A Proposal for Implementing Windows Network Infrastructure

Windows Network Infrastructure

A Proposal for Implementing Windows Network Infrastructure

Instructions:

Overview
Each student will create a detailed, organized, unified technical solution given the scenario described below. The submission will be in a written format, with at least one diagram, and may include additional diagrams, charts or tables. The assignment is meant for students to enhance their mastery of the material and to provide a creative and realistic way in which to apply knowledge from this course. 

Scenario
Global Advertising, Inc. (referred to as “GAI”) has hired you as an IT consultant for implementing their Windows network infrastructure. GAI is a new advertising firm, and they are currently hiring staff, establishing two locations, and have a need to get their internal IT services configured. They do not yet have an IT staff, but when they do, the IT staff will take over all aspects of IT administration. You are required to supply GAI with a solution which describes the implementation and configuration of their core IT services. Cost is not a significant concern – GAI wishes to implement the “right” solution to fit their needs now and for the next 2-3 years.

There are several details about GAI which will have an impact on your choices:

• GAI will start with 90 employees, in the following departments:
  • Executives (9 employees) – manage and run the company
  • Accounts and Sales Department (15 employees) – perform market research and maintain accounts
  • Creative, Media and Production Department (49 employees) – advertising
  • Human Resources and Finances (12 employees) – perform HR and financial duties
  • IT (5 employees) – manage IT for the company
  • GAI will have two sites, one in Los Angeles and one in New York. Most staff will be located in LA, with at least 1 person from each of the departments above located in NY.
• Networking equipment is already in place for both sites. A secure tunnel (using IPSec) will be established between the two sites so that inter-site traffic will be securely tunneled over the Internet. You may make whatever other assumptions you wish about intra-and inter-site connectivity.
• Security mechanisms (e.g., firewalls, intrusion detection) will be handled separately, and there is no need to describe them.
• Some departments will want their data to remain private from other departments (e.g., Finances personnel will not want Production staff to see the company’s financial details). Your team may make assumptions about how data should be shared or kept private.
• Assumptions can be made regarding any information not included here; all assumptions should be identified, however.

Topics to Cover
Your document should cover the content presented in the course. The outline below contains recommended points to cover. You are free to add other related information.

Describe the technical and business reasons for each choice, citing other resources as appropriate.

The Windows Server 2012 operating system should be used for all aspects of the solution.

The topics include:

New Features of Windows Server 2012

• Describe new features of Windows Server 2012 that GAI can take advantages of.

Deployment and Server Editions

• How many total servers are needed? Which roles will be combined?
• What edition of Windows will be used for each server (e.g., Standard, Datacenter)?
• Will Server Core be used on any servers?
• Where are each of the servers located (which of the two sites)?
• How will the servers be deployed? Manual or automated?

Active Directory

• Number of AD domains?
• Will there be any Read-Only Domain Controllers?
• How will the second site factor into domain controller placement? How will AD sites be configured?
• How will AD organizational units be organized (considering how group policy will be used and users will be organized)?

DNS and DHCP

• DHCP scope design (e.g., lease times, number of scopes, address range)
• Will a form of DHCP fault tolerance be implemented?
• Will DHCP reservations be used for servers?
• DNS namespace design (e.g., domain name(s) chosen, split DNS for Internet/intranet, zones)
• How will DNS be handled for the second site?

Application Services

• How will applications be deployed? If using Group Policy, what are the details on how Group Policy will be used to deploy the software? Which software applications will likely be needed?

File and Printer Sharing

• What shares might be needed?
• DFS Needed?
• How will quotas/FSRM be configures?

Solution.

A Proposal for Implementing Windows Network Infrastructure

Windows Network Infrastructure

The implementation of a Windows network infrastructure takes intensive planning and organization. Any company that wishes to have a strong infrastructure like the Global Advertising, Inc. must invest in planning for the implementation of the Windows network infrastructure.  This proposal is designed for a data communication network for the services of Global Advertising, Inc., also referred to as GAI. GAI is a new advertising firm that is currently taking in new staff, setting up two locations and need a configuration of their internal IT services. The company intends to hire an IT staff that will handle all aspects of IT administration. However, while they are starting off without an IT staff, the company needs a solution for their core IT services for the next 3 years.

During the development of the proposal, there were certain facts that were taken into account. The company intends to start its operations with a total of 90 employees. The staff with consist of 9 executives responsible for the managing and running of the company. 15 employees will be in the accounts and sales department. Their duties will include performing market research and maintaining accounts. A marketing team of 49 employees will be managed under the creative, media and production department. The human resource and finances department will have 12 employees who will perform HR and financial tasks. 5 employees will be responsible for managing the company’s IT and will operate under the IT department. Global Advertising, Inc. will operate from two sites, one in New York and another in Los Angeles. Most of the staff will work from LA, but at least one person from every department will be located in NY.

The company has already secured the networking equipment for both sites. The company intends to establish a secure tunnel between the two sites by use of IPSec. This will help in ensuring a secure tunnelling of inter-site traffic over the internet. GAI will handle the security mechanisms like firewalls and intrusion detection separately. There are some departments in the company that may not want other departments to get any information about them. For example, the personnel in the Finances department would want to remain private from the Production staff with regard to the financial details of the company.  

New Features of Windows Server 2012

One of the new features of Windows Server 2012 is IPAM, a service that manages IP address. It gives the organization one location where all the addressing for the organization is monitored and managed. The feature may help GAI to minimize the number of staff to handle the IP addresses for all the locations at the same time. The server also provides the basic services such as Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS) (Suehring, 2012).

Deployment and Server Editions

Datacenter edition of Windows Server 2012 R2 is the system that has been proposed to be deployed at the two locations. The system will use four servers, all of them hosting the Windows Server 2012. Two of the servers will be at the LA office while the other two will be at the NY office. The servers at LA will be the main servers that will be utilized for the core IT network services including DNS, DHCP, File Server and Active Directory. At both locations, one of the servers will serve as a backup server, which will ensure fault tolerance in case the main server fails. Similar configurations will be used for both servers, but the backup server will only be used whenever the main server goes down (Tulloch, 2014).

Deployment of the main server will be done from scratch (greenfield deployment) at the LA office (to operate as the headquarters of the company), and then the script from the primary server will be used in the automation of the process of deploying the backup server. The method will help in ensuring that both servers have similar configurations. Due to the fact that the branch servers will perform different tasks and have different features from the servers at HQ, they will be manually deployed with different configurations. As a security measure, the servers at the NY office will be configured using server core, which helps in reducing the risk of the availability of loopholes in the branch’s networks for potential hackers (Tulloch, 2014).

The implementation of a network infrastructure from scratch requires a lot of patience. Thorough devotion should be given to the configuration to ensure that the process does not skip any vital steps. Greenfield deployment is implemented for a company that does not already have any infrastructure. The steps for a greenfield deployment on Windows Server 2012 R2 include:

Design, acquisition and implementation of the basic network infrastructure of routers, switches, access points and other hardware for the networking. GAI already has the networking and infrastructure hardware in place. An Active Directory environment (AD DS) is then designed. It is assumed here that GAI also currently has the system hardware that are certified for Windows Server 2012 R2. A pilot deployment should then be implemented in determining whether the planned infrastructure meets or will meet the needs of the business and help in anticipating any possible issues that may arise as the rollout is done. The production of the infrastructure is then rolled out by use of specific deployment tools (Tulloch, 2014).

Greenfield deployment has the advantage of providing the opportunity to start off right. However, since businesses are always in a state of evolution, even a careful plan for the future can still meet challenges in changing the infrastructure to address all the changes brought in by the evolution. As the business grows in size and in age, many changes become inevitable for the sake of remaining relevant and competitive (Tulloch, 2014).

Active Directory

Active Directory Domain Services (AD DS) is used in simplifying resource and user management. At the same time, it helps in creating secure, scalable and manageable infrastructures. It can be used in managing network infrastructure and branch office. The deployment takes three phases including design, deployment and operations phases. A design team develops a design for a logical structure for the AD DS that is compatible with the needs of each of the company’s divisions that will make use of the directory service. After the approval of the design, the deployment team will test it in a controlled environment and implement it in a production environment. The directory service is then maintained by the operation team (Tulloch, 2014).

DNS and DHCP

The Dynamic Host Configuration Protocol (DHCP) functions as the supplier of Internet Protocol (IP) addresses. It also provides information for other network configuration to devices on the network. DHCP is used by most clients and client devices in obtaining network information.  Without it, clients cannot get IP addresses and other information including DNS servers. As a result, many enterprises deploy DHCP in a highly available manner. This is done so as to ensure that in case one server is not available, another one can continue with the function. For GAI, the DHCP failover will be implemented (Suehring, 2012).

DHCP failover is a new feature of Windows Server 2012 that implies that two servers are deployed with similar configuration. Each server will be configured with a replicated version of the whole scope like lease information. As a result, each server can work individually to provide the IP addresses for the whole scope.  The hot standby operation will be implemented in which one server gives the DHCP information while another one keeps a replicated version of the lease information so that it can immediately take over in case of failure of the primary server. The remote location, LA, will have the primary server, while the central data centre, NY, will have the backup server (Suehring, 2012).

To ensure that some departments can remain private from other departments, DHCP filtering will be implemented. Filtering is done to configure the way the DHCP server responds to request for network information and addresses. This feature enables the server to send information only to known clients or refuse to send information to certain clients. The Windows Server 2012’s Allow and Deny filters will be used (Tulloch, 2014). Using the Allow filter, the server will be configured to send data to only the listed clients (departments). The deny filter will be used to compartmentalize network information within the different departments so that different departments can choose to keep information from other departments.

Domain Name Servers (DNS) work as phone books. They are used in maintaining a directory of domain names. They also translate the domain names to Internet Protocol addresses. DNS servers will be implemented along with DHCP. This is because DNS servers provide DHCP servers with the IP addresses. DNS collects all domain name servers from the internet and stores then in a Central Registry (Suehring, 2012).

Application Services

The deployment and management of Remote Desktop Services has changed with the introduction of the Server 2012 R2. The deployment team will enable the function in all servers. The deployment type will be set to Quick Start and the deployment scenario set to Session-based desktop deployment. All the servers will then be listed in the server pool. For security reasons, only a number of individuals will be selected as the only users who can log into each server (Suehring, 2012).

File and Printer Sharing

On Windows Server 2012, File and Printer sharing is by default disabled. This will be enabled by using the command prompt after which the employees will be able to reach the admin shares. This function allows individuals in different departments to share information through files. The organization can also have a centrally placed printer at each location that can be used by all the departments for their printing needs, thus reducing printing costs (Suehring, 2012).

References

Suehring, S. (2012). Design and Implement Network Infrastructure Services. Microsoft Press Store.

Tulloch, M. (2014). Preparing for Windows Server 2012 R2. The Microsoft Press Store.