+ Post New Thread
Page 2 of 3 FirstFirst 123 LastLast
Results 16 to 30 of 37
Hardware Thread, Help me design our network in Technical; Here is the list of servers/services we will be running. As I mentioned before I would like to run one ...
  1. #16

    Join Date
    Dec 2012
    Location
    Victoria
    Posts
    47
    Thank Post
    11
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Here is the list of servers/services we will be running. As I mentioned before I would like to run one service per virtual server to have better control over things. Another reason to do it this way is if one of the server is overloaded or down, it doesn't affect other services.

    Domain Controller, DNS, DHCP
    NPS/ RADIUS
    File Server
    Mail(Exchange)
    Print Server
    Certificate
    Media Server
    SQL Server- Staff
    SQL Server- Students

    Application/Terminal Services
    Antivirus Server
    Helpdesk/Spiceworks
    KMS
    Papercut
    Intranet
    Moodle
    WSUS
    Sharepoint
    Lync
    Firewall
    Proxy/Filtering
    VPN
    Edge Server
    Office web apps
    Exchange UM
    Federation
    Certification Services
    VCenter Server
    Backup and Restore
    Admin Server(SNMP, Syslog)/
    Splunk
    WDS
    IP Camera


    This list includes most of the services we will be needing thogh I might have missed something. Can others tell me what services they are running apart from these ones. One other thing I would like to know is if I should be running three separate exchange and file servers for admin, staff and students or just one will do the job fine. I visited a school and they had this for security and easy manageability. Just wondering if it is worth the effort.





    Last edited by san_narula; 14th April 2013 at 12:39 AM.

  2. #17
    ass17's Avatar
    Join Date
    Feb 2013
    Posts
    343
    Thank Post
    5
    Thanked 37 Times in 34 Posts
    Rep Power
    27
    Papercut it is best suited on your print server, no need to separate.

  3. #18

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,223
    Thank Post
    874
    Thanked 2,717 Times in 2,302 Posts
    Blog Entries
    11
    Rep Power
    780
    That method is also known as overkill unless you are dealing with tens of thousands of users, I'd compress the roles further like putting VPN and firewall/edge on the same server. I'd also concatenate the web application servers a bit like helpdesk and intranet etc. You could easily be investing hundreds of hours more unnecessarily over the lifetime of the setup.

  4. Thanks to SYNACK from:

    san_narula (29th April 2013)

  5. #19
    ass17's Avatar
    Join Date
    Feb 2013
    Posts
    343
    Thank Post
    5
    Thanked 37 Times in 34 Posts
    Rep Power
    27
    We have just installed HP 2920 switches on the edge to go with our existing two 5406zl cores.

    They are brand new and recommended by HP for BYOD.

    Be careful as the minimum cabinet depth for these switches is 500mm... We also found out hat the 58B SX modules will work with 2920, we had already bought the 58C just as backup...

  6. Thanks to ass17 from:

    san_narula (29th April 2013)

  7. #20

    Join Date
    Dec 2012
    Location
    Victoria
    Posts
    47
    Thank Post
    11
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Quote Originally Posted by ass17 View Post
    Papercut it is best suited on your print server, no need to separate.
    Thanks for the correction.

  8. #21

    Join Date
    Dec 2012
    Location
    Victoria
    Posts
    47
    Thank Post
    11
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Quote Originally Posted by SYNACK View Post
    That method is also known as overkill unless you are dealing with tens of thousands of users, I'd compress the roles further like putting VPN and firewall/edge on the same server. I'd also concatenate the web application servers a bit like helpdesk and intranet etc. You could easily be investing hundreds of hours more unnecessarily over the lifetime of the setup.
    Sorry for the very late reply. Got busy at work.
    I take your suggestions. So which other services will you concatenate? Would you also be able to suggest the server configuration I should be looking at for this?

  9. #22

    Join Date
    Dec 2012
    Location
    Victoria
    Posts
    47
    Thank Post
    11
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Quote Originally Posted by ass17 View Post
    We have just installed HP 2920 switches on the edge to go with our existing two 5406zl cores.

    They are brand new and recommended by HP for BYOD.

    Be careful as the minimum cabinet depth for these switches is 500mm... We also found out hat the 58B SX modules will work with 2920, we had already bought the 58C just as backup...
    I am actually a Cisco guy but happy to consider other options. How much different/difficult is the configuration on HP switches in comparison to Cisco?

  10. #23

    Join Date
    Dec 2012
    Location
    Victoria
    Posts
    47
    Thank Post
    11
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Quote Originally Posted by ass17 View Post
    We have just installed HP 2920 switches on the edge to go with our existing two 5406zl cores.

    They are brand new and recommended by HP for BYOD.

    Be careful as the minimum cabinet depth for these switches is 500mm... We also found out hat the 58B SX modules will work with 2920, we had already bought the 58C just as backup...
    5406zl is modular, is that right? Would you be able to give me a bit more information on how many and what type of ports do you have on these. If you can tell me the approx. price you paid for these and the topology it would be even better.
    Thanks

  11. #24
    pritchardavid's Avatar
    Join Date
    Sep 2009
    Location
    South Ockendon, Thurrock, United Kingdom
    Posts
    932
    Thank Post
    18
    Thanked 64 Times in 58 Posts
    Rep Power
    26
    You need 2 or more Domain Controllers really, I'll recommend 3 just in case. File Server would be best on two different servers, using DFS, so if one reboots or has a problem, so other server will still be providing file access. Only problem two this, is you need more storage, cause a copy of each file, is stored on both servers

  12. #25

    Join Date
    Feb 2013
    Posts
    119
    Thank Post
    46
    Thanked 8 Times in 7 Posts
    Rep Power
    5
    Are you housing "everything" in one location?

    You need to consider carefully your 19" rack layouts, temperature control and UPS provision.

    I'm not seeing why you need so many servers or why wireless isn't right up there at the top of your list. It's a real problem-solver.

  13. #26

    seawolf's Avatar
    Join Date
    Jan 2010
    Posts
    969
    Thank Post
    12
    Thanked 285 Times in 217 Posts
    Blog Entries
    1
    Rep Power
    175
    @Sam_narula I am a ICT manager at a P-12 school in Victoria, Australia as well and went through a very similar upgrade cycle when I took over the role in late 2009. We have 75 staff, 550 students, over 400 college owned devices (Mac, PC, and iPad) and an iPad and BYOD program.

    I have replaced nearly every system, both hardware and software in that timeframe. In 2009, many systems did not work very well at all, there was very limited WiFi, no working backups systems, and no remote possibility of a BYOD program being implemented. We had the virtually the same problems that you need to solve or worse and we have managed to do so for 99% of them (I won't say 100% because when does that ever happen in IT?? .

    We are about to undergo our next upgrade cycle at the end of this year and I would be happy to share my experiences with you and even give you an onsite tour if you want. If I can save you some headaches I'd be willing to do so. The choices in our systems and service providers has been made after significant testing with the desire to have reliable, cutting edge, and integrated systems. and it has cost me a lot of blood, sweat, and tears to make that happen. Some of the systems (hardware and software) we use is the following:

    - Sun (now Oracle) servers (x4170s): more expensive upfront, but fantastically reliable, high performance and very good support. Ensure you have plenty of RAM, at least 48GB and 2-3 servers.

    - Sun Unified Storage Array for SAN (7110, moving to 7120 soon). Excellent performance, flexibility, and GUI. These had some initial problems when they were first out - but the initial issues were fixes and they are great units to build your VM infrastructure on top of. On the other hand, you might be able to get by without a SAN if you have 3 high quality VM hosts and excellent backup and DR processes.

    - VMWare vSphere Essentials Plus: Good for up to 3 servers, which is more than adequate if you are specing up your servers as you should

    - HP ProCurve switches throughout. We use mostly 2520G-24 (PoE) for edge with a couple of 2810s in a building we don't require PoE and for the DMZ and SAN switches where we also don't require PoE. Core switch is an older HP chassis model 5304xl that we will be upgrading in the near future and a 4208vl. The HP chassis switches are great for the core as they offer great flexibility and capacity as your needs change. Unlike your situation, we have 16 separate buildings, 16 switch cabinets, and 23 network switches, so a bit more complex.

    - Watchguard firewall: Used these for over 6 years now at two companies. Great bang for the buck, including good multi-WAN and built-in VPN features.

    - iBoss web filter: Easily the best web filter you have ever seen, and GREAT value. You won't see these very often in Oz and I had to order them direct from US at the time, but the support is fantastic and everyone I've ever demonstrated it to, including companies selling other filters admitted it was unbelievably good. It is more than BYOD ready, it makes BYOD successful.

    - Ruckus WIFi: We have 24 APs (internal and external) across 16 buildings providing full coverage of the campus and 5 different SSIDs on 5 VLANs (web filtering tied to VLAN for WiFi networks by iBoss). I also investigated Aruba, Meru, Xirrus, Aerohive, and Cisco. If I had to do it over again, the only other provider I might consider any sort of contender to Ruckus is Aerohive, which was on my short,short list anyway. Ruckus wasn't the one I initially thought I would go with, until I tested it in our environment and saw how well it worked in the real world (Tom's Hardware agrees - http://www.tomshardware.com/reviews/...ckus,2390.html).

    - VEEAM backup and replication: A must have if you are putting all your eggs in the VM basket.

    - BackupAssist: We use this with an LTO tape drive to take more traditional backups. It is nix pensive, easy to setup, and just works. This and VEEAM have "saved our bacon" more than once.

    - FreeNAS server for backup storage: you won't find a more cost effective and reliable solution IMO.

    - FOG: it will take you a bit of initial setup time, but it is free and it blows Ghost away. Great performance too.

    - Windows 2008R2, SQL Server 2008, Windows 7: I would stay away from Win8. It is not ready for a managed environment IMO. Go with Windows 7. It's proven, it works, and it's easy to manage. And I've been told that Server 2012 is a dog's breakfast by a server admin I trust. Maybe in a couple of years, but not now.

    - Avast! SOHO: Relatively low cost, simple to setup and manage, just works, and is minimally intrusive. Combined with the AV scanning from Watchguard, and malware site detection on iBoss it provides a great level of protection. Previously used Sophos, but tired of their faulty upgrade to v10 that created issues for us and the botched updates that caused problems for many users (http://www.zdnet.com/sophos-antiviru...re-7000004565/). I used Avast! for several years elsewhere as well and it worked well. Of course there are some other good ones I'm sure, but Avast! Is the best I've personally used (I've used Trend Micro, CA, MacAfee, Symantec, AVG in the past as well).

    - PRTG and Splunk: a couple of the best and easiest to setup and use monitoring and logging tools available for the $. Have proven priceless on several occasions.

    Ping me if you want to know more.
    Last edited by seawolf; 28th April 2013 at 03:05 PM.

  14. 2 Thanks to seawolf:

    browsw (8th December 2013), san_narula (29th April 2013)

  15. #27

    synaesthesia's Avatar
    Join Date
    Jan 2009
    Location
    Northamptonshire
    Posts
    6,042
    Thank Post
    590
    Thanked 1,032 Times in 791 Posts
    Blog Entries
    15
    Rep Power
    467
    Quote Originally Posted by pritchardavid View Post
    You need 2 or more Domain Controllers really, I'll recommend 3 just in case. File Server would be best on two different servers, using DFS, so if one reboots or has a problem, so other server will still be providing file access. Only problem two this, is you need more storage, cause a copy of each file, is stored on both servers
    And if you do use DFS, only in shared locations. Do not under any circumstance use them on roaming profiles or user home directories.

  16. #28
    markcuk's Avatar
    Join Date
    Sep 2005
    Posts
    586
    Thank Post
    29
    Thanked 60 Times in 55 Posts
    Rep Power
    38
    Quote Originally Posted by seawolf View Post
    @Sam
    - iBoss web filter: Easily the best web filter you have ever seen, and GREAT value. You won't see these very often in Oz and I had to order them direct from US at the time, but the support is fantastic and everyone I've ever demonstrated it to, including companies selling other filters admitted it was unbelievably good. It is more than BYOD ready, it makes BYOD successful.
    Great product, When I worked for a company in NZ we had so many parents asking for this type of filtering and I recommended it a lot.

  17. #29

    teejay's Avatar
    Join Date
    Apr 2008
    Posts
    3,181
    Thank Post
    285
    Thanked 774 Times in 584 Posts
    Rep Power
    336
    Quote Originally Posted by synaesthesia View Post
    And if you do use DFS, only in shared locations. Do not under any circumstance use them on roaming profiles or user home directories.
    You can use DFS for roaming profiles, you just have to make sure they're pointing to a single target.

  18. Thanks to teejay from:

    san_narula (29th April 2013)

  19. #30

    teejay's Avatar
    Join Date
    Apr 2008
    Posts
    3,181
    Thank Post
    285
    Thanked 774 Times in 584 Posts
    Rep Power
    336
    You really do need more than 2 servers, yes you could run that many hosts on 2 servers but it's at its limit and if you had a server failure or were upgrading one of the servers, you wouldn't have the capacity to run all your VM's, so you should always go with 1 more server than you need. Also, you normally want you run the backup server as a physical server, especially if you are going to be backing up to tape.
    For SANS, if you are going with Dell servers then I would go with a Dell Equallogic SAN.
    Make sure your DC's are on Server 2012 as it's the only version that properly supports DC virtualisation.
    Also have a serious think about disaster recovery and availability, think if you lost the server room to fire/flood/theft, what are the essential services the school would need and how quickly would they need them.

  20. Thanks to teejay from:

    san_narula (29th April 2013)

SHARE:
+ Post New Thread
Page 2 of 3 FirstFirst 123 LastLast

Similar Threads

  1. Help me set up new network - Paid work!
    By reggiep in forum General Chat
    Replies: 10
    Last Post: 10th March 2009, 09:33 AM
  2. Replies: 13
    Last Post: 3rd November 2008, 08:46 AM
  3. Help me with my home network please!
    By Deaks in forum Windows
    Replies: 10
    Last Post: 22nd July 2008, 11:13 AM
  4. *CRYING* Help with a BroadBand Router and our Network
    By ninjabeaver in forum Wireless Networks
    Replies: 25
    Last Post: 2nd December 2005, 10:50 AM
  5. Help me find a driver for Ghost Cast Boot Disk
    By ninjabeaver in forum Hardware
    Replies: 6
    Last Post: 26th September 2005, 10:50 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •