an xy ra bin c hthng.2. THIT K V XY DNG DNS

DNS l mt mu cht quan trng cho s vn hnh h thng mng. DNS hot ng tt, ta cn thc hinthit k v ci t ng phng php v chnh xc.2.1.1. Chc nng ca DNS server:


8/19

Ngoi chc nng phn gii tn min thnh IP v ngc li. V DNS l mt c s d liu phn tn v c khnng m rng. N gip ngi qun tr cc b c th qun l d liu ni b thuc phm vi ca h, d liu nyc truy cp trn ton b h thng theo m hnh client-server.u im:Tng kh nng chu liCn bng tiSecurity (dynamic update)Gim traffic h thng (khng phi transfer m thng tin Dns c replicate chung voi AD)2.1.2. Yu cu nh hng v cch thc hin:

Xy dng 2 DNS primary server m bo tnh sn sng v kh nng chu li. Khi 1 server b s c DNSserver cn li s thc hin cc yu cu phn gii ca client.Xy dng h thng DNS trn server01

Vo control panel ci t Dns service Cu hnh Primary Zone tch hp AD Cu hnh Forward lookup zone v Reverse lookup zones

Xy dng DNS trn server02 Ch cn ci t DNS service sau tc c cc d liu s c replicate t my dns1 qua

Sau khi cu hnh xong ta s tin hnh kim tra DNS c phn gii ng hay khng bng lnh nslookup trnCMD. Nu phn gii tt kt thc qu trnh cu hnh v tip tc xy dng cc dch v khc.2.1.3. Tng kt dch v DNS

DNS l mt dch v cc k quan trng trn h thng mng. DNS c th phn gii ng v c kh nnghot ng n nh, ta cn tin hnh cc bc cu hnh chnh xc3. THIT K V XY DNG DHCPKhi mt my tnh tham gia vo mng th a ch ca n phi l duy nht khng trng lp vi bt c myno khc trn h thng. i vi mt h thng mng ln c hng trm my trm th vic gn a ch IP chotng my trm th s gp rt nhiu kh khn, mt nhiu thi gian v cng sc. khc phc tnh trng trn, h thng mng cung cp dch v DHCP cho Server t ng cung cp a chIP v cc thng tin cu hnh cn thit cho cc my trm.3.1.Chc nng ca DHCP serverDHCP Server cp pht IP ng v cc thng tin cu hnh c lin quan cho cc Client.3.2. u nhc im ca DHCP serveru im:

Gim bt cc hin tng xung t v IP, hay cc li v IP, lun m bo Client c cu hnh

ngn gin ha trong cng tc qun tr.Tit kim c s a ch IP thtTp trung qun tr thng tin v cu hnh IPCu hnh IP ng cho cc my trm mt cch lin mchPh hp vi cc my tnh thng xuyn di chuyn gia cc lp mngT ng cp nht thng tin khi c s thay i cu trc mngS linh hot v kh nng d m rng

Nhc im:a ch IP c cp s b thay i, khng bo m c mt a ch ring bit cho mt Client trongmi lc khi Client cn mt a ch IP tnhQu trnh cp pht IP gia DHCP client v DHCP server l tn hiu broadcast nn khng th i

qua c Router3.3. Cc yu cu chung khi trin khai dch v DHCP serverDHCP Client

Windows XPDHCP ServerWindows Server 2003DHCP Server Service c ci t trn Server cu hnh IP tnh, Subnet Mask v Default GatewayC Range IP hp l3.4. nh hng v trin khai dch v DHCP servernh hng thc hin theo m hnh h thngXy dng theo chin lc 80/20Cu hnh 2 Range IP cho 2 Subnet tng ng trong m hnh h thngCu hnh Scope Option: 003: Router, 006: DNS Servers, 015: DNS Domain NameCu hnh Superscope cho 2 Range IP tng ngBackup & Restore DHCP databaseNn DHCP database


9/19

Cu hnh DHCP Relay AgentTrin khai dch v theo m hnh h thng

Ch thch: 003 Router006 DNS Servers015 DNS Domain Name

3.5. Tng kt dch v DHCPDch v DHCP Server c cu hnh v sn sng cho vic phc v cp pht IP ng cho cc my trmtrong h thng mng ca cng ty VNTransport. Vi cc chc nng c cu hnh m trnh by trnth nhm chng ti m bo tnh an ton v hon ton n nh trong sut qu trnh hot ng ca cng ty.4. Thit k v xy dng cu trc File ServerFile Server trong mt h thng mng ng vai tr cc k quan trng v tc c d liu ca nhn vin clu tr v chia s ti y. file server hot ng mt cch an ton v hiu qu ta cn thc hin nhiuchin lc v mt cu hnh cng nh qun l.4.1. Chc nng ca File server v u nhc im

Lu tr v chia s d liu.Qun l d liu tp trung.

4.2. Cc yu cu cn lm trn File server. D liu c chia ra cc vng khc nhau phn quyn s dng cho nhn vin. Gii hn khng gian s dng ca tng nhn vin. Gim st vic s dng ti nguyn ca nhn vin Phc hi d liu nu l b xa, thay i. Backup d liu nh k phc hi khi cn thit. Hot ng nhanh, n nh, bo mt.4.3. nh hng thc hin. S dng NTFS Permission phn quyn trn cc th mc chia s cho cc Group cha user trn AD. S dng Quota gii hn dung lng s dng trn a File server. S dng Audit gim st vic s dng ti nguyn. S dng Shadow Copies sao lu v phc hi d liu b xa, thay i tm thi. S dng Backup & Restore sao lu d liu nh k v phc hi khi cn thit. S dng Raid 5 sao lu ng thi tng tc hot ng cho a cng File server.
http://atoiz.vn/images/stories/mmt/Untitled-1.png


10/19

4.4. Xy dng v Cu hnh File serverFile server c t trn mt a cng ring v nh dng theo chun NTFS. Trn a cng ny to phnvng D cha d liu. Phn vng ny ch s dng cho file server khng c mc ch no khc.4.4.1. Xy dng cy th mc cha d liu trn phn vng D Ta to ra 2 th mc chc nng m nhn cng vic ring.Public: th mc dng chung, nhn vin c th lu v chia s d liu ti yTrn Public cha 2 th mc dng chung:+ Report: th mc lu cc bo co ca nhn vin cho ban iu hnh.+ Application: th mc lu tr cc ng dng ph hp deploy xung cho tng phng ban.

Private: th mc dng ring, lu tr d liu lm vic ca tng nhn vin ring bit. Mi nhn vin khilogon vo h thng s c mt th mc tng ng, th mc ny s lm My Document cho tng nhn vin.4.4.2. nh hng phn quyn NTFS v cch thc thc hin:a. Yu cu chung:

Nhn vin khng th xa hoc thay i cu trc th mc c snNhn vin c ton quyn trn th mc v d liu mnh to raNhn vin khng chnh sa hoc xa c d liu ca ngi khc

b. Yu cu ring: Trn Public: Nhn vin c quyn c tc c cc d liu. c quyn to - chnh sa - xa dliu ca mnh, khng c chnh sa - xa d liu ca ngi khc.+ Trn Report: Nhn vin ch c quyn c v ghi d liu ca mnh.+ Trn Application: ch dnh cho admin deploy phn mm.

Trn Private: Cha cc th mc tng ng cho cc nhn vin, khi nhn vin ng nhp vo hthng ln u tin th s t ng to ra mt th mc trng trn ca user nhn vin, th mc ny c sdng lm My Documents cho nhn vin khi lm vic trn h thng. D liu ca nhn vin c lu tr trctip trn server v nhn vin s thy duy nht d liu ca mnh, khng thy bt c th mc no ca ccnhn vin khc.c. Cch phn quyn NTFS

Cng vic chung:Share 2 th mc vi tn tng ngThit lp Full Control cho Everyone Share Permission cho tc c cc th mc shareCu hnh NTFS Permission:

+ G b c tnh tha hng trn a D+ Remove group Nhn vins khi a D+ Add cc group tng ng ca phng ban vo+ Thit lp Full control cho ti khon CREATE OWNER trn D

Cng vic ring trn tng th mc share:Bng phn quyn:

Folder Share NTFS (advanced) Users/Group Apply ontoPublic Full

controlTravel Folder / Execute fileList Folder / Read DataRead AttributesRead Extend AttributesCreate Folders / Append Data

BanGiamDocThuKyKToanHC-NSKT-KDKThuat

This folders,subfolders and files

Report Fullcontrol Travel Folder / Execute fileList Folder / Read DataCreate Folders / Append DataRead AttributesWrite Attributes

BanGiamDocThuKyKToanHC-NSKT-KDKThuat

This folders,subfolders and files

Application Fullcontrol

Full control Administrator This folders,subfolders and files

S dng Group Policy cu hnh th mcPrivate cha cc My Documents ca nhn vin4.4.3. S dng Quota gii hn khng gian lu tr.a. u im v nhc im u im: Gii hn c khng gian s dng a mng cho nhn vin, trnh tnh trng s dngqu nhiu lm nh hng cho file server, lng ph ti nguyn cng nh tc truy xut d liu ca nhngnhn vin khc Nhc im: i vi cc phng khc nhau phi thit lp cc mc hn ngch khc nhau ty vo nhucu, mi khi d liu lm vic ca mt ai y chng ta phi iu chnh li mc hn ngch. Khng ththit lp mt ln s dng mi mi.


11/19

b. Cch thc hinMi nhn vin ch c s dng 500mb trn a cng ca file serverThng bo cho nhn vin khi dng n 450mb, n 500mb th khng lu d liu c na.Thit lp quota cho tc c cc nhn vin nh sau:Limit disk space: 500mbWarning level: 450mb4.4.4. Gim st hot ng ca nhn vin trn file server vi AuditGim st cc hot ng ca nhn vin trn file server nh: to, chnh sa, xaa. u im v nhc im

u im: gim st gip qun l c cng vic ca user v c th ghi ra bo co khi cn thit Nhc im: lm cng vic x l trn file server din ra chm hn do mi ln c cc s kin xy raphi ghi li nhng s kin .b. Cch thc hinThm danh sch cc nhn vin mun gim st vo v ty chn cc s kin Successful hoc Failed ph hpvi quyn ca tng nhn vin trn a4.4.5. S dng Shadow Copies.Shadow Copies cho php sao lu d liu tm thi do nhn vin to ra v phc hi khi l b nhn vin v tnhxa hoc ghi ...trong ngy hm .a. u im v nhc im u im: restore li mt cch nhanh chng, ghi li nhiu version khc nhau ca mt file cho phpthc hin qu trnh restore theo ngy gi c th. Nhc im: ch khc phc nhng s c nh khi b xo mt file hay th mc. Khng th thay th

c cc hnh thc sao lu truyn thng.b. Cch thc hin

Enable chc nng Shadow Copies trn a cng file server.Lp lch t ng sao lu

Cho my tnh nhn vin ci t chng trnh Previous Versions Client trong th mcC:\WINDOWS\system32\clients\twclient\x86 thc hin phc hi: t my nhn vin vo th mc m user thc hin thay i chnProperties -> chn Previous Versions -> Chn thi im sao lu -> Chn Restore.4.4.6. Chin lc Backup & Restore cho File Server.Backup & Restore l hnh thc sao lu truyn thng khng th thiu trn bt c file server no. N l linhhn ca file server, ng vai tr cc k quan trng trong cng vic bm m s an ton d liu. D liuc to ra v sao lu, phc hi ti nhng thi im thch hp gip ta i ph vi bt c tnh hung no khi

xy ra s c trn file server.a. u im v nhc im u im: c th kt hp nhiu phng php sao lu, gip ly li gi liu ca bt c thi im nonu cn thit. Nhc im: d liu ngy cng tng ln cng tn nhiu thit b lu tr, thi gian sao lu cngchm.a. Yu cu v nh hng Cc yu cu:

S dng bng t lu tr (Tape Drive), gip bo qun tt hn l DVD Backup vo thi im t nhn vin lm vic hoc tc c ngh trnh trng hp nhn vin cp

nht d liu sau thi im backup ca server. Backup lm sao d liu to ra l t nht, thi gian ngn nht nhng vn m bo y , n nh,

c th ly li d liu ca mt ngy bt k trong tun. nh hng: S dng Tape Driver: Hewlett Packard StorageWorks DAT 24 (DW069A) DAT Tape Drive DAT, 12GB, USB 2.0 Interface, Internal Enclosure, 1.5 MBps, For: PC Platforms. Gi: 220$

Backup vo ban m khong 10h l tt nhtS dng backup Normal kt hp vi Incremental v Differential

Gii thiu u im v nhc im ca 3 loi backup trn tin vic la chn s dng:Backup Normal:Backup full, c ngha l s backup ht tt c ci g m mnh chn

Thi im dng: backup full thng lm vo ngy cui tun v u tunu im: s backup ton b ci g chng ta cn. Khuyt im: thi gian backup v restore s lu v backup ht v restore ht, cn c thit b dung

lng ln cha file backup.Backup Incremental:Kiu backup ny l ch backup li nhng g thay i ca ngy backup so vi ln backup trc

Thi im dng: cc ngy cn li trong tun tr th 2 v th 7


12/19

u im: thi gian backup nhanh v ch backup li nhng g thay i so vi ln trc, khng cnstorage ln cha file backup Khuyt im: phi restore tng file theo th t Full v bakup ngy th 2 ri n ngy th 3 ... saucng n ngy cn restore.Backup Differential:Kiu backup l file backup c to ra gm backup Full ca ngy hm trc v s thay i ca ngy cnbackup

Thi im dng :Thng dng vo cc ngy cn li trong tun tr th 2 v th 7 u im: bakup li bn Full ca ngy hm trc v s thay i ca ngy backup nn khi restore s

nhanh hn incremental Khuyt im: thi gian backup s lu hn kiu normal nhng thi gian restore nhanh hn kiu

incremental, cn storage ln cha file backup.b. Cch thc hin:

Tun 1 Tun 2 Tun 3T h 2: Normal T h 2: Differental T h 2: DifferentalT h 3: Incremental T h 3: Incremental T h 3: IncrementalT h 4: Incremental T h 4: Incremental T h 4 : IncrementalT h 5: Incremental T h 5: Incremental T h 5 : IncrementalT h 6: Incremental T h 6: Incremental T h 6 : IncrementalT h 7: Normal T h 7: Normal T h 7 : NormalCN: khng dng C N : khng dng CN: khng dng

Bn trn l lch backup nh k hng tun, ph hp vi kh nng v yu cu ca mt cng ty va v nh. Ty chng ta s cn c lp lch backup nh k.4.4.7. Xy dng a d phng RaidSao lu d liu lun l mt nhim v cn thit v cp bch i vi cc doanh nghip, t chc hay bt k cnhn no. Bt c khi no cng cng c th b hng hay bad m khng h bo trc v km theo th dliu cng ra i. Vy ti sao thay v vic ngi ch cng m khng t thit lp cho mnh mt h thng saolu d phng n gin m khng cn mt qu nhiu cng sc vo vic backup hng ngy, hng gi (k ckhi c chng trnh h tr). a cng hin nay khng cn qu t v qu sa x, v vy ta cn to chocng ty mt h thng sao lu d phng c bn (RAID).S dng Raid gip tng tc truy xut d liu cng nh bo m vic sao lu phc hi cho a cng hthng mt cch an ton. Ty vo nhu cu ca cng ty ta c th s dng Raid trn DC, File Server.Yu cu v nh hngYu cu: S dng Raid tng tc truy xut, sao lu an ton v r tin.nh hng: S dng Raid 5 thc hin.5. Thit k v xy dng h thng Web server, FTP serverWeb l mt cng c truyn ti thng tin cc k hu dng ca cuc sng hin i. Web v fpt mang li chochng ta cng c chia s d liu nhanh chng v tit kim rt nhiu chi ph. Trong h thng mng ni b camt cng ty, nhng dch v ny gip nhn vin cp nht nhanh chng thng tin t ban iu hnh cng nhgi thng tin ngc tr li. Xy dng ng thi 2 h thng public v private web-ftp khng nhng gipqung b thng tin ni b m cn cho cng ng s dng mng internet. N l mt cng c qung co snphm dch v rt hiu qu v tit kim.5.1. Cc chc nng v u nhc im.

Web gip ta chia s thng tin v cp nht thng tin mi t bt c a im no c kt ni mng Chc nng chnh ca FTP l lm ni lu tr d liu di ng trn mng, ch cn c user v password(nu yu cu) l bt c ai cng c th truy cp vo FTP server ly v chia s d liu cho mi ngi.

u im: chia s v cp nht thng tin mi lc mi ni.Nhc im: bo mt km, d dng b hacker li dng v mc ch xu.5.2. Cc yu cu chung khi trin khai dch v Web v FTP..2.1. Yu cu vi cc dch v

Yu cu khi thit k cu trc chy Web: hot ng nhanh, cp nht kp thi thng tin cho nhn vinv khch hng.

Vi FTP: gip user c th truy cp trong phm vi mng ni b cng nh t internet voVi Web: c web ni b v web public cho user v khch hng truy cp.

5.3. Trin khai cc dch v Web v FTPCi t IIS ComponentTo host v alias cho FTP v Web trn DNS server.Trin khai FTP:

To mt FTP site miCu hnh a ch IP, Port, ng dn n th mc share FTPCp quyn cho cc user s dng th mc share FTP, cp quyn Read, Wrire, Brower cho user trn

FTP site.Trin khai Web:


13/19

To Web site miCu hnh a ch IP, Port, ng dn n th mc share webCu hnh trang mc nh v cc ng dn dng truy cp webCp quyn Read cho user.

Nat port v cu hnh dyndns public FTP v Web:Vo modem Nat port 80 - ng vi IP: 192.168.1.99 ca web server, Nat port t 20 n 21 - ng vi IP:192.168.1.99 ca FTP serverDownload v cu hnh DynDNS software trn my Web-FTP cp nht a ch IP ln server min ph caDynDNS.org (nu c mua IP public v domain th khng cn phi s dng dch v min ph ca

DynDNS.org)5.4. Tng kt dch v Web v FTPSau khi Web-FTP c thit lp, thng tin ca cng ty c ph bin rng ri cho cc nhn vin v khchhng. y l dich v h tr cc k hu ch cho bt c mt cng ty no m bo s tin dng v tit kim chiph.6. Thit k v xy dng dch v PrintingPrinter server l my tnh hoc thit b chuyn dng khc c s dng kt ni vi my in v cung cpdch v in n trong mng. Trong thc t hin nay, i a s cc mng my tnh ca chng ta (Vit Nam) sdng mt my tnh trong mng kt ni my in v chia s my in dng chung ny cho cc ngi s dngkhc trong mng.6.1. Gii thiu dch v v u nhc im.

C 2 cch s dng printer in n trong mng l in mng (internet printing) v in cc b (localprinting) In mng: s dng printer serveru im:

User c th s dng in t bt c u c internet.Cng vic in n trn mng c qun l tp trung trn server cu hnh internet printingRt nhiu user c th s dng chung mt my in gim thiu chi ph mua nhiu my inHot ng khng phc thuc vo PC gip cng ty tit kim ti nguyn pcC phn quyn nn d dng in n hnTc in n nhanh

Nhc im:Printer server gi thnh caoKhng h tr qun l trc tip trn my printer server

In cc b: s dng my in localu im:Gi thnh rC th s dng tc c cc loi my in c th in cKt ni n gin khng ph thuc vo cu hnh kt nin gin d trin khai

Nhc im: Bt buc my in ni vi PC phi c m lin tc nu tt s nh hng n cc ngi s dngchung my in trong cng mt phng ban

Tc in n khng caoTnh bo mt km

6.2. Trin khai dch v Printer server

a. Trin khai Internet Printing vi Printer serverCi t dch v Internet Printing trong Control PanelTo my in mng, v tr v a ch printer server v ci t driver cho printer serverTo cc my in logic phn quyn cho cc Group v user khc nhauTo Printing Pool gip h thng khc phc s chm tr khi c qu nhiu yu cu inMap my in v my client thng qua trnh duyt internet.

b. Trin khai Local printingCi t v cu hnh cho my in cc b trn my tnh c gn my in Share my in ra cho cc my khc bng ng dn UNC hoc s dng cu lnh map my in cho tngclient. Phn ny s thc hin trong Group Policy.6.3. Tng kt dch v Printer serverVi s qun l ca printer server, hot ng n nh - nhanh chng s gip cng vic in n ca tc c nhn

vin thun li hn. Trong m hnh mng ca cng ty VNTRANSPORT s c 1 my printer server v ccmy cn li s lm chc nng in local, va m bo li tit kim7. Thit k v xy dng h thng Antivirus m hnh Client Server.Thm ha virus i vi h thng mng l m nh ca nhng ai tng lm vic trong cc cng ty. Khi virusly lan trong h thng s lm cc h thng ng bng hoc hot ng khng n nh, gy nh hng n


14/19

hot ng ca cng ty c bic l cc cng ty c xng sng l mng my tnh - hot ng da trn mngmy tnh. phng s ly nhim virus cng nh s ly lan pht tn ca virus trn h thng, ci t mt h thngphng chng virus l thc s cn thit.Nhm chng ti quyt nh s dng phn mm Symantec Antivirus 10.0 thc hin cng vic ny.7.1. Cc chc nng ca h thng Antivirus:

Chc nng ca Antivirus server (ci t trn server): cp nht, qun l tp trung cc phin bn chngvirus mi t internet v trin khai cho my nhn vin, dit virus trn chnh my ci t. Chc nng ca Antivirus client (ci t trn my nhn vin): cp nht cc phin bn dit virus t

Antivirus server, tm v dit virus trn tng my ci t n.7.2. Cc c im chung v u im khi trin khai h thng Symantec Antivirus

Khi my server kt ni ra internet v update, cc my client s t ng update t server, my client

khng ra internet update. Cc my client cng khng c quyn g b ci t nu khng c password. Khi bt k my no trong h thng, thng tin s c gi trc tip ln server, ngi qun tr s bitngay v thc hin cc hnh ng trc tip ti my b nhim t server.u im ca Symantec Antivirus:

Hot ng nhanh v ph hp vi mt cng ty va v nh To ra mt h thng Antivirus duy nht cho c h thng my tnh, gip ngi qun tr n gin hntrong vic qun tr h thng.

Tit kim bng thng trong qu trnh UpdateNng cao bo mt.

7.3. Trin khai h thng Symantec Antivirus7.3.1. Ci t phn mm Symantec server

Chun b a CD ci t cha: Symantec AntiVirus Corporate Edition v10.1 v Symantec System Centerv10.1

Ci t ln lt cc phn mm vo my server, trong qu trnh ci t ch phn password cho hthng v check vo AutorunLiveUpdate t ng cp nht t server trn internet sau khi ci t xong.7.3.2. Cu hnh v trin khai Symantec client cho my nhn vin v h thng cc my memberserver.

Sau khi ci t v khi ng li h thng, ta tin hnh Unlock cho server v ty chn cho server lPrimary server. Sau tin hnh trin khai phn mm xung my client (client trn 3 range khc nhau, range server,range tng 1 v range tng 2) Chng ta c 2 cch ci t cho my trm: mt l chng ta ng t Client truy cp n server bngng dn UNC, hai l chng ta dng tin ch Client Remote Install Tool. ci t t xa ta vo

Tools\Client Remote Install. Trong qu trnh ny bc u tin ta s chn v source ci t, ta ty chn Default Location. Sau tachn nhng user cn trin khai thc thi.


15/19

Qu trnh trin khai xung client thnh cng, sau khi khi ng li phn mm Antivirus s t ng chyv nhn thy c trn my client.7.4. Tng kt Antivirus.Symantec Antivirus m bo c kh nng vn hnh nh nhng cng nh m hnh Client-Server ti ucho cng vic qun tr. S dng phn mm ny trn h thng ca VNTRANSPORT l rt kh thi v tc mt phn mc tiu bo mt cho h thng ca nhm 06PBL1528. Xy dng h thng v li WSUSQun l tnh trng h thng l mt trong nhng cng vic quan trng ca ngi qun tr mng, qun l viccp nht cc bn v li phi c tin hnh lin tc cung cp cho h thng nhng phin bn v li mi nht

ca nh sn xut khng nhng mang li hiu qu bo mt, m cn gip h thng hot ng n nh hn rtnhiu.Nhng mt iu cn phi ch rng i khi cc bn v li do nh cung cp phn mm a ra thng chmhn so vi cc bn v li ca cc hng bo mt, mt v d nh symantec a ra 40 bn v li trong c20 bn cho h thng my Dell chy Windows XP v hn 20 bn v li cho Windows 2000 Service Pack 3trc khi Microsoft a ra cc bn v li chnh thc vo ma h nm 2003. V vic cp nht ton b hthng qua Internet l mt gii php kh thc hin khi c nhiu my tnh trong h thng mng cn c cpnht bn v li ngay. Vic trin khai h thng t cung cp cc bn v li ngay trong h thng mng l iucn thit. Chnh v iu ny nn chng ta cn mt dch v phc v cho nhu cu trn v WSUS l 1 giiphp.WSUSl vit tt ca Windows Server Update Service . Cho php chng ta to ra mt my ch lu tr phnmm cp nht cho ton b h thng cc phn mm ca hng Microsoft t Windows cho n cc phn mmOffice

M hnh hot ng WSUS

8.1. Cc chc nng v u nhc im:Qun l tp trung vn ci t phn mm update trn cc my trm.

Gim thiu lu lng bng thng ra ngoi Internet. Nu khng c wsus cng ty c hng trm my tnh vyu cu update trc tip thng qua Website ca Microsoft s gy l hin tng tc nghn v qu ti.

u im: Tit kim c nhiu thi gian qun tr v tng cng thm tnh bo mt cho h thng ccmy trm.

Nhc im: ch c ch trong mt h thng ln v nhiu my client. H thng nh ci t s gy lngph server.8.2. Cc yu cu chung khi trin khai WSUS.82.1. Yu cu v dung lng a cng:

C partition ci t windows v partition ci t WSUS phi l NTFS.Ti thiu phi c 1 Gb trng cho partition h thng.Ti thiu phi c 6 Gb trng cho partition ci cc bn update cho WSUS recommend l 30 Gb.

8.2.2. Cc yu cu v Automatic Updates:

Automatic Updates l mt thnh phn client ca WSUS. Automatic Updates khng i hi g v phn cngc bit ngoi vic phi c kt ni vi network. Ta c th s dng Automatic Updates vi WSUS trn btk my tnh no chy cc h iu hnh sau y:

Microsoft Windows 2000 Professional with Service Pack 3 (SP3) or Service Pack 4 (SP4), Windows2000 Server with SP3 or SP4, or Windows 2000 Advanced Server with SP3 or SP4.


16/19

Microsoft Windows XP Professional, with or without Service Pack 1 or Service Pack 2.Microsoft Windows Server 2003, Standard Edition; Windows Server 2003, Enterprise Edition;Windows

Server 2003, Datacenter Edition; or Windows Server 2003, Web Edition. *Note: ci t c WSUS ta cn thc hin ci t mt s chng trnh yu cu cho WSUS:1. Ci t IIS2. Ci t Services Pack3. Ci t dotNetFX35setup.exe4. Ci t ReportViewer.exe

5. Cui cng l ci t WSUS ( y h thng chng ta s ci t ver3.0)8.3. nh hng v trin khai thc hin WSUS.My ch SUS s phn tch cc h iu hnh yu cu cp nht, kim tra cc bn service pack v cung cpcho my client nhng gi tin cn phi download v ci t cc phin bn cp nht.8.3.1. ng b d liu v cung cp cho h thngKhi bt u vic ng b d liu my ch SUS s truy vn n my ch Windows Update ca Microsoft haycc my ch SUS khc trong h thng mng v download ton b ti nguyn v cc bn v li hay ccservice pack cho mi sn phm v ngn ng m ta cu hnh. Qu trnh ng b d liu s ctruyn khong 150 MB cho phin bn English v 600MB cho mi ngn ng khc.8.3.2. Thit lp Automated Updates trn my clientCi t cc cp nht t Automatic Updates ca my client bng vic ci t cc gi MSI. cung cp ccgi cp nht dng MSI bn c th d dng s dng Group Policy cung cp . To ra mt GPO mi, gnchng cho cc my tnh trong h thng mng ca bn, v n s c ci t mt cch t ng.

C th cung cp cc gi MSI cho client di dng logon script gn cho gi tin MSI v h thng s c thchin trc khi ngi dng ng nhp vo h thng.8.3.3. S dng Group Policy p t my Clients Update t WSUSLn lch cho qu trnh cp nht cn khc nhau trnh cng mt thi im ton b h thng yu cu n mych SUS s lm ton b h thng mng ca bn b tc nghn. (Tu chn trong phn Reschedule AutomaticUpdates Scheduled Installations)To ra nhiu GPO vi nhiu lch trnh khc nhau cho mi OU m bo h thng lun c p ng ttnht.8.4. Tng kt WSUS.Vi nhng tnh nng u vic v cp nht v v li cho h thng ca WSUS ( c phn tch pha trn) thy l dch v kh tt gp phn bo mt cho h thng cty. Do nhm 06PBL152 chng em trin khaihon chnh dch v ny cho ti ln ny.9. Trin khai Policy qun l.

Policy l mt c cu gip ta xc lp cu hnh desktop, permissionmt cch t ng v tp trung nhnhng Group Policy Object (GPO). Group Policy Object l nhng i tng thuc nhm Policy qun l, nc s p t cho cp user hoc Computer c cha trong Site, Domain, Organization Unit (OU).9.1. Cc yu cu cn lm trn Group PolicyTrin khai cc ng dng sau cho tc c cc phng ban:

Microsoft WordMicrosoft ExelMicrosoft PowerPointAcrobat Reader

Cc phn mm khc cho tng phng ban:Phong k ton: phn mm k tonPhng Hnh chnh Nhn s: phn mm qun l nhn s

Phng K hoch kinh doanh: phn mm thit k m hnh Microsoft VisioCu hnh GPO p t cc chnh sch khc nh:

T ng khi ng Internet Explore vi trang ch ca cng ty khi user ng nhp vo mngKhng nhn thy Properties ca My DocumentsKhng nhn thy v khng truy cp c a C trn my LocalMap my in local, map a mng

9.2. Trin khai cc chnh sch t yu cu t raS dng cng c Group Policy Management qun l tp trung cc policy c trn h thng.Cc ng dng Word, Exel, PowerPoint c qun l trong mt policy chung v trin khai (lin kt) xung tcc cc OU phng ban.Cc ng dng phn mm chuyn ngnh, mi phn mm s c cu hnh deploy trong mt PolicyThc hin p t cc chnh sch khc: Mi chnh sch c cu hnh trong mt policy ring.

10. Cc dch v h tr10.1. Dch v RISTrong mt m hnh h thng c nhiu my trm, ci t h iu hnh cho tt c my trm thi hi ngi qun tr phi mt rt nhiu thi gian ci t cho tng my. Vi chc nng ci t h


17/19

iu hnh mt cch t ng qua mng, dch v RIS ra i ngi qun tr gii quyt vn nymt cch nhanh chng v c hiu qu.10.1.1. Chc nngCi t h iu hnh qua mng cho Client.10.1.2. u nhc im ca dch v u im

Ci t h iu hnh mt cch t ngMy trm ch cn c card mng h tr PXE, khng cn c CD-ROMNgi qun tr khi mt cng i ci t trn tng my

C th ci t cho tt c my trm vi mi cu hnhMy trm sau khi ci t xong t ng join domain

Nhc imCu hnh phc tpThi gian ci t s rt lu nu s lng my trm ln

10.1.3. Yu cu chung khi trin khai dch vMy tnh cha dch v RIS Server phi l thnh vin ca Domain hoc l dch v RIS Server

ny nm trn DomainServer ci t RIS phi c 2 phn vng khc nhauPhn vng cha file ci t RIS phi c nh dng NTFSC DHCP Server c Active trn mng

C DNS phn gii tt trn mng

C mt Windows CD hoc c mt folder share cha cc file ci tMy Client phi h tr PXE boot ROM hoc card mng c h tr boot floppy

10.1.4. nh hng v trin khai dch v nh hng thc hin

Cc my trm trong h thng c cng cu hnhCi t h iu hnh Windows XP Professional cho tt c my trm

Sau khi ci t xong h iu hnh th cc my trm join vo domain v c y ccthng tin cu hnh c lin quan Trin khai dch v

Ci phn mm Remote Installation ServicesTo Image lu trn Server

To a mm boot mng (nu my khng h tr boot mng PXE)To Answer file t ng tr li cc thng tin khi ci t h iu hnh cho ClientPhn quyn cho User no c th ci t h iu hnh t RIS Server

10.1.5. Tng kt dch v RIS ServerDch v RIS em li nhiu thun li cho ngi qun tr trong vic ci t H iu hnh cho nhiumy trm trong cng mt lc thng qua mng. V th, dch v ny chng ti p dng trin khaicho m hnh nhiu my trm ca chng ti tit kim thi gian v ti chnh.10.2. Dch v VPN Client to SiteMt nhn vin c gng v s pht trin ca cng ty lun lm vic ht sc mnh. H s c nhu cu lm vicmi lc mi ni nu c th. p ng c cc nhu cu ca nhn vin, h thng VPN client to site rai gip nhn vin c th s dng mng ni b cng ty bt c lc no cn thit.10.2.1. Cc chc nng v u nhc im.

Gip nhn vin c th kt ni vo site ca cng ty thng qua mi trng Internet, tr thnh mt nodeca mng LAN trong cng ty. Gip nhn vin c th s dng mi ti nguyn chia s trn mng. u im: tin li cho cc nhn vin lm vic xa cng ty lm vic nh. To ra m hnh hnh ng(pipe) ring o gip vic trao i d liu khng cn gi gn trong mt mi trng no m tr nn rng vlinh hot hn. Khng phi thu thm cc knh ring nh Lease Line, tn km hn rt nhiu. Nhc im: nu trong h thng mng khng c h thng tng la s rt nguy him cho d liu ravo h thng.10.2.2. Cc yu cu chung khi trin khai dch v VPN client to site. My ng vai tr l VPN server phi c 2 NIC, my ny s trc tip i ra ngoi Internet thng quaModem ADSL, hai NIC ca server c IP ln lt l:+ External: 192.168.1.113+ LAN_Floor 1 : 192.168.1.1 Khi s to mt address pool (dy IP) dnh trc cho cc client c nhu cu quay VPN sao cho

cng NetID vi mng LAN bn trong site l c. Theo m hnh cng ty VNTRANSPORT s c 3 subnetcon khc nhau trong site, ta s tin hnh lm tun t nh nhau cho 3 subnet. Phn ny a ra v d chosubnet Internal_Floor 110.2.3. nh hng thc hin VPN client to site


18/19

C 2 cch thc hin Mt l: Bin Modem ADSL thnh 1 Bridge, khi ta s c c IP Public, dng IP ny l IP cho VPNServer, tuy nhin cch ny hi bt tin l khi ta phi thc hin Share Net th cc my client mi c th ranet c. (p dng cho nhng modem khng h tr VPN) Hai l: Trn Modem ADSL ta s kt hp vi Dynamic DNS trn VPN Server, khi nu c clientquay vo th ta ch vic Nat Port cho Forward qua VPN Server lun. Ta s s dng cch ny cho vpn clientto site trong h thng.10.2.4. Thit k v xy dng VPN client to sitea. NAT port 1723 ca Router ADSL v my VPN server

b. Cu hnh VPN Server:To user Client bn ngoi kt ni vo VPN Server (ty vo nhng user no c nhu cu s dng VPNs to ti khon cho user )

Cho php user c quyn Allow access trong Dial-inEnable Routing and Remote Access v cu hnh chc nng Remote Access (dial-up or VPN)

Cu hnh Range IP cho cp cho client khi connect vo mng v hon tt qu trnh trn cu hnh trnserverc. Cu hnh VPN Client trn my Client ngoi vo:

To mt connection mi ti My Network Place, cho Connect to the network at my workplaceChn ch Virtual Private Network Connection ti bc tip theo

Ti phn VPN Server Selection, g Hostname ng k trn NO-IP hoc Dyndns nu c vo Host name or IP address

Ti VPN server phi ci chng trnh cp nht IP cho hostname Sau c th kt ni n VPN server bng username v password ca mnh trong h thng.10.2.5. Tng kt dch v VPN Client to SiteVPN client to site l gii php thc s hiu qu cho vic s dng ti nguyn bn trong mng ca nhn vinkhi lm vic bn ngoi. nng cao bo mt cho dich v ny, tng lai h thng s phi ci t Firewallnh ISA hoc mt dch v ca bn th ba no .10.3. Dch v Remote AssistanceDch v ny cho php cc nhn vin k thut hoc admin c th vo my tnh ca nhn vin gip h giiquyt s c trn my. Rt c ch cho vic h tr nhn vin t xa.Cc bc trin khai:

To file Remote Assistance trn my client vi username v password bt k.Chia s file ny cho ngi s gip nhn vin

Nat Port 3389 trn modem v router Sau ngi ny s truy cp vo my nhn vin thng qua IP v Port 3389 c cu hnh trong file .S dng username v password to trc chng thcC. o to ngi s dngSau khi cng vic xy dng h thng mng cho cng ty th cng vic o to ngi s dng cng quantrng khng km. ngi s dng hiu c cch s dng cc dch v c trn h thng...v rt nhiunhng cng vic khc.Nhng cng vic cn lm: Tuyn chn i ng o to B tr thi gian o to Thit k ti liu o to: bao gm cc phn cn hng dn cho nhn vin cn thc hin nh Cch ng nhp vo h thng s dng username v password ca tng nhn vin Cch s dng file server lu tr d liu lm vic, cch bo co, cch chia s d liu trn file server. Cch truy cp vo web, ftp ni b cng nh public Cch s dng VPN Client to Site connect vo mng cng ty khi cn thit Cch s dng Remote Assistance cho php cc admin vo my h tr k thut.D. Kim tra v bn giao vn hnh1. Kim traSau khi ci t v trin khai xong h thng mng cho cng ty, ta tin hnh kim tra tng ton din h thng.Kim tra t my ca nhn vin nhng vn sau: ng nhp vo user trn domain bng my clientt ip ng, tin hnh release v renew ip, km tra ip ca dhcp cp, kim tra dns bng nslookup, sau kim tra s lin thng gia cc mng bng lnh ping, ping ra internet kim tra kt ni internet t my client. ng nhp vo 2 my client v kim tra phn quyn trn file server Kim tra My Documents ca nhn vin sau khi ng nhp vo h thng.

Truy cp vo kim tra dch v web, ftp, to file a qua my khc kim tra remote assistance.Kim tra my in v in th trn client.Kim tra s thi hnh ca cc Group Policy p t xung my client.

2. Bn giao vn hnh


19/19

Sau qu trnh kim tra ton din h thng, ta s tin hnh bn giao cng vic vn hnh h thng li cho banqun l v phng k thut ca cng ty.Nhng th cn bn giao: Cc m hnh h thng v nguyn tc hot ng ca tng thnh phn trn h thng: DNS, DHCP, DCng cp, File server, Web - FTP server, Printer server, WSUS, Antivirus, RRAS, Backup & Restore AD vFile server.

T ta tip tc ch ra cc thnh phn quan trng trn h thng, ch cch kim tra s c v khc phckhi s c xy ra.

Phi hp vi b phn chuyn gia phn cng ln lch bo tr cc thit b trong h thng.

E. Chuyn giao ti liu v khch hng nghim thu1. Chuyn giao ti liuCc ti liu cn chuyn giao li cho cng ty nh sau:

Ti liu nguyn cu v thit k h thngTi liu o to ngi s dng

2. Nghim thu vi khch hngHi nhng thc mc ca khch hng v tr li nhng thc mc Hi khch hng cho chng ta nh gi v h thng xut cc phng n m rng h thng khi cng ty pht trin mnh hnTin hnh nhn tin cho vic thit k, lp t v tin thit b t khch hng. K cc bin bn xc nhn

lin quan.F. nh gi hiu qu

Sau khi thit k v xy dng h thng ny, nhm 06PBL152 nhn thy rng h thng ny rt hu ch vmang li hiu qu cao cho hot ng ca cng ty. Sau y l nhng nh gi m nhm a ra sau khi lnxy dng h thng: Nh s qun l tp trung ca file server v cc h thng khc, hot ng ca cng ty cng nhanh hnv tit kim chi ph hn.

Tin li cho vic s dng ca nhn vin v i ng qun l trong cng tyThng tin c bo mt hn v qun l d dng hnGip cho ngi qun l c th truy cp thng tin nhanh chng v bt k u, ch cn c mng

internetVn v kinh ph ph hp vi mt cng ty va v nh

C th pht trin h thng trong tng lai

V.Phng n m rngi vi mt h thng th lun bo m ng bn yu cu c bn:

Yu cu v bo mt thng tinYu cu v kh nng hot ng nhanh nhyYu cu v kh nng chng chu vi mi trng h thng Yu cu v kh nng m rng

Sau khi hon tc qu trnh xy dng v a vo hot ng, trong tng lai khng xa kh nng cng ty spht trin v cn thit mt h thng ln mnh v kh nng bo mt thng tin cao hn na.T t ra phng php m rng cho h thng l vn cn c cp ti khi bt tay vo xy dngmt h thng. Ta s chn la nhng thnh phn v cu trc chnh c kh nng m rng trong tng lai.Sau y l phng n m rng h thng m nhm 06PBL152 vch ra cho h thng trn:

Trin khai CA, IP SEC cho h thng bo mt c nng cao hn

Trin khai vpn (ci radious server nu cn chng thc v qun l trong giao tip VPN) v kt hp vpnipsec hoc SSL.

Trin khai RAID 5 trn my DC Backup ng thi tng tc hot ng ca serverKt hp Load Balancing vo h thng cn bng ti, tng kh nng chng chuCi t ISA v khoanh vng DMZ cho vng server public ra internetCi t h thng Mail exchange tin vic lin lc nu cn thit khi nhn vin cng ty tng ln ng

k------------------------------- THE END --------------------------------