Good Setup Configuration

Posted on 2006-11-13
Last Modified: 2010-04-10
Hi, I have a small company that I support that has around 15 people & will eventually grow to around 100 or so.  Right now they share a network with us...however, that is something that we would like to eliminate.  We want them to get their own services up & going, so I was hoping that someone could give me some suggestions on what to use.  I need to get something that is easy to configure & then even easier to maintain.  They will have a T1 going in, so let's base it on that premise

- Domain Controller - I would like this to be Windows 2003, can it double as their file-server, or is that a bit of a taboo?  How about WINS?
- Router/Firewall
- DHCP server?
- VPN?

Please let me know your suggestions...this is a Windows enviroment & email is not needed since their email is hosted.

Question by:rustyrpage
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 12

Expert Comment

ID: 17931791
is this homework?

first you have to establish a budget.  also how much downtime can they afford and willing to accept.  then you have licensing to deal with, if you are keeping it legitamit.  your budget will determine if you can afford another server dedicated for file and prnt sharing, but it can be done on the DC.  For your router, Firewall- i would go with cisco products.  if it is a DS1 (T1) that they are gettign then you would need a WIC card for the router.  you can then throw a pix501,515 or even the new cisco ASA models in there. either one of these devices support site to site and remote client vpn.

but if you just want to segregate them form your network, you can get a layer 3 switch, carve off a vlan that cannot communicate with yours and limit bandwidth

Author Comment

ID: 17931821
"Hi, I have a small company that I support".

It is not homework, I just want other people's opinions.
LVL 12

Expert Comment

ID: 17931845
i saw that. i have to ask though.   whatever,  form the response i gave you, how does any of that fit into your situation and budget
Now Available: Firebox Cloud for AWS and FireboxV

Firebox Cloud brings the protection of WatchGuard’s leading Firebox UTM appliances to public cloud environments. It enables organizations to extend their security perimeter to protect business-critical assets in Amazon Web Services (AWS).


Author Comment

ID: 17931949
The problem is that a Cisco solution, although a good name, may not be an easy implementation...unless they have changed from last time I used it.

Can you think of anything that I am missing to get them completely up & running?  Would you do the DHCP from the router/firewall?  What about WINS?
LVL 12

Expert Comment

ID: 17931973
there is nothign wrong with cisco.  and in my opinion, it is a very easy IOS to learn.  you have your choice between a simple command line or some easy GUIs.  i woudl do the dhcp from the domain controller.  i would run WINS also.  even in MS active directory 2003 WINS is needed.
LVL 32

Expert Comment

ID: 17932047
Alternate solution would be the Netscreen Firewalls from Juniper. They are pretty good, easy to learn and provide more feature set. Right from NS5GT or the newest SSG5, it provides Deep Inspection capabilities (Intrusion Prevention) and high throughput than PIX 501/506. Take a look at it.

LVL 12

Expert Comment

ID: 17932070
i would go with the Cisco ASA model.  it has aswesome throughput.  very good device and supports Web VPN
LVL 13

Accepted Solution

prashsax earned 500 total points
ID: 17934144
One server for Domain Controller. Same would work as WINS and DHCP server.(Windows 2003 Standard)

Get, one more server for Filer.
Fast Disk subsystem(SCSI 15K RPM), lots of RAM(1GB), Could be a single processor, Gigabit NIC.

As for terminating T1, I would use a simple cisco 2600 series router.

As, for VPN, you could using Windows Inbuit RRAS service for PPTP Dial-in VPNs. Its easy and simple to configure.

This would require you to spend less as well.

LVL 12

Expert Comment

ID: 17934175
for vpn i recommend hradware.  cisco pix, ASA, sonicwall, etc.

Expert Comment

ID: 17934286
You should never have only one domain controller. However, if you make a full system backup every day, store that offsite, do not mind your AD and services depending on them being offline for a extended period, you might be able to live with it until you can spend more money.

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
HP network exams 3 61
Cisco router 4400 and switch connection. 27 53
Check Spoof email 6 34
PoE Injector and switch 2 16
Let’s list some of the technologies that enable smooth teleworking. 
Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Internet Business Fax to Email Made Easy - With  eFax Corporate (, you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question