ITS315 Final Portfolio Project

Server Proposal for Worldwide Advertising, Inc. (WAI)

This proposal will outline the best technical solution to provide WAI with a flexible and reliable IT infrastructure over the coming years. As both current sites in Los Angeles and New York are connected through a VPN tunnel already then our proposal is as per the below recommendations. Deployment & Servers Each site will be deployed with Windows Server 2008 R2 systems which will not only meet the current requirements but also be well-equipped to meet future requirements and organizational growth. An overall summary of the planned deployments is incorporated in the table below: Site Los Angeles

New York

Server 2008R2

Server 2008R2

Core Active Directory

File

DHCP & DNS

Sharing

Active Directory

File

DHCP & DNS

Sharing

Server 2008R2

Standard Standard & Printer IIS Web Services

&

Printer IIS Web Services

Each site will be configured in an identical manner to aid with the ease of deployment, configuration and ongoing maintenance – this will also serve as a template model should any further sites be added as the organization grows and looks to expand. Utilizing the Server 2008 Core installations will be ideal to use as the infrastructure servers running Active Directory, DHCP & DNS services. Additional servers will be configured with Windows Server 2008 Standard Edition to provide greater flexibility for further application utilization.

They will also be able to provide File & Printer Sharing as well as Web services through the provision of IIS. As well as Server 2008, there is a consideration for Desktop Operating Systems to be deployed, this should take the form of Windows 7 Professional across all required workstations and as a sensible precaution against unforeseen issues or new hire requirements there should be additional workstations purchased above the 30 current employees. In order to ensure that the system is easy to maintain going forward and new systems can be deployed quickly a specific WAI image should be created using Windows System Image Manager.1

This will allow for the automatic configuration of the Windows 7 installation to corporately agreed standards as well as adding workstation specific drivers and specific customizations such as desktop background and screen saver properties to ensure a professional image. The

1 http://technet.microsoft.com/en-us/library/cc766347(v=ws.10).aspx

image will also be responsible for joining the machines to the Domain so that any workstation is ready to be used as and when required. DNS & DHCP Fault tolerance is a specific requirement here and this will be provided by splitting the DHCP scope2 across both servers so that there is fault tolerance across the network without having to provide a bespoke cluster. With a split DHCP scope then DHCP traffic flood will be handled more efficiently as well. Each of the servers and any equipment such as printers will be configured with an IP reservation – this will ensure an orderly topology across both sites and allow IT support to easily maintain such devices. All other network devices will receive IP addresses via DHCP with a long lease time configured due to the low number of devices compared to available IP addresses. Similarly, DNS will be split across both sites with the management being integrated with Active Directory which will ensure all DNS addresses and entries are replicated between sites and allowing easy access of resources between Los Angeles & New York. Active Directory The creation of an Active Directory Domain running in native 2008 mode will be required and this should take the form of a new WAI domain. In order to ensure each site has access to the same levels of information then Replication3 will occur between each site with the assumption that the VPN link between the two locations is high speed in which case replication will be almost instantaneous.

2 http://technet.microsoft.com/en-us/library/cc733059.aspx 3 http://technet.microsoft.com/en-us/library/cc755994(v=ws.10).aspx

Each site will have a fully-writable Domain Controller. There is no need to make New York for example a Read-Only Domain Controller (RODC) as there will be IT administration onsite and there may also be an expectation for greater user presence in New York as time goes by. The WAI domain will be formed of the following Active Directory Organizational Units (OUs):     

Sales OU Media OU HR OU Finance OU IT OU

The image below shows a sample Active Directory configuration to give an overview of the ease and flexibility of configuring and maintaining an Active Directory based infrastructure of users, groups and computers.

Each user will experience similar functionality when logging on to the WAI domain as this will be configured to utilize a logon script configuring access to their networked drives and printers as well as controlling access levels to their system. Each OU will explicitly permit permissions to that department’s network share and this will be propagated down to each user

so that only authorized members of each department can access their data. Security groups will be created to control the access to file shares and IT will easily be able to maintain membership of this by adding or removing an employee in the Active Directory topology. As there will be a small number of Groups setup on the WAI domain then each Security group will be configured with a Universal scope. Each OU will also have relevant groups setup as Distribution Lists so that e-mails can easily be sent to each department or the wider organization as required. Application Services As well as operating systems, there will be several applications which need to be installed on each workstation such as Anti-Virus software & Microsoft Office. There may also be other requirements such as PDF readers and Java installations which should be added as part of the Windows System Image for the initial workstation deployment. Specific software requirements for each department will be managed through Active Directory Group Policy – if for example HR need a specific database application then those employees who are members of the HR OU in Active Directory will have this application downloaded and installed to their system. Not only does this keep installation and configuration issues to a minimum for IT but it also ensures that only the required number of licenses are needed and the organization is not paying for unnecessary software. IIS74 configured on Windows 2008 Standard Edition will be used to provide an Internet facing web-site with the multiple site model again being used to provide both fail-over and load-balancing provisions. In order to make the website fully accessible externally then the Network team will need to provide a DMZ for the servers so that the network is not opened to unnecessary risks. 4 http://www.iis.net/

File & Printer Sharing File shares will mirror the departments within organization also mirror each of the organizational departments and they will use NTFS security 5 in order to ensure that only authorized access is possible. This will ensure that all confidential and mission critical or time-sensitive data will be protected as per standard auditing procedures. As well as corporate departmental shares there will be a designated personal share for each employee and a Public share for sharing of non-sensitive or department specific data. Each share will be measured and managed via Quotas and thresholds along with an IT policy in place to monitor for any non-corporate such as Pictures and Music files. Through utilization of the File Server Resource Manager soft quotas and thresholds will be implemented for each Department, Personal & Public share so that when a folder reaches 85% of its available limit there is an e-mail notification to the system administrators as well as the users concerned. In order to ensure that the network can be easily navigated and maintained there will be DFS namespaces creating with targets specified on both file servers. This means that users only need to access \\WIA\Public for example to access the public shared drive regardless of whether they are in the Los Angeles or New York office. Storage For the Domain Controllers the recommended local storage would be a RAID 1 configuration with two hard drives. Drive C will be used for the Operating System and Drive D for the Active Directory System/Configuration files. Each of the File/Print Servers will be configured in a similar RAID1 configuration for their operating system. Each file server will then be separately connected to a RAID5 NAS which will contain the main data store for the 5 http://msdn.microsoft.com/en-us/library/ms913208(v=winembedded.5).aspx

WAI organization. This will allow the storage to be easily expanded in line with future requirements but initial estimations for storage are as per the below figures:      

Per User = 3GB for each personal drive = 30 x 30 = 90GB Sales = 250GB Media = 1.5TB due to large graphic files HR = 100GB Finance = 160GB IT = 600GB due to storage of System Images

This gives a total storage requirement of 2.7TB. Summary To conclude, the proposal outlines the deployment of Windows Server 2008 R2 and Windows 7 professional across the new IT infrastructure. Both these server and desktop operating systems will provide stable and up-to-date productivity. These systems will cope with expansion and any organizational changes that are required as well as being an infrastructure which is easy to setup and maintain. In order to provide and configure the servers, the initial setup of two Server 2008 Core Editions, including the Active Directory, DHCP & DNS configuration would take a few days with an engineer performing the configuration and testing at each site. With the addition of the File & Print Servers as well as the deployment of 30 employee workstations the manpower and scheduling timeline is estimate at two weeks with a team of 6 engineers, 3 of whom would be based in Los Angeles and 3 in New York.

Bibliography Hassell, J. (2008). Windows Server 2008: The Definitive Guide. Minasi, M., Gibson, D., Finn, A., Henry, W., & Hynes, B. (2010). Mastering Microsoft Windows Server 2008 R2. Tulloch, M. (2007). Introducing Windows Server 2008.