Server Proposal for Worldwide Advertising, Inc.

(WAI)

This proposal will outline the best technical solution to provide WAI with a flexible and
reliable IT infrastructure over the coming years. As both current sites in Los Angeles and
New York are connected through a VPN tunnel already then our proposal is as per the below
recommendations.
Deployment & Servers
Each site will be deployed with Windows Server 2008 R2 systems which will not only meet
the current requirements but also be well-equipped to meet future requirements and
organizational growth. An overall summary of the planned deployments is incorporated in the
table below:
Site
Los Angeles

New York

Server 2008R2

Server 2008R2

Core
Active Directory

File

DHCP & DNS

Sharing

Active Directory

File

DHCP & DNS

Sharing

Server 2008R2

Standard
Standard
&
Printer IIS Web Services

&

Printer IIS Web Services

Each site will be configured in an identical manner to aid with the ease of deployment,
configuration and ongoing maintenance this will also serve as a template model should any
further sites be added as the organization grows and looks to expand. Utilizing the Server
2008 Core installations will be ideal to use as the infrastructure servers running Active
Directory, DHCP & DNS services. Additional servers will be configured with Windows
Server 2008 Standard Edition to provide greater flexibility for further application utilization.

They will also be able to provide File & Printer Sharing as well as Web services through the
provision of IIS.
As well as Server 2008, there is a consideration for Desktop Operating Systems to be
deployed, this should take the form of Windows 7 Professional across all required
workstations and as a sensible precaution against unforeseen issues or new hire requirements
there should be additional workstations purchased above the 30 current employees. In order
to ensure that the system is easy to maintain going forward and new systems can be deployed
quickly a specific WAI image should be created using Windows System Image Manager.1

This will allow for the automatic configuration of the Windows 7 installation to corporately
agreed standards as well as adding workstation specific drivers and specific customizations
such as desktop background and screen saver properties to ensure a professional image. The

1 http://technet.microsoft.com/en-us/library/cc766347(v=ws.10).aspx

image will also be responsible for joining the machines to the Domain so that any
workstation is ready to be used as and when required.
DNS & DHCP
Fault tolerance is a specific requirement here and this will be provided by splitting the DHCP
scope2 across both servers so that there is fault tolerance across the network without having to
provide a bespoke cluster. With a split DHCP scope then DHCP traffic flood will be handled
more efficiently as well.
Each of the servers and any equipment such as printers will be configured with an IP
reservation this will ensure an orderly topology across both sites and allow IT support to
easily maintain such devices. All other network devices will receive IP addresses via DHCP
with a long lease time configured due to the low number of devices compared to available IP
addresses.
Similarly, DNS will be split across both sites with the management being integrated with
Active Directory which will ensure all DNS addresses and entries are replicated between sites
and allowing easy access of resources between Los Angeles & New York.
Active Directory
The creation of an Active Directory Domain running in native 2008 mode will be required
and this should take the form of a new WAI domain. In order to ensure each site has access to
the same levels of information then Replication3 will occur between each site with the
assumption that the VPN link between the two locations is high speed in which case
replication will be almost instantaneous.

2 http://technet.microsoft.com/en-us/library/cc733059.aspx
3 http://technet.microsoft.com/en-us/library/cc755994(v=ws.10).aspx

Each site will have a fully-writable Domain Controller. There is no need to make New York
for example a Read-Only Domain Controller (RODC) as there will be IT administration onsite and there may also be an expectation for greater user presence in New York as time goes
by. The WAI domain will be formed of the following Active Directory Organizational Units
(OUs):

Sales OU
Media OU
HR OU
Finance OU
IT OU

The image below shows a sample Active Directory configuration to give an overview of the
ease and flexibility of configuring and maintaining an Active Directory based infrastructure
of users, groups and computers.

Each user will experience similar functionality when logging on to the WAI domain as this
will be configured to utilize a logon script configuring access to their networked drives and
printers as well as controlling access levels to their system. Each OU will explicitly permit
permissions to that departments network share and this will be propagated down to each user

so that only authorized members of each department can access their data. Security groups
will be created to control the access to file shares and IT will easily be able to maintain
membership of this by adding or removing an employee in the Active Directory topology. As
there will be a small number of Groups setup on the WAI domain then each Security group
will be configured with a Universal scope.
Each OU will also have relevant groups setup as Distribution Lists so that e-mails can easily
be sent to each department or the wider organization as required.
Application Services
As well as operating systems, there will be several applications which need to be installed on
each workstation such as Anti-Virus software & Microsoft Office. There may also be other
requirements such as PDF readers and Java installations which should be added as part of the
Windows System Image for the initial workstation deployment.
Specific software requirements for each department will be managed through Active
Directory Group Policy if for example HR need a specific database application then those
employees who are members of the HR OU in Active Directory will have this application
downloaded and installed to their system. Not only does this keep installation and
configuration issues to a minimum for IT but it also ensures that only the required number of
licenses are needed and the organization is not paying for unnecessary software.
IIS74 configured on Windows 2008 Standard Edition will be used to provide an Internet
facing web-site with the multiple site model again being used to provide both fail-over and
load-balancing provisions. In order to make the website fully accessible externally then the
Network team will need to provide a DMZ for the servers so that the network is not opened to
unnecessary risks.
4 http://www.iis.net/

File & Printer Sharing

File shares will mirror the departments within organization also mirror each of the
organizational departments and they will use NTFS security 5 in order to ensure that only
authorized access is possible. This will ensure that all confidential and mission critical or
time-sensitive data will be protected as per standard auditing procedures. As well as corporate
departmental shares there will be a designated personal share for each employee and a Public
share for sharing of non-sensitive or department specific data.
Each share will be measured and managed via Quotas and thresholds along with an IT policy
in place to monitor for any non-corporate such as Pictures and Music files. Through
utilization of the File Server Resource Manager soft quotas and thresholds will be
implemented for each Department, Personal & Public share so that when a folder reaches
85% of its available limit there is an e-mail notification to the system administrators as well
as the users concerned.
In order to ensure that the network can be easily navigated and maintained there will be DFS
namespaces creating with targets specified on both file servers. This means that users only
need to access \\WIA\Public for example to access the public shared drive regardless of
whether they are in the Los Angeles or New York office.
Storage
For the Domain Controllers the recommended local storage would be a RAID 1 configuration
with two hard drives. Drive C will be used for the Operating System and Drive D for the
Active Directory System/Configuration files. Each of the File/Print Servers will be
configured in a similar RAID1 configuration for their operating system. Each file server will
then be separately connected to a RAID5 NAS which will contain the main data store for the
5 http://msdn.microsoft.com/en-us/library/ms913208(v=winembedded.5).aspx

WAI organization. This will allow the storage to be easily expanded in line with future
requirements but initial estimations for storage are as per the below figures:

Per User = 3GB for each personal drive = 30 x 30 = 90GB

Sales = 250GB
Media = 1.5TB due to large graphic files
HR = 100GB
Finance = 160GB
IT = 600GB due to storage of System Images

This gives a total storage requirement of 2.7TB.

Summary
To conclude, the proposal outlines the deployment of Windows Server 2008 R2 and Windows
7 professional across the new IT infrastructure. Both these server and desktop operating
systems will provide stable and up-to-date productivity. These systems will cope with
expansion and any organizational changes that are required as well as being an infrastructure
which is easy to setup and maintain.
In order to provide and configure the servers, the initial setup of two Server 2008 Core
Editions, including the Active Directory, DHCP & DNS configuration would take a few days
with an engineer performing the configuration and testing at each site. With the addition of
the File & Print Servers as well as the deployment of 30 employee workstations the
manpower and scheduling timeline is estimate at two weeks with a team of 6 engineers, 3 of
whom would be based in Los Angeles and 3 in New York.

Bibliography
Hassell, J. (2008). Windows Server 2008: The Definitive Guide.
Minasi, M., Gibson, D., Finn, A., Henry, W., & Hynes, B. (2010). Mastering
Microsoft Windows Server 2008 R2.
Tulloch, M. (2007). Introducing Windows Server 2008.