“Information is power,” as great men have mentioned. In the present age, words are beginning to make more literal sense than what one would coin from the statement. Imagine what innocent tampering with information in a particular organization can do if there are no backups. The tale is all too familiar with many experts and people who have interacted with computers, which are used by many people in an office setting. Working in a 500 staff office, which is a mid-sized company, must have brought the experience closer home due to the frequent curses that followed loss of information, passwords, and crucial settings.
Various ideas for mitigating such situations have come up and as such formed the basis for writing this proposal. Indeed, the problem of computer manipulation by unauthorized personnel poses a great challenge. A solution, therefore, lies in a system that will limit the use of such systems for authorized procedures and if possible only certain operations that fall within the department that one is assigned to. Active directory was the most effective and implementable solution for curing the problems that existed in the company.
Indeed, reading shows that the service offers the ability to customize one’s settings saved in a server. Not only does it reduce tampering and distortion, but it also means that one can log into one’s specific settings and files in any of the networked computers in the workplace, giving the convenience and comfort of a known arrangement of files and folders in whichever computer one is using. Crucial information, which should be protected from access by every worker, is stored safely. At the very least, addition of malicious software that may corrupt the computers and perhaps the whole network will be avoided. This will protect the company from possible turmoil.
To start the process of checking whether what I had in mind would work, I diagnosed the computers for other possible sources of complaints, which included potential viruses that may be deleting documents and changing the passwords that were in question. After the application of an elimination method to the problem identification, the potential viruses were not present, apart from some programs installed that either had Trojan based “cracks” or invalid digital signatures that could be risky, let alone being illegal. Further research showed that after such instances, there was a probable confrontation that involved two workmates where one had used the computer most recently.
In addition to the personal diagnosis, I asked the employees for feedback on probable causes of data loss. Most of the employees sited sharing of passwords as a setback that could expose one to either malice or pure coincidence that would lead to loss of crucial data in the company. Frustrations were expressed on the inability to meet deadlines, not due to laziness, but due to such catastrophic errors that would mean starting the process all over again. Not only were the resulting inconveniences frustrating the customers, but also the customer service personnel report that the company experienced huge losses in income over time.
The potential sources narrowed to either innocent errors or malice that existed. It brought about friction in the workplace and was an issue that existed for a while. It was, therefore, important that an improvement in the security of login data be made with a compulsory change in passwords, which is apart from the active directory program that I had in mind. Most relevant to this proposal is the active directory service whose goals and objectives were quite clear.
Creating a server can be easily done, even from a normal computer for a very small number of users. Other than that, they offer cost effective means, but that is not an option for the company in this case due to the number of users. Server specific hardware is uniquely suited for the tasks with better orientation to carry out the purpose of data storage, protection, enhanced reliability due to the heavy duty parts that are used, larger connectivity to handle large amounts of data, and the ability to create upgrades to suit any expansions that may emerge in the future.
In this case, the company had two overloaded servers that were only used for the purposes of Internet connections to the users in two locations that they have. Available options of using the existing servers were not feasible due to the state of the servers and the required upgrade to use Exchange 2010. Further need for consultations emerged to make a good choice of the servers to be used. Mail support will be added to the system and this required a server that would be able to handle the data and give provisions for increase in users, without the need in immediate upgrade. Therefore, it was necessary to overdesign the system to handle more than what there was then.
In my opinion, Microsoft server software proved reliable, and members of the IT department in the company informed about problems with Linux-based server software. Another inclination came about in hardware service and parts. Necessary specifications were that one server would serve about 250 employees. I overdesigned it to handle 300 employees with a 2GB mailbox each. The main server would handle 500 employees for cost effectiveness working on a 2GB mailbox each and had easy upgrade requirements. HP ProLiant DL180 G6 Server for both cases was the best solution in my opinion.
Under such conditions, the company would have better security, improved employee satisfaction and thus improved performance, a mailing system for better communication, fewer customer complaints about the efficiency of the company, a backup system for all the data, and productivity increase making the business an ideal working area with no employee friction. All this would be done within an acceptable budget of hardware and software with minimal interruption for implementation.
Review of Other Work
This project required integration of various ideologies that were not fully understood. To ensure that indeed the system designed would meet the client’s specifications and if possible provide better performance for the present load and any increase in the future was in mind. The system would not require immediate upgrade if there was an increase in the number of employees. In particular, sizing the system that would handle the load became an issue, as some of the calculators had problems with providing the best specifications for the server, and some problems emerged with under-designing, as mentioned by a client in Microsoft technet chat room.
I tried “Exchange 2010 Mailbox Server Role Requirements Calculator”, but it doesn’t help in my configuration (SAN LUNs and hardware snapshots). It said I need 8 GB ram.
At the moment, Ex 2007 server has got 12Gb ram for 350 users. When there was 8Gb ram, we had memory issues, UM stopped working.
We will enable UM for all users in Ex 2010. It will increase the use of Exchange server. Also, we will enable Outlook Anywhere (RPC over HTTPS).
I don’t see the accurate sizing tools.
(Microsoft TechCenter, 2012)
Considerations emerged as a very important factor in various levels of the design process not only for the server, but also for the installation of the Windows Server 2008 Forest (Petri, 2009). This is particularly important when one is creating an active directory for the first time in the mentioned server. Forest and domain functional level decisions to determine whether Windows 2000 or 2003 servers can be in the forest singularly or both of them are to be made beforehand. Notably, there are several domain controllers that may not work in the Windows 2008 server (they are not supported), in particular, the controller that runs Microsoft Windows NT server 4.0 server OS. In that case, to support older NT 4.0 servers, it is inevitable that one should have domain controllers that run on Windows 2000/2003. With the option of either a global catalog server or RODC, the first Windows server 2008 DC should be a global catalog server in a particular forest.
Windows server 2008 harbors many improvements from its predecessors but notably comes with a different approach before running DCPROMO. As Lockstep Systems, Inc. (2012) explains, it is imperative that before promoting the server to a domain controller and finally installing active directory, the AD-DS role in the server should be activated. In fact, this is what makes the server a domain controller. Other than that, the DCPROMO will be run the usual way.
In addition to these requirements, it is held crucial that the following pre-installation requirements in the computer and the network should be met. Firstly, the partition that would be used in the server should be formatted to NTFS format. No major things should be done apart from a simple conversion to NTFS or a check to ensure that indeed it is in the prescribed disc format. Permission in the Administrator username and password is required, as well as free space on the partition (above 250 MB) and an operating system just in case it does not come with the hardware. To ensure that DNS registrations work well in the future, it is important to use dedicated IP addresses instead of dynamically assigned IP.
In that same line, a DNS server should be active; this can be the domain controller, too. In that case, the DC should point to its IP in the DNS server list to avert any possible hiccups that may emerge. It is recommended that the server should be connected to a network or other computer via crossover cable. If the server is the first DC and no network is available, simply installing Microsoft loopback adapter will finish DCPROMO.exe. It should be noted that indeed DNS configurations should be done before running DCPROMO or, as Petri (2009) recommends, you can let the DCPROMO wizard make necessary changes and configurations in the DNS. It is also recommended that one should not use domain names that do not have a period (single-label domain names) to prevent name collisions.
Internet connectivity in this case will need to be restored, and there are various measures or recommendations that are to be followed to ensure that indeed the connection works. An NAT device is recommended and helps connect client computers to the Internet. The NAT will “translates private IP addresses to one public one, and allows connectivity through one ISP-assigned IP address” (Petri, 2009). In essence, it eradicates problems when the Internet service provider (ISP) gives an IP address to the client. Isolating the clients on the local network is also an alternative in some cases. The server is connected to the NAT and a router. In that case, the local network clients will point to the DNS server (internal) and not the ISP’s DNS server. This will ensure that there is connectivity.
Rationale and Systems Analysis
Understanding the current system is a crucial start point in an upgrade or evaluation of whether indeed what is available does not suffice. In that sense, the understanding will shape the decisions made in the project that include, for example, whether the entire system needs to be removed and a brand new one put in place or some adjustments will suffice. From that statement, it indicates two sides of the considerations to be made. On the one hand, there is the current hardware and software infrastructure that is in place; on the other hand, we have the customer needs and complaints that are related to the system as it is.
After comparison, the overall needs of the business and professional expertise come in play, and any omitted defaults in the system that may not be noticed by the client will be unearthed to ensure that the suggested or proposed solution will be the best for the business. First, it is necessary to carry out a survey in order to determine which aspects of the current system set up are not to the expectation of the management and the staff in general. The information gathered pointed out that:
- Frequent loss of information can be caused by the sharing of information in computers in the workplace, which have a similar password apart from the management ones.
- The communication in the company is slow and this is taking a toll on the performance and customers who are slowly moving to competitors.
- Computers’ disk spaces are full, have unauthorized software, and show signs of malware and viruses.
- The current servers used are overloaded and also cause some glitches in the network.
- Management did not put in place a backup system for the company and the loss of the late one has shown a need for a backup.
- Network security is not sufficient and may expose staff to malice that will lead to friction and frustration among the workers.
Hardware inspection is another aspect of understanding the problem. The networking on the computers was proper and up to standard, apart from the dedicated servers that they used. The cabling was done on CAT 6, and the router was up to the task in serving the needs of the staff. Recommendations that followed were based on the feedback obtained and the managements’ budget on the matter.
A deeper analysis was done to ascertain the expectations of the management in terms of what software should be present in the systems and the extent to which the ideas in mind can stretch. Consultations on whether an off-net mailing service for the company will be of help in the communication problem is what led to installation of Exchange 2010 as part of the project.
Solutions in the case were diluted to installation of Active directory in Windows server 2008 and Exchange 2010 among other software that includes Manage Engine OP manager and backup software and hard drives. Active directory was a direct solution to the sharing of passwords in the company that put employees at risk of malicious intents by other employees, as well as vulnerability to loss of information in some unfortunate events. As a solution, Active directory would facilitate the log-in of members using specific usernames and passwords that would be changed now and then as a default setting in the server, for example, a 30-day password expiry cycle.
Computers in the network operate on Windows 7 ultimate 32-bit. With Microsoft Office Pro installed, Microsoft Outlook is available and can be configured to Microsoft Exchange. In this, Exchange 2010 will facilitate the use of Microsoft Outlook for internal communications from one department to another. The flow of information will be quicker and will improve the performance of the employees due to the infrastructure, as well as motivate the employees.
Backup is a major issue, and the options in the market are diverse. Broad categories of hard drive based backup systems and cloud based emerge. A business is affected adversely by the downtime it has, since this constitutes the productive time that is has. Therefore, the selection made should consider efficiency, as well as the reduction of the total downtime that will be experienced in the eventual case that the system is affected. In that case, the users’ files and details will be backed up in the server, and the server will get a backup of everything ensuring that indeed the information is secure.
Goals and Objectives
The project needs set several measurable and non-measurable expectations by the end of the completion of the project and beyond. Some of the compiled goals and objectives are as follows:
Enable easier communication by offline mail support
Reduce loss of information via shared passwords
Ensure back-up of information for emergency cases
Commission two servers for domain controlling
Reduce malware and viruses in the system installed by workers
Establish tools which report on system usage and users in general (Manage engine OP manager)
Upgrade the existing network hardware to support Active directory and Exchange 2010
Set up remote access capability for the mangers and mobile personnel
Ensure that relevant personnel are trained in using the system
Come up with a system that is cost-effective to remove budgetary constraints
Improve worker performance by installing a system that will ease communication and provide faster customer service
Eradicate friction between employees that emerges from loss blame games
Ensure proper user and information security by individual password protection (password content and expiry)
Publish a new security and group policy to inform the users of the expectations in the new system
This project will facilitate effective and reliable communication between all workers within the company. The offline mail system will be set up using Exchange 2010 and a mail server, which will enable the local users in the company to connect to the mail server from their workstations. The Microsoft Outlook application will come in handy by letting workers exchange emails among themselves and with other company stakeholders. In addition to enabling offline email support, Microsoft Outlook, which will come as part of the Microsoft Office Suite, will also include such functions as contact manager, task manager, calendar, note taking, and a journal. These features will enhance easier communication for multiple users within the organization. Additionally, the email system will have improved features for group conversations from different users within the company.
The active directory will reduce the frequent loss of information that comes about through malice or accident when one user shares their personal password with another user to let them access work-related or other information or files from their computers. This problem will be eliminated by letting a user log into any computer within the workplace and be able to access their files, folders, and emails just as they are on their computers. The Active Directory in the Windows Server will automatically download the full profile of a roaming user from the server once they log into a domain through any of the local computers in the workplace. As soon as the user logs off from the system, all changes made to the user’s profile will be saved in the domain controller and backed up in the server. This means that there will no longer be any need to share passwords. At the same time, a user will only be able to access and/or alter their individual profiles on the domain and the server without interfering with the profile of any other user.
This project will put in place a fully functional active domain and email system complete with hardware and software for backup of information for future reference and emergency cases, such as massive loss of data. All crucial data from all users on all domains will be stored in the servers. This way, the data of every user will be safely stored in the hard drives of the server. Thus, in the event that any of the hard drives in the local computers crushes, all data belonging to the affected user including their files, folders, and emails remain intact, as they will be stored in their profile in the server. It is also pertinent to ensure that all data stored in the server are also backed up in case the server also crushes. To mitigate a catastrophe of this kind, all information in the server will be periodically backed up in offsite hard drives. This will facilitate fast and effective retrieval of data in case of a massive loss of data in the company.
Given that the company has two branches, it is feasible to commission two servers to control the domains in each of the branches. The main server at the company’s headquarters will be designed to handle 500 users. This will not only be cost-effective, but also easily upgradable. This is because each of the projected 500 users will be allocated a 2GB mailbox, meaning that the server can effectively accommodate more users, as most of them will only be using about 1GB of memory each.
The second server will be designed to handle 300 users, each with a 2GB mailbox. These servers will play the role of responding to security authentication requests from all users. Therefore, it will be possible to control the domains by granting access to various computer resources with the use of a unique username and password for every user. It is important to note that every server will be configured to play the roles of a domain controller through installation of AD-DS. By so doing, it will be possible to create appropriate forests, domains, and additional domain controls within the existing domains.
The Active Directory in this project will grant access to computer resources and privileges that are specific to their job descriptions and authority ranks within the company. This move is aimed at controlling malware and viruses in the system by granting administrator permissions to specific individuals with authority over all users in each domain. Only the administrators will have the privilege to install, update or uninstall software into the system. The employees will be required to work within the limited permissions. Should any employee need to execute a function that is not permitted under their user profile, they will have to seek the intervention of the domain administrators who will in turn execute the task on their behalf. A user will only be able to access their profiles from the server through a unique username and password that will only allow them access to stipulated resources as determined by the domain controller. This move will eliminate the problems of viruses, worms, Trojan horses, spyware, and rogue security software.
In order to track activities of all employees on their computers, it is appropriate to integrate a reporting tool through which supervisors and managers at various levels will be able to obtain comprehensive reports on system usage and activities carried out by individual users. The Manage Engine OP Manager application will be used to fulfill this objective. This will make it possible to determine the number of working hours that are lost through inappropriate computer and Internet usage. The reporting tool will also help keep track of who accesses the system, when they access it, and what changes they make into the system by keeping a log of all users and their activities, including both authorized and unauthorized activities. Additionally, the Manage Engine OP Manager will be useful in tracking system errors such as leak of information and devouring of important data by insidious software.
The current system requirements are not capable of supporting the recent versions of Active Directory and Exchange 2010. For that reason, it is necessary to upgrade the network hardware to handle these recent applications for not only efficiency and effectiveness in computer usage and communication by workers, but also for increased system security. The circuit boards form the main hardware components of a computer network. Upgrading the current hardware will be in keeping with Moore’s Law, which states that “the number of transistors that can be placed inexpensively on an integrated circuit has doubled approximately every two years”. Simultaneous upgrading of the software by installing the named versions of Active Directory and Exchange 2010 will result in improved performance in processing data and transferring information.
The proposed system will allow secure remote access by managers and personnel who are working on locations away from the site. While remote access to a company’s internal system exposes the company to unauthorized access and manipulation of the company’s data, the system will be designed with a feature that allows secure connection for offsite personnel. To prevent unwarranted activities on the company’s Active Directory and email system, the system will be designed in a manner that nullifies unauthorized offsite access. The concerned employees will be required to access the system only when necessary and their activities will the recorded and tracked to ensure that they do not engage in unauthorized activities.
The new system will be effective in avoiding undesirable conflicts and friction among employees. With the current system, employees find themselves in a fix, as they have to share their passwords in order to allow their workmates to use their computers for various reasons. This occasionally results in distortion or loss of important data from the shared computer because all information is stored in its hard drives. The aftermath of such interference is friction between the concerned workers, as they blame each other for the loss. With the Active Directory in the new system, users will no longer need to share passwords, as every user will be able to log into their profiles and access all their data from the server without interfering with the data of another user.
The new system will come with the feature of improved security to protect company and individual data. Specifically, every employee will be allocated a user name in the domain and will be required to develop a unique password for themselves. The system will be designed so that password requirements will include letters and at least one number and one symbol; thus, no one can guess the password of another user. The passwords will expire every month, meaning that the system will also require users to change their passwords on a monthly basis. This will make the passwords more secure and bar unauthorized persons from accessing, altering or manipulating company and individual information.
The project will also include rigorous training of employees to make them conversant with the new system. This will help fill in any existing knowledge gaps as far as the use of the system is concerned. Proper knowledge of how the new system works through comprehensive training will lead to improved performance and productivity among the employees due to better working computers and communication system. The employees should undergo training on how to accomplish their tasks and communicate using the new improved system. Conversely, the management needs training in accessing the reports from the server and understanding what they mean so that they can act on them.
It will be necessary to formulate a comprehensive user policy for all employees and managers who will be using the new system. This will ensure that all users only execute authorized tasks using their workplace computers. Access to particular computer resources, networks, and information will also be governed by the security policy that will accord both individual and group permissions and privileges to appropriate personnel within the corporation. Any violation of the policy will be dealt with through the implementation of appropriate disciplinary measures as stipulated in the policy. The new security policy will be based on a revision of the existing policy with appropriate amendments and additions to suit the security needs of the new system.
Cost-effectiveness is important for all project management professionals and their clients. As such, the final goal in this project is to fully implement and conclude the project within the established budget. Cost-effectiveness will be emphasized throughout the planning and implementation phases of this project while at the same time paying attention to quality and efficiency. While the company allocated an upper-range budget for this project, the objective will be to come up with a system that meets and even exceeds all their short-term and long-term requirements in the most cost-effective manner possible. All stakeholders will certainly be pleased with an excellent project that meets their budgetary expectations.
In deliverables, some of the physical elements that will be added to the existing system and their supporting activities capture them. Majorly, these will include hardware, software, and training to handle the new system that will be put in place. Hardware includes two servers for the location and hard drives for the backup system. Software includes Windows server 2008 64-bit, Exchange 2010, and the OP manager “Manage engine” to provide easier management of the system. Other deliverables include the system topology design for the groups and directory replication and new security and group policies for the system.
The main agenda for the project was captured in the need to provide improved security for the use of computers in the organization, and this warranted the installation of a DC to facilitate Active Directory. The servers in the two locations were overloaded and this prompted replacement by other servers that will be able to handle the requirements of the business now and in the near future without requiring major upgrades. The selected servers differed slightly due to the workload that they were expected to handle in the business. A particular tuning to suit the Exchange 2010 version was an additional inclination to these machines, along with the DAG replication ability of the main server in case of any failure. The specifications for the main server that will handle 500 mailboxes, 2GB each are as follows (HP, 2009):
• Two DL180 G6 servers
• One Intel Xeon E5520 processor per server
• 10 gigabytes system memory (DDR3 registered DIMMs) per server
• P410 storage controller with 256MB BBWC option kit per server
• Hot plug 12 disk cage kit per server
• Two 146GB SAS 15K disks (OS) per server
• Redundant power option
• Redundant fan option
And for the mailbox (SAS LFF option 500 mailbox option)
• 10 450GB SAS disks 15K LFF per server
For the location of two servers to handle 300 users, 2GB mailbox each,
• One DL180 G6 server
• One Intel Xeon E5504 processor
• 8 gigabytes system memory (DDR3 registered DIMMs)
• P410 storage controller with 256MB BBWC option kit
• Hot plug 12 disk cage kit
• Two 146GB SAS 15K disks (OS)
And for the mailbox (SAS LFF option 300 mailbox option)
• 7 450GB SAS disks 15K LFF per server
For backup purposes, the hardware selected is 1TB Toshiba hard disk, which is handy and very portable. In addition to the reputation the company has for creating storage media for portable devices in the last five years, the hard disks are automatic and offer hassle-free solutions to various needs. Twelve of these disks will be used to back up the main server, which will hold data for the whole company (Walmart, 2013). Further specifications of the hard drives are as follows:
1TB Expanded digital storage
USB 3.0, USB 2.0 Flexible interface with fast transfer speeds
Plug n play
Model No.: PH2100U-1EWR
Shipping Weight (in pounds): 0.55
Product in Inches (L x W x H): 4.69 x 3.27 x 0.37
Powered by NTI Pocket Data Backup
Another aspect of this project is the software part. The main one is the Operating system (OS) of the servers, which will be able to offer the Active Directory for the core part of the objectives of the project. Two options can be used. One of them is purchasing hardware and then later purchasing the OS separately, and the other option is buying the hardware with the OS already installed. The second option offers reduced time consumed in the purchase of the two separately, perhaps, with a cost saving depending on the distributor/dealer. Therefore, the server hardware will come with Windows Server 2008 64-bit installed. Server configuration will follow a layout similar to the diagram provided below (Microsoft TechNet, 2012).
The email configuration part of the project is in need of software. Exchange 2010 will be installed to cater for off-net emailing within the company. In this case, the purchase of the software does not have the option of prior installation into the server. Purchase will be made and thereafter installation after creating a domain and other server configurations. User accounts and groups will be created in the exchange to hold every staff member in the organization. There are no variants of the software apart from available editions. A standard edition will suffice.
Server and related services management and operation can be challenging. Indeed, some of the commands and aspects that one may need may prove to be hard for a layperson (non-technical personnel). To minimize errors that may occur due to this, software for managing active directory and exchange servers among a host of other functions have been simplified from command-prompt-based instructions to icons and GUI (Graphical user interface) that are simple to use for non-technical personnel. In this case, it is important for the management to keep a log of all activities and reduce any errors that may emerge therein. OP Manager “Manage engine” is to be installed in the servers at both locations for this purpose.
Installation of a new system means creation of a new working environment for the employees to work in. Primarily, ground rules need to be laid down on the use of the new system. For example, it is necessary to make it clear that the rights in the system are allocated based on the job description of individuals in the organization, as well as rank or authority. It means that IT personnel will add software, and the use of the email is for official matters only. Confidentiality of login information will be covered in the policy document, as well as a preset 30-day password change cycle, to ensure that security is upheld at all times. Other aspects and usage rules will be generated at commission of the new system.
In addition to the introduction of policies, training will be provided for members of the company based on the features that have been introduced depending on the level of rights of the individual. Adding user groups into the system and off-net email, getting system information, using the email service, password cycle, and security features of the system will be done. Other than that, backup procedures and recovery will be imparted to the relevant personnel in the organization.
Project Plan and Timelines
The project will be started when the management is not inconvenienced by the downtime for the system. Such a consideration will be in order to avert any losses or friction that may emerge from delay of customers. Some of the activities that can be done concurrently will be done in that manner to reduce the total time taken by the whole project. Critical activities will be established and given high priority to ensure that the prescribed period is not lengthened to the disadvantage of the company. In tabulation, the expected times to be taken by the elements in the project are provided below.
Related Free Proposal Essays
- Issues That Need To Be Improved
- Business proposal for Guess Jeans company
- What needs to be improved in the United States?
- Violence on Television
- The awareness of physical abuse of the elderly in living facilities
- What Experiences and/or Skills Best Prepare you for Success in Business?
- To Eradicate Poverty, Down Town Morals Should Be Instilled On The Younger Generation
- Project Proposal Essay
- Human Nature Proposal
- Public School Teachers should be Paid More
What Our Customers Say