Đ Án Network

1
B GIO DC V O TO TRNG I PHM VN NG
H V TN NGI THC HIN N NHM 9 - LP DTL10A: DIP CNG V L QUC CNG V THNH T
TN TI N:
KHO ST, THIT K V XY DNG MNG LAN TRONG CNG TY VA V NH

N C S
CNG NGH THNG TIN

NGI HNG DN N Thc s NGUYN TR NHN
Qung Ngi, Thng 10 - 2011
Kho st, thit k v xy dng mng LAN trong cng ty va v nh
NHN XT CA GIO VIN HNG DN
MC LC Trang ph ba ........................................................................................................ Nhn xt ca gio vin hng dn ......................................................................... Mc lc .................................................................................................................. Danh mc cc t vit tt ........................................................................................ Li m u ............................................................................................................ Chng 1: Tng quan mng my tnh ............................................................... 1.1 Khi nim mng my tnh ................................................................................ 1.2 Phn loi mng my tnh .................................................................................. 1.3 Cc m hnh qun l mng ................................................................... 1.3.1 Workgroup .................................................................................. 1 2 3 6 7 8 8 9 9 9
1.3.2 Domain ....................................................................................... 10 1.4 Cc m hnh ng dng mng .............................................................. 10 1.4.1 Mng ngang hng(peer to peer) ................................................. 11 1.4.3 Mng LAN kt ni dy............................................................... 11 1.4.3.1 Mng dng sao ................................................................... 12 1.4.3.2 Mng dng tuyn ............................................................... 13 1.4.3.3 Mng dng vng................................................................. 13 1.4.3.4 Mng dng kt hp............................................................. 14 1.4.4 Mng LAN kt ni khng dy(Wireless) .................................... 14 1.5 B giao thc TCP/IP ........................................................................... 15 1.6 M hnh OSI ........................................................................................ 15 1.7 Cc thit b LAN c bn ...................................................................... 17 1.7.1. Cc thit b chnh ca LAN ....................................................... 17 1.7.1.1 Card mng- NIC ................................................................ 17 1.7.1.2 Hub .................................................................................... 18 1.7.1.3 B dn ng (router)....................................................... 18 1.7.1.4 B chuyn mch(switch)................................................... 18
1.7.1.5 Firewall: Phn loi-chc nng-cu to ............................. 19 1.7.2 H thng cp dng cho LAN ............................................................. 21 1.7.2.1 Cp xon ........................................................................... 21 1.7.2.2 Cp ng trc .................................................................... 21 1.7.2.3 Cp si quang.................................................................... 21 Chng 2: Kho st v thit k mng LAN ...................................................... 23 2.1 Thit k mng LAN .............................................................................. 23 2.1.1 M hnh phn cp .................................................................... 23 2.1.2 M hnh an ninh an ton ....................................................... 24 2.2 Kho st hin trng ............................................................................. 29 2.3 Phn tch .............................................................................................. 30 2.4 Thit k ................................................................................................ 30 2.4.1 Thit k s mng logic.......................................................... 31 2.4.2 Xy dng chin lc khai thc v qun l ti nguyn............... 31 2.4.3 Thit k s mng logic.......................................................... 31 2.4.4 Chn h iu hnh mng v cc phn mm ng dng .............. 32 2.5 Ci t ................................................................................................... 32 2.5.1 Lp t phn cng ...................................................................... 32 2.5.2 Ci t v cu hnh phn mm.................................................... 33 2.6 Kim th ............................................................................................... 33 2.7 Bo tr ................................................................................................... 33 Chng 3: Thit k mng LAN cho Cty ITCON .............................................. 34 3.1 Bi ton t ra ....................................................................................... 34 3.2 M hnh logic ........................................................................................ 35 3.3 M hnh logic ........................................................................................ 36 3.4 Ci t phn mm ................................................................................. 36 3.4.1 Ci t v cu hnh Server .......................................................... 36 3.4.2 Ci t v cu hnh my trm...................................................... 36
Chng 4: Kt qu v bnh lun ........................................................................ 37 Kt lun v kin ngh .................................................................................. 37 Danh mc phn cng cng vic .................................................................. 38 Ti liu tham kho ............................................................................................... 39 Ph lc ................................................................................................................. 40 Ph lc 1 Hng dn bm dy mng u RJ45 .......................................... 40 1.1. Phng php bm u RJ- 45 ................................................... 40 1.2. Chun b cng c v vt liu bm dy mng ............................ 41 1.3. Thc hin bm u RJ45 .......................................................... 41 Ph lc 2: Hng dn cu hnh dch v trn Server .................................. 44 2.1 Ci t Domain Controller........................................................... 44 2.2 Ci t DHCP ............................................................................. 50 2.3 Ci t Active Directory .............................................................. 57 Ph lc 3: Hng dn cu hnh kt ni trn my trm .............................. 61 3.1 Join Domain cho my trm ......................................................... 61 3.2 Ci t my in qua mng ............................................................. 61 3.3 Gii thiu phn mm ISA ........................................................... 63
DANH MC CC T VIT TT T vit tt CPU DNS FTP GAN HTTP ICMP IGMP IP ISO LAN MAC MAN NIC NLSP OS - IS Center Processor Unit Domain Name System File Transfer Protocol Global Area Network Hypertext Transfer Protocol Internet Control Message Protocol Internet Group Messages Protocol Internet Protocol International Standard Oranization Local Area Network Media Access Control Metropolitan Area Network Network Information Center Netware Link Servise Protocol Open System Interconnection Intermediate System To Intermediate System OSI OSPF RIP SMTP STP TCP/IP UDP UTP WAN WWW Open Systems Interconnect Open Shortest Path First Routing Information Protocol Simple Mail Transfer Protocol Shield Twisted Pair Transmission Control Protocol/ Internet Protocol User Datagram Protocol Unshield Twisted Pair Wide Area Network World Wide Web Dng y
LI M U Ngy nay trn th gii cng ngh thng tin tr nn ph bin v hu nh mi lnh vc u c s gp mt ca nn cng ngh mi ny. Hin nay vi s pht trin n chng mt ca cng ngh thng tin, ngoi nhng tin ch c nhng trao i, tm kim thng tin qua mng, o to qua mng, gii tr trn mng ( nghe nhc, xem fim, chi game) n tip cn n ci nh nht trong i sng hng ngy ca con ngi. Vit Nam trong cng ngh thng tin tuy v ang pht trin rt nhanh nhng s ng ngi dn cn kh xa l vi cng ngh thng tin. Vi xu hng tin hc ho ton cu, vic ph cp tin hc cho ngi dn l ht sc quan trng. V vy vic thit k v lp t mng cc b cho cc c quan x nghip v trng hc l rt cn thit. Trong khun kh n mn hc ny chng ti trnh by v: Kho st, thit k v xy dng mng Lan trong mt cng ty va v nh Bo co gm 3 chng : CHNG I: TNG QUAN MNG MY TNH CHNG II: KHO ST V THIT K MNG LAN CHNG III THIT K MNG LAN CHO CNG TY ITCON CHNG IV: KT QU V BNH LUN Do thi gian v kin thc c hn nn bi vit cn nhiu hn ch, rt mong s ng gp kin ca cc thy c v cc bn. Chng ti chn thnh cm n! Nhm 9 DTL10A
CHNG 1: TNG QUAN V MNG MY TNH.
1.1 Khi nim v mng my tnh :

Ni mt cch c bn, mng my tnh l hai hay nhiu my tnh c kt ni vi nhau theo mt cch no . Khc vi cc trm truyn hnh gi thng tin i, cc mng my tnh lun hai chiu, sao cho khi my tnh A gi thng tin ti my tnh B th B c th tr li li A. Ni mt cch khc, mt s my tnh c kt ni vi nhau v c th trao i thng tin cho nhau gi l mng my tnh.
M hnh mng cn bn.
T cc my tnh ring r, c lp vi nhau, nu ta kt ni chng li thnh mng my tnh th chng c thm nhng u im sau: - Nhiu ngi c th dng chung mt phn mm tin ch. - Mt nhm ngi cng thc hin mt n nu ni mng h s dng chung d liu ca n, dng chung tp tin chnh (master file ) ca n, h trao i thng tin vi nhau d dng. - D liu c qun l tp trung nn an ton hn , trao i gia nhng ngi s dng thun li hn, nhanh chng hn. - C th dng chung cc thit b ngoi (my in, my scan). - Ngi s dng trao i vi nhau th tn d dng (Email ) v c th s dng mng nh l mt cng c ph bin tin tc, thng bo v mt chnh sch mi, v ni dung bui hp, v cc thng tin kinh t khc nh gi c th trng, tin rao vt (mun bn hoc mun mua mt ci g ), hoc sp xp thi kho biu ca mnh chen ln vi thi kho biu ca cc ngi khc
- Mng my tnh cho php ngi lp trnh mt trung tm my tnh ny c th s dng cc chng trnh tin ch ca cc trung tm my tnh khc, s lm tng hiu qu kinh t ca h thng. - Rt an ton cho d liu v phn mm v phn mm mng s kho cc tp (files ) khi c nhng ngi khng quyn truy xut cc tp tin v th mc .
1.2 Phn loi mng my tnh :

Da vo phm vi phn b ca mng ta c th phn ra cc loi mng nh sau: - Mng cc b LAN ( Local Area Network ): l mng c lp t trong phm vi hp, khong cch gia cc nt mng nh hn 10 Km. LAN thng c s dng trong ni b c quan, x nghip Cc LAN c th c kt ni vi nhau thnh WAN. - Mng th MAN ( Metropolitan Area Network) : L mng c ci t trong phm vi mt th hoc mt trung tm kinh t - x hi c bn knh khong 100 Km tr li.Cc kt ni ny c thc hin thng qua cc mi trng truyn thng tc cao (50- 100 Mbit/s). - Mng din rng WAN ( Wide Area Network ) : Phm vi ca mng c th vt qua bin gii quc gia v thm ch c chu lc.Thng thng kt ni ny c thc hin thng qua mng vin thng. Cc WAN c th c kt ni vi nhau thnh GAN hay t n l GAN. - Mng ton cu GAN (Global Area Network ) : L mng c thit lp trn phm vi tri rng khp cc chu lc trn tri t.Thng thng kt ni thng qua mng vin thng v v tinh. Trong cc khi nim trn, WAN v LAN l hai khi nim c s dng nhiu nht.
1.3 Cc m hnh qun l mng

1.3.1 Workgroup: Trong m hnh mng ny cc my tnh c quyn hn ngang nhau v khng c cc my tnh chuyn dng lm nghip v cung cp dch v hay qun l. Cc my tnh t
10
bo mt v qun l ti nguyn ca ring mnh, ng thi cc my tnh cc b ny cng t chng thc cho ngi dng cc b. 1.3.2 Domain: Ngc li vi m hnh Workgroup, trong m hnh Domain, vic qun l v chng thc ngi dng mng tp trung ti my tnh Primary Domain Controller. Cc ti nguyn mng cng c qun l tp trung v cp quyn hn cho tng ngi dng. Lc trong h thng c cc my tnh chuyn dng lm nhim v cung cp cc dch v v qun l cc my trm.
1.4 Cc m hnh ng dng mng
1.4.1 Mng ngang hng (peer to peer): Mng ngang hng cung cp vic kt ni c bn gia cc my tnh nhng khng c bt k mt my tnh no ng vai tr phc v. Mt my tnh trn mng c th va l Client va l Server. Trong mi trng ny ngi dng trn tng my tnh chu trch nhim iu hnh v chia s ti nguyn ca my tnh mnh. M hnh ny ch ph hp vi cc t chc nh, s ngi gii hn (thng thng t hn 10 ngi) v khng quan tm n vn bo mt. Mng ngang hng thng dng cc h iu hnh: Win95, Windows for Workgroup, WinNT Workstation, Win00 Professional, OS/2. u im: Do m hnh mng ngang hng n gin nn d ci t, t chc v qun tr, chi ph thit b cho m hnh ny thp.
11
Khuyt im: Khng cho php qun l tp trung nn d liu phn tn, kh nng bo mt thp rt d b xm nhp. Cc ti nguyn khng c sp xp nn rt kh nh v v tm kim.
1.4.2 Mng khch ch ( client server): Trong m hnh mng khch ch c mt h thng my tnh cung cp cc ti nguyn v dch v cho c h thng mng s dng gi l cc my ch server. Mt h thng my tnh s dng cc ti nguyn v dch v ny c gi l my khch client. Cc server thng c cu hnh mnh (tc x l nhanh,kch thc lu tr ln) hoc l cc my tnh chuyn dng. H iu hnh mng dng trong m hnh client server l WinNT, Novell Netware, Unix, Win2k .. u im : Do cc d liu c lu tr tp trung nn d bo mt,sao lu v ng b vi nhau. Ti nguyn v dch v c tp trung nn d chia s v qun l, c th phc v cho nhiu ngi dng. Khuyt im : Cc server chuyn dng rt t tin, phi c nh qun tr cho h thng. 1.4.3 M hnh mng LAN kt ni dy i vi m hnh mng Lan ny ta s dng m hnh mng sao tp trung do n c cc u im sau: Khng ng hay ch tc trn ng tuyn truyn,lp t n gin,d dng cu hnh li.Nu c trc trc trn mt trm th ton mng khng nh hng qua d dng kim sot li v khc phc s c .khuyt im th di gia hai nt mng di 100m,cn nhiu cable.
12
Computer FILENAME
FILENAME
Computer
PC 1
FILENAME
PC 2
SWITCH
Computer FILENAME
Computer
PC 3
PC 4
M hnh mng LAN c kt ni dy Mng cc b (LAN) l h truyn thng tc cao c thit k kt ni cc my tnh v cc thit b x l d liu khc cng hot ng vi nhau trong mt khu vc a l nh nh mt tng ca to nh, hoc trong mt to nh... . Mt s mng LAN c th kt ni li vi nhau trong mt khu lm vic. Mt s mng c kt ni hin nay: 1.4.3.1 Mang dng sao (Star Topology) Mng dng hnh sao bao gm mt b kt ni trung tm v cc nt . Cc nt ny l cc trm u cui, cc my tnh v cc thit b khc ca mng. B kt ni trung tm ca mng iu phi mi hot ng trong mng. Mng dng hnh sao cho php ni cc my tnh vo mt b tp trung (Hub) bng cp, gii php ny cho php ni trc tip my tnh vi Hub khng cn thng qua trc bus, trnh c cc yu t gy ngng tr mng. ) Cc u im ca mng hnh sao: Hot ng theo nguyn l ni song song nn nu c mt thit b no mt nt thng tin b hng th mng vn hot ng bnh thng. Cu trc mng n gin v cc thut ton iu khin n nh. Mng c th d dng m rng hoc thu hp. ) Nhng nhc im mng dng hnh sao:
13
Kh nng m rng mng hon ton ph thuc vo kh nng ca trung tm. Khi trung tm c s c th ton mng ngng hot ng. Mng yu cu ni c lp ring r tng thit b cc nt thng tin n trung tm. Khong cch t my n trung tm rt hn ch (100 m). 1.4.3.2 Mng dng tuyn (Bus Topology) Thc hin theo cch b tr hnh lang, cc my tnh v cc thit b khc (cc nt) , u c ni v vi nhau trn mt trc ng dy cp chnh chuyn ti tn hiu. Tt c cc nt u s dng chung ng dy cp chnh ny. Pha hai u dy cp c bt bi mt thit b gi l terminator. Cc tn hiu v d liu khi truyn i dy cp u mang theo i ch ca ni n ) u im : Loi hnh mng ny dng dy cp t nht, d lp t, gi thnh r. ) Nhc im: S n tc giao thng khi di chuyn d liu vi lu lng ln. Khi c s hng hc on no th rt kh pht hin, mt s ngng trn ng dy sa cha s ngng ton b h thng. Cu trc ny ngy nay t c s dng 1.4.3.3 Mng dng vng (Ring Topology) Mng dng ny, b tr theo dng xoay vng, ng dy cp c thit k lm thnh mt vng khp kn, tn hiu chy quanh theo mt chiu no . Cc nt truyn tn hiu cho nhau mi thi im ch c mt nt m thi. D liu truyn i phi c km theo a ch c th ca mi trm tip nhn. ) u im: Mng dng vng c thun li l c th ni rng ra xa, tng ng dy cn thit t hn so vi hai kiu trn Mi trm c th t c tc ti a khi truy nhp. ) Nhc im:
14
ng dy phi khp kn, nu b ngt mt ni no th ton b h
thng cng b ngng. 1.4.3.4 Mng dng kt hp: Kt hp hnh sao v tuyn (star/Bus Topology): Cu hnh mng dng ny c b phn tch tn hiu (spitter) gi vai tr thit b trung tm, h thng dy cp mng c th chn hoc Ring Topology hoc Linear Bus Topology.Li im ca cu hnh ny l mng c th gm nhiu nhm lm vic cch xa nhau, ARCNET l mng dng kt hp Star/Bus Topology. Cu hnh dng ny a li s uyn chuyn trong vic b tr ng dy tng thch d dng i vi bt c to nh no. 1.4.3.5 Kt hp hnh sao v vng (Star/Ring Topology). Cu hnh dng kt hp Star/Ring Topology, c mt "th bi" lin lc (Token) c chuyn vng quanh mt ci HUB trung tm. Mi trm lm vic (workstation) c ni vi HUB - l cu ni gia cc trm lm vic v tng khong cch cn thit. 1.4.4 M hnh mng LAN kt ni khng dy(Wireless) Mt s Lan khng dy gm c 3 phn:Wireless Client,Access Points v Access Server. Wireless Client in hnh l mt chic laptop vi NIC(Network Interface Card) khng dy c ci t cho php truy cp vo mng khng dy. Access Ponts(AP) cung cp s bao ph ca sng v tuyn trong mt vng no (c bit n nh l cc cell (t bo) ) v kt ni n mng khng dy. Access Server iu khin vic truy cp .C 2 chun 802.11b(Lan 11Mbps ti tn s 2,4Ghz) v P Bluetooth c h tr y.Mt Access Server (nh l Enterprise Access Server EAS) cung cp s iu hnh ,qun l, cc c tnh bo mt cho mng khng dy Enterprise.
15
Computer FILENAME
FILENAME
Computer
PC 1
FILENAME
PC 2
ACCESS POINT
Computer FILENAME
Computer
PC 3
PC 4
M hnh mng khng dy
1.5 B giao thc TCP/IP

Giao thc TCP/IP c pht trin t mng ARPANET v Internet v c dng nh giao thc mng v vn chuyn trn mng Internet. TCP (Transmission Control Protocol) l giao thc thuc tng vn chuyn v IP (Internet Protocol) l giao thc thuc tng mng ca m hnh OSI. H giao thc TCP/IP hin nay l giao thc c s dng rng ri nht lin kt cc my tnh v cc mng. Nhim v chnh ca giao thc IP l cung cp kh nng kt ni cc mng con thnh lin kt mng truyn d liu, vai tr ca IP l vai tr ca giao thc tng mng trong m hnh OSI. Giao thc IP l mt giao thc kiu khng lin kt (connectionlees) c ngha l khng cn c giai on thit lp lin kt trc khi truyn d liu.
1.6 M HNH OSI(open system interconnect)

hai my tnh c th trao i thng tin c vi nhau cn c rt nhiu vn lin quan. V d nh cn c Card mng, dy cp mng, in th tn hiu trn cp mng, cch thc ng gi d liu, iu khin li ng truyn vv... Bng cch phn chia cc chc nng ny vo nhng tng ring bit nhau, vic vit cc phn mm thc hin chng tr nn d dng hn. M hnh OSI gip ng nht cc h thng my tnh khc bit nhau khi chng trao i thng tin. M hnh ny gm c 7 tng: Tng 1: Tng vt k (Physical Layer)
16
iu khin vic truyn ti tht s cc bit trn ng truyn vt l. N nh ngha cc thuc tnh v c, in, qui nh cc loi u ni, ngha cc pin trong u ni, qui nh cc mc in th cho cc bit 0,1,. Tng 2:Tng lin kt d liu (Data-Link Layer) Tng ny m bo truyn ti cc khung d liu (Frame) gia hai my tnh c ng truyn vt l ni trc tip vi nhau. N ci t c ch pht hin v x l li d liu nhn. Tng 3: Tng mng (Network Layer) Tng ny m bo cc gi tin d liu (Packet) c th truyn t my tnh ny n my tnh kia cho d khng c ng truyn vt l trc tip gia chng. N nhn nhim v tm ng i cho d liu n cc ch khc nhau trong mng. Tng 4: Tng vn chuyn (Transport Layer) Tng ny m bo truyn ti d liu gia cc qu trnh. D liu gi i c m bo khng c li, theo ng trnh t, khng b mt mt, trng lp. i vi cc gi tin c kch thc ln, tng ny s phn chia chng thnh cc phn nh trc khi gi i, cng nh tp hp li chng khi nhn c. Tng 5:Tng giao dch (Session Layer) Tng ny cho php cc ng dng thit lp, s dng v xa cc knh giao tip gia chng (c gi l giao dch). N cung cp c ch cho vic nhn bit tn v cc chc nng v bo mt thng tin khi truyn qua mng. Tng 6: Tng trnh by (Presentation Layer) Tng ny m bo cc my tnh c kiu nh dng d liu khc nhau vn c th trao i thng tin cho nhau. Thng thng cc my tnh s thng nht vi nhau v mt kiu nh dng d liu trung gian trao i thng tin gia cc my tnh. Mt d liu cn gi i s c tng trnh by chuyn sang nh dng
17
trung gian trc khi n c truyn ln mng. Ngc li, khi nhn d liu t mng, tng trnh by s chuyn d liu sang nh dng ring ca n. Tng 7: Tng ng dng (Application Layer) y l tng trn cng, cung cp cc ng dng truy xut n cc dch v mng. N bao gm cc ng dng ca ngi dng, v d nh cc Web Browser (Netscape Navigator, Internet Explorer), cc Mail User Agent (Outlook Express, Netscape Messenger, ...) hay cc chng trnh lm server cung cp cc dch v mng nh cc Web Server (Netscape Enterprise, Internet Information Service, Apache, ...), Cc FTP Server, cc Mail server (Send mail, MDeamon). Ngi dng mng giao tip trc tip vi tng ny.
1.7 Cc thit b LAN c bn:

Mng cc b LAN l h truyn thng tc cao c thit k kt ni cc my tnh v cc thit b x l d liu khc nhau cng hot ng vi nhau trong mt khu vc a l nh nh mt tng ca to nh, hoc trong mt to nh. Mt s mng LAN c th kt ni li vi nhau trong mt khu lm vic. 1.7.1 Cc thit b ni chnh ca LAN: 1.7.1.1 Card mng NIC(Network Interface Card) Card mng _ NIC l mt thit b c cm vo trong my tnh cung cp cng kt ni vo mng.Card mng c coi l thit b hot ng lp 2 ca m hnh OSI. Mi card mng c cha mt a ch duy nht l a ch MAC- Media Access Control. Card mng iu khin vic kt ni ca my tnh vo cc phng tin truyn dn trn mng.
18
1.7.1.2 Hub:
L mt trong nhng yu t quan trng nht ca LAN, y l im kt ni dy trung tm ca mng, tt c cc trm trn mng LAN c kt ni thng qua hub. Mt hub thng thng c nhiu cng ni vi ngi s dng gn my tnh v cc thit b ngoi vi. 1.7.1.3 B dn ng (router ): Router l mt thit b hot ng trn tng mng, n c th tm c ng i tt nht cho cc gi tin qua nhiu kt ni i t trm gi thuc mng u n trm nhn thuc mng cui. Router c th c s dng trong vic ni nhiu mng vi nhau v cho php cc gi tin c th I theo nhiu ng khc nhau ti ch. Router c a ch ring bit v n ch tip nhn v x l cc gi tin gi n m thi. Khi mt trm mun gi gi tin qua Router th n phi gi gi tin vi a ch trc tip ca Router ( Trong gi tin phi cha cc thng tin khc v ch n ) v khi gi tin n Router th Router mi x l v gi tip. Khi x l cc gi tin Router phi tm c ng i tt nht trong mng da trn cc thng tin no c v mng, thng thng trn mi Router c mt bng ch ng (Router table ) ti u da trn mt thut ton xc nh trc. ngn chn vic mt mt d liu Router cn nhn bit c ng i no c th chuyn vn v ngng chuyn vn khi ng b tc. 1.7.1.4 B chuyn mch (switch ): Chc nng chnh cua switch l cng mt lc duy tr nhiu cu ni gia cc thit b mng bng cch da vo mt loi ng truyn xng sng (backbone ) ni ti tc cao. Switch c nhiu cng, mi cng c th h tr ton b
19
Ethernet LAN hoc Token Ring. B chuyn mch kt ni mt s LAN ring bit v cung cp kh nng lc gi d liu gia chng. 1.7.1.5 Firewall - Phn loi - Chc nng v cu to FireWall l g ? Thut ng FireWall c ngun gc t mt k thut thit k trong xy dng ngn chn, hn ch ho hon. Trong Cng ngh mng thng tin, FireWall l mt k thut c tch hp vo h thng mng chng li s truy cp tri php nhm bo v cc ngun thng tin ni b cng nh hn ch s xm nhp vo h thng ca mt s thng tin khc khng mong mun. Firewall c chia lm 2 loi, gm Firewall cng v Firewall mm: Firewall cng: L nhng firewall c tch hp trn Router.
+ c im ca Firewall cng: - Khng c linh hot nh Firewall mm: (Khng th thm chc nng, thm quy tc nh firewall mm) - Firewall cng hot ng tng thp hn Firewall mm (Tng Network v tng Transport) - Firewall cng khng th kim tra c nt dung ca gi tin. + V d Firewall cng: NAT (Network Address Translate). Firewall mm: L nhng Firewall c ci t trn Server.
+ c im ca Firewall mm:
20
- Tnh linh hot cao: C th thm, bt cc quy tc, cc chc nng. - Firewall mm hot ng tng cao hn Firewall cng (tng ng dng) - Firewal mm c th kim tra c ni dung ca gi tin (thng qua cc t kha). + V d v Firewall mm: Internet Security and Acceleration(ISA), Zone Alarm, Norton Firewall Ti sao cn Firewall?
Nu my tnh ca bn khng c bo v, khi bn kt ni Internet, tt c cc giao thng ra vo mng u c cho php, v th hacker, trojan, virus c th truy cp v ly cp thng tin c nhn cu bn trn my tnh. Chng ci t cc on m tn cng file d liu trn my tnh. Chng c th s dng my tnh cu bn tn cng mt my tnh ca gia nh hoc doanh nghip khc kt ni Internet. Mt firewall c th gip bn thot khi gi tin him c trc khi n n h thng ca bn. Chc nng chnh ca Firewall. Chc nng chnh ca Firewall l kim sot lung thng tin t gia Intranet v Internet. Thit lp c ch iu khin dng thng tin gia mng bn trong (Intranet) v mng Internet. C th l: - Cho php hoc cm nhng dch v truy nhp ra ngoi (t Intranet ra Internet). - Cho php hoc cm nhng dch v php truy nhp vo trong (t Internet vo Intranet). - Theo di lung d liu mng gia Internet v Intranet. - Kim sot a ch truy nhp, cm a ch truy nhp.
21
- Kim sot ngi s dng v vic truy nhp ca ngi s dng. - Kim sot ni dung thng tin thng tin lu chuyn trn mng. 1.7.2 H thng cp dng cho LAN: 1.7.2.1 Cp xon: y l loi cp gm 2 ng dy bng ng c xon vo nhau lm gim nhiu in t gy ra bi mi trng xung quanh v gia chng vi nhau. Cp c bc kim loi (STP): Lp bc bn ngoi c tc dng chng nhiu in t, c loi c mt i dy xon vo nhau v c loi c nhiu i dy xon vo nhau. Cp khng bc kim loi (UTP) : tnh tng t nh STP nhng km hn v kh nng chng nhim t v suy hao v khng c v bc. STP v UTP c 2 loi (Category-Cat) thng dng: Loi Cat5: Thch hp cho ng truyn 100Mb/s. Loi Cat6 : Thch hp cho ng truyn 300Mb/s. y l loi cp r , d lp t tuy nhin n d b nh hng ca mi trng. 1.7.2.2 Cp ng trc: Cp ng trc c 2 ng dy dn v chng c cng 1 trc chung , 1 dy dn trung tm (thng l dy ng cng) ng dy cn li to thnh ng ng bao xung quanh dy dn trung tm ( dy dn ny c th l dy bn kim loi v v n c chc nng chng nhim t nn cn gi l lp bc kim). Gia 2 dy dn trn c 1 lp cch ly, v bn ngoi cng l lp v plastic bo v cp. Hai loi cp thng c s dng l cp ng trc mng v cp ng trc dy. ng knh cp ng trc mng l 0,25 inch v dy l 0,5 inch. C hai loi cp u lm vic cng tc nhng cp ng trc mng c hao suy tn hiu ln hn. Hin nay c cp ng trc sau : RG -58,50 m: dng cho mng Ethernet RG - 59,75 m: dng cho truyn hnh cp Cc mng cc b s dng cp ng trc c di thng t 2,5 - 10Mbps, cp ng trc c suy hao t hn so vi cc loi cp ng khc v n c lp v bc bn
22
ngoi, di thng thng ca mt on cp ni trong mng l 200m, thng s dng cho dng Bus. 1.7.2.3 Cp si quang Cp si quang bao gm mt dy dn trung tm (l mt hoc mt b si thu tinh c th truyn dn tn hiu quang) c bc mt lp v bc c tc dng phn x cc tn hiu tr li gim s mt mt tn hiu. Bn ngoi cng l lp v plastic bo v cp. Cp si quang khng truyn dn c cc tin hiu in m ch truyn cc tn hiu quang v khi nhn chng s li chuyn i tr li thnh cc tn hiu in. Cp quang c ng knh t 8.3 - 100 micron, do ng knh li thu tinh c kch thc rt nh nn rt kh khn cho vic u ni, n cn cng ngh c bit vi k thut cao v chi ph cao. Di thng ca cp quang c th ln ti hng Gbps v cho php khong cch i cp kh xa do suy hao tn hiu trn cp rt thp. Ngoi ra v cp si quang khng dng tn hiu in t truyn d liu nn n hon ton khng b nh hng ca nhiu in t v tn hiu truyn khng b pht hin v thu trn bng cc thit b in t ca ngi khc. Nhc im ca cp quang l kh lp t v gi thanh cao, nhng nhn chung cp quang thch hp cho mi mng hin nay v sau ny.
23
CHNG 2 KHO ST V THIT K MNG LAN
2.1 Thit k mng LAN:

2.1.1 M hnh phn cp (Hierarchical models):
Access
Distribution
Core
Hnh 3-10: M hnh phn cp

Cu trc:
Lp li (Core Layer ): y l trc sng sng ca mng (backbone) thng dng cc b chuyn mch c tc cao(Hight- Speed Switching) thng c cc c tnh nh tin cy cao, cng sut d tha, kh nng t khc phc li, kh nng thch nghi cao, p ng nhanh, d qun l, kh nng lc gi, hay lc cc tin trnh trong mng. Lp phn tn(Distribution Layer): L danh gii gia lp truy nhp v lp li ca mng. Lp phn tn m bo chc nng nh m bo gi d liu n tng phn on, m bo an ninh an ton, on mng theo tng nhm cng tc, chia min Broadcast/multicast, nh tuyn gia cc LAN o (VLAN), chuyn mi trng chuyn dn, nh tuyn gia cc min, to bin gii gia cc min trong
24
nh tuyn tnh v ng, thc hin cc b lc gi ( theo a ch theo s hiu cng), thc hin cc c ch m bo cht lng dch v QOS. Lp truy nhp (Access Layer): cung cp cc kh nng truy nhp cho ngi dng cc b hay t xa truy nhp vo mng. Thng c thc hin bng cc b chuyn mch (switch) trong mi trng campus, hay cng ngh WAN. - nh gi m hnh: Gi thnh thp. D ci t. D m rng. D c lp li. 2.1.2 M hnh an ninh an ton: An ton v bo mt lun l l do khin chng ta chn gii php lp t kiu mng da trn my phc v. Trong mi trng da trn my phc v, ch bo mt do ngi qun tr mng qun l, bng cch t ra cc chnh sch v p t cc chnh sch y cho tng ngi dng trn mng. Khi nim: Theo mi nh ngha rng th an ninh an ton mng dng ring, hay mng ni b l gi khng cho ai lm ci m mng ni b khng mun cho lm. Vy khi kt ni LAN phi trin khai c ch no thc hin yu cu an ninh an ton. Chng ta gi l an ninh an ton mng. Ti nguyn m chng ta mun bo v l g? L cc dch v m mng ang trin khai L cc thng tin quan trng m mng ang lu gi, hay cn lu chuyn . L cc ti nguyn phn cng v phn mm m h thng mng c cung ng cho nhng ngi dng m n cho php. Nhn t mt kha cnh khc th vn an ninh an ton khi thc hin kt ni LAN cn c th hin qua tnh bo mt (confidentiality ), tnh ton vn (integrity)
25
v tnh sn dng (availability) ca cc ta nguyn v phn cng, phn mm, d liu v cc dch v ca h thng mng. Vn an ninh - an ton cn th hin qua mi quan h gia ngi dng vi h thng mng v ti nguyn trn mng. Cc quan h ny c xc nh , c m bo qua cc phng thc xc thc (authentication ), xc nh c php (authorization ) dng v b t chi (repudiation ). Chng ta s xt chi tit: Tnh bo mt: Bo m ti nguyn mng khng b tip xc, b s dng bi ngi khng c thm quyn. Chng hn d liu truyn i trn mng c m bo khng b ly trm cn c m ho trc khi truyn. Cc ti nguyn u c ch v c bo v bng cc cng c v cc c ch an ninh an ton. Tnh ton vn: m bo khng c vic s dng, v sa i nu khng c cho php, v d nh ly hay sa i d liu, cng nh thay i cu hnh h thng bi nhng ngi khng c php hoc khng c quyn. Tnh sn dng: Ti nguyn trn mng lun c m bo khng th b chim gi bi ngi khng c quyn. Cc ti nguyn lun sn sng phc v nhng ngi c php s dng. Nhng ngi c quyn c th c dng bt c khi no. Thuc tnh ny rt quan trng, nht l trong cc dch v mng phc v cng cng (ngn hng, t vn, chnh ph in t,). Vic xc thc: Thc hin xc nh ngi dng c quyn dng mt ti nguyn no ng thng tin hay ti nguyn phn mm v phn cng trn mng. Vic xc thc thng kt hp vi s cho php, hay t chi phc v. Xc thc thng c dng l mt khu (password), hay cn cc ca ngi dng nh vn tay hay cc du hiu c dng. S cho php xc nh ngi dng c quyn thc hin mt hnh ng no nh c ghi mt tp (ly thng tin ), hay chy chng trnh (dng ti nguyn phn mm), truy nhp vo mt on mng (dng ti nguyn phn cng), gi hay nhn th in t, tra cu c s d liu, dch v mng Ngi dng thng phi qua giai on xc thc bng mt khu
26
(password, RADIUS ) trc khi c php khai thc thng tin hay mt ti nguyn no trn mng. Xy dng an ninh an ton mng khi kt ni LAN nh th no? Cc bc xy dng: Xc nh cn bo v ci g? Xc nh bo v khi nhng loi tn cng no ? Xc nh nhng mi e do an ninh c th ? Xc nh cc cng c m bo an ninh ? Xy dng m hnh an ninh an ton. Thng kim tra cc bc trn, nng cp, cp nht v h thng khi c mt l hng an ninh - an ton c cnh bo. Mc ch ca vic xy dng m hnh an ninh an ton khi kt ni LAN l xy dng cc phng n trin khai vn an ninh an ton khi kt ni v a LAN vo hot ng. u tin mc ch v yu cu v vn an ninh an ton h thng ng dng phi c vch ra r rng. Chng hn mc tiu v yu cu an ninh an ton khi kt ni LAN cho cc c quan hnh chnh nh nc s khc vi vic kt ni LAN cho cc trng i hc. Th hai, m hnh an ninh an ton phi ph hp vi cc chnh sch, nguyn tc v lut l hin hnh. Th ba, phi gii quyt c vn lin quan n an ninh an ton mt cch ton ca. C ngha l phi m bo c v phng tin k thut v con ngi trin khai. Mt s cng c trin khai m hnh an ninh an ton H thng tng la 3 phn (three-part firewall System) - H thng tng la l g? Tng la l mt cng c phc v cho vic thc hin an ninh an ton mng t vong ngoi, nhim v ca n nh l h thng hn ro vong ngoi ca c s cn
27
bo v. Khi kt ni hai hay nhiu phn t ca LAN nguy c mt an ninh ti cc im kt ni l rt ln, tng la l cng c c chn t ti cc im kt ni . - Chc nng ca h thng tng la: Tng la dt cng vo/ ra ca mng, kim sot vic truy cp vo ra ca mng ngn nga vi tn cng t pha ngoi vo mng ni b. Tng la phi kim tra, pht hin, d tm du vt tt c cc d liu i qua n lm c s cho cc quyt nh (cho php, loi b, xc thc, m ho, ghi nht k) kim sot cc dch v ca mng n bo v. Tng la cng phi c kh nng thao tc cc d liu bng cc php ton logic, s hc nhm thc hin cc yu cu v an ninh an ton. Tng la bao gm cc thnh phn: cc b lc hay sng lc.
B lc Mng trong vo
Gateway B lc Cng vo/ ra ra
Mng ngoi
M hnh tng la M hnh logic ca tng la
Tng la chnh l cng (gateway) vo/ ra ca mt mng ni b (mng trong), trn c t hai b lc vo/ra kim tra d liu vo/ra mng ni b. Xc nh v tr t tng la trong h thng mng hin i. Theo truyn thng th tng la c t ti v tr vo/ra mng ni b (mng c bo v) vi mng cng cng (mng ngoi), hay mng internet (khi kt ni vi internet). Ngy nay trong mt t chc khi kt ni LAN c th ni mng khc nhau, v do yu cu an ninh an ton ca on mng khc nhau. Khi tng la s c t v tr vo/ ra ca on mng cn bo v.
28
D liu vo/ra mng ni b vi mng ngoi u i qua tng la, do tng la, do tng la c th kim sot v m bo d liu no l c th c chp nhn (acceptable) cho php vo/ra mng ni b. V mt logic th tng la l im tht (choke point). C ch ny bt buc nhng k tn cng t pha ngoi H thng tng la chia thnh ba phn (Three- Part Fire Wall System) c bit quan trng tring thit k WAN. y chng ti ch nu mt s kha cnh chung nht cu trc ca m hnh trong thit k mng LAN.
Hidden Corporate Systems Advertise Bastion Hosts Route to Isolation LAN Only
Internet
Inside Filter
Outside Filter
Hnh 3-12 : M hnh tng la 3 phn
- LAN c lp lm vng m gia mng cng tc vi mng bn ngoi (LAN c lp c gi l khu phi qun s hay vng DMZ). - Thit b nh tuyn trong c ci t b lc gi c t gia DMZ v mng cng tc. - Thit b nh tuyn ngoi c ci t b lc gi c t gia DMZ v mng ngoi.
29
2.2 Kho st hin trng

Mc ch ca giai on ny l nhm xc nh mong mun ca khch hng trn mng m chng ta sp xy dng. Nhng cu hi cn c tr li trong giai on ny l: -Bn thit lp mng lm g? s dng n cho mc ch g? -Cc my tnh no s c ni mng? -Nhng ngi no s c s dng mng, mc khai thc s dng mng ca tng ngi / nhm ngi ra sao? -Trong vng 3-5 nm ti bn c ni thm my tnh vo mng khng, nu c u, s lng bao nhiu ? Phng php thc hin ca giai on ny l bn phi phng vn khch hng, nhn vin cc phng mng c my tnh s ni mng. Thng thng cc i tng m bn phng vn khng c chuyn mn su hoc khng c chuyn mn v mng. Cho nn bn nn trnh s dng nhng thut ng chuyn mn trao i vi h. Chng hn nn hi khch hng Bn c mun ngi trong c quan bn gi mail c cho nhau khng?, hn l hi Bn c mun ci t Mail server cho mng khng? . Nhng cu tr li ca khch hng thng khng c cu trc, rt ln xn, n xut pht t gc nhn ca ngi s dng, khng phi l gc nhn ca k s mng. Ngi thc hin phng vn phi c k nng v kinh nghim trong lnh vc ny. Phi bit cch t cu hi v tng hp thng tin. Mt cng vic cng ht sc quan trng trong giai on ny l Quan st thc a xc nh nhng ni mng s i qua, khong cch xa nht gia hai my tnh trong mng, d kin ng i ca dy mng, quan st hin trng cng trnh kin trc ni mng s i qua. Thc a ng vai tr quan trng trong vic chn cng ngh v nh hng ln n chi ph mng. Ch n rng buc v mt thm m cho cc cng trnh kin trc khi chng ta trin khai ng dy mng bn trong n. Gii php ni kt mng cho 2 ta nh tch ri nhau bng mt khong khng phi c
30
bit lu . Sau khi kho st thc a, cn v li thc a hoc yu cu khch hng cung cp cho chng ta s thit k ca cng trnh kin trc m mng i qua. Trong qu trnh phng vn v kho st thc a, ng thi ta cng cn tm hiu yu cu trao i thng tin gia cc phng ban, b phn trong c quan khch hng, mc thng xuyn v lng thng tin trao i. iu ny gip ch ta trong vic chn bng thng cn thit cho cc nhnh mng sau ny.
2.3 Phn tch

Khi c c yu cu ca khch hng, bc k tip l ta i phn tch yu cu xy dng bng c t yu cu h thng mng, trong xc nh r nhng vn sau: -Nhng dch v mng no cn phi c trn mng ? (Dch v chia s tp tin, chia s my in, Dch v web, Dch v th in t, Truy cp Internet hay khng?, ...) -M hnh mng l g? (Workgoup hay Client / Server? ...) -Mc yu cu an ton mng. -Rng buc v bng thng ti thiu trn mng.
2.4 Thit k
Bc k tip trong tin trnh xy dng mng l thit k gii php tha mn nhng yu cu t ra trong bng c t yu cu h thng mng. Vic chn la gii php cho mt h thng mng ph thuc vo nhiu yu t, c th lit k nh sau: -Kinh ph dnh cho h thng mng. -Cng ngh ph bin trn th trng. -Thi quen v cng ngh ca khch hng. -Yu cu v tnh n nh v bng thng ca h thng mng. -Rng buc v php l. Ty thuc vo mi khch hng c th m th t u tin, s chi phi ca cc yu t s khc nhau dn n gii php thit k s khc nhau. Tuy nhin cc cng vic m giai on thit k phi lm th ging nhau.
31
2.4.1 Thit k s mng logic Thit k s mng logic lin quan n vic chn la m hnh mng, giao thc mng v thit t cc cu hnh cho cc thnh phn nhn dng mng. M hnh mng c chn phi h tr c tt c cc dch v c m t trong bng c t yu cu h thng mng. M hnh mng c th chn l Workgroup hay Domain (Client / Server) i km vi giao thc TCP/IP, NETBEUI hay IPX/SPX. V d: -Mt h thng mng ch cn c dch v chia s my in v th mc gia nhng ngi dng trong mng cc b v khng t nng vn an ton mng th ta c th chn M hnh Workgroup. -Mt h thng mng ch cn c dch v chia s my in v th mc gia nhng ngi dng trong mng cc b nhng c yu cu qun l ngi dng trn mng th phi chn M hnh Domain. -Nu hai mng trn cn c dch v mail hoc kch thc mng c m rng, s lng my tnh trong mng ln th cn lu thm v giao thc s dng cho mng phi l TCP/IP. Mi m hnh mng c yu cu thit t cu hnh ring. Nhng vn chung nht khi thit t cu hnh cho m hnh mng l: -nh v cc thnh phn nhn dng mng, bao gm vic t tn cho Domain, Workgroup, my tnh, nh a ch IP cho cc my, nh cng cho tng dch v. -Phn chia mng con, thc hin vch ng i cho thng tin trn mng. 2.4.2 Xy dng chin lc khai thc v qun l ti nguyn mng Chin lc ny nhm xc nh ai c quyn lm g trn h thng mng. Thng thng, ngi dng trong mng c nhm li thnh tng nhm v vic phn quyn c thc hin trn cc nhm ngi dng. 2.4.3 Thit k s mng vt l
32
Cn c vo s thit k mng logic, kt hp vi kt qu kho st thc a bc k tip ta tin hnh thit k mng mc vt l. S mng mc vt l m t chi tit v v tr i dy mng thc a, v tr ca cc thit b ni kt mng nh Hub, Switch, Router, v tr cc my ch v cc my trm. T a ra c mt bng d tr cc thit b mng cn mua. Trong mi thit b cn nu r: Tn thit b, thng s k thut, n v tnh, n gi, 2.4.4 Chn h iu hnh mng v cc phn mm ng dng Mt m hnh mng c th c ci t di nhiu h iu hnh khc nhau. Chng hn vi m hnh Domain thng ci t h iu hnh Windows Server2003 hoc 2008 trn my ch. Tng t, cc giao thc thng dng nh TCP/IP, NETBEUI, IPX/SPX cng c h tr trong hu ht cc h iu hnh. Chnh v th ta c mt phm vi chn la rt ln. Quyt nh chn la h iu hnh mng thng thng da vo cc yu t nh: -Gi thnh phn mm ca gii php. -S quen thuc ca khch hng i vi phn mm. - S quen thuc ca ngi xy dng mng i vi phn mm. H iu hnh l nn tng cho cc phn mm sau vn hnh trn n. Gi thnh phn mm ca gii php khng phi ch c gi thnh ca h iu hnh c chn m n cn bao gm c gi thnh ca cc phm mm ng dng chy trn n. Hin nay c 2 xu hng chn la h iu hnh mng: cc h iu hnh mng ca Microsoft Windows hoc cc phin bn ca Linux. Sau khi chn h iu hnh mng, bc k tip l tin hnh chn cc phn mm ng dng cho tng dch v. Cc phn mm ny phi tng thch vi h iu hnh chn.
2.5 Ci t
Khi bn thit k c thm nh, bc k tip l tin hnh lp t phn cng v ci t phn mm mng theo thit k. 2.5.1 Lp t phn cng
33
Ci t phn cng lin quan n vic i dy mng v lp t cc thit b ni kt mng (Hub, Switch, Router) vo ng v tr nh trong thit k mng mc vt l m t.
2.5 Tin trnh ci t phn mm bao gm:

-Ci t h iu hnh mng cho cc server, cc my trm -Ci t v cu hnh cc dch v mng. -To ngi dng, phn quyn s dng mng cho ngi dng. Tin trnh ci t v cu hnh phn mm phi tun th theo s thit k mng mc lun l m t. Vic phn quyn cho ngi dng pheo theo ng chin lc khai thc v qun l ti nguyn mng. Nu trong mng c s dng router hay phn nhnh mng con th cn thit phi thc hin bc xy dng bng chn ng trn cc router v trn cc my tnh.
2.6 Kim th
Sau khi ci t xong phn cng v cc my tnh c ni vo mng. Bc k tip l kim tra s vn hnh ca mng. Trc tin, kim tra s ni kt gia cc my tnh vi nhau. Sau , kim tra hot ng ca cc dch v, kh nng truy cp ca ngi dng vo cc dch v v mc an ton ca h thng. Ni dung kim th da vo bng c t yu cu mng c xc nh lc u.
2.7 Bo tr
Mng sau khi ci t xong cn c bo tr mt khong thi gian nht nh khc phc nhng vn pht sinh xy trong tin trnh thit k v ci t mng.
34
Chng 3: THIT K MNG LAN CHO MT CNG TY ITCON 3.1 Bi ton t ra Xy dng mng cc b LAN cho cng ty tin hc v cng ngh ITCon Chc nng ca cng ty Chuyn mua v bn cc loi thit b,ph kin dnh cho tin hc ,thit k mng cho cc doanh nghip,nhn sa cha v bo hnh chnh hng thit b. T chc b my Cng ty ITCon bao gm Ban gim c, 6 phng ban chuyn mn. * Ban gim c gm: -1 Gim c 01 pc, 01 USB printer . - 1 ph gim c 01 pc. * Phng K hoch 04 pc, 01 network printer * Phng K Thut 10 pc, 01 network printer * Phng Bo hnh 05 pc, 01 network printer. * Phng K ton ti v 05 pc, 01 network printer * Phng Kinh doanh 10 pc, 01 my in a chc nng: fax, printer, scan, wireless iu kin a l Ton b cc phng ban lm vic ca cng ty c xy dng thnh mt khu nh 3 tng
35
3.2 M hnh lgic
Phng Kinh doanh
Internet
01 Switch L2 24 Port 10 PC 01 My in a chc nng 01 Wireless
Modem ADSL
Phng K ton
05 PC 01 My in mng
ISA PC DHCP Server
Phng K Thut
01 Switch 16 port 10 PC 01 My in mng
Switch L3 24 Port
File Server Phng Server

02 Server 01 PC Firewall 01 Modem ADSL 01 Switch L3 24 port
Phng Bo Hnh
Phng K hoch
Phng Ph G
01 PC
Phng Gim c
M hnh Logic
01 PC 01 My in USB
36
3.3 M hnh vt l
Tng 3
Phng Gim c
Phng Ph G
Phng k hoch
Tng 2
Internet
Phng Bo hnh
Phng k thut
Phng Server
Tng 1
Phng Kinh doanh
Phng K ton
M hnh vt l
3.4 Ci t phn mm 3.4.1 Ci t v cu hnh Server - Windows Server Enterprise R2 2008 - Cu hnh Domain Controller : ITCON, DHCP, Active Directory - ISA 2006 3.4.1 Ci t v cu hnh my trm(Workstation) - Windows XP Professional - Join Domain: ITCON
37
Chng 4: KT QU V BN LUN
KT LUN V KIN NGH Trong thi gian nghin cu v vn dng nhng kin thc c trang b nh trng v cc lnh vc khc. Chng ti xy dng h thng mng ni b cho mt to nh 3 tng c khong 50 node mng, c thit k theo TOPO hnh sao hai mc. H thng my ch t ti trung tm mng v cung cp cc cng c cho vic qun tr h thng. H thng cp truyn dn m bo kt ni tc cao, hn ch mc thp nht nhng s c xy ra trong qu trnh vn hnh ngoi ra p ng c kh nng m rng trong tng lai. Trong n ny, chng ti a ra mt s khi nin c bn nhm hon thin hn cc khi nim v h thng mng thng dng nht hin nay. Chng ti hy vng rng nhng khi nim ny c th p dng cho cc lnh vc cng ngh thng tin ni chung v cc ngnh lin quan n mng my tnh ni ring. Trong qu trnh thc hin n, chng ti nhn c s gip tn tnh ca thy gio Nguyn Tr Nhn gip chng ti hon thnh tt n ny.V thi gian lm n hn hp, kinh nghim thc t cha nhiu nn n khng trnh khi nhng sai st, rt mong s gp ca cc thy c gio v cc bn. CHNG TI XIN CHN THNH CM N. Ngi thc hin n. Dip Cng V L Quc Cng V Thnh t
38
DANH MC CNG VIC
Dip Cng V : Tm hiu v quy trnh kho st thit k mng LAN L Quc Cng: Ci t v cu hnh cho Server v my trm V Thnh t: Tm hiu Tng quan v mng, lp t phn cng
39
TI LIU THAM KHO
[1]. Internetworking Design Basics, Copyright Cisco Press 2003. [2]. Internetwork Design Guide, Copyright Cisco Press 2003. [3]. ISP Network Design. IBM. [4]. LAN Design Manual. BICSI. [5]. Mng cn bn - NXB thng k. [6]. Mng my tnh v cc h thng m - Nguyn Thc Hi [7]. Mng my tnh . Nguyn Gia Hiu. [8]. Gio trnh : Thit k v xy dng mng LAN v WAN (Chng trnh tng th ci cch hnh chnh ca CP giai on2001-2010). [9]. TCP/IP Network Administration. Craig Hunt, OReilly & Associates . [10]. Trang web: www. Quantrimang.com.
40
PH LC Ph lc 1: Hng dn bm dy mng u RJ45 1.1. Phng php bm dy mng RJ- 45. Cp mng RJ 45 c tm dy, chia lm bn cp, mi cp hai dy xon li vi nhau ( nhm chng nhiu ).
Cp ni PC qua Hub
Cp ni PC qua PC hoc Hub qua Hub
41
1.2 Chun b cng c v vt liu bm dy mng Cp- cn chc chn l cp CAT 5, tt nht l ta nn chn cp StraightThrough cha c u ni, khi ta ch cn thay i th t ca u ni bn kia. Connectos (u u ni)- Cc cp u cho c u ni tun theo chun CAT 5 RJ- 45 (Registered Jack), RJ-45 tng t nh u cui dy in thoi (tuy nhin, dy in thoi ch c 4 dy nh). Ta cng cn kim tra cc u cui m ta mun u ni c theo chun CAT5 khng. Do cng c cc loi Jack khc s dng cho cc loi cp khc (v d cp ng trc). Crimper- Dng c bm Stripper- Dng c tut dy, tt nhin ta c th s dng dao thay th. Tt nhin khi s dng cn cn thn u dy c tut p v khng b hng khi cho vo gic cm. Cutters- Ta cn c mt cp km cho php ta ct c mt s cp theo mt ng thng. y l nhim c quan trng do chng ta cn m bo cc dy trong si cp c chiu di bng nhau.
1.3 Thc hin bm u RJ-45: Nh vy chng ta chun b c cc cng vic cn thit trc khi lm dy cp u cho. u tin, ta ct mt giai on dy cp thch hp vi cch m chng ta cn, tt nhin khng th di qu. Bc 1: Co v ca dy cp mt on khong 5cm mi u cui cp, cn ch y khi khng ct vo si cp nh bn trong, nu c ta cn thc hin li bc ny.
42
Bc 2: Tri dy cp, cn cm thn sao cho cc dy khng b tch ri nhau ra
Bc 3: Mi vic tr nn kh d dng, ta cn quyt nh cc u cp no cn c to. Nu ta lm t u th cn c hai u gic. Nu ta s dng cp c to sn (Straight Through) th ch cn mt u gic. Hnh di y ch cho ta bit th t cc dy trong cp vi tng u cp.
43
Ta tch tng si i trong cp, ch khng tch n phn nha, sp xp chng theo th t tng u cp theo hnh v, dng km ct dy, yu cu phn dy lad 1,2 cm v vt ct cn thng.
Bc 4: y cc u dy vo gic theo ng th t, nh hnh v
Bc 5: Dng km bm c nh gic.
44
Kim tra xem cp c to thnh cng cha, trn hnh v di y cho ta hai trng hp cp tt v cp cha t yu cu (rt d b hng phn tip xc).
Ph lc 2: Hng dn ci t dch v trn Server

2.1 Ci t Domain Controller:
Ta t a ch IP tnh cho Server01 :
Nhp Start Run g: dcpromo tin hnh nng cp Server thnh Domain Controller
45
46
47
48
Go password administrator
49
Nhap next va doi hoan tat
Nhp Finish hon tt v khi ng li server
50
2.2 Ci t DHCP Add Roles t ca s Initial Configuration Tasks hoc t Server Manager > Roles > Add Roles.
Hnh 1: B sung thm Role mi trong Windows Server 2008 Khi Add Roles Wizard xut hin, bn hy kch Next trn mn hnh . Tip n, chn thnh phn mun b sung, DHCP Server Role, sau kch Next.
Hnh 2: Chn DHCP Server Role
51
Nu khng c a ch IP tnh c gn trn my ch th bn s gp mt cnh bo, cnh bo ny thng bo cho bn bit rng bn khng nn ci t DHCP vi mt a ch IP ng.
Hnh 3: Ging buc kt ni mng Tip n, nhp vo Parent Domain, Primary DNS Server, v Alternate DNS Server (xem hnh bn di) v kch Next.
Hnh 4: Nhp vo cc thng tin min v DNS
52
Hnh 5: B sung thm DHCP Scope mi Quay tr li mn hnh Add Scope, chng ta kch Next b sung thm mt phm vi mi (khi DHCP Server c ci t).
Hnh 6: Xc nhn cc phn chn ci t
53
Hnh 7: Ci t Windows Server 2008 DHCP Server thnh cng Kch Close ng ca s ci t, sau chng ta hy chuyn sang cch qun l DHCP Server.
Hnh 8: Trnh qun l DHCP Server trong Server Manager
54
Do khng th qun l cc phm vi DHCP Server v cc my khch ti y nn nhng g chng ta c th thc hin l qun l nhng s kin, dch v v ti nguyn g c lin quan n ci t DHCP Server. Chnh v vy, y l ni tt kim tra trng thi ca DHCP Server v nhng s kin g xy ra xung quanh n. Mc d vy, cu hnh DHCP Server v xem xem nhng my khch no thu c cc a ch IP, chng ta cn vo DHCP Server MMC. Thc hin iu , bn cn vo Start > Administrative Tools > DHCP Server, ging nh di y:
Hnh 9: Khi chy DHCP Server MMC
55
Khi khi chy, MMC s cung cp rt nhiu tnh nng. y l nhng g khi MMC xut hin:
Hnh 10: Windows Server 2008 DHCP Server MMC DHCP Server MMC cung cp cc thng tin IPv4 & IPv6 DHCP Server gm tt c scope, pool, lease, reservation, scope options v server option. Nu vo address pool v scope options, chng c th thy cu hnh mnh to khi ci t DHCP Server. Di a ch IP nm y v DNS Server & gateway mc nh cng vy.
56
Hnh 11: Address Pool ca DHCP Server
Hnh 12: Scope Options ca DHCP Server
57
2.3 Ci t Active Directory

Ci t Active Directory Domain Services (AD-DS): M Server Manager > Roles > Add Roles:
Nhn Next ti ca s tip theo: Trong ca s Select Server Roles, chn Active Directory Domain Services v nhn Next:
58
Ca s Active Directory Domain Services hin th, cc bn c th tham kho thm thng tin c h thng cung cp ti y v nhn Next:
59
Tip tc nhn Install ti ca s Confirm Installation Selections: V ch i cho ton b qu trnh ny hon tt:
Nhn Close: Sau quay tr li Server Manager, nhn vo ng dn Active Directory Domain Services, nhng khng th s dng c v DCPROMO cha c kch hot:
60
Chn ng dn DCPROMO v tip tc lm theo hng dn ti :
61
Ph lc 3: Hng dn cu hnh kt ni trn my trm 3.1 Hng dn join Domain cho my trm Kch chut phi vo My Computer Properties Computer Name Change Trong Group Member of: Domain: g vo ITCON
Nhp OK, G vo username v password ca server xc nhn kt ni vo Domain Sau khi ng li my tnh hon tt join Domain 3.2 Ci t my in qua mng: Trc tin ta phi t cho my in a ch IP tnh m trn server ta dnh 1 vng a ch IP t cho my in. V d ta ci my in c a ch IP l: 192.168.1.11 Start Settings Printers and Faxes Add printer Next Chn mc Local printer sttached..
62
B chn Automatically detect and Nhp Next tip tc
Chn Create a new port v chn Standard TCP/IP port
Nhp Next Next. G vo a ch my in nh hnh bn di
63
Nhp Next Next Finish v chn my in ci t nu khng c trong list ta chn Have disk chn ni cha driver v ci t
Tip tc chn Next . V Finish 3.3 Gii thiu phn mm ISA Microsoft Internet Security and Acceleration Sever (ISA Server) l phn mm share internet cahng phn mm Microsoft, l bn nng cp t phn mm MS ISA 2000Server. C th ni y l mtphn mm share internet kh hiu qu, n nh, d cu hnh,cthit lp tng la (firewall) tt, nhiutnh nng cho php bn cu hnh sao cho tng thchcvi mng LAN ca bn. Tc nhanh nh ch cache thng minh, vi tnh nng lu Cache trn a gip bn truy xut thng tin nhanh hn, v tnhnng Schedule Cache (Lp lch cho tng download thng tin
64
trn cc WebServer lu vo Cachev my con ch cn ly thng tin trn cc Webserver bng mng LAN) c im Ca ISA 2006. Cung cp tnh nng Multi-networking: K thut thit lp cc chnh sch truy cp datrn a chmng, thit lp firewall lc thng tin da trn tng a ch mng con, Unique per-network policies: c im Multi-networking c cung cp trongISA Server chophp bo v h thng mng ni b bng cch gii hn truy xut ca cc Client bn ngoiinternet, bng cch to ra mt vng mng ngoi vi perimeter network (c xem l vng DMZ,demilitarized zone, hoc screened subnet), ch cho php Client bn ngoi truy xut vo cc Server trn mng ngoi vi, khng cho php Client bn ngoi truy xut trc tip vo mng ni b. Stateful inspection of all traffic: Cho php gim st tt c cc lu lng mng. NAT and route network relationships: Cung cp k thut NAT v nh tuyn d liu cho mng con. Network templates: Cung cp cc m hnh mu (network templates) v mt s kin trc mng, km theo mt s lut cn thit cho network templates tng ng. Cung cp mt s c im mi thit lp mng ring o (VPN network) v truy cp t xa chodoanh nghip nh gim st, ghi nhn log, qun l session cho tng VPN Server, thit lp access policy cho tng VPN Client, cung cp tnh nng tng thch vi VPN trn cc h thng khc. Cung cp mt s k thut bo mt (security) v thit lp Firewall cho h thng nhAuthentication, Publish Server, gii hn mt s traffic
65
Cung cp mt s k thut cache thng minh (Web cache) lm tng tc truy xut mng,gim ti cho ng truyn, Web proxy chia s truy xut Web Cung cp mt s tnh nng qun l hiu qu nh: gim st lu lng, reporting quaWeb, exportv import cu hnh t XML configuration file, qun l li h thng thng qua k thut gi thngbo qua E-mail,.. Application Layer Filtering (ALF): l mt trong nhng im mnh ca ISA Server 2006, khngging nh packet filtering firewall truyn thng, ISA 2006 c th thao tc su hn nh c th lcc cc thng tin trong tng ng dng. Mt s cim ni bc ca ALF: Cho php thit lp b lc HTTP inbound v outbound HTTP. Chn c cc c cc loi tp tin thc thi chy trn nn Windows nh .pif, .com, C th gii hn HTTP download. C th gii hn truy xut Web cho tt c cc Client da trn ni dung truy cp. C th iu kin truy xut HTTP da trn ch k (signature). iu khin mt s phng thc truy xut ca HTTP.

Đ Án Network

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Đ Án Network

Uploaded by

Copyright:

Available Formats

1

B GIO DC V O TO TRNG I PHM VN NG

KHO ST, THIT K V XY DNG MNG LAN TRONG CNG TY VA V NH

CNG NGH THNG TIN

Qung Ngi, Thng 10 - 2011

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

NHN XT CA GIO VIN HNG DN

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

CHNG 1: TNG QUAN V MNG MY TNH.

1.1 Khi nim v mng my tnh :

M hnh mng cn bn.

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

1.2 Phn loi mng my tnh :

1.3 Cc m hnh qun l mng

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

1.4 Cc m hnh ng dng mng

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

ng dy phi khp kn, nu b ngt mt ni no th ton b h

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

M hnh mng khng dy

1.5 B giao thc TCP/IP

1.6 M HNH OSI(open system interconnect)

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

1.7 Cc thit b LAN c bn:

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

CHNG 2 KHO ST V THIT K MNG LAN

2.1 Thit k mng LAN:

Hnh 3-10: M hnh phn cp

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

Gateway B lc Cng vo/ ra ra

M hnh tng la M hnh logic ca tng la

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

Hnh 3-12 : M hnh tng la 3 phn

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

2.2 Kho st hin trng

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

2.3 Phn tch

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

2.5 Tin trnh ci t phn mm bao gm:

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

Kho st, thit k v xy dng mng LAN trong cng ty va v nh

3.2 M hnh lgic

Phng Kinh doanh

01 Switch L2 24 Port 10 PC 01 My in a chc nng 01 Wireless