networking projects

Living Lab Domain

The Domain Network Management was a project that involved using a local domain controller and implementing network wide configurations on network assets. The project scope involved 44 computer systems that obtained their computer configurations and user settings from the domain controller. The project required many hours of troubleshooting, problem-solving, documenting, and setting configuration that the network assets would not adopt. The Domain Network Management project now has Windows Server 2012 R2 Domain Controller active. It is also capable of implementing active changes on the Domain Network, such as user account management, file sharing, network wide program installations, computer policies and configurations, and many more features in real time.

Domain Management in a Networking Laboratory Environment through Group Policy

The Domain Management project primarily focused on the continued improvement and functionality of a networking laboratory environment, through centralized configuration and control via Microsoft Windows Server 2012 R2 Group Policy Management Console. The primary route for configuration and control actions within Server 2012 R2 is through the creation, modification, and deployment of Group Policy objects within the domain. The goal of this project was to centralize management of any changes to the domain via deployed group policies in the Group Policy Management Console. Administrative restrictions for applications or configurations deemed not critical to student functions will be enacted to preclude access via configuration of existing group policies, or creation of new group policies where necessary. Users will have a specifically directed scope of access within the function of the laboratory, with appropriate files and programs deployed for their usage in classes occurring within the lab environment. Project Student: Will Schene

Active Directory Domain Server Configuration

To better maintain the network environment of the Living Lab, the implementation of an active directory domain server was necessary. The authorization and authentication of the client lab computers can now be easily monitored by utilizing Microsoft Windows Server 2012 R2. Select software and programs were restricted from unauthorized users using Group Policy Objects to set specific rules and criteria on each and every machine. Server maintenance helps keep the lab environment secure and evolving with the lab’s growth. Project Student: Leland Brown

Wazuh: An Intrusion Detection System

Wazuh is an open-source intrusion detection system that uses individual agents to monitor user and network activities on a host-basis. Suspicious activity is reported using alerts via email. Agents were deployed to the workstations in the Living Lab through the use of group policy management. The Auto-OSSEC tool developed by Binary Defense Systems provides automatic provisioning for agents in order to provide their authentication key. Kibana is a web interface that can manage agents and mine data. Project Team Members: Andrew Smith, William Schene

IDS Network Security

The objective was to install an intrusion detection system (IDS) for a university course. The client wanted an IDS installed and configured within the server room overseeing the computer lab that CIT students used for both classes and lab. The administration wanted a setup that allowed them to view student activity on the network. For this project, a decision was made to use SELKS for the IDS because it is open source and comes with community rules. Additionally, SELKS hosts several different programs that help fill out the features of the IDS. Once fully operational, it will be able to block ports on lab computers, when malware or viruses are detected. This is technically an ongoing project since the IDS requires maintenance and investigations are conducted when alerts occur. Additionally, rules can be implemented to detect violations of the school’s internet usage policy. Student Team Members: Joshua Waggoner and Scott Marley

The Living Lab’s PC Donation Build

For the PC Donations Build, students worked on fixing computers and preparing ones that are eligible to be donated. They worked hard at setting up the inventory for around 500 computers, to start the main project. The computers were organized by model with the RAM and storage of each computer being stored into Asset Manager. This was to help organize them in a way to easily pull computers for different organizations that require different needs. The inventory of computers were given to different organizations that had use for the computers in their daily lives. Some organizations only needed them to surf the web, while others had more demanding work. Because of this program, we were able to take care of not-for-profit organizations’ technological needs. Project Student: Christopher Coleman

Creating a secure CA connection for FreeNAS to use with ESXi 6 Virtual Environment

FreeNAS is an open-source, Linux based freeBSD, network storage operating system. It can be installed on virtually any hardware platform that allows it to share data over a network. In this project, FreeNAS was used to house multiple virtual machines for a virtual training program. FreeNAS utilized a Web-GUI that enables a remote connection through a browser using the assigned IP address for the FreeNAS server. This connection was initially insecure and needed a certificate of authority to be encrypted using HTTPS. The CA also needed to be self-signed in order for the encryption to be activated for the FreeNAS Web-GUI. Project Student: Leland Brown

Network Upgrade, Cloud Migration, and Security Enhancements

An organization had multiple exciting opportunities for improving the experience that staff members have with technology. They were experiencing connectivity problems and wanted a more reliable local area network (LAN). The LAN needed to be increased in scale as the switches didn’t have enough ports to support Ethernet for every user. Additionally, the router seemed to be increasingly unreliable. Much of the hardware needed to be replaced, configured, and tested as it was several years old. The organization was also in the process of migrating to cloud services, so they needed assistance through the migration. Lastly, security improvements were welcomed by the organization to ensure a consistent, secure environment. Project Student: Matthew Gallagher