Category list

Chapter 1: Using Windows Server 2003 Planning Tools and Documentation

Introduction

Planning is the first step in building a reliable, secure, high-performance and highly available Windows Server 2003-based network. In this chapter, we begin with an overview of network infrastructure planning, introducing you to planning strategies and how to use planning tools.

We will review the fundamentals of network design, including analysis of organizational needs. These include factors such as information flow, management model, organizational structure, and issues of centralization versus decentralization. We discuss management priorities, including availability and fault tolerance, security, scalability, performance, and cost. Next, we address user priorities, which include e-mail communications, scheduling and task management, project collaboration, data storage and retrieval, Internet research, application services, print services, and graphics/audio/video services.

This chapter also looks at legal and regulatory considerations, how to calculate total cost of ownership (TCO), and how to plan for future growth. We discuss how to develop a test network environment, and how to document the planning and network design process.

Overview of Network Infrastructure Planning

Proper planning of a network infrastructure is essential to ensuring high performance, availability, and overall user satisfaction with your network operations. In order to create a viable network design, you’ll need an understanding of both the business requirements of your organization as well as current and emerging networking technologies. Accurate network planning will allow your organization to maximize the efficiency of its computer operations, lower costs, and enhance your overall business processes.

When planning for a new infrastructure or upgrading an existing network, you should take some or all of the following steps:

Document the business requirements of your client or organization.
Create a baseline of the performance of any existing hardware and network utilization.
Determine the necessary capacity for the physical network installation, including client and server hardware, as well as allocating network and Internet bandwidth for network services and applications.
Select an appropriate network protocol and create an addressing scheme that will provide for the existing size of the network and that will allocate room for any foreseeable expansions, mergers, or acquisitions.
Specify and implement technologies that will meet the existing needs of your network, while allowing room for future growth.
Plan to upgrade and/or migrate any existing technologies, including server operating systems and routing protocols.

In this section, we’ll discuss best practices and strategies for planning your network implementation. We’ll then look at the various tools that you can use for network planning, both from Microsoft and from other vendors . We’ll conclude with some fundamentals of network design that will provide you with a good starting point for designing a network that will best meet the needs of your organization and its users.

Planning Strategies

When designing a new network, you should first use the business requirements of your organization as the primary source of planning information. You’ll need to create a network infrastructure that addresses the needs of your management structure, such as fault tolerance, security, scalability, performance, and cost. You’ll need to balance these requirements with the types of services that your users and clients will expect from a modern network, including e-mail, calendaring, project collaboration, Internet access, file, print, and application services.

After you’ve determined the business requirements of your network, you should then analyze the technical requirements of your organization. These requirements may apply to any applications that are already in use or that you plan to implement, as well as to the associated hardware and operating system. You should carefully note all of these requirements so that you won’t create any difficulties later on during the implementation process. Be sure to analyze and document the existing network, including any hardware, software, and network services that are already in place. This will make it easier to take the existing configuration into account when planning the new or upgraded network.

Finally, any well- formed network plan should make allowances for future changes to the organization, including support for new technologies and operating systems, as well as additional hardware and users. Your organization’s business requirements can change—through a merger, an acquisition, or simple growth and expansion. Although it is impossible to foresee all possible changes of this nature, a good network design will be flexible enough to accommodate as many adjustments as possible.

Using Planning Tools

There are a number of tools available to assist you in developing a plan for your network infrastructure. The first and best of these, however, might be the simplest: pencil and paper. As we discussed in the previous section, you should begin your planning by determining the requirements of the business that will be using the network. The best way to do this is through face-to-face interactions, by interviewing relevant managers and staff members of each department, branch, or business unit. Not only does this allow you to construct a complete picture of your network requirements, but it also involves stakeholders from the various departments. This sort of involvement is critical in ensuring the successful deployment of any new or upgraded technology.

After you have a high-level understanding of your company’s organizational structure and computing needs, you should inventory the hardware and software that is already in place. In a small office environment, you can accomplish this by simply taking a walk to determine the physical layout of network cables, routers, and the like. In a medium- to large- sized enterprise network, you will probably want to rely on automated inventory tools such as Microsoft’s Systems Management Server (SMS) or a third-party equivalent. Take as detailed of an inventory as possible, including the hardware configuration of server and workstation machines as well as vendor names and the version numbers of the operating system and business applications the systems are running.

You can use a network analyzer, such as the Network Monitor utility built into the Windows Server 2003 operating system or the more full-featured version of Network Monitor included in SMS, to create a baseline of the current utilization of your network bandwidth. If this utilization is already near capacity, you can use this baseline to justify and plan upgrades to your network infrastructure (moving from 10MB Ethernet to 100MB Ethernet, for example).

Exam Warning

The version of Network Monitor that ships with Windows Server 2003 can analyze only traffic addressed to the network interface card (NIC) on the server itself or that is sent by the server on which it is running. The SMS version of Network Monitor operates in promiscuous mode , enabling it to capture all network traffic on a given segment, even if the traffic isn’t addressed to or from the local server.

Windows Server 2003 has introduced new management features that will assist you in planning your network configuration, especially in the areas of user and computer management. The Resultant Set of Policy (RSoP) Microsoft Management Console (MMC) snap-in contains a Group Policy modeling function that will allow you to simulate changes to Group Policy Objects (GPOs) in an Active Directory (AD) environment before actually applying them to a production network. For example, if you want to apply a new GPO to a departmental Organizational Unit (OU), the modeling report will indicate how the new GPO will affect the objects within the OU to which it’s being applied. The Group Policy Management Console (GPMC) can also provide detailed configuration reports on existing GPO settings in place on a Windows 2000 or Windows Server 2003 AD installation.

Exercise 1.01: Generating a Group Policy Modeling Report

{% if main.adsdop %}{% include 'adsenceinline.tpl' %}{% endif %}

In this exercise, we’ll take a look at a GPMC modeling report for a Windows Server 2003 domain.

Click Start Run , type mmc, and click OK .
Click File Add/Remove Snap-in , and then select the Resultant Set of Policy snap-in. Click Add, and then click Close .
Right-click Resultant Set of Policy , and then click Generate RSoP Data . Click Next to bypass the initial Welcome screen.
On the Mode Selection page, select Planning mode as shown in Figure 1.1, and then click Next .

Figure 1.1: Selecting the RSoP Report Mode
On the User and Computer Selection page, shown in Figure 1.2, specify the name of the user and computer that you wish to analyze, and then click Next . Alternatively, you can select an entire user and/or computer container (such as a site, domain, or OU) to analyze.

Figure 1.2: Specifying the User and Computer Information
From the Advanced Simulation Options page, shown in Figure 1.3, you can choose to modify a number of reporting options, such as simulating a slow network connection or the use of loopback processing. Click Next when you’re ready to continue.

Figure 1.3: Advanced Simulation Options
On the User Security Groups page, shown in Figure 1.4, you’ll see the security groups to which the specified user belongs. You can use the Add or Remove buttons to specify different security group memberships to simulate. (If you make a mistake, you can click Restore Defaults to return to the user’s actual group membership.) Click Next when you’re ready to continue.

Figure 1.4: Simulating User Security Group Membership
The next page lists the security groups to which the specified computer belongs. As in Step 7, you can use the Add or Remove buttons to change the contents of the RSoP report. Click Next to continue.
By default, the report will include all possible Windows Management Instrumentation (WMI) filters, as shown in Figure 1.5. (WMI filters allow you to apply GPOs to users or computers based on hardware and software attributes such as operating system, free hard drive space, and the like.) If you’ve created any WMI filters that would cause the computer you’ve specified to not be subject to Group Policy, you should remove them by clicking the Only these filters radio button and selecting Remove. Click Next to repeat the process for any computer-specific WMI filters.

Figure 1.5: Selecting WMI Filters
Click Next again. You’ll see a summary of your choices, as shown in Figure 1.6. If you are satisfied with the selections you’ve made, click Next again to run the simulation.

Figure 1.6: RSoP Summary Screen
When the simulation has completed, click Finish . In the console tree, click the RSoP query to view the data. You’ll see the output in a screen similar to the one shown in Figure 1.7.

Figure 1.7: A Completed RSoP Simulation

As you can see, Group Policy modeling will allow you to perform “what-if?” analyses to simulate the creation of new security groups or OUs. You can also use simulated WMI filters to see how GPO settings and inheritance would change if you upgraded a workstation from Windows NT to Windows XP Professional, for example. GPMC modeling is definitely a useful tool to have in your arsenal as you begin developing your Windows 2003 Server network design.

Fundamentals of Network Design

When you design a network, the most important question is unfortunately the most often overlooked: Why are you building the network to begin with? It’s easy to become so excited about the new technologies available to you that you can overlook the business requirements of your organization. Even if you eventually configure the resultant network to meet your needs, it can become a far more complicated (and expensive) process than if you had begun by fully detailing business requirements in the first place. This can be even more hazardous when you are working as a consultant for an independent company, because you need to be very specific in obtaining the appropriate information from your clients. Too often, you’ll hear, “We need a Frame Relay network” or, “We need you to install a Check Point firewall.” These statements give you a solution without telling you about the problem or need that the company is attempting to address. (Imagine walking into your doctor’s office for the first time and telling her that you need your foot amputated, rather than simply reporting that you have an ingrown toenail.) It is important to use available technologies to meet business requirements, rather than implementing them for their own sake.

A company’s business requirements can include a number of factors that you need to keep in mind. An obvious issue is that of cost , whether you are interested in improving user efficiency to save money, or pumping cash into high- powered server farms to increase sales revenue on an e-commerce site. You need to decide how much money your company is willing to spend , or how much money you expect a new technology to save the company. Either way, if your network design costs more than it ends up making (or saving) for a company, you’ve failed to meet this critical requirement. This will come up later in this chapter in the “Calculating TCO” section .

After you’ve determined the budget for your new network, you should take stock of the current state of your company’s computing technology. Ask the following questions:

What resources are already in place?
How much needs to be upgraded or replaced ?
What can be reused in the new or upgraded network?

Although completely new network installations are becoming a rarity except when dealing with new construction, they do present their own unique challenges. When planning a new network installation, don’t take even the most basic configuration items for granted. Here’s a real-world example: A medical supply firm was moving from an environment consisting exclusively of mainframes and dumb terminals to an installation of networked PCs and servers. Part of the physical installation included running pipes under the flooring to allow the network cabling to run throughout the building. Unfortunately, the construction manager received his specifications from the mainframe administrator, who was relatively unfamiliar with PC technology.

The mainframe manager assumed that the PCs would use the same type of cable to connect to the routers and hubs that was used by the existing dumb terminals. He did not consult with the new LAN administrator, or he would have known that the new networked PCs would be using Category 5 (CAT5) Ethernet cabling, which proved to be roughly three times the diameter of the mainframe access terminal cabling. This error wasn’t discovered until after the subfloor piping had already been laid; the LAN administrator quickly discovered that there wasn’t enough physical room to run all the necessary cable drops through the too-small piping.

Rather than incur the increased cost of running the piping all over again, management tasked the LAN administrator with installing network connectors that would use the smaller network cabling. This created an excess of performance bottlenecks until the subfloor piping was rerun two years later. Remember this true tale of how a seemingly insignificant detail can escalate into a much larger problem when you’re establishing the particulars of your network design plan.

There might be existing technologies that will need to be maintained and supported even after the new design is in place. Be sure to include budget information for performing all necessary upgrades and providing ongoing support for your legacy systems.

The next step in designing your network is to understand where your users are located. Understanding the physical geography of your company and its employees is critical in designing a cost-effective local area network (LAN) or wide area network (WAN). You’ll not only need to determine where your users are located, but also the location of the services that they need to access. A geographically diverse user base can easily necessitate the installation of dedicated WAN links or a virtual private network (VPN). Understanding where your users and resources are located will also help you to determine the amount of network bandwidth that your design will require. Network planning tools such as a network traffic analyzer will help you to determine the amount of traffic generated by your users and clients. To determine bandwidth requirements, you must consider current traffic levels while always leaving room for growth.