• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 466
  • Last Modified:

Basic Office Network Design and some basic questions!

Hi,

I asked a similar question a couple of days ago, and through the feedback I have got I have amended my design ( see attached ) I basically want to know if you guys (the experts) believe this design is workable.  (I am learning all this from scratch)  We are a non profit org so I am trying to get as much knowledge as possible before seeking consultation, if we need it.

Basic rundown of what it will be doing/used for, before my questions.

Approx 50 users, peak concurrent usage will be 25-35.
Single Domain ourcompany.local
All users will be logging into TS via either a thin client, pc or RDP out of office hours.
Users will be using Office 2007, EMR software, internet access.

Ok my questions -

- Is this design workable, or are there some major flaws in the design, either cabling/hardware/configuration of snapins' (i appreciate it is pretty basic)
- SBS 2008 will manage DNS, so do i need to assign a subnet/ip to 2816 switch so that SBS will use the 10.0.0.X range? (i prefer this because it is easy to remember!)
- Im assuming, the firewall I should just open the usual ports, 25, 80, vpn, etc and forward them onto the IP of the 2816 if the above is correct.
- When making a DC/Secondary DNS, do these automatically propagate from the GC/DNS, or do I manually have to do it ?

I will be using backup exec to manage our backups and probably investing in eset software for virus protection.  Once again thank you for your help, and apologies if my questions sound incrediably stupid.  So much to learn !
networkdesign.pdf
0
lost_in_data
Asked:
lost_in_data
  • 4
  • 3
  • 2
  • +3
3 Solutions
 
Robberbaron (robr)Commented:
1. Users. You need a license (CAL) for each individual user ie 50.. Concurrent doesn't exist for MS. I dont think Device CAL's will work out as you want to use remote access.

2. DHCP can be assigned how you want.

3. Check the SBS Docs for the required ports as there are a few different. And make sure you use SBS2008 docs, as ports have changed since 2003.

4. DNS/ AD automatically syncs across servers (when all is working properly.)

5. File Share box.  You have speced a SAS Raid controller but only using RAID1 which is not very efficient and very difficult to expand. One thing I know for sure is that whatever storage you think is needed today, expect to double it for each subsequent year !. ie 2010=500G,  2011 = 1000G, 2012 = 2000G, 2014 = 4000G.. This is where RAID helps.

6. Tape backup... not supported directly by SBS2008 now as it is too small generally. Just have one 'backup exec' media server with the USB drive hanging off that and RemoteAgents on others.

7. Exchange stores. If you ever need to do an offline defrag or recovery, then you need 110% of current store as spare space. Can you actually buy 160G SATA anymore ? 320 appears the smallest current drives, not much up to 500G.


0
 
lost_in_dataAuthor Commented:
Hi thank you for the response, ive considered the file storage as well to be a lil small and redundant, i think i may opt for raid 10 with a larger HDD, to be honest our users are not going to store much information due to legal requirements and information staying IN the emr, however raid 10 may provide better performance when they do.

One thing I am not quite sure on is you said backup exec on one machine and run HDD off that ? I was going to install it on server one, and modules on s2 and s3, and jus do back ups there,  the tape drive HAS to be used.  To be honest ive never used backup exec or veritas so I aint fully aware of the implications, but i have the admin guide which I am going through now.  But thanks for your reply so far, I am going to leave the question open for a little longer just incase anyone can shed light on if the hardware is capable enough for what I am going to ask it to do.
0
 
Cris HannaCommented:
You do understand, that your SBS Server cannot function as the TS Server, correct?
Furthermore 30-50 TS Users is going to present some significant challenges.   EMR I'm guessing stands for Electronic Medical Record?  Which means database stuff.  If that's correct, VPN is out of the question due to bandwidth.
But think about normal PC usage.  Each user will at a minimum need 1-2 GB assigned to them for their TS Session   At max usage, even at 1 GB, your talking 50 GB of memory plus the over head of the OS.  You can't put that much RAM in one box, even 64 bit.
I'm not sure SBS is the best solution here, because you're really talking multiple TS Servers (A TS Farm if you will).   This article gives a great explanation of TS Farms  http://www.techotopia.com/index.php/Deploying_a_Windows_Server_2008_Terminal_Server_Farm_using_TS_Session_Broker
There will be no local pc clients?
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
dosdet2Commented:
I agree with most of what has been stated.  
Although the max RAM in one box is not entirely accurate.  I have a server sitting on my desk (waiting to be loaded) that has 64GB or ram.  The vendor where I got it had units that had larger RAM capacities.  With that said, it doesn't mean that the OS can access/ use all of it and I wouldn't recommend running that many TS sessions on one box either.

A suggestion on backup though.  I would setup a backup "server" - really just a workstation who's sole purpose is backing up to HDs.  Check into Backup-for-workgroups.  Best backup solution I've seen for a small / medium network.  After the initial backup, it does incremental BU - fast, + it does AD, Registry, exchange and open files. You have local storage + 1 or more mirrors on or off site.  ( http://www.backup-for-workgroups.com/ ) It can restore right down to the screen-saver settings & include or exclude the device drivers (new hardware?)

My 2ยข worth.

0
 
Cris HannaCommented:
In order to run more than 32 GB RAM on 64bit OS, you must run Windows Server 2008 Enterprise or Data Center Edition. to which the Max Ram is 2 TB.  
0
 
lost_in_dataAuthor Commented:
"You do understand, that your SBS Server cannot function as the TS Server, correct?

Furthermore 30-50 TS Users is going to present some significant challenges.   EMR I'm guessing stands for Electronic Medical Record?  Which means database stuff.  If that's correct, VPN is out of the question due to bandwidth."

Yeah I understand that SBS cannot function as the TS Server, although premium does allow the second server to run as TS, we will be using that as SQL (cheaper on licenses). plan was to install server 2008 on two member servers to act as TS.  These servers with session broker will load balance, uping the ram is a easy option.  VPN will be used sparingly, this isnt a thing that requires to be used, but something that will be there if someone needs.  Did you check the diagram, it already shows two servers in a farm.

There will be approx 5 pc clients.  The rest are thin clients.  At the moment i figure we have 25-35 peak usage of terminal servers, so with broker at peak your looking at 18 users on one TS server.  Like I said, im new to this and accept any feedback you guys offer.  EMR software has a 200mb ram footprint.  

0
 
lost_in_dataAuthor Commented:
"A suggestion on backup though.  I would setup a backup "server" - really just a workstation who's sole purpose is backing up to HDs.  Check into Backup-for-workgroups.  Best backup solution I've seen for a small / medium network.  After the initial backup, it does incremental BU - fast, + it does AD, Registry, exchange and open files. You have local storage + 1 or more mirrors on or off site.  ( http://www.backup-for-workgroups.com/ ) It can restore right down to the screen-saver settings & include or exclude the device drivers (new hardware?) "

Hey thank you for the feedback, the reason I was considering backup exec was due to a number of reasons, we need to use the tape drive to take back ups offsite, the ability to back up a open sql database, and the fact we can obtain this product through a donation programe.  File storage and exchange data will not be business critical, I will take back up of these maybe on a weekly (full), daily (incremental) onto the external drives,  but the SQL database is, so thats my reasoning for it.  Im open to any suggestions.

0
 
Cris HannaCommented:
I've never heard of someone running session broker on an SBS server but that doesn't mean it can't...might be better handled on the second (SQL server) and then the two additional terminal servers.  So you're looking at 4 boxes...not cheap
 
0
 
Sebastian TalmonSystem Engineer Datacenter SolutionsCommented:

If you get backup exec through a donation programe, this would be the way to go: backup exec is a really nice software  (robberbaron: tape backup could be handled though normal windows backup - I have this running at customers site allready... but does not make sense here when we could use backup exec)

If you could get cheap "Agent"-Licenses for Backup Exec, you could backup the other servers through one single server (with tape drive etc.)... no need for seperate local backup to external discs

Is there a reason why you use expensive SAS controllers but cheap SATA discs?  (for SATA-discs you could use SATA-controllers, and with the SAS controllers you could think of using SAS Harddisks if you need better performance

Robberbaron:  what do you mean with "RAID 1 is ... very difficult to expand"? As far as I know it is the same with RAID10/RAID5/RAID6... or is there a nice solution for expanding RAID? (sorry, I need to learn on this subject too)
0
 
dosdet2Commented:
Backup-for-workgroups does our SQL database also.  We setup an additional daily backup within the SQL configuration manager.  We have a NAS drive off site that mirrors the local backup disks - no human error trying to remember to take the tapes off-site, or identifying which tape contains the version of file you want to restore.

Tapes are slow when doing a partial find & restore, they can go bad easily and many times you don't know it until restore time comes.  They are also small in comparison to the Storage sizes of today (unless you want to spend thousands on your BU system), and using multiple tapes increases the chances of a bad backup if one tape starts to fail.

A 500gb tape runs at least $60 a pop, where a seagate enterprise class 1TB drive runs $155.  HD backup solutions are the way to go.
0
 
mikecrCommented:
Lost_in_data, you may want to use 2008 R2 with the Remote Desktop Web function enabled as this will help for you to eliminate VPN. You can put a cetificate on it, open 443 on the firewall or NAT backwards on 443 to the server and the users will have secure logins and be able to access the applications remotely, thus getting rid of any need for VPN. You will also have the ability to remote control machines on the network from R2 as well.

Here is a wonderful utility that may help you out as well with your SQL backups.

http://www.freedownloadscenter.com/Utilities/Backup_and_Copy_Utilities/SQLBackupAndFTP.html
0
 
Robberbaron (robr)Commented:
0
 
lost_in_dataAuthor Commented:
Thanks for the input guys.
0

Featured Post

2018 Annual Membership Survey

Here at Experts Exchange, we strive to give members the best experience. Help us improve the site by taking this survey today! (Bonus: Be entered to win a great tech prize for participating!)

  • 4
  • 3
  • 2
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now