Network Solution Proposal: Crete LLC's Network Infrastructure Design
VerifiedAdded on  2019/09/24
|10
|2103
|176
Report
AI Summary
This report presents a network solution proposal for Crete LLC, detailing the design and implementation of a robust and secure network infrastructure. The proposal recommends a multi-server setup with Active Directory, including forest and domain controllers, to manage user authentication and access. It outlines the utilization of FSMO roles, Group Policy, and DNS for efficient network management and security. File services are addressed with the implementation of DFS and FSRM for data storage and management. Remote access solutions, including DirectAccess, are proposed to enable secure access for remote users. The report also covers the deployment of WSUS for automated software updates and patch management. The proposed solution aims to provide Crete LLC with a scalable, secure, and manageable network environment.
Running head: Network Solution Proposal 1
Network Solution Proposal
Student Name
Institution
Keywords: FDQN (Fully Qualified Domain Name), FSMO (Flexible single master operation)
FSRM (File Server Resource Manager)
Network Solution Proposal
Student Name
Institution
Keywords: FDQN (Fully Qualified Domain Name), FSMO (Flexible single master operation)
FSRM (File Server Resource Manager)
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Network Solution Proposal 2
Contents
Active Directory..................................................................................................................3
Global Catalog and FSMO..................................................................................................4
Group Policy........................................................................................................................5
DNS.....................................................................................................................................5
File Services.........................................................................................................................5
Remote Service....................................................................................................................7
WSUS (Windows Server Update Services).........................................................................7
Bibliography........................................................................................................................9
Contents
Active Directory..................................................................................................................3
Global Catalog and FSMO..................................................................................................4
Group Policy........................................................................................................................5
DNS.....................................................................................................................................5
File Services.........................................................................................................................5
Remote Service....................................................................................................................7
WSUS (Windows Server Update Services).........................................................................7
Bibliography........................................................................................................................9
Network Solution Proposal 3
Active Directory
There are various good ways for developing this network. In this example, I would recommend
Crete LLC, which we will look at as a customer, have at least three servers, at a minimum, it will
provide one server per location. It is my proposal that we give two servers to every area, a local
controller for the domain and keeps a copy of the Active Directory, and the other is entirely a
document sharing service that will be accessible at all areas. I would have recognized what
facilities we will implement to meet the needs of the customer. Currently, Crete LLC is using
Microsoft Windows Server 2012 edition Active Directory domain infrastructure which is being
supported by the relationship of child/parent. DC1 will be forest root DC, also its FQDN name
will be CreteLLC.com which be acting as parent domain controller. Hutson will be the location
for a second domain controller that will be providing different roles, and the naming convention
of Houston.CreteLLC.com. As the domain of Dallas and Los Angeles are a child, so they will be
having a common shared name which will be: Dallas.CreteLLC.com and LA.CreteLLC.com.
The child's domain name is directly associated with the name of its original/parent domain,
which has its unique domain name system (DNS). (Microsoft, Active Directory, 1999)
Active Directory
There are various good ways for developing this network. In this example, I would recommend
Crete LLC, which we will look at as a customer, have at least three servers, at a minimum, it will
provide one server per location. It is my proposal that we give two servers to every area, a local
controller for the domain and keeps a copy of the Active Directory, and the other is entirely a
document sharing service that will be accessible at all areas. I would have recognized what
facilities we will implement to meet the needs of the customer. Currently, Crete LLC is using
Microsoft Windows Server 2012 edition Active Directory domain infrastructure which is being
supported by the relationship of child/parent. DC1 will be forest root DC, also its FQDN name
will be CreteLLC.com which be acting as parent domain controller. Hutson will be the location
for a second domain controller that will be providing different roles, and the naming convention
of Houston.CreteLLC.com. As the domain of Dallas and Los Angeles are a child, so they will be
having a common shared name which will be: Dallas.CreteLLC.com and LA.CreteLLC.com.
The child's domain name is directly associated with the name of its original/parent domain,
which has its unique domain name system (DNS). (Microsoft, Active Directory, 1999)
Network Solution Proposal 4
Database security is very important while maintaining trademarks and patent, this is the reason
that there is a need for a secure remote connection between the offices of Hutson and Los
Angeles. Just a read-only domain controller will be required for connecting to the LA office with
safe remote access to the domain of Houston, as the branch of LA is small and the requirement
for direct support of administrator is less important than the Houston office. Security benefits
will be provided by DC4's RODC, as replication will be happening only from Hutson to Los
Angeles while achieving the requirements of the replication of passwords and separation of the
roles of admins. (Kedar). After this, FSMO roles should be identified and kept within the
network.
Global Catalog and FSMO
While setting up a domain, it is important to consider the roles of FSMO. There is total of
5 roles of FSMO that need to be considered and to avoid creating any kind of failure. Among the
three domains, these roles will be divided. Domain master and schema master are the two type of
forest roles that DC1 will have. (Microsoft, FSMO placement, and optimization on Active
Directory domain controllers, 2017) Both come under enterprise roles and they are best for
installation on the domain of forest level. The DC2 server will be installed with RID master and
PDC eliminator. While the Infrastructure Master will have served as a global catalog server on
DC1 and DC3.
Database security is very important while maintaining trademarks and patent, this is the reason
that there is a need for a secure remote connection between the offices of Hutson and Los
Angeles. Just a read-only domain controller will be required for connecting to the LA office with
safe remote access to the domain of Houston, as the branch of LA is small and the requirement
for direct support of administrator is less important than the Houston office. Security benefits
will be provided by DC4's RODC, as replication will be happening only from Hutson to Los
Angeles while achieving the requirements of the replication of passwords and separation of the
roles of admins. (Kedar). After this, FSMO roles should be identified and kept within the
network.
Global Catalog and FSMO
While setting up a domain, it is important to consider the roles of FSMO. There is total of
5 roles of FSMO that need to be considered and to avoid creating any kind of failure. Among the
three domains, these roles will be divided. Domain master and schema master are the two type of
forest roles that DC1 will have. (Microsoft, FSMO placement, and optimization on Active
Directory domain controllers, 2017) Both come under enterprise roles and they are best for
installation on the domain of forest level. The DC2 server will be installed with RID master and
PDC eliminator. While the Infrastructure Master will have served as a global catalog server on
DC1 and DC3.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Network Solution Proposal 5
We will utilize a model of the multi master for FSMO roles. This will mean that every
domain controller we be master of its own and they will be receiving their own updates. They
can be self-reliant configured, and across the forest, they will send their own message. There
may be some conflicts with updating particularly this model, but luckily using "Windows to
solve DC" using these algorithms (TechNet, 2014).
Group Policy
Network breach could heavily cost a company, so it is always recommended not to run
any system or PC with a default password. With the help of GPOs, also known as Group Policy
Objects complexities of the password could be easily regulated by configuration, how often a
user can try to enter the wrong password before he exits the system and more. There are benefits
in addition to the option of the event log that GPOs use in the reporting of events on the network.
UAC also known as User Accounts Controls are used for systems or PCs that will make it hard to
run any malicious software on the network without crashing the machine. (Tulloch, 2013)
DNS
DNS or Domain Name Service is a name that is given to internet domain so that it could
be located and translate to an internet protocol or IP. With regards to Crete LLC, we will provide
internal domain name as internal.crete.com and external or public domain name as certe.com.
This will make it possible for multi-master replication, along with highly secure DNS. The client
will be able to locate the domain when DNS is required by AD DS. (Ahmed, Reaz, Atiquzzaman,
& Fu, 2005).
File Services
As per the working of Crete, LLC works, data security very is important for the
organization, because of the encrypted drive, it will not be easy for anyone to manage the data if
We will utilize a model of the multi master for FSMO roles. This will mean that every
domain controller we be master of its own and they will be receiving their own updates. They
can be self-reliant configured, and across the forest, they will send their own message. There
may be some conflicts with updating particularly this model, but luckily using "Windows to
solve DC" using these algorithms (TechNet, 2014).
Group Policy
Network breach could heavily cost a company, so it is always recommended not to run
any system or PC with a default password. With the help of GPOs, also known as Group Policy
Objects complexities of the password could be easily regulated by configuration, how often a
user can try to enter the wrong password before he exits the system and more. There are benefits
in addition to the option of the event log that GPOs use in the reporting of events on the network.
UAC also known as User Accounts Controls are used for systems or PCs that will make it hard to
run any malicious software on the network without crashing the machine. (Tulloch, 2013)
DNS
DNS or Domain Name Service is a name that is given to internet domain so that it could
be located and translate to an internet protocol or IP. With regards to Crete LLC, we will provide
internal domain name as internal.crete.com and external or public domain name as certe.com.
This will make it possible for multi-master replication, along with highly secure DNS. The client
will be able to locate the domain when DNS is required by AD DS. (Ahmed, Reaz, Atiquzzaman,
& Fu, 2005).
File Services
As per the working of Crete, LLC works, data security very is important for the
organization, because of the encrypted drive, it will not be easy for anyone to manage the data if
Network Solution Proposal 6
the drive gets stolen or lost. NTFS security permissions will be used for the network so that users
need to know how to limit access to folders. The NTFS quota will be used to "restrict the number
of hard drive space for users on a server" (Russinovich, Solomon, & Ionescu, 2009). This will
restrict the users to use a lot of space on file servers.
Crete LLC is located in three different regions, so there is a possibility that all of them
will need to access files and data from each other. We will implement DFS (Distributed File
Services) because it "enables for a group of shared servers that are in one or more logically-
structured namespaces on different servers, users can see namespace as a single folder with
subfolders. (Rao, 1989). With the help of DFS, within in the Crete LLC, multiple targets for
various servers can be configured within the single folder. After this, with the help of replication
between the servers, all the folders will sync. DFS has many advantages, including the fact that
"it randomly distributes file access to balance load on many discrete disk drives or servers and to
improve time of response during peak usage". (Microsoft, DFS Namespaces and DFS
Replication Overview, 2016). All the namespace will be based on a domain like:\\
CreteLLC.com\public.
We will implement FSRM for the management of disk quotas. FSRM means File Service
Resource Manager, it helps admins in managing and classifying the data stored in file servers,
this is set up in storage and file server. In Crete LLC we will be implementing 150 MB for users
and 300 MB additional for Sales and Managers. FSRM will be used to control email storage, in
which a level of 75 MB is set for warning message and 100 MB and above data will be restricted
to send. Here also we will allow additional 300 MB for Sales and Managers. To ensure that one
server is not facing heavy load during the failures and issues, we will implement file share
system.
the drive gets stolen or lost. NTFS security permissions will be used for the network so that users
need to know how to limit access to folders. The NTFS quota will be used to "restrict the number
of hard drive space for users on a server" (Russinovich, Solomon, & Ionescu, 2009). This will
restrict the users to use a lot of space on file servers.
Crete LLC is located in three different regions, so there is a possibility that all of them
will need to access files and data from each other. We will implement DFS (Distributed File
Services) because it "enables for a group of shared servers that are in one or more logically-
structured namespaces on different servers, users can see namespace as a single folder with
subfolders. (Rao, 1989). With the help of DFS, within in the Crete LLC, multiple targets for
various servers can be configured within the single folder. After this, with the help of replication
between the servers, all the folders will sync. DFS has many advantages, including the fact that
"it randomly distributes file access to balance load on many discrete disk drives or servers and to
improve time of response during peak usage". (Microsoft, DFS Namespaces and DFS
Replication Overview, 2016). All the namespace will be based on a domain like:\\
CreteLLC.com\public.
We will implement FSRM for the management of disk quotas. FSRM means File Service
Resource Manager, it helps admins in managing and classifying the data stored in file servers,
this is set up in storage and file server. In Crete LLC we will be implementing 150 MB for users
and 300 MB additional for Sales and Managers. FSRM will be used to control email storage, in
which a level of 75 MB is set for warning message and 100 MB and above data will be restricted
to send. Here also we will allow additional 300 MB for Sales and Managers. To ensure that one
server is not facing heavy load during the failures and issues, we will implement file share
system.
Network Solution Proposal 7
Remote Service
The technology Remote Access in computer networking allows a user to log in that
computer as an authorized user and this can be done without sitting on that computer or system.
For this, we will use direct accessibility which is a technique similar to VPN (Traditional), but it
is more secure than VPN.
Direct Access Client will be used because they have more capacity to manage, DAC will
be having direct connectivity with the management servers which will allow keeping everything
to under security compliance. (DirectAccess: Microsoft's Newest VPN Solution - Part 1:
Overview of Current Remote Access Solutions - TechGenix, n.d.). From direct access, IT will
help in managing those customers who are not physically involved in providing a
communication method for management or sales.
WSUS (Windows Server Update Services)
WSUS is also known as Windows Server Updates Services, it was earlier also known as
Software Update Services. In this, a program which is developed by Microsoft helps admin in
managing the hotfixes and updates which are released for Microsoft products. (Service Pack and
Update Center, n.d.) CreteLLC.com will environment of various independent servers. DC1 will
be downloading updates from the Microsoft Update server and acting as child WSUS DC2, DC3
and DC4 will be updated on this basis. Everything will be managed automatically on this server.
The system or PCs of the client will be configured for targeting client site. This will also
to create a testing environment before implementing the same on other computers. This can be
important when ideas of some applications may be incompatible with new updates. After a
Remote Service
The technology Remote Access in computer networking allows a user to log in that
computer as an authorized user and this can be done without sitting on that computer or system.
For this, we will use direct accessibility which is a technique similar to VPN (Traditional), but it
is more secure than VPN.
Direct Access Client will be used because they have more capacity to manage, DAC will
be having direct connectivity with the management servers which will allow keeping everything
to under security compliance. (DirectAccess: Microsoft's Newest VPN Solution - Part 1:
Overview of Current Remote Access Solutions - TechGenix, n.d.). From direct access, IT will
help in managing those customers who are not physically involved in providing a
communication method for management or sales.
WSUS (Windows Server Update Services)
WSUS is also known as Windows Server Updates Services, it was earlier also known as
Software Update Services. In this, a program which is developed by Microsoft helps admin in
managing the hotfixes and updates which are released for Microsoft products. (Service Pack and
Update Center, n.d.) CreteLLC.com will environment of various independent servers. DC1 will
be downloading updates from the Microsoft Update server and acting as child WSUS DC2, DC3
and DC4 will be updated on this basis. Everything will be managed automatically on this server.
The system or PCs of the client will be configured for targeting client site. This will also
to create a testing environment before implementing the same on other computers. This can be
important when ideas of some applications may be incompatible with new updates. After a
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Network Solution Proposal 8
successful test of more than one-week trial, it can be implemented on a larger scale. (Foust,
Chellis, Sheltz, & Sage London, 2006)
Summary
Crete LLC will have strong network framework after implementing the above-
recommended solutions. It will provide security as well as scalability which Crete LLC needs for
their success and their growth. DC1 will be provided with Forest FSMO role and DC2 and DC3
roles will be provided with domain FSMO roles. For extra security group policy will be used.
Those users like Managers and Salespersons, who have clients will be provided with remote
access. Windows will be loading from child servers which will relate to main server DC1.
successful test of more than one-week trial, it can be implemented on a larger scale. (Foust,
Chellis, Sheltz, & Sage London, 2006)
Summary
Crete LLC will have strong network framework after implementing the above-
recommended solutions. It will provide security as well as scalability which Crete LLC needs for
their success and their growth. DC1 will be provided with Forest FSMO role and DC2 and DC3
roles will be provided with domain FSMO roles. For extra security group policy will be used.
Those users like Managers and Salespersons, who have clients will be provided with remote
access. Windows will be loading from child servers which will relate to main server DC1.
Network Solution Proposal 9
Bibliography
Ahmed, A., Reaz, S., Atiquzzaman, M., & Fu, S. (2005). Performance of DNS as location
manager. Retrieved 2 13, 2018, from http://cs.ou.edu/~netlab/pub/dns-lm-eit05-final-
1.pdf
DirectAccess: Microsoft's Newest VPN Solution - Part 1: Overview of Current Remote Access
Solutions - TechGenix. (n.d.). Retrieved 2 13, 2018, from
http://www.windowsecurity.com/articles/DirectAccess-Microsofts-Newest-VPN-
Solution-Part1.html
Foust, M., Chellis, J., Sheltz, M., & Sage London, S. (2006). MCSE Windows Server 2003
network infrastructure planning and maintenance study guide. John Wiley and Sons.
Retrieved 2 13, 2018
Kedar, S. (n.d.). Database Management Systems. Technical Publications. Retrieved 2 11, 2018,
from https://books.google.com/books?id=Mv_anxicHoEC
Microsoft. (1999). Active Directory. Retrieved from Microsoft Developers Network:
https://msdn.microsoft.com/en-us/library/bb742424.aspx
Microsoft. (2016, 08 31). DFS Namespaces and DFS Replication Overview. Retrieved from
Microfost Docs: https://technet.microsoft.com/en-us/library/jj127250(v=ws.11).aspx
Microsoft. (2017, 06 08). FSMO placement and optimization on Active Directory domain
controllers. Retrieved 2 11, 2018, from Microsoft Support:
https://support.microsoft.com/en-us/kb/223346
Rao, A. K. (1989). The DFS distributed file system: Design and implementation. Retrieved 2 13,
2018, from http://scholarworks.rit.edu/cgi/viewcontent.cgi?article=1322&context=theses
Bibliography
Ahmed, A., Reaz, S., Atiquzzaman, M., & Fu, S. (2005). Performance of DNS as location
manager. Retrieved 2 13, 2018, from http://cs.ou.edu/~netlab/pub/dns-lm-eit05-final-
1.pdf
DirectAccess: Microsoft's Newest VPN Solution - Part 1: Overview of Current Remote Access
Solutions - TechGenix. (n.d.). Retrieved 2 13, 2018, from
http://www.windowsecurity.com/articles/DirectAccess-Microsofts-Newest-VPN-
Solution-Part1.html
Foust, M., Chellis, J., Sheltz, M., & Sage London, S. (2006). MCSE Windows Server 2003
network infrastructure planning and maintenance study guide. John Wiley and Sons.
Retrieved 2 13, 2018
Kedar, S. (n.d.). Database Management Systems. Technical Publications. Retrieved 2 11, 2018,
from https://books.google.com/books?id=Mv_anxicHoEC
Microsoft. (1999). Active Directory. Retrieved from Microsoft Developers Network:
https://msdn.microsoft.com/en-us/library/bb742424.aspx
Microsoft. (2016, 08 31). DFS Namespaces and DFS Replication Overview. Retrieved from
Microfost Docs: https://technet.microsoft.com/en-us/library/jj127250(v=ws.11).aspx
Microsoft. (2017, 06 08). FSMO placement and optimization on Active Directory domain
controllers. Retrieved 2 11, 2018, from Microsoft Support:
https://support.microsoft.com/en-us/kb/223346
Rao, A. K. (1989). The DFS distributed file system: Design and implementation. Retrieved 2 13,
2018, from http://scholarworks.rit.edu/cgi/viewcontent.cgi?article=1322&context=theses
Network Solution Proposal 10
Russinovich, M. E., Solomon, D. A., & Ionescu, A. (2009). Windows Internals. Microsoft Press.
Retrieved 2 13, 2018
Service Pack and Update Center. (n.d.). Retrieved 2 13, 2018, from
http://windows.microsoft.com/en-us/windows/service-packs-download#sptabs=win7
TechNet, M. (2014, April 23). Active Directory FSMO Roles in Windows. Retrieved from
Microsoft TechNet: https://support.microsoft.com/en-us/kb/197132
Tulloch, M. (2013). Introducing Windows Server 2012 R2 Preview Release. Microsoft Press.
Retrieved 2 13, 2018, from http://download.microsoft.com/download/7/4/1/741189C7-
ECC5-4012-BCC2-E94D5DD7145E/
Microsoft_Press_ebook_Introducing_Windows_Server_2012_R2_Preview_PDF.pdf
Russinovich, M. E., Solomon, D. A., & Ionescu, A. (2009). Windows Internals. Microsoft Press.
Retrieved 2 13, 2018
Service Pack and Update Center. (n.d.). Retrieved 2 13, 2018, from
http://windows.microsoft.com/en-us/windows/service-packs-download#sptabs=win7
TechNet, M. (2014, April 23). Active Directory FSMO Roles in Windows. Retrieved from
Microsoft TechNet: https://support.microsoft.com/en-us/kb/197132
Tulloch, M. (2013). Introducing Windows Server 2012 R2 Preview Release. Microsoft Press.
Retrieved 2 13, 2018, from http://download.microsoft.com/download/7/4/1/741189C7-
ECC5-4012-BCC2-E94D5DD7145E/
Microsoft_Press_ebook_Introducing_Windows_Server_2012_R2_Preview_PDF.pdf
1 out of 10
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024  |  Zucol Services PVT LTD  |  All rights reserved.