Solved

What is considered as Best Practices for a small office network?

Posted on 2013-11-13
6
673 Views
Last Modified: 2013-11-17
I have several clients with small offices networks ranging from 10 to 25 PC's plus multifunctional equipment. The most common setup is a Router/Modem working as DCHP Server and Gateway, some server working as File or Database Server and all the clients getting their network configuration from the DHCP Server(router) with exception of File Server or Multifunctional printer configured as static IP. Although this setup works most times, sometimes we've found issues working with mapped drives and or domains. I've  read that for instance the DNS Server is a key for domain performance, but sometimes clients don't want the complexities that this type of configuration brings and the security is not an issue. I've seen that the term "Best Practices" is widely used these days and I was wondering which are best practices indeed for this scenario.
0
Comment
Question by:One-Solution
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 4

Expert Comment

by:FutureTechSysDOTcom
ID: 39646984
This is such a broad question, it's tough to answer, but I will try by answering with my personal preferences, and the reasons for each:

-Windows Active Directory domain.  I like Windows 2008.  Why?  Because it's not 2003, which is ancient, and it's not 2012, which I don't care for.
-Better than default router.  I like SonicWall, specifically the TZ-210 and similar.
-If they have exchange, keep exchange.  If they don't, host it externally.  POP3 email is miserable.
-Centrally managed, CORPORATE antivirus software.  No free stuff.
-Two forms of backup.  One of them something cloud based, even if its Carbonite.
-Decent battery backups.  Run a battery test.  See how long it actually holds up.  If its less than 15 minutes for their server, they need something better.
-Above 5 users, get an actual server, not a NAS box.
-Above 25 users, have at least 2 servers - one for email, one for files.  Do the exchange in-house for sure at that point.
-Windows Updates - do them.

Just my $0.02 worth.  Hope it helps.

Regards,
Chris M.
0
 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 39647169
Re: DNS - If you have a Domain, you MUST set the workstations to use the DC as the DNS server.  This is not optional.  Setting it any other way causes problems with logons and accessing network resources.

If the servers are running Small Business Server (2003, 2008, 2011 Standard) then if you want them to work properly, they MUST be on the DHCP server.

I would ALWAYS make Windows Servers the DHCP except when running a Server Essentials system (that's designed so that Windows is NOT the DHCP server).  Windows is easier to manage and see what's going on.

Best practices should ALWAYS be followed unless there's a GOOD reason not to.  That happens sometimes.  But unless you're working under the idea that a complex network that only you understand is job security (a HIGHLY UNPROFESSIONAL thing to do).  By following best practices you make it possible for someone to walk in and help when you get hit by a bus.  You make it possible for you to call another professional while you're away and they can easily come in and work on / resolve issues without you needing to be present.  Not only that but they are best practices because many people, including the developers have designed the systems to work a certain way... and just because you can do it another way DOES NOT mean you should do it another way.
0
 
LVL 4

Expert Comment

by:FutureTechSysDOTcom
ID: 39647616
I agree with leew on all of those points as well.  And find a way to gently remind them that your recommendations are part of the reason you are their current professional and not their previous one :)
0
Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users

 

Author Comment

by:One-Solution
ID: 39648091
Guy's those are great insights thanks a lot! Leew hope I don't get hit by bus and just move on to better things Haha!!  FutureTechSysDOTcom when not using a centralized antivirus protection what would be your recommendation for an affordable antivirus solution for Windows Server IMO Symantec sucks on every level...
0
 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 39648544
I use VIPRE at all my clients.  GREAT management client, inexpensive, and has had responsive support.
0
 
LVL 4

Accepted Solution

by:
FutureTechSysDOTcom earned 200 total points
ID: 39648558
One: When not using centralized AV protection, my recommendation would be to get one :)

I like Vipre as well.  I personally use Sophos at my clients.  Pepsi and Coke kind of thing I think.  Both plug the holes that Symantec leaves.  It's called Symantec because they destroyed the Norton brand, which used to mean quality.
0

Featured Post

Revamp Your Training Process

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article summaries thoughts and ideas from two years of sustained use. It provides good reasoning to make the jump to Windows 10.
When asking a question in a forum or creating documentation, screenshots are vital tools that can convey a lot more information and save you and your reader a lot of time
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Suggested Courses

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question