Top Special Offer! Check discount
Get 13% off your first order - useTopStart13discount code now!
Global Advertising, Inc. (GAI) is a recently founded advertising company that is currently employing employees and creating two offices, one in Los Angeles and one in New York. Because the Los Angeles office will have more workers, it has been designated as the headquarters for the purposes of this technical proposal. This document proposes a technological concept for GAI’s network infrastructure in order to facilitate business activities on both branches. The plan is built on the Windows Server 2012 operating system, and the connection between the two locations will be achieved through a VPN tunnel using the Internet Protocol Security protocol (IPSec), to ensure that information is tunnelled securely over the internet between the two sites. This proposal presents the best practise that GAI would implement to ensure the best solution for the next two to three years. The topics covered in the proposal revolve around the new features that Windows Server 2012 offers over previous versions, the deployment of server editions, active directory setup, DNS and DHCP setup, application services, and file and printer sharing. The solutions presented here have both a technical and business backing to indicate why they are preferred. Information security and intrusion detection mechanisms are not covered in this proposal as they will be handled separately.
Key words: Windows Server 2012, network infrastructure, active directory, active directory-domain services, server, DNS, DHCP, file and printer sharing, network topology
List of Abbreviations
AD – Active Directory
AD-DS - Active Directory Domain Services
DHCP – Dynamic Host Configuration Protocol
DFS - Distributed File System
DNS – Domain Name System
FSRM - File Server Resource Manager
HHD – Hybrid Hard Drive
IP - Internet Protocol
IPSec - Intenet Protocol Security
IT – Information Technology
OU - Organizational Units
RAS - Remote Access Server
RDC - Remote Differential Compression
RODC - Read Only Domain Controller
SSD – Solid State Drive
SUS - Software Update Server
Table of Contents
Abstract ii
List of Abbreviations iii
List of Figures v
List of Tables v
Introduction 1
Windows Server 2012 Features 1
Deployment of Server Editions 2
Active Directory 4
Organizational Units 5
DNS and DHCP 6
DHCP Fault Tolerance 7
DHCP Reservations 8
DNS Namespace Design 8
Application Services 9
File and Printer Sharing 9
Conclusion 10
References 12
List of Figures
Figure 1: Organizational Units for the gai.com Domain 5
Figure 2: DHCP Infrastructure Setup for GAI Network 7
Figure 3: GAI Network Topology 11
List of Tables
Table 1: Combined Roles on the Physical Servers at GAI 3
Table 3: Lease times for different device types. 6
Windows Server Deployment Proposal
Introduction
Global Advertising, Inc., hereby referred to as GAI, is a newly formed advertising company that intends to open branches in two remote locations, one in Los Angeles (LA) and one in New York (NY). GAI requires a windows server infrastructure deployment solution that would serve the needs of the company at both locations.
This document describes the proposed windows server infrastructure deployment solution that will be most suitable for GAI. The solution is based on the Windows Server 2012 operating environment.
Windows Server 2012 Features
The Windows Server 2012 Operating System presents some new features which were not available in previous versions of Windows Server. Some of these new features that this Operating System presents are described here. First of all, the platform presents multiserver support in the server manager. Windows Server 2012 embraces cloud technology and, therefore, GAI can embrace this feature to integrate its operations on the cloud.
Secondly, Windows Server 2012 provides a Work Folders functionality, which works much like Dropbox does. With this role installed in Windows Server 2012, it enables the secure replication of files both on the local client as well as on a remote server (Tulloch & Team, 2013). With the Work Folders functionality, GAI can utilise the replication technology to ensure data security as the synchronization between the server and the client is done each time a connection is established between the two.
Storage tiering enables the efficient management of storage by observing the amount of activity going on within a certain data chunk. The most active data chunks are moved to the fastest tier (Minasi et al., 2013). These tiers are classified according to classes ranging from fast SSDs to slower HDD hard drives. GAI can utilise this technology to ensure the efficient management of storage requirements within its network infrastructure. Furthermore, Storage Pining is a new feature that goes hand in hand with Storage Tiering. Storage Pinning enables the pinning of selected files on a particular tier (Microsoft, 2015). By using Storage Pinning, the IT professionals at GAI can ensure that files that they always want on the fastest tier are never moved to a much slower tier. Still on the topic of storage, data deduplication in Windows Server 2012 ensures the efficient use of storage thus the reduction in storage space. GAI can exploit this feature to their advantage on the file storage server.
Deployment of Server Editions
There will be one physical Domain Controller at the headquarters and a Read Only Domain Controller (RODC) at the branch office. In order to support fast email services, GAI would need to procure and install an Email Exchange Server on either location. Employees who work from home would need to sometimes access information and company resources from remote locations. For this reason, a Remote Access Server (RAS) would need to be installed at the company headquarters. To further support these remote users, an extranet web server would need to be installed to allow users to access the enterprise intranet from without the organization premises. A Domain Name Server (DNS) would need to be installed within GAI’s network infrastructure. The DNS server would be used to resolve human-readable names within the network to IP addresses and vice versa. A file and printer server would also be required within the network to ease the storage of files within the network and also deal with printer requests over the network. Security is always a significant concern when it comes to any network infrastructure. One of the main ways to ensure that the network devices are not vulnerable is through the regular update/patches on these computers. This can be achieved efficiently through the use of a Software Update Server (SUS). A SUS server would thus be crucial within the GAI infrastructure.
It would not be economical, however, to install a physical server for each of the tasks listed above. For this reason, some server roles would need to be combined into a single physical server, thanks to the Hyper-V technology. All the server roles mentioned above can be compressed into only two physical servers using Hyper-V technology. The table below shows which functions can be effectively combined to enable the smooth operations of the network infrastructure at GAI.
Table 1: Combined Roles on the Physical Servers at GAI
Server
Combined Roles
Server 1
Located at NY
Read Only Domain Controller (RODC)
Domain Name System Server 2 (DNS Server 2)
DHCP Server 2
File Backup Server
Server 2
The Datacentre Located at LA
Email Exchange Server (EES)
Remote Access Server (RAS)
File and Printer Server
Software Update Server (SUS)
Domain Controller (DC)
DHCP Server 1
Domain Name System Server 1(DNS Server 1)
Windows Server 2012 R2 Operating platform has the inbuilt capabilities to handle all the requirements and server roles mentioned above. Therefore, the physical servers can run on this platform.
The Server Core option provides several benefits over the Server with GUI option, some of which are: reduction in the disk space usage, a reduction in potential attack opportunities, and it’s easier to service(Microsoft, 2014). The Server Core option will thus be used on both the standard and the datacentre servers.
Automated Server deployments are more efficient and error-free compared to manual deployments. Furthermore, automated deployment of servers makes the performance of repetitive actions faster and less time consuming. For GAI, therefore, an automated deployment would be beneficial, thus encouraged.
Active Directory
The Active Directory is essential to any network administrator as it helps them manage any object that may be part of the network. Unlike in previous Windows Server versions which lacked the Active Directory functionality and required network administrators to setup multiple domains and implement forest and domain trusts to enable intercommunication between these domains, Windows Server 2012 can support multiple users on a single domain (Anderson, 2013). For the case of GAI, only a single domain would need to be implemented to serve both branches. In order to ensure that the Active Directory services do not go down in case the Domain Controller goes down, a Read Only Domain Controller would need to be established at NY, the branch office.
As at any time at least one employee from each department will be at either location of the company, it is imperative to adopt a single domain. By establishing a replication of this domain on the other branch by using RODC, it will enable staff members to access the Active Directory services at either location. In case the Domain Controller goes down, the RODC can take over and authenticate users as well as perform other key functions as the Domain Controller is put back up.
Organizational Units
Organizational Units (OU) in any domain are essential as they can be used to spell out the hierarchy and resource access policies as laid out by the organization (Microsoft, 2008). Organizational units can be used to lay out the logical structure of the organization. The OU provides the benefit of the network administrator being in a position to define group policies that determine the abilities of users within the network as defined in the organizational structure. For instance, for GAI, there will be a group policy setup restricting most of the departments from accessing the information contained in the Human Resource and Finance department. The executive team, however, will have superior access to the company information as opposed to the access provided to departments.
The Organizational Units that will be implemented for GAI will be as shown below:
Figure 1: Organizational Units for the gai.com Domain
DNS and DHCP
Dynamic Host Configuration Protocol (DHCP) is a client/server protocol that provides Internet Protocol (IP) hosts with IP addresses and other related configuration information (Microsoft, 2003). DHCP has the benefits of efficient IP address configuration as well as minimal network configurations and administration. Without DHCP, it would be required that each time a computer is added to the network, it is manually configured. On the flip side, in case a device is removed from the network, the IP address that was assigned to it has to be manually regained. DHCP enables this whole procedure to be centrally and automatically accomplished. GAI will make use of two DHCP servers, one at each location for fault torelance.
Lease times are the lengths of time for which a DHCP client can use a DHCP-assigned configuration. The lease times are set for different DHCP clients, mostly depending on their functionality. Therefore, servers, desktops, and laptops and all mobile devices will have different lease times, as suggested below:
Table 3: Lease times for different device types.
Device Type
Lease Time
Critical Workstations and Servers
12 days.
Desktops
8 days.
Laptops and Mobile Devices
4 days.
Most Wireless Access Points have DHCP capabilities. To avoid IP conflicts, the scope design will be so that only the Wireless Access Points can assign IP addresses to laptops and mobile devices. The rest of the devices should be set to be assigned IP addresses by the DHCP server. Static IP addresses will be omitted from the range of addresses that can be allocated to the wireless devices, and set aside for servers.
DHCP Fault Tolerance
DHCP fault tolerance will ensure that in case one DHCP server goes down, it does not cripple the GAI network. A 50/50 failover will be implemented for this. Under normal operations when both servers are online, a load balancing mechanism will be achieved with each server taking care of about 50% of the DHCP clients. In case one server goes offline, however, the other server will take over 100% of the DHCP clients. A server will be located in each branch and the implementation will be as shown in the diagram below.
Figure 2: DHCP Infrastructure Setup for GAI Network
DHCP Reservations
Servers and critical workstations require static IP addresses. For this reason,they will need reserved IP addresses in order to prevent the DHCP server from assigning these addresses to other clients and causing problems within the network. About 20 IP addresses will be set aside for critical workstations and servers. These range of IP addresses will need to be duplicated on each of the DHCP servers to ensure that at no time are they assigned to any other DHCP client.
DNS Namespace Design
DNS namespace design is crucial within any network infrastructure as it ensures that no conflicts occur between the internal resources and the internet. It is important for GAI to choose a namespace that does not exist on the internet, otherwise it will lead to name resolutions problems within the internal environment. In order to avoid any DNS issues, the namespace chosen for GAI should be such that it bears its roots on the internet registered name. For instance, if GAI is registered on the internet as gai.com, a good domain name would be corp.gai.com. External and internal names will be separated. If a name cannot be resolved by the internal DNS servers, it will passed over to the external servers. The internal and external namespaces should at no time be overlapped (Microsoft Support, 2011).
To ensure continuous services by the DNS servers, duplicate servers need to be installed at both locations to ensure that the DNS services are not unavailable in case any one of the servers goes down.
Application Services
The application server role in Windows Server 2012 enables the deployment of a set of supportive services to aid in the functioning of applications that are used within the organization (Microsoft Support). By using group policy, a network administrator can deploy applications on client PCs remotely without having to physically visit each client. Therefore, every time a new update of an application is released, the administrator can release these updates over the cloud on all PCs that require the application. Group policy is the main security feature available in Active Directory Domain Services (AD-DS). Therefore, when deploying applications, it is necessary to consider how the group policy affect the deployment. For instance, an application can be installed either per user or per computer basis. Applications can either be published or assigned. Applications can either be published to users or assigned to either users or computers. At GAI, deployment of applications will be done through the assignment to users. This is particularly preferred as when the user next logs in to the client, it is at this point when the application is installed. This method avoids the overwhelming of the overwhelming of the server containing the installation packages.
The installation of applications on network devices remotely relies upon some particular file formats, mainly windows installer packages (.MSI files). For applications that do not come pre-packaged with windows installer packages, it will be necessary to obtain third party software which can be used to generate MSI files.
File and Printer Sharing
Files and printer sharing is critical to the operation of any network infrastructure. For instance, file sharing is necessary for departments to share information amongst themselves. Furthermore, in order to ensure the remote installation of programs over the network, it is necessary to share the installation files over the network to be accessible by the clients on which these applications are to be installed.
A file back-up server will be installed at the NY branch to ensure that in case the physical server at LA is damaged, a backup of this information can always be accessible. Distributed File System (DFS) replication technology will be applied on the servers as it is an efficient replication technique. DFS makes use of Remote Differential Compression (RDC), a technique that detects only file blocks that have been changed and replicates them instead of replicating the entire file (Microsoft, 2014).
File Server Resource Manager (FSRM) lets the network administrator effectively manage and organize data that is stored on file servers (Microsoft, 2013). GAI can implement the file classification feature within the network to restrict access to certain information, for instance restricting access to Human Resource (HR) and Finance department by the sales department. Quotas will be used in the GAI network to restrict the amount disk space that each individual uses. For instance each user can be assigned 1GB of data on the file server and enable a warning when about 800MB is used up.
Conclusion
This document was a unified technical proposal aimed at implementing a network infrastructure for GAI, a newly formed advertising company with two locations, one in Los Angeles and the other in New York. According to the proposal above, the diagram on the next page indicates how the network infrastructure at GAI would look like.
Figure 3: GAI Network Topology
References
Anderson, T. (2013). SERVER 2012 UPDATE FOCUSES ON MANAGING DEVICES AND CLOUD. Computer Weekly, 20-24.
Microsoft Support. Application Server Role Services. Retrieved April 4 2017, from https://technet.microsoft.com/en-us/library/cc732513(v=ws.11).aspx
Microsoft Support (2011, Sep 11). DNS Namespace Planning. Retrieved April 4 2017, from https://support.microsoft.com/en-us/help/254680/dns-namespace-planning
Microsoft Support (2013, Aug 21). File Server Resource Manager Overview. Retrieved April 4 2017, from https://technet.microsoft.com/en-us/library/hh831701(v=ws.11).aspx
Microsoft TechNet (2008, Dec 30). Understanding Organizational Units. Retrieved April 4 2017, from https://technet.microsoft.com/en-us/library/cc771811(v=ws.11).aspx
Microsoft TechNet (2003, Mar 28). What Is DHCP? Retrieved April 4 2017, from https://technet.microsoft.com/en-us/library/cc781008(v=ws.10).aspx
Microsoft Support (2014, July 3). What’s New in DFS Replication and DFS Namespaces in Windows Server. Retrieved April 4 2017, from https://technet.microsoft.com/en-us/library/cc732513(v=ws.11).aspx
Microsoft TechNet (2014, Nov 12). Windows Server Installation Options. Retrieved April 4 2017, from https://technet.microsoft.com/en-us/library/hh831786(v=ws.11).aspx
Minasi, M., Greene, K., Booth, C., Butler, R., McCabe, J., Panek, R., & Roth, S. (2013).Mastering Windows Server 2012 R2. John Wiley & Sons. Chicago
Microsoft Support (2015, Dec 22). Monitor Storage Tiers Performance in Windows Server 2012 R2. Retrieved April 4 2017, from https://technet.microsoft.com/en-us/library/dn789160(v=ws.11).aspx
Tulloch, M., & Team, W. S. (2013). Introducing Windows Server 2012 R2. Microsoft press.
Chicago
Hire one of our experts to create a completely original paper even in 3 hours!