• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 770
  • Last Modified:

What is considered as Best Practices for a small office network?

I have several clients with small offices networks ranging from 10 to 25 PC's plus multifunctional equipment. The most common setup is a Router/Modem working as DCHP Server and Gateway, some server working as File or Database Server and all the clients getting their network configuration from the DHCP Server(router) with exception of File Server or Multifunctional printer configured as static IP. Although this setup works most times, sometimes we've found issues working with mapped drives and or domains. I've  read that for instance the DNS Server is a key for domain performance, but sometimes clients don't want the complexities that this type of configuration brings and the security is not an issue. I've seen that the term "Best Practices" is widely used these days and I was wondering which are best practices indeed for this scenario.
  • 3
  • 2
1 Solution
This is such a broad question, it's tough to answer, but I will try by answering with my personal preferences, and the reasons for each:

-Windows Active Directory domain.  I like Windows 2008.  Why?  Because it's not 2003, which is ancient, and it's not 2012, which I don't care for.
-Better than default router.  I like SonicWall, specifically the TZ-210 and similar.
-If they have exchange, keep exchange.  If they don't, host it externally.  POP3 email is miserable.
-Centrally managed, CORPORATE antivirus software.  No free stuff.
-Two forms of backup.  One of them something cloud based, even if its Carbonite.
-Decent battery backups.  Run a battery test.  See how long it actually holds up.  If its less than 15 minutes for their server, they need something better.
-Above 5 users, get an actual server, not a NAS box.
-Above 25 users, have at least 2 servers - one for email, one for files.  Do the exchange in-house for sure at that point.
-Windows Updates - do them.

Just my $0.02 worth.  Hope it helps.

Chris M.
Lee W, MVPTechnology and Business Process AdvisorCommented:
Re: DNS - If you have a Domain, you MUST set the workstations to use the DC as the DNS server.  This is not optional.  Setting it any other way causes problems with logons and accessing network resources.

If the servers are running Small Business Server (2003, 2008, 2011 Standard) then if you want them to work properly, they MUST be on the DHCP server.

I would ALWAYS make Windows Servers the DHCP except when running a Server Essentials system (that's designed so that Windows is NOT the DHCP server).  Windows is easier to manage and see what's going on.

Best practices should ALWAYS be followed unless there's a GOOD reason not to.  That happens sometimes.  But unless you're working under the idea that a complex network that only you understand is job security (a HIGHLY UNPROFESSIONAL thing to do).  By following best practices you make it possible for someone to walk in and help when you get hit by a bus.  You make it possible for you to call another professional while you're away and they can easily come in and work on / resolve issues without you needing to be present.  Not only that but they are best practices because many people, including the developers have designed the systems to work a certain way... and just because you can do it another way DOES NOT mean you should do it another way.
I agree with leew on all of those points as well.  And find a way to gently remind them that your recommendations are part of the reason you are their current professional and not their previous one :)
Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

One-SolutionAuthor Commented:
Guy's those are great insights thanks a lot! Leew hope I don't get hit by bus and just move on to better things Haha!!  FutureTechSysDOTcom when not using a centralized antivirus protection what would be your recommendation for an affordable antivirus solution for Windows Server IMO Symantec sucks on every level...
Lee W, MVPTechnology and Business Process AdvisorCommented:
I use VIPRE at all my clients.  GREAT management client, inexpensive, and has had responsive support.
One: When not using centralized AV protection, my recommendation would be to get one :)

I like Vipre as well.  I personally use Sophos at my clients.  Pepsi and Coke kind of thing I think.  Both plug the holes that Symantec leaves.  It's called Symantec because they destroyed the Norton brand, which used to mean quality.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Train for your Pen Testing Engineer Certification

Enroll today in this bundle of courses to gain experience in the logistics of pen testing, Linux fundamentals, vulnerability assessments, detecting live systems, and more! This series, valued at $3,000, is free for Premium members, Team Accounts, and Qualified Experts.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now