Running head: NETWORK SOLUTION PROPOSAL 1

Network Solution Proposal

Student Name

Institution

Keywords: FDQN (Fully Qualified Domain Name), FSMO (Flexible single master operation)

FSRM (File Server Resource Manager)

NETWORK SOLUTION PROPOSAL 2

Contents

Active Directory.................................................................................................................. 3

Global Catalog and FSMO.................................................................................................. 4

Group Policy ....................................................................................................................... 5

DNS..................................................................................................................................... 5

File Services ........................................................................................................................ 5

Remote Service ................................................................................................................... 7

WSUS (Windows Server Update Services) ........................................................................ 7

Bibliography ....................................................................................................................... 9
NETWORK SOLUTION PROPOSAL 3

Active Directory

There are various good ways for developing this network. In this example, I would recommend

Crete LLC, which we will look at as a customer, have at least three servers, at a minimum, it will

provide one server per location. It is my proposal that we give two servers to every area, a local

controller for the domain and keeps a copy of the Active Directory, and the other is entirely a

document sharing service that will be accessible at all areas. I would have recognized what

facilities we will implement to meet the needs of the customer. Currently, Crete LLC is using

Microsoft Windows Server 2012 edition Active Directory domain infrastructure which is being

supported by the relationship of child/parent. DC1 will be forest root DC, also its FQDN name

will be CreteLLC.com which be acting as parent domain controller. Hutson will be the location

for a second domain controller that will be providing different roles, and the naming convention

of Houston.CreteLLC.com. As the domain of Dallas and Los Angeles are a child, so they will be

having a common shared name which will be: Dallas.CreteLLC.com and LA.CreteLLC.com.

The child's domain name is directly associated with the name of its original/parent domain,

which has its unique domain name system (DNS). (Microsoft, Active Directory, 1999)
NETWORK SOLUTION PROPOSAL 4

Database security is very important while maintaining trademarks and patent, this is the reason

that there is a need for a secure remote connection between the offices of Hutson and Los

Angeles. Just a read-only domain controller will be required for connecting to the LA office with

safe remote access to the domain of Houston, as the branch of LA is small and the requirement

for direct support of administrator is less important than the Houston office. Security benefits

will be provided by DC4's RODC, as replication will be happening only from Hutson to Los

Angeles while achieving the requirements of the replication of passwords and separation of the

roles of admins. (Kedar). After this, FSMO roles should be identified and kept within the

network.

Global Catalog and FSMO

While setting up a domain, it is important to consider the roles of FSMO. There is total of

5 roles of FSMO that need to be considered and to avoid creating any kind of failure. Among the

three domains, these roles will be divided. Domain master and schema master are the two type of

forest roles that DC1 will have. (Microsoft, FSMO placement, and optimization on Active

Directory domain controllers, 2017) Both come under enterprise roles and they are best for

installation on the domain of forest level. The DC2 server will be installed with RID master and

PDC eliminator. While the Infrastructure Master will have served as a global catalog server on

DC1 and DC3.

NETWORK SOLUTION PROPOSAL 5

We will utilize a model of the multi master for FSMO roles. This will mean that every

domain controller we be master of its own and they will be receiving their own updates. They

can be self-reliant configured, and across the forest, they will send their own message. There

may be some conflicts with updating particularly this model, but luckily using "Windows to

solve DC" using these algorithms (TechNet, 2014).

Group Policy

Network breach could heavily cost a company, so it is always recommended not to run

any system or PC with a default password. With the help of GPOs, also known as Group Policy

Objects complexities of the password could be easily regulated by configuration, how often a

user can try to enter the wrong password before he exits the system and more. There are benefits

in addition to the option of the event log that GPOs use in the reporting of events on the network.

UAC also known as User Accounts Controls are used for systems or PCs that will make it hard to

run any malicious software on the network without crashing the machine. (Tulloch, 2013)

DNS

DNS or Domain Name Service is a name that is given to internet domain so that it could

be located and translate to an internet protocol or IP. With regards to Crete LLC, we will provide

internal domain name as internal.crete.com and external or public domain name as certe.com.

This will make it possible for multi-master replication, along with highly secure DNS. The client

will be able to locate the domain when DNS is required by AD DS. (Ahmed, Reaz, Atiquzzaman,

& Fu, 2005).

File Services

As per the working of Crete, LLC works, data security very is important for the

organization, because of the encrypted drive, it will not be easy for anyone to manage the data if
NETWORK SOLUTION PROPOSAL 6

the drive gets stolen or lost. NTFS security permissions will be used for the network so that users

need to know how to limit access to folders. The NTFS quota will be used to "restrict the number

of hard drive space for users on a server" (Russinovich, Solomon, & Ionescu, 2009). This will

restrict the users to use a lot of space on file servers.

Crete LLC is located in three different regions, so there is a possibility that all of them

will need to access files and data from each other. We will implement DFS (Distributed File

Services) because it "enables for a group of shared servers that are in one or more logically-

structured namespaces on different servers, users can see namespace as a single folder with

subfolders. (Rao, 1989). With the help of DFS, within in the Crete LLC, multiple targets for

various servers can be configured within the single folder. After this, with the help of replication

between the servers, all the folders will sync. DFS has many advantages, including the fact that

"it randomly distributes file access to balance load on many discrete disk drives or servers and to

improve time of response during peak usage". (Microsoft, DFS Namespaces and DFS

Replication Overview, 2016). All the namespace will be based on a domain

like:\\CreteLLC.com\public.

We will implement FSRM for the management of disk quotas. FSRM means File Service

Resource Manager, it helps admins in managing and classifying the data stored in file servers,

this is set up in storage and file server. In Crete LLC we will be implementing 150 MB for users

and 300 MB additional for Sales and Managers. FSRM will be used to control email storage, in

which a level of 75 MB is set for warning message and 100 MB and above data will be restricted

to send. Here also we will allow additional 300 MB for Sales and Managers. To ensure that one

server is not facing heavy load during the failures and issues, we will implement file share

system.
NETWORK SOLUTION PROPOSAL 7

Remote Service

The technology Remote Access in computer networking allows a user to log in that

computer as an authorized user and this can be done without sitting on that computer or system.

For this, we will use direct accessibility which is a technique similar to VPN (Traditional), but it

is more secure than VPN.

Direct Access Client will be used because they have more capacity to manage, DAC will

be having direct connectivity with the management servers which will allow keeping everything

to under security compliance. (DirectAccess: Microsoft's Newest VPN Solution - Part 1:

Overview of Current Remote Access Solutions - TechGenix, n.d.). From direct access, IT will

help in managing those customers who are not physically involved in providing a

communication method for management or sales.

WSUS (Windows Server Update Services)

WSUS is also known as Windows Server Updates Services, it was earlier also known as

Software Update Services. In this, a program which is developed by Microsoft helps admin in

managing the hotfixes and updates which are released for Microsoft products. (Service Pack and

Update Center, n.d.) CreteLLC.com will environment of various independent servers. DC1 will

be downloading updates from the Microsoft Update server and acting as child WSUS DC2, DC3

and DC4 will be updated on this basis. Everything will be managed automatically on this server.

The system or PCs of the client will be configured for targeting client site. This will also

to create a testing environment before implementing the same on other computers. This can be

important when ideas of some applications may be incompatible with new updates. After a
NETWORK SOLUTION PROPOSAL 8

successful test of more than one-week trial, it can be implemented on a larger scale. (Foust,

Chellis, Sheltz, & Sage London, 2006)

Summary

Crete LLC will have strong network framework after implementing the above-

recommended solutions. It will provide security as well as scalability which Crete LLC needs for

their success and their growth. DC1 will be provided with Forest FSMO role and DC2 and DC3

roles will be provided with domain FSMO roles. For extra security group policy will be used.

Those users like Managers and Salespersons, who have clients will be provided with remote

access. Windows will be loading from child servers which will relate to main server DC1.
NETWORK SOLUTION PROPOSAL 9

Bibliography

Ahmed, A., Reaz, S., Atiquzzaman, M., & Fu, S. (2005). Performance of DNS as location

manager. Retrieved 2 13, 2018, from http://cs.ou.edu/~netlab/pub/dns-lm-eit05-final-

1.pdf

DirectAccess: Microsoft's Newest VPN Solution - Part 1: Overview of Current Remote Access

Solutions - TechGenix. (n.d.). Retrieved 2 13, 2018, from

http://www.windowsecurity.com/articles/DirectAccess-Microsofts-Newest-VPN-

Solution-Part1.html

Foust, M., Chellis, J., Sheltz, M., & Sage London, S. (2006). MCSE Windows Server 2003

network infrastructure planning and maintenance study guide. John Wiley and Sons.

Retrieved 2 13, 2018

Kedar, S. (n.d.). Database Management Systems. Technical Publications. Retrieved 2 11, 2018,

from https://books.google.com/books?id=Mv_anxicHoEC

Microsoft. (1999). Active Directory. Retrieved from Microsoft Developers Network:

https://msdn.microsoft.com/en-us/library/bb742424.aspx

Microsoft. (2016, 08 31). DFS Namespaces and DFS Replication Overview. Retrieved from

Microfost Docs: https://technet.microsoft.com/en-us/library/jj127250(v=ws.11).aspx

Microsoft. (2017, 06 08). FSMO placement and optimization on Active Directory domain

controllers. Retrieved 2 11, 2018, from Microsoft Support:

https://support.microsoft.com/en-us/kb/223346

Rao, A. K. (1989). The DFS distributed file system: Design and implementation. Retrieved 2 13,

2018, from http://scholarworks.rit.edu/cgi/viewcontent.cgi?article=1322&context=theses

NETWORK SOLUTION PROPOSAL 10

Russinovich, M. E., Solomon, D. A., & Ionescu, A. (2009). Windows Internals. Microsoft Press.

Retrieved 2 13, 2018

Service Pack and Update Center. (n.d.). Retrieved 2 13, 2018, from

http://windows.microsoft.com/en-us/windows/service-packs-download#sptabs=win7

TechNet, M. (2014, April 23). Active Directory FSMO Roles in Windows. Retrieved from

Microsoft TechNet: https://support.microsoft.com/en-us/kb/197132

Tulloch, M. (2013). Introducing Windows Server 2012 R2 Preview Release. Microsoft Press.

Retrieved 2 13, 2018, from http://download.microsoft.com/download/7/4/1/741189C7-

ECC5-4012-BCC2-

E94D5DD7145E/Microsoft_Press_ebook_Introducing_Windows_Server_2012_R2_Prev

iew_PDF.pdf