Solved

Network Overhaul

Posted on 2007-03-23
11
238 Views
Last Modified: 2010-04-20
Hi experts.

I will soon have the opportunity to completely overhaul our biggest customer’s network and I was looking for some general advice and pointers. The network will be Microsoft based (Win 2003 Server, Exchange, ISA etc) No decisions have been made on the number or spec of servers yet. The network will consist of 400 Windows XP PCs with 1600 users in a school environment. All users will have an exchange mailbox, personal home folder and roaming profiles.

Obviously I’m not expecting a detailed spec from this info, I was just trying to get a general idea of how many servers I should have, and what services should run on which servers.

Thanks
0
Comment
Question by:japawson183
  • 4
  • 3
  • 3
  • +1
11 Comments
 
LVL 9

Expert Comment

by:herbus
ID: 18779238
You'll get different opinions probably, but here's something to get you thinking... focus on the services listed, not the number of servers, cos a lot of this could be combined to reduce actual hardware platforms needed...

1. Domain Controller / DHCP / DNS / Backup Media Server
2. 2nd DC / DNS / IAS (RADIUS) Service for Secured Wireless Connections
3. File + Print server
4. Exchange server
5. AV + other administrative tools/consoles (could happily sit on another box... the proxy would be a fair one to use)
6. Proxy / Cache / Web Filter server
7. (optional) Exchange front-end server in DMZ for Webmail + Mobility services... this could run a proxy/cache service as well if you wanted to keep server numbers down


Capacity requirements you'll have to cater for, and if it's a school they always seem to end up with Dell stuff but not necessarily, just consider hardware/software pricing for academic will be better if it's offered...

Also consider virtualising some or all platforms/services if it's going to drive cost down (there'll be a sweet spot when you're better off buying a big vm box instead of x amount of little ones)...

Cheers,
Herb
0
 
LVL 2

Expert Comment

by:djohnson104
ID: 18779528
Alternative solution.
1 DC/DNS (2003 R2)
2 DC/DNS (2003 R2)
3 File + Print Server (2003 R2)
4 Exchange (Back) (2003 R2)
5.Exchange (Front) (2003 R2)
6 Application Server (Internal) (2003 R2)
7 Application Server (External DMZ)(2003 R2)
8 Storage Server for Roaming Profiles (2003 R2)
9 Layer 3 Switch to break up the 400 users in to smaller broadcast domains? This could also server as your DHCP/DNS.
10 ASA Firewall for DMZ and VPN.
11 RADIUS server for VPN and Wireless.
----------------------------------------------------------------

This is a big guess but i think its better to start big then cut and consolidate.




0
 

Author Comment

by:japawson183
ID: 18779574
Thanks for the info so far, looks like i was on the right track. Any ideas about specs for the DCs?
0
 
LVL 2

Assisted Solution

by:djohnson104
djohnson104 earned 100 total points
ID: 18779622
We build our own basic servers for DC's. They are running 2.4 Xeons with a GB of RAM. Nothing to special just as long as they are solid. As for our Exchange and Storage server we use prebuilt IBM machines. IBM has great support and we can understand what they say.
0
 
LVL 9

Accepted Solution

by:
herbus earned 150 total points
ID: 18779683
As far as hardware specs go, a pizza box will generally do... I know HP/IBM, not to say you'd go with either, but look at an HP DL360 as an example... 1RU, 1 dual core cpu, maybe 1gb or 2 of mem, all expandable if you need it.  Could get away with a DL320 if you're doing it on the cheap... I'm sure Dell or whoever you're looking at will have something along those lines... DC's won't be overly cpu/memory intensive unless you double-up with other services... suggest having all servers on a gigabit switch, but probably not necessary to the desktops...

Something to consider for a school I guess is that class times generally see almost everyone logging in within a short time... if it's 1600 users, then 2 DC's would be ok, but if wireless is important enough to warrant a 2nd RADIUS server for redundancy, then there you could have a 3rd DC too and it couldn't hurt...
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 

Author Comment

by:japawson183
ID: 18779753
Thanks for the advise guys.
0
 
LVL 9

Expert Comment

by:herbus
ID: 18779876
No probs, have fun with the project,.. thanks for the points
0
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 18780757
Wow... you want general advice and you leave the question open for an hour and close it after two responses?  I'll post my thoughts next week (I'll be lucky to be home for more than sleep over the next 3 days - my background includes Windows Admin in a Biomedical research facility 2.5x the size of your organization but still with a number of similarities - and roaming profiles are not good!
0
 
LVL 2

Expert Comment

by:djohnson104
ID: 18781172
Leew. "clap, clap" < that is for you.
0
 
LVL 9

Expert Comment

by:herbus
ID: 18783973
Leew makes a very good point.  I only had about 600 staff & students to worry about when I managed a school a couple years back, so you'll have even more data to consider and roaming profiles are a two-edged sword.

While they could do without them, in my case some of the students and just about all of the staff were hopeless with computers, so they needed it all EASY... roaming profiles let them have their settings follow them and they could individually customise it enough to be comfortable with finding things, but I'd suggest you look at policy-based folder redirections etc so they don't bloat their profiles with docs and such... one example - saving to 'my documents' always seems like such a good idea but if you don't point it to a network path then it'll stick in the profile and wanna save/load everywhere they go...

...that said, folder redirections can let you do fancy things without roaming profiles too, and there's a few ways to skin the cat... If leew's up to posting any more tips on it then keep it all in mind, eh?

Cheers,
Herb
0
 

Author Comment

by:japawson183
ID: 18791177
Anymore advise is welcome,!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

More or less everybody in the IT market understands the basics of Networking, however when we start talking about Storage Networks, things get a bit dizzier, and this is where I would like to help.
Moving your enterprise fax infrastructure from in-house fax machines and servers to the cloud makes sense — from both an efficiency and productivity standpoint. But does migrating to a cloud fax solution mean you will no longer be able to send or re…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now