Introduction
This proposal document is a setup and implementation document for Information Technology infrastructure for Shiv LLC company. The technologies to be used in implementing the infrastructure for the three different locations of Shiv LLC at Los Angeles, Dallas and Houston are also discussed in this document. The different implementations of the services to be setup for Shiv LLC are presented in sections.
Active Directory
In an active directory model, organization of the network elements (computers and users) into a tree structure for Shiv LLC will provide security advantages since the forest acts as a logical security boundary for the system and makes management easy for administrators. For Shiv LLC, the forest would have a root domain (www.shivllc.com). There will be sub domains for each of the locations of Shiv LLC in Los Angeles, Houston and Dallas. The employees in each of these locations will have access to the files of the sub domains through authentication and authorization and will still be able to access centralized directories based on the access level of the user. The domain controllers for Shiv LLC would be located at the Dallas office of Shiv LLC.
The server that runs active directory domain service is referred to as a domain controller. The domain controller provides a distributed database which stores and manages information about resources on the network and data which are specific to applications that are directory-enabled. The Windows Server 2012 has the active directory feature and will be configured to provide this service for Shiv LLC.
Group Policy
The configuration of Group policy on the Windows server for Shiv LLC provides a hierarchical infrastructure that allows specific implementations of configurations and settings for computers and users. These policies are held in what are referred to as the Group Policy Objects (GPOs). They will be linked to the domains, organizational units and sits of the active directory containers. Implementation of Group Policy for Shiv LLC will permit administrators of the system to define what each user is permitted to do on the network. The files, folders and applications that they can access will also be specified. For a large organization like Shiv LLC group policy will help to centrally control the files that will be made available over the network by the provision of access authorization to users based on the configurations for each user in the GPO.
DNS
DNS servers will be implemented for Shiv LLC to provide for the translation of IP addresses used by machines to names that can be easily understood and remembered by humans.
The Split DNS infrastructure will be implemented for the design at Shiv LLC, in which two zones will be created for the domain of the organization. One zone will be for the internal network while the second zone will be for the external network. In this configuration, hosts that are internal to the network are directed to the internal domain name server while the hosts external to the network are directed to the external domain name server for name resolution. Figure 1 shows the split DNS infrastructure topology.
Figure 1: Split DNS infrastructure topology
The design of the DNS namespace for Shiv LLC will entail identification of the DNS namespace requirements of the organization. Then, a second level DNS domain name would be chosen such that it represents what the organization does. The domain name of “shivllc” is proposed in this design. Other sub-domains will be created to represent the different departments in the organization and the three locations of the company offices and added to the parent domain e.g. admin.shivllc.com in which case the child domain is “admin”. For ease of maintenance, the assignment of child domains would be based on the function the child-domain performs.
Distributed File System (DFS) services will be designed and implemented across board for the organization in order to make a centralized access to files and folders possible to all employees across the three locations. Since the company has many departments spread across three geographical locations, the implementation of DFS namespaces will allow the shared folders as are located on different servers across the different locations of the company to be grouped into logically structured namespaces. These namespaces would appear to a user as a single shared folder having sub-folders. Employees would access files on the servers from the three different locations in a location-transparent manner to the user.
The File Server Resource Manager on Windows server 2012 will be configured and used for quota management. A quota will be created for a folder and all its sub-tree or for a volume in order to limit the space allocated for it. The quota system implemented will either be a hard quota or a soft quota. Hard quotas do not permit users to save files to volumes and folders after the limit of the allotted space is reached. Soft quotas on the other hand will still allow users to save files but the administrator is notified.
Distributed File System (DFS) implementation for Shiv LLC would make the replication of data between the locations of the company in an efficient manner. DFS also makes possible transparent access to files. This implies that the exact location of the servers hosting the files physically will not be perceived by the users of the network. To improve efficiency, files can be replicated in a redundant manner (Lee and Vellore, 2006) This redundancy guarantees high availability of the system (Patel et al., 2014).
Remote Services
Remote desktop services will be implemented for the company using the Windows server 2012 as it enables users to access desktops, virtual machines and applications. This access is session-based and can be done from within a corporate network or from outside the corporate network over the internet. Using remote services, users are able to access computers from any location and work on resources within the company network. The tri-location of Shiv LLC, access to files or applications will be easier for employees without having to be physically present reducing the cost of transportation to the physical location. Windows server 2012 remote desktop feature allows the administration of remote programs and virtual desktops management as well as adding servers to the network all from one centralized console.
WSUS
Deployment of the Windows Server Update Services (WSUS) enables a system administrator to install the latest Microsoft product updates to all the computers running the Windows operating system (Windows Server Update Services, n.d.). A WSUS server is used to manage the update for the client computers and other servers deployed within the organization. This server will need to be connected to Microsoft Update in order to obtain the available updates. These updates are in turn made available to the other servers and client systems within the organization. Windows Server Update Services will be deployed in the Shiv LLC implementation to make sure that Microsoft products on the network are up to date to reduce risk of security breaches due to software bugs.
Conclusion
The designs proposed in this document have been made by putting in consideration the peculiarities of the Shiv LLC company and can be easily scaled to accommodate future expansion in the company. The implementation of the services will be with the Microsoft Windows Server 2012.
REFERENCES
Lee, M. and Vellore, M. (2006). Exploring the Distributed File System in Microsoft Windows Server 2003 R2. Dell Power Solutions. PDF. Retrieved from http://www.dell.com/downloads/global/power/ps2q06-20050301-Lee.pdf
Patel, Neha M., Patel, Narendra M., Hasan, M.I. and Patel, M.M. (2014).Improving Data Transfer Rate and Throughput of HDFS using Efficient Replica Placement. International Journal of Computer Applications, 86(2), Pp 0975-8887.
Windows Server Update Services (n.d.). Accessed on 21 February 2016 from https://msdn.microsoft.com/en-us/library/bb332157.aspx