Running head: ASSIGNMENT 7 1

Assignment 7
Kris Trinidad
Kaplan University Online
IT 299 Associates Capstone in Information Technology
Professor David Lecomte
July 9, 2014









ASSIGNMENT 7 2

Part 1: Implementation Plan Document
Based on Emphasis Area
To begin implementation of the Caterday Photographic Company Network installation
will be with the server portion in the main office. The first computer installed will be the network
management console with OS X Server, and it will be configured as the Open Directory Domain
server for login and authentication both for server resources and for virtual protected network
access. The virtual protected network will also be configured to be controlled by this machine.
All the server IP addresses will be assigned and those of the Verizon cellular wireless devices as
coordinated with Verizon and their appropriate domain name authority. The virtual protected
network addresses will also be assigned. The Netgear smart switch will then be installed and
configured to forward to the network console for intrusion detection and monitoring. Next will
be the Mac Pro designated as the file server and its connection to the 12TB WD Sentinel
DX4000 Small Business Network File Storage Server. The Sentinel will be running Microsoft
Server 2008 R2 or later. This Mac Pro running OS X Server will be configured for access on the
VPN and Open Directory and sharing of the Sentinel. The Sentinel will then be initialized,
configured, and tested. Finally the Mac Pro file server will have its Ethernet and cellular
wireless connection bridged so that its data stream can be seen over the switch at the network
management console. The next server to go in will be the server on which the web services
internet proxy and firewall reside. It will also be running OS X Server and it will be added to the
Open Directory and VPN system. The Apache web server software and Squid proxy server will
be installed and the Apache web server will be configured by the web development team when
they install their software and then tested for security by the network team when they are done.
The Ethernet and cellular wireless connection will be bridged as was the file server , and the
ASSIGNMENT 7 3

Squid proxy and firewall will be configured to provide a gateway between open internet access
and the virtual protected network.
The last server installed will be the email and print server, again it will be running OS X
Server. It will also be configured as the others with bridged Ethernet and wireless and added to
the Open Directory and VPN. The printers will be connected to the print server and tested for
access from the network management console. At this point the network intrusion detection
software will be installed and given its initial tests. The email system will also be tested at this
point.
When we reach this point in the installation, whoever Caterday Photographic Studios has
decided will be administering the network would be brought in for training and to help finish
configuring and testing the main portion of the network.
Next the network tracking system will be installed and tested so that future expansion can
be monitored as well as information from the various photo shoots.
This would be the point at which all servers would be configured to use the SpiderOak
backup service including the Sentinel server and a complete backup would be taken of each,
versioning would be established and incremental backups scheduled.
The first user workstation setup and added to the network will be the customer service
iMac running Apple OS X. This will be the main training for the Caterday administrator on
setting up the workstations. Each station must be configured to use the VPN and proxy and have
access to the network services as well as the Adobe Creative Cloud. In addition each user of the
customer service machine must be added to the Open Directory and VPN logon and
authentication tables. The effectiveness of the network tracking system would be tested from this
machine at this time.
ASSIGNMENT 7 4

When the workstations are configured each will be assigned to a specific employee, IP
address, and established in the Open Directory and VPN system. They will be tested for access to
the Adobe Creative Cloud, the various servers, the internet itself, and for any obvious gaps in
security and that the network tracking software is working as designed. Due to the mobile nature
of the Apple MacBook Pro with the Verizon cellular wireless system, the employees physical
location can be anywhere. If they should need to be in the studio, the main office, or a wedding
at a church in the next town, they will still be connected to the Caterday network and have
complete access to everything they need.
The logical topography of the Caterday Photographic Company Network will appear
seamless. The virtual protected network will isolate the company equipment from the rest of the
internet through the proxy server, and the face of Caterday will be its web site when seen by its
clientele. The mobile workstations will be able to access, store and share whatever they need to
on the network as well as the Adobe Creative Cloud. Since network access will be controlled by
proxy and the local system firewall, intrusion detection and unauthorized internal accesses will
be easily monitored from the network management console. Network expansion and network
data tracking will be easily managed as well through the network management console. The
physical topography is also fairly simple. The servers are all connected via Ethernet with cellular
wireless connections bridged to allow security monitoring as well as higher speed transfers
between the servers themselves. This also allows a direct connection to each mobile workstation
on the virtual protected network. The only time the proxy server is used is when a workstation
attempts to access a site outside the virtual protected network. Finally, backups are done directly
to SpiderOak from each server as scheduled.

ASSIGNMENT 7 5

Part 2: Network Diagram