Design of local area network (LAN) Ministry Of Foreign Affairs

By

1. TAYASIIR HASSAN MOHAMED

2. KHADAR MOHAMED ALI
3. MOHAMED ALI OBSIIYE
4. ABDIFATAAH MOWLLID ABDILAHI

Project Supervisor: Abdirahman Ismail Abdi

A REPORT SUBMITTED IN PARTIAL FULFILLMENT OFTHE

REQUIREMENTS FOR THE BACHELOR OF SCIENCE IN INFORMATION

TECHNOLOGY

COLLEGE OF COMPUTING & INFORMATION TECHNOLOGY

DEPARTMENT OF INFORMATION TECHNOLOGY

UNIVERSITY OF HARGEISA

2017

I
 CERTIFICATE OF ORIGINALITY

We hereby declare that this report, submitted to the College of Computing and
Information Technology of the University of Hargeisa as a partial fulfillment of the
requirements for the Bachelor of Science Information Technology has not been submitted
as an exercise for a degree at any other university. We also certify that the work described
here is entirely our own except for excerpts and summaries whose sources are
appropriately cited in the references.
This report may be made available within the university library for the purposes of
consultation.

10-07-2017

TAYASIIR HASSAN MOHAMED (138682)

KHADAR MOHAMED ALI (138785)

MOHAMED ALI OBSIIYE (138823)

ABDIFATAH MOWLID ABDILAHI (138725)

Signature ______________________

II
 APPROVAL SHEET

This is to certify that this project report entitled “Design of local area network (LAN)

Ministry Of Foreign Affairs” submitted by:

TAYASIIR HASSAN MOHAMED (138682)

KHADAR MOHAMED ALI (138785)

MOHAMED ALI OBSIIYE (138823)

ABDIFATAH MOWLID ABDILAHI (138725)

In partial fulfillment of the requirements for the degree of Bachelor of Science

Information Technology of the College of Computing and Information Technology,

University of Hargeisa during the academic year 2016-2017 has been accepted.

Supervisor: ………………………………

Signature: …………………….

Date: ………………………

III
 DEDICATION

We dedicated this work to our supervisor who was always our side to help us to complete

our project. Mr.Abdirahman Ismail Abdi without his assistance this project would

never been accomplished we would like to thank u very much for your support.

We would like to dedicate too to our parents and our dearly loved families and our helpful

friends who helped us from side to side that course learning.

IV
 ACKNOWLEDGEMENT

First and foremost in the name of Allah the most compassionate and the most merciful, all

praises to Allah that without ALLAH everything would not be possible and giving us the

opportunity and his blessings to complete our thesis project.

We would like to acknowledgement our sincere gratitude towards our supervisor

Mr.Abdirahmaan Ismail Abdi for his valuable advice, which is always available when we need

it; for his confidence on us, which left us a lot of imaginations and self-development; and for his

time commitments, without which this work would never be achieved and who provided valuable

inputs for the developments and production of this project, teaching us the way of witting the

book anyhow it is a privilege to study and work under his supervision.

Totally thanks to all our families who supported us and extended to us our needs and didn’t limit

their efforts for us encouragement morally and financially May ALLAH bless them for their

caring us to achieve our main aim goals of our life.

We create and write this project not only to get marks but also to increase our knowledge.

Thanks to every-one who helped us.

V
 ABSTRACT

With the rapid development of internet and the increasing demand of network sharing,
networking becomes more and more popular due to its way of sharing center and security.
This thesis concerned the system of Implementing Design of local area network (LAN)
Ministry Of Foreign Affairs. This system will support the officials to maintain for
resource sharing and information in this ministry and every-one can see the results in real
time and This system improving internal and external network connectivity system such
as security Sharing information and resources and faster decision making to automate all
activities.

VI
 TABLE OF CONTENTS

CERTIFICATE OF ORIGINALITY ............................................................................................... II

DEDICATION ............................................................................................................................... IV
ACKNOWLEDGEMENT ...............................................................................................................V
ABSTRACT ................................................................................................................................... VI
Table of CONTENTS ..................................................................... Error! Bookmark not defined.
TABLE OF FIGURES .....................................................................................................................X
LIST OF TABLES ......................................................................................................................... XI
CHAPTER 1 INTRODUCTION ..................................................................................................... 1
1.0 Introduction to Project ..................................................................................................... 1
1.1 Problem Statement ........................................................................................................... 3
1.1.1 Background of the study .......................................................................................... 3
1.1.2 Problem statement .................................................................................................... 3
1.2 Project Objectives ............................................................................................................ 4
1.3 PROJECT SCOPE ........................................................................................................... 5
1.3.1 Target Audience ....................................................................................................... 5
1.4 Significance Of The Project ............................................................................................. 5
CHAPTER 2 LITERATURE REVIEW .......................................................................................... 7
2.2.1 Existing products...................................................................................................... 8
2.3 Local Area Network ..................................................................................................... 8
2.3.1 BUS Topology ......................................................................................................... 9
2.3.2 Ring Topology ....................................................................................................... 10
2.3.3 Star topology .......................................................................................................... 12
2.4 Requirements of the ministry LAN meets ..................................................................... 13
2.5 System Adjustment ........................................................................................................ 16
2.5.1 Server Management ............................................................................................... 16
2.5.2 Routers ................................................................................................................... 17
2.5.3 Flexible, Intelligent Switching For Secure Networks ............................................ 18

VII
 2.5.4 Security .................................................................................................................. 19
2.5.5 Security Management ............................................................................................ 19
CHAPTER 3 ANALYSIS .............................................................................................................. 23
3.0 Current System............................................................................................................... 23
3.0.1 Overview ................................................................................................................ 23
3.0.2 Problems of Lack Network in Ministry ................................................................. 23
3.1 ANALYSIS OF THE SYSTEM .................................................................................... 24
3.1.1 Performance analysis ............................................................................................. 24
3.1.2 Information analysis ............................................................................................... 25
3.1.3 Data analysis .......................................................................................................... 25
3.1.4 Efficiency analysis ................................................................................................. 25
3.2 FUNCTIONAL REQUIREMENTS .............................................................................. 26
3.2.1 Routers ................................................................................................................... 26
3.2.2 Switches ................................................................................................................. 27
3.2.3 Server ..................................................................................................................... 28
3.2.4 Firewall .................................................................................................................. 28
3.2.5 Hubs ....................................................................................................................... 29
3.2.6 Connection system ................................................................................................. 30
3.3 Power Protections Devices............................................................................................. 31
3.3.1 Backup devices ...................................................................................................... 31
3.4 NON-FUNCTIONAL REQUIREMENTS .................................................................... 32
3.5 OBJECTIVES OF THE PROJECT ............................................................................... 32
CHAPTER 4 DESIGN ................................................................................................................... 33
4.2 LOGICAL DESIGN ...................................................................................................... 34
4.2.1 ROLES OF NETWORK DEVICES ...................................................................... 34
4.2.2 Purpose of VLANs ................................................................................................. 40
4.2.3 SETTING IP ADDRESSES OF ALL DEVICES AND DEFAULT-GATEWAYS
40
CHAPTER 5 IMPLEMENTATION .............................................................................................. 43
5.1 Security .......................................................................................................................... 43

VIII
5.2 Comparing Enable Password and Enable Secret ........................................................... 43
5.3 Router Banner Motd....................................................................................................... 45
5.3.1 Router access methods ........................................................................................... 46
5.3.2 Setting up Username .............................................................................................. 46
5.4 ASA access list concept ................................................................................................. 46
5.4.1 ASA ACL types ..................................................................................................... 47
5.5 VLAN configuration ...................................................................................................... 48
5.5.1 View VTP configuration ........................................................................................ 48
5.5.2 Creating and configure VLANs and names ........................................................... 49
5.5.3 Assigning ports to VLANs ..................................................................................... 50
5.6 CLIENT / SERVER Configurations .............................................................................. 53
5.6.1 Client PC’s configuration....................................................................................... 53
5.6.2 Server configuration ............................................................................................... 53
5.6.3 Installing Active Directory..................................................................................... 54
5.6.4 Installing DHCP ..................................................................................................... 56
5.7 Final Output ................................................................................................................... 60

IX
 TABLE OF FIGURES

Figure 1 Bus Topology from Technopedia.Com ............................................................... 10

Figure 2 Ring Topology from Google.com ....................................................................... 11
Figure 3 Ring topology from Wikipedia.com .................................................................... 13
Figure 4 Cisco router from Google.com ............................................................................ 17
Figure 5 Cisco Switches from Google.com ....................................................................... 27
Figure 6 Network Firewall from Wikipedia.com .............................................................. 29
Figure 7 firewall system from hacker4computer.com ....................................................... 29
Figure 8 Network hubs from wisegeek.com ...................................................................... 30
Figure 9 physical design of the project .............................................................................. 34
Figure 10 Router configuration of MOFA ......................................................................... 35
Figure 11configuring switch .............................................................................................. 36
Figure 12 server configuration ........................................................................................... 38

X
 LIST OF TABLES

Table 1 advantage of computer network sharing center ...................................................... 8

Table 2 some functional requirements ............................................................................... 31
Table 3 non-functional requirements ................................................................................. 32
Table 4 Assigning VLANs to Departments ....................................................................... 39
Table 5 IP address .............................................................................................................. 42

XI
 CHAPTER 1

INTRODUCTION

1.0 Introduction to Project

A computer network is a group of connected computers that allow people to share

information and equipment. Computer networking is the practice of interfacing two or

more computing devices with each other for the purpose of sharing data.

The most important job of a network is to link computers together. When computers are

linked, the people using the computers can work more efficiently. Computers connected

to a network do not have to be the same type. For example network could contain desktop

computers or portable computers such as notebook and personal digital assistants (PDAs).

There are different networking systems and they are local area network (LAN),

metropolitan area network (MAN) and the last one wide area network (WAN).

1
Local area network (LAN)

This network is the most common type of network found in the small business. It

connects computers and devices located close to each other, such as in one building

usually no more than 100 computers.

Computer networking has become one of the most successful ways of sharing

information, where all computers are wire/wirelessly linked together by a common

network and now it’s very important that every small office and organizations have some

of computer network.

Computer networking is the backbone of the ministry of foreign affairs and it play

essential role of its resource sharing and information also computer networking is the

fundamental of every ministry of our Somaliland government.

Ministry of foreign affairs has totally no network sharing center although there is a

network department and uses different internet service providers (ISP), the main aim of

network department is to terrible shoot and solve the errors of the wireless of the ministry.

Somaliland Ministry of foreign affairs was formed and established in 1991 the year of

Somaliland declared its independence.

The ministry if foreign affairs conations two floors in the building.

The ministry of foreign affairs is the channel through which the Somaliland government

communicates with foreign governments and international organizations. The ministry is

headed by the minister of foreign affairs, who is responsible for Somaliland foreign

policy.
2
This is the ministry that maintains relations with other states and international

organizations and cooperates with Somalilanders living abroad.

1.1 Problem Statement

1.1.1 Background of the study

Anyhow ministry of foreign affairs play a vital role to the Somaliland government but it’s

severing a lack of computer network, each computer of the ministry exists and works

alone that is why we deeply interest to create a network to the ministry to promote the

activities and the collaboration among the employees and even their leader minister of the

foreign affairs.

1.1.2 Problem statement

 Lack of computer networking:- Inside the ministry of foreign affairs there is no

computer network at all, although they have a lot of computer with latest

versions but they are not connected with computer network they exists

separately from each other.

 No resource sharing: - Ministry of foreign affairs has 31 computer and 6 printers

inside the building also the computers in the ministry increasing day after day

but the problem is there is no computer network and this is caused that the

employees of the ministry cannot share the resources like the printers, scanners,

files and even the internet connection, while there are different internet service

providers (ISP).

 Data loss: - If a computer fails or stops working, all documents in that computer
will be lost since its data is not stored anywhere else. It will be the first time that

3
 the ministry of foreign affairs get computer network and we will try to fix the

problems caused without the computer networking. The failure of one computer

will cost the lost of all its documents and information’s since it’s data is not

stored anywhere else, the user will not be able to work in another computer till

that failed computer will fix or will be demand another computer which is very

expensive.

 No central resource sharing: - There is no central resource sharing in ministry of

foreign affairs and the cost of the different internet service providers is very

high also employees use different the printers and all the printers work.

1.2 Project Objectives

Secured network: - The project objectives are to create well secured

computer network for the ministry of foreign affairs to promote and

enhance the collaboration between the ministry and the employees.

Cost reduction: - This project reduces the cost that ministry paid for the

different internet service providers (ISP) and also the cost for that large

and many printers, the ministry will be used only one or two printers and

the employees will be able share files and the printers.

Data safety: - No data loss will happen and every employee will get an

account that will be accessed his/her username and password, this is very

secure when we are comparing the previous type that the ministry uses.

Centralized network: - This type of computer network make easier for the

employees to access this centralizer anywhere in the network ministry.

4
1.3 PROJECT SCOPE

Our scope includes designing and implementing a well designed and also

analyzing the current network system at ministry of foreign affairs and also creating a

local area network that based on the existing computerizing system.

1.3.1 Target Audience

Our target audiences include the ministry of foreign affairs, the network

department administrator and the employees of the ministry but to reach our aims of this

project we must have to get the devices needed this project such as the switches and Cisco

routers and the firewall.

1.4 Significance Of The Project

This will provide clear description on the various significances of the project. To

us, the proposed project serves as practical work to apply the education and knowledge

that we absorb for 4 years of graduate education.

We will experience and learn how to apply the knowledge we got from the classes

in the real world and it will introduce us our surrounding environment. So, this project

acts as bridge from the world of education to the world of work.

For the ministry of foreign affairs and its employees the proposed project will

increase their work by increasing the availability and accessibility of the data,

transparency of activities, cooperation between the employees and resourcing sharing. For

5
the employees and the ministry; the proposed project will protect their data from loss and

corruption.

The proposed project will improve the aims of the ministry working system by

securing litigants data and making the ministry work transparent. For the government; the

proposed project will improve its image because the ministry of foreign affairs is the

mirror of the government’s actions to the whole world. (2)

6
 CHAPTER 2

LITERATURE REVIEW

2.1 Introduction

In this chapter we will assessment of ministry of foreign affairs LAN, its deigning

concepts and the different departments of the ministry to become conscious the well

management, like security higher performance, availability and scalability for future

trends.

2.2 Ministry Of Foreign Affairs Overview

The different sectors of building should be prepared way of sharing devices,

resources and accessibility. The main aim is to resistant maximizing user requirements,

high routine utilities, and reliable LAN connectivity, instead of online work.

7
2.2.1 Existing products

Some internet services are available inside the ministry of foreign affairs that

allow them to connect through the internet and router for outside gateway, it allows the

ministry to instigate a connection to the hosts by the use of internet to access their data

stored in the computers.

Advantages of computer network sharing center

TABLE 1 advantage of computer network sharing center

Network and without network Advantages Disadvantages

Sharing devices such as
printers saves money
Network center Data is easy to backup as all
data is stored on the file
server
Viruses can spread to other
computers throughout a
computer network
There is a danger of hacking.

2.3 Local Area Network

A local area network (LAN) is a group of computers and associated devices that share a

common communication line or wireless link to a server. Typically, a LAN encompasses

computers and peripheral connected to a server within a distinct geographical area such as

an office or commercial establishment. Computers and other devices use a LAN

connection to share resources such as printers anyhow a local area network is a computer

network within a small geographical area such as a home, school, computer library, office

building, or group of buildings so LAN is composed of inter-connected workstations and

personal computers which are each capable of accessing and sharing data and devices,

such as printers, scanners and data storage devices, anywhere on the LAN anyway here

are some local area network topologies.

8
2.3.1 BUS Topology

Bus topology is a specific kind of network topology in which all of the

various devices in the network are connected to a single cable or line. In general,

the term refers to how various devices are set up in a network.

2.3.1.1 Advantages of Bus Topology

 Very easy to connect computer or peripheral to a linear bus

 Requires less cable length than other topology resulting in lower

costs

 It works well in small networks

 It is easy to extend by joining cable with connector or repeater

2.3.1.2 Disadvantages of Bus Topology

 Entire network shuts down if there is a break in the main cable or

one of the T connectors break

 Large amount of packet collisions on the network, which results in

high amounts of packet loss.

9
 FIGURE 1 BUS TOPOLOGY FROM TECHNOPEDIA.COM

2.3.2 Ring Topology

Ring topology refers to a specific king of network setup in which devices are

connected in a ring and pass information to or from each other according to their

adjacent proximity in the ring structure. This type of topology is highly efficient

and handles heavier loads better than bus topology. A ring also called topology

because messages are passed each device in the ring.

2.3.2.1 Advantages of Ring Topology

 Very orderly network where every device has access to the token and the

opportunity to transmit.

 Does not require a central node to manage the connectivity between

computers.

 Point to point line configuration makes it easy to identify and isolate

faults.

10
  Performs better than a bus topology under heavy network load.

2.3.2.2 Disadvantages of Ring Topology

 Bandwidth is shared on all links between devices

 Moving, adding and changing the devices can affect the network

 Communication delay is directly proportional to number of nodes in the

FIGURE 2 RING TOPOLOGY FROM GOOGLE.COM

network

11
2.3.3 Star topology

Star topology is one of the most common network setups also star

topology is a topology for a Local Area Network (LAN) in which all the

computers or nodes are individually connected to a central connection point, like a

hub or switch anyhow star takes more cable than other topologies like bus, but the

benefits is that if a cable fails, only one node will be brought down.

2.3.3.1 Advantages of star topology

Easy Installation and maintenance

o It is easy to maintain network. That is why it is so popular.
Adding or removing computers
o Adding or removing computers can be done without disturbing the

network. We connect the new computer with the HUB by means of a

networking cable. One end of the cable (RJ 45 connector) is inserted in

computer’s Network Interface Card and the other end (RJ 45 connector) is

plugged into the HUB, and that’s it.

Fault Diagnosis

o In a star network topology, finding faults is easy. If a computer is no more

connected with your network, you can check its cable and connectors or network

settings in its Operating system.

Network Reliability

o Single computer failure will not disturb whole network, since all other computers

are connected with separate links (wires) to HUB. Definitely, they will work fine.

Better performance

12
 o Star topology can prevent the passing of data through an excessive number

of nodes. By using a Switch, at most, 3 devices and 2 links are involved in

any communication between any two devices..

Device Isolation

Each device is separately connected to HUB or Switch and is

isolated. This is why each device works independently.

2.3.3.2 Disadvantages of star topology

In star network topology, data communication depends on HUB. If

central hub fails, then whole network fails.

Since each computer will be connected with HUB by means of a

separate wire, star network topology needs more cable to connect

computers.

FIGURE 3 RING TOPOLOGY FROM WIKIPEDIA.COM

It is more expensive due to more wires.

2.4 Requirements of the ministry LAN meets

13
Connection reliability

 The ministry is providing wired (cables) and wireless (router) can capable

carrying of the signals and waves from the source to the destination, which

actually making genuine the transmition of data in the system to be

successfully.

Availability:

 The system must be available at any time internally and externally with the

privileged rules and permissions, so the resources like sharing data,

printers should become ready at any time needed by the users. The internet

connection should establish by the ISP when outside branches or WAN

connections oriented (Telnet) to be effective and efficient.

High implementation

 The system has to maintain an appropriate manner the devices which can

be handle the transmission of data to be the execution of programmers fast,

it must be there such like PCs had good processors, Cisco switches and

routers.

Security:

 It is a very sensitive topic at any area of internetworking, it discusses the

prevention from outsider and insider attacks to mitigate the damage of the

system. The valid most different type of attackers can be internal or

external attack towards organization. The both has problem, but the

security deals about how to defense system or minimize the organizations

14
 vulnerabilities. To ensure avoidance or decreasing the hacking have to

implement following:

1. Internal organization attack preventions:

 Grantee permissions on users

 Installing monitoring application entire the LAN by the administration

 Alert messages by unauthorized access (watch dog software)

 Authorization, authentication, accounting (AAA)

2. External organization attack prevention:

 Firewalls, and proxy servers

 NAT/DMZ

 Access list control (ACL)

 DOS protection software

 Brute force attacks

 Eavesdropping attacks
Central Management:

Is the managing the holy system physically and logically from a central

admin which auditing, allowing, preventing the activities through the entire

network. The admin must perform functioning for configuring devices like

routers, switch.

15
2.5 System Adjustment

2.5.1 Server Management

Server provides us with powerful tools to react the needs faster than ever before

with greater control and confidence specially Windows server 8 designed to increase the

reliability and flexibility of the infrastructure, helping the ministry and the system to save

time and reduce costs. Windows Server 2008 R2 enables us to take the datacenter and

desktop strategy to a new level such us these

 Remote desktop service

 Remote Desktop Services allows the employees of the ministry to access

applications, data, and even the entire desktop running in the datacenter over

the network. It provides us with both the features and the strength of a

established solution giving the employees flexible access to their data and

applications. To expand the Remote Desktop Services deployment scenarios,

Microsoft has been investing in the Virtual Desktop Infrastructure, also known

as VDI. VDI is a centralized desktop delivery architecture, which enables

Windows and other desktop environments to run and be managed in virtual

machines on a centralized server.

In addition to the new virtualization features, the Windows Server 2008 R2 OS

contains several updates over the previous version to the tools you are most

familiar with.

16
  rising reliability and the scalability

 Windows server 2008 has been specifically designed to support increased

workloads while utilizing fewer resources.

 enhanced administration

 Windows Server 2008 helps to decrease the amount of effort you expend
managing your physical and virtual data centers by providing enhanced

management consoles and automation for repetitive day-to-day administrative

tasks.

2.5.2 Routers

Router is a device that forwards data packets along a network, routers use headers

and forwarding tables to determine the best path for forwarding the packets, and they use

protocols such as ICMP to communicate with each other and configure the best route

between any two hosts so The Cisco 1841 Integrated Services Router is part of the Cisco

FIGURE 4 CISCO ROUTER FROM GOOGLE.COM

1800 Integrated Services Router Series which complements the Integrated Services

Router Portfolio

17
The Cisco 1841 Integrated Services Router provides the following support:

 Wire-speed performance for concurrent services at T1/E1 WAN rates

 Enhanced investment protection through increased performance and modularity

 Enhanced investment protection through increased modularity

 Increased density through High-Speed WAN Interface Card Slots (two)

 Support for over 90 existing and new modules

 Support for majority of existing WICs, VWICs, and VICs (data mode only)

 Two Integrated 10/100 Fast Ethernet ports

 Security

o On-board encryption

o Support of up to 800 VPN tunnels with the AIM Module

o Antivirus defense support through Network Admission Control (NAC)

o Intrusion Prevention as well as state full Cisco IOS Firewall support and

many more essential security features

2.5.3 Flexible, Intelligent Switching For Secure Networks

The Cisco Catalyst 2950 Series Switch is a fixed-configuration, stackable

standalone switch that provides wire-speed Fast Ethernet and Gigabit Ethernet

connectivity. This switch offers two distinct sets of software features and a range of

configurations to allow small, midsize, and enterprise branch offices and industrial

environments to select the right combination for the network edge. Standard Image

Software offers Cisco IOS Software functions for basic data, voice, and video services.

For networks with requirements for additional security, advanced quality of service

18
(Quos), and high availability, Enhanced Image Software delivers intelligent services such

as rate limiting and security filtering for deployment at the network edge.

2.5.4 Security

Network security starts with authenticating the user, commonly with a username

and a password. Since this requires just one detail authenticating the user name —i.e. the

password, which is something the user 'knows'— this is sometimes termed one-factor

authentication. With two vector authenticating, something the user 'has' is also used (e.g.

a security token or 'dongle', an ATM card, or a mobile phone); and with three-factor

authentication, something the user 'is' is also used (e.g. a fingerprint or retinal scan).

Once authenticated, a firewall enforces access policies such as what services are

allowed to be accessed by the network users. Though effective to prevent unauthorized

access, this component may fail to check potentially harmful content such as computer

worms or Trojans being transmitted over the network. Anti-virus software or an intrusion

prevention system (IPS) help detect and inhibit the action of such malware.

2.5.5 Security Management

Security management for networks is different for all kinds of situations. A home

or small office may only require basic security while large businesses may require high-

maintenance and advanced software and hardware to prevent malicious attacks from

hacking and spamming.

19
The Top Five LAN Security Issues Facing IT Managers Today

A quick look at the top five security problems shows there is are tools to solve each one. But the

one problem/one tool approach does not solve the full range of security problems and can be

difficult to manage. This approach also begs the question "Is there a better way to handle LAN

security?"

 Porous-Perimeters

 The conventional approach to enterprise security has been to apply security at the

perimeter of the network. Today, however, perimeter defenses are no longer sufficient.

Increasingly, sites no longer consist just of predictable managed desktops but include a

mix of unmanaged mobile devices, such as laptops and PDAs. Sometimes these devices

belong to employees, but often businesses must allow guests such as contractors,

partners and others with unmanaged mobile devices to directly connect to the internal

network.

 Increasingly Sophisticated Attacks

 Perimeter-based security strategies are also no match for the increasing sophistication

of attacks on the network. The hacker profile has begun to shift from adolescents

crashing systems for fun to professional criminals bent on taking over systems for

profit. New strains of malware appear to have the goal of remotely controlling the

victim's computer. Nothing prevents a remote-access Trojan on an internal corporate

network from being used as a perfect corporate spy.

 Unadoptable Networks

 Many enterprises built LANs with the assumption that internal users are
trustworthy. Little thought was given to understanding exactly what devices are

connected to the network, where these devices are located, and what users are
20
 doing with them. As a result, enterprises are finding themselves ill-equipped to

deal with problems introduced by mobile end systems and end users.

Furthermore, the increasing number of regulations on data protection and

compliance verification, including privacy, financial, health records, state

information processing laws, and even anti-terrorism acts, has raised the

importance of auditing network activity.

Enterprises need visualization and audit tools that associate different network

identifiers and locations. Such tools could, for example, find the user, access

port, and MAC address when given an IP address. The tools should also be able

to display the location from which the user has accessed the network in a form

that can IT can quickly understand.

 Uncooperative Employees

 Even with security awareness programs and employee censure for lax security
practices, users still view security as something that gets in the way of doing

their job. Users will often abort full disk scans, or even disable anti-virus or

anti-spyware applications, if they believe they measurably slow down the

computer.

Network access control mechanisms that perform periodic integrity re-

assessments and policy compliance verification, and that have the ability to

isolate an endpoint that fails, can mitigate the potential damage done by

uncooperative employees.

 Risky Applications

New types of collaborative computing tools, such as Instant Messaging, VoIP,

21
and wireless, are increasingly in demand, since they enhance productivity and allow

users to be in touch 24x7. However, many of these tools bring with them increased

security risks, primarily because their reach extends within and beyond the traditional

network boundary. Exploiting vulnerabilities in these applications can provide

hackers a fast path

22
 CHAPTER 3

ANALYSIS

3.0 Current System

3.0.1 Overview
As we were already mentioned the ministry of foreign affairs totally has no

network sharing and every node of the ministry exists alone and there is no

network plant inside the ministry also it was difficult to the staffs to communicate

each other for sharing documents and files that is why we interest to setup a

network for the ministry to encourage the collaboration of the employees of the

ministry.

3.0.2 Problems of Lack Network in Ministry

No resource sharing – although there are a lot of nodes and printers and large

population of employees in the ministry there was no resource sharing.

23
 Data loss – sometimes some computers failed or stop working, and all the

documents and data in that computer will be loss.

3.1 ANALYSIS OF THE SYSTEM

At this section we are deeply discussing the analyzing the current system of the LAN.

Computer automation is not an opportunity so opportunities are stated as follows:

statement and business benefit that can be derived by exploiting the opportunity.

A constraint is an existing or anticipated situation that may constrain any improved

system that we may recommended in the subsequent phases of this project. In other

words

3.1.1 Performance analysis

Performance analysis generally applied to the systems transactions. When discussing the

performance of any given transaction, we need to discuss both through put and response

time. Throughput is the number transactions processed in some specific period of time.

Response time is the time required to process a single transaction. This section analyzes

the transactions for performance problems and opportunities.

24
3.1.2 Information analysis

Information analysis initially identifies those net outputs produced by or for the system.

Each output is analyzed for the following possible problems and opportunities:

Information overload either too many outputs are produced or outputs contain too much

information, limiting their usefulness information accuracy information contains errors or

possible errors. Information timeliness information is not received is not useful or must be

modified to become useful. Information redundancy multiple outputs contain much of the

same information lack of information or poor information. Information is not available to

aid in decision making.

3.1.3 Data analysis

Data analysis describes the amount to which data is redundantly stored within the system,

it’s all about how easy or difficult it is to produce information and output from data. Data

analysis examines how the system ensures that it is properly operating and concerned

with both facility and data security.

3.1.4 Efficiency analysis

Efficiency analysis is sometimes confused with economic analysis. Efficiency analysis

examines the system for problem and opportunities related to how resources are being

used like people, facilities and the money. Efficiency problems and opportunities usually

target resources that could be better used.

25
3.2 FUNCTIONAL REQUIREMENTS

 All network requirements

 Routers
 Switches
 Server
 Firewall
 Hubs

3.2.1 Routers

Routers are small electronic devices that join multiple computer networks together via

either wired or wireless so routers connects networks. Based on its current understanding

of the state of the network it is connected to, a router acts as a dispatcher as it decides

which way to send each information packet. A router is located at any gateway where

one network meets another network, including each point of presence on the internet. A

router is often included as part of a network switch.

3.2.1.1 How router works

A router may create or maintain a table of the available routes and their conditions and

use this information along with distance and cost algorithms to determine the best packet.

Typically a packet may travel through a number of network points with routers before

arriving at its destination.

26
Routing is functionally linked with the network layer particularly layer 3 in the standard

model of network programming, the open system interconnection (OSI

(OSI)) model. A layer 3

switch is switch that can perform routing functions anyhow some networks engineers

believe that routers provide better protection from hacking than software firewall because

no computer internet protocol addresses are directly exposed to the internet.

3.2.2 Switches

A network switch is a computer networking device that connects devices together on a

computer network by using packet switching to receive, process, and forward data to the

destination device. Switches are more advanced hubs and les

lesss capable than routers.

A switch does not provide the firewall and logging capabilities that routers do.

Routers can commonly configured by software while switches only work the way

hardware was designed.

FIGURE 5 CISCO SWITCHES FROM GOOGLE.COM

27
3.2.3 Server

A computer connected to a network that other computers may or may not access. Unlike

other computers on a network, a server is dedicated computer set up for one or more

purposes. For example a user may setup a server to authenticate and allow or prohibit

users from accessing a network, send or receive e-mail, manage print jobs or host a

website. For example, the computer hope web page is hosted on a server. Servers are not

often turned off if it fails it cause that the network user have a great deal of problem until

it returned.

3.2.4 Firewall
Firewalls are the essential part of a networks design. Firewall is a network security

system, either hardware or software based, that uses rules to control incoming and

outgoing network traffic. This controlled access is designed to protect data and resources

from outside threat. A firewall acts as a barrier between a trusted network and un trusted

network. Firewalls might be placed between an internal network and the internet although

firewalls typically protect internal networks from public networks, they are also used to

control access between specific network segments within a network. For example you

might be placed firewalls the network department and the server department. A firewall

controls access to the resources of a network through a positive control model, this means

that the only traffic allowed onto the network is defined in the firewall policy and all

other traffic is denied.

Firewalls can be hardware and software or both.

28
 The firewall is configured on the server to allow permit or deny certain types of network

traffic, a firewall is commonly installed on the local system and configured to control

traffic.

FIGURE 6 NETWORKFigure 3.2 Network

FIREWALL Firewall from Wikipedia.com
FROM WIKIPEDIA.COM

FIGURE 7 FIREWALL SYSTEM FROM HACKER4COMPUTER.COM

3.2.5 Hubs

A network hub is a common connection point for devices in a network. Hubs are devices

commonly used to connect segments of a LAN. The hub contains multiple ports. When
29
packet arrives at one port, it is copied to the other ports so that all segments of the LAN

can see all packets.

A hub is a place of convergence where data arrives from one or more directions and is

forwarded out in one or more other directions.

In hub, a frame is passed along broadcast to every one of its port, it does not matter that

the frame is only destined for one port. The hub has no way of distinguished which port

frame should be sent to.

Comparing to the standard switch, the hub is slower as it can send or receive information

just not at the same time, but typically costs more than a hub.

FIGURE 8 NETWORK HUBS FROM WISEGEEK.COM

3.2.6 Connection system

The two most popular connection systems are hard wiring using Ethernet cables or using

wireless technologies. Most desktop networks use Ethernet cables. These are inexpensive

products that directly connect the network card of the computer to the router. Wireless

30
technologies are used most often for laptops. However, to use wireless network, the

administrator needs to set up a wireless router.

3.3 Power Protections Devices

Power failure can create problems on computers, system and file servers. Unexpected

power cut can damage computers and the system. A common source of power issues is

the internet-facing equipment, which can conduct surges. Ethernet-based power

protection is highly recommended on all carrier link routers or modems.

3.3.1 Backup devices

Backup devices are the ones that store the data and their main aim in the system is to store

the important information and data for future recovery. Backups are needed in case a file

is lost. The reasons for losing files include hardware failure like disk breaking,

accidentally delete or computer being stolen. Backups help in all the above situations so it

may be good to have access to older version of files, e.g. a configuration file worked a

month ago, but since then it has been changed and nobody remembers so it just not

working anymore. Backups are good to have if you can afford them.

ITEM TYPE QUANTITY COST

Router 2950-16 1 $ 600
Switch 2950-1 3 $ 90
Cable 1500m
Server Database server 1 $ 1,500
firewall $ 1,800
hub $ 45
TABLE 2 SOME FUNCTIONAL REQUIREMENTS

31
3.4 NON-FUNCTIONAL REQUIREMENTS

Non functional requirements are the one that mentioned to the functional requirements

but if they are part of the system the system will be more acceptable and reliable and it

encourages the security and the consistency of the project so if they are not the part of the

system the system can works it’s alone.

Name Item Cost

Anti-virus Enterprise edition 40$
Power supply
TABLE 3 NON-FUNCTIONAL REQUIREMENTS

3.5 OBJECTIVES OF THE PROJECT

These are objectives and the purposes that our project must meet and they are

 High speed

 High quality

 Lower cost

 Well security

 Good communication

32
 CHAPTER 4

DESIGN

This chapter provides detailed information about design; this chapter provides deep

concept and information about the design and the network of ministry of foreign affairs.

Also this chapter describes the general design of the project and design.

4.1 PHYSICAL DESIGN

Networking is the major telecommunication medium today in different office and

businesses but these nowadays businesses began to develop their networking system to

fiber optic wires because fiber optics can use both local area network (LAN) and

metropolitan area network (MAN) because of their bandwidth, high speed and low loss

and in this section we will focus physical appearances of the LAN according to the

following factors

33
FIGURE 9 PHYSICAL DESIGN OF THE
HE PROJECT

4.2 LOGICAL DESIGN

4.2.1 ROLES OF NETWORK DEVICES

Network devices are generally the devices that work in this project (design) also this

section provides the configuration of the most common devices that installed on a LAN.

The network devices of this ministry are so close by the distance, the longest distance
dis

is when you came down the stairs towards the network department is 8 steps but all the

others the longest distance is 5 steps

34
 4.2.1.1 Router

FIGURE 10 ROUTER CONFIGURATION OF MOFA

Router connect networks using one of the followi

following routed protocols

4.2.1.2 Role of Switches

Switch is a computer networking device that connects devices together on a computer

network by using packet switching to receive, process, and forward data to the destination

device.

35
FIGURE 11CONFIGURING
CONFIGURING SWITCH

Here below are the configurations of switch:

switch:-

Switch 2

36
Switch 3

4.2.1.3 Server configuration

37
FIGURE 12 SERVER CONFIGURATION

This figure shows the MOF server configuration

4.2.1.4 VLANs

A VLAN is a switched network that is logically segmented y functions, project team or

application, without regard to the physical locations of the users. VLANs have the same

attributes at physical LANs, but you can group end stations even if they are not physically

located on the same LAN segment. Any switch port belongs to a VLAN. Each VLAN is

considered a logical network and packets destined for station that don’t belong VLAN

must be forwarded through a router because a VLAN is considered a separate logical

network.

38
 4.2.1.4.1 Assigning VLANs to Departments

Departments VLANs

Network admin 30

Ministry 40

DG 50

Human Resource 60

Archive 70

Accounting 80

Attendance 90

Politics 100

TABLE 4 ASSIGNING VLANS TO D

DEPARTMENTS

39
4.2.2 Purpose of VLANs

In simple word a VLAN is a group of PCs, server and other network resources that

behave as if they were connected to a single, network segment.

4.2.3 SETTING IP ADDRESSES OF ALL DEVICES AND DEFAULT

DEFAULT-GATEWAYS
GATEWAYS

NAME IP ADDRESS DEFAULT

GATEWAY

Router 192.168.1.1 -------------------------------------

Switch 1 192.168.1.2 192.168.1.1

Switch 2 192.168.1.3 192.168.1.1

40
Switch 3 192.168.1.4 192.168.1.1

DG PC 1 192.168.1.5 192.168.1.1

DG assistant PC 2 192.168.1.6 192.168.1.1

Ministry PC 3 192.168.1.7 192.168.1.1

M Assistant PC 4 192.168.1.8 192.168.1.1

Net Admin PC 5 192.168.1.9 192.168.1.1

Server PC 6 192.168.1.10 192.168.1.1

PC 7 192.168.1.11 192.168.1.1

PC 8 192.168.1.12 192.168.1.1

PC 9 192.168.1.13 192.168.1.1

PC 10 192.168.1.14 192.168.1.1

PC 11 192.168.1.15 192.168.1.1

PC 12 192.168.1.16 192.168.1.1

HR assistant PC 13 192.168.1.17 192.168.1.1

HR PC 14 192.168.1.18 192.168.1.1

Accountant PC 15 192.168.1.19 192.168.1.1

A assistant PC 16 192.168.1.20 192.168.1.1

Politics admin PC 17 192.168.1.21 192.168.1.1

P assistant PC 18 192.168.1.22 192.168.1.1

PC 19 192.168.1.23 192.168.1.1

PC 20 192.168.1.24 192.168.1.1

PC 21 192.168.1.27 192.168.1.1

41
 PC 22 192.168.1.26 192.168.1.1

PC 23 192.168.1.28 192.168.1.1

PC 24 192.168.1.29 192.168.1.1

PC 25 192.168.1.30 192.168.1.1

PC 26 192.168.1.31 192.168.1.1

Attendance PC 27 192.168.1.32 192.168.1.1

Attendance PC 28 192.168.1.33 192.168.1.1

Attendance PC 29 192.168.1.34 192.168.1.1

Archive admin PC 30 192.168.1.36 192.168.1.1

Archive assis PC 31 192.168.1.35 192.168.1.1

PC 32 192.168.1.37 192.168.1.1

TABLE 5 IP ADDRESS

42
 CHAPTER 5

IMPLEMENTATION

In this chapter we will discuss how to implement in our Local Area Network (LAN), our

network implementation ensures a smooth and well-coordinated startup of the network.

To create a cost-effective and scalable network infrastructure, we can assist to reduce the

complexity, inefficiency and inflexibility whether its new or growing.

5.1 Security

To secure the network requires using the complex and the strong password to provide the

network to protect both workstation hijacking attacks and the dictionary attacks.

5.2 Comparing Enable Password and Enable Secret

To provide an additional layer of security, particularly for passwords that cross the

network. These both commands accomplish the same thing, they both allow establishing

an encrypted password that users must enter to access for the specific privilege level you

specify.

43
After you specify the level and set a password, only authorized users can reach and access

this level.

This is the secret password and the password will be encrypted as show below

hostname S3
!
enable secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0
!
!

While password will be shown a clear text password not encrypted

password

line con 0
password cisco
logging synchronous
login
!
line vty 0 4
password cisco
login
line vty 5 15
password cisco
login
!
Also if you have the service password-encryption command enabled, the password you

enter is encrypted and this command the service password-encryption is primarily useful

for keeping unauthorized individuals from viewing your password in your configuration

file.

The actual encryption process occurs when the current configuration is written or when a

password is configured. Password encryption is applied to all passwords, including

44
authentication key passwords, the privileged command password, console and virtual

terminal line access passwords.

5.3 Router Banner Motd

A banner is a message that is presented to someone using the router. The type of the

banner you configure determines when this message is shown by the user.

Banner motd is logon message has been around for a long time on UNIX and mainframe

systems. The idea was to display a temporary notice to users such as issues with system

availability. However this displays when you connect to the device prior to login and now

most the network administrators use it to displays legal notices regarding access to the

router, such as unauthorized access to the device is forbidden.

________________________________________________________________________

______

Press RETURN to get started!

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0,
changed state to up

*****************************************************************
Unauthorized access and logins are forbidden
-----------------------------------------------------------------
User Access Verification

Password:
Password:
________________________________________________________________________

______

45
5.3.1 Router access methods

These commands enable to login with a local password and time out the connection after

7 minutes and 0 seconds of inactivity.

R1(config)#line vty 0 4

R1(config-line)#exec-timout 7 0

R1(config-line)#password Cisco

R1(config-line)# login

5.3.2 Setting up Username

R1(config)#
R1(config)#
R1(config)#username MOF password Cisco
R1(config)#

This command is setting local user with password

5.4 ASA access list concept

For those just getting into Cisco network security specifically, it can be a little interesting

to wrap the mind around all the different technologies and features that can be used to

secure the network.

Along with these different tools comes a great amount of control that can be used to

secure the intended target network. Of course, like anything else, it is easy to miss

46
configure a network security device; however, the difference between miss configuring a

router and a network security firewall is risk. Although the effects of miss configuring a

router can be felt by many, it typically affects the use of an authorized network; the miss

configuration of a network firewall can affect the unauthorized use of a private network,

which greatly increases risk. This is what makes the correct configuration of these devices

even more important.

5.4.1 ASA ACL types

There are many types of ACL but we are deeply explaining and have to review two of

them

5.4.1.1 STANDARD ACLs

Unlike on other platforms, the ASA does not support the use of standard ACLs for

controlling traffic. They are used only in some limited Open Shortest Path First (OSPF)

configurations.

5.4.1.2 Extended ACLs

The majority of ACLs that will most likely be implemented on an ASA are using the

extended ACL type. As with other platforms, the extended ACL is used to specify both

source and destination and can include information about the specific protocol being

matched.

47
5.5 VLAN configuration

Configuring of VTP domain- name and mode

S2(config)#
S2(config)#
S2(config)#vtp domain SERVER
.
S2(config)#
S2(config)#vtp mode SERVER
S2(config)#
S2(config)#vtp mode CLIENT
Setting device to VTP CLIENT mode.

5.5.1 View VTP configuration

To view the VTP Configuration we have to write this command in the privilege mode

Show VTP status

S2#
S2#show vtp status
VTP Version: 2
Configuration Revision: 0
Maximum VLANs supported locally: 255
Number of existing VLANs: 14
VTP Operating Mode: Client
VTP Domain Name: SERVER
VTP Pruning Mode: Disabled
VTP V2 Mode: Disabled
VTP Traps Generation: Disabled
MD5 digest: 0x68 0xD9 0xCB 0xD0 0x93 0xEA 0x88 0xB5
Configuration last modified by 192.168.1.3 at 3-1-93 00:14:41

48
5.5.2 Creating and configure VLANs and names

(config)#

(config)#vlan 70

(config-vlan)#name Archive
(config-vlan)#exit

(config)#
(config)#vlan 90

(config-vlan)#name Attendance
(config-vlan)#exit

(config)#
(config)#vlan 80

(config-vlan)#name politics
(config-vlan)#exit

(config)#
(config)#vlan 100

(config-vlan)#name politics
(config-vlan)#exit

(config)#
(config)#vlan 60

(config-vlan)#name HR
(config-vlan)#exit
(config)#
(config)#vlan 50

(config-vlan)#name DG
(config-vlan)#exit

49
 (config)#
(config)#vlan 40

(config-vlan)#name Ministry
(config-vlan)#exit

(config)#
(config)#vlan 30

(config-vlan)#name Network
(config-vlan)#exit

5.5.3 Assigning ports to VLANs

S3#
S3#show runnin
S3#show running-config
Building configuration...

Current configuration : 2254 bytes

!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname S3
!
enable secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0
!
!
!
no ip domain-lookup
!
!
spanning-tree mode pvst
!
interface FastEthernet0/1
switchport access vlan 60
switchport mode access
!

50
interface FastEthernet0/2
switchport access vlan 60
switchport mode access
!
interface FastEthernet0/3
switchport access vlan 80
switchport mode access
!
interface FastEthernet0/4
switchport access vlan 80
switchport mode access
!
interface FastEthernet0/5
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/6
switchport mode access
!
interface FastEthernet0/7
switchport access vlan 50
switchport mode access
!
interface FastEthernet0/8
switchport access vlan 40
switchport mode access
!
interface FastEthernet0/9
switchport access vlan 40
switchport mode access
!
interface FastEthernet0/10
switchport access vlan 50
switchport mode access
!
interface FastEthernet0/11
switchport mode access
!
interface FastEthernet0/12
switchport mode access
!
interface FastEthernet0/13
switchport mode access
!
interface FastEthernet0/14

51
switchport mode access
!
interface FastEthernet0/15
switchport mode access
!
interface FastEthernet0/16
switchport mode access
!
interface FastEthernet0/17
switchport mode access
!
interface FastEthernet0/18
switchport mode access
!
interface FastEthernet0/19
switchport mode access
!
interface FastEthernet0/20
switchport mode access
!
interface FastEthernet0/21
switchport mode access
!
interface FastEthernet0/22
switchport mode access
!
interface FastEthernet0/23
switchport mode access
!
interface FastEthernet0/24
switchport mode access
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
ip address 192.168.1.4 255.255.255.0
!
ip default-gateway 192.168.1.1
!
banner motd ^CC
*****************************************************************
Unauthorized access and logins are Forbidden
****************************************************************^C

52
 !
!
!
line con 0
password cisco
logging synchronous
login
!
line vty 0 4
password cisco
login
line vty 5 15
password cisco
login
!
!
!
end

5.6 CLIENT / SERVER Configurations

5.6.1 Client PC’s configuration

We are installing windows 7 and some pc’s windows 10 on clients and Symantec endpoint

enterprise

5.6.2 Server configuration

We are installing windows server 2008 in our server and also Symantec endpoint

enterprise to manage the clients, and we are following these steps

53
5.6.3 Installing Active Directory

6 Click start, click Run,, type dcpromo and then click OK

Step 2 in welcome to the active directory domain services installation wizard, click Next.

Step 3 in operating system compatibility wizard, Click next.

54
Step 4 Enter the DNS Domain Name (MOF.COM) and click next.

Step 5 select the Domain Functional Level (windows 2000 native) and click NEXT

Step 6 in Additional Domain Controller Option Page, click NEXT

Step 7 click yes to continue

Step 8 on Database and log locations page accept the default locations and click NEXT

Step 9 On Directory Services Restore Mode Administrator Password Page,

Pag enter

password and confirm password and click NEXT

Step 10 on summary page, review the options you selected and NEXT

Step 11 the Active Directory Installation starts and check box reboot on completion

Then the computer restarts after installation of active directory domain services

Step 12 after restarting the computer, Active Directory will be installed

55
5.6.4 Installing DHCP

1. To install DHCP click start, point to Control Panel and click ADD or Remove

Programs

In the Add or Remove Programs dialog box, click Add/Remove Windows Components and

in the Windows Components Wizard, click Networking Services in the Components list,

and then click Details.

In

the

56
Networking Services dialog box, click to select the Dynamic Host Configuration

Protocol (DHCP) check box, and then click OK and in the Windows Components Wizard,
Wizard

click Next to start Setup. Insert the Windows Server 2008 CD

CD-ROM
ROM into the computer's

CDROM or DVD-ROM
ROM drive if you are prompted to do so.

Setup copies the DHCP server and tool files to your computer, then click finish When

Setup is completed.

5.6.4.1 Create New Scope

To create new scope click Start, point to Programs, point to Administrative Tools,
Tools and

then click DHCP and in the console tree, right-click the DHCP server on which you want

to create the new DHCP scope, and then click New Scope.

In the New Scope Wizard

Wizard, click Next, and then type a name and description for the

scope. Next, and then type the range of addresses and the subnet mask. Click Next.

57
Type any IP addresses that you want to exclude from the range that you entered Click

Next.

Type the number of days, hours, and minutes before an IP address lease from this scope

expires and then click yes; I want to configure these options now to extend the wizard to

include settings for the most common DHCP options. Click Next and then type the IP

address for the default gateway. Click Add to add the default gateway address in the list,

and then click Next..

58
Type your organization's domain name in the Parent domain box. Type the
th name of your

DNS server, and then click Resolve. Click Add to include that server in the list of DNS

servers Click Next, and then follow the same steps if you are using a Windows Internet

Naming Service (WINS) server, by adding its name and IP address. C

Click
lick Next after that

click Yes, I want to

activate this scope now to activate the scope and allow clients to obtain leases from it, and

then click Next to finish it in the next dialog box

In the console tree, click the server name, and then click Authorize on the Action menu.

59
5.7 Final Output

60