You are on page 1of 6

Corey Howman David Cackette Dylan Rolicheck

CSUMB 2.0 Team: D2C Inc.

Organizational Chart

Workstations

1,000 iMacs 1,500 Computers (HP)

Data Center

2 mirrored data centers for redundancy (hot/cold [environmentally friendly]) o Gives ability to stay online in case of disaster at one location o Each department has own server (2-3 for redundancy) o School servers (5 redundant) o WSUS for automated updates to client workstations

Networking Equipment

Vendor of choice: Cisco o Branch Routers: Cisco 3945 Integrated Services Routers o Edge Routers: Cisco Aggregation Services 1013 Routers o Core Switches: Cisco Catalyst 4500E Switches o Access Switches: Cisco Catalyst 6800 Switches o Access Points: Cisco Aironet 3700e Access Points o 10Gbps fiber wired throughout campus Ethernet in every room for people to plug laptops in if wanted o Wireless access points support G, N, and AC

Corey Howman David Cackette Dylan Rolicheck

Might be helpful: http://www.cisco.com/web/offers/lp/cisco-switches-designguide/images/preview_doc.jpg

Software
Deep Freeze (restoration/rollback system) for both OS X and Windows DeployStudio license for both Mac/Windows Go through steps to create disk images different variations http://support.microsoft.com/kb/302577/en-us

Identify what are IT needs for each of these individuals or groups. Identify the various services needed for this organization to operate
o

Suite packages(Microsoft Suite for all). Security for all servers and workstations

And anything ... think it through - discuss among yourself and talk to me.

Security

Anti-virus on both client and server Smartcard authentication to computers (similar to how the military uses CAC cards for computer access) using student ID cards

Automation
Have a couple of ghosts(variations) Disk images

Platform
A platform is a device in which you have control over and can manually and automatically operate and tune to your needing. The platforms that we will be using within our project consist of servers and workstations. The workstations will have windows 7 preloaded on each of them and have security in place as well as deep freeze in order to preserve each computer and prevent tampering of hardware and software that is loaded onto each of the workstations. The server be used as a deployment center in which we can deploy the software packages and operating systems onto the workstations. It will also serve as a place to monitor all traffic and any suspicious activity. This decision was based on what will be needed for the workstations and what sort of control will need to be put onto them.

Well for right now we are still developing our site and to answer whether or not we will use automation to deploy our software, we will be automating most of our software deployment. The reason behind this is that if we automate the process of deploying software then we will save

Corey Howman David Cackette Dylan Rolicheck time and money for the university that can be spent towards other necessities. The only time we would need to manually deploy software would be for testing purposes and once deemed that the software can be used on the other workstations then the software will be a part of the automated deployment.

If there was no sort of "first-class citizen" within our organization and we had other OS in place that didn't receive all the attention, then we would promote one of our other OS to become more of the first-class citizen. We would do this by focusing on keeping the systems running at all times while providing training for the software and hardware of the systems that would be for the SAs. We would also provide easy documentations for users so that they can get a better understanding of the system and how to do easy operations as well more advanced operations on the system. Loading, network configuration, and updating will all be automated so that they can be maintained within a cost-efficient manner that would reduce the SA's headaches. This will help increase security and customer support within the organization.

The script could be added to the automation process that would allow for full automation of the process. This would allow for no need for SA interference or interaction with the process. There should also be a check-list that will be completed by technicians as they go through the process that will eliminate the chances of missing a step within the automation process that could cause greater, larger problems.

Servers
1. The servers that we will be using within our environment are: We will be using about 3 different vendors to diversify our servers and figure out which of the vendors is the best fit for our organization. The problem that we will run into is that we may have one, two, or all of the vendors' servers be faulty or have problems that we can't fix. Hopefully we can find at least one of the vendors to be reliable so that we can continue to use their products with the peace of mind that they will not fail when in use.

2. Our strategy for purchasing maintenance and repair contracts relies on the equipment that we currently have and our workstations and servers. If there is a way to cover all of our devices then we will take that route. However, if the cost for the whole coverage outweighs individual contracts then we will not go with the full device coverage and instead focus on the individual contracts. Also, we look at what the coverage includes. If it includes at least 75% of the repairs and coverage that we need, then we will go through with getting the contract. 3. Our servers will have more accessibility and freedom than our client workstations. This meaning that the servers will be able to dictate what the client stations have and what sort of operations can be completed or done within the client stations. Server stations also have the ability to deploy new software or test software on a workstation. Server stations serve as a authoritative figure for the client stations.

Corey Howman David Cackette Dylan Rolicheck 6. Our critical hosts that do not have n+1 redundancy or no hot swap parts are the hosts that are allowed to break down because there is a backup system in place that will automatically take over once the other workstation goes down. These would be our servers and only one set of servers would have this capability. However, it would be better to incorporate a n+1 redundancy system or even a hot-swap system in order to reduce the cost of the second system as well as keep the system operable at all times. 7. Might run into the risk that the system will not accept the new drive and may cause a ripple effect that could lead to the server failing which can lead to unwanted consequences. It could also be that the system is not hot-swappable. Chapter 5 1. DNS, Authentication, Authorization, Network Connectivity/ Internet Access, Printing, Remote Access Methods, Software depot, Backup Service, E-mail Service, Blackboard/ilearn service. Most of these require a server and software associated with the server include products such as E-mail software, backup software, an internet explorer application, printing software, and many others. 2. A service that we will need in the future is a service that monitor the other services, almost like an all seeing eye sort of service that could see all of the services that were running and what was going on within the services. In order to do this we will need a powerful machine to run the service as it may be large. The service will be deployed with the other software and services that are supplied to all of the customers. 4. Services that we will monitor include Authentication, Remote Access Methods, Software depot, backup service, email service, and ilearn service. Our monitoring will mostly consist of services due to the fact the machines will not be a problem since they will just be housing the software that is being used within the organization. If there is a problem that we don't pick up, there will be a trouble ticket service that will take those problems as well as a page pointing to Frequently Asked Questions. 5. We would have multiple servers running various services each, no one server has all of the services on it. This would help to relieve stress from one machine of running all of the services and instead have multiple machines offering the services. This will hopefully reduce the stress on the client machines or even eliminate any stress that may present when running these services. 6. Capacity planning would involve when the machines that are currently provided cannot accommodate the amount of customers. In this case, we will need to get more machines and possible more servers or machines to run the services to the customers. After this we will have to make sure our old servers can accommodate the new demand of machines. If so then continue on with deployment of software and keep monitoring services. If not, make the accommodations. 7. List all the services that you can think of in your environment. What hardware and software make up each one? List their dependencies.

Corey Howman David Cackette Dylan Rolicheck 2. Select a service that you are designing or can predict needing to design in the future. What will you need to do to make it meet the recommendations in this chapter? How will you roll out the service to customers? 3. What services rely on machines that do not live in the machine room? How can you remove those dependencies? 4. What services do you monitor? How would you expand your monitoring to be more service based rather than simply machine based? Does your monitoring system open trouble tickets or page people as appropriate? If not, how difficult would it be to add that functionality? 5. Do you have a machine that has multiple services running on it? If so, how would you go about splitting it up so that each service runs on dedicated machines? What would the impact on your customers be during that process? Would this help or hurt service? 6. How do you do capacity planning? Is it satisfactory, or can you think of ways to improve it? 7. What services do you have that have full redundancy? How is that redundancy provided? Are there other services that you should add redundancy to? 8. Reread the discussion of bandwidth versus latency (Section 5.1.2). What would the mathematical formula look like for the two proposed solutions: batched requests and windowed requests?

Service
Email Service : Have a dedicated email server that will support 5000+ users, use gmail email service for GUI, send and receive. Gmail service will also have contact functionality that will allow for access to all email addresses given correct authentication.

Service monitoring: This service will be linked with a security service in which it will monitor the various types of services that are running within the network. The server that will be hosting the service monitoring and security service will be directly connected to the entire network, maybe even core switches, in order to correctly monitor the network. If there is a suspicious service running or some service seems to be taking a lot of bandwidth, the service in question will then be looked at by the security service to ensure that the questionable service isnt a security threat. If not a security threat, the service will be terminated.

Backup and Restore: There will be a dedicated storage space in which the backups from the servers will be stored. Each workstation will be technically empty with just the hardware needed to use the operating system. All of the users data will be on a server which will then be backed up daily onto a backup-restore server. Here all of the data will be stored and encrypted in order to maintain security.

Remote Access Service: Have multiple websites for students and faculty to interact with school applications. Also have VPN for system admins to have access to administration applications from home. Websites will be maintained on our in house servers and still deciding if VPN should be done through Windows or using a third party software.

Corey Howman David Cackette Dylan Rolicheck Print Services: Use Windows Servers Group Policy to deploy printers. Install proper print drivers on server, then deploy to appropriate PCs via GPO. Allows for control of all printer features, including duplexing, black&white/color, requirement of passcodes to print, print scheduling (i.e. only allowing prints during business hours), etc.