Network from Scratch
This is my first post and its quite a broad one but any help or advice would be greatly appreciated.
I have started supporting a school that subscribes to a shared network that covers a whole borough, its been flakey at times and the school would like me to investigate a move away to their own network. They don't own any switches, servers or a router so it would be starting again. They do own 200 workstations, 6 printers and a good wifi system (using 3 vlans).
My background is 12 years supporting RM CC3\4 and some vanilla experience. I also have MCSA.
I was thinking VMware 2dc's 2012 or 2008 and 3 member servers print, mis, software (but i might use one dc for software roll out instead). SAN and a backup solution, I may consider off site backup rather than an in house one, it depends on cost really.
My thinking is getting some consultancy help for the first network setup, then I will have learned enough to do subsequent refreshes myself.
I appreciate its a big job but if you plan correctly then it should be ok.
Has anyone been through a similar experience who could offer any advice at all, even a good consultancy company etc... Feel free to offer suggestions if you think it could be done better as I am in the fortunate position of just starting the project and have not bought anything yet.
That is an *awesome* project to get your teeth into!
I agree on using VMware (or insert other virtualisation product of preference here) - as well as the obvious space, time and power saving, when things go wrong the ability to return to a snapshop within seconds is a wonderful, wonderful thing indeed.
200 stations isn't a lot - you could probably get away with using minimal servers for that but it of course depends what you want to do with them. And that alone means you've got plenty of options- do you need fat clients, would a VDI solution suit? I can't comment on the VDI side of things ( @kcmount on the other hand can :D ) but on the full fat, keep as many of the services separate as possible without wasting too much resource. For instance, keep DC's separate from file services, and keep MDT/imaging tools separate from anything else that eats bandwidth. That may not particularly be an issue if you don't image or push out software that often.
Print servers don't take much juice, certainly not with only 200 stations. MIS certainly should remain separate from anything else.
With VM's being so easy, you may wish to run a pair of DC's for redundancy (on separate hardware).
Without knowing your full circumstances, my inclination personally would be to run a pair of ESX boxes with decent links to your core network (link aggregation or 10Gbit connections). DC on each one, file services (home drives etc) on one, MIS on one, print on one etc. Plenty of scope for upgrading in future, plenty of storage if you need it.
Obviously don't overlook important bits like backup solutions for it all - veeam is excellent for VMware stuff :)
Very much worthwhile trying to put together, with the aide of your school SLT, a vision for the future of ICT at your school, what you want to achieve. It's an odd time currently with so much happening in the cloud and tablet/mobile devices becoming less of a niche, you may find that VDI solutions will be more than enough, complimented with mobile thinking and cloud services.
make sure you have one physical and one virtual DC at the very least.
If you can cope without having HA then Free ESX and shared storage is the way to go. Use GhetoVCB to backup the machines.
Citrix you can do more for free, but it's no where near as good ( we run both )
Going to a full 3 server cluster of ESX will cost you a fair whack ( think I worked it out at 20Kish including 2 servers ( with facility for a 3rd , and some lower end storage )
Use second hand Cisco 3560's for the network, they are cheap but can't be beaten, buy a couple of spares just in case one ever does throw a wobbly.
VDI in a box may suit you,
I can put you in touch with a very very competent and freindly company that will help with all your virtualisation needs from single server visor to clusters and VDI if you wish. Out of all the companies we had building our system they are the only one we are happy to be paying for a support contract ( not that we realy need it ).
We have been through 1 network migration (2 seperate schools to one), 1 new build and 1 dovetail of a third school into the new system ( in the last 5 years )
Thanks Syneathesia much appreciated.
We do have fat clients at the moment, VDI in the future maybe. So a DC on each host for fail-over and separate member servers for mis, print and software spread across the 2 hosts with veeam for back up.
I agree with trying to get a vision from SLT as this is the perfect time to try and future proof the system. We do have various ipads, ipods, laptops connected via the wifi system. We are using SCCM 2012 at present, i have an open mind whether to keep this or swap for something else, as you say we should not deploy images too often. I do like the imaging stuff that I have used with RM in the past as its a fast way to restore a PC, so something similar to this would be good.
If you are going 2012 DCs then you don't need a physical DC as it supports virtualisation properly.
Thanks Rob. Interesting, could I ask why one virtual and one physical Dc? I have used VMware and it does seem good. I agree Cisco switches are good and reliable (that's what we have now).
Originally Posted by twin--turbo
Could you send me the company information please?
Ahh, I just asked that very question, thanks for the answer!
Originally Posted by teejay
Where about in the country are you? I ask because if you are in the Wiltshire and nearby Counties area I have a truly excellent contact at Capita who is a real whiz at setting up networks. A real gem of a guy who just loves his work. I have known him since about 2006 and he has come in on a booking and helped me out several times. Please PM me if you want further details.
I have a great contact whose company sets up networks like this all the time. They cover the South of England up to and including London and up to Bedford-ish
Let me know if you are interested.
I would probably start by getting a few companies in, give them an idea of what you want and let them come up with a solution. They might come up with some things you hadn't thought of, and would certainly consolidate your ideas. Visiting other local schools can help too
Originally Posted by witch
Thanks for your input, I would be interested in talking to the company that you know, could you send me the details please?
I am definitely open to suggestions, so I think you are right I will get a few companies to quote and give any ideas that they have. I wondered if any companies on Edugeek would get in touch?
I was wondering what people thought about e-mail and backup solutions, would you go exchange and a D2D2 Tape or office 365 and an off site backup solution?
As we are going from scratch we could do either really, my thought are that less servers = less ongoing costs in terms of licence and hardware but it may cost more for this hosted space, I dont know until I price it up.
Well after nearly six months of work, I have finally got the go-ahead from Governors for this project (they were very thorough)! We will be the first school in the borough to pull out of the managed service we are in, this service has run for many years and has tied schools into ICT systems and phones.
I have decided to go with server 2012, exchange 2013 (but I may change my mind on this for 365, due to the storage capacity). SCCM for deployment services. This will be running on VMware, I did look at Hyper-V but having used VMware for the last few months I do prefer it. I'm going to use MS endpoint protection as it ties in with System Center. VEEAM for backup and previous versions (DPM) on the client side.
I found a company to assist with the migration, after taking up references they have the job. Schools broadband for internet, 50mb uncontended lease line connection and they supply lightspeed for filtering and fortinet for firewall. I'm going to use them for SIP trunked IP phones too, obviously there are savings with having one supplier for all. We have XIRRUS WI-FI and cat6 cabling so anything else I am starting again. I am very excited and feel lucky to have the chance to do a network from scratch.
If anyone has any suggestions I am all ears as its the first time I have undertaken a project this big. As its so big I will break it down and post into the relevant forums for each part that I have not decided on yet, but I will keep the overview on here updated with my progress in case its of use to anyone else contemplating a similar project. Thanks to everyone who has posted so far, I'm sure the edugeek community will be ace!
This is precisely what we went through. Our managed service contract was set to end in September 2012 (I worked for the school pre BSF and was TUPEd to the MSP). Myself and another engineer were appointed by the school in February 2012 to plan, design and implement a new network for go live when the contract ended. Every other school in the wave either went to another MSP or brought things in house but with third party support - so it was a step in to the unknown for us!
Work started fully in March 2012 getting a skeleton network up and running (AD, Exchange, client images, etc). We got a leased line set up around June time which allowed us to get remote access, owa etc all set up in advance.
By the time of the summer holidays all that was required was a full reimage of all client machines to the new network, and configuration of switches and migration of data from the MSP (which they messed up drastically - make sure they know exactly what you are expecting and can deliver it as part of the contract end!).
The transition went even smoother than we expected with no major issues, and the feedback from the school and governors that it's in an entirely different world to the managed service.
So we've been there and done that, any questions give us a shout!
Thanks for the offer Jonah, very kind. We are doing pretty much what you did, timescales etc... The only unknown is the MSP, you are correct its a good idea to get an agreement thrashed out for what we want and when, especially as they are not that keen on us moving away, not successfully anyway!
Originally Posted by Jonah
Yep, same with us - weren't happy with the fact they were losing so many schools.
Originally Posted by jertsy
Cannot stress enough how important it is you get all the information form them - and the correct, latest, information at best. We were given a so-called fully detailed information pack which should have included all network documentation, etc. When we received it, we saw it hadn't been updated in 3 years, so still had some old portable classrooms in and no trace whatsoever of our new sixth form and SEN wing!
When it came to resetting the switches and severing the link to their server farm, they did this remotely but somehow managed to miss 19 of 37 switches completely (no doubt due in part to the previous network documentation not being up to date). This resulted in an engineer of theirs having to come to site when available to reset those missed - put us back a few days but luckily we were expecting some delays down the line so had planned time accordingly!
Check, double check, and triple check everything they give you.