Authors Dr. Cliff Zou, 407-823-5015, czou@cs.ucf.edu and Mr. Benigno Rodriguez, jrodsoto@knights.ucf.edu
Remote Access Services
This document is divided in the following three main sections. Pre-Installation Configuration and Overview (Read first) Installations Section Configuration Section It is important to follow the instructions as describe in this document to ensure the virtual infrastructure is properly set up for this lab and future used. This lab will serve as the cornerstone for our labs virtual environment. Part I (this document) will consists of setting the environment and Part II (future document) will focus on both offensive and defensive security. We recommend reading information in this document entirely before proceeding with the installation and configuration for this lab. It is better to have an overall view and understanding of all steps that will required for successfully setting this virtual environments. Futures labs will be develop utilizing this environment and will demonstrate some aspects about cyber forensic and cyber security.PRE-INSTALLATION CONFIGURATION
Oracle VirtualBox Configuration
One VirtualBox Network - Select the following Menu Options to create and NatNetwork and assign the following IP network (10.0.2.0/24)Select: VirtualBox / Preferences / Network from Virtual Box Menu Options
a) Create a NatNetwork
10.0.2.0/24Create or modify your existing Nat Networks based on the information provided above.
This NatNetwork will be assign to the following VMs
1) Endian Firewall/Router (bridged)
2) Windows 10 Remote Client (only when testing RAS server) - This windows 10 remote client will be configure in two different networks during the lab depending on the functions it will performed. (Administrator Client virtual machine when working on the internal network, and when accessing the network remotely using the windows VPN services.
b) Create Three Host Networks
1) vboxnet0 - this network is the internal network for our secure server infrastructure. (PDC) 192.168.56.0/24 dhcp option enabled2) vboxnet1 - this network is the internal network for our DMZ perimeter. (RAS) 192.168.57.0/24 dhcp option disable
3) vboxnet2 - this network is the WAN network for our DMZ perimeter. (RAS) 192.100.1.0/24 dhcp option disable
- Windows Server Primary Domain Controller
- Create one NEW VM on VirtualBox for Windows Server 2016
- Add ISO to New Windows Server 2016 Storage (download ISO file)
- Follow the steps listed on this document (select Installation desktop experience)
- Windows Remote Access Server - RAS (Gateway Server)
- Create one NEW VM on VirtualBox for Windows Server 2016
- Add ISO to New Windows Server 2016 Storage (download ISO file)
- Follow the steps listed on this document (select Installation desktop experience)
- Firewall - Endian Community 3.0 Firewall for Software Defined Network (SDN)
- Language Selection
- Hard Drive Partitioning
- Network Interface for GREEN adapter
- Windwos 10 Client
- Create one NEW VM on VirtualBox for Windows 10 Client
- Add ISO to New Windows 10 Storage VM (download ISO file)
- Follow the steps listed on this document click here
Endian Firewall installation is simple, thus it is required that the appropiate adapters are configured in the Virtial Box Environmenet. It's recommended to complete the instructions for Virtual Box from the instructions document provided above. The installaton steps consists of the following.
This adapter is the minimum adapter require for proceeding with the installation. Instructions are provided (guide doc) to reconfigired the firewall's adapters if Virtual Box congurations is done after. (The green interface is the local secure interface for internal resources. In our lab, it includes a primary domain controller and a windows 10 client virtual machine.)
Click Here - external resource. Endian Firewall on virtual box.