Any opinions, findings, conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of UK Essays.
“We Make Windows” Inc. (WWW), recently hired me, an Information Technology (IT) consultant to develop a network proposal to implement their new Windows Network Infrastructure. The company is a relatively new company and its main line of business is advertising. The company has 90 employees clustered as follows: Executives (9 employees), Creative, Human Resources and Finances (12 employees), Media and Production Department (49 employees), Accounts and Sales Department (15 employees), and IT (5 employees). WWW is presently hiring new personnel and establishing new locations in Los Angeles and New York. These two locations were chosen because of the increased demand for advertising services. Therefore, the company needs an IT solution that is going to encompass the implementation and configuration of its core IT services. The present proposal is going to address the concerns displayed by the “We Make Windows”, Inc. During its formulation, the proposal will examine the pertinent features of Windows Server 2016, active directory, Domain Name Services (DNS), Dynamic Host Configuration Protocol (DHCP), and application services plus file and printer sharing.
NEW FEATURES OF WINDOWS SERVER 2016
The Windows Server 2016 has made numerous improvements to the Windows Server 2012. The virtualization areas of the server have improved features that allow an IT professional to design, deploy and even maintain the Windows Server. One of the most important features of the Windows Server 2016 is the improved time accuracy as a result of enhancements to the Hyper-V Time Synchronization Services and Win32 Time (1). In addition, WWW can also take advantage of the improved active directory features that improve and secure the environment of the same. The deployment of the DirectAccess feature for the server is important as it restricts access to specific people and users on the network. In addition, DirectAccess’ functionality and features allow for automatic connection of solutions that will allow a client that will be using Windows 7 or later versions of Windows to connect without any difficulties via an Internet connection network to the company’s Intranet. This feature is also preferable for remote access as it will offer simultaneous access to both the company’s internal resources and the internet. Further, it also maintains the distinction between the company’s internal and external traffic. The DirectAccess feature offers the company administrators the ability to update the software through Group Policy. Thus, with an increasing number of the company’s staff working remotely in the future, this feature will be significant in ensuring the security of the company’s servers.
In order to successfully run the company’s functions, a total of two servers will be required. One of the servers will act as the main DCHP server at the company’s main office in Los Angeles, while the next server will be a backup server at the company’s New York location. The servers will combine both data saving and file sharing functionalities while ensuring that each one of them is separated according to the department. This will occur even when a Group policy is invoked in the system. For the backup server in New York, the standard edition of Windows 2016 Server is going to be applied. This is because WWW requires advanced features and its virtualization is limited at that location (2). However, the primary server at Los Angeles will use the datacenter version of Windows 2016 Server. The company engages in advertising and a majority of its staff are located here. Therefore, using the datacenter edition gives it flexibility due to its overwhelming number of IT workload and the necessary virtual systems.
During the deployment of the standard edition of Windows Server 2016 at the New York office, a Server Core will be installed. Given the huge number of employees stationed at this office, it becomes necessary to eliminate the services and other features that are not necessary and essential when it comes to some commonly used server roles. Further, the adoption of Server Core is convenient as it allows for virtual control from the command line (3). In addition, the servers are going to be deployed automatically. Given that the contractor is using the Windows 2016 Server, the automatic deployment will be convenient using the Windows Deployment Server. This feature will allow the administrator to install Windows operating system remotely from computers that are booting from a network adapter.
Given the number of employees and the desire to employ group policy, the Active Directory Domain will have five databases each containing a list of employees belonging to each section. Further, the features of Windows Server 2016 include the DNS Server service for Read-Only Domain Controllers (RODC’s). It is capable of doing this because it offers support to a type of zone on RODCs, referred to as the branch office zone or primary read-only zone. The primary read-only zone is a whole read-only duplicate of the application directory panels, associated with DNS, including the ForestDNSZones, domain partitions, and DomainDNSZones (4). The above zone will be automatically established upon the installation of the RODC feature. The fact that physical security cannot be guaranteed at the physical locations, the contractor recommends the usage of RODC to store important data. The RODC stores data in a read-only format which means that it cannot be copied. For this reason, even if someone was to access the AD database, they would not be able to copy it. However, even if the data were to be compromised, this would not impact the whole of the AD database since the RODC does not have a replication capacity. Hence, the intruder would not be able to transfer the AD database to write-able CDs.
In placing the second site into domain controller placement, the RODC discussed above can be used. During this process, local administrative permissions will then be given to any domain user all the while limiting the rights of the user to the domain controller (1). The local branch user with the RODC login rights will perform maintenance functions on the RODC server. Nevertheless, this user will not have the capacity to perform other administrative tasks, which maintains the integrity of the data at the second site.
The configuration of Active Directory (AD) sites is important as it has the capacity to link the two geographical locations and branches located in New York and Los Angeles. The contractor will use the AD Sites and Services Snap-in (4). This will allow them to conduct all the configuration services relevant to the sites. The snap-in will have all the functionalities that will allow the contractor to name and rename the sites and place a new domain controller for WWW Inc. As previously mentioned, the Group policy will be employed, which when applied to organizational units will provide centralized management and configuration of operating systems, user settings, and applications within an active directory (AD). The object attributes are unique within the assigned domain and therefore have unique policies that are captured in AD.
DHCP & DNS
Dynamic Host Configuration Protocol (DHCP) is crucial in any network and its existence is of great significance to any firm. In an environment where customers are dependent on acquiring their network configuration and IP addresses in an automatic manner, DHCP is vitally important. To that end, ensuring that customers enjoy reliable connectivity alongside the minimum number of disruptions within the network singularly depends on the DHCP services offered and its availability. The main reason or idea behind why employing DHCP is to enable each device on an IP network gets rid of their configuration from either the servers including the DHCP server (1). This gives users the capacity to change IP locations and reconfigure gadgets as they undertake network connectivity even as they make the movements.
To make the requirements of this implementation success, and to forestall any server disappointment, the consultant will install a DHCP server as well as execute a split scope at the varied locations mentioned above. The rudimentary DHCP servers situated in New York will only contain 80% of their IP addresses and the back-up server positioned in Los Angeles will only contain 20% of the IP addresses (5). At any point in the event any of the servers cited in the New York region become unsuccessful, the configurations employed will offer a fault tolerance as well as backup the DHCP server; because of this, the consumers will not experience any disturbances in their use of the network. In all three regions, the contractor will install a DHCP scope for static IP addresses as well as another one that will be useful for mobile users. When it comes to the static IP addresses, the gadgets that have a permanent connection to the network will be consigned to the 28-day lease, while a 24-hour lease time will be assigned to the mobile devices’ IP addresses. All the servers with the exception of DHCP as well as print servers are going to share an IP address since this is particularly important. Therefore, the consultant will execute DHCP reservations in order to maintain the IP address status quo for the entire batch of servers. It is also anticipated when using DHCP servers, a number of machines will need similar IP addresses. Therefore, the function of the DHCP reservations will allow devices in a DHCP environment to maintain unchanging addresses.
Internet Protocol Address Management (IPAM) will be used to monitor and regulate the way that the IP addresses are operated on a computer network (6). Employing IPAM will offer assurance that the catalog of assignable IP addresses is current and efficient. IPAM can be very essential when administrators need to manipulate some network settings and also ensure their control. For instance, deploying IPAM to evaluate the availability of IP address space as well as the name that is associated with each of the IP addresses available in the inventory. Further, the use of IPAM can reveal information regarding subnets by highlighting the ones that are in use, their sizes, and the assigned user. It can also be adopted when it comes to managing a Windows DNS server by the administrator.
The Domain Name System (DNS) forms the most important aspect of Internet connectivity, which is why making sure that it is configured properly is an administrator’s fundamental responsibility. That said, DNS is very important and can be used in linking the domains from the web to the resources associated with the internal enterprise networks. WWW Inc. will be assigned the namespace Corp.WWW.com as its private DNS and the DNS namespace for its public IP will be WWW.com. The contractor will ensure that WWW Inc.’s DNS name resolution for its Internet and Intranet connectivity is divided. To accomplish this, the contractor will adopt Active Directory-Integrated. This is where the domain controllers are going to act as the local DNS server when it comes to the company’s domain (1). Ensuring that the network is secure the contractor is going to adopt Active Directory replication, which will allow for the switching of DNS records. As such, this is going to allow for a request made from the New York location to undergo processing at the Los Angeles office after being automatically forwarded.
Group policy will be used to deploy the present server. It will regulate what users can do on their computers and what they cannot do. The application of a group policy will rely on the Active Directory feature of Windows Server 2016. The group policy will receive and enforce a Group Policy Object, which will mean that each AD domain will be assigned its own GPO where access to certain folders, preventing unidentified users from accessing a domain folder or enforcing password complexity will be enforced (4). The AD that will be used here will assign each computer belonging to a certain Windows domain a set of GPOs.
The administrators of the network have an important role to play in the management and sharing of files. Thus, to make certain that access to pertinent files is properly regulated, the contractor recommends that the file sharing feature be secured using the file share permissions. Additionally, permissions entailing Quotas with File Server Resource Management (FSRM) should also be adopted. Moreover, the Windows Server 2016 has an inbuilt feature known as an access-based enumeration (ABE) which permits network administrators to prevent any access to files that users are restricted to view. The decision to recommend FSRM and not NTFS is based on the flexibility and seamless notification mechanisms associated with the former. Because of the above-enumerated reasons, the consultant is going to execute the FSRM as opposed to the NTFS quotas in order to offer administrators real-time notifications when the users are going beyond their capped limits. Indeed, by installing the FSRM quotas, administrators will be given the prerogative to establish limits on personal folders in the servers with configured email notification to both the user and the administrator when the former exhausts their limit (5). In addition to individual quotas, the contractor is also going to limit group shares through the FRSM quotas functionality. However, establishing these quotas does not limit users from saving files, a phenomenon that they can do without exceeding the set limits by the administrator.
An important fact to remember is users are going to need access to when shared folders are involved from the two locations. In order to facilitate this, the contractor suggests that the Distributed File System (DFS) be created. This feature allows administrators the freedom to collect numerous folders on a specific number of servers or a specific server and then aggregate them into a unitary folder named namespace that could be arranged hierarchically.
In a nutshell, the execution of the projected features and roles provided by Window Server 2016 will enable the fulfillment of the needs and requirements necessary for the development of WWW Inc. network. The suggestion/proposal provides a comprehensive business strategy that will enable the administrators to progress the demands required for the success of the internet. Furthermore, using Direct Access will preserve the protection and security of remote access all through WAN connection. Also, the infrastructure of the Windows network is ready for the rising scalability whenever the company needs an upgrade and development of network operations in the future.
Figure 1 (Microsoft Direct Access, 2018)
- Krause, J. Mastering Windows Server 2016: A comprehensive and practical guide to Windows Server 2016. 2016.
- Modi, R. DevOps with Windows Server 2016. Birmingham: Packt Publishing. 2017
- What is server core? | Microsoft docs. (n.d.). Retrieved from https://docs.microsoft.com/en-us/windows-server/administration/server-core/what-is-server-core
- What’s new in active directory domain services in windows server 2016 | Microsoft docs. (n.d.). Retrieved from https://docs.microsoft.com/en-us/windows-server/identity/whats-new-active-directory-domain-services
- Stanek, W. Windows Server 2016: Domain Infrastructure.2016.
- Savill, J. Mastering Windows Server 2016 Hyper- V. 2016.
If you need assistance with writing your essay, our professional essay writing service is here to help!Find out more
Cite This Work
To export a reference to this article please select a referencing style below:
Related ServicesView all
DMCA / Removal Request
If you are the original writer of this essay and no longer wish to have the essay published on the UK Essays website then please: