Distributed File Systems (DFS)

According to Microsoft (2009) Distributed File Systems (DFS) allows administrators to group shared folders located on different servers and present them to users as a virtual tree of folders known as a namespace. When a user views the namespace, the folders appear to reside on a single, high-capacity hard disk. There is no need to configure any additional security as DFS namespace access is permitted to only those folders or files for which the user has appropriate NTFS or shared folder permissions.

Suggested Usage of Distributed File System:

In the given network scenario that is shown above, DFS can be used as follow:

• DFS can be used to link together network storage resources in order to create a single, hierarchical structure that behaves as a single high-capacity hard disk.
• It can be used to move the actual data between servers or disk drives and the logical DFS namespace can be reconfigured without affecting the user's access to the data.
• In this scenario DFS replication services can be used to balance the load and improve the response time during peak usage periods.
• It can be used to keep important data accessible at all times, even when a server or disk drive fails or when a shared folder or file becomes corrupted by hosting the roots and replicas on two or more computers.
• It can be used to minimize network traffic and improve response times as it uses the intelligent client caching. By using this feature when a user accesses the same portion of namespace more than once, it uses the cached referral rather than obtaining a new referral every time.

Benefits of Distributed File System:

Distributed file system will provide the following benefits to the organization (Microsoft 2009):

• DFS provides a combined view of shared folders that can be customize for individual users and groups.
• It provides increased administrative flexibility and allows management of physical network storage independent of its logical representation to users. 
•  Reduces training time and the need for full-time server administrators.
• It is capable of balancing loads and improving response time during peak usage periods.
• It keeps important data accessible at all times and uses secure mechanism of accessing the data
• It minimises network traffic and improves user response times.

Remote Network Access and Benefits of Using VPN over Leased Line

Remote Network Access

Remote network access is basically the ability to log-on a network form a distant location. Virtual private network (VPN) provides a low-cost, secure, and versatile way of accessing remote networks. It is an extension of a private network that includes links across the public and shared networks e.g. Internet. By using a VPN, the data can be sent across a public network, almost similar as a point-to-point private link because all the communication took place by making an encrypted tunnel through the public network.

In an organisation, VPN can be used as follows:

To connect the remote clients to the organisation’s intranet. The figure below explains the concept:

 

• To connect remote LANs together e.g. two remote branches of a company as shown in the figure below: 

 

• To secure a certain cluster of the network from unauthorised access by using a VPN server as a gateway to that cluster. This VPN server will only allow the access to those users who have proper access permissions. The figure below explains the concept :

  

Benefits of Using VPN over Leased Line:

When comparing to leased line, VPN provides the following key benefits to the organisation.

• It is cost effective solution for site to site connection of remote branches.
• It eliminates the scalability problems for an organisation and allows for a fully functional remote access work force, as long as they have a connection to internet. This optimises the performance of the employees.
• VPN provides a way to secure communications on the Internet.
• The maintenance cost of VPN servers tends to be less than other approaches.
     

 

Configuring Port Address Translation (PAT) on Cisco Router by Using the Packet Tracer

Network Diagram:

Currently PC1 and PC2 cannot access the Web Server because they are using private IPv4 addresses, which are not allowed on the public network (Internet). To resolve this issue, PAT will be configured on the Gateway router. After this configuration, Gateway router will be able to map multiple private addresses (192.168.1.0/24) to a single public address (1.0.0.1) by using different ports and hence PC1 and PC2 will be able to access Web Server (2.0.0.2).

Background Preparation:
 First of all, enter the IP configuration on the end nodes (PC1, PC2, and Web server) according to network diagram. The figure below illustrates the process on PC1;

After entering the IP configuration on all end nodes, open the command line interface (CLI) of the Gateway router and configure its interfaces.

 Then configure the interfaces of ISP router.

 After setting-up IP configuration on both routers, configure a default route on Gateway router, pointing towards ISP router.

 Implementing PAT on Gateway Router:
After doing the background preparation, configure PAT on the Gateway router. This involves the following 3 steps:

• Specify “Fast Ethernet 0/0” as NAT inside and “Serial 0/0” as NAT outside interface.
• Identify the private IP addresses (192.168.1.0/24) that will be translated to public address (1.0.0.1) using an ACL.
• Activate PAT/NAT overloading.

 
Testing the Implementation of PAT:

After implementing PAT on the Gateway router, test it by sending ICMP, HTTP and FTP packets from internal hosts (PC1 and PC2) to Web Server. Then check NAT translations on the Gateway router by using “show ip nat translations” command.

  As it can be seen from the above image that the Gateway router is mapping private addresses (192.168.1.0/24) to public address (1.0.0.1) by using different ports, which means it is working properly.