Category Archives: Technology

Windows Server Deployment Proposal

Windows Server Deployment Proposal

Introduction           

This paper is aimed at showing the windows server deployment proposal. Throughout the paper, the following are vividly described: active directory, new features of windows server 2012, applications services, deployment and server editions, DNS and DHCP, file and printer sharing.

 

Windows Server 2012 new features

Global Advertising can take advantage of the following Windows Server features. (Shields, 2012). Server Manager- Windows 2012 Server offers a multi-server support in its server manager. This feature will enable GAI to be able to manage its servers to be located either in Los Angeles or New York. Windows Server 2012 holds the concept of cloud computing hence making it easy to manage different servers.

Server Message Block (SMB 2.2) – Windows Server 2012 has well enhanced the file sharing protocol. The file server now has some added resiliency which needs no special configuration (Shields, 2012). On the other hand, Server applications such Microsoft Server can have their databases stored on the SMB shares. This feature enables the Global Advertising Inc to be able to use the SMB 2.2 without having to configure changes to the SQL Server databases.

Active Directory (AD) Recycle Bin GUI: Windows Server 2012 comes up with a new GUI add-on which is contained in the Active Directory Administrative Centre. With the availability of this feature admins can now view and restore objects deleted from the Active Directory, these objects can be restored to their original container or in a fresh container. This is not a new feature as such, but in previous Windows Server versions, it was done through scripting. The system Admins of GAI in Los Angeles or New York can swiftly get any accidently erased items reinstated through the Active Directory Recycle Bin (Shields, 2012). Network Interface Cards- System administrators at GAI will not have to rely on third party vendors for network cards. This is a result of Microsoft Windows Server 2012 having able to team several network adapters to combine bandwidth more also providing fail over. Microsoft Windows Server provides in-built NIC teaming of Network Interface cards up to 32 of them which do not depend on the type of cards installed.

Domain controllers Replication: this a feature that enables users to create replicas of Domain Controllers by cloning existing one. A new option contained in windows server 2012 “Allow this DC to create a clone” enables a computer to be replicable (Shields, 2012).

Related: Desktop Virtualization

 

Deployment and Server Editions

Windows Server 2012 being the most progressive server operating system will be employed all through the set-up. A total of 8 servers will be needed by Global Advertising Inc network. Some server roles are combined to reduce the number of servers used. These roles include; file and sharing services, web server IIS roles can also be combined to some extent.

Standard and Datacenter Windows Server editions will be used on most of the servers.

Datacenter is an edition that is designed for a heavily virtualized environment, and the GAI setup can be said to be highly virtualized since the offices are located differently in two sites that are Los Angeles and New York. On the other hand, Standard Edition is a full-featured operating system mostly used for businesses that have more than 25 users. GAI setup has more than one hundred employees hence having more users. The idea of Serve Cores will not be used since the server cores do not support the “Windows Deployment service” that is used to deploy all the servers in their specified sites.

Most the 8 servers should be in the central offices in Los Angeles where 5 will be deployed while the other three servers will be deployed in New York. On the deployment mode to be used due to the time factor, the number of devices and the location factors using manual deployment method will be ineffective and costly to GAI since it could lead to declined profits. Therefore, the preferred way of deployment is Automatic through the windows automated installation kit. 

The Following table shows how some of the server roles will be distributed considering the following factors fault tolerance, security resource allocation, and availability.

SERVER NUMBER SITE IT IS LOCATED ROLES AND SERVICES EDITION
1 Los Angeles Main Dynamic Host Configuration Protocol

Primary Dynamic Naming Server

Main Active

Directory

 

Standard

3 Los Angeles File Services

Applications

AD Backup

Printing services

 

Data Centre

7 Relay Agent for the DHCP

Application services

Webserver IIS

Terminal services

 

Data Centre

 

Active Directory

Each Active Directory will require a minimum two domain controllers. At GAI there are 2 DCs which are situated in the two sites in Los Angeles and New York. The main DC and a backup will be situated at the Los Angeles office while a Read-Only Domain Controller (RODC) will be placed at the New York branch office to enhance efficiency. Having the Read Only Domain Controller in New York will enable freeing of Wide Area Network of unnecessary traffic. To enable the DNS replication traffic to be processed through the Active Directory (Rist, 2012), Active Directory Integrated Zones must be used.  Domain Controllers contain Universal Scope hence their placement at the Second Site will be smoothly done (Rist, 2012).

There will be a parent domain and two child domains for each of the two sites. The parent domain can be GAI.local while the two child domains are NY.WAI.local for the site in New York and LA.WAI.local for the site in Los Angeles.

The Active Directory Organizational Units will be as follows; the different departments will be established as organizational units which contain all employees from the two locations. The organizational units stand listed as; Executive, IT, Accounting and Sales, Human Resource and Finance, Creative, Media and Production departments. The Organizational units’ group scope should be global since it incorporates all employees from the two locations. To prevent the departments that want their information to be private from other departments, we should configure the NTFS and share permissions strictly. This will enable other departments from accessing information such as financial data. The Chief System administrator can make changes that he/she sees necessary since he/she is granted with full control on permission changes.

Below is an image showing the active directory schema in some the two sites and how some of the servers are placed.

DNS and DHCP

To save on expenses and administrators time, a hybrid Dynamic Host Configuration Protocol infrastructure should be used with relay agents. I prefer having a central and DHCP backup at the main office in Los Angeles, and several relay agents in New York branch office as the ideal solution since it frees traffic from the Wide Area Network link between the two offices.

I will implement programmed/automatic allocation of IP addresses to prevent unnecessary network traffic flow at each location. For the network scalability, there will be a solid network layout with large subnets for each of the organizational units. The configuration of 80/20 shall be used to accomplish fault tolerance for the DHCP network. This configuration will be used for scope splitting (Stanek, 2013). Address range of 172.0.0.1- 172.0.1.300 will be used. On the Main DHCP, I will have the exclusion as 172.0.0.1-172.0.100 while the split scope DHCP will be 172.0.0.101-172.0.0.300. Entirely, the relay agents in New York office will be configured so that they can use boot threshold which ensures that all the DHCP clients get their addresses only from the local server.

A DNS will be set on both sites that are in New York and Los Angeles this is to enable the Windows 2012 server can provide name resolution services whereby computers’ IP Addresses can be found based on the computer name.

Related: Intranet project and Self-service portal system for Dingwow Inc.

 

Applications

All applications that will be deployed in the GAI setup will be server based and available to terminals through Microsoft management services. Applications can be deployed using the group policy in windows server 2012. Windows Server 2012 contains a feature known as Software Installation and Maintenance. This feature is used by the Group Policy to install, maintain and remove applications from the organizations’ machines.       

To deploy applications in the GAI infrastructure using Group Policy the following procedure will be gone through. In the Domain Server under Server Manager, tools and then group policy management. In the group policy management console, right click on GAI.local which is the domain name and create a new GPO in this domain. In the new GPO, you can now install the software application you want to install.

Web access shall be used for to allocate applications for intranet through port 3333. From different offices in the sites, users will just open internet explorer on their terminals to access the applications they need.  The following software applications shall be needed Webserver IIS component; all client computers should also be equipped with RDC 7.0. Several Applications will be available to clients through we access these applications includes Microsoft Office applications (Stanek, 2013).

 

File and Printer Sharing

The Global Advertising file services will utilize recommendations on Microsoft (Ferril, 2013). Each client shall be given a home folder which will be used for private storage, a shared folder, and a collective workplace through share point. Three servers shall be installed with file services; two at the main site and 1 at the branch site. These servers will be used to provide shares. Having local file services at each site enables allowance to incase the Network fails on the same note reducing unnecessary traffic in the link (Stanek, 2013). Synchronization of the file system is necessary to ensure that current data is available to everyone. Synchronization shall be achieved through Distributed File System replication.

DFS will be needed so as the files will appear as a single integrated directory to bring users’ convenience more also providing consistent backups (Ferril, 2013). Print services will be available to all the clients through the remote desktops which are already in place for applications. There will be an administrator to manage the print jobs within the network.

 

Conclusion

A consistent server implementation is vital to the victory of any corporate environment. The deployment of the server must be aimed at reducing traffic and increasing productivity within the network. I believe that the solution provided above will bring success to the Global Advertising Inc.

References

Ferril, P. (2013). A Hands on Look at Windows Server 2012. ServerWatch, 1-23.

Rist, O. (2012). Review: Weighing Windows Server 2012. Windows Servers, 30-42.

Shields, G. (2012). Quick Guide: What’s New in Windows Server 2012 Active Directory. Redmond Media, 5-11.

Stanek, W. (2013). Windows Server 2012 Inside out . RedMond: Microsoft Press.

Related:

Network Design Proposal

 

Network Design Proposal

Question

The university has recently leased a building in Adelphi, Maryland. The building will house some offices, classrooms, a library, and computer labs. Security is very important for UMUC, as the university must protect students? and employees? data, as well as any intellectual property that UMUC has on its servers and computers. As a result, IT management would like to take the time to review some….

answer

Network Design Proposal

 

  1. Physical Network Design
  2. Network Topology

Business Needs

The institution in the case study believes in the advancing technological needs. Hence it cannot be left behind in ensuring that its students also have access to technology and get high standards academic levels from the institution. The student should be able to access a modern library whereby learning materials are easily accessible. The institution also takes care of the communication among the offices, there should be faster, effective and efficient communication for a smooth running of the institution activities.

Proposed Topology

One of the way the institution can achieve this through setting up of modern computer laboratories that will be accessible to all the students and their instructors. The computer laboratories must be up to date with the state of the art facilities. We propose that each office also to have a computer in it. The admissions office should have five computers. There should be a server room in each floor that is first floor and second floor of the building. There should six computer labs that each will contain 26 computers; 1 for the instructor, 1 server and 24 for use by the students. There should also be a student’s computer lab that will contain 25 computers and 1 server. The library also should have 15 computers; 10 for use by the general public and 5 by the library staff. The Preferred network protocol for this case is the star topology.

 

Computer labs
Number No of computers Total computers Approximate cost
6 26 156 $78,000
Student computer lab
1 26 26 $13,000
Offices
3 1 6 $3,000
Admission offices
1 5 5 $2,500
Library
1 15 15 $7,500
TOTAL 208 $103,000

 

Other requirements will include network software and network media and network devices. Total approximate cost is around $120,000.

 

Justification

Having decided that it will network its operations in the library, offices and the computer labs it will be better to use the star topology. This is to enable expansion in future, in case of expansion or addition of computers in the offices star topology make it easy to do so. In case of a breakdown the network will never fail only the affected computer will fail hence justifying as to why star network topology should be used in this case.

 

  1. Network Media

Business Needs

The institution needs to computerize the building in both of the floors that is first floor and second floor.

 

Proposed Network Media (include network wiring diagrams)

The network media to be used is the category 5 Ethernet cables, where the cables to each computer runs from the server room to the specific computer. The network wiring diagram below signifies this.

 

Assumption made

Computers in the labs are assumed to be in a work group.

 

Key:

Server

Workgroup

Ethernet Cables

Personal computer

 

Justification

Using the Ethernet cables or twisted pair cable as the network media enables easier scalability of the network; the network can be easily expanded as compared to when using optical fiber media. The cost is also put into consideration; Optical fiber could be so costly for the organization.

 

  1. Network Devices

Business Needs

The institution has two server rooms and each server room should have several network devices to enable communication across the institution.

Proposed Network Devices

The following network devices will be used to ensure that communication is efficient and the network to be implemented effective.

6 32 pin switch 3 for first floor server room and 3 for second floor server room.

2 16 pin switch one for each server room.

2 Wireless routers each in each floor to enable wireless communication.

208 network interface cards for each computer.

 

Justification

The network devices listed will enable faster communication and secure communication across the institution. The wires routers will set up wireless access points where by users can access wireless network.

 

  1. Network Security Devices

Business Needs

Like any other institution, the institution in the case study must have a very secure network that will be free from intruders and other malicious persons. The computers in the offices being part of the network must maintain some confidential information. The instructor’s computers also must have some information that students should not be able to access.

 

Proposed Network Security Devices

The following devices are proposed to be used as the network security devices; Internet router and firewall.

 

Justification

The internet router will enforce network security by providing access only to the allowed protocol that has the correct IP address range. This will enable in protecting the network since no intruders will be allowed to access the network.

Firewalls on the other side will be used to prevent intruders from accessing the office computers, since each office will have a firewall. The firewalls will enable the network security.

  1. Computer Systems

Business Needs

There being a server in each lab, the institution requires a total of seven servers that will serve the computers in each lab. The client computers being the computers being used by the students a server is very paramount in these labs.

Proposed Computer Systems

We propose that each of the seven servers should have the following servers in it.

  1. File server
  2. Communications server
  3. Application server
  4. Database server
  5. Domain server

Justification

By having the file server in each lab it will enable the network users to store their data files. The Communications server will enable the student to send emails maybe to their instructor or to their colleague students. The application server on the other side will enable easier sharing of an application(s) installed in one of the computer across the network. The database server will enable in managing and handling of all data storage activities in the network. For students and other users to be authenticated while using the computers there must be a domain server to serve the purpose.

  1. Network Addresses Design
  2. Subnetting

Business Needs

There being 208 computers and other network devices there is need to have subnets to divide the network and ensure maximum usage of the IP addresses.

Proposed Subnetting (include the calculations)

Assume the first. IP address of 192.168.0.1

Let the subnet mask be 255.255.255.224 since we propose each subnet to have 28 hosts to be used in each of the computer labs.

 

IP address 11000000 10101000 00000000 00000001
Subnet Mask 11111111 11111111 11111111 11100000
Subnet Address 11000000 10101000 00000000 00000000
192 168 0 0

 

IP address 11000000 10101000 00000000 0000000
Subnet Mask 00000000 00000000 00000000 00011111
Subnet Address 11000000 10101000 00000000 00011111
192 168 0 31

 

Subnet Network address Broadcast address Host address Proposed location
First Subnet 192.168.0.0 192.168.0.31 192.168.0.1-192.168.0.30 First floor Classroom#1
Second Subnet 192.168.0.32 192.168.0.63 192.168.0.33-192.168.0.62 First floor classroom#2 and office#1
Third Subnet 192.168.0.64 192.168.0.95 192.168.0.65-

192.168.0.94

First floor office #3 and classroom#6
Fourth subnet 192.168.0.96 192.168.0.127 192.168.0.97-

192.168.0.126

First floor library, office#4 and admission office
Fifth subnet 192.168.0.128 192.168.0.159 192.168.0.129-192.168.0.158 Second floor classroom#1
Sixth subnet 192.168.0.160 192.168.0.191 192.168.0.161-

192.168.0.190

Second floor classroom#2 and office #1
Seventh subnet 192.168.0.192 1921.68.0.223 192.168.0.193-

192.168.0.221

Second floor office #2 and classroom#5
Eighth subnet 192.68.0.224 192.168.0.255 192.68.0.224-

192.168.0.254

Second floor computer lab and office #3

 

Justification

By having eight subnets means that every computer should fall into the network, since the subnets are assigned into floors it would be difficult to have less subnets it could mean some computers could be out of the subnet. Again this ensures maximum use of the IP addresses. 

III. Network Services Design

  1. Network Services

Business Needs

There should be six computer labs to serve the student, a library for access by the general public.

 

Proposed Network Services

The network should be able to offer the following services.

  1. Authentication of various users
  2. Sharing of files
  3. Sharing of information through mails
  4. Accessing of necessary information from the central servers.

 

Justification

Through offering of this services the network should be able to meet its targets and serve its purpose.

 

  1. Network Security Measures

Business Needs

The institution need a secure network that all users are able to access and use easily without interfering with their privacy.

 

Proposed Network Security Measures

The following network security measures can be employed in this case;

  1. Training of the users on the network usage
  2. Ensuring that users sue the login and other authentication credentials well.

Justification

Through use of the following measures the network security can’t be something to question.

Bibliography

  1. Singh, W. B. E. N., 2010. IPv6 Subnet Model. The Relationship between Links and Subnet Prefixes, pp. 45-67.

Telecom, A., 2016. [Online]  Available at: www.atis.org

Tesch, D., 2006. Security Threat Mitigation and Response:. s.l.:Cisco Press.