LSME IT STRUCTURED

DOCUMENTATION
PREPARED BY ARUL ARUNACHALAM

LSME IT STRUCTURED DOCUMENTATION

Introduction
This is a description about the server configuration along with the hardware peripherals and
network connection established in LSME (London School of Management Education). BT is the
telecom provider and Soho is the linker used. The connections are obtained via RDC (Remote
Desktop Connection), as the staff can login using their login details remotely. Each and every
employee is given their IP addresses and login details prior. The domain details have all been
listed at the back of every individual computer for the staff to use up and access.
Hardware peripherals that are used:
1.
2.
3.
4.
5.
6.
7.

DSL modems.
Cisco Interlinks.
Net gear wireless routers.
Ciscos patch panels.
Manageable Linksys switches.
Server for LSME.
And the respective domains available in LSME.
To start off with, the server room of the LSME is fixed up in the second floor called the

link server room. The line from BT is connected to the modem which gives the internet signals
as the output which is then fed into 8 port switch and connected to the CCTV surveillance.
Another internet link is connected to a NET gear wireless router for the staff to wirelessly access
the internet within the floor. Then the connections are taken over to the patch panels and directed
to the manageable link sys switches which obtains the connection from the server. Also, all the
domain computers are connected over the manageable Linksys switches.

LSME IT STRUCTURED DOCUMENTATION

Apart from the link server room, there are two classrooms with one computer for each room
installed for the staff i.e. the lecturer to use while taking classes for the students.
In the third floor above, there is an auditorium with just a single use computer connected to the
server and can be accessed only by the staff during any seminars or training sessions.
Second, its the IT lab with 26 systems connected to the server via Linksys switch.
There are certain limitations given to all the systems placed in the lab. Since students may have
to access the relevant data for their lab assessments and practicing to be done periodically.

LSME IT STRUCTURED DOCUMENTATION

The final part of the server connection is linked to the ground floor via a switch and a wireless
network router is provided for wireless internet access.
The ground floor consists of,
1. The reception which has a system and a printer that is connected to the network,
2. A staff room with four systems for the staff to access,
3. The director and the principal have their corresponding rooms with the director having a
sophisticated system and a Ricoh network printer in the room; while the principals room
has a system everything connected to the internet and accesses the server.
4. There is a Dr.Dollv rooms with two systems which is connected.
4

LSME IT STRUCTURED DOCUMENTATION

5. Also there is a students cabin with restricted access to the server as well as the server.

Hence the server configuration and connection in LSME has been detailed.
NOTE: CISCO routers are used. All the system details are provided in the rear. Student
accessible systems are all connected with certain restrictions of accessibility.

LSME IT STRUCTURED DOCUMENTATION

Remote access server

A server that is dedicated to handling users that is not on a LAN but need remote access to it. The
remote access server allows users to gain access to files and print services on the LAN from a
remote location.
Computer that is not attached to a users keyboard but over which he or she has some degree of
control within the campus of LSME. Also called remote computer or remote host.
Remote access is the ability to get access to a computer or a network from a remote distance with
in LSME campus. Remote access is also possible using a dedicated line between a computer or a
remote local area network and the central or main corporate local area network. A dedicated
line is more expensive and less flexible but offers faster data rates. Integrated Services Digital
Network (ISDN) is a common method of remote access from branch offices since it combines
dial-up with faster data rates. Wireless, cable modem, and Digital Subscriber Line (DSL)
technologies offer other possibilities for remote access.

A remote access server is the computer and associated software that is set up to handle users
seeking access to network remotely. Sometimes called a communication server, a remote access
server usually includes or is associated with a firewall server to ensure security and a router that
can forward the remote access request to another part of the corporate network. A remote access
server may include or work with a modem pool manager so that a small group of modems can be
shared among a large number of intermittently present remote access users.
A remote access server may also be used as part of a virtual private network (VPN).
6

LSME IT STRUCTURED DOCUMENTATION

Remote user
When a person is working on a computer that is in another location, they are what is referred to
as a remote user. These connections are made using LAN using some form of remote access.
For example, someone using Windows Remote Desktop Connection to access another computer
in LSME is a remote user.

A remote user is a user who is operating a hardware device or accessing software from an off-site
location. IT professionals might also use this term to refer to someone accessing data through
various virtual computing models. Students are restricted to access data from server.
Networks have been able to accommodate remote users for quite some time, although brand-new
technologies are increasing the commonality of remote user situations. As the Internet developed,
tech products and services developed to allow remote servers to send data over Internet Protocol
resulting in a lot more remote users. Systems like network virtualization, which replaces physical
networking structures with a collection of remote endpoints, are prime tools for allowing even
more remote access to hardware and software systems.

LSME IT STRUCTURED DOCUMENTATION

In todays tech world, the idea of a remote user is somewhat mundane, although users still have
to find specific technologies that will enable them to get remote access to a given system.

Accessing Remote Server

Remote Desktop from a Windows Computer
1. Click the Start button.
2. Click Run
3. Type mstsc and press the Enter key.
4. Next to Computer: type in the IP address of your server
5. Click Connect.
6. If all goes well, you will see the Windows login prompt.

LSME IT STRUCTURED DOCUMENTATION

Remote Server user Restrictions

Remote users are not allowing to view other users and admin files and
folders.

Remote users are not allowing to install or uninstall software programs.

Remote users are not allowing to change or modify Network IP Address.

Remote users are not allowing to change or modify System date and time.

Remote users are not allowing to edit update or delete other users and admin
files and folders.

Remote users are not allowing to view and access System partitions and
network and harddrives.

Remote users are not allowing to use external storage devices.

Remote users are not allowing to transfer data to external devices.

LSME IT STRUCTURED DOCUMENTATION

Remote users are not allowing to install hardware peripherals like printers
etc.,

Remote users are not allowing to view external audio or video files.

Remote users are not allowing to use chats and messengers.

Group Policy in Windows Server 2012 r2

Group Policy is an infrastructure that enables you to specify managed
configurations for users and computers through Group Policy settings and
Group Policy Preferences. For Group Policy settings that affect only a local
computer or user, you can use the Local Group Policy Editor. You can manage
Group Policy settings and Group Policy Preferences in an Active Directory
Domain

Services

(AD DS)

environment

through

the

Group

Policy

Management Console (GPMC). Group Policy management tools also are

included in the Remote Server Administration Tools, which provides a way for
you to administer Group Policy settings from your desktop.
In Windows Server 2012 R2, Group Policy offers enhanced support in the following
areas.
IPv6 support

Updated

Policy caching

New

Event logging

Updated

10

LSME IT STRUCTURED DOCUMENTATION

Remote Group Policy update

New

Group Policy Results report improvements

Updated

Group Policy infrastructure status

New

Local Group Policy support for Windows RT

New

Sign-in optimizations

Updated

Fast Startup

New

New Group Policy starter GPOs

New

Group Policy cmdlet changes

Updated

Registry.pol changes

Updated

Group Policy Client service idle state

Updated

Group Policy settings in Internet Explorer 10

New

Group Policy Preferences for Internet Explorer 10

New

Disaster recovery plan

A disaster recovery plan (DRP) is a documented process or set of procedures
torecover and protect a business IT infrastructure in the event of a disaster.
Such a plan, ordinarily documented in written form, specifies procedures an
organization is to follow in the event of a disaster.
11

LSME IT STRUCTURED DOCUMENTATION

Organizations cannot always avoid disasters, but with careful planning the
effects of a disaster can be minimized. The objective of a disaster recovery
plan is to minimize downtime and data loss. The primary objective is to
protect the organization in the event that all or part of its operations and/or
computer services are rendered unusable. The plan minimizes the disruption
of operations and ensures that some level of organizational stability and an
orderly recovery after a disaster will prevail. Minimizing downtime and data
loss is measured in terms of two concepts: the recovery time objective (RTO)
and the recovery point objective (RPO).
The recovery time objective is the time within which a business process must
be restored, after a major incident (MI) has occurred, in order to avoid
unacceptable consequences associated with a break in business continuity.
The recovery point objective (RPO) is the age of files that must be recovered
from backup storage for normal operations to resume if a computer, system,
or network goes down as a result of a MI. The RPO is expressed backwards in
time (that is, into the past) starting from the instant at which the MI occurs,
and can be specified in seconds, minutes, hours, or days. The recovery point
objective (RPO) is thus the maximum acceptable amount of data loss
measured in time. It is the age of the files or data in backup storage required
to resume normal operations after the MI.
Disaster Planning
Prevention
Disaster prevention means reducing the impact of problems by minimizing
recovery time and effort to keep an incident from escalating into a disaster.
Preventive measures strive to decrease recovery time, as well as reduce the
probability of a catastrophic event and reduce its impact.

12

LSME IT STRUCTURED DOCUMENTATION

Backups
All systems are backed up periodically. Physical access to backups is
restricted by access control and password security. Physical access to off-site
storage is restricted by access control.
Recovery
The servers and data storage devices are configured to automatically
recover from errors. Should manual intervention be required, the process is
known by several from the sysadmin staff and documentation is kept in the
Server Room Operations Manual.
Create a server failover solution
An automatic server failover solution is surprisingly easy to setup. It works
by having two servers with identical content on them a primary server and
a secondary server. If primary sever gets fail then all workstations are
connected to secondary server manually. Once primary server is functioning
again, traffic will be routed back to your primary server.

13

LSME IT STRUCTURED DOCUMENTATION

Network Security provided by eScan:

eScan is the network security used to find out the logins in and around the building, to prevent
any illegal hacking. With advanced tracking security and easy maintenance, this is the most
preferred network se3curity of all times.
The edition and the features of eScan has been given in detailed below:
Corporate Edition
The new Version 11 of the eScan Corporate Edition is the ideal Anti-Virus and Information
Security Solution for large networks that will not only effectively secure the network but is also
very light on the system resources. Powered by technologies such as MWL* Technology,
DIRC** Technology, NILP*** Technology, and sophisticated Anti-Virus Heuristics Algorithms
eScan provides Zero Day Protection to both servers and endpoints. The new eScan Management
Console (EMC) now comes with a secure web Interface that facilitates dynamic security
management of the server and endpoints in the corporate network.
Ensures Business Continuity
Prevents Malware Outbreaks, Data theft, Identity Theft, Productivity loss and Security
violations.
Reduces IT Costs
Reduces Security Management costs through File Reputation Services, ADS integration and
Support for VMware, SYSLOG, SNMP, NAC and NAP.
Enhanced Multi-layered Protection
Provides Zero Day Protection against Malware, Hacking, Phishing and Spam to the server and
clients.
New Secure Web Interface
14

LSME IT STRUCTURED DOCUMENTATION

The new Secure Web Interface uses SSL technology to encrypt all communications between the
server and the clients effectively preventing man in the middle attacks.
With the new Web-based eScan Management Console (EMC), network administrators can now
monitor and deploy a variety of security measures, such as Anti-Malware and Anti-Spam
updates, licenses, custom (un)installing and upgrading eScan, enabling or disabling of eScan
modules, uninstalling other Anti-Virus software and enforce integrated security policies across
the network, all using a browser.
Hotfix Management
Administrators can now manage Critical Hotfixes released by eScan and Microsoft to ensure that
all the clients in the network are updated with the latest patches.
Enhanced Firewall on both the Server and the Client
The two-way Firewall with predefined rule sets at the client monitors and logs all incoming and
outgoing traffic according to the policy defined for the client.
Summarized Dashboard for better Security Management
A summarized dashboard provides the administrator the status of the managed clients in
graphical formats such as deployment status, protection status and protection statistics.
Sophisticated File Blocking & Folder Protection
Administrators can now prevent the creation of specific types of files and protect folders from
modifications by malware.
The New Faster and Intelligent On-Demand Scanner
The new On-Demand Scanner with White listing Technology performs faster scans on the clients
and is very light on system resources. A battery mode automatically detects when the laptop /
note book is on battery and restricts resource intensive processes such as scheduled scans from
starting, thereby providing unmitigated battery time.
Endpoint Security with Device Management (USBs and CD/DVD ROMs)
15

LSME IT STRUCTURED DOCUMENTATION

Administrators can assign privileges to clients on access to the removable devices such as USB
Devices. With application control, the administrators can also define applications that can be
restricted on the client computers.
Network Outbreak Prevention, Live Alerts and Reports
eScan automatically prevents spreading of malware infection on networks & can also, send alerts
to the administrator about the outbreaks on the networks.
It can also instantaneously display live alerts about Applications, USB / Flash device, and Site
Browsing information of the clients. Administrators can view comprehensive reports on all the
clients and can also export the reports to HTML, JPEG, PDF formats for in-depth analysis.

Customized Client Installation

Remote connection to Clients from the eScan Management Console
Active Directory Services Integration
File Reputation Services
Real-time Asset Management through the eScan Management Console
Real-Time Protection against Malware
Powerful Heuristic Scanning for Proactive Protection
Enhanced Web Protection with Virtual Keyboard, Phishing and Malware URL Filter
Auto Back-up & Restore of Critical System files
Export and Import eScan Management Console settings
Support for SYSLOG, SNMP, NAC, NAP, and VMWARE
Automatic Compressed Updates
Windows-based Rescue Disk to clean Rootkits and File infectors
Inbuilt eScan Remote Support
Web-based Secured Management Console
Real-time Virus, E-mail & Content Scanning
Malware Scanning for Web/FTP/CHAT/P2P Downloads
Heuristic Scanning for Proactive Protection
Malware URL Filter
Faster On-Demand Scanning (Whitelisting Technology)
Gaming Mode & Battery Mode
User-defined File Blocking & Folder Protection
Spyware, Adware, Keylogger & Rootkit Blocking
Anti-Spam and E-mail Anti-Phishing Filter
Web Protection / Virtual Keyboard
Block Web Content, Web Applets, Cookies & Scripts
16

LSME IT STRUCTURED DOCUMENTATION

ADS Integration
Web Anti-Phishing Filter
Firewall (Inbound-Outbound Traffic Monitor & Control)
Privacy Protection/Browser Security
Endpoint Security with Application Control
Data Theft Prevention with USB / Firewire Control
File Reputation Services
Asset Management Tool & Network Activity Monitor
Support for SYSLOG, SNMP, NAC/NAP and VMware
Windows-based Rescue Disk
eScan Remote Support (ERS) / RDP
eScan Auto Back Up and Restore
Automatic Download of Critical Windows Hotfix
Self Protection Services
Automatic Compressed Updates
MailScan for Mail Servers***
Web Registration & Activation

Features of eScan

Real-Time AV Scanning
Winsock Layer Protection
Advanced Proactive Detection
Anti-Spyware, Anti-KeyLogger, Anti-Rootkit
On-Demand Scan
Anti-Spam (NILP, RBL, SURBL)
Two Way Firewall
Mail Anti-Phishing
Malware URL Filter
Rescue mode
Print Activity
USB Vaccination
Sample Upload
Web Protection
Web Anti Phishing
Privacy Protection
Export and Import Settings
Endpoint Security
USB Blocking with Password Management
Device Control
Blocking of AutoPlay of USB Devices
Recording of Files Copied to USB
17

LSME IT STRUCTURED DOCUMENTATION

Access / Blocking of CD/DVD

Disabling of Web Cam
Disabling of SD Cards
Read-Only USB
USB Whitelisting / Scanning
Bluetooth Control
Wi-Fi Control
Proxy Setting Protection
IP Protection
Endpoint Security
USB Blocking with Password Management
Device Control
Application Control
Grid-based Web Access Timing
User Based Time Restriction
Web Based Help
Network Monitoring Tool
Auto Update Rollback
Hotfix Rollback
Auto Backup / Restore of System Files
Remote Support Application
Virtual Keyboard
Silent Mode
User Defined File & Folder Protection
Creating/Burning Bootable Rescue CD
Real-Time eMail Scan
Password Protection
Heuristic Scanning
SNMP Trap Management
Remote Installation of Third Party Software
Automated Un-installation of Known Antivirus Software
Centralized Reporting Feature
Top Ten Summary Reports
Email Based Event Alerts
Detailed System Information of all Clients on Console
Hardware/Software Installation/Un-installation Events
Client Live Updater
Task deployment
Manage Software updates

Conclusion

18

LSME IT STRUCTURED DOCUMENTATION

A computer network allows sharing of resources and information among devices connected to
the network. We are using the updated hardware and software for the installation of their network of
personal computers. Because technology becomes updated in the very short period of time. This document

has presented a strong security and back up data in user friendly manner. The following
document provides IP address for every system connected with the network.

19