Designing Small Windows Networksby Mitch Tulloch
Designing an enterprise-sized Windows network is straightforward yet complex. What do I mean by this? Well, enterprise network design is straightforward in the sense that it's simply a matter of assembling the right building blocks, i.e., domains, domain controllers, sites, site links, server roles, and so on. But it's also complex because even if your network design is good in theory, in the real world where bandwidth is limited and connectivity is not always assured, your design might not work well at all. Still, enterprise network design is relatively simple in principle because you can easily build a flowchart to take you through the decision-making process for each element of an Active Directory-based network.
What about networks for small businesses where there are only a few dozen employees? You might think planning in this case would be simpler, but this isn't necessarily the case. That's because enterprise planning processes are designed to scale upward well, but they don't scale downward as easily. For example, instead of asking yourself how many domains you should deploy, you also have to ask if you really need Active Directory at all, or if you can simply make do with a workgroup. Rather than ponder how many VPN servers you need to support your mobile workforce, you're stuck asking whether your business can afford even one extra server running the VPN role, or whether you should use some other product such as GoToMyPC or a VPN appliance to provide the minimal level of remote access your single sales associate needs. And instead of separating server roles for greater security, small businesses with limited resources may find themselves loading up most or all of their roles on a single server in order to cut costs. Finally, small businesses may have only one full-time administrator on staff (if any), and must instead rely on consultants to design, install, configure, and even maintain their systems and networks.
Deploying Small Business Server
While some small businesses may decide to design their networks from the ground up the way large enterprises do, many may want to take a good hard look at using Microsoft Small Business Server instead. SBS has several advantages over the roll-your-own approach to network design: integrated roles, lower cost, wizard-driven configuration, and flexible licensing options. For example, although running your Intranet web site off of your domain controller is not an ideal approach from a security perspective, SBS is tuned to enable these two roles to coexist on the same machine without the usual security considerations. And while using standard Windows Server administration tools can be daunting for the inexperienced user, the wizard-driven approach used by SBS makes it possible for administrators with (almost) no technical knowledge to set up and configure their servers.
SBS also gives you the security of Active Directory, Exchange Server for mail, SharePoint Services for collaboration, Windows Server Update Services (WSUS) for managing your security updates, Outlook Web Access (OWA) and Outlook Mobile Access (OMA) for mobile users with laptops and Windows Mobile 5 hand-held devices. It also offers Remote Desktop for remote server management, Remote Web Workplace (RWW) to enable users to remotely access their desktops, and if you deploy the Premium edition, it includes the Internet Security and Acceleration (ISA) Server 2004 firewall and SQL Server 2005 Workgroup Edition. The cost of all these separate features is far more than the cost of the package in SBS, so it's a pretty good deal from a business perspective. Plus, the peer support network for SBS is excellent, with a Microsoft public newsgroup devoted to the product where Microsoft Most Valuable Professionals (MVPs) are ready to answer your SBS questions. There's also a terrific book that can help you quickly set up SBS and get the most out of using it--the Microsoft Small Business Server 2003 R2 Administrator's Companion by Charlie Russel and Sharon Crawford. I'm slightly biased because I was technical editor for the latest edition of this title, but trust me: if you want to learn how to work with SBS, this is the best resource available.
Rolling Your Own Solution
Finally, what if you'd rather roll your own solution instead of using SBS? In that case, here are ten tips for small network design that you may want to keep in mind:
- Start by defining your business goals and processes clearly.
- Then, map computer technologies to each goal or process. Don't buy technology for its own sake; only do so if it meets some business need.
- Buy reliable, fault-tolerant hardware that can grow to meet your needs as your business grows in size and complexity.
- If you deploy a wireless network instead of a wired one, buy only new wireless hardware that supports the latest wireless standards to ensure your network will be as secure as possible.
- Once you have your whole solution in mind, negotiate with vendors to try to get the best licensing deal possible. The same goes for getting a business Internet package from your local ISP, telco, or cable TV company. When it comes to getting a good deal, if you don't ask, you won't receive.
- Get expert help in deploying and configuring your computers and other network devices if you don't have the expertise to do this in-house.
- Go with some kind of disk-imaging solution for your client workstations. Then, if something goes wrong with a workstation, you can just reimage it instead of spending hours trying to fix it. This means, of course, that all your business data must be stored on your servers where it can be centrally backed up.
- Make the effort to educate your users on the features your network supports. Again, you may need to hire an outside expert such as a technical trainer to handle this task, but the money you invest here will be well worth it in terms of future savings from increased employee productivity.
- Educate yourself, as a business owner, on how to use any monitoring tools included with your server software. SBS excels in this regard because it can generate scheduled reports automatically that you can use to catch issues before they blow up. But, even learning how to open and use Event Viewer is a step in the right direction.
- Finally, no computer network is complete without a corresponding written security policy, even if it's only a list of employee do's and don'ts--and even if your company is just you and three others including your spouse. For a small business, a single page might be enough; less is more when it comes to written policies. And be sure to enforce your policies and deal with infractions quickly and fairly, especially when it comes to dealing with your spouse!
- Microsoft Solutions for Small and Medium Business
- Microsoft Small IT Solution
- The Official Blog of the SBS Diva
Return to the Windows DevCenter.