Infolink Universty College

Infolink Universty college

INFORMATION TECHNOLOGY
Hardware and Network Servicing

Level IV

Unit of Competence: Develop System Infrastructure design plan

Module Title: Develop System Infrastructure design plan

1
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

Unit one
What is Internet Infrastructure?
All the hardware and services required to make a web page appear in your browser.
Internet infrastructure is a collective term for all hardware and software systems that constitute
essential components in the operation of the Internet. Physical transmission lines of all types,
such as wired, fiber optic and microwave links, along with routing equipment, the accompanying
critical software services like the Domain Name System (DNS), Email, website hosting,
authentication and authorization, storage systems, and database servers are considered critical
Internet components
Internet Infrastructure consisting of:

1. Data Centre

A Data Centre is basically a specialist building that has the ability to power (and cool) massive
amounts of computer equipment. Typically a Data Centre would also have a very large amount
of network bandwidth to accommodate data transfer in and out of it.

A data center is a centralized repository computer facility used to house computer systems and
associated components, such as telecommunications and storage systems. It generally includes
redundant or backup power supplies, redundant data communications connections,
environmental controls (e.g., air conditioning, fire extinguisher) and security devices

2. Network

 Most important foundation block of Internet Infrastructure is the Network. Without a

network connection no data can pass between Data Centers, over the Internet, and

3. Internet Service Provider (ISP)

 Choosing the proper bandwidth and network connection (cable) is critical to the site's
web presence.
 The router and the communications interface (cable, modem, bridge or other device) and
the cables that connect them form the bridge from the Web server to the outside world.
Most of this equipment will be provided by the Internet Service Provider, but as the site
grows more equipment such as switches, hubs, patch panels, wiring and firewalls will be
needed
4. Computer Equipment

2
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

Computer equipment refers to any or all of the many different parts of a computer, as well as
peripheral devices such as printers, external hard drives and servers. Basically, anything relating
to a computer is considered computer equipment.

5. Storage Services

Data Storage is a huge part of Internet Infrastructure. All those emails accessible online, all the
web pages on your favorite web site, all those photos on Face book … are all stored on a hard
drive in a DC somewhere. The basic level of storage is on-server storage, which means the hard
drives in the computer server.

6. Server Applications

The final piece of underlying Internet Infrastructure is the server applications themselves. In
order for a web application to be delivered from a server, that server requires
1. Operating System (typically Windows or Linux),
2. Web Server application (like Apache or Microsoft IIS), and
3. Database (such as MySQL, MS-SQL or Oracle).
There any many more variations here, but the basic web server has these 3 things. From here you
can install blog software, an ecommerce site, your new web 2.0 application, or any Internet
capable piece of software (more include – Instant Messaging Server, File Storage Server,
Message Board)

7. Internet security
Management Controls:
Focus on security policies, planning, guidelines, and standards that influence the selection of
operational and technical controls to protect the organization
 Security policy

- A high level management document that describes the management’s expectation

of the employees’ security practice and responsibilities.

- It sets a clear direction and demonstrates the management’s support for and
commitment to information security.

 Background checking of employees

 Training/awareness
 Physical and environmental protection

Technical Controls:

3
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

Involve the correct use of hardware and software security capabilities in systems. This range
from simple to complex measures that work together to secure critical and sensitive assets of the
organization.
 Login
 Encryption
 Authentication protocol
 Access control
 Firewall/proxy server
 Intrusion detection system
 etc

Operational Controls:
Address the correct implementation and use of security policies and standards, ensuring
consistency in security operations and correcting identified operational deficiencies. These
controls relate to mechanisms and procedures that are primarily implemented by people rather
than systems
 Backup/Restore
 Monitor audit trials
 Account/privilege management
 Monitoring and adjusting firewall
 Media disposal
 Patching
Overview
Requirement is a carful assessment of the needs that a system is to fulfill. It must say Why, a
system is needed, based on current and foreseen condition, which may be internal operations or
external market. It must say what system features will serve and satisfy this context. And it must
say how the system is to be constructed.

Why:
Enterprise requirements
Context analysis: the reason why the system to be created. Constraints on the environment in
which the system is to function
What:
Functional requirements (system)
A description of what the system is to do. What information needs to be maintained? What needs
to be processes?
Functional requirements capture the intended behavior of the system. This behavior may be
expressed as services, tasks or functions the system is required to perform.
How:
Non-functional requirements (system)

4
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

How the system is to be constructed and function.

The requirements documents are comprehensive; detailing what is required of an installation to
meet the business needs of users. Such a document can run to considerable length and would
normally be prepared by an IT analyst or project manager. The author of the functional
specification should be able to speak the language of both business and IT.
The functional requirements documents are the ‘blueprint’ for the project implementation.
Anything missed will appear at the end, and just as when building a house, if the plumbing
design is wrong then it will be expensive and time consuming to correct.
Often one of the first steps in large projects is to devise a functional specification, also known
as the functional requirements specification (FRS). After this, a technical specification can be
produced.
Requirements issues
When selecting and employing software and hardware tools, one of the first and most important
activities to embark on is identifying what the client wants and to ensure they sign-off on the
requirements. This may sound easy, but in many cases it is not.
For example, how can a client (who often has limited knowledge of IT architecture) indicate
what they want if they have not seen a working prototype to assess?
In many cases, inexperienced clients advise the developer on what they want, when they may not
really understand what is achievable technically. This issue can also be made more complex if
the process occurs in an organisation that has rigid IT policies, which can raise numerous
compatibility issues.
In addition, this is made even further complicated if you are in a situation where you are trying to
win a contract or compete for work. Others (e.g. competitors) may have promised the
unachievable and given an impression that ‘anything is possible’. If you are awarded the work or
win the contract, you may now be expected to deliver the impossible. An open and honest
assessment of what will be delivered is essential.
So, one of the tasks is to document the requirements.
This may include identifying or clarifying:
 the business case
 what the client considers the project’s main objectives are
 what IT infrastructure is already in place
 basic specifications (eg formats)
 conflicting or overlapping requirements
 maintenance and backup requirements
 bandwidth issues that may affect the project
 role definition of parties involved
 the nature of the data (eg banking details, multimedia)
5
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

 security needs (eg if the client needs logins, passwords, lockable sections, etc)
 available support resources
 Costing.
Needs analysis
Various techniques can be used to define and refine the project needs, such as interviews with
the client, online JavaScript surveys/forms, user discussion groups and questionnaires with
samples of the target audience. A very important purpose of this analysis is to develop an
understanding of what is achievable within the project resources of skills, funds and time.

The process of needs analysis may result in a separate needs report, especially on large projects.
On smaller projects, the needs analysis and the information gathered can often be documented
with the proposed solution in the one document: the scope document. This provides information
on which design decisions will be based in the next stages of development.
For most IT applications including multimedia, the needs analysis will need to focus on three
perspectives:
1 Business perspective: An outline of the current business climate, structure of company and
the emerging industry issues that are driving the project.
2 Technical perspective: An outline of existing IT systems/infrastructure of the company
including computer hardware specifications, numbers and locations, details on browsers,
operating systems, servers, security policies, networks, bandwidth capacity and so on.
3 Human perspective: An outline of the motivation of staff to use new IT systems. It may also
cover such considerations as PC literacy, industrial relations issues for staff, legalities and
even language issues for users.
A common criticism over the last decade is that IT developers have focused too heavily on the
technology and not enough on the users’ needs or the long-term business goals. By giving
adequate attention to these different perspectives, you are likely to end up with a solution that
addresses the client’s real needs.

Scope documentation
The aim of the scope document is to identify, control and justify the proposed solution.
Typically, the project manager/developer will normally prepare the document after consultation
with the client and the project team. It should contain most, if not all, of the information that will
form the project contract. Data gathered in the needs analysis can also be included here.
The first draft of the scope document is rarely fully mutually agreed upon. There are usually
numerous negotiations to refine the specifications of the deliverables. These will, of course,
impact on the budget and schedule of the project.
The final scope document should clearly specify the milestones and sign-off points, including
possible points and conditions for revisions to the budget and schedules. A timeframe should be
included in the document, but a full timeline that has agreed delivery dates may not necessarily
be part of the document at this stage. (This depends on the size and complexity of the project).
6
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

As part of the scope, there must be clear agreement on issues such as reporting, documentation,
evaluation, testing and delivery requirements. This defines, in quantitative terms, how the client
and the developer/implementer will work together and how, through the process of sign-offs, a
mutual end agreement will be reached. This means that in the end the appropriate product has
been built in the agreed way and via the agreed strategies outlined in the scope document.
The approval of the contract generally involves representatives signing a specified agreement on
the last page of the scope document. Any variations to this agreement will also have to be
approved by authorised representatives of the client and development team.
As you can imagine, once hardware is approved, ordered and functioning it is very difficult for
the client to then request anything else. At this stage, many thousands of dollars in hardware and
software, not to mention IT specialist wages, may have been allocated. The basic plan must be
right at the start!
Throughout the project, the client and the development team must have a strategy in place to
inform each other of any event that may impact on successful progress and timely completion of
the project. The strategy again must be outlined in the scope document.
Functional requirements specification:

The functional specification describes what the system will do, as opposed to how it will be
done. This distinction is important, because:

 the client may not be interested in the details of how a function is implemented, and the
technical details may simply cause confusion for the client
 the implementation details may need to change during the design and development of the
project
 you don’t want to have to negotiate changes to the functional specification just to change
details of implementation
 the technical specification for large projects will be detailed in a separate document, and
you should not entangle one with the other.

The language of the functional specification should be clear, concise and (as far as possible) non-
technical. It is very important to attend to details in the functional specification. One misplaced
word may commit a vendor company to develop extra functionality that was never intended, and
damage the profitability of the project.

Fixed requirements
Some requirements are fixed, and not derived from the ideal functionality that the product or
system should possess. These are often in the form of constraints set by the client. For example:

 A client may require a particular look-and-feel to their website.

 The client may require your system to interface to their existing systems in a particular
way.

7
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

Use cases
A use case is a list of steps, typically defining interactions between a role and a system, to
achieve a goal. The actor can be a human or an external system.

A use case is a very useful tool to help you start to determine the required functionality of a
system. Use cases have quickly become a standard tool for capturing functional requirements.

A use case is a diagram showing how the proposed system will be used in one particular
scenario, by a particular user. Use cases allow the designer to focus on details, but keep the
design grounded in the basics of how the system will be used. A large system will have many use
cases.

Examples of functional requirements

Functional requirements describe the way in which the different components and functions in the
solution will interact. They will clarify how the solution is going to work and how users can use
it.
Next are some examples of the questions you might ask in order to determine the functional
requirements of an IT system.

8
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

User requirements
 How many users are expected to use the system?
 How many people will be utilising the solution at one time?
 Where the users will be located (eg overseas, interstate or at home)?
 What navigation model will it use?
 What is the range of the content?
 How much content will it include?
 How will the content be structured?

Technical requirements
 What types of computers/operating systems will the users operate?
 Are their desktops all the same?
 What bandwidth restrictions occur presently?
 What security (login) will they need?
 What backup policies need to be in place?
 Who will have administration rights?
 What will the business do if the system fails at any stage?
 Who is the project sponsor?
 What does management expect the system will do and won’t do?

Hardware requirements
 Compatibility: will the solution work with existing systems?
 Support for multimedia formats: will the existing systems and architecture support all
types of media?
 Will the new system be supported by existing resources within the company?
 Is there funding available for new hardware? (eg new servers)
 What is the backup strategy? Has this been costed?
 Does the system need to be copied?
 Will there be time delays to purchase and install hardware?
 Will you be relying on another group to set up the hardware? If they don’t consider your
project a priority, is that time delay factored into the delivery strategy?
 Are there other projects that you may be able to share hardware costs with?

9
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

 If the system needs to cater for multimedia, does there need to be extra attention paid to
being able to store and transmit large graphic, sound and video files?
 If you are a consultant or part time employee, will you be given permissions and rights to
install and support the system fully? (As some computer centres are secure).

Software requirements
 What is the true cost of the software?
 Are there licensing issues? (As the system is in development, should you pay for all the
licensing now, or when the system is in live mode?)
 Can the software be licensed for use by multiple users who use it on different machines?
(Concurrent licensing)
 How long has the software been on the market for?
 What happens if the software company becomes insolvent? Who supports it?
 Who owns the source code?
 What happens if the source code is modified; who supports the product then?
 Does the solution work with all other company software systems?
 If web-based, does the solution function on all common browsers?
 If security is a concern, can the software be delivered in a ‘locked down’ format?
 Does the software support all file formats? (This is especially important when working on
multimedia tasks.)
 Is the software easy to use or are there major training issues/costs?
Support materials
You will need to consider the content and design requirements of all support materials. Support
materials could include:

 system specifications
 user guides
 knowledge banks
 intranet/Internet help sites/CD-ROMs
 training manuals
 General user documentation and print-based help.

You will also need to consider workshops, seminars or briefings you may need to run in order to
support the software/hardware/system.

10
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

During the development of the scope document you will have determined the kinds of support
materials that you will need. You will probably also establish who will be responsible for the
production of those materials.

Handover training is another important and time-consuming task. If a developer (who is a

specialist in the area) works on a project for, say, six months, how long will it take to train a
support officer to support the system? One day? One week? One month?

In conclusion, the project manager will generally be responsible for coordinating the
development of the support materials in parallel with the development of the package.

Role definitions
One of the most important tasks a developer must do before moving into the design and
development phases is to clarify roles and responsibilities. If this has not been done it is virtually
impossible to cost a job, as you cannot allocate the funding for staff. As well, this can lead to
problems finishing a project on time.
For example, the main things to clarify (in terms of roles and responsibilities) may include:
 Who is responsible for the sign-off? (And if that person leaves the company, who will do
it then?)
 Should the roles be described as position titles rather than individuals’ names?
 Who approves purchases (eg software)?
 Who will support the project after the development team has gone?
 Who will collect and collate the content?
 Who will check the legality of the content?
 Who has responsibility for organising the workspace for the development team?
 Who will approve the security systems of the multimedia product?
 Who takes final responsibility for the project?

Budget issues
Funding is a tricky area. Sometimes the ‘real’ budget is not disclosed. Sometimes this is done for
valid reasons, sometimes not. It is common knowledge that some clients are reluctant to reveal
their budget as vendors will bid up to available funds. As well, some parts of the IT industry are
still somewhat immature, so it is often difficult to cost a job.
There are many variables. One job could take 2-3 weeks to install and set-up. Once all the bugs
are identified, the task might only take a matter of hours to repeat. Implementing complex IT
projects is not an exact science!
Due to this situation, it’s always worthwhile to seek additional funds. Many large and small
organisations do not appreciate being asked to fund extra amounts after a project has
11
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

commenced. It is often wiser to be honest and seek additional funds when completing the initial
project approval.
Another important point is that the client must understand what it is they are paying for. Be
mindful that it is easy to confuse clients with technology terms and acronyms. Ensure the
contract outlines what the deliverables are in plain English. It is also helpful for the client if you
include a breakdown list, as an attachment, that quantifies all the major deliverables.
Finally, remember that if you do not win the contract, you have devoted time to the bid and this
has cost your company money. So ensure this potential loss is a consideration in your overall
business plan!

Progress
Have a look at the next section—Practise. If you have trouble, review this Reading or perhaps
take a look at some of the listed Resources.
When you feel ready, try the Self check section at the end of this topic. This will help you decide
if you are now able to complete the task and attempt assessment.

12
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

Unit 2
INSTALL AND CONFIGURE INTERNET INFRASTRUCTURE

13
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

Network hardware: A great variety of networking devices exist—many

more than can possibly be covered here. Local requirements dictate the types of networks be

formed using these devices. This reading will focus on the most common range of network

devices and the main standard that supports them, Ethernet.

14
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

Ethernet: Most network devices commonly-used are based upon the Ethernet

protocol. Ethernet speeds have been slowly increasing over the last decade, from 10 megabits per

second (10 Mbps, 10 million bps) up to discussions of 10 gigabits per second (10 Gbps, 10 x 1000

Mbps) and beyond. Currently, most computer networks work very well with the 100 Mbps range of

products, but as data transfers within a local rea network increase, the higher bandwidth and capacity of

faster networks may be needed. Often the limiting factor is not the network speed but other bottlenecks

(limits) in the overall system, such as processing speed and hard drive access times. Ethernet uses the

concept of CSMA/CD (carrier sense multiple access with collision detection). Carrier sense means that

devices on the network listen first for no network activity on the network. No activity indicates that no

other device is sending information, since they all use a common medium to transfer data (multiple

access). But since just as in a momentarily quiet room two or more people may start to speak at the

same time, the collision detection mechanism is a method of dealing with this. Wireless
Ethernet: devices (based on the IEEE 802.11 standards) have recently become more

available. These include connection devices such as wireless access points (AP) and individual

peripherals, such as printers. Wireless networking devices connect the network by radio waves. Similar

concepts to the wired Ethernet are used to ensure that transmissions don’t conflict (collisions) and are

regulated in some way.

15
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

Open systems interconnect–reference model

(OSI-RM): The open systems interconnect—reference model forms the basis of
networking communications and is maintained by the International Standards Organization (ISO). It is

a model to aid in the development of communications standards, not a standard itself. The different

layers define functions that should be considered and implemented at each level. When a device

operates at a particular layer it means that the device components make informed decisions based on

information from that layer of the model. For example, a switch makes decisions at layer 2, data link

layer, based on the media access control (MAC) address of the destination network card. The MAC is a

sub-layer of the data link layer. (Of course, all devices need access to the layers below so that they can

physically connect together.)

Table 1: OSI reference model layers and basic functions

Layer Basic functions

7 – Application Interface to user Programs

6 – Presentation Data compression, encryption
5 – Session Authentication
4 – Transport Logical connection of data stream
3 – Network Moving of data packets through connected networks
2 – Data Link Co-ordination of access to the medium
1 – Physical Physical signalling on the medium

Network devices
Some of the more general types of network devices available are listed in Table 1 on the next
page.

16
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

Table 2: Examples of network devices available

Device Description

Network Often referred to as network interface cards (NICs), they may be installed in a computer or peripheral
cards device and interact with the network medium, including both wired and wireless networks.

Switches Often switches are used interchangeably with hubs, but they have slightly different characteristics. The
differences will not usually show up as a performance increase until used in a larger network with
multiple servers. A switch is a better performing device and is only slightly more expensive than a hub.
Switches operate at layer 2 (data link layer) of the open systems interconnect—reference model and
can make a decision on the destination of a data packet that they receive. In this way, a switch may
send data out to a port based on the destination media access control (MAC) address that is included in
every frame. In fact, simultaneous data transfer between computers is possible, which increases overall
network capacity.

Hubs A hub creates the basic framework for most local area networks used in business and home
environments. They connect the servers, workstations and other network devices together.
Hubs are also called multi-port repeaters. Hubs work at the OSI open systems interconnect—reference
model Physical (layer 1).
Routers Routers are used to interconnect two or more LANs. The LANs may communicate through the router
or the router may act as a gateway to connect to the Internet.
Routers operate at Layer 3 (Network layer) of the open systems interconnect—reference model and
make decisions based on the network addresses which are included in the data packet. In most
networks, the network address will be based on IP addresses but may also include IPX address
information to work with Novell Netware networks.
Access These devices act as a hub in a wireless network and as a connection between the wired and wireless
points network segments in a combined network. In some configurations, the access point will act as a switch
and/or router and prevent unnecessary data packets from travelling between the wired and wireless
sections of the network. In other configurations, two or more access points may only act as a repeater
(or relay) and connect segments of a wired LAN, perhaps between buildings or across roads where
wired access would be difficult or expensive to connect.
Broadband These devices connect between a LAN (or single computer) and a permanent broadband Internet
modem/ connection such as ADSL or Cable. Modem versions tend to have USB connections that must connect
routers directly to a computer. Router versions have an RJ-45 LAN connection and/or a wireless antenna that
may connect to a computer or hub to share Internet access between many computers.

Printers Many printers are available to connect directly to an Ethernet network. These include printer with an
inbuilt NIC. Examples are of network-ready printers are: Brother HL-5170DN, Canon IP4000R and
Hewlett Packard DJ6840.
Scanners Some scanners are network-ready and provide access from the network. Many of these are included in
Multi-Function Centres with printer, copying and fax capabilities as well. Examples are: Brother MFC-
620CN, Canon NSA-01 and Hewlett Packard Photosmart 2710.
Storage These devices offer additional file storage capabilities to a network. They act as a file server and the
storage can be controlled over the network. Examples of Network Attached Storage devices are: D-
Link DSM-624H, Iomega NAS 100d/160G and Linksys EFG250

17
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

Installation procedures: Internal hardware: Many

main system boards come with a network adapter built-in; opening the system unit of a computer

workstation in order to add networking hardware is rarely necessary. You may otherwise need to add a

network card to a system when:

 none is built-in to the main system board

 replacing or overriding a failed built-in network card
 an additional network card is needed for routing purposes
 upgrading the network card for one with faster processing.
Regardless of the reasons for installing an internal network card, typical precautions must be
taken. Remember that if the computer is a server of files, printer or other resources on the
network then many people are potentially affected by the outage.
Typical steps to follow when installing a network card, explained in detail to follow, are to:
 inform users who will be affected
 isolate the system unit by disconnecting the power supply and exterior cables
 open the case and take anti-static precautions
 identify the location to install card and possibly remove old card
 follow manufacturer’s directions
 replace case and cables
 reconnect the power
 install the software drivers, following manufacturer’s instructions.

18
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

Install configure and test servers and

software: Before you start an installation

Before you begin installing server hardware or software you need a plan. Some installations have
evolved into a simple task, based on user-friendly menus—they may not require any real
technical knowledge; but what about the existing IT and network environment? It may be very
tempting to get in and start installing without an approved plan because you think you’ll save
time. Yet an installation can interfere with or even stop other network hardware, services or
applications from working, and your working without a plan is tantamount to working blind.
Installation plans and the schedules ensure that disruptions to business operations are kept to a
minimum and that issues of installation requirements, interoperability and compatibility are all
addressed.
Before commencing installation of server hardware or software you should:
 Review the user requirements
 Review the installation plan
 Review and confirm the existing IT environment
 Confirm the availability of required resources and materials
 Review technical tasks (for installation and configuration)
 Review the testing tasks
 Review deployment task
 Confirm scheduling and communications
 Review all contingency plans.
All these items are considered in detail to follow.

Review user requirements

The user requirements (also known as user or client specifications) state what an organisation,
person or user requires from the installation; they define what the outcomes of an installation
will be, in functional terms. For example, a user requirement may be:
The organisation needs a method of sharing data and information between all staff using
organisation-owned infrastructure.

19
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

The solution may be to install a central file server and user workstations. The developed
installation plan would be based on this.
Reviewing user requirements allows you to see what is expected as an outcome, and this is the
measure by which the success of the installation will then be judged. There is no point in
following an installation plan, only to find that client requirements are not delivered. You must
have a clear understanding of user requirements to properly review the objectives of the
installation plan and the tasks defined within it.

Reviewing the installation plan

A well developed installation plan will include detailed tasks that cover installation,
configuration and testing.
As an IT professional you may be contracted to implement only certain tasks within an
installation plan developed by others. In this case, reviewing the plan will help you understand
your role and responsibilities and the roles and responsibilities of others involved, as well as the
task sequence in which your activity occurs.
For example, if you are contracted to undertake the ‘install server’ task in a network installation
plan for a large firm, you would need to know that beginning your task is dependent on activities
to install network switches and cabling having been completed.
In some cases your activity, as described in the plan, may need to be developed. There may be no
specific details given on how to ‘install server’—so you would need to develop an installation
plan for your task that fits into the overall installation plan.

Review and confirm the existing IT environment

The affect of the proposed installation on the existing IT environment must be considered and
documented. Issues to investigate include the system and installation requirements for the
proposed software and hardware, and interoperability and compatibility between existing and
proposed software and hardware.
Tasks in the plan should address changes to the existing IT environment, and include specific
installation and configuration details for all software and hardware, existing and proposed.
It is also important to confirm that details in the plan of the existing IT environment are in fact
correct. This is especially important if you did not develop the plan, or if some time has elapsed
since the plan was developed. If you simply assume all is as documented, and it isn’t, you may
run into installation problems or severely disrupt business operations.
This part of a review may involve visual inspections of the network and devices, alongside
checks of current configurations and settings. A wide range of tools come with operating systems
or are available from third-party vendors to help with this. Knowing how network devices and
software connect and interact will also help ensure installation and configuration tasks are
appropriately defined and implemented.

20
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

Confirm resources and material

Resources and materials needed should be set out in the installation plan, along with names and
details of those responsible for organising or providing resources.
You should confirm that all resources are available when required. For example, you may need
to install 50 XP workstations that will connect to a new server. The installation requires you and
four technical support staff to be on site to install the computers. You should therefore confirm
that the support people are in fact available to perform this task before you start, since fewer
hands will cause delays. Once again, you cannot simply assume availability, just because it is set
out in the installation plan.

Review tasks
Tasks define what you are required to do and how to do it. You will need to draw upon your IT
knowledge and skills to review individual tasks and confirm they are technically correct and
properly sequenced. Generally, the order of tasks for an installation will be as set out in Table 1.

Table 1: The general order of installation tasks

Tasks Hardware Software

Installation Physically installing the hardware Loading the application or

and powering it up program on the appropriate
device
Configuration Setting how the hardware will Setting how the software
operate, such as what services a will operate (user access,
server will provide (file and print, database locations,
network services and so on) connection, etc)
Testing Activity carried out to ensure that the installed and configured
hardware or software operates as expected
Deployment Activity undertaken to make the installed hardware and/or software
available for use within the production environment.

You need to review tasks to ensure that they are ordered correctly and that you are aware of any
dependencies between tasks. For example you may need to perform a data backup before starting
a configuration task.
You should also confirm that tasks are technically accurate. You may want to research and
practice tasks that are new to you. For example, if you have no experience of installing an
additional hard disk in a Linux server, you might obtain vendor instructions to install and
configure the disk and perform the task on a test computer, away from the client’s IT
environment.
By reviewing the tasks in an installation plan you make yourself familiar with what you need to
do, before you do it. You will be able to undertake the tasks with confidence and without
wondering what comes next.

21
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

Scheduling and communication

A part of knowing what to do and when to do it is the need to confirm the start and end date and
duration of tasks and activities (the schedule). You also need to confirm schedules to confirm
resource availability.
Scheduling is usually approved by organisational management, an appropriately authorised
person or end user groups, and broadly overseeing it can be the responsibility of a project
manager.
All parties involved in an installation need to be informed of the schedule and of any impact on
normal business operations must be clearly communicated. For example, the users of a corporate
database may require five working days notice before any work on the database can start.
Some of the most fundamental parts of communication can sometimes be overlooked—always
confirm your installation plan, and the schedule for it, are approved before you begin.

Reviewing contingency plans

Contingency plans help reduce the impact of a failed installation on business operations. You
need to be well aware of any contingency tasks or plans prior to starting an installation. If
something goes wrong you need to know what to do and how to recover. You may need to test
your contingency plan prior to commencing an installation.
Contingencies may include data backups before commencing installation, backup or duplicate
hardware or systems, pilot testing, and carrying out work after hours.

Server software considerations

Server software refers to both the server operating system and any additional application
software running on the server. The server operating system must be installed prior to any
application software. Once again an installation plan should address these tasks.

Operating system installation

The server operating system is the software that will operate the server hardware to provide
network and services to users. The various methods of installing operating system software on to
server hardware depend on the software being used. Generally, methods used are:
 Local manual installation
 Local automated (or scripted) installation
 Remote installation
 Image installation.

22
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

Local manual installation

Local manual installation requires using installation media such as CDs, DVDs or a central
network repository that stores the installation files. The software is installed by physically
accessing the server hardware to run the operating system installation. Generally, you follow the
installation prompts and instructions using the local keyboard mouse and monitor.

Local automated (or scripted) installation

Local automated (or scripted) installation involves manipulating the installation process so that it
becomes a simple process of either running a single command, or clicking an install button. This
requires knowledge of the operating system and is usually done by using batch files or script
programs to set installation options that usually require user interaction or selection. If you have
multiple servers to install, this will ensure consistency and identical installations. The person
installing on-site does not require in-depth knowledge of operating systems to perform the
installation.

Remote installation
Remote installation is when the operating system software is installed by remote access from
another computer on the network. This also means that your server hardware does not require a
local keyboard, mouse and monitor and you do not need to physically attend to perform the
installation. The Mac OSX Server – Remote Installation option is an example of this. (For
applications software: using either the server operating system features or third-party remote
control software, the server is accessed from a remote location and the application or other
software installed, again without physically visiting the server. This method may also use
application packaging and delivery technology.)

Image installation
Image installation uses hard disk imaging to install the operating system on to the server
hardware. It may be performed locally or remotely and ensures consistent and identical
installations. Installation by disk imaging is much quicker than other methods. However, the
initial image creation may be time-consuming as a manual installation on server hardware is
usually required to create the initial disk image for installation on other servers.
Once the server operating system is installed it must be configured.

Application software installation

Application or other software is installed on the server only after the server operating system is
configured and tested. Other software and can be installed by manual, automated and remote
installation (as described above). :
Configuring server hardware and software
Configuring server hardware and software means setting up the way the hardware and software
operates to suit the IT environment and organisational or user requirements.
Generally, server hardware is configured before the server operating system is installed, or
afterwards if hardware components in an operating server are being changed or added. Software
23
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

may be configured when installed, as part of the installation process, or afterwards, if a default
installation has been performed.
Some specific considerations for configuring server hardware and software configuration follow.

Server hardware configuration

Server hardware configurations will depend on what components make up the server.
Configurations you may need to consider include those for:
 Storage
 Boot sequences
 Specific devices
 Redundant components.

Storage
Options like the hardware redundant array of independent disks (RAID), the system which uses
multiple hard drives to share or replicate data among the drives, are configured independently of
operating systems. You may need to configure RAID options and logical volumes. You may be
using remote storage with special adapter cards that may need configuration.

Boot sequences
A boot sequence is the set of operations the computer performs when it is switched on which
load an operating system. Usually you have the option to select boot orders such as network, CD,
which hard disk and so forth. The Intel WFM (Wired for Management) options may need to be
set.

Specific device configurations

Things like the addresses for small computer system interface (SCSI), which is a standard
interface and command set for transferring data between devices on both internal and external
computer buses, may need to be set on old SCSI devices. Generally bus, port, interrupt request
(IRQ) and other settings are usually automatically determined for you with current server
hardware. There may be external devices (for example tape drives) that require hardware
configuring to connect to the main server hardware.

Redundant components
Hardware such as that for standby power supplies or network adaptors may need configuration.
You may need to consult the hardware manufacturer or vendor for information and configuration
instructions.

24
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

Server software configuration

Configurations for server software depend on the purpose or function of the server. Generally, a
server may be configured for one or more of the following roles:
 An application server which runs specific software applications for end users, such as a
server that runs a central Oracle Database that is accessed by users across an
organisation.
 A storage server which provides a central storage place for data that can be accessed by
computer users around a network.
 A network services server which provides specific services, such as print, user
authentication and authorisations, dynamic host configuration protocol (DHCP), and
domain name system (DNS) are some examples of the services that can be provided.
Configuration for each of the above roles will be different and will depend on the client’s IT
environment.

Server items to be configured

Generally the following items will need to be configured on a server:
 Network setting, which includes network protocol to be used, network addressing, server
name and network adaptor settings.
 Services, which include enabling and configuring specific services to run on the server,
such as setting the server to run dynamic host configuration protocol (DHCP), and
domain name system (DNS) services for an organisation.
 Authentication, which involves setting how users of the server will be identified. This
may involve setting up local user accounts with passwords on the server or setting the
server to authenticate users via some other mechanism.
 Authorisation, which is setting up which authenticated users are permitted to access and
use the server, such as allocating user permission to access data storage or server
applications or programs.
 Environment setting and policies, which are settings for the server to operate as
required or settings dictated by organisational policy. Having data backup schedules for
the server is an example of environment setting. Policy settings are used to enforce
organisational policies and may include disabling certain functions or enforcing a
particular setting on end user computers, such as stopping a non-administrative user from
login on the server console, or forcing users to change their password after 30 days.
All server operating systems have the above configuration options, while the processes to set
them will vary. Generally, configurations will be carried out using a graphical user interface
(GUI) configuration program that is provided as part of the server operating system.
Testing server hardware and software

25
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

Once a server has been installed and configured you need to ensure it will operate as expected
and will meet client requirements. Basic hardware testing should have been done on installation.
You now need to test the combination of server hardware and server software before the server is
made available for use.

The test environment

To avoid disruption it is best to install and configure a server in an environment not connected to
the production network, and which is, ideally, a replica of the working environment. A replica
test environment allows testing of system integration and compatibility with existing systems.
Unfortunately, fully replicated test environments are not often available, in which case the new
server must be first tested in isolation and then completely tested in the production environment
in a manner that causes the least disruption. It is important that your installation plan addresses
the issue of testing, taking into account the existing client IT environment.

The testing process

With the server is in place, the following tests can be conducted in order.
1 System test—which checks the technical operation of the server and includes network
communications, operating services and schedules, system performance (disk I/O, memory,
CPU) application and program availability, authentication and authorisation, manual
procedures, backup and recovery procedures. The entire system needs to be tested. Test
strategies that work the system to its capacity are used. These strategies must ensure that all
problems that the server may have, are found before it is placed into production.
2 Integration test, to check that the server works with all applications, systems, servers and
network resources in the client’s IT environment.
3 User acceptance test, which is a functional test performed by the users to ensure that the
new system works and functions as expected and that it satisfies their needs. User
acceptance testing involves the clients using the operating system and performing normal
work activities for a period of time, to see if any problems occur. They also determine if
performance requirements, as defined in the user requirement statements, are met.
Performance requirements must be subjected to a specific set of tests that will decide if the
server and software are acceptable. If the server passes all of these tests, it is considered to
be acceptable by the users.

The test plan

A plan for the above tests should be a part of the installation plan, with a time line, a list of
resources required and the roles and responsibilities of those involved set out. The test plan
should:

26
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

 list the function or service to be tested, and within each function or service, list items to
be tested in sequence
 list the procedure to test each item and the expected results of the test procedure
 provide for documenting actual test results with comments (as shown in the example in
Table 3).

Table 3: Simple test plan extract, as an example

Function Item Procedure Expected result Actual result Comment

Printing Install network On client computer Network Printer

printer from login as user1. installed on local
server on to Select Start computer with test
Windows XP select Printers and Faxes page successfully
client computer select add printer printed.
browse to \\server\ptr-1
install printer
print test page
Printing Application On client computer Selected document
printing using login as user2. printed
server print Access local MS Word
services application on client
computer.
print a document to
\\server\prt-1

It is important that you know what the expected results of a test should be. If the actual results do
not match those expected, the test for the selected function and item has failed. This failure is
known as a defect or deficiency that will need to be rectified. Defects or deficiencies can be rated
in terms of severity or importance and this can help you create a priority list of defects to rectify.
Once you have rectified a deficiency or defect you need to redo the failed test to confirm the test
is passed.

After testing
A new server should be free of defects or deficiencies before it is put into production. Results of
the testing process should be documented, and documentation then reviewed and analysed to
confirm that all required testing is complete and that all defects and deficiencies are resolved.
In some cases that documentation (along with other information) may need to be presented to
confirm the results of the user acceptance tests, so to authorise the next step of deployment or
placing the server into production. Clients can also decide to deploy or implement the server with
minor defects or deficiencies, if that a plan exists to rectify them, especially if there is a need to
implement the server quickly.:
Deployment and implementation

27
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

Deploying of implementing the server means making it available for use in a working
environment. How you deploy the new server will depend on the existing IT environment and
whether the server is a completely new installation or a replacement or addition for an existing
server. You may need to test your deployment methods in conjunction with your server testing.
To follow are some considerations for deployment. The method you use may affect how you
undertake server testing prior to deployment.

New servers
Deploying new servers is generally a simple process because you are implementing all new
services. The server is usually connected to the production network and existing client computers
connect and use the new server, depending on its configured role.
There may be a need to install client software or reconfigure client computers to enable use of
the new server. This type of activity should have been included in the installation plan and
testing of client software and client connections would be done before deployment.
For example, if you deploy a new dynamic host configuration protocol (DHCP) server in a
network where client computers have static Internet protocol (IP) addresses, you need to
reconfigure client computers to dynamic IP addressing. You could use the following options:
 connect the new server to the production network, then
 visit each client computer to manually reconfigure or
 employ remote access technology (like Altiris, RDP) to reconfigure each computer, or
 create an executable configuration file that is sent to the computer and the user executes.
In the above example, connecting the server to the network was the easy part of the deployment.

Replacement or upgraded servers

Replacing servers requires some careful planning to ensure minimal disruption to existing
services. The following strategies can be used:
 parallel implementation
 abrupt implementation
 phased implementation
 pilot implementation.

Parallel implementation
Parallel implementation takes place where the old server and software run alongside the new
server and software. This is done for a period of time to ensure any problems not detected in the
prior testing phase are resolved. The old server and software are then terminated either abruptly
or phased out.

28
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

This method allows the organisation to keep functioning as normal, and it also allows much more
time for the users to become familiar with the new software. The disadvantage is that it is costly
and time consuming for the users to run both operating systems and applications simultaneously.
(To counter that disadvantage, a small group or section may pilot the proposed changes, as
below.)

Abrupt implementation
Abrupt implementation is when the old server and software are completely removed and the new
server and software put in place immediately. It requires no transition costs and is very fast, yet
there is the risk of costly data loss if the new system fails, or if existing data is not correctly
transferred to the new server. Operations can be seriously disrupted if this happens, or if the
users have not been adequately trained (with abrupt implementation users are under a lot of
pressure to learn the system before the change over).

Phased implementation
Phased implementation is used with larger applications that can be broken down and installed
separately at different times. An example of a phased implementation could be a server
providing an accounting application, with the accounts receivable, accounts payable, general
ledger and payroll modules all installed separately in phases with the new operating system. If
something does not work it may be only the (general ledger) that has problems or, since the
(general ledger) has just been installed, it can be quickly identified as the cause of other
problems.

Pilot implementation
Pilot implementation is where the new server and software are installed and used by one
department in the organisation, to be tested. Once this pilot site is working as expected, other
departments convert, using one of the above mentioned deployment methods.
It is wise to have a phased implementation process. This may include the following steps:
 Backing up important data in case there is a problem during installation
 Selecting a sample area to use the new server and software first. Document any problems
and considerations that arise from this ‘pilot site’.
 Break up the installation into smaller, more manageable units.
 Plan the installation timetable to cover different sections.
 Alert staff to the planned installation and training.
Regardless of implementation method, deployment should be addressed in the installation plan
and not run as an ad hoc process at the end of an installation.

Post installation review

Once the installation of the server is complete there remains one more task—reviewing the
installation process to ensure the client requirements are met. This requires a review of the
completed installation, by reflecting on the installation plan and its execution, discussing any
29
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

issues arising from the installation, and confirming that the installation delivered the user
requirements. It is at this point that the installation may be signed-off as completed.:

30
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

Develop an advanced Software installation

plan: The planning process

Planning is the first step and foundation of any project. Planning requires thinking about what
you need to achieve. Having clear goals or outcomes is a starting point to knowing exactly what
must be done. You can then decide a sequence of activities to meet those goals, and assign
resources and timelines to each task and to the project as a whole.
Planning is the key to a successful installation. Installing a new file server, upgrading old
network hubs, or installing software on a network, all need an installation plan. While the details
and activities are different in each case, the steps in developing a plan are the same.
Smart installation plans, most importantly, help avoid disrupting business. Without good
planning you may need to reinstall components due to missing information or have unforseen
compatibly issues. While formulating a plan may take time, it will also save you time, not to
mention money, reputation, goodwill and even lost sleep, in the long run.

What does an installation plan contain?

Documenting the installation plan, in simple format or as a spreadsheet or produced by project
management software (depending on the complexity and scale of the installation), is the means
by which the plan can be approved and authorised. The plan also serves as reference for
everyone involved, including users who will be affected.
An installation plan should address:
 The objective, goal or desired outcomes.
 Tasks and dependencies.
 Time and duration of tasks or activity (timelines).
 Roles and responsibilities.
 Required resources.
 Contingency plans or tasks.
To have a plan with all these elements you need information about installation requirements and
technical information about each task. The elements of the plan overlap (for instance assigning
responsibilities will go hand in hand with working out the schedule and sequence of tasks). The
various parts of a plan are discussed in detail below.

31
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

Defining the objective

Interpreting client requirements
The objective for an IT installation comes from the client. Often this will be stated in terms of
their business needs and it is your job to determine the technology required. In other cases, the
client might provide more specific documents to outline their installation needs.
An example of a client requirement expressed in business needs may be: ‘The organisation needs
a method of sharing data and information between all staff using organisation-owned
computers.’ The solution to which might be a central file server.

Understanding the existing IT environment

To make any recommendation so to meet the client’s requirements you need to first understand
the business, its processes and what makes up the existing IT environment; computers, servers,
network switches and infrastructure, software and programs. You need to also understand how it
all connects and functions together (known as interoperability).
For the file server above, for instance, you may need to ensure network switches are compatible
with existing switches. You will also need to know where the file server can be installed, and if
current equipment can be used. Knowing the existing environment will also help determine
staffing needs, and if specialist help is needed (such as to install new cabling).
An organisation’s IT security policy may also have set steps to ensure data stored is secure and
backed-up at all times and you’ll need to take account of this in making sure that any installation
protects the access to and validity of data. Any future need to increase or decrease the capacity of
the installed system will also affect requirements, as will a broad range of possible
circumstances, including the physical environment (and physical security of equipment and
cabling).
Once the objective is defined from client requirements, it must be expressed in a clear statement
of precisely what is to be achieved. For example: ‘Install a File Server’ is an objective, but too
general—it does not fully state the outcome. A better example would be: ‘Install a File Server to
provide 100 users file storage of 20 GB per user, along with print services’. The objective is
quantified and measurable and it will therefore be easy to judge that it is done successfully.

Tasks—breakdown of tasks and sequences

The nature of the tasks needed, depends on the objective, as defined above. Tasks to install
network software will be different from those to install a file server, for instance. You will need
to use your knowledge of computer systems to the actual tasks required.
Single tasks help break down the overall installation into smaller individual jobs. Beginning one
task may be dependent on another task being done—the associated tasks or conditions are called
‘dependencies’. A configuring task, for instance could not start until the installation task is

32
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

completed. Usually tasks are carried out in sequence (one after the other in a set order), but in
some circumstances may need to be performed concurrently (more than one task at a time).

Task sequences
Generally, the sequence of tasks for an installation will be:
 Procurement of resources
 Installation
 Configuring
 Testing and evaluation
 Implementation into the production environment
 Contingency plans
 Post implementation review.
Tasks can be simplified or broken down into a number of sub tasks. For example the task
‘procure server equipment’ can be broken down into the clearly defined sub tasks of:
 Obtain quote from preferred supplier for a HP Compaq DL360 Server (duration one day).
 Submit quote to Finance department for approval and the raising of a purchase order
(duration four days).
 Send purchase order to supplier with delivery instructions (duration four weeks for
delivery).
 Accept delivery of server, check contents of package for correct items and advise finance
department that purchase order has been filled (duration two hours).
Each sub task clearly states what is to be done and the time to complete it. This time will be an
estimate based on your experience or based on tasks in similar installation projects.

33
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

Notes on installing network software

All software applications have minimum system requirements for the server or PC processor,
amount of RAM, and available hard disk space. Network software will also have requirements
related to bandwidth, protocol and the network file system. You need to verify these are met
prior to installation.
You need also to ensure the organisation has licenses for software to be installed, and that all
terms and conditions of the license are adhered to, such as the number of clients that can use the
software. You should record any serial numbers or product keys required during the installation.

Installation methods
Knowing the various methods used to install network software will help you develop the
required tasks in the installation plan. The method used will depend on the existing network
environment and resources, including the budget.

Manual and automated installation

Manual installation requires CDs, DVDs or a central network repository to store installation
files. Software is installed by IT staff or by users themselves running the installation program on
their computer. While this suits small, single-site networks, it will not suit large networks
because of security issues, the time needed in each case, the staff required, disruption to users,
lack of control and potential configuration inconsistency.
Automated installation requires manipulating the installation process so that it becomes a simple
process of either running a single command or clicking an install button. It is done by using
batch files or script programs to set installation options that would otherwise need user
interaction or selection. While more efficient, it requires installation scripts. Although simpler,
because users and installation staff need not interact with the install process, the script may need
to be manually executed at the computer to start it.

Remote deployment
The term ‘deployment’ refers to the distribution of software to end users. Remote deployment
usually involves ‘packaging’ the software. The software is first manually installed on a test
computer and configured as required. The resulting changes (new files, folders, changed files and
registry entries) made by the installation and configuration of the software are recorded and
become the packaged software. This package can then be delivered and written to other
computers on the network.
Other remote deployment methods use hard disk imaging to create disk images of a computer
with the installed software. This disk image may be deployed to other computers creating a
standard environment and reducing the time required to install software.
34
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

In these ways, networked computers can have software delivered, installed and remotely
configured (if needs be) from a central location without user intervention or technical staff
visiting target computers.
Remote deployment and management can be a part of a network operating system, for example
Microsoft Remote Installation Server (RIS) and System Management Server (SMS). Third party
software such as ZenWorks (for windows and Linux), Alteris and Symantec Ghost provide
remote desktop management, imaging and software deployment.

Terminal server installation

Terminal server installation involves installing and configuring the software on a special server
known as a terminal server. The software thus installed is then available to networked computers
and appears to run as if locally installed, though it is running on the terminal server and is
presented to the user’s computer via a terminal session. The user’s computer may need to have
terminal services client software installed or in some cases users can access the terminal server
via a web connection.
With this method, software can be accessed by hardware below the normal software requirement
specifications, but it requires a dedicated server powerful enough to run the software in a
terminal service environment. The number of concurrent connections to the server may also be
limited and license costs expensive. Terminal services may be available as part of the network
operating system or as a third-party product, such Citrix or Tarantella.
You need to test new software prior to organisation-wide installation. Your installation plan
should include testing in a test environment to ensure user requirements are met. Functional
testing will confirm the software will perform as expected. The installation plan should also
include testing of deployment methods to ensure the software will be installed across the network
as expected.
Always back-up existing network software installations prior to implementing upgrades and test
that you can restore the backup. Prior testing of the upgrade software in a test environment and
backup of current software should form part of your installation plan tasks and contingencies.

35
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

Install and test network software: Before you start

the Install

Installing network software should hold no surprises or unexpected consequences. Planning is

the most important part of installing network software. In this process, software prerequisites,
system requirements, compatibility, installation requirements and configuration should have
been looked at and tested to see how these fit into the existing network environment. The
planning process should include the planning for software testing and evaluation.
Following this, if the software appears appropriate for the organisation, an installation plan
should have been develop. This plan addresses how the software would be installed in the
network. It would also cover configuration and testing.
In all cases there is no substitute for reading the product manuals to find out what you need to do.
This should have been done in the planning process to develop the installation process

The installation
Once the planning is complete, the actual task of installation can be very boring. You often just
load the CD-ROM, answer a few questions and off it goes. The supplier may try to make the
activity a bit more interesting by showing you a progress bar or by giving you screens of
advertisements that tell you all the great features of the product.
However, there are a few issues that are important and will impact on the planning and
implementation of the installation process. For the home user the installation process is normally
from a CD to a single computer. In a business environment there may be several decisions to be
made especially if the software being installed or upgraded is an operating system and there are
many users.
How software will be installed in a network will depend upon:
 Software installation requirements. Does the software need to be installed in a certain
way?
 Software configuration requirements. Is the software configured globally or are settings
required for each individual user or installation.
 Network environment, including the types of hardware, number of users, network
connections, bandwidth, and so on.
 Resources available for software installation. What people, skills, tools and budget are
available to install the software?
36
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

 Organisational requirements and constraints. Are there deadline dates to have the
software installed? Can any disruptions to business operations be allowed?

Manual installation methods

This method requires using installation media like CDs or a central network repository that stores
the software installation files. The software is installed by visiting each computer and running
the software installation program on that computer.
This may be done by IT technical staff visiting each computer or by the users. This process may
be suitable for small single site networks. There are disadvantages for large networks because of:
 security issues
 the amount of time per installation
 the number of people required for the installation
 disruption to users
 lack of control and configuration consistency during the installation.
 ongoing maintenance issues (may require more visits)

Automated installation methods

This process involves manipulating the installation process so that it becomes a simple process of
either running a single command or clicking an install button. This is usually done by using
batch files or script programs to set installation options that usually require user interaction or
selection.
This method is more efficient than manual installation but does require the development of
installation scripts. Although simpler because users and installation staff are not required to
interact with the install process, the script may need to be manually executed at the computer to
start the installation.

Remote deployment methods

The term ‘deployment’ refers to the distribution of software to the end users. Deployment is
often referred to as a ‘roll out’ which gives the impression of a mechanical production line. The
production line analogy becomes appropriate when you are installing the same software over
again and again.
This method usually involves ‘packaging’ the software. This means manually installing the
software on a test computer. This installed software is then manually configured as required.
Then the complete configuration (new files, folders, changed files, registry entries, etc) is re-

37
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

packaged for deployment. This package can then be delivered and unpacked into other
computers on the network that require the software to be installed.
This method may use hard disk imaging or cloning technologies to create disk images of a
computer with the installed software. This disk image may be deployed to other computers
creating a standard environment and reducing the time required to install software.
For remote deployment this method will employ remote control of other computers on the
network from a central location. This means that the computers connected to the network can
have the software delivered, installed and remotely configured if need be, without user
intervention or technical staff physically visiting the target computers.
Remote Deployment and management can be a part of a network operating system: for example
Microsoft Remote Installation Server (RIS) and System Management Server (SMS). Third party
software such as Novell ZenWorks (used for windows, Linux and Netware), Altris, Prism and
Norton Ghost provide remote desktop management, imaging and software deployment.

Terminal services methods

This method of software installation involves installing and configuring the software on a special
server known as a Terminal Server. The installed software on the server is then made available
for use by users at their networked computer. The software is not installed on the user’s
computer but appears to run as if it were locally installed. But in fact, the software is running on
the terminal server and is presented to the user’s computer via a terminal session. Note that the
software needs to be installed in only one location – the terminal server. For this to work the
user’s computer may need to have terminal services client software installed or in some cases
may simply access the terminal server via a web connection.
This type of software deployment overcomes problems of user’s hardware having to meet the
requirements of all software that is used. The user’s terminals can be relatively inexpensive, and
need not meet the hardware requirements (RAM, CPU speed, storage requirements) of the server
software applications.
Drawbacks of this scheme include:
 the need for a dedicated server powerful enough to run the required software in a terminal
service environment,
 Limitations in the number of concurrent connections to the server, and
 expensive license costs.
Terminal services may be available as part of the network operating system or as a third party
product like Citrix or Tarantella.

Software configuration
Often installing the software is only part of the set-up process. Once the software files have been
installed you may need to configure the software for your operating environment or to select
38
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

other options. The amount of configuration will vary and again you should refer to the manuals
that accompany the software.
Configuration options can include:
 Specifying other servers or other resources that the software needs to use. For example,
many web-based products will need to know the IP address or name of the server that's
running the Web service.
 If the software uses a DBMS then there may be scripts that have to be run to set up and
configure the database tables and to load initial data.
 Links to databases. Business intelligence products may need to be able to access data that
is stored in existing database tables. You will need to configure the servers and databases
so they can be used.
 User information may need to be configured so that appropriate access and security can
be set
 Network-based servers may need to be told about IP addresses, port numbers and
locations of other components or share names, especially if default settings have not been
used
 Other parameters such as time outs, or number of processes to start, location of files, and
so on.
When packaging software or using remote deployment, configurations are usually part of the
package. For terminal services, configurations are set at the terminal server. Other installation
methods may require configuration to be set at the installed computer.
In any case, the installation plan and process should address how software configuration will be
managed for the installation.

39
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

Testing the installed software

The software evaluation process and the installation planning process should have included a
process for testing the installed software. Software is usually evaluated before it is installed in a
working network. Testing in the evaluation process is essential to determine if the software
meets the organisational and business requirements. This type of testing may include estimating,
testing and reviewing things like:
 Disruption to business operations during installation
 Time, resources and budget required for complete installation
 Technical performance of installed software in a network environment
 Functional test as per requirement statement
 Security testing and backup
 Ongoing maintenance procedures
Evaluation testing is usually conducted by installing software on an isolated network that
replicates the production network as best as possible. This ensures that there is not possibility of
disrupting the working network. The installation of the software will test and confirm
installation requirements and what installation method works best. Technical testing is then
conducted looking at things like transaction speeds, response times, interoperability with existing
software and operating systems, impact on network bandwidth and so on. Functional testing is
also conducted. This looks at the software features, user interfaces, how the users actually use
the software and how it will fit into existing business processes.
Thorough testing will highlight software deficiencies. These deficiencies may be referred to the
software vendor who may be able to provide solutions or rectifications. Any solution or
rectification should be tested to confirm it does what it claims to do.
The results from evaluation testing are used to determine if the software meets the business
requirements. If it does a pilot or test installation should be undertaken.
A pilot or test installation is undertaken to ensure that the installation methods work as expected
(proof of concept) and that the installed software will work as expected in the production
network. A pilot installation involves selecting a small section of the working network where
you will install the software. This may be a couple of couple of computers for a small network
up to an entire department for a large organisation. This installation will test your installation
methods as planned in the working network.
Once the pilot installation is complete, testing using specific criteria should be conducted before
rolling out of the software for the rest of the organisation. The test criteria are based upon the
organisational requirements for the installation. The main criteria will be things like disruption
40
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

to the network during the installation, time required for installation, resources required for the
installation. The functional and technical tests results are compared to that expected and
determined by the evaluation testing.
Following the pilot installation testing and reviewing, any necessary changes should be made to
installation plan before moving forward with the software deployment on the entire network.
Once this is done software can be rolled out across the entire network. With the software
installed, final testing can occur. This is usually termed ‘acceptance testing’ and is performed by
both technical staff and the users of the software. The purpose of this testing is to ensure that the
installed software performs as expected by the user – that is, the user accepts the software
installation is complete with no problems.
Documentation
Documentation is the most import thing to be done following the installation of software on a
network. This makes our job as network and system administrators much easier and not so
taxing on the memory.
The documentation for the installation should contain:
 Software description including serial and licensing details and media storage location
along with any maintenance agreements or contracts.
 Inventory of install locations (number of computers and location)
 Detailed method for the installation including how the deployment package was created,
and how to perform the installation. Of course, the deployment packages used should be
kept in a secure location specified in these instructions.
 Software configuration details. This may include screen shots of configuration options.
 Change management history for changes in configuration or installation locations, or
methods.
 Detailed instructions for any required preventative or scheduled maintenance.
This documentation remains in the organisation and is used as a reference should there be a need
for any configuration changes or installation of the software on new or additional computers.

41
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

Summary

It’s tempting to just rush in and install software if we are short of time or under pressure to get
things done. However without a proper plan and knowledge of software installation methods,
installation may take longer and have adverse effects upon business operations.
The practical installation of network software involves an initial test or pilot installation with
testing and review of the process and outcomes. This will reduce potential problems with
network software roll out across an organisation.
Documenting the installation process is required to maintain the network software. This
becomes a reference for any future installation or configuration changes.

42
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

Unit three: Evaluate network security status

Network Security
What is network security? Before we can evaluate the status of network security we need to
understand what network security is.
Security refers to the measures taken to protect certain things or elements of information. There
are three main elements.

Confidentiality
This means keeping information secret and safe. It means controlling access to information so
that only the people with authorisation will access the information. No one else should have
access to the information.
With Network Security this means keeping all information stored in a network environment
confidential and safe. This means keeping unauthorised people off the network and preventing
them from browsing around and accessing thing they have no authority to access.

Integrity
This refers to the correctness of information. It means making sure that the information is kept as
it should be and not altered or changed by unauthorised people. It also means protecting the
information from changes or corruption by other things like system or program failures or
external events.
With Network Security this means keeping all information stored in a network environment as it
should be. Information includes user generated data, programs, computer services and processes
(email, DNS, etc). This means protecting information from unauthorised changes and deletion by
people, network devices or external influences.

Availability
This refers to the ability to access and use information. It means making sure that the information
can be accessed whenever it’s required. If information is not available it is useless.
With Network Security this means keeping all information stored in a network environment
ready and accessible to those who need it when they need it. Information includes user-generated
data, programs, computer services and processes (email, word processing application, etc).

43
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

Prepare Report
As mentioned, your risk assessment findings must be presented using clear documentation. The
report presented to management regarding the status of network security should include:
 Your summary of concerns and recommendation in plain English
 Summary of findings should include your main concerns, possible consequences and
current network security compliance with existing organisation policy and standards
 Recommendations need to include implementation costs, resources required, time
required, potential impact on continuing business or systems access.
 A risk summary table including impact and likelihood (weighted if required)
 Your methods of evaluation and investigation of network security status.
 Any other relevant supporting documentation.
As an IT professional, management will be relying on your skills and judgement in presenting a
clear picture of the current network security status. Key points to remember here is that
management want to know if the organisation is exposed to potential risk, what is really at risk
and how much it will cost in financial terms, time and material to mitigate the risk.
As IT professionals, some times we may not look at the big picture and think in technical terms.
What you present must be understood by non technical people so that they can make valid and
justifiable business decisions using your information.

44
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

Summary

There is a lot of hype about network security and with it comes the potential to spend big dollars
in securing a network. We now know how to assess and evaluate the status of network security
by identifying real and valid threats. Without vulnerabilities to the threat there is no risk to
network security.
We have learnt that there must be some form of access to the network for security breeches to
occur. Evaluating network security means looking at the individual components that make up the
network, investigating how they are accessed specifically looking for vulnerabilities in
confidentiality, integrity and availability. Third party security evaluation tools are a most useful
resource when used in conjunction with our other findings to formulate recommendations.
Most importantly, our findings need to be interpreted and presented in a meaningful way with
recommendations that are easily understood. Management make decisions on acceptable risk not
administrators.

45
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

Unit four: Manage user accounts

User Access
You’ve probably heard someone say that the most secure system is the one that has no users! It is
probably also one of the most useless systems. We do want our users to access the system; it’s
just that we want them to have the appropriate access.
The control of user access can take many forms and apply at several levels. Once a computer is
physically accessed, the user usually logs on to gain access to applications. These applications
will access data in files and folders.
We can simplify the process down to 3 things.
 Physical access
 Authentication
 Authorisation

Physical access
The first layer of management and security is the physical access to the computer. To prevent
unauthorised access, a company may make use of:
 locks on the front doors
 locks on each floor
 locks on offices, etc
 security guards
 cameras
 keys on computer systems.
Only those who have permission and keys will be able to access a computer in the company’s
premises. The Internet, however, presents issues concerning access to corporate information or
systems because physical restrictions cannot be imposed.

Authentication
Authentication is the process of verifying the identity of people who are attempting to access the
network or system. Typically, a user identifies themself to the system, then is required to provide

46
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

a second piece of information to prove their identity. This information is only known by the user
or can only be produced by the user.
The most common method used to authenticate users is the Username and Password method.
Using this method a user identifies itself with a username. They are then prompted for a
password. The combination of name and password are then compared by the system to its data
on configured users and if the combination matches the system’s data information the user is
granted access.
Other authentication methods include:
 Username with static passwords—the password stays the same untill changed by the user
at some time
 Usernames with dynamic passwords—the password is constantly changed by a password
generator synchronised with the user and system.
 Other challenge response systems—this may involve PINs, questions to the user
requiring various answers or actions
 Certificate Based—this requires the user to have an electronic certificate or token. This
may also need to be digitally signed by a trusted authority. Kerberos is an example.
 Physical devices—these include the use of smartcards and biometrics. Generally the
entire authentication process occurs on the local workstation, thus eliminating the need
for a special server.
Whatever method is used is determined by the organisational policy and security requirements.

Identity Management
In large organisations there may be thousands of users for a network. These users could be
employees, contractors, partners, vendors and customers. Being able to identify and manage each
of these users is most important because each user has different requirements and levels of
access.
This information is managed using either the Network Operating System, Directory Services or
specialised Identity Management Software. Essentially, all of these use a central repository or
database that contains all the user information and credentials. This presents a single location for
all applications and services to use when authenticating users as required.

Authorisation
Once a user has been authenticated (that is their identity validated) they are granted access to the
network or system. For the user to then access data or an application or execute some task or
command they need be authorised to do so. The authorisation process determines what the user
can do on the network. In other words it enforces the organisation policy as applicable to the
user.
The Network and System administrators are responsible for the technical configuration of
network operating systems, directory services and applications. Part of the configuration includes

47
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

security settings that authorise user access. The administrators use an organisational policy to
determine these settings.

User Account Configuration

Network and System Administrators are responsible for configuring user accounts. Network
operating systems and applications have many security options and setting relating to user
access. How does an administrator determine the configuration and setting for user accounts?
Organisation policies and procedures provide the guidelines for administrators.

User Account Settings

The organisation’s policies should make statements as to the degree of user control that is
required. Network procedures should contain details as to how these policies may be
implemented. For example, the policy may state that user passwords should not be less than six
characters. The procedures will then describe how the administrator should configure the
operating system to ensure that all passwords are at least six characters.
The administrator should review the policies to ensure that the procedures produce the desired
outcomes. The procedures should describe in detail how to make use of the operating system
facilities to configure user accounts in accordance with the security requirements.
The actual way you set these parameters will vary with each operating environment, however,
here are some basic parameters covered by most operating systems to consider when setting up
user account options:
 Password requirements—whether a password is required, minimum length, complexity,
needs to be changed at intervals, etc
 Account lock out settings—disabling accounts that have made a number of bad logon
attempts
 Access hours—the standard days and time that users will be permitted to access the
network
 Account expiry dates—date when account will be disabled
 Logon restrictions—accounts can only be used at specified locations or
workstations.
 Home directory information—a home directory is a folder that usually has the name of
the user and the user has full permissions over.
 Logon scripts—these perform specific tasks or run specific programs when the user logs
on

48
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

Configuring User Access

Once user account settings have been determined how do we know who should have accounts
and what access should be set?

Reflect: Configure user access

Before you read through the next section, think about who needs to be consulted in setting up
user access.

User Authorizations
Once again, organisational policy and procedures provide the necessary information for the
administrators. There should be procedures in place that inform the appropriate people that a
person requires a new user account or changes to an existing account or a deletion of accounts.
The notification procedure should cover circumstances such as new employees joining the
organisation, employees changing positions in the organisation and employees leaving the
organisation. These notifications must come from authorised people in the organisation
(managers, etc) as stated in the policy and procedures.
Notifications also need to specify what information, data, resources etc the account is permitted
to access. The request for access must be authorised by an appropriate person in the organisation
(usually department managers). The access permissions for users should be carefully planned
and determined in writing by appropriate people who have the authority to allocate the access.
Procedures should address:
 which managers can authorise a new user
 standards for user id and passwords
 groups that users can belong to and authority required for each group
 basic accesses that all users are allowed
 authorisation requirements to access sensitive data
 application accesses
 ability to install additional software
 email and Internet accesses
 special accesses that may be required.

User authorisation (access control)

Take a look on the net for examples or tutorials about Configuring user authorisation. You may
want to try Microsoft (www.microsoft.com) or Linux (www.linux.org). You could also search
for tutorials using Google (www.google.com) and searching for the phrase’ ’account creation
procedure’.

49
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

Use of Groups
The most common way of administering access permissions is to create groups and put user
accounts into appropriate groups. The group is then permitted or denied access as required.
Using groups is an efficient way of managing authorisation because you only need to set access
permission to a group and not individual accounts.
For example, a company may have thousands of users, but analysis of what those users want to
do may show that there are twenty or more different combinations of access permissions
required. By assigning users to groups and then allocating permissions to the group, the security
administration is greatly simplified.
Once we have users allocated to groups we can explore other levels of controlling access.
Allocating permissions to folders and files is a major security provision of network operating
systems and one that is important to set up correctly. Can we go lower and look at the content of
a specific file and restrict access there?
The restriction of file access is most applicable in controlling access to database files.
For example, imagine a Payroll system using a database in which the data is stored in tables.
These tables have columns and rows of data. Let us think about two groups of user, the payroll
department staff and the manager of a department. The payroll group are likely to be allowed full
access to all the data although in a very large organisation there may be segregation of access.
But what about a department manager? This person may be allowed to see salary details for the
staff that work in the department only.
In the table containing salary details there may be a row for every employee in the organisation.
This means that we only want to show this manager the rows that relate to the one department.
This would be secured with a filter that only displays staff in the department being examined.
Furthermore there may be information about an employee that even their manager may not be
able to see, such as medical or financial information. This information may be restricted by
controlling the columns returned in a report or query.
This type of security is really part of the application control rather than the network but it is still
an important part of the overall security of the system and needs to be addressed by the
organisational procedures.

Permissions and Rights

Permissions generally refer to file and directory access. The user account or group can be set
with the following type of permissions:
 No access at all to files and directories
 Read only.
 Modify where the contents of files and directories may be accesses but changed or added
to but not deleted
 Full Control or Supervisory where files and directories can be view modified and deleted.

50
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

Rights (or privileges) generally refer to the restriction on user accounts or group in performing
some task or activity. For example a user account or group may be assigned administrator or
supervisor rights meaning that the user can perform administration tasks like create, modify or
delete user accounts. Care must be taken with rights to ensure security is not compromised.

Managing User Accounts

Once user accounts are configured we still need to manage the accounts as required by
organisational policy. For example user accounts for contractors are active only for as long as the
contractor are physically on site. This means that accounts need to be enabled and disabled. This
activity should be addressed by procedures.
Note also that many networks on different OS’s allow’ ’guest’ and’ ’temporary’ accounts. These
are usually set up for either read-only or short-term access to people who would not normally
have access to the system. Great care must be taken in configuring or using these accounts firstly
because they can allow anonymous and uncontrolled use of a system and secondly guest
passwords can sometimes be guessed easily and provide a doorway for hackers/crackers.
Administrators need to review procedures to ensure that they remain current and address any
changes to the organisation and the network.
Administrators need to be aware of user activities and practices when accessing the network.
Organisational policy and procedures should address how users should access the network. In
time users may develop shortcuts and practices that knowingly or unknowingly are in breach of
policy and may compromise network security. For example a user may log on to the network on
one workstation. Then to allow access for a colleague who has forgotten their password the users
logs in on another workstation for the colleague. The result is two concurrently network
connections for one user account but for two different people who have different user access
requirements.
To manage user accounts appropriately administrators should
 Regularly review organisational policies and procedures to be aware of requirements and
address any organisational or network changes
 Conduct regular checks to ensure the change management procedures are working for
new, changed and deleted users
 Review and investigate current work practices regarding user network access
 Conduct information and training sessions for network users to reinforce appropriate
practices and organisational policy
 Conduct regular audits of network access—verifying current users and deleting expired
accounts
Managing user accounts can be a complex and tedious task but we can things easier by ensuring
appropriate policy and procedures are in place.

51
Develop System Infrastructure design plan by Yabibal T.
 Infolink Universty College

Policies and procedures

Many larger organisations post the policies that govern their user authorisation processes on their
intranets. Try searching intranet sites for larger companies—particularly IT based organisations.
You may need to look under’ ’Publications’ or’ ’Policies’. Also try a Google search for the term’
’user authorisation policy’ (use’ ’authorization’ for US companies).

Summary
How user accounts are managed is principally determined by organisational policy.
Administrators need to use policies and procedures to determine how to configure accounts and
how to set appropriate access permissions to application and data.
Once accounts are established, again policies and procedures will clearly define how the
accounts will be managed with regard to changes, disabling and

52
Develop System Infrastructure design plan by Yabibal T.