Moving peer-peer to client/server?

This question is more related to general windows networking, as opposed to
windows server, but moving from peer-peer to client/server is part of my
client's question, so I'm posting this here:



I'm a long time programmer who has maintained a Windows 2003 server domain
in my home, but I'm by no means a network specialist. As a volunteer at a
local NPR ratio station (WJFF), I've been asked to try to help them resolve
their network problems. I'd rather not leave them in worse shape than they
are now, so I'd like to seek suggestions from those who really know what
they're doing.



Right now they have a 9-node peer-peer network, consisting of 2 Windows 98
machines, 2 running Windows 2000, and the remainder running Windows XP
(Professional, I believe, but I wouldn't swear to it.). These are hooked up
through a combination of a 8-port Linksys switch, combined with a second
hub/switch on one of the lines to give them a few extra nodes. They are
using DHCP through the Linksys unit. If it has a firewall feature, they are
not using it. One of the machines is equipped with two NIC cards, and
participates in a second network that controls their on-the-air software, so
we're not going to be messing with that network, as it works adequately. The
reason for the dual-card machine is so that they can move sound files into
the main network for editing, etc.



The Problem: Shared drives are sometimes reachable, sometimes not.



They've expressed a willingness to go to a Windows 2003 Server domain, but
my initial inclination is to solve the existing problem first, then examine
their needs to determine whether they need to change their basic topology.



I've had problems using DHCP in the past, so my first inclination is to
advise them to turn it off on the Linksys switch, and assign each node a
fixed IP address of the form 192.168.0.xxx/255.255.255.0



Is this reasonable, or should I be looking at other areas first?



I might also ask if the machines that are hooked through the second hub are
those encountering problems. I know it shouldn't matter, but I've
encountered difficulties when doing that in my home system (which now uses
an 8-port Netgear firewall/switch, and works perfectly).



The second issue they have, not strictly related to networking, involves
data security. They have a good many irreplaceable documents throughout this
system, and though they strive for redundancy, there's no real procedure for
saving documents in multiple locations.



Going for a large tape drive would probably be prohibitively expensive for
them. My guess is that they would probably not use it regularly anyhow.
Hence, my next inclination, once the network is stable, is to set up one
Windows 2003 Server, configured as a stand-alone server on the workgroup,
and equip it with two big mirrored drives, and designate that as a dedicated
file server. (They have an extra machine, and get all of their Microsoft
software at non-profit prices, so they can afford this route.)



Question: Is the software-mirroring adequate for ensuring their data
security? Again, we're not looking for ideal--just something a bit more
measured than the current pandemonium.



Thanks.



Joe

In news:(E-Mail Removed),
Joe Befumo <(E-Mail Removed)> typed:
> This question is more related to general windows networking, as
> opposed to windows server, but moving from peer-peer to client/server
> is part of my client's question, so I'm posting this here:
>
>
>
> I'm a long time programmer who has maintained a Windows 2003 server
> domain in my home, but I'm by no means a network specialist. As a
> volunteer at a local NPR ratio station (WJFF), I've been asked to try
> to help them resolve their network problems. I'd rather not leave
> them in worse shape than they are now, so I'd like to seek
> suggestions from those who really know what they're doing.
>
>
>
> Right now they have a 9-node peer-peer network, consisting of 2
> Windows 98 machines, 2 running Windows 2000, and the remainder
> running Windows XP (Professional, I believe, but I wouldn't swear to
> it.).

The first thing to look at is getting *all* the clients on Win2k, or WinXP
Pro - ideally, all on the same OS version & SP.


> These are hooked up through a combination of a 8-port Linksys
> switch, combined with a second hub/switch on one of the lines to give
> them a few extra nodes. They are using DHCP through the Linksys unit.
> If it has a firewall feature, they are not using it.

<cringes> Why on earth not?

> One of the
> machines is equipped with two NIC cards, and participates in a second
> network that controls their on-the-air software, so we're not going
> to be messing with that network, as it works adequately.

Does this also need to participate in the domain, or can you leave it
alone/isolated?

> The reason
> for the dual-card machine is so that they can move sound files into
> the main network for editing, etc.

A VLAN or router between the two networks might make more sense.....
>
>
>
> The Problem: Shared drives are sometimes reachable, sometimes not.

Workgroups are funky like that. And note that WinXP Pro and Win2k have a
10-connection limit (and more than one connection may be in use by one
computer, at any given time). WinXP Home has a 5-connection limit.
>
>
>
> They've expressed a willingness to go to a Windows 2003 Server
> domain, but my initial inclination is to solve the existing problem
> first, then examine their needs to determine whether they need to
> change their basic topology.
>
>
> I've had problems using DHCP in the past, so my first inclination is
> to advise them to turn it off on the Linksys switch, and assign each
> node a fixed IP address of the form 192.168.0.xxx/255.255.255.0

Well, I don't think this is really that relevant to your questions herein,
but I always use DHCP, and have really had no problems with it. I haven't
used static IPs on workstations for years. When I need a non-changing LAN
IP, I set up a DHCP reservation.


>
>
>
> Is this reasonable, or should I be looking at other areas first?

You might look into SBS2003 for them. It's less expensive, has more
features, and is designed for small networks without experienced admins.
It's very user friendly for admins and users alike. The wizard-centricity of
SBS may drive many people crazy (myself included) but if you follow the
setup instructions/wizards to the letter, you will end up with a
well-configured server. I tend to use SBS2003 Standard with a single NIC -
but if you go that route, you will need a better hardware firewall/router
appliance than you've got now, I suspect. Premium comes with ISA, and for
that you need two NICs.

>
>
>
> I might also ask if the machines that are hooked through the second
> hub are those encountering problems. I know it shouldn't matter, but
> I've encountered difficulties when doing that in my home system
> (which now uses an 8-port Netgear firewall/switch, and works
> perfectly).

I'd get them a new switch - if you're interested in the VLAN approach above,
get a layer-3 capable one. They aren't that expensive nowadays.
>
>
>
> The second issue they have, not strictly related to networking,
> involves data security. They have a good many irreplaceable documents
> throughout this system, and though they strive for redundancy,
> there's no real procedure for saving documents in multiple locations.

Redundancy shouldn't mean 'save documents in multiple locations,' I think.
You should build out a server with enough redundancy to handle hardware
failure - SCSI RAID, with a hotspare (a single RAID5 array would probably
work just fine for them). Dual power supplies. Dual processors. And then -
regular, fully automated backups.

>
>
>
> Going for a large tape drive would probably be prohibitively
> expensive for them.

USB hard drives can be used, too. They should be swapped out so that you can
do offsite storage, tho. Your backups won't be of much use if your building
burns down, taking the media with it.

> My guess is that they would probably not use it
> regularly anyhow. Hence, my next inclination, once the network is
> stable, is to set up one Windows 2003 Server, configured as a
> stand-alone server on the workgroup

Why not a domain? Centralized everything, is so much nicer.

> , and equip it with two big
> mirrored drives, and designate that as a dedicated file server. (They
> have an extra machine, and get all of their Microsoft software at
> non-profit prices, so they can afford this route.)

Mirrored drives aren't enough, I think. And after you have more than a small
handful of workstations, I don't like workgroup configurations. Do check out
the SBS pricing - it comes with 5 CALs, and you can buy additional CALs in
5-packs (you'll need one more pack of 5). Compare the price to W2003
Standard and 10 CALs for same.
>
>
>
> Question: Is the software-mirroring adequate for ensuring their data
> security? Again, we're not looking for ideal--just something a bit
> more measured than the current pandemonium.

It would be better than what they're doing now - or, since you will then
have a single point of failure. it might not, if you aren't also backing up
the server. If you're going to do it, do it right, I say. I really don't
like to skimp on server hardware. They can get nonprofit pricing on hardware
just as well as software - at least, there's no tax.
Are you familiar with www.techsoup.org ?

>
>
>
> Thanks.
>
>
>
> Joe

HTH.

Thanks for helping me not make an ass of myself ;^)


> The first thing to look at is getting *all* the clients on Win2k, or WinXP
> Pro - ideally, all on the same OS version & SP.

That should be pretty easy to do.


>
> <cringes> Why on earth not?
>

Yeah, me too -- basically, they never thought about it. No one there is
really computer savy. Also easy enough to do,

> Does this also need to participate in the domain, or can you leave it
> alone/isolated?

I think there's at least need to be some kind of trust relationship
involved. They basically want to be able to freely move .wav files in and
out of the studio area for editing in the office area. I'm not sure how the
studio is set up (domain or workgroup), but I'm tempted to guess the latter.
However, I wouldn't see it as being prohibitive if they had to enter a
username/password to establish their connection.

> A VLAN or router between the two networks might make more sense.....
I'll investigate that approach. I realy know little about configuring
routers, but I do I recall having set up a VPN sometime in my distant
past -- would that work?

>> The Problem: Shared drives are sometimes reachable, sometimes not.
>
> Workgroups are funky like that. And note that WinXP Pro and Win2k have a
> 10-connection limit (and more than one connection may be in use by one
> computer, at any given time). WinXP Home has a 5-connection limit.
>>

Ah, that's definitely something I can investigate. I'm beginning to suspect
that maybe a 2003 Server working as a fileserver as well, with some kind of
RAID arrangement may be the way to go.

>>
> Well, I don't think this is really that relevant to your questions herein,
> but I always use DHCP, and have really had no problems with it. I haven't
> used static IPs on workstations for years. When I need a non-changing LAN
> IP, I set up a DHCP reservation.

Okay, then no need to mess with what works.

> You might look into SBS2003 for them. It's less
expensive, has more
> features, [snip]

Okay, thanks. I'll Google that.
>
> I'd get them a new switch - if you're interested in the VLAN approach
> above, get a layer-3 capable one. They aren't that expensive nowadays.
Okay, I'm not sure what that is, but I'm sure I'll be alble to find out.
Thanks.

>>
>>
>>Redundancy shouldn't mean 'save documents in multiple locations,' I think.
> You should build out a server with enough redundancy to handle hardware
> failure - SCSI RAID, with a hotspare (a single RAID5 array would probably
> work just fine for them). Dual power supplies. Dual processors. And then -
> regular, fully automated backups.
>

Yeah, well . . . this station is really shoestring, so building a 'real
server' is probably not in the cards at this time.

How good is the software RAID built into the OS? The impression I got was
that they might be able to squeeze out something like a BestBuy machine with
a couple of extra IDE drives and maybe a gig of ram, but even that would be
tight just now. I mean . . . these people are running the whole station on a
$60k/year budget.

> Why not a domain? Centralized everything, is so much nicer.

I think you're definitely right. I believe it would get them into a topology
they can grow with, and will undoubtedly be inherently more stable -- at
least what I found with my little home domain.


> Mirrored drives aren't enough, I think. And after you have more than a
> small handful of workstations, I don't like workgroup configurations. Do
> check out the SBS pricing - it comes with 5 CALs, and you can buy
> additional CALs in 5-packs (you'll need one more pack of 5). Compare the
> price to W2003 Standard and 10 CALs for same.
>>
>>
>>
>> Question: Is the software-mirroring adequate for ensuring their data
>> security? Again, we're not looking for ideal--just something a bit
>> more measured than the current pandemonium.
>
> It would be better than what they're doing now - or, since you will then
> have a single point of failure. it might not, if you aren't also backing
> up the server. If you're going to do it, do it right, I say. I really
> don't like to skimp on server hardware. They can get nonprofit pricing on
> hardware just as well as software - at least, there's no tax.
> Are you familiar with www.techsoup.org ?
>
See above, but yeah, I'll follow up that link & see what we can do. I agree
that a domain is a must. If nothing else, we can put a plan into place to
get them where they want to be in a set time, so they can work that into
their fund raising.

Thanks for this excellent advice. I feel a lot more secure that I'm not
going to screw them up worse than they are now.

Joe

AH, I see -- SBS=Small Business Server -- got it!

In news:(E-Mail Removed),
Joe Befumo <(E-Mail Removed)> typed:
> Thanks for helping me not make an ass of myself ;^)

Ah, well, I never promised that. ;-)

>
>
>> The first thing to look at is getting *all* the clients on Win2k, or
>> WinXP Pro - ideally, all on the same OS version & SP.
>
> That should be pretty easy to do.
>
>
>>
>> <cringes> Why on earth not?
>>
>
> Yeah, me too -- basically, they never thought about it. No one there
> is really computer savy. Also easy enough to do,

Yep.

>
>> Does this also need to participate in the domain, or can you leave it
>> alone/isolated?
>
> I think there's at least need to be some kind of trust relationship
> involved. They basically want to be able to freely move .wav files in
> and out of the studio area for editing in the office area. I'm not
> sure how the studio is set up (domain or workgroup), but I'm tempted
> to guess the latter. However, I wouldn't see it as being prohibitive
> if they had to enter a username/password to establish their
> connection.

I'd be concerned about having the two networks communicating with each other
at all -
>
>> A VLAN or router between the two networks might make more sense.....
> I'll investigate that approach. I realy know little about configuring
> routers, but I do I recall having set up a VPN sometime in my distant
> past -- would that work?

Might, but I'd worry that it would prevent connectivity to the LAN/domain
while enabled.

>
>>> The Problem: Shared drives are sometimes reachable, sometimes not.
>>
>> Workgroups are funky like that. And note that WinXP Pro and Win2k
>> have a 10-connection limit (and more than one connection may be in
>> use by one computer, at any given time). WinXP Home has a
>> 5-connection limit.
>>>
>
> Ah, that's definitely something I can investigate. I'm beginning to
> suspect that maybe a 2003 Server working as a fileserver as well,
> with some kind of RAID arrangement may be the way to go.
>
>>>
>> Well, I don't think this is really that relevant to your questions
>> herein, but I always use DHCP, and have really had no problems with
>> it. I haven't used static IPs on workstations for years. When I need
>> a non-changing LAN IP, I set up a DHCP reservation.
>
> Okay, then no need to mess with what works.

I'd definitely use DHCP, particularly if you set up AD (active directory)
and internal DNS.
>
>> You might look into SBS2003 for them. It's less
> expensive, has more
>> features, [snip]
>
> Okay, thanks. I'll Google that.

It's a good thing, and likely cheaper.

>>
>> I'd get them a new switch - if you're interested in the VLAN approach
>> above, get a layer-3 capable one. They aren't that expensive
>> nowadays.
> Okay, I'm not sure what that is, but I'm sure I'll be alble to find
> out. Thanks.
>
>>>
>>>
>>> Redundancy shouldn't mean 'save documents in multiple locations,' I
>>> think.
>> You should build out a server with enough redundancy to handle
>> hardware failure - SCSI RAID, with a hotspare (a single RAID5 array
>> would probably work just fine for them). Dual power supplies. Dual
>> processors. And then - regular, fully automated backups.
>>
>
> Yeah, well . . . this station is really shoestring, so building a
> 'real server' is probably not in the cards at this time.

I wouldn't put in a Windows server/domain controller at all if it couldn't
be done on robust server-class hardware with redundancy built in...it would
be way worse if *that* crashed (see "single point of failure" comment
earlier)
>
> How good is the software RAID built into the OS?

Software RAID is pretty much crap, unfortunately.

> The impression I got
> was that they might be able to squeeze out something like a BestBuy
> machine with a couple of extra IDE drives and maybe a gig of ram, but
> even that would be tight just now. I mean . . . these people are
> running the whole station on a $60k/year budget.

Yeah, I understand.

What about something like a NAS box instead? Just for centralized file
storage....Dell makes some not-too-expensive ones - Dell Storage Servers.
They can do RAID, too. Or a Linux box. Or two orange juice cans and a piece
of string!


>
>> Why not a domain? Centralized everything, is so much nicer.
>
> I think you're definitely right. I believe it would get them into a
> topology they can grow with, and will undoubtedly be inherently more
> stable -- at least what I found with my little home domain.

It would be swell, but again, if you can't invest in good hardware, and so
forth, perhaps it isn't the time to do it yet. Just clean up what you can
(again, get everyone on XP Pro SP2 if possible) and look into some kind of
centralized file storage, and then later on when budgets permit, you can get
a server. SBS2003 is really quite nice, and I speak as one who violently
abhored all previous versions.

>
>
>> Mirrored drives aren't enough, I think. And after you have more than
>> a small handful of workstations, I don't like workgroup
>> configurations. Do check out the SBS pricing - it comes with 5 CALs,
>> and you can buy additional CALs in 5-packs (you'll need one more
>> pack of 5). Compare the price to W2003 Standard and 10 CALs for same.
>>>
>>>
>>>
>>> Question: Is the software-mirroring adequate for ensuring their data
>>> security? Again, we're not looking for ideal--just something a bit
>>> more measured than the current pandemonium.
>>
>> It would be better than what they're doing now - or, since you will
>> then have a single point of failure. it might not, if you aren't
>> also backing up the server. If you're going to do it, do it right, I
>> say. I really don't like to skimp on server hardware. They can get
>> nonprofit pricing on hardware just as well as software - at least,
>> there's no tax. Are you familiar with www.techsoup.org ?
>>
> See above, but yeah, I'll follow up that link & see what we can do. I
> agree that a domain is a must. If nothing else, we can put a plan
> into place to get them where they want to be in a set time, so they
> can work that into their fund raising.

That's a good idea.

>
> Thanks for this excellent advice. I feel a lot more secure that I'm
> not going to screw them up worse than they are now.
>
> Joe

It sounds like they're in good hands with you, honestly. :-)

Thanks so much for the ongoing help and kind words!

I'd never thought about a storage server, but that might be just the ticket.
Thanks for the idea.

Are there any VLAN resources online that you'd recommend? I've checked some
links & have a high-level idea of what it is, but no clear understanding of
how it's configured. Thanks again.,

Joe
http://www.befumo.com

In news:(E-Mail Removed),
Joe Befumo <(E-Mail Removed)> typed:
> Thanks so much for the ongoing help and kind words!

You're welcome!
>
> I'd never thought about a storage server, but that might be just the
> ticket. Thanks for the idea.

Glad to put the bee in your bonnet or flea in your ear or bats in your
belfry, or whatnot..... and do think about the long-term plans, and budgets
required, for future expansion/improvement. I like domains, because I like
to control everything from the relative comfort of one desk chair - and
because they just tend to work better IMO.
>
> Are there any VLAN resources online that you'd recommend? I've
> checked some links & have a high-level idea of what it is, but no
> clear understanding of how it's configured. Thanks again.,

I'm no expert, by any means - but
http://searchnetworking.techtarget.c...177479,00.html
looks helpful.

I know I've seen some fairly inexpensive Netgears that can do this - I'm
presuming Cisco Catalyst is a bit out of your price range.


>
> Joe
> http://www.befumo.com

Here's what I'm thinking of recommending to them:



I think the first phase for this client is to get all their machines up to
Windows XP Professional with the latest service packs & see if we can't at
least get them stable. If their router has a built-in firewall, I'll enable
it & make sure it's configured properly for their needs. They have one
machine dedicated to serving an audio stream to their web provider to
provide their online streaming audio service, so I suspect that might be an
area to watch, but I don't believe they use anything else other than their
web browsers. If finances allow, they should replace the existing 8-port
router + 4-port switch with a single 16-port router with a built-in firewall
(I'm thinking maybe Linksys, which is what their current 8-port unit is.)



I'll might suggest that they address their data security needs
procedurally -- maybe a round-robin system of shared folders across all the
machines, with each backing up "My Documents" to its designated backup
machine -- I'm guessing I should be able to set up some kind of batch file
and have it fire automatically in the middle of the night. Not perfect, but
better than nothing for now. Thoughts?



Then we can look at where they want to go next. While a Windows 2003 or
SBS2003 Domain would give them better performance, security, and a growth
path, introducing a single point of failure without a server-class machine
is risky.



One alternative is to employ a dedicated file server system. From Dell's
site I was able to configure such a machine with 4 hot-swapable 500Gb
drives, RAID-5, and a 70 Gb Tape backup and 7 tapes for under $4k. This
would address their data security, however, since this would make the tenth
machine on the network, there would be no room for growth. Also, they will
still be running in a workgroup environment, with all the attendant security
and performance implications.



A similar but lower cost solution would be to setup a low-cost desktop
system with Windows 2003, a Gigabyte of memory, and a pair of large drives,
and configure them in software for mirroring. The machine would NOT be set
up as a domain controller, just as a stand-alone server on the workgroup,
and would just work as a file server. If possible, a USB drive (or two)
should be used for backups. Worst case, if the server failed one or both of
the drives could be physically moved to another machine for file access.
Again, not an ideal solution, but better than nothing if it's all finances
can support.



I would recommend that the long-term plan should entail a server-class
machine configured as a domain server, and this can be budgeted into future
fund raisers.



They should also consider replacing the machine with two network cards with
a VNET (details to follow) for communication between the two physical
networks.



Sound reasonable? Suggestions? Comments?

In news:(E-Mail Removed),
Joe Befumo <(E-Mail Removed)> typed:
> Here's what I'm thinking of recommending to them:
>
>
>
> I think the first phase for this client is to get all their machines
> up to Windows XP Professional with the latest service packs & see if
> we can't at least get them stable.

That's a good plan.

> If their router has a built-in
> firewall, I'll enable it & make sure it's configured properly for
> their needs. They have one machine dedicated to serving an audio
> stream to their web provider to provide their online streaming audio
> service, so I suspect that might be an area to watch, but I don't
> believe they use anything else other than their web browsers. If
> finances allow, they should replace the existing 8-port router +
> 4-port switch with a single 16-port router with a built-in firewall
> (I'm thinking maybe Linksys, which is what their current 8-port unit
> is.)

Personally, I'm not a huge Linksys fan; and most consumer-grade firewall
appliances aren't very much protection - could they maybe swing for a baby
Sonicwall or something?
>
>
>
> I'll might suggest that they address their data security needs
> procedurally -- maybe a round-robin system of shared folders across
> all the machines, with each backing up "My Documents" to its
> designated backup machine

That sounds pretty oogly and I suspect it will become a management
nightmare.

> -- I'm guessing I should be able to set up
> some kind of batch file and have it fire automatically in the middle
> of the night. Not perfect, but better than nothing for now. Thoughts?

If you want to leave the data on their local workstations, what about
getting each of them a cheapo USB hard drive (you can make your own, you
know....the cases are about $30, and then whatever hard drive size you
want), and setting them each up with a scheduled backup nightly using
NTBackup or a batch file (I use robocopy from the resource kit - works
well).
>
>
>
> Then we can look at where they want to go next. While a Windows 2003
> or SBS2003 Domain would give them better performance, security, and a
> growth path, introducing a single point of failure without a
> server-class machine is risky.

Yepper.
>
>
>
> One alternative is to employ a dedicated file server system. From
> Dell's site I was able to configure such a machine with 4
> hot-swapable 500Gb drives, RAID-5, and a 70 Gb Tape backup and 7
> tapes for under $4k. This would address their data security, however,
> since this would make the tenth machine on the network, there would
> be no room for growth.

Well....no, because if you use a Windows server OS, it doesn't have the
10-connection limit. But you will need CALs for each user/device who
accesses it.

> Also, they will still be running in a
> workgroup environment, with all the attendant security and
> performance implications.
>
>
> A similar but lower cost solution would be to setup a low-cost desktop
> system with Windows 2003, a Gigabyte of memory, and a pair of large
> drives, and configure them in software for mirroring.

<gak> well, you could, but I am not a fan of software RAID/mirroring.

> The machine
> would NOT be set up as a domain controller, just as a stand-alone
> server on the workgroup, and would just work as a file server.

But you'd need CALs for it too, remember....

> If
> possible, a USB drive (or two) should be used for backups.

That can work.

> Worst
> case, if the server failed one or both of the drives could be
> physically moved to another machine for file access. Again, not an
> ideal solution, but better than nothing if it's all finances can
> support.
>
>
> I would recommend that the long-term plan should entail a server-class
> machine configured as a domain server, and this can be budgeted into
> future fund raisers.

Excellent.
>
>
>
> They should also consider replacing the machine with two network
> cards with a VNET (details to follow) for communication between the
> two physical networks.
>
>
>
> Sound reasonable? Suggestions? Comments?

Did you take a look at the Dell NAS boxes? Running Windows storage server?
This is something that could certainly be integrated into a domain later on,
you know.

Hi, and thanks again.

With your able help I think I'll be able to help these folks. The advice is
very much appreciated. (And yes, I did look into the Dell storage servers &
will incorporate that into my final report.)

Joe



"Lanwench [MVP - Exchange]"
<(E-Mail Removed) ahoo.com> wrote in message
news:OWIa6OE%(E-Mail Removed)...
> In news:(E-Mail Removed),
> Joe Befumo <(E-Mail Removed)> typed:
>> Here's what I'm thinking of recommending to them:
>>
>>
>>
>> I think the first phase for this client is to get all their machines
>> up to Windows XP Professional with the latest service packs & see if
>> we can't at least get them stable.
>
> That's a good plan.
>
>> If their router has a built-in
>> firewall, I'll enable it & make sure it's configured properly for
>> their needs. They have one machine dedicated to serving an audio
>> stream to their web provider to provide their online streaming audio
>> service, so I suspect that might be an area to watch, but I don't
>> believe they use anything else other than their web browsers. If
>> finances allow, they should replace the existing 8-port router +
>> 4-port switch with a single 16-port router with a built-in firewall
>> (I'm thinking maybe Linksys, which is what their current 8-port unit
>> is.)
>
> Personally, I'm not a huge Linksys fan; and most consumer-grade firewall
> appliances aren't very much protection - could they maybe swing for a baby
> Sonicwall or something?
>>
>>
>>
>> I'll might suggest that they address their data security needs
>> procedurally -- maybe a round-robin system of shared folders across
>> all the machines, with each backing up "My Documents" to its
>> designated backup machine
>
> That sounds pretty oogly and I suspect it will become a management
> nightmare.
>
>> -- I'm guessing I should be able to set up
>> some kind of batch file and have it fire automatically in the middle
>> of the night. Not perfect, but better than nothing for now. Thoughts?
>
> If you want to leave the data on their local workstations, what about
> getting each of them a cheapo USB hard drive (you can make your own, you
> know....the cases are about $30, and then whatever hard drive size you
> want), and setting them each up with a scheduled backup nightly using
> NTBackup or a batch file (I use robocopy from the resource kit - works
> well).
>>
>>
>>
>> Then we can look at where they want to go next. While a Windows 2003
>> or SBS2003 Domain would give them better performance, security, and a
>> growth path, introducing a single point of failure without a
>> server-class machine is risky.
>
> Yepper.
>>
>>
>>
>> One alternative is to employ a dedicated file server system. From
>> Dell's site I was able to configure such a machine with 4
>> hot-swapable 500Gb drives, RAID-5, and a 70 Gb Tape backup and 7
>> tapes for under $4k. This would address their data security, however,
>> since this would make the tenth machine on the network, there would
>> be no room for growth.
>
> Well....no, because if you use a Windows server OS, it doesn't have the
> 10-connection limit. But you will need CALs for each user/device who
> accesses it.
>
>> Also, they will still be running in a
>> workgroup environment, with all the attendant security and
>> performance implications.
>>
>>
>> A similar but lower cost solution would be to setup a low-cost desktop
>> system with Windows 2003, a Gigabyte of memory, and a pair of large
>> drives, and configure them in software for mirroring.
>
> <gak> well, you could, but I am not a fan of software RAID/mirroring.
>
>> The machine
>> would NOT be set up as a domain controller, just as a stand-alone
>> server on the workgroup, and would just work as a file server.
>
> But you'd need CALs for it too, remember....
>
>> If
>> possible, a USB drive (or two) should be used for backups.
>
> That can work.
>
>> Worst
>> case, if the server failed one or both of the drives could be
>> physically moved to another machine for file access. Again, not an
>> ideal solution, but better than nothing if it's all finances can
>> support.
>>
>>
>> I would recommend that the long-term plan should entail a server-class
>> machine configured as a domain server, and this can be budgeted into
>> future fund raisers.
>
> Excellent.
>>
>>
>>
>> They should also consider replacing the machine with two network
>> cards with a VNET (details to follow) for communication between the
>> two physical networks.
>>
>>
>>
>> Sound reasonable? Suggestions? Comments?
>
> Did you take a look at the Dell NAS boxes? Running Windows storage server?
> This is something that could certainly be integrated into a domain later
> on, you know.
>
>
>