Overview
World Wide Advertising agency Inc. is a new company specializing in advertising. Currently, the company is hiring staff in its newly established locations New York and Los Angeles. WAI are yet to implement an IT strategy and once they do, all IT operations will be taken over by the IT department. WAI has approached me seeking a solution that describes, implement and configure core IT services within the new organization. WAI is not constrained by financial obligations and thus, require a solution that is best for their needs for the next two to three years.
It is recognized that the company’s competitive edge is based on its ability to establish regional and international connections. While offering services to a wide variety of clientele, there is a need to nurture and sustain quality. In an attempt to increase regional and global dominance, WAI, has established a branch in Los Angeles. One essential requirement for WAI is the ability to leverage its data located in the headquarters or Los Angeles branch to better business activity and service delivery. For example, communication from headquarters should be conveyed to the branch in almost real time. Likewise, company reports originating from personnel in Los Angeles department should be conveyed in almost real time to the headquarters to facilitate decision making and other operations. The means with which information is relayed from one establishment to the other should be efficient, secure and reliable. Therefore, a robust corporate network is required that gather for the needs of all the users across all the branches in order to support mission critical and normal operations. The network should be able to support voice, video and data at any given moment with a focus on videoconferencing and other dedicated activities for executive operations.
Current situation
IT networking equipment is already in place for Los Angeles and New York branches. WAI will utilize IPSec tunneling to establish a connection between the two company sites to secure inter-site traffic over the internet and improve communication. WAI has a total of 90 employees Security requirements are already taken care of and will not be focused in this paper. One essential requirement is separation of privacy between key departments in the company. Some departments such as financed and production do not wish to share and display information unnecessarily. Thus, there is a need to segregate vital departmental information. Another requirement put forward by the company is the need to use Windows Server 2012 in their operations. This paper will entirely be based on Windows Server 2012 deployment and implementation.
Recommendation
A recommendation for WAI is to establish a virtual private network. VPN is a form of global communication that comprise of hardware and software bundled together to facilitate user interactions in a seamless manner. VPN is especially used by remote users connecting from different locations and with the demand for centralized resources. The advantage of VPN is that it is delivered over the internet. Thus, employees, business partners and telecommuting employees can access organizational resources from wherever locations they may be based at. In conventional organizational setting, LANs are used to connect employees within the same building or geographical area. However, in order to secure connection and file sharing between two geographically dispersed locations. Traditionally, two disparate locations can be connected using a wide area network. Wide Area Networks are terminated to local area networks in organizational premises.
Features of Windows Server 2012
Windows Server 2012 was released by Microsoft in 2012 and were the latest offering in terms of servers. It is very innovative and appealing to the users. It has an innovative interface, powerful remote management tools and Active Directory Controllers. Other additional features include DFS namespace and DFS replication.
Deployment and Server Editions
Windows Server 2012 is available in four editions namely; Foundation, Data Center, Standard and Essential. World Wide Advertising Incorporation has an option of opting for Data Center edition. Data center and standard version provide advanced capabilities for companies operating in the same processing and memory requirements. Data center is instrumental if WAI anticipates deploying in the cloud, and hence it is a desirable solution. It supports virtualization and cloud deployment. On the contrary, the standard version is preferred for physical server deployment within organizational premises. The company anticipates a solution that will gather for its needs in the next two to three years. Because it anticipates expanding its operations, an option that allow for cloud deployment would be necessary. Cloud computing and virtualization will provide immense benefits to the organization in terms of efficient service delivery, cost savings and performance. •Number of servers appropriate and roles combinations
It will be efficient that WAI uses a single application server based in Los Angeles. It is because Los Angeles carries many of the staff and operations. Web, Mail, DHCP, and Exchange servers are based in Los Angeles for simplified management and monitoring.
The choice of Windows Server 2012 Data Center version is prudent because it comes with desktop sharing and session-shadowing. These features allow collaboration and teamwork between users in different geographical regions. •Utilization of the server core
The mode of deployment is a distributed architecture. WAI will deploy distributed server deployment where applications are based in Los Angeles while data storage is based in New York. Enterprise class servers are already procured and will be installed in both branches. While operation servers will be located in Los Angeles, storage and data recovery operations will be located in New York. Rather than development of a single centralized architecture, servers are distributed. A cluster of servers in every location is a strategic investment option that will gather for the needs of the organization once it establishes and spreads across more regions.
•Server deployment Manual versus automated
Even in this small environment, it is justifiable to deploy servers automatically using Automated Deployment Service. ADS service involves capturing the floppy content and required actions and sending them over the network to facilitate total hands-off deployment. The benefits of ADS include full server driver support, superior driver management and partitioned deployments other than C: drive.
Active Directory
While using VPN, active directory and file access is simplified. Active directories are important components for IT administrators to manage local and remote users and mobile devices. Since active directories are modeled in a hierarchical manner, the topmost part containing the forest will be WAI computing resources. Below it will be domains comprising of users at organizational branches. WAI active directory is comprised of two domains, one for LA and the other for NY. The two technologies provided by Windows Server 2012 that facilitate management of active directories are DFS namespace and DFS replication.
DNS and •DHCP
The DHCP server allocates an IP to a user behind WAI network. DHCP over VPN is located at the other end of the VPN tunnel. WAI network will be sub-netted, and every department will have its IP subnet. IP allocation is automatic, and this functionality is enabled in the configuration settings. Web servers enjoy static IP addresses while mobile users will have their IP dynamically allocated. Lease time is determined by the functionality of the user on the network. Users using the network frequently may be allocated static IPs while guests are allocated temporary IPs that expires after they log out of the system. IP range will be based on class B IP addressing. A total of 200 IP addresses will be required with a provision of 100 addresses to gather for growth. • DHCP fault tolerance implementation
An 80/20 fault tolerance implementation strategy is used. DHCP servers are configured in an 80/20 failover approach. The primary DHCP server located at Los Angeles will have 80% of available IP addresses while a backup server located at New York branch office will have 20% IP address availability. •DNS namespace design (e.g., domain name(s) chosen, split DNS for Internet/intranet, zones)
It is appropriate that IPv4 or IPv6 DNS resolution be adopted. A domain name for WAI may be something like http://waincorp.wai. For New York, the domain name may be created as http://newyork/wai.org. Server provisioning will be done on the VPN side of the client. There are two ways of allocating IP address of the DNS-based server; one is via static configuration on the VPN client side while the other is via dynamic configuration via VPN server.
Application Services
Applications are installed and managed on a single application server located in the headquarters in Los Angeles. Applications will be available for all users over a web browser. Installation, updates, upgrading and patching Regular patching is the sole responsibility of the IT administrator. Group policy will aid in the management of applications. While some applications are accessed to all users, some are restricted to specific users and departments. There is a provision that some data and applications should not be accessed by everyone in the organization. For example, financial detail should not be visible or accessible to the production department. Group policies will be used to accord authentication and authorization for access. Windows Server 2012 offers Group Policy configurations.
Software applications required
WAI requires management, production, financial and security applications. Deployment of ERPs, CRMs, and human resource applications will be necessary. File and Printer Sharing
Disk quotas will be implemented using File Server Resource Manager template. Departments with more storage needs will be accorded more disks space while those with least requirements will have low per-volume policy. File sharing will be implemented on a need to know basis. Only users with a legitimate need to access files are allowed. In order to achieve this provision, file access policy will be implemented.
Figure. 1 DNS and Active Directory Namespaces
References
Carvalho, L. (2012). Windows Server 2012 Hyper-V Cookbook. Packt Publishing Ltd.
Shah, Z. H. (2013). Windows Server 2012 Hyper-V: Deploying the Hyper-V Enterprise Server Virtualization Platform. Packt Publishing Ltd.
Stanek, W. (2014). Windows Server 2012 R2 Inside Out Volume 2: Services, Security, & Infrastructure. Microsoft Press.
