THIT K H THNG H TNG MNG CHO DOANH NGHIP

THIT K H THNG H TNG MNG CHO DOANH NGHIP

MC LC I.GII THIU D N II.PHN TCH YU CU A.Thng tin v yu cu ca khch hng B.Thng tin qua kho st thc t III.GII PHP A.Thit k logic v thit k thc t B.La chn thit b v cng ngh C.Chi ph D.ng truyn kt ni IV.PHNG N TRIN KHAI A.Bng phn hoch IP B.Thit k v xy dng h thng 1. Thit k v xy dng Domain 2. Thit k v xy dng DNS server 3. Thit k v xy dng DHCP server 4. Thit k v xy dng cu trc File server 5. Thit k v xy dng h thng Web server v FTP server 6. Thit k v xy dng Printer server 7. Thit k v xy dng h thng antivirus m hnh client-server 8. Xy dng h thng v li WSUS 9. Trin khai Policy qun l 10. Cc dch v h tr khc C.O TO NGI S DNG D.KIM TRA V BN GIAO VN HNH E.CHUYN GIAO TI LIU V KHCH HNG NGHIM THU F.NH GI HIU QU V.PHNG N M RNG I. Gii thiu d n Sau hn 25 nm ra i v khng ngng pht trin, mng Internet mang nhng c im ni tri m trong chng ta khng ai c th ph nhn, t kh nng lin kt mnh m n ngun thng tin di do cng nh vn thi gian v tc x l thng tin. Nhng song song vi nhng u im th mng Internet li cha ng trong n nhng him ha khn lng. Hy tng tng mt ngy p tri no , nhng thng tin mt m chng ta c cng ct giu li b phi by ra trc tt c mi ngi, n b nh cp m ngay chnh bn thn chng ta cng khng bit l n b ly i! Thng tin mt ca mt con ngi quan trng, nhng nu n l thng tin mt ca mt cng ty, mt t chc hay cao hn l ca quc gia? iu g s xy ra khi n b nh cp?

Trong h thng mng Workgroup, thng tin khng c qun l tp trung dn n rt nhiu bt cp trong vn qun l cng nh kh nng bo ton d liu. V vy trong mt cng ty nu s dng mng ny chia s thng tin s v cng nguy him, s dng h thng mng c qun l theo m hnh Domain l iu tt yu. Mt cng ty vn cha ng rt nhiu thng tin v trong c nhng thng tin mang tnh chin lc cho s pht trin ca cng ty, vn qun l v bo mt thng tin c t ln hng u. c th to dng mt h thng thng tin ni b, d dng cho nhn vin s dng, thun tin cho cng vic qun l cng nh vic trao i thng tin th vic xy dng h thng File Server l rt cn thit. T thng tin c qun l tp trung v s dng chin lc Backup Restore hp l trnh tnh trng thng tin b tht thot! Da trn tnh hnh thc t, nhm chng ti nghin cu v pht trin d n Xy dng h thng File Server - qun l d liu tp trung v xy dng h thng mng Lan cho cng ty vi tnh n nh v bo mt cao. Chng ti tin tng rng, vi n ny, chng ti c th gip cc cng ty qun l, s dng v bo mt tt thng tin cng ty tn dng tt cng ngh v ph hp vi ngun ti chnh ca mt cng ty va v nh ang trn pht trin. II. Phn tch yu cu i din ca khch hng 1. V hin trng cng ty do khc hng cung cp: VNTransport l mt cng ty vn ti ng b. Hin ti cng ty ang ta lc ti mt to nh TP.HCM. hot ng gn 5 nm v mun xy dng h thng mng ni b m hnh domain cho cng ty. Cu trc to nh ca cng ty gm mt tng trt v ba tng lu. Tng mt c s dng cho ba phng ban, tng hai cho hai phng ban, tng ba l tng qun l tp trung cc my ch quan trng ca cng ty. Chi tit: Nhn s v phng ban trong cng ty: Phng Hnh chnh nhn s: 10 ngi (tng 1) Phng K hoch kinh doanh: 10 ngi (tng 1) Phng K Thut: 10 ngi (tng 1) Phng Ti chnh K Ton: 20 ngi (tng 2) Phng Ban Gim c: 4 ngi (tng 2) 2. V yu cu ca khch hng: Xy dng h thng File Server v chin lc sao lu phc hi d liu cho user trong h thng mng ca Cty vi cc yu cu sau: Mi Nhn vin u c quyn tng ng trn File Server H thng File Server cha ti nguyn phi c chia s Mi Nhn vin khi logon vo h thng s c 2 a mng (dng chung v dng ring). Xy dng chin lc sao lu v phc hi d liu cho h thng File Server Gi thnh h thng hp l, khng vt qu 500 triu ng cho c h thng Ni dung chuyn mn cn c: WSUS User & Group: home folder, script (log in). RAID B. Thng tin qua kho st thc t 1. V cu trc ta nh: ng nh thng tin cung cp ca khch hng 2. V hin trng cng ty: l cng ty va v nh ang trn pht trin, kh nng ti chnh cng c gii hn. V th cn s dng nhng gii php ph hp. Cng ty hin ang s dng mng workgroup m hnh nh sau:

III. Gii php A. Thit k logic v thit k vt l Cng ty cn xy dng mt h thng mng theo m hnh Domain qun l tp trung,to iu kin thun li cho qun tr h thng mng C tc c 5 server, trn mi server chy cc dich v khc nhau tit kim chi ph. Chi tit v cc dch v trn m hnh chc nng sau:

M hnh thit k vt l ca h thng nh sau:

M hnh IP:

B. La chn thit b v cng ngh Cc linh kin thit b c: 53 computer cu hnh mnh v va 2 witch 24 port, 1 switch 16 port, 2 switch 8 port 1 my in LaserJet Cc thit b cn mua mi: Thit b Yu cu S lng Server Modem ADSL Switch Printer 8 port LaserJet Server 5 1 2 3

Cable RJ45-ADC 450 m Cng ngh s dng: Tn dng ti a cng ngh ca Microsoft kt hp thm cc dch v ph tr khc. u im: cng ngh ph bin v gi thnh r Nhc im: h thng c th xy ra li do phn mm nn cn c nhn vin k thut chuyn mn h tr. Chi tit v cng ngh s dng: S dng Windows Server 2003 ci t v qun l tc c cc dch v quan trng trong cng ty File server: Lu tr, chia s, qun l d liu tp trung Domain Controller, DNS, DHCP server: qun l h thng cc i tng, phn gii tn, cp pht IP ng cho ton b vng mng LAN Web, FTP, Printer server: Qun l web, ftp v my in mng. RIS, WSUS: trin khai h iu hnh, cp nht cc bn v li cho h thng RRAS, Antivirus: lm chc nng router (Lan-Routing, VPN, NAT), qun l vic qut virus cho cc antivirus client trn my nhn vin v cp nht cc bn dit virus mi t internet D. ng truyn kt ni ng truyn trong mng LAN: s dng cp RJ45 tc 100 Mbps ng truyn Internet: s dng gi cc MegaOFFICE ca FPT Tc truy cp Internet ti a Download 3,072 Kbps Upload 640 Kbps Cam kt v tc truy cp Internet ti thiu Download T 128 Kbps Upload T 128 Kbps IV. Phng n trin khai

A. Bng phn hoch IP: Deseription Interface Modem ADLS External External Internail_server Router Antivirut LAN_floor1 LAN_floor2 DC 1 DNS 1 DHCP 1 DC 2 DNS 2 DHCP 2 File server WSUS Server RIS Server Web Server Mail Server FTP Server Printer Server Floor 1 Internail_server

IP 192.168.1.113 192.168.1.5 192.168.1.6 192.168.1.7 192.168.1.8 192.168.1.9

S.Mask 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0

Default Gateway DNS Server 192.168.1.113 DNS ISP 192.168.1.113 DNS ISP

192.168.1.6

Internail_server

192.168.1.10

255.255.255.0

192.168.1.6

192.168.1.7 192.168.1.8 Form Ader:n ISP 192.168.1.7 192.168.1.8 Form Ader:n ISP 192.168.1.7 192.168.1.8 192.168.1.7 192.168.1.8 192.168.1.7 192.168.1.8 192.168.1.7 192.168.1.8

Internail_server

192.168.1.11

255.255.255.0

192.168.1.6

Internail_server LAN_floor1

192.168.1.12

255.255.255.0 255.255.255.0 255.255.255.0

192.168.1.6 192.168.1.7 192.168.1.8

192.168.1.20>192.168.1.60 192.168.1.60Floor 2 LAN_floor2 >192.168.1.100 B. Thit k v xy dng s h thng: 1. Thit k v xy dng Domain Xy dng cu trc Active Directory

Chc nng ca Domain Controller: My DC gip qun l cc i tng nh domain, ou, group, user, my in, v rt nhiu cc i tng khc. my DC hot ng n nh, cu hnh ng l cc k quan trng. Ta tin hnh xy dng 2 DC ng cp trn h thng gip ti u ha kh nng lm vic cng nh s an ton cho h thng. u im: Hai my DC ng cp c c cu Replicate d liu qua li v hot ng ngang hng. Khi c mt user gi yu cu ln DC1 x l, thng tin t user th 2 s c tip nhn bi DC2. Hai my ny s thay phin nhau lm vic, gip h thng vn hnh nh nhng hn. Khi c mt my trong h thng khng hot ng na, my DC cn li s c nhim v thc hin ht tc c cc cng vic iu hnh v qun l cc i tng. Gip h thng vn vn hnh tt khi c s c vi mt my DC no .

Khi xy dng 2 dc ng cp, d liu truyn qua gia 2 my ny theo c ch nhn bn (Replicate), bo mt v khng chim qu nhiu bng thng h thng nh qu trnh transfer. Ta xy dng 2 my Domain controller ng cp ln lt nh sau: DC1: Domain type: Forest Root Domain Full quality domain name: server01.vntransport.vn DC2: Domain type: Additional Domain Full quality domain name: server02.vntransport.vn DC1 v DC2 ng cp hot ng ngang hng chia s thc hin cc yu cu t cc client trong h thng. Khi DC1 b s c DC2 c nhim v thc hin qun l cc i tng cho DC1 1.2 Xy dng cu trc OU v Group

Chin lc Group c s dng: A-G-P, p dng khi forest c mt domain v t user. Gii thch chin lc A-G-P: Account Global Group Permission. Cc User Account (A) c a vo Global Group (G), v gii hn quyn ti group ny (P). u im: Cc group khng lng vo nhau nn vic x l s c s d dng hn Ti khon thuc v mt phm vi nhm n l. Nhc im: Ti mi thi gian mt ngi dng xc nhn vi mt ti nguyn. Server kim tra thnh vin ca nhm v xc nh n c phi l member khng S thc thi b gim st vi v nhm global khng c Cache

Bng thit k Group cho Doanh nghip: Group Scope Group Domain Global Universal Local BanGiamDoc ThuKy KToan

Group Type Security Distribute OU BanGiamDoc BanGiamDoc KeToan

HC-NS HanhChinh-NhanSu KT-KD KeHoach-KinhDoanh KThuat KyThuat 1.3. Chin lc Backup v Restore Active Directory. m bo s an ton cho d liu v kh nng hi phc d liu khi cn thit. Ta tin hnh backup v restore cho Active Directory 1.3.1. Yu cu khi thc hin Backup Restore cho Active Directory: m bo d liu c lu tr tt phc hi sau backup La chn thi ng thi im backup khng gy nh hng hot ng ca my ch S dng cc chin lc restore hp l khi gp nhng s c khc nhau trn AD 1.3.2. nh hng thc hin: S dng thit b lu tr chuyn dng cho vic backup l Tape Driver: Hewlett Packard StorageWorks DAT 24 (DW069A) DAT Tape Drive DAT, 12 GB, USB 2.0 Interface, Internal Enclosure, 1.5 MBps, For: PC Platforms. Gi: 220$ Chn thi gian backup thch hp tt nht l vo nhng lc vng nhn vin lm vic nh vo lc ngh tra hoc sau gi lm vic S dng cc chin lc restore ph hp nh: Primary, Non-Authoritative, Anthoritative 1.3.3.Cch thc hin: a. Backup System State: dng backup li database ca Active Directory. Dng chng trnh backup NTBACKUP c sn ca Windows tin hnh backup system state cho h thng. b. Restore AD: Ty vo cc trng hp khc nhau ca s c Domain Controller ta tin hnh cc kiu restote database khc nhau Trng hp 1: Authoritative Restore Khi chn cch phc hi ny t my DC1 (file backup trn my ny), d liu c nhn bn (replicate) ngc li t my DC2. Nu mun chn gi li i tng no c to ra sau thi im backup trn DC1 ta s chy dng lnh NTDSUNTIL gi li i tng . Gi s mun gi li user NV-Ktoan01 trn DC1 c to ra sau thi im backup, ta ln lt chy dng lnh trn cmd nh sau: NTDSUNTIL Authoritative Restore Restore Object cn=NV-Ktoan01,ou=Ktoan,ou=KeToan,dc=vntransport,dc=vn Quit Restart Trng hp 2: Non-Authoritative Restore Hnh thc ny s ghi li tnh trng h thng khi tin hnh backup kt hp vi nhng i tng t my DC bn kia sau khi bn backup c to ra, gi s ta to bn backup trn DC1 v sau to user NV-Ktoan01 trn DC2. Sau tin hnh restore file backup. Sau khi restore h thng s bao gm nhng i tng khi backup cng vi user NV-Ktoan01 c to ra trn DC2 nhn bn qua. Trng hp 3: Primary Restore Hnh thc ny s ly trng thi mi nht cho file backup v phc hi li cho DC tin hnh restore, h thng t ng ng b cho DC khc trn h thng. Ta s dng cch backup ny khi tc c cc my DC u b mt d liu v mun phc hi li d liu ti thi im backup. 1.3.4. Tng kt Backup & Restore AD Mt h thng an ton l h thng c backup thng xuyn v s dng chin lc restore ng thi im. S dng chin lc backup restore AD gip d liu trn cc my DC c bo m an xy ra bin c h thng. 2. THIT K V XY DNG DNS DNS l mt mu cht quan trng cho s vn hnh h thng mng. DNS hot ng tt, ta cn thc hin thit k v ci t ng phng php v chnh xc. 2.1.1. Chc nng ca DNS server:

Ngoi chc nng phn gii tn min thnh IP v ngc li. V DNS l mt c s d liu phn tn v c kh nng m rng. N gip ngi qun tr cc b c th qun l d liu ni b thuc phm vi ca h, d liu ny c truy cp trn ton b h thng theo m hnh client-server. u im: Tng kh nng chu li Cn bng ti Security (dynamic update) Gim traffic h thng (khng phi transfer m thng tin Dns c replicate chung voi AD) 2.1.2. Yu cu nh hng v cch thc hin: Xy dng 2 DNS primary server m bo tnh sn sng v kh nng chu li. Khi 1 server b s c DNS server cn li s thc hin cc yu cu phn gii ca client. Xy dng h thng DNS trn server01 Vo control panel ci t Dns service Cu hnh Primary Zone tch hp AD Cu hnh Forward lookup zone v Reverse lookup zones Xy dng DNS trn server02 Ch cn ci t DNS service sau tc c cc d liu s c replicate t my dns1 qua Sau khi cu hnh xong ta s tin hnh kim tra DNS c phn gii ng hay khng bng lnh nslookup trn CMD. Nu phn gii tt kt thc qu trnh cu hnh v tip tc xy dng cc dch v khc. 2.1.3. Tng kt dch v DNS DNS l mt dch v cc k quan trng trn h thng mng. DNS c th phn gii ng v c kh nng hot ng n nh, ta cn tin hnh cc bc cu hnh chnh xc 3. THIT K V XY DNG DHCP Khi mt my tnh tham gia vo mng th a ch ca n phi l duy nht khng trng lp vi bt c my no khc trn h thng. i vi mt h thng mng ln c hng trm my trm th vic gn a ch IP cho tng my trm th s gp rt nhiu kh khn, mt nhiu thi gian v cng sc. khc phc tnh trng trn, h thng mng cung cp dch v DHCP cho Server t ng cung cp a ch IP v cc thng tin cu hnh cn thit cho cc my trm. 3.1.Chc nng ca DHCP server DHCP Server cp pht IP ng v cc thng tin cu hnh c lin quan cho cc Client. 3.2. u nhc im ca DHCP server u im: Gim bt cc hin tng xung t v IP, hay cc li v IP, lun m bo Client c cu hnh ng n gin ha trong cng tc qun tr. Tit kim c s a ch IP tht Tp trung qun tr thng tin v cu hnh IP Cu hnh IP ng cho cc my trm mt cch lin mch Ph hp vi cc my tnh thng xuyn di chuyn gia cc lp mng T ng cp nht thng tin khi c s thay i cu trc mng S linh hot v kh nng d m rng Nhc im: a ch IP c cp s b thay i, khng bo m c mt a ch ring bit cho mt Client trong mi lc khi Client cn mt a ch IP tnh Qu trnh cp pht IP gia DHCP client v DHCP server l tn hiu broadcast nn khng th i qua c Router 3.3. Cc yu cu chung khi trin khai dch v DHCP server DHCP Client Windows XP DHCP Server Windows Server 2003 DHCP Server Service c ci t trn Server cu hnh IP tnh, Subnet Mask v Default Gateway C Range IP hp l 3.4. nh hng v trin khai dch v DHCP server nh hng thc hin theo m hnh h thng Xy dng theo chin lc 80/20 Cu hnh 2 Range IP cho 2 Subnet tng ng trong m hnh h thng Cu hnh Scope Option: 003: Router, 006: DNS Servers, 015: DNS Domain Name Cu hnh Superscope cho 2 Range IP tng ng Backup & Restore DHCP database Nn DHCP database

 Cu hnh DHCP Relay Agent Trin khai dch v theo m hnh h thng

Ch thch: 003 Router 006 DNS Servers 015 DNS Domain Name 3.5. Tng kt dch v DHCP Dch v DHCP Server c cu hnh v sn sng cho vic phc v cp pht IP ng cho cc my trm trong h thng mng ca cng ty VNTransport. Vi cc chc nng c cu hnh m trnh by trn th nhm chng ti m bo tnh an ton v hon ton n nh trong sut qu trnh hot ng ca cng ty. 4. Thit k v xy dng cu trc File Server File Server trong mt h thng mng ng vai tr cc k quan trng v tc c d liu ca nhn vin c lu tr v chia s ti y. file server hot ng mt cch an ton v hiu qu ta cn thc hin nhiu chin lc v mt cu hnh cng nh qun l. 4.1. Chc nng ca File server v u nhc im Lu tr v chia s d liu. Qun l d liu tp trung. 4.2. Cc yu cu cn lm trn File server. D liu c chia ra cc vng khc nhau phn quyn s dng cho nhn vin. Gii hn khng gian s dng ca tng nhn vin. Gim st vic s dng ti nguyn ca nhn vin Phc hi d liu nu l b xa, thay i. Backup d liu nh k phc hi khi cn thit. Hot ng nhanh, n nh, bo mt. 4.3. nh hng thc hin. S dng NTFS Permission phn quyn trn cc th mc chia s cho cc Group cha user trn AD. S dng Quota gii hn dung lng s dng trn a File server. S dng Audit gim st vic s dng ti nguyn. S dng Shadow Copies sao lu v phc hi d liu b xa, thay i tm thi. S dng Backup & Restore sao lu d liu nh k v phc hi khi cn thit. S dng Raid 5 sao lu ng thi tng tc hot ng cho a cng File server.

4.4. Xy dng v Cu hnh File server File server c t trn mt a cng ring v nh dng theo chun NTFS. Trn a cng ny to phn vng D cha d liu. Phn vng ny ch s dng cho file server khng c mc ch no khc. 4.4.1. Xy dng cy th mc cha d liu trn phn vng D Ta to ra 2 th mc chc nng m nhn cng vic ring. Public: th mc dng chung, nhn vin c th lu v chia s d liu ti y Trn Public cha 2 th mc dng chung: + Report: th mc lu cc bo co ca nhn vin cho ban iu hnh. + Application: th mc lu tr cc ng dng ph hp deploy xung cho tng phng ban. Private: th mc dng ring, lu tr d liu lm vic ca tng nhn vin ring bit. Mi nhn vin khi logon vo h thng s c mt th mc tng ng, th mc ny s lm My Document cho tng nhn vin. 4.4.2. nh hng phn quyn NTFS v cch thc thc hin: a. Yu cu chung: Nhn vin khng th xa hoc thay i cu trc th mc c sn Nhn vin c ton quyn trn th mc v d liu mnh to ra Nhn vin khng chnh sa hoc xa c d liu ca ngi khc b. Yu cu ring: Trn Public: Nhn vin c quyn c tc c cc d liu. c quyn to - chnh sa - xa d liu ca mnh, khng c chnh sa - xa d liu ca ngi khc. + Trn Report: Nhn vin ch c quyn c v ghi d liu ca mnh. + Trn Application: ch dnh cho admin deploy phn mm. Trn Private: Cha cc th mc tng ng cho cc nhn vin, khi nhn vin ng nhp vo h thng ln u tin th s t ng to ra mt th mc trng trn ca user nhn vin, th mc ny c s dng lm My Documents cho nhn vin khi lm vic trn h thng. D liu ca nhn vin c lu tr trc tip trn server v nhn vin s thy duy nht d liu ca mnh, khng thy bt c th mc no ca cc nhn vin khc. c. Cch phn quyn NTFS Cng vic chung: Share 2 th mc vi tn tng ng Thit lp Full Control cho Everyone Share Permission cho tc c cc th mc share Cu hnh NTFS Permission: + G b c tnh tha hng trn a D + Remove group Nhn vins khi a D + Add cc group tng ng ca phng ban vo + Thit lp Full control cho ti khon CREATE OWNER trn D Cng vic ring trn tng th mc share: Bng phn quyn: Folder Share NTFS (advanced) Users/Group Apply onto Public Full Travel Folder / Execute file BanGiamDoc This folders, control List Folder / Read Data ThuKy subfolders and files Read Attributes KToan Read Extend Attributes HC-NS Create Folders / Append Data KT-KD KThuat Report Full control Travel Folder / Execute file List Folder / Read Data Create Folders / Append Data Read Attributes Write Attributes BanGiamDoc ThuKy KToan HC-NS KT-KD KThuat Administrator This folders, subfolders and files

Application Full Full control This folders, control subfolders and files S dng Group Policy cu hnh th mc Private cha cc My Documents ca nhn vin 4.4.3. S dng Quota gii hn khng gian lu tr. a. u im v nhc im u im: Gii hn c khng gian s dng a mng cho nhn vin, trnh tnh trng s dng qu nhiu lm nh hng cho file server, lng ph ti nguyn cng nh tc truy xut d liu ca nhng nhn vin khc Nhc im: i vi cc phng khc nhau phi thit lp cc mc hn ngch khc nhau ty vo nhu cu, mi khi d liu lm vic ca mt ai y chng ta phi iu chnh li mc hn ngch. Khng th thit lp mt ln s dng mi mi.

b. Cch thc hin Mi nhn vin ch c s dng 500mb trn a cng ca file server Thng bo cho nhn vin khi dng n 450mb, n 500mb th khng lu d liu c na. Thit lp quota cho tc c cc nhn vin nh sau: Limit disk space: 500mb Warning level: 450mb 4.4.4. Gim st hot ng ca nhn vin trn file server vi Audit Gim st cc hot ng ca nhn vin trn file server nh: to, chnh sa, xa a. u im v nhc im u im: gim st gip qun l c cng vic ca user v c th ghi ra bo co khi cn thit Nhc im: lm cng vic x l trn file server din ra chm hn do mi ln c cc s kin xy ra phi ghi li nhng s kin . b. Cch thc hin Thm danh sch cc nhn vin mun gim st vo v ty chn cc s kin Successful hoc Failed ph hp vi quyn ca tng nhn vin trn a 4.4.5. S dng Shadow Copies. Shadow Copies cho php sao lu d liu tm thi do nhn vin to ra v phc hi khi l b nhn vin v tnh xa hoc ghi ...trong ngy hm . a. u im v nhc im u im: restore li mt cch nhanh chng, ghi li nhiu version khc nhau ca mt file cho php thc hin qu trnh restore theo ngy gi c th. Nhc im: ch khc phc nhng s c nh khi b xo mt file hay th mc. Khng th thay th c cc hnh thc sao lu truyn thng. b. Cch thc hin Enable chc nng Shadow Copies trn a cng file server. Lp lch t ng sao lu Cho my tnh nhn vin ci t chng trnh Previous Versions Client trong th mc C:\WINDOWS\system32\clients\twclient\x86 thc hin phc hi: t my nhn vin vo th mc m user thc hin thay i chn Properties -> chn Previous Versions -> Chn thi im sao lu -> Chn Restore. 4.4.6. Chin lc Backup & Restore cho File Server. Backup & Restore l hnh thc sao lu truyn thng khng th thiu trn bt c file server no. N l linh hn ca file server, ng vai tr cc k quan trng trong cng vic bm m s an ton d liu. D liu c to ra v sao lu, phc hi ti nhng thi im thch hp gip ta i ph vi bt c tnh hung no khi xy ra s c trn file server. a. u im v nhc im u im: c th kt hp nhiu phng php sao lu, gip ly li gi liu ca bt c thi im no nu cn thit. Nhc im: d liu ngy cng tng ln cng tn nhiu thit b lu tr, thi gian sao lu cng chm. a. Yu cu v nh hng Cc yu cu: S dng bng t lu tr (Tape Drive), gip bo qun tt hn l DVD Backup vo thi im t nhn vin lm vic hoc tc c ngh trnh trng hp nhn vin cp nht d liu sau thi im backup ca server. Backup lm sao d liu to ra l t nht, thi gian ngn nht nhng vn m bo y , n nh, c th ly li d liu ca mt ngy bt k trong tun. nh hng: S dng Tape Driver: Hewlett Packard StorageWorks DAT 24 (DW069A) DAT Tape Drive DAT, 12 GB, USB 2.0 Interface, Internal Enclosure, 1.5 MBps, For: PC Platforms. Gi: 220$ Backup vo ban m khong 10h l tt nht S dng backup Normal kt hp vi Incremental v Differential Gii thiu u im v nhc im ca 3 loi backup trn tin vic la chn s dng: Backup Normal: Backup full, c ngha l s backup ht tt c ci g m mnh chn Thi im dng: backup full thng lm vo ngy cui tun v u tun u im: s backup ton b ci g chng ta cn. Khuyt im: thi gian backup v restore s lu v backup ht v restore ht, cn c thit b dung lng ln cha file backup. Backup Incremental: Kiu backup ny l ch backup li nhng g thay i ca ngy backup so vi ln backup trc Thi im dng: cc ngy cn li trong tun tr th 2 v th 7

 u im: thi gian backup nhanh v ch backup li nhng g thay i so vi ln trc, khng cn storage ln cha file backup Khuyt im: phi restore tng file theo th t Full v bakup ngy th 2 ri n ngy th 3 ... sau cng n ngy cn restore. Backup Differential: Kiu backup l file backup c to ra gm backup Full ca ngy hm trc v s thay i ca ngy cn backup Thi im dng :Thng dng vo cc ngy cn li trong tun tr th 2 v th 7 u im: bakup li bn Full ca ngy hm trc v s thay i ca ngy backup nn khi restore s nhanh hn incremental Khuyt im: thi gian backup s lu hn kiu normal nhng thi gian restore nhanh hn kiu incremental, cn storage ln cha file backup. b. Cch thc hin: Tun 1 Tun 2 Tun 3 Th 2: Normal Th 2: Differental Th 2: Differental Th 3: Incremental Th 3: Incremental Th 3: Incremental Th 4: Incremental Th 4: Incremental Th 4: Incremental Th 5: Incremental Th 5: Incremental Th 5: Incremental Th 6: Incremental Th 6: Incremental Th 6: Incremental Th 7: Normal Th 7: Normal Th 7: Normal CN: khng dng CN: khng dng CN: khng dng Bn trn l lch backup nh k hng tun, ph hp vi kh nng v yu cu ca mt cng ty va v nh. T y chng ta s cn c lp lch backup nh k. 4.4.7. Xy dng a d phng Raid Sao lu d liu lun l mt nhim v cn thit v cp bch i vi cc doanh nghip, t chc hay bt k c nhn no. Bt c khi no cng cng c th b hng hay bad m khng h bo trc v km theo th d liu cng ra i. Vy ti sao thay v vic ngi ch cng m khng t thit lp cho mnh mt h thng sao lu d phng n gin m khng cn mt qu nhiu cng sc vo vic backup hng ngy, hng gi (k c khi c chng trnh h tr). a cng hin nay khng cn qu t v qu sa x, v vy ta cn to cho cng ty mt h thng sao lu d phng c bn (RAID). S dng Raid gip tng tc truy xut d liu cng nh bo m vic sao lu phc hi cho a cng h thng mt cch an ton. Ty vo nhu cu ca cng ty ta c th s dng Raid trn DC, File Server. Yu cu v nh hng Yu cu: S dng Raid tng tc truy xut, sao lu an ton v r tin. nh hng: S dng Raid 5 thc hin. 5. Thit k v xy dng h thng Web server, FTP server Web l mt cng c truyn ti thng tin cc k hu dng ca cuc sng hin i. Web v fpt mang li cho chng ta cng c chia s d liu nhanh chng v tit kim rt nhiu chi ph. Trong h thng mng ni b ca mt cng ty, nhng dch v ny gip nhn vin cp nht nhanh chng thng tin t ban iu hnh cng nh gi thng tin ngc tr li. Xy dng ng thi 2 h thng public v private web-ftp khng nhng gip qung b thng tin ni b m cn cho cng ng s dng mng internet. N l mt cng c qung co sn phm dch v rt hiu qu v tit kim. 5.1. Cc chc nng v u nhc im. Web gip ta chia s thng tin v cp nht thng tin mi t bt c a im no c kt ni mng Chc nng chnh ca FTP l lm ni lu tr d liu di ng trn mng, ch cn c user v password (nu yu cu) l bt c ai cng c th truy cp vo FTP server ly v chia s d liu cho mi ngi. u im: chia s v cp nht thng tin mi lc mi ni. Nhc im: bo mt km, d dng b hacker li dng v mc ch xu. 5.2. Cc yu cu chung khi trin khai dch v Web v FTP. .2.1. Yu cu vi cc dch v Yu cu khi thit k cu trc chy Web: hot ng nhanh, cp nht kp thi thng tin cho nhn vin v khch hng. Vi FTP: gip user c th truy cp trong phm vi mng ni b cng nh t internet vo Vi Web: c web ni b v web public cho user v khch hng truy cp. 5.3. Trin khai cc dch v Web v FTP Ci t IIS Component To host v alias cho FTP v Web trn DNS server. Trin khai FTP: To mt FTP site mi Cu hnh a ch IP, Port, ng dn n th mc share FTP Cp quyn cho cc user s dng th mc share FTP, cp quyn Read, Wrire, Brower cho user trn FTP site. Trin khai Web:

To Web site mi Cu hnh a ch IP, Port, ng dn n th mc share web Cu hnh trang mc nh v cc ng dn dng truy cp web Cp quyn Read cho user. Nat port v cu hnh dyndns public FTP v Web: Vo modem Nat port 80 - ng vi IP: 192.168.1.99 ca web server, Nat port t 20 n 21 - ng vi IP: 192.168.1.99 ca FTP server Download v cu hnh DynDNS software trn my Web-FTP cp nht a ch IP ln server min ph ca DynDNS.org (nu c mua IP public v domain th khng cn phi s dng dch v min ph ca DynDNS.org) 5.4. Tng kt dch v Web v FTP Sau khi Web-FTP c thit lp, thng tin ca cng ty c ph bin rng ri cho cc nhn vin v khch hng. y l dich v h tr cc k hu ch cho bt c mt cng ty no m bo s tin dng v tit kim chi ph. 6. Thit k v xy dng dch v Printing Printer server l my tnh hoc thit b chuyn dng khc c s dng kt ni vi my in v cung cp dch v in n trong mng. Trong thc t hin nay, i a s cc mng my tnh ca chng ta (Vit Nam) s dng mt my tnh trong mng kt ni my in v chia s my in dng chung ny cho cc ngi s dng khc trong mng. 6.1. Gii thiu dch v v u nhc im. C 2 cch s dng printer in n trong mng l in mng (internet printing) v in cc b (local printing) In mng: s dng printer server u im: User c th s dng in t bt c u c internet. Cng vic in n trn mng c qun l tp trung trn server cu hnh internet printing Rt nhiu user c th s dng chung mt my in gim thiu chi ph mua nhiu my in Hot ng khng phc thuc vo PC gip cng ty tit kim ti nguyn pc C phn quyn nn d dng in n hn Tc in n nhanh Nhc im: Printer server gi thnh cao Khng h tr qun l trc tip trn my printer server In cc b: s dng my in local u im: Gi thnh r C th s dng tc c cc loi my in c th in c Kt ni n gin khng ph thuc vo cu hnh kt ni n gin d trin khai Nhc im: Bt buc my in ni vi PC phi c m lin tc nu tt s nh hng n cc ngi s dng chung my in trong cng mt phng ban Tc in n khng cao Tnh bo mt km 6.2. Trin khai dch v Printer server a. Trin khai Internet Printing vi Printer server Ci t dch v Internet Printing trong Control Panel To my in mng, v tr v a ch printer server v ci t driver cho printer server To cc my in logic phn quyn cho cc Group v user khc nhau To Printing Pool gip h thng khc phc s chm tr khi c qu nhiu yu cu in Map my in v my client thng qua trnh duyt internet. b. Trin khai Local printing Ci t v cu hnh cho my in cc b trn my tnh c gn my in Share my in ra cho cc my khc bng ng dn UNC hoc s dng cu lnh map my in cho tng client. Phn ny s thc hin trong Group Policy. 6.3. Tng kt dch v Printer server Vi s qun l ca printer server, hot ng n nh - nhanh chng s gip cng vic in n ca tc c nhn vin thun li hn. Trong m hnh mng ca cng ty VNTRANSPORT s c 1 my printer server v cc my cn li s lm chc nng in local, va m bo li tit kim 7. Thit k v xy dng h thng Antivirus m hnh Client Server. Thm ha virus i vi h thng mng l m nh ca nhng ai tng lm vic trong cc cng ty. Khi virus ly lan trong h thng s lm cc h thng ng bng hoc hot ng khng n nh, gy nh hng n

hot ng ca cng ty c bic l cc cng ty c xng sng l mng my tnh - hot ng da trn mng my tnh. phng s ly nhim virus cng nh s ly lan pht tn ca virus trn h thng, ci t mt h thng phng chng virus l thc s cn thit. Nhm chng ti quyt nh s dng phn mm Symantec Antivirus 10.0 thc hin cng vic ny. 7.1. Cc chc nng ca h thng Antivirus: Chc nng ca Antivirus server (ci t trn server): cp nht, qun l tp trung cc phin bn chng virus mi t internet v trin khai cho my nhn vin, dit virus trn chnh my ci t. Chc nng ca Antivirus client (ci t trn my nhn vin): cp nht cc phin bn dit virus t Antivirus server, tm v dit virus trn tng my ci t n. 7.2. Cc c im chung v u im khi trin khai h thng Symantec Antivirus

Khi my server kt ni ra internet v update, cc my client s t ng update t server, my client khng ra internet update. Cc my client cng khng c quyn g b ci t nu khng c password. Khi bt k my no trong h thng, thng tin s c gi trc tip ln server, ngi qun tr s bit ngay v thc hin cc hnh ng trc tip ti my b nhim t server. u im ca Symantec Antivirus: Hot ng nhanh v ph hp vi mt cng ty va v nh To ra mt h thng Antivirus duy nht cho c h thng my tnh, gip ngi qun tr n gin hn trong vic qun tr h thng. Tit kim bng thng trong qu trnh Update Nng cao bo mt. 7.3. Trin khai h thng Symantec Antivirus 7.3.1. Ci t phn mm Symantec server Chun b a CD ci t cha: Symantec AntiVirus Corporate Edition v10.1 v Symantec System Center v10.1 Ci t ln lt cc phn mm vo my server, trong qu trnh ci t ch phn password cho h thng v check vo AutorunLiveUpdate t ng cp nht t server trn internet sau khi ci t xong. 7.3.2. Cu hnh v trin khai Symantec client cho my nhn vin v h thng cc my member server. Sau khi ci t v khi ng li h thng, ta tin hnh Unlock cho server v ty chn cho server l Primary server. Sau tin hnh trin khai phn mm xung my client (client trn 3 range khc nhau, range server, range tng 1 v range tng 2) Chng ta c 2 cch ci t cho my trm: mt l chng ta ng t Client truy cp n server bng ng dn UNC, hai l chng ta dng tin ch Client Remote Install Tool. ci t t xa ta vo Tools\Client Remote Install. Trong qu trnh ny bc u tin ta s chn v source ci t, ta ty chn Default Location. Sau ta chn nhng user cn trin khai thc thi.

 Qu trnh trin khai xung client thnh cng, sau khi khi ng li phn mm Antivirus s t ng chy v nhn thy c trn my client. 7.4. Tng kt Antivirus. Symantec Antivirus m bo c kh nng vn hnh nh nhng cng nh m hnh Client-Server ti u cho cng vic qun tr. S dng phn mm ny trn h thng ca VNTRANSPORT l rt kh thi v t c mt phn mc tiu bo mt cho h thng ca nhm 06PBL152 8. Xy dng h thng v li WSUS Qun l tnh trng h thng l mt trong nhng cng vic quan trng ca ngi qun tr mng, qun l vic cp nht cc bn v li phi c tin hnh lin tc cung cp cho h thng nhng phin bn v li mi nht ca nh sn xut khng nhng mang li hiu qu bo mt, m cn gip h thng hot ng n nh hn rt nhiu. Nhng mt iu cn phi ch rng i khi cc bn v li do nh cung cp phn mm a ra thng chm hn so vi cc bn v li ca cc hng bo mt, mt v d nh symantec a ra 40 bn v li trong c 20 bn cho h thng my Dell chy Windows XP v hn 20 bn v li cho Windows 2000 Service Pack 3 trc khi Microsoft a ra cc bn v li chnh thc vo ma h nm 2003. V vic cp nht ton b h thng qua Internet l mt gii php kh thc hin khi c nhiu my tnh trong h thng mng cn c cp nht bn v li ngay. Vic trin khai h thng t cung cp cc bn v li ngay trong h thng mng l iu cn thit. Chnh v iu ny nn chng ta cn mt dch v phc v cho nhu cu trn v WSUS l 1 gii php. WSUS l vit tt ca Windows Server Update Service . Cho php chng ta to ra mt my ch lu tr phn mm cp nht cho ton b h thng cc phn mm ca hng Microsoft t Windows cho n cc phn mm Office M hnh hot ng WSUS

8.1.

Cc chc nng v u nhc im: Qun l tp trung vn ci t phn mm update trn cc my trm. Gim thiu lu lng bng thng ra ngoi Internet. Nu khng c wsus cng ty c hng trm my tnh v yu cu update trc tip thng qua Website ca Microsoft s gy l hin tng tc nghn v qu ti. u im: Tit kim c nhiu thi gian qun tr v tng cng thm tnh bo mt cho h thng cc my trm. Nhc im: ch c ch trong mt h thng ln v nhiu my client. H thng nh ci t s gy lng ph server. 8.2. Cc yu cu chung khi trin khai WSUS. 82.1. Yu cu v dung lng a cng: C partition ci t windows v partition ci t WSUS phi l NTFS. Ti thiu phi c 1 Gb trng cho partition h thng. Ti thiu phi c 6 Gb trng cho partition ci cc bn update cho WSUS recommend l 30 Gb. 8.2.2. Cc yu cu v Automatic Updates: Automatic Updates l mt thnh phn client ca WSUS. Automatic Updates khng i hi g v phn cng c bit ngoi vic phi c kt ni vi network. Ta c th s dng Automatic Updates vi WSUS trn bt k my tnh no chy cc h iu hnh sau y: Microsoft Windows 2000 Professional with Service Pack 3 (SP3) or Service Pack 4 (SP4), Windows 2000 Server with SP3 or SP4, or Windows 2000 Advanced Server with SP3 or SP4.

Microsoft Windows XP Professional, with or without Service Pack 1 or Service Pack 2. Microsoft Windows Server 2003, Standard Edition; Windows Server 2003, Enterprise Edition;Windows Server 2003, Datacenter Edition; or Windows Server 2003, Web Edition. * Note: ci t c WSUS ta cn thc hin ci t mt s chng trnh yu cu cho WSUS: 1. Ci t IIS 2. Ci t Services Pack 3. Ci t dotNetFX35setup.exe 4. Ci t ReportViewer.exe 5. Cui cng l ci t WSUS ( y h thng chng ta s ci t ver3.0) 8.3. nh hng v trin khai thc hin WSUS. My ch SUS s phn tch cc h iu hnh yu cu cp nht, kim tra cc bn service pack v cung cp cho my client nhng gi tin cn phi download v ci t cc phin bn cp nht. 8.3.1. ng b d liu v cung cp cho h thng Khi bt u vic ng b d liu my ch SUS s truy vn n my ch Windows Update ca Microsoft hay cc my ch SUS khc trong h thng mng v download ton b ti nguyn v cc bn v li hay cc service pack cho mi sn phm v ngn ng m ta cu hnh. Qu trnh ng b d liu s c truyn khong 150 MB cho phin bn English v 600MB cho mi ngn ng khc. 8.3.2. Thit lp Automated Updates trn my client Ci t cc cp nht t Automatic Updates ca my client bng vic ci t cc gi MSI. cung cp cc gi cp nht dng MSI bn c th d dng s dng Group Policy cung cp . To ra mt GPO mi, gn chng cho cc my tnh trong h thng mng ca bn, v n s c ci t mt cch t ng. C th cung cp cc gi MSI cho client di dng logon script gn cho gi tin MSI v h thng s c thc hin trc khi ngi dng ng nhp vo h thng. 8.3.3. S dng Group Policy p t my Clients Update t WSUS Ln lch cho qu trnh cp nht cn khc nhau trnh cng mt thi im ton b h thng yu cu n my ch SUS s lm ton b h thng mng ca bn b tc nghn. (Tu chn trong phn Reschedule Automatic Updates Scheduled Installations) To ra nhiu GPO vi nhiu lch trnh khc nhau cho mi OU m bo h thng lun c p ng tt nht. 8.4. Tng kt WSUS. Vi nhng tnh nng u vic v cp nht v v li cho h thng ca WSUS ( c phn tch pha trn) th y l dch v kh tt gp phn bo mt cho h thng cty. Do nhm 06PBL152 chng em trin khai hon chnh dch v ny cho ti ln ny. 9. Trin khai Policy qun l. Policy l mt c cu gip ta xc lp cu hnh desktop, permissionmt cch t ng v tp trung nh nhng Group Policy Object (GPO). Group Policy Object l nhng i tng thuc nhm Policy qun l, n c s p t cho cp user hoc Computer c cha trong Site, Domain, Organization Unit (OU). 9.1. Cc yu cu cn lm trn Group Policy Trin khai cc ng dng sau cho tc c cc phng ban: Microsoft Word Microsoft Exel Microsoft PowerPoint Acrobat Reader Cc phn mm khc cho tng phng ban: Phong k ton: phn mm k ton Phng Hnh chnh Nhn s: phn mm qun l nhn s Phng K hoch kinh doanh: phn mm thit k m hnh Microsoft Visio Cu hnh GPO p t cc chnh sch khc nh: T ng khi ng Internet Explore vi trang ch ca cng ty khi user ng nhp vo mng Khng nhn thy Properties ca My Documents Khng nhn thy v khng truy cp c a C trn my Local Map my in local, map a mng 9.2. Trin khai cc chnh sch t yu cu t ra S dng cng c Group Policy Management qun l tp trung cc policy c trn h thng. Cc ng dng Word, Exel, PowerPoint c qun l trong mt policy chung v trin khai (lin kt) xung tc c cc OU phng ban. Cc ng dng phn mm chuyn ngnh, mi phn mm s c cu hnh deploy trong mt Policy Thc hin p t cc chnh sch khc: Mi chnh sch c cu hnh trong mt policy ring. 10. Cc dch v h tr 10.1. Dch v RIS Trong mt m hnh h thng c nhiu my trm, ci t h iu hnh cho tt c my trm th i hi ngi qun tr phi mt rt nhiu thi gian ci t cho tng my. Vi chc nng ci t h

iu hnh mt cch t ng qua mng, dch v RIS ra i ngi qun tr gii quyt vn ny mt cch nhanh chng v c hiu qu. 10.1.1. Chc nng Ci t h iu hnh qua mng cho Client. 10.1.2. u nhc im ca dch v u im Ci t h iu hnh mt cch t ng My trm ch cn c card mng h tr PXE, khng cn c CD-ROM Ngi qun tr khi mt cng i ci t trn tng my C th ci t cho tt c my trm vi mi cu hnh My trm sau khi ci t xong t ng join domain Nhc im Cu hnh phc tp Thi gian ci t s rt lu nu s lng my trm ln 10.1.3. Yu cu chung khi trin khai dch v My tnh cha dch v RIS Server phi l thnh vin ca Domain hoc l dch v RIS Server ny nm trn Domain Server ci t RIS phi c 2 phn vng khc nhau Phn vng cha file ci t RIS phi c nh dng NTFS C DHCP Server c Active trn mng C DNS phn gii tt trn mng C mt Windows CD hoc c mt folder share cha cc file ci t My Client phi h tr PXE boot ROM hoc card mng c h tr boot floppy 10.1.4. nh hng v trin khai dch v nh hng thc hin Cc my trm trong h thng c cng cu hnh Ci t h iu hnh Windows XP Professional cho tt c my trm Sau khi ci t xong h iu hnh th cc my trm join vo domain v c y cc thng tin cu hnh c lin quan Trin khai dch v Ci phn mm Remote Installation Services To Image lu trn Server To a mm boot mng (nu my khng h tr boot mng PXE) To Answer file t ng tr li cc thng tin khi ci t h iu hnh cho Client Phn quyn cho User no c th ci t h iu hnh t RIS Server 10.1.5. Tng kt dch v RIS Server Dch v RIS em li nhiu thun li cho ngi qun tr trong vic ci t H iu hnh cho nhiu my trm trong cng mt lc thng qua mng. V th, dch v ny chng ti p dng trin khai cho m hnh nhiu my trm ca chng ti tit kim thi gian v ti chnh. 10.2. Dch v VPN Client to Site Mt nhn vin c gng v s pht trin ca cng ty lun lm vic ht sc mnh. H s c nhu cu lm vic mi lc mi ni nu c th. p ng c cc nhu cu ca nhn vin, h thng VPN client to site ra i gip nhn vin c th s dng mng ni b cng ty bt c lc no cn thit. 10.2.1. Cc chc nng v u nhc im. Gip nhn vin c th kt ni vo site ca cng ty thng qua mi trng Internet, tr thnh mt node ca mng LAN trong cng ty. Gip nhn vin c th s dng mi ti nguyn chia s trn mng. u im: tin li cho cc nhn vin lm vic xa cng ty lm vic nh. To ra m hnh hnh ng (pipe) ring o gip vic trao i d liu khng cn gi gn trong mt mi trng no m tr nn rng v linh hot hn. Khng phi thu thm cc knh ring nh Lease Line, tn km hn rt nhiu. Nhc im: nu trong h thng mng khng c h thng tng la s rt nguy him cho d liu ra vo h thng. 10.2.2. Cc yu cu chung khi trin khai dch v VPN client to site. My ng vai tr l VPN server phi c 2 NIC, my ny s trc tip i ra ngoi Internet thng qua Modem ADSL, hai NIC ca server c IP ln lt l: + External: 192.168.1.113 + LAN_Floor 1 : 192.168.1.1 Khi s to mt address pool (dy IP) dnh trc cho cc client c nhu cu quay VPN sao cho cng NetID vi mng LAN bn trong site l c. Theo m hnh cng ty VNTRANSPORT s c 3 subnet con khc nhau trong site, ta s tin hnh lm tun t nh nhau cho 3 subnet. Phn ny a ra v d cho subnet Internal_Floor 1 10.2.3. nh hng thc hin VPN client to site

C 2 cch thc hin Mt l: Bin Modem ADSL thnh 1 Bridge, khi ta s c c IP Public, dng IP ny l IP cho VPN Server, tuy nhin cch ny hi bt tin l khi ta phi thc hin Share Net th cc my client mi c th ra net c. (p dng cho nhng modem khng h tr VPN) Hai l: Trn Modem ADSL ta s kt hp vi Dynamic DNS trn VPN Server, khi nu c client quay vo th ta ch vic Nat Port cho Forward qua VPN Server lun. Ta s s dng cch ny cho vpn client to site trong h thng. 10.2.4. Thit k v xy dng VPN client to site a. NAT port 1723 ca Router ADSL v my VPN server b. Cu hnh VPN Server: To user Client bn ngoi kt ni vo VPN Server (ty vo nhng user no c nhu cu s dng VPN s to ti khon cho user ) Cho php user c quyn Allow access trong Dial-in Enable Routing and Remote Access v cu hnh chc nng Remote Access (dial-up or VPN) Cu hnh Range IP cho cp cho client khi connect vo mng v hon tt qu trnh trn cu hnh trn server c. Cu hnh VPN Client trn my Client ngoi vo: To mt connection mi ti My Network Place, cho Connect to the network at my workplace Chn ch Virtual Private Network Connection ti bc tip theo Ti phn VPN Server Selection, g Hostname ng k trn NO-IP hoc Dyndns nu c vo Host name or IP address Ti VPN server phi ci chng trnh cp nht IP cho hostname Sau c th kt ni n VPN server bng username v password ca mnh trong h thng. 10.2.5. Tng kt dch v VPN Client to Site VPN client to site l gii php thc s hiu qu cho vic s dng ti nguyn bn trong mng ca nhn vin khi lm vic bn ngoi. nng cao bo mt cho dich v ny, tng lai h thng s phi ci t Firewall nh ISA hoc mt dch v ca bn th ba no . 10.3. Dch v Remote Assistance Dch v ny cho php cc nhn vin k thut hoc admin c th vo my tnh ca nhn vin gip h gii quyt s c trn my. Rt c ch cho vic h tr nhn vin t xa. Cc bc trin khai: To file Remote Assistance trn my client vi username v password bt k. Chia s file ny cho ngi s gip nhn vin Nat Port 3389 trn modem v router Sau ngi ny s truy cp vo my nhn vin thng qua IP v Port 3389 c cu hnh trong file . S dng username v password to trc chng thc C. o to ngi s dng Sau khi cng vic xy dng h thng mng cho cng ty th cng vic o to ngi s dng cng quan trng khng km. ngi s dng hiu c cch s dng cc dch v c trn h thng...v rt nhiu nhng cng vic khc. Nhng cng vic cn lm: Tuyn chn i ng o to B tr thi gian o to Thit k ti liu o to: bao gm cc phn cn hng dn cho nhn vin cn thc hin nh Cch ng nhp vo h thng s dng username v password ca tng nhn vin Cch s dng file server lu tr d liu lm vic, cch bo co, cch chia s d liu trn file server. Cch truy cp vo web, ftp ni b cng nh public Cch s dng VPN Client to Site connect vo mng cng ty khi cn thit Cch s dng Remote Assistance cho php cc admin vo my h tr k thut. D. Kim tra v bn giao vn hnh 1. Kim tra Sau khi ci t v trin khai xong h thng mng cho cng ty, ta tin hnh kim tra tng ton din h thng. Kim tra t my ca nhn vin nhng vn sau: ng nhp vo user trn domain bng my client t ip ng, tin hnh release v renew ip, km tra ip ca dhcp cp, kim tra dns bng nslookup, sau kim tra s lin thng gia cc mng bng lnh ping, ping ra internet kim tra kt ni internet t my client. ng nhp vo 2 my client v kim tra phn quyn trn file server Kim tra My Documents ca nhn vin sau khi ng nhp vo h thng. Truy cp vo kim tra dch v web, ftp, to file a qua my khc kim tra remote assistance. Kim tra my in v in th trn client. Kim tra s thi hnh ca cc Group Policy p t xung my client. 2. Bn giao vn hnh

Sau qu trnh kim tra ton din h thng, ta s tin hnh bn giao cng vic vn hnh h thng li cho ban qun l v phng k thut ca cng ty. Nhng th cn bn giao: Cc m hnh h thng v nguyn tc hot ng ca tng thnh phn trn h thng: DNS, DHCP, DC ng cp, File server, Web - FTP server, Printer server, WSUS, Antivirus, RRAS, Backup & Restore AD v File server. T ta tip tc ch ra cc thnh phn quan trng trn h thng, ch cch kim tra s c v khc phc khi s c xy ra. Phi hp vi b phn chuyn gia phn cng ln lch bo tr cc thit b trong h thng. E. Chuyn giao ti liu v khch hng nghim thu 1. Chuyn giao ti liu Cc ti liu cn chuyn giao li cho cng ty nh sau: Ti liu nguyn cu v thit k h thng Ti liu o to ngi s dng 2. Nghim thu vi khch hng Hi nhng thc mc ca khch hng v tr li nhng thc mc Hi khch hng cho chng ta nh gi v h thng xut cc phng n m rng h thng khi cng ty pht trin mnh hn Tin hnh nhn tin cho vic thit k, lp t v tin thit b t khch hng. K cc bin bn xc nhn lin quan. F. nh gi hiu qu Sau khi thit k v xy dng h thng ny, nhm 06PBL152 nhn thy rng h thng ny rt hu ch v mang li hiu qu cao cho hot ng ca cng ty. Sau y l nhng nh gi m nhm a ra sau khi ln xy dng h thng: Nh s qun l tp trung ca file server v cc h thng khc, hot ng ca cng ty cng nhanh hn v tit kim chi ph hn. Tin li cho vic s dng ca nhn vin v i ng qun l trong cng ty Thng tin c bo mt hn v qun l d dng hn Gip cho ngi qun l c th truy cp thng tin nhanh chng v bt k u, ch cn c mng internet Vn v kinh ph ph hp vi mt cng ty va v nh C th pht trin h thng trong tng lai V.Phng n m rng i vi mt h thng th lun bo m ng bn yu cu c bn: Yu cu v bo mt thng tin Yu cu v kh nng hot ng nhanh nhy Yu cu v kh nng chng chu vi mi trng h thng Yu cu v kh nng m rng Sau khi hon tc qu trnh xy dng v a vo hot ng, trong tng lai khng xa kh nng cng ty s pht trin v cn thit mt h thng ln mnh v kh nng bo mt thng tin cao hn na. T t ra phng php m rng cho h thng l vn cn c cp ti khi bt tay vo xy dng mt h thng. Ta s chn la nhng thnh phn v cu trc chnh c kh nng m rng trong tng lai. Sau y l phng n m rng h thng m nhm 06PBL152 vch ra cho h thng trn: Trin khai CA, IP SEC cho h thng bo mt c nng cao hn Trin khai vpn (ci radious server nu cn chng thc v qun l trong giao tip VPN) v kt hp vpn ipsec hoc SSL. Trin khai RAID 5 trn my DC Backup ng thi tng tc hot ng ca server Kt hp Load Balancing vo h thng cn bng ti, tng kh nng chng chu Ci t ISA v khoanh vng DMZ cho vng server public ra internet Ci t h thng Mail exchange tin vic lin lc nu cn thit khi nhn vin cng ty tng ln ng k ------------------------------- THE END --------------------------------