Professional Documents
Culture Documents
Khoa : 01 . Lp : 01CCHT02
Thy Trn c Tt Nguyn Phan Khi Hunh Trng Ngha Qun Tr Mng My Tnh. 01CCHT02. 2008 2011.
Lun vn tt nghip
Page 1
Phn A:
GII THIU TI
1. LI CM N
Trc tin, chng ti xin by t lng bit n su sc n thy Trn c Tt v thy Trn Vn Ti, ging vin khoa CNTT trng Cao ng Ngh CNTT iSPACE tn tnh hng dn, gp v ng vin chng ti trong qu trnh nghin cu v hon thnh lun vn tt nghip ny, ti "xy dng h thng mail server Exchange 2007 cho doanh nghip". Xin chn thnh gi li cm n n qu thy c trng Cao ng ngh cng ngh thng tin iSPACE v cc bn sinh vin lp 01CCH02 nhit tnh gip chng ti trong sut thi gian va qua. Xin gi li cm n dnh cho gia nh, nhng ngi ht lng quan tm v to iu kin cho chng ti hon thnh lun vn tt nghip. Mc d rt c gng, nhng trong lun vn ny cng kh trnh khi nhng thiu st, khim khuyt. Xin chn trng cm n s gp , ch bo ca cc qu thy, c cng cc bn sinh vin gip cho ti hon thin hn. Xin chc mi ngi sc khe v trn trng cm n !
Nhm 2 - Lp 01CCHT02- C CNTT iSPACE Nguyn Phan Khi - Hunh Trng Ngha
Lun vn tt nghip
Page 2
2. M U TI
Chung ta va trai qua thp nin u tin cua th ky 21, nhng nm va qua chung ta a chng kin nhiu tin b cua Cng Ngh Thng Tin noi ring va nhng tin ich cua CNTT a em lai cho nhn loai nhiu i mi trong cuc sng hin ai. T nhng chic smart phone n nhng Computer, laptop, ngay ca cai may gic hng ngay cua chung ta cung a ap dung ki thut s vd : nh hen gi , ch gic , khng con th s nh thu ban u..Ngay nay khoa hoc ki thut gn lin vi cng ngh cao. Nguyn nhn chnh cho s pht trin l s xut hin ca Internet. S xut hin ca Internet thc y th gii tin nhanh v pha trc v a c th gii bc sang mt k nguyn mi, k nguyn bng n thng tin. Mt trong nhng yu t truyn tai thng tin c con ngi a vao h thng may tinh va ng dung thc tin va con s dung n ngay hm nay la th in t.
Chng ta khng th ph nhn tm quan trng ca th in t trong thi i s ngy ngay, c bit th in t li cng quan trng hn i vi hot ng
Lun vn tt nghip
Page 3
kinh doanh ca doanh nghip. Phn nhiu cc doanh nghip chn gii php thu Mail Server t cc nh cung cp dch v. Tuy nhin vic xy dng h thng Mail Server cho ring mnh ang l vn nng hi v rt c quan tm t pha cc doanh nghip. iu ny ko ch lm m bo tnh an ton, bo mt cao, m cn l cch khng nh ng cp ca danh nghip, gip h gt hi c nhiu thnh tu hn.
3. MC CH TI
Nghin cu ng dung thc t cua MS Exchange 2007 Trin khai h thng mail cho doanh nghip. Xy Dng giai phap Clustering tng kha nng chiu li cho mail server. Trin khai giai phap mail cho doanh nghip ln va nhiu tru s. Cai t giai phap Antivirus va Anti-Spam
4. TNH HUNG V YU CU TI
4.1 Tnh hung ti Ngn hng thng mi hng hi Maritime bank c thnh lp nm 1991 ti Hi Phng, Maritime bank chuyn cung cp cc dch v v sn phm: cho vay, h tr thanh ton quc t, h tr XNK,... cho cc khch hng l doanh nghip, c nhn hoc cc nh u t. Vi tiu ch ca ngn hng l m ra cc dch v v sn phm an ton, hiu qu v nhanh chng cho khch hng trn c nc.
Lun vn tt nghip
Page 4
Trong ngn hng Maritime bank c n trn 1.500 ngi lm vic ti nhiu chi nhnh trn c nc vi 3 tr s ln t ti: Thnh Ph H Ch Minh, Hi Phng, H Ni. E-mail l phng tin c s dng mi ngi lin lc trao i cng vic, lp lch, thng tin lin h.... v tr thnh phng tin khng th thiu i vi ngi dng trong ngn hng. Hin ti ngn hng Maritime bank ang thu Mail Server ca FPT v t ti vn phng FPT lm kh khn trong vic qun l bo mt, chm trong vic khc phc li, v c bit l b tch bit vi cc ng dng khc ca cng ty: Office Communication Server, Microsoft Office SharePoint Server,...
Lun vn tt nghip
Page 5
4.2 Yu cu ti Ban iu hnh ca ngn hng c yu cu xy dng h thng mail server c kh nng nh sau:
C kh nng phc v cho s lng ln ngi dng trn 1500 ngi. V h thng mng nhiu tr s. C kh nng bo mt cc thng tin v cc email ca ngi dng trong cng ty. p ng nhanh cc nhu cu truy cp email ca ngi dng. H thng Server mail phi c kh nng chu li cao v khc phc s c nhanh chng. Chng c Virus v antispam cho ngi dng. C kh nng nng cp v m rng khi c nhu cu.
Lun vn tt nghip
Page 6
Phn B:
NGHIN CU L THUYT
Lun vn tt nghip
Page 7
Nhng firmware m Router Cisco c th h tr thm: Router and Routing Systems Switches Universal Gateway and Access Servers IP Communications Wireless Video Storager Contents and Optical Natworking 1.2 Tng quan cac cng ngh dung kt ni mang. 1.2.1 Cng ngh Lease Line
Gii thiu cng ngh lease line : Gi l knh thu ring, l mt hnh thc kt ni trc tip gia cc node
mng s dng knh truyn dn s liu thu ring. Knh truyn dn s liu thng thng cung cp cho ngi s dng s la chn trong sut v giao thc u ni hay ni cch khc, c th s dng cc giao thc khc nhau trn knh thu ring nh PPP, HDLC, LAPB v.v V mt hnh thc, knh thu ring c th l cc ng cp ng trc tip kt ni gia hai im hoc c th bao gm cc tuyn cp ng v cc mng
Lun vn tt nghip
Page 8
truyn dn khc nhau. Khi knh thu ring phi i qua cc mng khc nhau, cc quy nh v cc giao tip vi mng truyn dn s c quy nh bi nh cung cp dch v. Do , cc thit b u cui CSU /DSU cn thit kt ni knh thu ring s ph thuc vo nh cung cp dch v. Mt s cc chun kt ni chnh c s dng l HDSL, G703 v.v Khi s dng knh thu ring, ngi s dng cn thit phi c cc giao tip trn cc b nh tuyn sao cho c mt giao tip kt ni WAN cho mi kt ni knh thu ring ti mi node. iu c ngha l, ti im node c kt ni knh thu ring n 10 im khc nht thit phi c 10 giao tip WAN phc v cho cc kt ni knh thu ring. y l mt vn hn ch v u t thit b ban u, khng linh hot trong m rng pht trin, phc tp trong qun l, c bit l chi ph thu knh ln i vi cc yu cu kt ni xa v khong cch a l.
Lun vn tt nghip
Page 9
HDLC : l giao thc c s dng vi h b nh tuyn Cisco hay ni cch khc ch c th s dng HDLC khi c hai pha ca kt ni leased-line u l b nh tuyn Cisco. PPP : l giao thc chun quc t, tng thch vi tt c cc b nh tuyn ca cc nh sn xut khc nhau. Khi u ni knh leased-line gia mt pha l thit b ca Cisco v mt pha l thit b ca hng th ba th nht thit phi dng giao thc u ni ny. PPP l giao thc lp 2 cho php nhiu giao thc mng khc nhau c th chy trn n, do vy n c s dng ph bin. LAPD : l giao thc truyn thng lp 2 tng t nh giao thc mng X.25 vi y cc th tc, qu trnh kim sot truyn dn, pht trin v sa li. LAPB t c s dng. Tin ch ca dch v Leased Line :
m bo cht lng. An ton, bo mt v c tnh n nh cao. Tc upload v download lun ng b. Kim sot c hiu sut ca ng truyn 24/24. Qun l Firewall v Phng chng virus cho h thng E-mail ca khch hng. c cp a ch IP thc s dng cc ng dng hu ch nh: mng ring o (VPN), in thoi Internet (IP Phone), hi ngh truyn hnh (Video Conference), thit lp v qun l h thng Mail server v Web server. 1.2.2 Cng ngh DSL
Lun vn tt nghip
Page 10
DSL (Digital Subscriber Line): L cng ngh cho php s dng nhng tn s cha dng trn cp ng truyn d liu tc cao, ln n hng Megabits.
DSL s dng k thut truyn bng rng ghp nhiu di tn s khc nhau trn cng mt ng truyn vt l truyn d liu.
c im DSL:
Trn ng dy in thoi thng ch dng khong tn s t 0 4 KHz truyn d liu m thanh. Cng ngh DSL tn dng c im ny truyn trn cng ng dy nhng tn s trn 4Khz n 1Mhz. DSL c th cho php tn hiu thoi v d liu cng truyn mt lc qua cng mt ng cp. V dch v DSL lun sn sng nn ngi dng khng phi quay s dialup hoc i cho cuc gi c thit lp. Phn Loi DSL
DSL c nhiu loi, da trn tc Downstream, Upstream v khong cch u cui. ADSL (Asymmetric DSL)
Dch v DSL bt i xng cung cp knh download ln hn knh upload. HDSL (High data-rate DSL)
C tc ngang vi ng T1 (1.544Mb) hoc E1 (2Mb) nn c dng thay th hai loi ng ny trong tng lai.
Lun vn tt nghip
Page 11
Chiu di gii hn ca HDSL l 3658,5m nn cn t cc trm khuych i tn hiu truyn c xa hn. IDSL (ISDN DSL)
L mt chun kt hp gia ISDN l DSL. Bn cht ca ISDL tng t nh ng ISDN BRI nhng khng c b chuyn mch v khng c cha knh D (knh tn hiu). ISDL c tc l 64 Kbps, 128 Kbps, hoc 144 KBps. SDSL (Symmetric DSL)
Dch v DSL i xng cung cp knh download v knh upload vi dung lng nh nhau. SDSL khng cung cp dch v in thoi trn cng mt ng truyn. VDSL (Very High bit-rate DSL) c tc truyn 12,9M n 52,8 Mbit/s. G.SHDSL
G.SHDSL c tc truyn d liu t 192Kbps n 2,3 Mbps, nhanh hn chun SDSL hin ti khong 30%. G.SHDSL ang c thay th dn cho chun SDSL. ng dng cc loi DSL Ty thuc vo ng dng v i tng s dng chn loi DSL ph hp. SDSL
Dng cho doanh nghip va v nh, trong hi ngh truyn hnh cn tc i xng.
Lun vn tt nghip
Page 12
ADSL
Dng cho ng dng gia nh nh TV k thut s, Video on Demand(VoD), truy cp Internet Cc u im ca ADSL:
Tc truy cp cao. Truyn thng tin tch hp data, voice v video. Lun lun online (always on): gip trin khai cc dch v nh personal web. Chi ph bo tr thp. Gii hn ca DSL:
Tc ng truyn DSL t l nghch vi khong cch gia CPE v DSLAM. V l mng cng cng nn phi tn km chi ph cho vn bo mt. Cc yu t nh hng n cht lng ca ADSL l: S lng cc thit b gn vo line DSL. Bridge-tap: m rng ca CPE v CO. 1.2.3 Cng ngh Wireless
Ngy nay mng khng dy ang tr nn ph bin trong cc t chc, doanh nghip v c nhn. Chnh v s tin li ca mng khng dy nn n dn thay th cho cc h thng mng c dy truyn thng hin ti. iu g khng nh u th ca mng khng dy? u im l g? C khuyt im khng? Gii php thit k, trin khai th no? Bn cnh chng
Lun vn tt nghip
Page 13
ta cng s tm hiu v cc gii php bo mt cho mng khng dy ra sao? Trong tp ti liu ny ti v cc bn s cng nhau tho lun v tm ra cu tr li ph hp. Mng khng dy l mng s dng cng ngh m cho php hai hay nhiu thit b kt ni vi nhau bng cch s dng mt giao thc chun, nhng khng cn kt ni vt l hay chnh xc l khng cn s dng dy mng (cable). V y l mng da trn cng ngh 802.11 nn i khi cn c gi l 802.11 network Ethernet, nhn mnh rng mng ny c gc t mng Ethernet 802.3 truyn thng. V hin ti cn c gi l mng Wireless Ethernet hoc Wi-Fi (Wireless Fidelity).
Lun vn tt nghip
Page 14
Mng Wireless cung cp tt c cc tnh nng ca cng ngh mng LAN nh l Ethernet v Token Ring m khng b gii hn v kt ni vt l (gii hn v cable).
S thun li u tin ca mng Wireless l tnh linh ng. Mng WLAN to ra s thoi mi trong vic truyn ti d liu gia cc thit b c h tr m khng c s rng but v khong cch v khng gian nh mng c dy thng thng.
Ngi dng mng Wireless c th kt ni vo mng trong khi di chuyn bt c ni no trong phm vi ph sng ca thit b tp trung (Access Point).
Mng WLAN s dng sng hng ngoi (Infrared Light) v sng Radio (Radio Frequency) truyn nhn d liu thay v dng Twist-Pair v Fiber Optic Cable. Thng thng th sng Radio c dung ph bin hn v n truyn xa hn, lu hn, rng hn, bng thng cao hn. Hn ch ca mng khng dy
Bn cnh nhng thun li ca mng Wireless nh l tnh linh ng, tin li, thoi mith mng Wireless vn khng th thay th c mng c dy truyn thng. Thun li chnh ca s linh ng l ngi dng c th di chuyn. Cc Server v my ch c s d liu phi truy xut d liu, v v tr vt l th khng ph hp (v my ch khng di chuyn thng xuyn c). Tc mng Wireless b ph thuc vo bng thng. Tc ca mng Wireless thp hn mng c nh, v mng Wireless chun phi xc nhn cn thn nhng frame nhn trnh tnh trng mt d liu. Bo mt trn mng Wireless l mi quan tm hng u hin nay. Mng Wireless lun l mi bn tm v s giao tip trong mng u cho bt k ai
Lun vn tt nghip
Page 15
trong phm vi cho php vi thit b ph hp. Trong mng c nh truyn thng th tn hiu truyn trong dy dn nn c th c bo mt an ton hn. Cn trn mng Wireless th vic nh hi rt d dng bi v mng Wireless s dng sng Radio th c th b bt v x l c bi bt k thit b nhn no nm trong phm vi cho php, ngoi ra mng Wireless th c ranh gii khng r rng cho nn rt kh qun l.
WLAN: i din cho mng cc b khng dy, theo chun 802.11. LAN-LAN bridging: i din cho mng ni b, nhng theo din rng hn (gia 2 ta nh). WWAN: i din cho cng ngh mng din rng nh l mng in thoi 2G, GSM (Global System for Mobile Communications). WMAN: i din cho mng din rng (gia cc vng). WPAN: i din cho mng c nhn khng dy, thng nh l cng ngh Bluetooth, hng ngoi. c tnh k thut mng khng dy:
Wireless LAN s dng sng in t (Radio hoc sng Hng ngoi - Infrared) trao i thng tin gia cc thit b m khng cn bt k mt kt ni vt l no (cable). Sng Radio i khi cn c gi l sng mang (rt thng dng trong lnh vc vin thng - in thoi ), v n gin n thc hin chc nng truyn nng lng cho cc thit b nhn xa. D liu s c truyn theo sng mang cho nn c th lc ra mt cch chnh xc bi thit b nhn.
Lun vn tt nghip
Page 16
Vn thng c cp n trong sng mang l s iu bin ca sng khi d liu c truyn km theo, mt khi d liu c truyn km theo sng mang th tnh phc tp cao hn l sng n (ch mt tng s duy nht). Nhiu sng mang c th cng tn ti trong mt phm vi v cng thi gian m khng nh hng n nhng thit b khc nu nh nhng sng ny c truyn trn nhng tng s khc nhau. Thit b nhn mun lc d liu phi chn mt tng s duy nht trng vi tng s thit b pht.
Trong cu hnh ca mng WLAN thng thng, mt thit b pht v nhn (transceiver) c gi l Access Point (AP) v c kt ni vi mng c dy thng thng thng qua cp theo chun Ethernet. AP thc hin chc nng chnh l nhn thng tin, nh li v gi d liu gia mng WLAN v mng c dy thng thng. Mt AP c th h tr mt nhm ngi dng v trong mt khong cch nht nh (tu theo loi AP). AP thng c t v tr cao ni m nhng ngi c th bt sng c. Chun mng khng dy (Wireless Network Standards)
Ngi dung mng WLAN truy cp vo mng thng qua Wireless NIC, thng thng c cc chun sau: PCMCIA - Laptop, Notebook
Lun vn tt nghip
Page 17
Khi cc thit b ny s to ra mt mi trng mng khng dy gia nhng dng trao i thng tin v d liu. Cng ngh chnh c s dng cho mng Wireless l da trn chun IEEE 802.11 (Institute of Electrical and Electronics Engineers). Hu ht cc mng Wireless hin nay u s dng tng s 2.4GHz (trng tng s vi l viba hoc in thoi ban). IEEE 802.11 standard: 802.11 - l chun IEEE gc ca mng khng dy (hot ng tng s 2.4GHz, tc 1 Mbps 2Mbps) 802.11b - (pht trin vo nm 1999, hot ng tng s 2.4-2.48GHz, tc t 1Mpbs - 11Mbps) 802.11a - (pht trin vo nm 1999, hot ng tng s 5GHz 6GHz, tc 54Mbps) 802.11g - (mt chun tng t nh chun b nhng c tc cao hn t 20Mbps - 54Mbps, hin ang ph bin nht) 802.11e - l 1 chun ang th nghim: y ch mi l phin bn th nghim cung cp c tnh QoS (Quality of Service) v h tr Multimedia cho gia nh v doanh nghip c mi trng mng khng dy. Cng ngh Bluetooth
Lun vn tt nghip
Page 18
Bluetooth l mt giao thc hng ngang n gin dng kt ni nhng thit b di ng nh Mobile Phone, Laptop, Handheld computer, Digital Camera, Printer, v.v truyn ti thng tin vi nhau. Bluetooth s dng chun IEEE 802.15 vi tng s 2.4GHz 2.5GHz, tng t nh chun IEEE 802.11 v IEEE 802.11b . Bluetooth cho php cc thit b di ng trnh c tnh trng nhiu sng t nhng tn hiu khc nhau bng cch chuyn sang mt tng s mi sau khi truyn hoc nhn mt gi d liu.
Bluetooth l cng ngh tiu th nng lng thp vi khong cch truyn ln n 30feet (~ 10m) vi tc khong 1Mpbs, khong cch ny c th tng ln 300feet (~100m) nu tng ngun ln 100mW. Mt mng Bluetooth ch c kh nng h tr cho 8 thit b trong cng thi gian. Bluetooth l cng ngh c th k nhm p ng mt cch nhanh chng vic kt ni cc thit b di ng v cng l gii php to mng WPAN (nu trong phn Wireless Network Types), c th thc hin trong mi trng nhiu tng s khc nhau
Lun vn tt nghip
Page 19
Active Directory c s dng Exchange Server 2007 lu tr v truy cp thng tin . D liu ca Exchange Server 2007 trong Active Directory bao gm thng tin v ngi nhn trong h thng tin nhn, cng nh cu hnh thng tin v tin nhn trong cng ty hay t chc, v kt ni thng tin khch hng.
Lun vn tt nghip
Page 20
Schema Master Role(Master Role) Schema master: Qun l cc khun mu to ra i tng trn forest.
Schema qun l cc i tng v cc thuc tnh ca i tng. C ngha l khi to ra i tng (user, group, computer.) trong forest phi da vo cc khun mu ca schema master. Domain Root va Primary Root gi Role nay. Domain Naming Master Role(Master Role) Domain Naming master: Qun l vic thm hay bt domain trong forest. Ngha l ln mt domain hay h domain phi ng k vi Domain naming master. Domain naming master qun l tt c cc domain trong forest. Mt Forest c th gm nhiu Domain. Vic kim tra cc Domain ny l cng vic ca Domain Naming Master. Nu Domain Naming Master b li th n
Lun vn tt nghip
Page 21
khng th to v g b cc Domain cho ti khi Domain Naming Master quay tr li trc tuyn Relative Identifier - RID Master(Domain Role) Khi mt i tng c to ra n s c mt SID ring. SID ca i tng s bng SID ca domain cng cho RID. iu ny nhm mc ch phn bit user ny vi user khc trong domain, v user ca domain ny vi user ca domain khc trong forest. RID qun l vic cp pht RID cho i tng v qun l SID ca i tng trong domain. Nu PC gi Role nay cht Domain khng tao c i tng mi.
Primary Domain Controller PDC Master(Domain Role) Qun l vic ng b password ca user n cc domain khc. Khi user
thay i password trn my client th PDC chu trch nhim ng b password ny n domain khc. Khi user trn domain A, logon vo domain B, th domain B s lin lc vi PDC ca domain A kim tra tnh hp l ca user name v password ca domain ny. Trong 1 Forest, Role nay co th gi bi nhiu PC. Infrastructure Master(Domain Role) Qun l vic di chuyn user t domain ny sang domain khc. Infrastructure master qun l cc SID ca i tng chuyn n hay chuyn i bit c i tng ny t u n hay di chuyn i. Trong h thng forest ch c 1 domain duy nht gi vai tr l Master Role v tt c nhng domain cn li s nm Domain Role
Lun vn tt nghip
Page 22
2.2 Cu truc Active Directory Active Directory t chng minh l mt dch v th mc mnh m, n nh trong Windows Server 2003 R2. Windows Server 2008 tip ni nhng thnh cng trc y ca Active Directory vi nhng tnh nng mi, c ci thin nh sau: Active Directory Domain Services: Active Directory Domain Services (AD DS), trc y c bit ti vi tn gi Active Directory Directory Services, l mt khu vc tp trung thng tin cu hnh, cc yu cu xc thc v thng tin v tt c nhng i tng c lu tr trong phm vi h thng ca bn. Dng Active Directory, bn c th qun l mt cch hiu qu cc ngi dng, my tnh, nhm lm vic, my in, ng dng v cc i tng khc theo th mc t mt khu vc tp trung v bo mt. Nhng tnh nng nng cao i vi AD DS trong Windows Server 2008 bao gm: Auditing. Nhng thay i c thc hin i vi cc i tng trong Active Directory c th c lu li bn bit c nhng thay i din ra i vi i tng , cng nh cc gi tr mi v gi tr c ca nhng thuc tnh thay i.
Lun vn tt nghip
Page 23
Fine-Grained Passwords. C th cu hnh cc chnh sch v mt khu cho cc nhm phn bit nm
trong domain. Mi ti khon trong phm vi domain s khng cn phi s dng cng mt chnh sch v mt khu na. Read-Only Domain Controller. C th trin khai b iu khin domain vi phin bn ch c ca c s d liu Active Directory trong cc mi trng m tnh bo mt ca domain controller khng c m bo, chng hn: cc vn phng chi nhnh ni mc an ninh v mt vt l ca domain controller l vn ng quan tm; hoc nhng domain controller ang host cc vai tr b sung, yu cu nhng ngi dng khc phi ng nhp v duy tr my ch. S dng Read-Only Domain Controllers (RODCs) khng cho nhng thay i din ra ti khu vc chi nhnh c th gy hi hoc nh sp AD forest ca bn thng qua qu trnh sao chp. Nh c RODC, cng khng cn thit phi s dng mt site trung gian cho cc domain controller ti vn phng chi nhnh, hoc khng cn gi a ci t v ngi qun tr domain ti khu vc vn phng chi nhnh. Restartable Active Directory Domain Services.
C th dng v duy tr Active Directory Domain Services. Khng cn ti khi ng b iu khin domain v t li ch Directory Services Restore Mode cho hu ht cc chc nng bo tr. Cc dch v khc trn b iu khin domain c th tip tc hot ng khi dch v th mc trng thi ngoi tuyn. Database Mounting Tool.
Mt snapshot trong c s d liu Active Directory c th c a vo bng cng c ny. iu ny cho php ngi qun tr domain quan st cc i tng nm trong snapshot xc nh nhng yu cu lin quan ti vic khi phc khi cn thit.
Lun vn tt nghip
Page 24
Active Directory Lightweight Directory Services Active Directory Lightweight Directory Service (AD LDS), trc y c
bit n vi tn gi Active Directory Application Mode, c th c s dng em ti cc dch v th mc hoc cc ng dng theo th mc. Thay v s dng c s d liu AD DA ca t chc, bn c th s dng AD LDS lu tr d liu. AD LDS c th s dng kt hp vi AD DS mang ti cho bn mt khu vc tp trung dnh cho cc ti khon bo mt (AD DS) v mt khu vc khc h tr cu hnh ng dng v d liu th mc (AD LDS). S dng AD LDS, bn c th: gim bt cc chi ph lin quan ti vic sao chp Active Directory; khng cn m rng lc Active Directory h tr ng dng; v c th phn vng cu trc th mc sao cho dch v AD LDS ch c trin khai ti nhng my ch cn h tr cc ng dng theo th mc. Nhng c tnh nng cao i vi AD LDS trong Windows Server 2008 bao gm: Ci t t Media Generation.
Kh nng to cc phng tin ci t cho AD LDS bng Ntdsutil.exe hoc Dsdbutil.exe. Kim ton. Kim tra nhng gi tr thay i trong phm v dch v th mc. Database Mounting Tool.
Cho php bn xem d liu trong phm vi cc snapshot ca file c s d liu. Active Directory Sites and Services Support.
Cho php bn s dng cc Active Directory Sites and Services qun l vic sao li nhng thay i d liu ca AD LDS. Dynamic List of LDIF files.
Lun vn tt nghip
Page 25
Vi c tnh ny, bn c th lin kt cc file LDIF ty bin vi cc file LDIF mc nh hin c c dng thit lp AD LDS trn mt my ch. Recursive Linked-Attribute Queries.
Cc truy vn LDAP c th theo nhng ng dn c cu trc mng li ca thuc tnh xc nh cc tnh cht b xung ca thuc tnh, nh l thnh vin nhm Active Directory Rights Management Services a s cc t chc s dng chng ch chng minh thng tin nhn dng ca ngi dng hoc my tnh, cng nh m ha d liu trong qu trnh truyn d liu trn khp cc lin kt khng c bo mt trn mng (network). Active Directory Certificate Services (AD CS) tng cng tnh nng bo mt bng cch gn thng tin nhn dng ca mt ngi, mt thit b hay mt dch v vi m ring tng ng. Vic lu chng nhn v kha m ring trong phm vi Active Directory gip bo v thng tin nhn dng mt cch bo mt, v Active Directory tr thnh mt khu vc tp trung gi ra cc thng tin ph hp khi mt ng dng a ra yu cu. Nhng tnh nng nng cao i vi AD CS trong Windows Server 2008 bao gm: Enrollment Agent Templates.
C th gn cc delegated enrollment agent theo mi template Integrated Simple Certificate Enrollment Protocol (SCEP).
Lun vn tt nghip
Page 26
C th gi li cc mc Certificate Revocation List (CRL) ti ngi yu cu nh mt p ng chng nhn n nht thay v ton b CLR. iu ny gip gim bt tng lu lng mng c s dng khi cc my trm thm nh cc chng ch. Enterprise PKI (PKI View).
Mt cng c qun l mi cho AD CS, cng c ny cho php ngi qun tr Certificate Services qun l cc phn cp Certification Authority (CA) xc nh tnh trng tng th ca cc CA v d dng khc phc li.
2.3 C ch hoat ng cua Active Directory. Directory service : L mt m hnh t chc thng tin v user v ti nguyn trong h thng. D liu m trong cc thng tin d liu c mi quan h cht ch vi nhau. Trong cc h thng my tnh phn tn hoc trong mng my tnh, c rt nhiu i tng c t chc, lu tr theo cu trc Directory nh users, my tnh, file, server, my in, my fax v th m ta c nh ngha Directory Service. Directory Service c p dng trong vic lu tr cc thng tin, d liu theo kin trc t chc Directory v qun l tp trung cc i tng, n gin ha qu trnh xc nh v qun l resources. Directory Service l mt dch v hot ng nh mt switchboard chnh trong cc h iu hnh my ch, n h tr cc ngun Resources c lp v phn tn c th lm vic vi nhau, c th kt ni vi nhau. Directory Service cung cp mt nn tng cho cc chc nng ca mt h iu hnh my ch, m bo tnh bo mt, nng cao hiu nng khi thit k v trin khai cc h thng mng, ng thi gip ngi qun tr c th d dng qun tr c h thng. Active directory schema :
Lun vn tt nghip
Page 27
Trong Active Directory, database lu tr chnh l AD schema, Schema nh ngha tt c cc object c qun l trong Active Directory. Schema l danh sch cc nh ngha xc nh cc loi i tng v cc loi thng tin v i tng lu tr trong Active Directory. Schema c to thnh t cc object classes v cc attribute. V bn cht, schema cng c lu tr nh 1 object. Schema c nh ngha gm 2 loi i tng (object) l schema class object v schema Attribute object. Global catalog (GC) : Dch v Global Catalog dng xc nh v tr ca mt i tng m ngi dng c cp quyn truy cp. Vic tm kim c thc hin xa hn nhng g c trong Windows NT m khng ch c th nh v c i tng m c th bng c nhng thuc tnh ca i tng. Khi mt i tng c to mi trong Global Catalog, i tng c gn mt con s phn bit gi l GUID (Global Unique Identifier). GUID c cung cp c nh cho d bn c di chuyn i tng n khu vc khc. Dch v Global Catalog lu tr tt c cc object ca min cha GC v mt phn cc object thng c ngi dng tm kim ca cc domain khc trong forest. Global catalog lu tr nhng thuc tnh thng dng trong vic truy vn nh users first name, last name, logon name. Thng tin cn thit xc nh v tr ca bt k object no trong active directory. Tp hp cc thuc tnh mc nh cho mi loi object. Quyn truy cp n mi objec
Lun vn tt nghip
Page 28
Active Directory. DN l 1 tn duy nht c bo m xc nh i tng ta mun truy xut. Vi Active Directory ta c th dng c php LDAP m da vo X.500 c t tn ca i tng. VD: CN = ThangVD, OU = KinhDoanh, OU = HCM , DC = maritimebank, DC = com Relative distinguished name (RDN): L phn tn cng chnh l thuc tnh ca i tng. 1 Relative distinguished name (RDN) c dng tham chiu cc i tng trong i tng cha ( contrainer object). vi 1 RDN vic c t OU v DC khng cn thit,ch cn tn chung l . CN=Chritian Nagel l 1 RDN bn trong OU .1 RDN c th c dng nu ta c 1 tham chiu n 1 i tng cha v ta mun truy xut vo cc i tng con. Single sign-on :
Lun vn tt nghip
Page 29
Mi user ch dng 1 acount cho nhiu dch v. Lm n gin ho vic qun l v s dng.
2.4 Cc tnh nng ci tin b sung ca Active Directory Active Directory c Microsoft b xung thm nhiu tnh nng mi nh sau: Installation Wizard Installation Wizard trong Active Directory cha mt s tnh nng ci tin so vi cc phin bn trc . Nhng ci tin ny gip qun tr vin d dng kim sot vic ci t cc domain controller trong phm vi domain. Cc tnh nng nng cao bao gm: Kh nng qun l tt hn vi Server Manager. Server Manager, cng c qun l my ch mi trong Windows Server 2008, cho php qun tr vin pre-stage cc domain controller. Khi vai tr domain controller c b sung t console Server Manager, cc file cn thit thc hin qu trnh ci t dch v th mc s c copy vo my ch. Khi qun tr vin bt u chy Installation Wizard, dcpromo.exe, th cc file ny c lu vo b nh m ri v sn sng. Ci t DNS. To mt my ch Global Catalog. To mt Read-Only Domain Controller. Chn domain cho domain controller (bao gm chn domain t mt danh sch c cu trc cy). Chn site Active Directory ca domain controller.
Lun vn tt nghip
Page 30
Ci t cp chc nng ca domain. y quyn vic ci t Read-Only Domain Controller v ngi dng qun tr.
ci t th trang Summary cho php bn xut cc thit lp t qu trnh ci t hin ti vo mt file tr li. Mt khu c s dng cho ti khon qun tr Directory Services Restore Mode ca bn khng c xut bng file tr li v bn ch nu r rng ngi dng m ang ci t domain controller lun b hi mt khu. Theo cch ny, mt khu s khng th truy cp c bi nhng ngi dng no c th truy cp ti khu vc lu tr cc file tr li . Ci t Read-Only Domain Controller. C th ci t vai tr mi ca Read-Only Domain Controller bng Installation Wizard. Khi ci t mt Read-Only Domain Controller mi, bn c th xc nh ngi c quyn ci t v qun l domain controller . Trong
Lun vn tt nghip
Page 31
giai on ci t u tin, mt ngi qun tr domain c th xc nh ti khon no c php ci t Read-Only Domain Controller. Sau khi c xc nh, ngi dng gn vi Read-Only Domain Controller ny s c quyn ci t dch v th mc.
Nhu cu lin h trao i thng tin qua email l nhu cu cn thit v thit yu. Hin nay vn cn rt nhiu doanh nghip s dng h thng email min ph
Lun vn tt nghip
Page 32
hoc h thng email cha p ng ht nhu cu s dng. iu ny gy nh hng n hiu sut cng vic v hnh nh thng hiu ca doanh nghip. V nh th cn c 1 h thng mail ni b p ng y nhng yu cu kht khe v nhanh chng ca cc doanh nghip ang trn pht trin.
tc di chuyn ca email gn nh l tc thi. Vi cc bc th tn bnh thng, bn c th phi mt mt vi ngy th c th ti c a ch cn thit nhng vi email, sau c click chut vo nt gi th, ngi nhn c th c c ni dung th ca bn gi cho h. Chi ph r: Vi cc th tn bnh thng, bn phi tn mt khon chi ph kh ln khi gi cc bc th ca mnh i. Cn vi email, bn ch tn mt khon ph rt nh kt ni internet cng vi chi ph cho dch v email ca bn. Bn cng c th dng dch v email min ph. Khi chi ph ca bn cho cc bc th hu nh khng ng k. Khng c khong cch: Vi email, ngi nhn cho d xa bn na vng tri t hay ngay cng phng lm vic vi bn, vic gi v nhn th cng u c thc hin gn nh ngay lp tc. V chi ph cho cc bc th cng u r nh nhau. Khuyt im ca Email
Lun vn tt nghip
Page 33
Thun li trong vic ky kt cac hp ng trong Kinh Doanh, quang ba san phm. Thiu tinh sn sang : H thng bi rt mang do ng truyn nha cung cp co s c, may chu mail bi sp=> mt hp ng, mt li nhun v..v Thiu s bao mt +Thiu an toan : Thng tin khng c bao v d bi Hacker anh cp, trao i.Thng tin khng c ma hoa. D dang bi chim hu .D bi nhn th rac chim tai nguyn h thng cua cng ty cha k n vic th co inh kem virus. H thng Email Mt h thng mail thng thng t nht c 2 thnh phn l mail server v mail client c th nh v trn hai h thng khc nhau hay trn cng mt h thng.Ngoi ra,cn c nhng thnh phn khc nh mail gateway v mail host.
Lun vn tt nghip
Page 34
truyn thng khc nhau hoc kt ni cc mng khc nhau dng chung giao thc.V d mt mail gateway c th kt ni mt mng TCP/IP vi mt mng chy b giao thc Systems Network Architecture (SNA). Mt mail gateway n gin nht dng kt ni hai mng dng chung giao thc hoc mailer.Khi mail gateway chuyn mail gia domain ni b v cc domain bn ngoi.
mng.N dng nh thnh phn trung gian chuyn mail gia cc v tr khng kt ni trc tip c vi nhau. Mail host phn gii a ch ngi nhn chuyn gia cc mail server hoc chuyn n mail gateway. V d : my trong mng cc b LAN c modem c thit lp lin kt PPP hoc UUCP dng ng dy thoi.Mail host cng c th l my ch ng vai tr Router gia mng ni b v mng Internet. Mail Server : Mail Server cha mailbox ca ngi dng, nhn mail t mail client gi n v a vo hng i gi n mail host.Mail Server nhn mail t mail host gi n v a vo mailbox ca ngi dng. Ngi dng s dng NFS (Network File System) gn kt (mount) th mc cha mailbox trn mail server c mail.Nu NFS khng c h tr th ngi dng phi login vo mail server nhn th.
Lun vn tt nghip
Page 35
Trong trng hp mail client h tr POP/IMAP v trn mail server cng h tr POP/IMAP th ngi dng c th c th bng POP/IMAP. Mail Client : L nhng chng trnh h tr chc nng c v son tho th, mail client s dng 2 giao thc SMTP v POP, SMTP h tr tnh nng chuyn th t client n mail server, POP h tr nhn th t mail server v mail client.Ngoi ra,mail client h tr cc giao thc IMAP,HTTP thc thi chc nng nhn th cho ngi dng.Cc chng trnh mail client thng c s dng nh: Microsoft Outlook Express, Microsoft Office Outlook, Eudora.. 3.2 Gii thiu tng quan v h thng Exchange Server 2007 Gii thiu Exchange Server 2007 Nm 2007 Microsoft pht trin v xy dng phn mm th in t Microsoft Exchange Server 2007 nhm em li s tin ch cng nh p ng y cc yu cu kht khe ca cc cng ty hay doanh nghip ln .vi u im l d qun tr, h tr nhiu tnh nng bo mt v c tin cy cao.
Lun vn tt nghip
Page 36
H thng Mail Exchange Server 2007 c tch hp thm nhiu tnh nng bo m an ton cho h thng nh chng spam, virus hiu qu .Tch hp thm cc tnh nng nh ngi qun tr c th dng Script s dng Exchange Management Shell. S dng Microsoft Exchange Server 2007 gip ta c th truy cp E-mail, voice mail, calendar cng nh cc s truy cp a dng khc t cc thit b di ng tch hp h thng Mail khp mi ni. Khng ging nh mt s phin bn Exchange Server trc, Microsoft Exchange server 2007 d trin khai. Tt c c thay i trong Exchange Server 2007, nhng Role-based Setup Wizard mi, cho php bn c th trin khai cc Role Server ring bit. Da vo cc Server Role-based mi,ngi qun tr c th chn Server Role m mun ci t tu theo nhu cu .
Client Access Server Role: Role ny chp nhn cc kt ni t h thng mail Exchange ca bn n
mail clients khc(Non MAPI). Cc phn mm mail clients nh Outlook Express v Eudora dng POP3 hoc IMAP4 giao tip vi Exchange Server. Cc thit b di ng nh mobiles, PDA... dng ActiveSync, POP3 hoc IMAP4 giao tip vi h thng Exchange. Bn cnh vic h tr MAPI v HTTP clients, Echange Server 2007 cn h tr POP3 v IMAP4. Theo mc nh th POP3 v IMAP4 s c ci t khi ci Client Access Server Role Edge Transport Server Role:
Lun vn tt nghip
Page 37
Edge Transport Server Role l 1 server chuyn dng trong vic security, c chc nng lc Anti-Spam, n gn ging nh Hub Transport nhng Edge Transport khng c nhim v vn chuyn mail trong ni b m n ch lm nhim v bo v h thng Email server. Tt c mi e-mail trc khi vo hay ra khi h thng u phi qua Edge Transport . Edge Trasport ch c th ci trn mt Stand-Alone Server v khng th ci chung vi cc role khc(Mailbox,Client Access,Hub Transport...) Edge Transport: chu trch nhim vn chuyn email mesage vi cc h thng bn ngoi - ng vai tr nh gateway. inh hng mail.
Hub Transport Server Role: Hub Transport Server Role c nhim v chnh l vn chuyn Email trong
h thng Exchange. Ti Hub Transport chng ta c th cu hnh cc email policy ( sa, thm, hoc thay i ...) trc khi vn chuyn email i. Nhng email c gi ra ngoi Internet u tin s c chuyn tip n Hub Transport, sau s qua Edge Transport lc Antivirus v Spam, v cui cng mi chuyn tip ra ngai Internet. Hub Transport: chu trch nhim vn chuyn email message trong ni b v chuyn cc email message gi ra ngoi (i ni+ i ngoi)
Lun vn tt nghip
Page 38
Mailbox Server Role cha tt c cc Mailbox database v Public Folder database. N cung cp nhng dch v v chnh sch a ch email v danh sch a ch dnh cho ngi nhn. Mailbox Server truy cp vo AD ly thng tin ca i tng (Mailbox user....) H thng lu tr trn Hub Transport s gi l mail ny li. Client Access Server Role gi yu cu t clients n Mailbox Server Role, v sau ly d liu t Mailbox Server Role v. Unified Messaging Server Role s phn loi voice email v thng tin v cho Outlook Voice Access. Outlook clients trong mng ni b c th truy cp trc tip Mailbox Server gi v nhn mail. Outlook Clients ngai Internet c th truy cp Mailbox server bng cch dng RPC over HTTP
Unified Messaging Server Role: Unified Messaging l mt chc nng mi trong h thng Microsoft
Exchange Server 2007. H tr e-mail, voice-mail, my fax, lch, danh sch cc vic cn lm t bt k thit b no (gm c in thoi).Unified Messaging c xy dng trong c hai lnh vc: Outlook Voice Access v cc kh nng h tr truy cp khng dy. Cac phin ban cua Exchange Server 2007
Lun vn tt nghip
Page 39
Microsoft cung cp 2 phin ban cho Exchange Server 2007 o la Exchange Server 2007 Standard Edition va Exchange Server 2007 Enterprise Edition. Exchange Server 2007 Standard Edition
Phin ban Standard phu hp nhu cu x ly h thng th in t cua nhng cng ty va va nho. Phin ban nay co nhng gii han nh sau: Mi server chi h tr 5 nhom lu tr, mi nhom lu tr chi cho phep ti a 5 b c s d liu. H tr chc nng Local Continuous Replication nhng khng h tr Single Copy Clusters va Cluster Continuous Replication. Y nghia cua cac chc nng se lam ro trong phn sau. Exchange Server 2007 Enterprise Edition
Phin ban enterprise nhm ap ng nhu cu quan ly cua cac doanh nghip ln. Exchange Server 2007 Enterprise bao gm tt ca cac tinh nng cua phin ban Standard cng thm cac chc nng sau: H tr ti 50 nhom lu tr trn mt server. Mi nhom lu tr co th cha ti 50 databases. H tr Single Copy Clusters va Cluster Continuous Replications.
Tinh nng mi
* Bao v: anti-spam, antivirus, tun thu quy inh, kha nng clustering vi data replication, nng cao kha nng bao mt va ma hoa thng tin
Lun vn tt nghip
Page 40
* Nng cao kha nng truy cp thng tin cho ngi dung vn phong: cai tin lich lam vic, unified messaging, cai tin truy cp mail qua thit bi di ng va thng qua web access
* Nng cao kinh nghim quan tri: x ly trn nn tang 64-bit va cho phep m rng, h tr cu hinh ca bng command-line shell va giao din hoa, cai tin vic phat trin ng dung, phn quyn va inh tuyn n gian. * Exchange Management Shell: y la tp lnh cho phep cu hinh h thng exchange qua dong lnh (command-line shell) va ngn ng kich ban (scripting language) danh cho nhng ngi quan tri h thng (da trn Windows PowerShell). Ngi dung Shell co th cu hinh thng qua giao din chun cua Exchange Server nhng ng thi co th lam thm cac tac vu b sung bng cac dong lnh. Nhng tac vu quan trong se c tao thanh kich ban sn (scripts) va sau o c lu tr, chia se va tai s dung. Exchange Management Shell co trn 375 dong lnh giup quan ly cac tinh nng cua Microsoft Exchange Server 2007 * Tinh nng "Unified Messaging" cho phep ngi dung nhn voice mail, email, va fax t hp th cua ho, va cho phep ho truy cp hp th t in thoai di
Lun vn tt nghip
Page 41
ng hay cac thit bi wireless. Ban co th dung lnh bng li noi nghe th in t thng qua in thoai (va tt nhin co th gi cac tin nhn ngn, vi du "I'll be late") * Tng cng kha nng lu tr CSDL ti a ln n 16TB cho mt database. * Tng cng s lng nhom lu tr ti a va mail database trn tng server: cho phep 5 nhom lu tr trong phin ban Standard Edition (Exchange Server 2003 Standard chi cho phep 1 nhom), va ti 50 nhom trong phin ban Enterprise (Exchange Server 2003 Enterprise chi cho phep 4 nhom va 20 databases). Yu cu phn cng: Processor: Vi x l Xeon hoc Pentium 4 64-bit. Vi x l AMD Opteron hoc Athalon 64-bit. Memory: Ti thiu: 1 GB Ram Khuyn co: 2 Gb Ram cho server v 7Mb trn tng Mailbox Disk space: Khong 1.2 Gb trng ci t Exchange server 2007. Cn khong 500 Mb b nh trng cho Unified Messaging (UM) mi khi c ci t. 200 Mb trng s dng cho h thng. File format:
Lun vn tt nghip
Page 42
Tt c h thng, storage Exchange, storage group file, database files, Exchange files u c t trong disk c format theo NTFS
Yu cu phn mm:
Microsoft .NET Framework Version 2.0 Micrsoft Management Console (MMC) 3.0 Windows PowerShell V1.0 Hotfix for Windows x64 (KB904639)
OS phi l Microsoft windows server 2003 hay windows server 2008.S dng exchange 32bit cho h iu hnh 32 bit v exchange 64bit cho h iu hnh 64bit
My nng cp thnh Domain controllers. M rng Active Directory schema cho Exchange 2007 Bt chc nng Global catalog cho server. Upgrade Domain functional level v Forest functional level.
Lun vn tt nghip
Page 43
3.3 Cng ngh Clustering v Network Load Balancing 3.3.1 Cng ngh CLUSTERING
ClusTerring la gi? Tai sao phai xy dng h thng ClusterRing? i vi h thng my ch (Servers System) ca cc cng ty mang tm
quy m, vic x l d liu ti mt thi im l rt ln i hi tnh sn sng v tin cy h thng cao. Bn cnh phi c kh nng m rng p ng nhng yu cu cho s pht trin doanh nghip. Chuyn g xy ra khi my ch ngng hot ng, h thng t lit? Chc chn thit hi s khng nh. Vn trn bt buc cc nh nghin cu phi tm ra mt gii php ti u. Vi kin thc a hoc chung em a ra giai phap cung cp cho doanh nghip gii php kh thi. Clustering l mt kin trc nhm m bo nng cao kh nng sn sng cho cc h thng mng my tnh.
Lun vn tt nghip
Page 44
Clustering cho php s dng nhiu my ch kt hp vi nhau to thnh mt cm (cluster) c kh nng dung li (fault-tolerant) nhm nng cao sn sng ca h thng mng. Nhiu my ch c kt ni vi nhau theo dng song song hay phn tn v c s dng nh mt ti nguyn thng nht. Fail-over Nu mt my ch ngng hot ng do b s c hoc nng cp, bo tr, th ton b cng vic m my ch ny m nhn s c t ng chuyn sang cho mt my ch khc (trong cng mt cluster) m khng lm cho hot ng ca h thng b ngt hay gin on. Qu trnh ny gi l Fail-over; Fail-back Qu trnh t ng phc hi chim quyn cung cp ti nguyn ca mt my ch trong h thng (cluster) sau khi hot ng tr li c gi l Failback. Cc yu cu khi thit k v lp t cc cluster cn tho mn
Lun vn tt nghip
Page 45
Cc ti nguyn mng phi lun sn sng trong kh nng cao nht cung cp v phc v cc ngi dng cui v gim thiu s ngng hot ng h thng ngoi mun. Nu mt node trong cluster b s c, ton b cng vic m n ang m nhim lp tc c chuyn ti mt hoc nhiu node khc trong cluster. iu ny khng th c i vi cc h thng ring l nh trc y. Cc gii php Cluster cho php h thng t mc sn sng cao ti 99,99% vi chi ph thp hn nhiu so vi cc gii php c xy dng c bit v c d phng ln tin cy cao (reliability):
tin cy cao ca cluster c hiu l kh nng gim thiu tn s xy ra cc s c, v nng cao kh nng chu ng li ca h thng.Vi cluster, ta c th thc hin phn ti cc cng vic, cc dch v ti cc node khc nhau trn h thng, gip cho tng kh nng phc v i vi ngi s dng.
Kh nng m rng c (scalability): H thng phi c kh nng d dng cho vic nng cp, m rng trong
tng lai.Khi khi lng cng vic i vi h thng tng ln i hi yu cu tng trng, vi cluster ch cn cu hnh v thm vo cc node mi l c th p ng c yu cu v t hiu qu cao hn nhiu so vi cc h thng khng dng cluster (ch c th tng CPU, b nh ca h thng SMP trong khi cc kh nng cng ngh ny c mt gii hn nht nh, v d b nh ch c th tng i a bng kh nng h tr ca phn cng my ch v h iu hnh). Phn loi Cluster Farm v Cluster Back
Lun vn tt nghip
Page 46
H thng x l tnh ton ln nh h thng x l tnh ton song song (Parallel Computing) v Cng ngh Clustering cho h thng chu li (fault-tolerant) .Cluster c t chc thnh cc nhm gi l cc farm hay pack. Cluster Farm: Nhm cc my ch chy cc dch v ging nhau, nhng khng dng chung c s d liu. Cluster Pack:
Nhm cc my ch hot ng cng vi nhau v chia s vi nhau cc phn ca c s d liu. Hinh thc trin khai Clustering Loai 1: Ta trin khai 2 ng dng stateful trn h thng cluster th c mt phng php n gin l ci t c 2 ng dng y vo mi node ca cluster . cu trc ny th 2 ng dng trn cng 1 server do nu ng ny b li th s nh hng n ng dng kia, hiu qu ca h thng cluster thp.
dng cu trc ny th h thng s hiu qu hn nu c ng dng no b li th cng khng nh hng n cc ng dng khc. Nhng chi ph u t cho kiu ny rt cao bi v s lng cc node cho mi ng dng nhiu hn loi 1. Loai 3:
Lun vn tt nghip
Page 47
Trin khai c 2 ng dng trn cng 1 cluster, mi node ci 1 ng dng nhng khc vi loi 1 l s c 1 cluster lm nhim v backup. C th nh hnh 3 cho ta thy h thng ny c 1 node passive dng lm backup v ci c 2 ng dng ca node 1 v node 2 (2 node Active). Nu 1 trong 2 node ny b li th node passive s thay th chc nng ca node b li. H thng ny c hiu qu cao hn 2 loi trc 3.3.2 Cng ngh NETWORK LOAD BALANCING
NLB m rng hiu nng ca cc server ng dng, chng hn nh Web server, nh phn phi cc yu cu ca client cho cc server trong nhm (cluster). Cc server (hay cn gi l host) u nhn gi IP n, nhng gi ch c x l bi mt server nht nh. Cc host trong nhm s ng thi p ng cc yu cu khc nhau ca cc client, cho d mt client c th a ra nhiu yu cu. V d, mt trnh duyt Web cn rt nhiu hnh nh trn mt trang Web c lu tr ti nhiu host khc nhau trong mt nhm server. Vi k thut cn bng ti, qu trnh x l v thi gian p ng client s nhanh hn nhiu.
Lun vn tt nghip
Page 48
Mi host trong nhm c th nh ra mc ti m n s x l hoc ti c th phn phi mt cch ng u gia cc host. Nh s dng vic phn phi ti ny, mi server s la chn v x l mt phn ti ca host. Ti do cc client gi n c phn phi sao cho mi server nhn c s lng cc yu cu theo ng phn ti nh ca n. S cn bng ti ny c th iu chnh ng khi cc host tham gia vo hoc ri khi nhm. i vi cc ng dng nh Web server, c rt nhiu client v thi gian m cc yu cu ca client tn ti tng i ngn, kh nng ca k thut ny nhm phn phi ti thng qua nh x thng k s gip cn bng mt cch hiu qu cc ti v cung cp kh nng p ng nhanh khi nhm server c thay i. Cc server trong nhm cn bng ti pht i mt bn tin c bit thng bo trng thi hot ng ca n (gi l heartbeat message) ti cc host khc trong nhm ng thi nghe bn tin ny t cc khc host khc. Nu mt server trong nhm gp trc trc, cc host khc s iu chnh v ti phn phi li ti duy tr lin tc cc dch v cho cc client. Trong phn ln cc trng hp, phn mm client thng t ng kt ni li v ngi s dng ch cm thy tr mt vi giy khi nhn c p ng tr li.
ti a ho thng lng v kh dng, cng ngh cn bng ti s dng kin trc phn mm phn tn hon ton, trnh iu khin cn bng ti c ci t v chy song song trn tt c cc host trong nhm. Trnh iu khin ny sp xp tt c cc host trong nhm vo mt mng con pht hin ng thi lu lng mng n a ch IP chnh ca nhm (v cc a ch b sung ca cc host nhiu v tr khc nhau). Trn mi host, trnh iu khin hot ng nh mt b lc gia trnh iu khin card mng v chng giao thc TCP/IP, cho php mt
Lun vn tt nghip
Page 49
phn lu lng mng n c nhn bi host . Nh , cc yu cu ca client s c phn vng v cn bng ti gia cc host trong nhm. H thng cn bng ti chy nh mt trnh iu khin mng (v mt logic) nm di cc giao thc lp ng dng nh HTTP hay FTP. Hnh sau cho thy vic trin khai h thng cn bng ti nh mt trnh iu khin trung gian trong chng giao thc mng ca Windows2000 ti mi host trong nhm. Kin trc ny ti a ho dung lng nh vic s dng mng qung b phn phi lu lng mng n tt c cc host trong nhm v loi b s cn thit phi nh tuyn cc gi n tng host ring l. Do thi gian lc cc gi khng mong mun din ra nhanh hn thi gian nh tuyn cc gi (nh tuyn bao gm cc qu trnh nhn gi, kim tra, ng gi li v gi i), kin trc ny cung cp thng lng cao hn cc gii php da trn b iu phi. Khi tc ca mng v server tng ln, thng lng cng tng theo t l thun, do loi b c bt c s l thuc no vo vic nh tuyn da trn cc phn cng c bit. Trn thc t, b cn bng ti c th t thng lng 250Mbit/s trong cc mng Gigabit. Mt u im c bn khc ca kin trc phn tn hon ton l kh dng c tng cng vi (N-1) cch khc phc li trong mt nhm c N host. Cc gii php da trn b iu phi to ra mt im li k tha m ch c th c khc phc bng cch s dng mt b iu phi d phng v do ch cung cp mt cch khc phc li duy nht. Kin trc cn bng ti cng tn dng c nhng u im v kin trc cc thit b chuyn mch (switch) v/hoc cc b tp trung (hub) ca mng con trong vic ng thi phn phi lu lng mng n tt c cac host trong nhm. Tuy nhin, phng php ny lm tng "ti trng" trn cc chuyn mch do chim thm bng thng cng. y khng phi l vn trong phn ln cc ng dng nh dch v Web hay streaming media, do t l lu lng n ch chim mt phn rt nh trong tng lu lng mng. Tuy nhin, nu cc kt ni mng pha client n thit b chuyn mch c tc nhanh hn nhiu cc kt ni pha
Lun vn tt nghip
Page 50
server, lu lng c th chim mt t l ln qu mc cho php ca bng thng cng pha server. Vn tng t s gia tng nu nhiu nhm kt ni trn cng mt thit b chuyn mch v cc bin php thit lp cc mng LAN o cho tng nhm khng c thc hin. Trong qu trnh nhn gi, vic trin khai ca NLB l s kt hp gia vic phn phi cc gi ti tng TCP/IP v nhn cc gi khc qua trnh iu khin card mng. Vic ny gip tng tc x l chung v gim tr do TCP/IP c th x l gi trong khi trnh iu khin NDIS (Network Driver Interface Specification) nhn gi tip theo. Trong qu trnh gi gi, NLB cng tng cng thng lng, gim tr v ph ph (overhead) nh tng s lng gi m TCP/IP c th gi trong mt kt ni. c c nhng ci thin v hiu nng ny, NLB thit lp v qun l mt tp hp cc b m gi v cc k hiu (descriptor) c s dng phi hp cc hot ng ca TCP/IP v trnh iu khin NDIS.
NLB s dng hai lp broadcast hoc multicast phn phi ng thi lu lng mng n tt c cc host trong nhm. Trong ch hot ng mc nh l
Lun vn tt nghip
Page 51
unicast, NLB s gn a ch trm lm vic (a ch MAC) cho card mng card mng c th hot ng (card ny gi l card nhm ? cluster adapter), v tt c cc host trong nhm c gn cng mt a ch MAC. Cc gi n do c nhn bi tt c cc host trong nhm v chuyn gi ti trnh iu khin cn bng ti lc. m bo tnh duy nht, a ch MAC c dn xut t a ch IP chnh ca nhm. V d, vi a ch IP chnh ca nhm l 1.2.3.4, a ch MAC unicast c t l 02-BF-1-2-3-4. Trnh iu khin cn bng ti s t ng sa a ch MAC ca card nhm bng cch thit lp mt thc th ng k v ti np trnh iu khin card nhm. H iu hnh khng cn phi khi ng li. Nu cc host trong cluster c gn vo mt thit b chuyn mch (swicth) ch khng phi mt b tp trung (hub), vic s dng chung mt a ch MAC s gy ra xung t do cc chuyn mch lp 2 ch c th hot ng khi cc a ch MAC ngun trn tt c cc cng ca thit b chuyn mch l duy nht. trnh iu ny, NLB sa a ch MAC ngun cho cc gi u ra l duy nht, a ch MAC ca nhm l 02-BF-1-2-3-4 c chuyn thnh 02-h-1-2-3-4, trong h l mc u tin ca host trong nhm. K thut ny ngn khng cho thit b chuyn mch tm ra a ch MAC thc s ca nhm v kt qu l cc gi n nhm c phn phi ti tt c cc cng ca thit b chuyn mch. Nu cc host trong nhm c kt ni trc tip vo mt hub, mt n a ch MAC ngun ca NLB trong ch unicast c th c v hiu ho trnh gy ra hin tng trn cho cc thit b chuyn mch ng ln (upstream). iu ny c th thc hin bng cch thit lp tham s ng k NLB l MaskSourceMAC=0. Vic s dng h thng chuyn mch ng ln ba mc cng c th hn ch trn cho cc thit b chuyn mch. Ch unicast ca NLB c th lm v hiu ho qu trnh trao i thng tin gia cc host trong nhm c s dng card nhm. Khi cc gi ca mt host c gi i vi a ch MAC ch ging a ch MAC ngun, cc gi ny s b quay vng (loop-back) gia cc tng giao thc mng bn trong h thng pha gi v khng bao gi ra n ng truyn. Hn ch ny c th trnh c bng cch thm
Lun vn tt nghip
Page 52
mt card mng th hai cho mi host. Trong cu hnh ny, NLB s dng mt card mng trn mng con nhn cc yu cu ca client v mt card mng khc thng c t tch bit trn mng con cc b trao i thng tin gia cc host trong nhm v vi cc server c s d liu cng nh cc file server gc. NLB ch s dng card nhm truyn cc bn tin "heartbeat" v lu lng iu khin t xa. Ch rng, trao i thng tin gia cc host trong nhm v cc host ngoi nhm khng bao gi b nh hng bi ch unicast ca NLB. Lu lng mng n mt a ch IP dnh ring cho host (trong card nhm) c nhn bi tt c cc host trong nhm do chng s dng chung mt a ch MAC. Do NLB khng bao gi cn bng ti lu lng i vi cc a ch IP dnh ring, NLB s lp tc phn phi lu lng ny n TCP/IP trn host nh. Cc host khc trong nhm coi lu lng ny l lu lng c cn bng ti v s loi b lu lng ny. Ch , nu lu lng mng n qu ln i vi cc a ch IP dnh ring c th nh hng n hiu nng khi h thng NLB hot ng trong ch unicast (tu theo s cn thit i vi TCP/IP trong vic loi b cc gi khng mong mun). NLB cung cp ch th hai phn phi lu lng mng n cc host trong nhm, ch multicast. Ch ny gn a ch multicast 2 lp cho card nhm thay v thay i a ch trm lm vic ca card. V d, a ch MAC multicast s c gn l 03-BF-1-2-3-4 tng ng vi a ch IP chnh l 1.2.3.4. Do mi host trong nhm c mt a ch trm lm vic duy nht, ch ny khng cn mt b card mng th hai trao i thng tin gia cc host trong nhm v n cng khng c bt c nh hng no n hiu nng ca ton h thng do vic s dng cc a ch IP dnh ring.
Lun vn tt nghip
Page 53
Ch unicast ca NLB gy ra trn trn switch do s phn phi ng thi lu lng mng trn tt c cc cng. Tuy nhin, ch multicast ca NLB a ra c hi hn ch trn switch ngi qun tr h thng c th cu hnh mt mng LAN o trn switch cho cc cng tng ng vi cc host. C th lm c iu ny bng cch lp trnh cho switch hoc s dng giao thc IGMP hoc giao thc GARP, GMRP. NLB cn trin khai chc nng ARP m bo rng a ch IP chnh ca nhm v cc a ch IP o khc c th phn gii sang a ch MAC multicast ca nhm. (a ch IP dnh ring s tip tc phn gii sang a ch trm lm vic ca card nhm). Thut ton cn bng ti
NLB s dng thut ton lc phn tn hon ton nh x cc client n cc host trong nhm. Thut ton ny cho php cc host trong nhm a ra cc quyt nh cn bng ti mt cch c lp v nhanh chng cho tng gi n. N c ti u ho cung cp kh nng cn bng ti mt cch thng k i vi mt s lng ln cc yu cu nh do v s client to ra, in hnh l i vi cc
Lun vn tt nghip
Page 54
Web server. Nu s client v/hoc cc kt ni client to ra cc ti qu chnh lch nhau trn server, thut ton cn bng ti s t hiu qu. Tuy nhin, tnh n gin v tc ca thut ton cho php cung cp hiu nng rt cao bao gm c thng lng cao v thi gian p ng ngn trong mt di rng cc ng dng client/server thng dng. NLB x l cc yu cu ca client bng cch dn ng cho mt t l phn trm chn nhng yu cu mi cho tng host trong nhm. Thut ton khng p ng nhng thay i v ti trn mi host (chng hn nh ti CPU hay vn s dng b nh). Tuy nhin, qu trnh nh x s c thay i khi quan h thnh vin trong nhm thay i v t l phn trm ti phn b s c ti cn bng. Khi xem xt mt gi n, tt c cc host thc hin ng thi vic nh x thng k xc nh nhanh chng host no s x l gi . Qu trnh nh x s dng mt hm ngu nhin tnh mc u tin ca host da trn a ch IP v cng n ca client cng cc thng tin trng thi khc ti u ho vic cn bng ti. Host tng ng s chuyn gi t cc tng di ln tng TCP/IP cn cc host khc s loi b gi ny. Qu trnh nh x khng thay i tr phi quan h gia cc host trong nhm thay i, m bo rng a ch IP v cng n ca client cho trc s lun c nh x n cng mt host trong nhm. Tuy nhin, host c th trong nhm m a ch IP v cng n ca client nh x ti khng th c xc nh trc do hm ngu nhin c tnh n quan h thnh vin trong nhm hin ti v qu kh ti thiu ho kh nng nh x li. Nhn chung, cht lng cn bng ti c xc nh mt cch thng k bi s lng client to ra yu cu. Nh kt cu tng gim v s lng client theo thng k, s u n v cht lng ca thut ton cn bng ti s thay i nh. hot ng cn bng ti c chnh xc cao trn mi host trong nhm, mt phn ti nguyn h thng s c s dng o v phn ng trc nhng thay i ca ti. S tr gi v hiu nng ny phi c cn nhc so vi li ch ca vic ti a ho kh nng s dng cc ti nguyn trong nhm (v c bn l CPU
Lun vn tt nghip
Page 55
v b nh). Trong bt c trng hp no, vic s dng hp l cc ngun ti nguyn server phi c duy tr c th phc v cho cc ti client khc trong trng hp xy ra li. Khi mt host mi tham gia vo nhm, n s kch hot qu trnh hi t v mt quan h thnh vin mi trong nhm s c tnh ton. Khi qu trnh hi t hon thnh, mt phn ti thiu client s c nh x ti host mi. NLB d cc kt ni TCP trn mi host v sau khi kt ni TCP hin ti ca chng hon thnh, kt ni tip theo t cc client b nh hng s c x l bi host mi. Do , cc host nn c b sung vo nhm ti nhng thi im ti tng qu mnh nhm ti thiu ho hin tng ngt qung cc phin. trnh vn ny, trng thi phin phi c qun l bi ng dng server sao cho n c th c ti cu trc hay c tr li t bt k mt host no trong nhm. V d, trng thi phin c th c y n server c s d liu v lu trong cc cookies ca client.
3.4 Anti-Spam va Anti-Virus 3.4.1 Spam email v cch phng chng Spam Email
Spam mail l g ?
Th rc, th linh tinh, hay cn dc dng di tn gc Anh ng l spam hay spam mail, l cc th in t v b thng cha cc loi qung co c gi mt cch v ti v v ni nhn l mt danh sch rt di gi t cc c nhn hay cc nhm ngi v cht lng ca loi th ny thng thp. i khi, n dn d ngi nh d, tm cch c s th tn dng v cc tin tc c nhn ca h. Hin nay nhiu n v s dng vic gi email qung co trn lan trn mt c s d liu khch hng gy nhiu bi ri v kh chu cho ngi nhn. iu ny c th gy nh hng lu di ln thng hiu v vi phm cc iu lut quc t.
Lun vn tt nghip
Page 56
Khi tn min hoc a ch IP ca bn b lit k vo danh sch en (do vic gi Spam mail) ca cc cng c qun l email v lc email. Bn s khng th gi c email n ngi nhn sau cc h thng ny. Trong trng hp nghim trng, email ca bn s khng th c gi c ra ngoi v dch v hosting ca bn s b hy b. Cc bn nn lu iu ny khi gi email qung co hng lot. Cc phng php chn lc v phng chng Spam Email
Spam gy ra rt nhiu tc hi, do vy vic phng chng v ngn chn cc spam l cn thit. Hin c nhiu cng ty phn mm cung cp gii php chng spam, mi dng sn phm c nhng tnh nng v cc u nhc im ring, nhng hu ht cc sn phm u hot ng da vo mt s nguyn l sau: S dng DNS blacklist
Phng php s dng DNS black list s chn cc email n t cc a ch nm trong danh sch DNS blacklist. C hai loi danh sch DNS Blacklist thng c s dng, l:
Lun vn tt nghip
Page 57
Danh sch cc min gi spam bit, danh sch cc min ny c lit k v cp nht ti a ch http://spamhaus.org/sbl. Danh sch cc my ch email cho php hoc b li dng thc hin vic chuyn tip spam c gi i t spammer. Danh sch ny c lit k v cp nht thng xuyn ti a ch http://www.ordb.org. C s d liu Open Relay Database ny c duy tr bi ORDB.org l mt t chc phi li nhun. Khi mt email c gi i, n s i qua mt s SMTP server trc khi chuyn ti a ch ngi nhn. a ch IP ca cc SMTP server m email chuyn qua c ghi trong phn header ca email. Cc chng trnh chng spam s kim tra tt c cc a ch IP c tm thy trong phn header ca email sau so snh vi c s d liu DNS Blacklist bit. Nu a ch IP tm thy trong phn ny c trong c s d liu v cc DNS Blacklist, n s b coi l spam, cn nu khng, email s c coi l mt email hp l. Phng php ny c u im l cc email c th c kim tra trc khi ti xung, do tit kim c bng thng ng truyn. Nhc im ca phng php ny l khng pht hin ra c nhng email gi mo a ch ngi gi. S dng SURBL list
Phng php s dng SURBL pht hin spam da vo ni dung ca email. Chng trnh chng spam s phn tch ni dung ca email xem bn trong n c cha cc lin kt c lit k trong Spam URI Realtime Blocklists (SURBL) hay khng. SURBL cha danh sch cc min v a ch ca cc spammer bit. C s d liu ny c cung cp v cp nht thng xuyn ti a ch www.surbl.org. C nhiu danh sch SURBL khc nhau nh sc.surbl.org, ws.surbl.org, ob.surbl.org, ab.surbl.org..., cc danh sch ny c cp nht t nhiu ngun. Thng thng, ngi qun tr thng kt hp cc SURBL list bng cch tham chiu ti a ch multi.surbl.org. Nu mt email sau khi kim tra ni dung c
Lun vn tt nghip
Page 58
cha cc lin kt c ch ra trong SURBL list th n s c nh du l spam email, cn khng n s c cho l mt email thng thng. Phng php ny c u im pht hin c cc email gi mo a ch ngi gi nh la cc b lc. Nhc im ca n l email phi c ti xung trc khi tin hnh kim tra, do s chim bng thng ng truyn v ti nguyn ca my tnh phn tch cc ni dung email.
Tn cng spam kiu t in s dng cc a ch email v tn min bit to ra cc a ch email hp l khc. Bng k thut ny spammer c th gi spam ti cc a ch email c sinh ra mt cch ngu nhin. Mt s a ch email trong s c thc, tuy nhin mt lng ln trong l a ch khng tn ti v chng gy ra hin tng lt cc my ch mail. Phng php kim tra ngi nhn s ngn chn kiu tn cng ny bng cch chn li cc email gi ti cc a ch khng tn ti trn Active Directory hoc trn my ch mail server trong cng ty. Tnh nng ny s s dng Active Directory hoc LDAP server xc minh cc a ch ngi nhn c tn ti hay khng. Nu s a ch ngi nhn khng tn ti vt qu mt ngng no (do ngi qun tr thit lp) th email gi ti s b coi l spam v chn li.
Lun vn tt nghip
Page 59
Kim tra a ch
Bng cch kim tra a ch ngi gi v ngi nhn, phn ln spam s c pht hin v chn li. Thc hin kim tra a ch ngi gi trc khi email c ti xung s tit kim c bng thng ng truyn cho ton h thng. K thut Sender Policy Framework (SPF, www.openspf.org) c s dng kim tra a ch ngi gi email. K thut SPF cho php ch s hu ca mt tn min Internet s dng cc bn ghi DNS c bit (gi l bn ghi SPF) ch r cc my c dng gi email t min ca h. Khi mt email c gi ti, b lc SPF s phn tch cc thng tin trong trng From hoc Sender kim tra a ch ngi gi. Sau SPF s i chiu a ch vi cc thng tin c cng b trong bn ghi SPF ca min xem my gi email c c php gi email hay khng. Nu email n t mt server khng c trong bn ghi SPF m min cng b th email b coi l gi mo. Chn IP
Phng php ny s chn cc email c gi n t cc a ch IP bit trc. Khi mt email n, b lc s phn tch a ch my gi v so snh vi danh sch a ch b chn. Nu email n t mt my c a ch trong danh sch ny th n s b coi l spam, ngc li n s c coi l email hp l. S dng b lc Bayesian
B lc Bayesian hot ng da trn nh l Bayes tnh ton xc sut xy ra mt s kin da vo nhng s kin xy ra trc . K thut tng t nh vy c s dng phn loi spam. Nu mt s phn vn bn xut hin thng xuyn trong cc spam nhng thng khng xut hin trong cc email thng thng, th c th kt lun rng email l spam.
Lun vn tt nghip
Page 60
Trc khi c th lc email bng b lc Bayesian, ngi dng cn to ra c s d liu t kha v du hiu (nh l k hiu $, a ch IP v cc min...) su tm t cc spam v cc email khng hp l khc Mi t hoc mi du hiu s c cho mt gi tr xc sut xut hin, gi tr ny da trn vic tnh ton c bao nhiu t thng hay s dng trong spam, m trong cc email hp l thng khng s dng. Vic tnh ton ny c thc hin bng cch phn tch nhng email gi i ca ngi dng v phn tch cc kiu spam bit. b lc Bayesian hot ng chnh xc v c hiu qu cao, cn phi to ra c s d liu v cc email thng thng v spam ph hp vi c th kinh doanh ca tng cng ty. C s d liu ny c hnh thnh khi b lc tri qua giai on hun luyn. Ngi qun tr phi cung cp khong 1000 email thng thng v 1000 spam b lc phn tch to ra c s d liu cho ring n.
Vic s dng cc danh sch black list, white list gip cho vic lc spam hiu qu hn.
Lun vn tt nghip
Page 61
Black list l c s d liu cc a ch email v cc min m bn khng bao gi mun nhn cc email t . Cc email gi ti t cc a ch ny s b nh du l spam. White list l c s d liu cc a ch email v cc min m bn mong mun nhn email t . Nu cc email c gi n t nhng a ch nm trong danh sch ny th chng lun c cho qua. Thng thng cc b lc c tnh nng t hc, khi mt email b nh du l spam th a ch ngi gi s c t ng a vo danh sch black list. Ngc li, khi mt email c gi i t trong cng ty th a ch ngi nhn s c t ng a vo danh sch white list. Kim tra Header
Phng php ny s phn tch cc trng trong phn header ca email nh gi email l email thng thng hay l spam. Spam thng c mt s c im nh: trng trng From: hoc trng To: . Trng From: cha a ch email khng tun theo cc chun RFC. Cc URL trong phn header v phn thn ca message c cha a ch IP c m ha di dng h hex/oct hoc c s kt hp theo dng username/password (v d cc a ch: http://00722353893457472/hello.com, www.citibank.com@scammer.com) Phn tiu ca email c th cha a ch email ngi nhn c nhn ha email . Lu khi s dng tnh nng ny vi cc a ch email dng chung c dng nh sales@company.com. V d khi mt khch hng phn hi bng cch s dng tnh nng auto-reply vi tiu your email to sales c th b nh du l spam
Lun vn tt nghip
Page 62
Gi ti mt s lng rt ln ngi nhn khc nhau. Ch cha nhng file nh m khng cha cc t nh la cc b lc. S dng ngn ng khc vi ngn ng m ngi nhn ang s dng. Da vo nhng c im ny ca spam, cc b lc c th lc chn. S dng tnh nng Challenge/Response
Tnh nng ny s yu cu ngi ln u gi email xc nhn li email u tin m h gi, sau khi xc nhn, a ch email ca ngi gi c b sung vo danh sch White list v t tr v sau cc email c gi t a ch c t ng cho qua cc b lc. Do spammer s dng cc chng trnh gi email t ng v h khng th xc nhn li tt c cc email gi i, v th nhng email khng c xc nhn s b coi l spam. Phng php ny c hn ch l n yu cu nhng ngi gi mi phi xc nhn li email u tin m h gi. khc phc nhc im ny, ngi qun tr ch nn s dng phng php ny i vi nhng email m h nghi ng l spam. Vai tr ngi dng trong vic phng chng Spam
Ngoi vic s dng cc b lc chng spam, ngi s dng cng ng vai tr quan trng trong vic chng li i dch th rc. Bi vy ngi dng cn tun theo mt s nguyn tc sau: Lun cp nht cc bn v mi nht ca cc phn mm ang ci t trn my. m bo tt c cc my lun c cp nht cc phn mm chng virus v chng spam.
Lun vn tt nghip
Page 63
S dng cc firewall bo v h thng. Khng tr li cc email l khng r ngun gc. i vi cc spammer, khi nhn c mt tr li t hng ngn email h gi i th cng chng minh l phng php c hiu qu. Ngoi ra, vic tr li li cn xc nhn l a ch email ca bn l c thc v hin ang c s dng. Do vy a ch email ca bn s ng gi hn, v cc spammer s gi nhiu th rc hn.
Khng gi cc thng tin c nhn ca bn (s th tn dng, mt khu, ti khon ngn hng, v.v... ) trong th in t. Cc spammer v nhng k la o qua mng c th to ra nhng trang web gi mo cc t chc, ngn hng... ngh bn gi mt khu v mt s thng tin v th tn dng ca bn qua email.
Khng hi p email bng cch nhn ln t nh loi b (remove) hoc ngng ng k (unsubscribe) trong dng tiu hoc trong ni dung ca th tr khi y l ngun ng tin cy (cc email tip th trc tip). y l tiu xo ca cc spammer ngi s dng hi p li cc spam ca h. Khi nhn c hi p, cc spammer khng nhng khng loi b a ch email ca bn ra khi danh sch m cn gi ti nhiu spam hn bi v h bit rng a ch email ca bn hin ang hot ng.
Khng bao gi bm vo cc lin kt URL hoc a ch trang web c ghi trong spam ngay c khi n hng dn ngi nhn ngng ng k. iu ny cng cho ngi gi bit rng a ch email ca bn ang c s dng v bn c th s nhn c nhiu spam hn.
Hy s dng hai a ch email khc nhau, mt a ch s dng cho cc vic ring nh bn b, cng vic. Mt a ch s dng ng k tr thnh thnh vin ca cc din n, cc t chc... nhng ni m a ch email ca bn c th b lm dng hoc bn.
Lun vn tt nghip
Page 64
Khng nn ng a ch email ca bn nhng ni cng cng (v d nh cc din n, bng tin, chat room...) ni cc spammer thng s dng cc tin ch thu thp v tm kim a ch email.
S dng cc dch v email cung cp cng c chng spam, v d nh Yahoo! Mail, Gmail.
Khng bao gi c chuyn tip spam cho ngi khc. Chuyn spam nhn c n ngi qun tr h thng email. Qun tr vin s thay i chng trnh lc ln sau h thng s chn li nhng email tng t nh th.
3.4.2
Virus la gi? Tac hai cua virus? Virus tin hc bt u lch s ly nhim ca n trn my tnh ln vo nm
1970. Sau chng xut hin trn my PC vo nm 1986 v "lin tc pht trin" thnh mt lc lng hng hu cng vi s pht trin ca h my tnh c nhn. Ngi ta thng thy chng thng xut hin cc trng i hc, ni tp trung cc sinh vin gii v hiu ng. Da vo cc phng tin giao tip my tnh (mng, a...), chng lan truyn v c mt khp ni trn th gii vi s lng ng khng k xit. C th ni rng ni no c my tnh, ni c virus tin hc. Nh vy thy tm hot ng ca virus tin hc l ph bin v cng.
Lun vn tt nghip
Page 65
Virus tao trong cac phong nghin cu co muc ich ro rang dung anh cp thng tin hoc lam sup h thng i phng.
Virus c tao ra nhm bi nhng ke pha hoai. Virus c tao ra nhm muc ich xu khac
Tc hi ca Virus May tinh mt quyn iu khin 1 s tac vu. Hong H iu hanh, hong cac chng trinh ang chay, mt quyn iu khin tac vu. Bi ke tn cng iu khin may tinh.
D liu mt cp, xoa bo, ma hoa( ko s dung c). Mang : Gy t lit thng mang, gian oan truy cp dich vu, tai nguyn mang. La nguyn nhn cua nhiu vu tn cng mang.
Cac chng trinh thc thi lu hn binh thng. Mt d liu , nhiu file, chng trinh khng hoat ng.
Lun vn tt nghip
Page 66
L cc chng trnh cng c kh nng t nhn bn t tm cch lan truyn qua h thng mng (thng l qua h thng th in t). Malware
(ch ghp ca maliciuos v software) ch chung cc phn mm c tnh nng gy hi nh virus, worm v Trojan horse.Trojan horse y l loi chng trnh cng c tc hi tng t nh virus ch khc l n khng t nhn bn ra. Spyware
y l loi virus c kh nng thm nhp trc tip vo h iu hnh m khng li "di chng" Adware
Loi phn mm qung co, rt hay c trong cc chng trnh ci t ti t trn mng. Mt s phn mm v hi, nhng mt s c kh nng hin th thng tin kt mn hnh, cng ch ngi s dng Phishing:
L nhng chng trinh Web, Email c hai nhm chu yu la gat ngi dung cung cp cac thng tin tai khoan ca nhn...
Lun vn tt nghip
Page 67
C mt cu ni vui rng khng b ly nhim virus th ngt kt ni khi mng, khng s dng mm, USB hoc copy bt k file no vo my tnh. Nhng nghim tc ra th iu ny c v ng khi m hin nay s tng trng s lng virus hng nm trn th gii rt ln. Khng th khng nh chc chn bo v an ton 100% cho my tnh trc him ho virus v cc phn mm him c, nhng chng ta c th hn ch n ti a c th v c cc bin php bo v d liu ca mnh.
Bo v bng cch trang b thm mt phn mm dit virus c kh nng nhn bit nhiu loi virus my tnh v lin tc cp nht d liu phn mm lun nhn bit c cc virus mi.Trn th trng hin c rt nhiu phn mm dit virus. Trong nc (Vit Nam): Bkav, CMC. Ca nc ngoi: Avira, Kaspersky, AVG S dng tng la
Lun vn tt nghip
Page 68
Tng la (Firewall) khng phi mt ci g qu xa vi hoc ch dnh cho cc nh cung cp dch v internet (ISP) m mi my tnh c nhn cng cn phi s dng tng la bo v trc virus v cc phn mm c hi. Khi s dng tng la, cc thng tin vo v ra i vi my tnh c kim sot mt cch v thc hoc c ch . Nu mt phn mm c hi c ci vo my tnh c hnh ng kt ni ra Internet th tng la c th cnh bo gip ngi s dng loi b hoc v hiu ho chng. Tng la gip ngn chn cc kt ni n khng mong mun gim nguy c b kim sot my tnh ngoi mun hoc ci t vo cc chng trnh c hi hay virus my tnh. S dng tng la bng phn cng nu ngi s dng kt ni vi mng Internet thng qua mt modem c chc nng ny. Thng thng ch mc nh ca nh sn xut th chc nng "tng la" b tt, ngi s dng c th truy cp vo modem cho php hiu lc (bt). S dng tng la bng phn cng khng phi tuyt i an ton bi chng thng ch ngn chn kt ni n tri php, do kt hp s dng tng la bng cc phn mm. S dng tng la bng phn mm: Ngay cc h iu hnh h Windows ngy nay c tch hp sn tnh nng tng la bng phn mm, tuy nhin thng thng cc phn mm ca hng th ba c th lm vic tt hn v tch hp nhiu cng c hn so vi tng la phn mm sn c ca Windows. V d b phn mm ZoneAlarm Security Suite ca hng ZoneLab l mt b cng c bo v hu hiu trc virus, cc phn mm c hi, chng spam, v tng la.
Lun vn tt nghip
Page 69
Cp nht cc bn sa li ca h iu hnh
H iu hnh Windows (chim a s) lun lun b pht hin cc li bo mt chnh bi s thng dng ca n, tin tc c th li dng cc li bo mt chim quyn iu khin hoc pht tn virus v cc phn mm c hi. Ngi s dng lun cn cp nht cc bn v li ca Windows thng qua trang web Microsoft Update (cho vic nng cp tt c cc phn mm ca hng Microsoft) hoc Windows Update (ch cp nht ring cho Windows). Cch tt nht hy t ch nng cp (sa cha) t ng (Automatic Updates) ca Windows. Tnh nng ny ch h tr i vi cc bn Windows m Microsoft nhn thy rng chng hp php. Vn dng kinh nghim s dng my tnh
Cho d s dng tt c cc phn mm v phng thc trn nhng my tnh vn c kh nng b ly nhim virus v cc phn mm c hi bi mu virus mi cha c cp nht kp thi i vi phn mm dit virus. Ngi s dng my tnh cn s dng trit cc chc nng, ng dng sn c trong h iu hnh v cc kinh nghim khc bo v cho h iu hnh v d liu ca mnh. Mt s kinh nghim tham kho nh sau: Pht hin s hot ng khc thng ca my tnh : a phn ngi s dng my tnh khng c thi quen ci t, g b phn mm hoc thng xuyn lm h iu hnh thay i - c ngha l mt s s dng n nh - s nhn bit c s thay i khc thng ca my tnh. V d n gin: Nhn thy s hot ng chm chp ca my tnh, nhn thy cc kt ni ra ngoi khc thng thng qua tng la ca h iu hnh hoc ca hng th ba (thng qua cc thng bo hi s cho php truy cp ra ngoi hoc s hot ng khc ca tng la). Mi s hot ng khc thng ny nu khng phi do phn cng gy ra th cn nghi ng s xut hin ca virus. Ngay khi c nghi ng, cn kim tra bng
Lun vn tt nghip
Page 70
cch cp nht d liu mi nht cho phn mm dit virus hoc th s dng mt phn mm dit virus khc qut ton h thng.
Kim sot cc ng dng ang hot ng: Kim sot s hot ng ca cc phn mm trong h thng thng qua Task Manager hoc cc phn mm ca hng th ba (chng hn: ProcessViewer) bit mt phin lm vic bnh thng h thng thng np cc ng dng no, chng chim lng b nh bao nhiu, chim CPU bao nhiu, tn file hot ng l g...ngay khi c iu bt thng ca h thng (d cha c biu hin ca s nhim virus) cng c th c s nghi ng v c hnh ng phng nga hp l. Tuy nhin cch ny i hi mt s am hiu nht nh ca ngi s dng. Loi b mt s tnh nng ca h iu hnh c th to iu kin cho s ly nhim virus: Theo mc nh Windows thng cho php cc tnh nng autorun gip ngi s dng thun tin cho vic t ng ci t phn mm khi a a CD hoc a USB vo h thng. Chnh cc tnh nng ny c mt s loi virus li dng ly nhim ngay khi va cm USB hoc a a CD phn mm vo h thng (mt vi loi virus lan truyn rt nhanh trong thi gian gn y thng qua cc USB bng cch to cc file autorun.ini trn USB t chy cc virus
Lun vn tt nghip
Page 71
ngay khi cm USB vo my tnh). Cn loi b tnh nng ny bng cc phn mm ca hng th ba nh TWEAKUI hoc sa i trong Registry. S dng thm cc trang web cho php pht hin virus trc tuyn: Xem thm phn "Phn mm dit virus trc tuyn" ti bi phn mm dit virus Bo v d liu my tnh
Nu nh khng chc chn 100% rng c th khng b ly nhim virus my tnh v cc phn mm him c khc th bn nn t bo v s ton vn ca d liu ca mnh trc khi d liu b h hng do virus (hoc ngay c cc nguy c tim tng khc nh s h hng ca cc thit b lu tr d liu ca my tnh). Trong phm vi v bi vit v virus my tnh, bn c th tham kho cc tng chnh nh sau: Sao lu d liu theo chu k l bin php ng n nht hin nay bo v d liu. Bn c th thng xuyn sao lu d liu theo chu k n mt ni an ton nh: cc thit b nh m rng ( USB, cng di ng, ghi ra a quang...), hnh thc ny c th thc hin theo chu k hng tun hoc khc hn tu theo mc cp nht, thay i ca d liu ca bn. To cc d liu phc hi cho ton h thng khng dng li cc tin ch sn c ca h iu hnh (v d System Restore ca Windows Me, XP...) m c th cn n cc phn mm ca hng th ba, v d bn c th to cc bn sao lu h thng bng cc phn mm ghost, cc phn mm to nh a hoc phn vng khc
Thc cht cc hnh ng trn khng chc chn l cc d liu c sao lu khng b ly nhim virus, nhng nu c virus th cc phin bn cp nht mi hn ca phn mm dit virus trong tng lai c th loi b c chng.
Lun vn tt nghip
Page 72
3.4.1 20007
y Nhom chung ti xin gii thiu o la tinh nng Edge Transport co sn trong Exchange 2007, va Microsoft ForeFront Protection For Exchange. Edge Transport Server Quay tr li vo khong thng 2 nm 2004, khi Exchange Server 2003 vn l mt nn tng th tn Exchange chnh c s dng bi cc t chc doanh nghip trn ton th gii, Microsoft tuyn b rng h s cung cp mt b sung nng cao c bit n vi t cch l Microsoft Exchange Edge Services. nhm lm nng cao Exchange Edge Services c th thc thi chuyn tip Simple Mail Transfer Protocol (SMTP) trong Exchange Server 2003. Vi Exchange Edge Services, Microsoft s cung cp mt lot nhng kh nng mi nhm trang b cho php khch hng bo v h thng email ca h tt hn trc virus v cc th rc cng nh ci thin hiu qu trong vic qun l v nh tuyn lu lng email MS Exchange gii thiu Edge Transport Server nhm cho php cc t chc doanh nghip c c nhng h tr mnh trong vn chng spam m khng cn u t gii php ca cc nhm phn mm th ba khi ci t sn phm ny. Cc tnh nng sp xp th tn trong Edge Transport server role
Lun vn tt nghip
Page 73
Vai tr chnh ca my ch Edge Transport l nh tuyn email v thc hin mt s cng vic sp xp th tn nhng n cng c mt s tnh nng, nhng tnh nng ny c th cho php bn thc hin mt s th khc nh vic ghi li cc a ch SMTP, cu hnh cc quy tc truyn ti, cho php ghi nht k Mc nh Edge Transport server ch lc cc thng bo spam v cc mail khng mong mun khc bng cch s dng cc tc nhn nh km. Exchange 2007 Server role ny khng thc hin bt k bin php lc virus c trong mail. lc virus bn trong cc thng bo b nhim bng Edge Transport server, bn phi ci t Forefront Security cho Exchange cua Microsoft hoc mt sn phm no ca cc hng phn mm th ba cho my ch
Lun vn tt nghip
Page 74
Lun vn tt nghip
Page 75
ForeFront l mt phn mm anti-virus ca Microsoft. ForeFront c nhiu phin bn: ForeFront Client ci cho end-user, ForeFront For SharePoint, va Antivirus Forefront Security for exchange 5/2007 Microsoft gii thiu sn phm Microsoft forefront client security dng sn phm bo mt ton din, gii quyt cc vn v Virus v Spyware v mang li tnh trng an ninh tt hn cho h thng mng ca bn. Microsoft Forefront Client Security l gii php bo mt nhm chng li cc nguy c xm hi n tnh an ton ca h thng. Forefront client security l sn phm tch hp phng chng virus v spyware, Forefront client security c th pht hin v dit virus, worm Trojan, spyware, rootkit cho my client v server..
Lun vn tt nghip
Page 76
Tnh Sn Sng cao (High Availability) S dung Cng ngh Cluster: c dng cho cc ng dng Stateful applications (cc ng dng hot
ng thng xuyn trong thi gian di) bao gm cc database server nh l Microsoft MySQL Server, Microsoft Exchange Server, File and Print Server Tt c cc node trong Cluster dng chung 1 ni lu tr d liu c th dng cng ngh SCSI hoc Storage Area Network (SAN). Network Load Balancing: L mt loi khc ca k thut Clustering c kh nng chia ti v nng cao kh nng chu li ca h thng c tt hn. c dng cho cc ng dng Stateless applications (cc ng dng hot ng mang tnh nht thi) nh Web, File Tranfer Protocol (FTP), Virtual Private Network (VPN), DHCP Tnh Bo Mt cao (High Security)
Lun vn tt nghip
Page 77
Xy dng Edge TransPort trong vng DMZ Trong h thng Exchange 2007, Edge Transport Server l 1 Server cung cp chc nng vn chuyn mail SMTP, cung cp cc chc nng lc Spam Mail sau vn chuyn vo Hub Transport. thc hin gii php chng th rc bn c th trin khai mt Edge Transport Server Exchange 2010 v cu hnh n nh l mt my ch Anti Spam. My ch ny thng nm trong DMZ ni m n chp nhn cc message SMTP n t Internet. Sau khi x l cc lung message th cc message sch s c gi n my ch Hub Transport ni b. Khi Edge Transport Server nm trong DMZ n khng phi l thnh vin ca min Active Directory bn trong, do cn mt s cu hnh b sung. V tr ca my ch Edge Transport Nh ni, my ch Edge Transport thng nm trong DMZ ca mng, gia mng internet v mng ni b.
Message c gi t internet vo my ch Edge Transport v sau c gi ti my ch Hub Transport. Message gi i t Hub Transport Server c
Lun vn tt nghip
Page 78
chuyn tip ti my ch Edge Transport v Edge Transport Server ln lt chu trch nhim cho vic cung cp Internet. Mt c ch cn phi c thc hin l gi cho Edge Transport Server c cp nht thng tin v Active Directory ni b. K t khi Edge Transport Server khng phi l mt thnh vin trong Active Directory ni b, n khng c thng tin g v cho Tn min v d chp nhn hoc khng chp nhn ngi dng. S dung giao thc SSL SSL l giao thc a mc ch c thit k to ra cc giao tip gia hai chng trnh ng dng trn mt cng nh trc (socket 443) nhm m ho ton b thng tin i/n, m ngy nay c s dng rng ri nhm mc ch bo mt. Giao thc SSL c hnh thnh v pht trin u tin nm 1994 bi nhm nghin cu Netscape dn dt bi Elgammal v ngy nay tr thnh chun bo mt thc hnh trn mng Internet. Phin bn SSL hin nay l 3.0 v vn ang tip tc c b sung v hon thin.
S khc bit gia HTTP, SMTP, POP v HTTPS, SMTPS, POPS l HTTPS, SMTPS, POPS cung cp vic m ha d liu ca user v server, vic m ha
Lun vn tt nghip
Page 79
c thng qua vic s dng giao thc SSL nhm m bo an ton thng tin v trnh b "nh hi" (Sniffer). Cc protocol rt ph bin hin nay: HTTP (Hypertext Transfer Protocol) port 80 SMTP (Simple Mail Transfer Protocol) port 25 POP3 (Post Office Protocol version 3) port 110 Nhng trong mi trng Network th chng cha tht s an ton v c th sniffer ly password v th an toan thng tin mail server Ta nn trin khai HTTPS (port 443) SMTPS (port 465) POPS (port 995)
Tinh an toan cao Microsoft Forefront mang n mt dng sn phm bo mt ton din,
c tch hp gip bo v h thng my ch, my trm v edge chng li cc him ha lun lun bin i. Forefront gip bo v cc h iu hnh my ch v my trm Microsoft. Tnh nng chng malware nhanh nhy ca Microsoft ForeFront Client Security chng li cc nguy c v virut, spyware v cc nguy c khc mt cch hiu qu .
Lun vn tt nghip
Page 80
M hinh hinh hin tai cua cng ty co sn h thng AD. S dung ServerMail cua FPT.Tai 3 tru s h thng cn 1500 users phn b tai 3 tru s chinh : Sai Gon. Ha Ni. Hai Phong.
H thng Mail : 65% cng vic anh hng t Mail Lin lac trao i cng vic gia Ca nhn va cac nha u t . Thng bao lich lam vic . Thng tin lin h gia cng ty va i tac
Lun vn tt nghip
Page 81
Kho khn trong vic xy dng h thng bao mt cho Mail. Chm trong vic khc phuc li . in hinh 25/4/2004 toan b h thng mail cua cng ty bi inh tr do h thng Internet cua FPT bi sp => Do cab chinh SMW3 bt n nha cung cp Hng Kng bi t ngoai khi. Dn n vic bao tri va sa cha ln n hang tun .Mang tt nghen cng ty bi thit hai nng n do t lin lac vi khach hang va mt rt nhiu hp ng.
Lun vn tt nghip
Page 82
FPT chi n bu nho giot thng qua vic tra lai tin phi ko truy cp va ko s dung dung lng trong vong 3 ngay vi gia = 1.5 ln binh thng . S c la do khach quan or chu quan thi cung gy inh tr cng vic khin cng ty bi thit hai nng n. Tach bit vi cac ng dung mua ban quyn vi chi phi cao nh Office Comunication Server va MS-Sharepoint Server a ra phng an giai quyt: Mail Exchange2007
Vi nhng ly do trn chu tich tp oan quyt inh xy dng h thng mail hoat ng c lp khng mn Mail server cua nha cung cp ,vi ng truyn leasline co sn gia 3 tru s chinh tai VN. Phong K Hoach xut xy dng h thng Server Mail trn nn tang Domain co sn tai cac tru s a cai t Windows Server 2003 va xut s dung phn mm Mail Exchange 2007 co tinh nng Edge transport vt tri so vi nhng mail khac. Tru s chinh t tai Sai Gon
Xy dng h thng Server Mail t tai tru s Sai Gon vi nhiu ly do khach quan va chu quan nh sau: Vi tri ia ly la cu ni thng mai cac tinh thanh phia nam gn cang , bin hang hoa bun ban trao i giao dich manh. Gn 2 trung tm kinh t ang ln la Cn Th va Binh Dng va ng bng sng Cu Long .Sinh vin khp ni trn ca nc x v hoc tp va sinh sng vic giao dich tai ngn hang, rut tin ATM, vay vn phat trin u t C s ha tng: a co sn ng truyn leasline phu hp vi xy dng h thng .
Lun vn tt nghip
Page 83
H thng IT hung hu chuyn nghip cao thun tin cho vic bao tri, bao mt, support.
Khach hang nhiu la ngun li cua cng ty- h thng nhn vin kha ln chim 50% nhn vin cng ty.
1.3 Thit kt m hnh Mail Exchange server 2007 cho doanh nghip M hnh trin khai tng th
Lun vn tt nghip
Page 84
y l m hnh tng qut th hin kt ni gia 3 site Ti Site Si Gn (tr s chnh, ta trin khai h thng CLustering v Network Load Balancing Ti 2 site H Ni v Hi Phng ta trin khai Exchange Mail cho child domain.
Lun vn tt nghip
Page 85
Site Si Gn l tr s chnh c trin khai vi subnet 192.168.101.0/24 domain saigon.maritimebank.com, gm c 7 Server v h thng cc my Client: dc-main additional dc-main dc-saigon 2 Server Cluster-1 v Cluster-2 2 Server LoadBalancing-1 v LoadBalancing-2
Lun vn tt nghip
Page 86
Lun vn tt nghip
Page 87
Lun vn tt nghip
Page 88
dc-haiphong svr-mailhp
Trong s ny, chng ta xy dng h thng ISA Front End Back End v trin khai Edge Transport Server cng vi External DNS tng tnh bo mt, an ton cho h thng
Lun vn tt nghip
Page 89
Ti ISA, ta dng cc rule public cc dch v cn thit ra ngoi User bn ngoi internet c th truy cp v lm vic c m vn m bo tnh an ton v bo mt.
Lun vn tt nghip
Page 90
bc ny, chng ta tin hnh chun b h thng AD, h thng phn gii tn min DNS v tin hnh Replicate thnh cng gia cc site. 2.2 Prepare AD v Schema cho h thng Active Directory
Prepare AD va Schema tren dc-main Cai t cac goi cn thit cho qua trinh cai t Exchange
Lun vn tt nghip
Page 91
- Cai NetFx 2.0 - Cai PowerShell - IIS 6 - Update time zone WindowsServer2003-KB933360-x86 - Raise Domain Funtional Level ln windows Server 2k3 Qua trinh Setup exchange tai dc-main cung la qua trinh prepare schema cho cac child domain.
Add group user admin cua dc-saigonTai dc-main cp quyn cho user dc-saigon/ admininistrator cai t exchange : Add user dc-saigon/admininistrator vo 3 group sau: 1.ENTERPRISE ADMIN
Lun vn tt nghip
Page 92
2.SCHEMA ADMIN
Lun vn tt nghip
Page 93
Restart lai may chu.- Reboot. Qua trinh Prepare Schema hoan tt.
2.3 Cu hnh h thng Cluster chu li ti site Si Gn - Cu hinh CL1 va CL2 cho 2 may s dung IP kt ni chung la 192.168.101.10. - Cai 2 Role : Hub Transport va Client AccesssRole tai 2 may CL1 va CL2 Chun bi ia San: y ta gia lp ia dung chung t tai dc-saigon. s dung StarWind : y la phn mm gia lp devices cua may tinh in hinh la cac thit bi Raid phuc vu cho cng vic hoc tp ln s dung thc t trong doanh nghip. y vi muc ich s dung StarWind thay th ia San . Tao 2 file image: Image0: name quorum Image1: name exchange2k7
Lun vn tt nghip
Page 94
Thit lp IP tai 2 may CL1 va CL2 cu hinh join domain vao dc-saigon.CL1,CL2 mi may co 2 Card Mang : 1 Public ni vi h thng mang cua Site SaiGon
Lun vn tt nghip
Page 95
1 Private ni vi card mang Private cua may CL con lai vi Net Address : 10.0.0.x/8 Chu y khi cu hinh Card Mang Private phai bo 2 tinh nng
Lun vn tt nghip
Page 96
Cai t phn mm iSCSI tai 2 may CL. Join Domain 2 may CL1 va CL2 vao dcsaigon. Login user administrator saigon vao tng may CL va Format ia dung chung.S dung phn mm iSCSI phuc vu cho may CL 1 va CL 2 kt ni vi h thng ia QuoRum, va Exchange2k7 tai dc-saigon.Va inh dang 2 ia ta c san phm sau
Lun vn tt nghip
Page 97
Lun vn tt nghip
Page 98
Cai t thanh ia San va kt ni vi ia San thanh cng la Exchange2k7.Ta tin hanh cu hinh cluster a vao s dung cho 2 may CL1 va CL2. Vi IP dung chung la 192.168.101.99 Sau khi cu hinh CL1 ta tip tuc cu hinh CL2
Lun vn tt nghip
Page 99
Lun vn tt nghip
Page 100
Lun vn tt nghip
Page 101
Qua trinh cai t va thit lp Cluster thanh cng ta tin hanh cai t mail box tai h thng Cluster.(pc CL1 va CL2) - Login = admin saigon. - Cai NetFx 2.0 - Cai PowerShell - Update time zone - Ci IIS + www =>>chy prepare domain ngay chnh cluster ri mi ci exchange
Lun vn tt nghip
Page 102
Sau khi prepare ta tip tuc tin trinh cai t mail box tai may CL1 h thng cluster ang active, ta cai t mailbox role vi tinh nng Acitve Mail box tai may CL1 , va trn CL2 la passive
Lun vn tt nghip
Page 103
Lun vn tt nghip
Page 104
Lun vn tt nghip
Page 105
Qua trinh cu hinh hoan tt.Nguyn tc hoat ng 2 may CL1 va CL2 c cai Mail Box Role vi nhim vu cha th .May CL1 ang ch Active thi se lam nhim vu cha mail box.May CL2se ch Passive se ko thy ia Exchange2k7..Khi may CL1 restart hoc bi s c thi may CL2 se chuyn thanh Active va tip tuc nhim vu cua CL1 vi data dung chung t ngoai h thng cluster nn ko anh hng n data . 2.4 Cu hnh Network Load Balancing ti site Si Gn cu hinh Ip basic
LB1: Nic1
IP
192.168.101.4 : 255.255.255.0
Subnet DNS :
192.168.1.3
Lun vn tt nghip
Page 106
LB2: Nic1
IP
192.168.101.5 : 255.255.255.0
Subnet DNS :
192.168.1.3
Trin khai h thng NetWork Load Balancing cho h thng mail tai site saigon. Join domain may nlb vao child domain : saigon.maritimebank.com.Sau o logon vao may LB1 bng user administrator cua dcsaigonSaigon.maritimebank.com\administrator go : nlbmgr ( m Network Load Balancing Manager)
Lun vn tt nghip
Page 107
Lun vn tt nghip
Page 108
Lun vn tt nghip
Page 109
Lun vn tt nghip
Page 110
Qua dc-saigon vao DNS tao cu hinh thm:Tao new host (A): nlb tro v ip 192.168.101.10 Check PTR recored va Allow any.
Lun vn tt nghip
Page 111
Cai t client access role va hub transport vao 2 may cu hinh NLB Role ny chng nhn cc kt ni t h thng mail clients ca bn n mail Exchange. Ta cai t role nay ln h thng Load Balancing vi tac vu cn bng tai ng truyn n h thng chng thc giup cho vic truy cp mail tt hn. Cai : NetFramework + IIS.
bo ia source exchange setup : Chon Custom. Check vao Client Access Role va Hub Transport Role va cai t
Lun vn tt nghip
Page 112
Lun vn tt nghip
Page 113
Lun vn tt nghip
Page 114
2.6 Trin khai Edge Transport trong vng DMZ Gi nhn Mail Internet S dung Edge transport vung DMZ. . M hinh logic chi tit demo Edge transport :
m hinh nay chung ti Demo h thng Site sai gon ln 1 DC-main( Hub+ Client access+Mailbox). m hinh logic chi tit kt hp vi m hinh nay qua nhiu may ao :D nn chung em chi demo h thng bao mt nay vi cam kt y u tinh nng c ban nh m hinh ban u
H thng mail cua nhom 2 chung ti a ra vi xut xy dng toan b may chu mail Site saigon bao gm :
Lun vn tt nghip
Page 115
Mailbox tai h thng Cluster Client Access Role, Hub Transport Server Role tai h thng may NetWord Load Balancing Tt ca cac yu trn c a v PC co tn la Dc-main gia lp y u cac tinh
nng cua 1 server Mail cua site Sai Gon va xy dng may Edge transport Server ngoai h thng Local , may edge transport nm trn vung DMZ co nhim vu loc mail va co tinh nng Anti-Spam va inh hng mail . Ngoai h thng nay ta xy dng thm 2 con ISA bao v vung DMZ, mt may chu External DNS va c chung ta ng ky tn min ngoai Internet ng nghia vi vic se ong l phi hng nm. ISA-Back-End : co nhim vu chi cho phep cac truy cp DNS, STMP, STMPs, POP3, POP3s, HTTPs cac goi dich vu cn thit t h thng Internal ra ngoai vung Peremiter va ngc lai. ISA-Front-End : co nhim vucho phep truy cp DNS gia may External DNS vi h thng DNS cua ISP va quan trong nht la vic gi va nhn mail qua lai bng 2 giao thc SMTP va POP3 gia Perimeter va Internet Ban thn Dc-main cung la mt may chu dns-internal , c cu hinh phn giai y u , may edge , va c forward sang may external dns. May Edge transport : tro dns v may dc-main , nhng ban thn no vn phn giai c Mxrecord cua ISP ngoai internet ly do may External-DNS phn giai c ISP va cu hinh Forward wa DNS cua ISP. May ISP : c gia lp bng mail Deamond. Va h thng DNS cua domain abc.net cung Forward v may External-DNS.
Lun vn tt nghip
Page 116
2.6.1
Lun vn tt nghip
Page 117
Lun vn tt nghip
Page 118
Lun vn tt nghip
Page 119
Lun vn tt nghip
Page 120
Lun vn tt nghip
Page 121
Lun vn tt nghip
Page 122
Lun vn tt nghip
Page 123
Lun vn tt nghip
Page 124
Lun vn tt nghip
Page 125
Lun vn tt nghip
Page 126
Lun vn tt nghip
Page 127
Lun vn tt nghip
Page 128
Lun vn tt nghip
Page 129
Lun vn tt nghip
Page 130
Next check th h thng thiu item gi ko: va qua trinh check thanh cng co th tip tuc install.
Lun vn tt nghip
Page 131
Lun vn tt nghip
Page 132
2.6.2
Join vao Domain local maritimebank.local Tai may ISA Back-end Co 2 card mang : Internal : IP: 192.168.1.1
Lun vn tt nghip
Page 133
Lun vn tt nghip
Page 134
Lun vn tt nghip
Page 135
Lun vn tt nghip
Page 136
Lun vn tt nghip
Page 137
Lun vn tt nghip
Page 138
Lun vn tt nghip
Page 139
Lun vn tt nghip
Page 140
Chon Templates:
Lun vn tt nghip
Page 141
Lun vn tt nghip
Page 142
Lun vn tt nghip
Page 143
Lun vn tt nghip
Page 144
Lun vn tt nghip
Page 145
Lun vn tt nghip
Page 146
Lun vn tt nghip
Page 147
Lun vn tt nghip
Page 148
Lun vn tt nghip
Page 149
Lun vn tt nghip
Page 150
Tao Network Rule may Edge Route sang Hub ( Hub la may dc-main) thanh cng
HubTransport
Lun vn tt nghip
Page 151
Ta tao tip Rule cp phep cho vic s dung Port 50389 va 50636 T may computer set
Lun vn tt nghip
Page 152
Tao Rule cho vic gi va nhn mail: m protocol SMTP va POP3 t may computer set
Lun vn tt nghip
Page 153
2.6.3 Chinh
Lun vn tt nghip
Page 154
Lun vn tt nghip
Page 155
Cai t ADAM :
Lun vn tt nghip
Page 156
Cai cac goi hotfix : Net FrameWork 2.0+ Power Shell 1.0
Lun vn tt nghip
Page 157
Sau o restart may va cai t Exchange. Chon Edge Transport Server Role : va chon Next
Lun vn tt nghip
Page 158
Lun vn tt nghip
Page 159
Tai C: may Edge ta backup file EdgeSubscription.xml va chep vao may dc-main tng t vi tri may Edge.
Lun vn tt nghip
Page 160
Tai may dc-main : ta copy file EdgeSubscription.xml vao ri sau o vao Management Console tao Subscription
Lun vn tt nghip
Page 161
Lun vn tt nghip
Page 162
Lun vn tt nghip
Page 163
Lun vn tt nghip
Page 164
Lun vn tt nghip
Page 165
Kim tra co 2 Send Connector la thanh cng. Tng t bn tab Receive Connectors
Lun vn tt nghip
Page 166
Lun vn tt nghip
Page 167
Lun vn tt nghip
Page 168
Cai t Dich vu DNS.va cu hinh :Tao Reverse Zone: primary tro v 203.162.1.X, va Froward Zone : Primay Zone tro v Tn min va ng ky: maritimebank.com,tao New Host A vi Name : ex-dns tro v chinh may External-DNS
Tng t ta tao New Host A vi name la edge va tro v may Edge : IP 203.162.1.27
Lun vn tt nghip
Page 169
Lun vn tt nghip
Page 170
Lun vn tt nghip
Page 171
Lun vn tt nghip
Page 172
172.16.0.2
IP :
203.162.1.30
Mask: 255.255.255.248
Lun vn tt nghip
Page 173
IP :
172.16.0.1
Lun vn tt nghip
Page 174
Lun vn tt nghip
Page 175
Lun vn tt nghip
Page 176
Lun vn tt nghip
Page 177
Tao Access Rule : DNS query Allow : cho phep truy xut DNS gia
External
Perimerter
Lun vn tt nghip
Page 178
Tao tip AccessRule: Allow gi nhn Mail: m 2 port POP3 va SMPT cho phep gi mail ra vao gia External
Perimerter
Lun vn tt nghip
Page 179
2.6.5
Lun vn tt nghip
Page 180
Lun vn tt nghip
Page 181
Lun vn tt nghip
Page 182
Lun vn tt nghip
Page 183
net:
Lun vn tt nghip
Page 184
Lun vn tt nghip
Page 185
Tai domain ispa tao new host a vi tn mail tro v ip cua may ISP
Lun vn tt nghip
Page 186
in Domain name
Lun vn tt nghip
Page 187
in Username :
password : 123
Lun vn tt nghip
Page 188
2.6.6
Vao
Tool
>>
>>
Properties
Lun vn tt nghip
Page 189
Cu hinh Thanh cng check mail se thy th cua h thng mail Daemond gi n.
Lun vn tt nghip
Page 190
Tai hp mail cua ispa ta gi 1mail cho chinh ispa : check mail hoat ng tt ko
Lun vn tt nghip
Page 191
Lun vn tt nghip
Page 192
Vao Tool >> Account >> Add user Mail exchange2007 vao mail OutLook.
Lun vn tt nghip
Page 193
Lun vn tt nghip
Page 194
Lun vn tt nghip
Page 195
Lun vn tt nghip
Page 196
Lun vn tt nghip
Page 197
Lun vn tt nghip
Page 198
Trong mang internal Khoi check mail va nhn c th reply cua ispa
Lun vn tt nghip
Page 199
2.7 Trin Khai Anti Spam v Anti Virus cho h thng. 2.7.1 Anti Spam
T ngoai internet : ta gi th nc danh vao cho khoi@maritimebank.com,trong local Khoi a nhn c th nc danh vi ni dung.
Lun vn tt nghip
Page 200
Lun vn tt nghip
Page 201
Lun vn tt nghip
Page 202
Enable tinh nng filter ,ngoai internet tin tc ispam@ispa.net tip tuc spam vao mail cua khoi@maritimebank.com
Lun vn tt nghip
Page 203
Bt ng h thng mail cua spam nhn c thng bao th spam a bi chn do h thng Maritimebank tai edge transport a bt tinh nng
sender
filtering
Lun vn tt nghip
Page 204
Sau 1 thi gian vi i IT chuyn nghip maritimebank a tim c ni ip phat nhng th tin spam. Do no nm 1 tn min nc ngoai. Ta chn t IP : 172.16.0.2o. Block IP tinh nng co sn edge transport.
Lun vn tt nghip
Page 205
0 Tai h thng mail cua ispa.net ngoai internet : y la dich vu spam mail vi IP public la 172.16.0.2.Tip tuc gi mail spam vao khoi@maritimebank.com bng user khac nhng vn thng bao ko u quyn submit vao h thng maritimebank.com .
Lun vn tt nghip
Page 206
Lun vn tt nghip
Page 207
Ta vi du : hin nay co kha nhiu th co ni dung quang cao ma con mang tinh sexy nn ta loc cac th nay vi tinh nng Filter Content cua Server Role.Tai edge transport server Role . tai th Content Filtering ta add cac t cn loc: quang cao bay ba ok >> apply. enable tinh nng nay ln.
Lun vn tt nghip
Page 208
H thng se gi nhn thng bao tin nhn cua ban ko th gi n ni ly do ni dung gi co mang tinh chn spam va bi loc bi b loc .Ni dung cm cam quang cao bay ba.
Lun vn tt nghip
Page 209
Ta tip tuc gi cho khoi@maritimebank.com nhng vi ni dung ko bi cm Thi th vn vao c h thng.va hoan thanh phn anti-spam
Lun vn tt nghip
Page 210
Lun vn tt nghip
Page 211
2.7.2
Antivirus
Install Ms ForeFront
Edge transport chi co th han ch spam va th rac con virus chung ta cai t MS-forefront cho h thng mail.: tai Edge transport tin hanh setup MS forefront.
Lun vn tt nghip
Page 212
Lun vn tt nghip
Page 213
Next cai t
Lun vn tt nghip
Page 214
Lun vn tt nghip
Page 215
Lun vn tt nghip
Page 216
Lun vn tt nghip
Page 217
Lun vn tt nghip
Page 218
Lun vn tt nghip
Page 219
Lun vn tt nghip
Page 220
T internet gui lai th cho khoi@maritimebank.com co inh kem tp tin cha virus va c nen lai.
Lun vn tt nghip
Page 221
Lun vn tt nghip
Page 222
2.8 Trin Khai Mail Publishing: POP3/SMTP Secure/NoneSecure 2.8.1 Rule Trin khai Non Secure
Tai ISA Back-End: Firewall Policly Right Click >> New>> Mail-Server Publishing
Lun vn tt nghip
Page 223
Lun vn tt nghip
Page 224
Lun vn tt nghip
Page 225
Rule Publishing Mail POP3 Server va SMTP Server a c m port isa backend.Apply
Lun vn tt nghip
Page 226
Luc nay ngoai internet ta s dung mail outlook cu hinh s dung SMTP va POP3 User: nghia@maritimebank.com gi th cho khoi@maritimebank.com Va khoi@maritimebank.com check mail trong ni b.
Lun vn tt nghip
Page 227
Lun vn tt nghip
Page 228
Lun vn tt nghip
Page 229
Lun vn tt nghip
Page 230
Lun vn tt nghip
Page 231
Lun vn tt nghip
Page 232
2.8.2
Lun vn tt nghip
Page 233
Lun vn tt nghip
Page 234
Lun vn tt nghip
Page 235
Lun vn tt nghip
Page 236
Lun vn tt nghip
Page 237
Lun vn tt nghip
Page 238
Next >> From (External + parameter )To (external+ perimeter): M 2 port SMTPs va POP3s t external perimeter 2 chiu.
Lun vn tt nghip
Page 239
Lun vn tt nghip
Page 240
Tai user nghia@maritimebank.com . check vao c ch bao mt SSL cua port SMTP va POP3.
Lun vn tt nghip
Page 241
Lun vn tt nghip
Page 242
Th cua nghia@maritimebank.com vao local va th vao edge ra lai Internet thanh cng
Lun vn tt nghip
Page 243
Qua trinh Publishing Mail thanh cng 2.9 Trin Khai Publishing Outlook Web Access Secure/NoneSecure 2.9.1 OutLook-Web-Access non-secure
Lun vn tt nghip
Page 244
Lun vn tt nghip
Page 245
Lun vn tt nghip
Page 246
Lun vn tt nghip
Page 247
OK Vao DNS cua dc-main, forward LookupZone tao newzone name : maritimebank.com
Lun vn tt nghip
Page 248
Lun vn tt nghip
Page 249
Vao IE 6 go : http://www.maritimebank.com/owa
Lun vn tt nghip
Page 250
Lun vn tt nghip
Page 251
Tai ISA Back-End tao : vao Fire Wall Policy tao 1 Protocol >> New Web Listener
Lun vn tt nghip
Page 252
Lun vn tt nghip
Page 253
Lun vn tt nghip
Page 254
Lun vn tt nghip
Page 255
Tao New>>>Exchange Web Clietn Access Publishing Rule public OWA non secure
Lun vn tt nghip
Page 256
Lun vn tt nghip
Page 257
Lun vn tt nghip
Page 258
Lun vn tt nghip
Page 259
Lun vn tt nghip
Page 260
Lun vn tt nghip
Page 261
Tai Isa Front End tao Access Rule co tn la Allow OWA non secure
Tao Access Rule cho Phep s dung giao thc HTTP t External Perimeter
Lun vn tt nghip
Page 262
Trong DC-MAIN tao user owa@maritimebank.com ..User name : owa; User logon: owa Password : 123
Lun vn tt nghip
Page 263
Lun vn tt nghip
Page 264
Lun vn tt nghip
Page 265
Lun vn tt nghip
Page 266
Lun vn tt nghip
Page 267
Lun vn tt nghip
Page 268
Lun vn tt nghip
Page 269
2.9.2
OutLook-Web-Access secure:
Lun vn tt nghip
Page 270
Ta vao Server certificate xoa bo CA cu (mc inh khi cai IIS se co CA):
Lun vn tt nghip
Page 271
Remove CA cu ra.
Lun vn tt nghip
Page 272
Sau o cai CA mi :Co th mua CA 1 c s uy tin y chung ta s dung CA co sn cua Windows server 2003. Vao windows componments wizard cai t( run : apwiz.cpl)
Lun vn tt nghip
Page 273
Lun vn tt nghip
Page 274
Lun vn tt nghip
Page 275
Lun vn tt nghip
Page 276
Lun vn tt nghip
Page 277
Lun vn tt nghip
Page 278
Lun vn tt nghip
Page 279
Lun vn tt nghip
Page 280
Lun vn tt nghip
Page 281
Lun vn tt nghip
Page 282
internal localhost
Lun vn tt nghip
Page 283
Lun vn tt nghip
Page 284
Lun vn tt nghip
Page 285
Lun vn tt nghip
Page 286
Lun vn tt nghip
Page 287
Vao MMC :
Lun vn tt nghip
Page 288
Lun vn tt nghip
Page 289
Ta ly CA Khoinp tao bn DC-main import wa bn isa back-end vaoTrusterd Root>> Certifactes >>chon All Task >>Import
Lun vn tt nghip
Page 290
Lun vn tt nghip
Page 291
Lu y : ( ngoai internet chung ta d dang thy qua trinh import CA nay login vao cac website GameOnline in User khu vc Quan trong nh Dich vu ,i Pass 2 ,Cu hoi bi mt. in hinh trang Mu.gate.vn khi vao web nay yu cu import CA
Lun vn tt nghip
Page 292
Lun vn tt nghip
Page 293
Lun vn tt nghip
Page 294
Lun vn tt nghip
Page 295
Lun vn tt nghip
Page 296
Lun vn tt nghip
Page 297
Lun vn tt nghip
Page 298
Lun vn tt nghip
Page 299
Lun vn tt nghip
Page 300
Lun vn tt nghip
Page 301
Lun vn tt nghip
Page 302
Lun vn tt nghip
Page 303
Lun vn tt nghip
Page 304
Copy CA va down va gi cho nhn vin ngoai internet 1 ban: import vao h thng CA cua ISP
Lun vn tt nghip
Page 305
Tao Rule Allow OutLookwebaccess Secure: m port https gia External Perimeter
Lun vn tt nghip
Page 306
Lun vn tt nghip
Page 307
Tai internal Khoi check mail va nhn c th cua OWA gi = OUTLOOK WEB ACCESS va co tinh nng secure.
Lun vn tt nghip
Page 308
Lun vn tt nghip
Page 309
Ngoai internet nghia@maritimebank.com s dung POP3s va SMTPs cung a nhn c th cua OWA, va ispa@ispa.net cung nhn c th cua owa@maritimebank.com Va nghia reply lai cho owa bao a nhn thanh cng mail cua owa
Lun vn tt nghip
Page 310
Va Ispa@ispa.net cung nhn c th cua Owa va reply lai cho Owa la minh a nhn c th.
Lun vn tt nghip
Page 311
Owa u nhn c 3 th cua 3 vi tri khac nhau o la khoi@maritimebank.com trong internal nghia@maritimebank.com cung domain maritimebank nhng s dung giao thc POP3s va SMTPs ngoai internet ispa@ispa.net ngoai internet s dung mail Daemond gi mail.
Lun vn tt nghip
Page 312
2.10
Resource Mailbox v Global Address List. Vi cng ty co 1500 USER ko th tao tng user = tay c chung ta s dung code .S dung VBS tao OU phong k toan, phong Nhn S. Dung exshell enable tinh nng User mailbox Tao OU Phong K Toan co 10user,OU Phong Nhn s co 10 User enable user trogn exchange = cu lnh Vi du : phong ban phong nhn s + k toan Ta co file nhansu-ketoan.vbs nhp duble click chay file : Xut hin ban thng bao tao 2 OU phong k toan va phong nhn s mi OU co 10 User chon >>> Yes
Lun vn tt nghip
Page 313
Lun vn tt nghip
Page 314
Lun vn tt nghip
Page 315
Create mail box Database name : PhongNhanSu trn Strorage Group : maritimebank
Qua trinh Tao Mail box thanh cngTng t ta tao mail box cho PhongKeToan
Lun vn tt nghip
Page 316
Lun vn tt nghip
Page 317
Ta vao Management Shell enable cac user phong Nhan su go lnh : getuser OrganizationalUnit PhongNhanSu | Enable-Mailbox Database PhongNhanSu
Tng t ta dung lnh enable PhongKeToan: get-user OrganizationalUnit PhongKeToan | Enable-Mailbox Database PhongKeToan
Lun vn tt nghip
Page 318
Go lnh get-user OrganizationalUnit PhongKeToan | Set-user Company maritimebank Department phongketoan City SaiGon CountryOrRegion Vietnam
get-user OrganizationalUnit PhongNhanSu | Set-user Company maritimebank -Department phongnhansu City SaiGon CountryOrRegion Vietnam
Lun vn tt nghip
Page 319
Kim tra mail box >> nhp Refresh ta thy xut hin cac user va c enalbe = lnh Trong management shell
Lun vn tt nghip
Page 320
Lun vn tt nghip
Page 321
Lun vn tt nghip
Page 322
Lun vn tt nghip
Page 323
Lun vn tt nghip
Page 324
Lun vn tt nghip
Page 325
Lun vn tt nghip
Page 326
Oganization Configuration>> The Address List >> create new Address List
Lun vn tt nghip
Page 327
Lun vn tt nghip
Page 328
Sau o ta check vao Preview kim tra User Phong Nhan Su co c add cha
Lun vn tt nghip
Page 329
Lun vn tt nghip
Page 330
Lun vn tt nghip
Page 331
Lun vn tt nghip
Page 332
y la cach ng ky 1 phong ban vao h thng exchange2k7 . H thng se vi phong ban thanh 1 i tng goi la Rom Mail Box, va nhng thanh vin cp cao trong cng ty ai mun ng ky ngay gi lam vic va i tng nao tham d se c gi thng bao trc tip.Cng ty maritimebank se ap dung nhng Rule nay la Rule cua cng ty va ngi quan ly nhng rule nay ko ai khac o la Admin tt nhin la di s xut cua giam c. Tao 1 Room Mail Box vi tn : phonghop1 Tai Recipient Configuration : ta tao New mailbox >> Rom Mail Box >> next.
Lun vn tt nghip
Page 333
User logon Name : phonghop1 >> password 123 >> Next Alias : phonghop..Mailbox database ta chon ng dnDC-MAIN\First Storagate Group\Mailbox Database
Lun vn tt nghip
Page 334
Lun vn tt nghip
Page 335
Vao Management Shell ta go lnh sau :Set-MailboxCalendarSettings Identity phonghop1 AutomateProcessing Autoaccept
Lun vn tt nghip
Page 336
Ta logon User mail khoi@maritimebank.com test th tinh nng Rom mailbox va tao
Lun vn tt nghip
Page 337
Lun vn tt nghip
Page 338
Lun vn tt nghip
Page 339
Tai h thng mail client trong local chung ta Sent/ Recive check mail
Lun vn tt nghip
Page 340
Lun vn tt nghip
Page 341
check Addres Book la Addres-Nhan su: Va chon tt ca nhn vin phong nhn s >> click Required >>
Address Book ta chon Global Address List..Chon User nghia >> click Optional
Lun vn tt nghip
Page 342
Lun vn tt nghip
Page 343
Lun vn tt nghip
Page 344
Ta Request lai cho trng phong khi . Click Accept chon Edit the Response before sending
Lun vn tt nghip
Page 345
Lun vn tt nghip
Page 346
ng thi tai h thng nhn vin phong nhn s co user la nhansu_10 check mail va request
Lun vn tt nghip
Page 347
Send
Lun vn tt nghip
Page 348
Luc nay tai phong lam vic Khoi a nhn c mail t nhn vin phong nhans:1 th thng bao yu cu phong hp t mail box rom phonghop1,th Declined t Nhansu_10, Accept tu nhansu_1.
Lun vn tt nghip
Page 349
Nghia@ cung mun s dung phonghop1 t chc cuc hop ban khac , rt tic la thi gian su dung phonghop1 trung vi khoi@ a ng ky nn h thng mail exchange se t chi.
Lun vn tt nghip
Page 350
Nn mailbox rom phonghop1 request nh sau : You Request was declined because there are conflicts.
Lun vn tt nghip
Page 351
2.11
dung lng mail gi, nhn ca User. 2.11.1 Trin khai Storage Mailbox:
Ti dc-main to OU th vic vi 5user. Muc ich quan ly dung lng cua OU danh cho nhn vin thuviec tai Maritimebank . ta s dng code vbs:
Lun vn tt nghip
Page 352
vao Management Console to thm mail box database vi tn th vic ti storage group maritimebank.
Lun vn tt nghip
Page 353
Lun vn tt nghip
Page 354
Use Management Shell enable va set dung lng sendmail cua 1 OU thuviec vao Exchange management shell go dong lnh sau : enable mailbox cua database thuviec Get-User OrganizationalUnit ThuViec | Enable-Mailbox Dtabase thuviec
Lun vn tt nghip
Page 355
Go lnh sau set maximum dung lng gi mail ca nhn vin thuc OU thuviec l 200KB . Go chinh xac, nu go sai tn i tng ta se nhn c thng bao tng t: Get-Mailbox Database thuviec | Set-Mailbox MaxSendSize 200KB MaxReceviveSize 2MB.
2.11.2
Lun vn tt nghip
Page 356
Qua tab limits, ta cu hnh gii hn vic gi 2000KB v gii hn lu tr 3000KB . APPLY va OK .
Lun vn tt nghip
Page 357
Tai cng ty User: thuviec_2@maritimebank.com cp cho nhn vin mi n va trong thi gian th vic .Ngay u lam vic, anh ta logon vo h thng mail exchange bng vic s dng mail c cp.
Lun vn tt nghip
Page 358
Login thanh cng nhn vin nay gi mail cho khoi@maritimebank.com voi tp tin inh kem co dung lng 400kb nhng vt qu gii hn cho php l 200kb.
Lun vn tt nghip
Page 359
Luc o trong cng ty Khi cung gi cho nhn vin nay vi ni dung va tp tin inh kem 1200KB :
Lun vn tt nghip
Page 360
Lun vn tt nghip
Page 361
Lun vn tt nghip
Page 362
Khi reply li cho user thuviec_2@maritimebank.com, vi ni dung va tp tin inh kem co dung lng 1600kb.
Lun vn tt nghip
Page 363
Luc ny nhn vin th vic reply lai cho khi ,nhng anh ta ko bit rng mnh nhn v gi dung lng vi tng cng cho php l 3000KB
Lun vn tt nghip
Page 364
H thng yu cu di chuyn nhng tp tin inh kem hoc xoa nhng item o thi mi gi va nhn tip c.
Lun vn tt nghip
Page 365
Ta thy dung lng mail box ca user thuviec_2@maritimebank.com vt qu dung lng lu tr cho phep anh ta phi xoa nhng email cu a nhn.
Lun vn tt nghip
Page 366
Qua trinh cu hinh quota gii han dung lng cho Storage va User thanh cng .
Lun vn tt nghip
Page 367
2.12
ngan chan hay giam sat user 2.12.1 Tao ch ky cho 1 phong ban
Tao ch ky cho phong K Toan va phong Nhn S.Vao Management console tai Organizaton Configuration >> Hub Transport >>Transport Rules>>right click New Transport Rule
Lun vn tt nghip
Page 368
Lun vn tt nghip
Page 369
Check vo Append disclaimer text using font,size , color, with separator and fallback to action.
Lun vn tt nghip
Page 370
Lun vn tt nghip
Page 371
Lun vn tt nghip
Page 372
Ta tao ch ky cho Group NhanSu cach tao tng t nhng ta chon ch ky mau Nu
Lun vn tt nghip
Page 373
Trong cng ty : s dung user k toan gi cho 1 user phong nhansu vi ni dung sau kim tra xem co ch ky cua phong k toan cha
Lun vn tt nghip
Page 374
Lun vn tt nghip
Page 375
kim tra ch ky cua phong Nhn s. Phng nhn s reply cho nhn vin cua Phongk ton. Phong k toan nhn c mail va ch ky cua phong nhn s .
2.12.2
Tao Rule mi : Vao Management console _Ti Organizaton Configuration >> Hub Transport >>Transport Rules>>right click New Transport Rule
Lun vn tt nghip
Page 376
Lun vn tt nghip
Page 377
Lun vn tt nghip
Page 378
Click addresses muc ich copy ni dung message gi vao ia chi giam sat. Hin tai , administrator@maritimebank.com la tai khoan giam sat nn ta add user quan tri vao.
Lun vn tt nghip
Page 379
Lun vn tt nghip
Page 380
Chon Next
Lun vn tt nghip
Page 381
Lun vn tt nghip
Page 382
Lun vn tt nghip
Page 383
Lc ny toan b User thuc Group thuviec a bi cm gi th ra internet . S dung user thuviec_2@maritimebank.com gui mail ra internet n hp mail ispa@ispa.net
H thng gi thng bao nhc nh rng user thuviec_2 ko c quyn gi th n user ispa@ispa.net ngoai internet di chinh sach giam sat cua h thng.
Lun vn tt nghip
Page 384
Vi thng bao :
Lun vn tt nghip
Page 385
Tai user admininistrator (user giam sat) nhn dc mail ca thuviec_2 gi n cho ispa@ispa.net . ta giam sat c ni dung th.
Lun vn tt nghip
Page 386
2.12.3
Ta tao Rule mi :Vao Management console tai Organizaton Configuration >> Hub Transport >>Hournaling>>right click New Hournal Rule
Lun vn tt nghip
Page 387
Lun vn tt nghip
Page 388
Lun vn tt nghip
Page 389
Lun vn tt nghip
Page 390
Lun vn tt nghip
Page 391
Lun vn tt nghip
Page 392
Giam sat thanh cng user thuviec_4. 2.13 Trien khai backup va restore database cho he thong
Nhn vin k toan co user mail ketoan_1@maritimebank.com co ch ni dung th quan trong va cn sao lu lai.
Lun vn tt nghip
Page 393
Lun vn tt nghip
Page 394
Lun vn tt nghip
Page 395
Lun vn tt nghip
Page 396
Lun vn tt nghip
Page 397
Lun vn tt nghip
Page 398
Lun vn tt nghip
Page 399
Lun vn tt nghip
Page 400
Lun vn tt nghip
Page 401
Lun vn tt nghip
Page 402
Lun vn tt nghip
Page 403
May Mail client ko th kt ni vi database cua h thng vi ly do datbase a bi li ( co th bi ai o pha hoai hoc bi corrup)
Lun vn tt nghip
Page 404
2.13.2 database:
Lun vn tt nghip
Page 405
Lun vn tt nghip
Page 406
Lun vn tt nghip
Page 407
Lun vn tt nghip
Page 408
Lun vn tt nghip
Page 409
Lun vn tt nghip
Page 410
Mail Client a kt ni vi h thng database cua server Database cua server a c phuc hi H thng mail database phong k toan a phuc hi.
Lun vn tt nghip
Page 411
Lun vn tt nghip
Page 412
Phn D:
1.
TNG KT
NH GI TI
Hon thnh c tt c cc yu cu xy dng h thng. C kh nng phc v cho s lng ln ngi dng trn 1500
dng trong cng ty. p ng nhanh cc nhu cu truy cp email ca ngi dng. H thng Server mail phi c kh nng chu li cao v khc
phc s c nhanh chng. Chng c Virus v antispam cho ngi dng. C kh nng nng cp v m rng khi c nhu cu.
Lun vn tt nghip
Page 413
m bo c cc tiu ch trin khai Tnh sn sng cao (High Availability) Tnh bo mt cao (High Security) Tnh an ton cao (High Safety)
Ngoi ra, vic tn dng trit cc tnh nng m rng ca Exchange Server cng lm tng tnh chuyn nghip v gip cho vic qun tr h thng c ti u ha. D dng trin khai m rng trong tng li khi c nhu cu
2.
NH HNG M RNG.
Lun vn tt nghip
Page 414
Trong tng lai, 2 site Ha Ni va Hai Phong c th d dng trin khai thm h thng Clustering va Network Load Balancing khi c nhu cu tng tnh sn sng nh trin khai site Site Si Gn. D dng xy dng thm cc site khc khi doanh nghip c nhu cu m rng tm hot ng sang cc khu vc, tnh thnh khc. Trong tng lai, theo kp xu hng cng ngh, chng ta s upgrade ln Exchange Mail Server 2010 chy trn nn Windows Server 2008.
Lun vn tt nghip
Page 415