Designing an enterprise-sized Windows network is straightforward yet complex. What do I mean by this? Well, enterprise network design is straightforward in the sense that it's simply a matter of assembling the right building blocks, i.e., domains, domain controllers, sites, site links, server roles, and so on. But it's also complex because even if your network design is good in theory, in the real world where bandwidth is limited and connectivity is not always assured, your design might not work well at all. Still, enterprise network design is relatively simple in principle because you can easily build a flowchart to take you through the decision-making process for each element of an Active Directory-based network.
What about networks for small businesses where there are only a few dozen employees? You might think planning in this case would be simpler, but this isn't necessarily the case. That's because enterprise planning processes are designed to scale upward well, but they don't scale downward as easily. For example, instead of asking yourself how many domains you should deploy, you also have to ask if you really need Active Directory at all, or if you can simply make do with a workgroup. Rather than ponder how many VPN servers you need to support your mobile workforce, you're stuck asking whether your business can afford even one extra server running the VPN role, or whether you should use some other product such as GoToMyPC or a VPN appliance to provide the minimal level of remote access your single sales associate needs. And instead of separating server roles for greater security, small businesses with limited resources may find themselves loading up most or all of their roles on a single server in order to cut costs. Finally, small businesses may have only one full-time administrator on staff (if any), and must instead rely on consultants to design, install, configure, and even maintain their systems and networks.
While some small businesses may decide to design their networks from the ground up the way large enterprises do, many may want to take a good hard look at using Microsoft Small Business Server instead. SBS has several advantages over the roll-your-own approach to network design: integrated roles, lower cost, wizard-driven configuration, and flexible licensing options. For example, although running your Intranet web site off of your domain controller is not an ideal approach from a security perspective, SBS is tuned to enable these two roles to coexist on the same machine without the usual security considerations. And while using standard Windows Server administration tools can be daunting for the inexperienced user, the wizard-driven approach used by SBS makes it possible for administrators with (almost) no technical knowledge to set up and configure their servers.
SBS also gives you the security of Active Directory, Exchange Server for mail, SharePoint Services for collaboration, Windows Server Update Services (WSUS) for managing your security updates, Outlook Web Access (OWA) and Outlook Mobile Access (OMA) for mobile users with laptops and Windows Mobile 5 hand-held devices. It also offers Remote Desktop for remote server management, Remote Web Workplace (RWW) to enable users to remotely access their desktops, and if you deploy the Premium edition, it includes the Internet Security and Acceleration (ISA) Server 2004 firewall and SQL Server 2005 Workgroup Edition. The cost of all these separate features is far more than the cost of the package in SBS, so it's a pretty good deal from a business perspective. Plus, the peer support network for SBS is excellent, with a Microsoft public newsgroup devoted to the product where Microsoft Most Valuable Professionals (MVPs) are ready to answer your SBS questions. There's also a terrific book that can help you quickly set up SBS and get the most out of using it--the Microsoft Small Business Server 2003 R2 Administrator's Companion by Charlie Russel and Sharon Crawford. I'm slightly biased because I was technical editor for the latest edition of this title, but trust me: if you want to learn how to work with SBS, this is the best resource available.
Finally, what if you'd rather roll your own solution instead of using SBS? In that case, here are ten tips for small network design that you may want to keep in mind:
Mitch Tulloch is the author of Windows 2000 Administration in a Nutshell, Windows Server 2003 in a Nutshell, and Windows Server Hacks.
Return to the Windows DevCenter.
Copyright © 2009 O'Reilly Media, Inc.