Вы находитесь на странице: 1из 11



Telesoft Company Ltd.

24th November, 2011



OBJECTIVES The aim of the project undertaken was to carry out a network server installation and general network performance upgrades. This was to be achieved by implementing the following proposed solutions Setting up a new enterprise-class wireless mesh network which will be merged with the LANs in the two buildings. Upgrading the existing profile for the internet service from Vodafone to a packaged that will increase the current capacity and providing a backup internet service one additional cellular network. Deployment of a modular commercially supported Linux network operating platform to serve as network gateway, among other services. Security threat protection with Kaspersky Business Space for network server and up to 50 workstations and smartphones Secure VPN connection to file server in the Head Office from both the Kumasi and Tamale offices. Performing general network upgrade including bridging of the separate LANs in the two buildings and repairing of faulty network ports. IMPLEMENTATION TESTING AND EVALUATION OF EXISTING INFRASTRUCTURE The initial implementation of the project involved general testing and evaluation of existing network infrastructure. All accessible network ports in each of the offices were tested for continuity and connectivity to the internet. Ports that were found to be faulty were replaced with new ones. All wireless access points were also tested and confirmed to be properly connected to the internet and accessible to users. The internet subscription was upgraded from a shared 512Kbps downlink/128 uplink DSL service to the Heavy User profile which provides a maximum shared speed of 20Mbps downlink/5Mbps Uplink

CABLING In implementing the next stage of the project, it was proposed that all network equipment be relocated to a single location for easy access and monitoring. However due to the fact that the initial cabling done during the network installation, routed cables through pipes in the wall, it was impossible to reroute all the cable connections to each network equipment without the undesirable occurrence of cable trunking extensively laid throughout almost every wall in the building. A dedicated server room was none the less created in Store 1 (formerly used as storage area for files and general supplies). The next stage was to layout appropriate cabling to allow housing of the server in the newly created server room in Store 1.Two ports were created in the Server Room; both with CAT 5 cable connections to ports on the switch in Rack B (located in the Administrator's office). Another direct cable connection was made between the Vodafone ADSL modem housed in the Rack A (located in the Program Manager-Southern Zone's office).

SERVER INSTALLATION Rack C was mounted in the Server room to house the server and any additional network equipment. The server was mounted in the rack and configured to function as the network gateway. The network server currently provides the following functions Office Server: - Allows office resources to be deployed, managed and shared by users with individual account credentials that have different access right levels. This allows for storage of sensitive data that should only be accessed by certain members of staff. This also provides the much needed centralized storage space for large the volume of data processed daily by NMCP staff. Automated Backup: - This regularly backs up files of users onto the server to avoid loss of information in the event of disk failures or any other malfunction. Unified Threat Management:- Provides a solid layer of protection for the computer network and its resources from both internal and external threats Configurable Network Interfaces: With two configurable network interfaces, the server connects directly to the Vodafone ADSL modem for internet on one interface and provides internet connection to the rest of the LAN through its second network interface.

WAN Fail-over: A 3G/ADSL2+ (802.11n) VPN Firewall Router from BILLION has been procured to provide a standby fail-over internet service from an addition cellular network to. The implementation of this feature is pending release of funds for payment service charges from the cellular network. SERVICES (OPTIONAL) NOT CURRENTLY RUNNING

Centralized Security: - Kaspersky Business Space was to deployed on the server to provide centralized protection to both the server and workstations that are connected to it. In the implementation of this added security feature, a minor computer bug which prevents the virtualization of the Windows environment in which this antivirus was designed to operate was detected. This was promptly reported to the providers of the server management software (Zentyal 2.2), who have confirmed this problem and are actively developing software updates and modifications to fix it. The Unified Communications Server: This was a proposed solution intended will manages all communications, including email, instant messaging and VoIP switchboard. The implementation of this feature has however not been approved. Pending approval, this feature will promptly be implemented on the network. RADIUS Authentication Server: - This feature redirects the task of authentication of security keys to the main server, where more detailed verification measures will be carried out before permitting any device to the access the wireless network. This feature will be implemented when highest security level has been implemented on the server and Kaspersky Business Space is fully functional.

Server Specifications Manufacturer: Supermicro Model: SuperServer 6016-MTHF Processor: Intel Xeon CPU E5606 @ 2.13GHz 64bit OS: Linux 2.6.32-34-generic #77-Ubuntu SMP x86_64 GNU/Linux Zentyal 2.2 Modular Server Management Software HDD 1000GB RAM: 5.97 GB 2GB 1333MHz DDR3 ECC w/Thermal Sensor Super DVM-PNSC-824B 8X Slim DVD-ROM Drive

Addition of Workstations to the Network Domain To be able to access full file and resource sharing capabilities deployed on the server, all workstations, with the exception of the personal laptops of some of the staff, were added to the network domain controlled by the server. Some of the workstations listed below were however not added to the network domain. This is because their respective versions of windows running on them (Starter and Home Premium versions of Windows 7 and Windows Vista) do not support joining of a domain. VPN connections to the server were also setup on each of the laptops (running versions of windows that support joining of a domain). This allows users to be able to access shared files on the server from an external network through a secure connection created over the internet. WORKSTATIONS
Accra Office -Workstations

Desktop: EUNICE-PC\Eunice Domain Username: eaadjei OS: Windows 7 Professional - 32 bit Processor: Intel Pentium Dual CPU 2.80 GHz RAM: 2.5 GB HDD: 232 GB Antivirus: McAfee.

Laptop: Toshiba-PC\Toshiba Domain Username: eaadjei OS: Windows 7 Ultimate SP1 - 32 bit Processor: Intel Core 2 Duo CPU T5600 2.10 GHz RAM: 4.0 GB HDD: 287GB LILY BOATEMAA SAMPONG Laptop: Sony VAIO Domain Username: lbsamppong (Not Added) OS: Windows 7 Home Premium -64 bit Processor: Intel Core i5 CPU M430 2.27 GHz RAM: 4.0GB GODSON OSAE



Desktop: user-pc\user Domain: gosae OS: Windows Vista Business SP2 - 32bit Processor: Intel Pentium Dual Core CPU E5300 2.60 GHz RAM: 2.0GB HDD: 80GB

Laptop: Toshiba Tecra Windows XP Pro Service Pack 2 RAM: 548 MB HDD: 1.0 GHz 6. SYLVESTER- SAMMY OPPONG Desktop: 5410-GHANA\sylverster Domain: soppong (Not Added) OS: Windows 7 Professional SP1 - 32bit Processor: Intel Core i5 CPU M560 2.67 GHz RAM: 4.0GB 7. OTUBEA ANSAH MANTEY Laptop: OT-PC\OT Domain Username: oamante (Not Added) OS Windows Vista Ultimate 32-Bit AMD Turion 64*2 Mobile Technology TL-50 1.60 GHz RAM: 894MB Laptop: SZNMCP-HP\MSE (Not Added) (HP Mini 110-3100) OS: Windows 7 Home Starter SP1 32Bit Intel Atom CPU N455 1.66GHz RAM: 1.0 GB

A. B Wilmot / Kwame Gapkey Desktop: USER-PC\user Domain Username: abwilmot & kgapkey Windows Vista Ultimate SP2 - 32 Bit RAM: 2.0 GB, 2.66 GHz Stephen Appiah Laptop: USER-PC\user (Toshiba Satellite L305) Desktop: Windows XP Pro SP2 Domain username: sappiah OS: Vista Home Premium SP1 32-Bit IntelCore 2 Duo CPU T5750 2GHz RAM: 3.5 GB Domain Username: jnbalbaare (VPN) Laptop: DrCMarfor-PC Windows Vista Home Premium SP1 (Personal- Sony VAIO)



IntelCore2 Duo CPU T7250 2.0GHz RAM: 2.0GB


Desktop: user-pc\user Laptop: Unavailable Windows Vista Ultimate SP2 Domain username: vaaubyn Intel Core 2 Quad CPU Q 8400 2.66 GHz RAM: 2.0 GB

Desktop: delldesk-pc\dell desk Laptop: Unavailable OS: Windows 7 Ultimate - 32 Bit Pentium Dual Core CPU E5500 2.8 GHz

Domain Username: iforson Desktop: ADMIN-PC\Administrator Windows 7 Professional 32-Bit Intel Core 2 Quad CPU Q8400 2.66GHz RAM: 1.0 GB (AVG) Laptop: Window 7 Professional IVYFORSON-PC\IVY FORSON 14. ASHIA ABUBAKARI Desktop HP Compaq DC 2390 Windows XP Pro
15. NY Williams

Laptop: Intel Atom HP-Mini 110-1026NR Microsoft Win XP Home Edition sp3 Intel Atom CPU N270 @ 1.60 GHz 0.99 GB Ram Antivirus: AVG 9

Windows 7 Starter SP 1 32 Bit OS (Not Added) Toshiba NB505 Intel Atom CPU N455 @ 1.66 GHz RAM 1.0 GB

Kumasi Office -Workstations


OS: Windows XP Professional Version 2002 SP2 Registered to: NMCP -KUMASI Intel Pentium 4 CPU 2.80 GHz 248MB of RAM Full computer name: nmcp-e15782767a Windows XP Professional Version 2002 SP2 (reception)


Registered to: user Intel Pentium Dual CPU E 2180 @ 2.00GHz 0.99GB RAM Full Computer name: user-4d37d81c6b AVAST Free Antivirus HDD: 149 GB

Windows XP Professional SP2 Version 2002 Registered to user (National Malaria Control Program) Intel Pentium 4 CPU 2.8GHz RAM: 504MB Bitdefender - Total Security 2010 NMCP_KUMASI HDD: 146 GB

PROJECT SETBACKS In preparation for the concluding phase (VPN Connections) of the project it was necessary to configure the LAN interface of the server with the appropriate Public IP settings. These public IP's were to be provided on request by Vodafone. However, we had still not received these IPs needed for the rest of the configurations for more than two weeks after application. After several complaints and persistent requests made to Vodafone, we were provided with the public IPs requested for by a Vodafone technician who also came over to configure the static IPs on the ADSL modem. However, after about week we lost internet connection and the static public IP settings had to be rolled back and the account set back to DHCP again. This restored internet connection, but after we received reports of intermittent periods of no access to the internet, a closer inspection of NMCPs internet connection setup had to be done at Vodafone by technicians there. This resulted in Vodafone's engineers changing the port to which NMCP was connected as they suspected that this faulty connection could be the cause of the intermittent loss of internet access. With this problem rectified, technicians from Vodafone, on the 4th of October, reconfigured the public IPs back on the account again. This seems to have remedied the problem and provided more stable internet connection. TIMELINE: The initial timeline of 21days for the implementation of the project was exceeded due to certain unforeseen challenges beyond our control. Firstly, our request for Public IPs from Vodafone, which should have normally taken not more than 48 hours to provide, took about two weeks. After repeated

reports and complaints were finally provided with the Public IPs two weeks after we requested for them, which greatly delayed our operations. Secondly, the DSL line on which the current internet subscription is provided constantly kept failing. Technicians from Telesoft and Vodafone had to spend weeks troubleshooting and monitoring the internet connection on that DSL line before proceeding with any further work. After weeks of close monitoring, the problem was eventually traced to a faulty port to which NMCP had been connected at Vodafones exchange. This was prompt replaced before work could continue. Again, we received strict directive from the Program Manager not to work at the office during weekends (which was our initial plan) unless a member of staff was present. This meant that we only had week days to carry out our work. In order not to interrupt the daily operation of NMCP staff, we were compelled to tailor our work to accommodate the schedule of the office staff. Server configurations, addition of workstation and setting up of VPN connections on laptops had to be done at times when the staff would be least inconvenienced.

KUMASI & TAMALE VPN On the 27th of October 2011 a personnel from Telesoft was sent over to the Kumasi office to set up VPN connections to the server on each workstation. VPN Connections were to the server were successfully set up and tested on all three desktop computers available at the office. A demonstration was performed to the two staff present at the time concluding work in the Kumasi office. A similar exercise to be done in the Tamale office was scheduled for the 28th October, however we were informed by the Technical Officer (Northern Zone) that the workstations in that office, which had all been taken to Accra for repair and maintenance, had not yet been returned. It was therefore decided to reschedule work in Tamale for a later date when the full complement of workstations is available at the office. The workstations will, as a result be, remotely configured to connect to the server when they are all returned to the office. BROADBAND SERVICE

The Kumasi and Tamale offices of the NMCP were both found to on a dial-up internet service from Vodafone. However this service had long been suspended by the service provider. The two offices therefore did not have any permanent internet connection. On request, Telesoft initiated a change of internet service from dial-up to broadband. An initial two month subscription has been applied for and pending release of funds for payment of subscription charges, internet access will be restored to these zonal offices. ONSITE SUPPORT AND MANAGEMENT Personnel from Telesoft have frequently been onsite since the beginning of the project; providing IT support to staff as well as managing the current installations done. This has ensured closer monitoring and prompt response to any IT issues that may arise. Telesoft personnel will continue to be onsite to offer any project related support required. Apart from the one year server maintenance offered by Telesoft, we will also be available to provide any additional managed IT services on request. CONCLUSION The project was officially brought to completion on the 28th of October, 2011. However any outstanding issues and work left done that is pending the approval of funds or provision of resources by NMCP will be carried out as soon as this is done. Despite the many long delays (largely from Vodafone) introduced in the implementation of the project we have diligently pursued the course of fulfilling our end the terms of the contract and can duly handover the project pending any further inspection and evaluation.


Upgrade of Operating Systems: In the course of adding workstations to the

network domain, those that were running versions of Windows that don't support joining of a domain could not be added. We would like to propose an upgrade of all workstations running earlier versions of Windows, particularly,

the Starter and Home Premium Versions of both Windows 7 and Windows Vista to Windows 7 Ultimate. This will ensure that all workstations are fully capable of accessing domain resources and more Windows functionality in general. Again, as a policy, this will ensure a standardized operating platform for all workstations, avoiding any compatibility issues upon any future deployment of additional functionality LAN. 2. Dedicated Internet Connection: In the course of the project implementation, technicians Telesoft and Vodafone have constantly encountered the problem of intermittent access to the internet. We have taken a number of measures to ensure that the occurrence of this problem is minimized. However to ensure this problem is completed averted, we would like to propose the option of requesting for dedicated internet connection. This will provide more bandwidth, speed and greater reliability than the current Vodafone internet service. 3. Replacement of Equipment: A possible cause of the intermittent access to the internet was traced to a malfunctioning network switch in Rack B (located in the Administrators office), which constantly has to be restarted in order for it to function properly. This would have to be replaced as soon as possible to further minimize the network downtime which causes loss of access to the internet.

Voice Network: In the course of initial survey conducted it was found that

there are separate voice networks serving each of the blocks that are not connected in any way. These networks are limited in their ability to additional functionality such voicemail, call forwarding between the separate networks, conferencing and so on. A more suitable option would be to deploy a full Voice over Internet Protocol (VoIP) solution which will provide added functionality and integration to NMCPs voice network.

Mail Service:It was also observed that staff of NMCP exchange information

and communicate with each through the traditional e-mail service providers like Yahoo Mail and Gmail. We would like to propose a dedicated e-mail service exclusive to NMCP staff. This will provide more security and exclusivity in information exchange between staff.