Re: Moving peer-peer to client/server?

In news:12junmetcbcob62@xxxxxxxxxxxxxxxxxx,
Joe Befumo <joe@xxxxxxxxxx> typed:
Here's what I'm thinking of recommending to them:



I think the first phase for this client is to get all their machines
up to Windows XP Professional with the latest service packs & see if
we can't at least get them stable.

That's a good plan.

If their router has a built-in
firewall, I'll enable it & make sure it's configured properly for
their needs. They have one machine dedicated to serving an audio
stream to their web provider to provide their online streaming audio
service, so I suspect that might be an area to watch, but I don't
believe they use anything else other than their web browsers. If
finances allow, they should replace the existing 8-port router +
4-port switch with a single 16-port router with a built-in firewall
(I'm thinking maybe Linksys, which is what their current 8-port unit
is.)

Personally, I'm not a huge Linksys fan; and most consumer-grade firewall
appliances aren't very much protection - could they maybe swing for a baby
Sonicwall or something?



I'll might suggest that they address their data security needs
procedurally -- maybe a round-robin system of shared folders across
all the machines, with each backing up "My Documents" to its
designated backup machine

That sounds pretty oogly and I suspect it will become a management
nightmare.

-- I'm guessing I should be able to set up
some kind of batch file and have it fire automatically in the middle
of the night. Not perfect, but better than nothing for now. Thoughts?

If you want to leave the data on their local workstations, what about
getting each of them a cheapo USB hard drive (you can make your own, you
know....the cases are about $30, and then whatever hard drive size you
want), and setting them each up with a scheduled backup nightly using
NTBackup or a batch file (I use robocopy from the resource kit - works
well).



Then we can look at where they want to go next. While a Windows 2003
or SBS2003 Domain would give them better performance, security, and a
growth path, introducing a single point of failure without a
server-class machine is risky.

Yepper.



One alternative is to employ a dedicated file server system. From
Dell's site I was able to configure such a machine with 4
hot-swapable 500Gb drives, RAID-5, and a 70 Gb Tape backup and 7
tapes for under $4k. This would address their data security, however,
since this would make the tenth machine on the network, there would
be no room for growth.

Well....no, because if you use a Windows server OS, it doesn't have the
10-connection limit. But you will need CALs for each user/device who
accesses it.

Also, they will still be running in a
workgroup environment, with all the attendant security and
performance implications.


A similar but lower cost solution would be to setup a low-cost desktop
system with Windows 2003, a Gigabyte of memory, and a pair of large
drives, and configure them in software for mirroring.

<gak> well, you could, but I am not a fan of software RAID/mirroring.

The machine
would NOT be set up as a domain controller, just as a stand-alone
server on the workgroup, and would just work as a file server.

But you'd need CALs for it too, remember....

If
possible, a USB drive (or two) should be used for backups.

That can work.

Worst
case, if the server failed one or both of the drives could be
physically moved to another machine for file access. Again, not an
ideal solution, but better than nothing if it's all finances can
support.


I would recommend that the long-term plan should entail a server-class
machine configured as a domain server, and this can be budgeted into
future fund raisers.

Excellent.



They should also consider replacing the machine with two network
cards with a VNET (details to follow) for communication between the
two physical networks.



Sound reasonable? Suggestions? Comments?

Did you take a look at the Dell NAS boxes? Running Windows storage server?
This is something that could certainly be integrated into a domain later on,
you know.



.

Relevant Pages

  • SecurityFocus Microsoft Newsletter #154
    ... MICROSOFT VULNERABILITY SUMMARY ... ISS RealSecure Server Sensor SSL Denial Of Service Vulnerabi... ... Roger Wilco Remote Server Side Buffer Overrun Vulnerability ... available for Microsoft Windows operating systems. ...
    (Focus-Microsoft)
  • Re: Space running out
    ... Mobo controller RAID, Windows SW ... Here is the drill on freeing up space on C drives. ... How to move Exchange databases and logs in Exchange Server 2003 ... How to Move Small Business Server 2000 Company and Users Shared Folders ...
    (microsoft.public.windows.server.sbs)
  • Software raid problem
    ... Server A is a primary node and Server B is a secondary node. ... running Windows 2003 and are clustered. ... healthy signs on both drives. ... the Windows Disk Management, it couldn't identify the new drive which was ...
    (microsoft.public.windows.server.clustering)
  • SecurityFocus Microsoft Newsletter #49
    ... Subject: SecurityFocus Microsoft Newsletter #49 ... Microsoft Windows NNTP Denial of Service Vulnerability ... Microsoft IIS SSI Buffer Overrun Privelege Elevation Vulnerability ... Microsoft ISA Server H.323 Memory Leak Denial of Service... ...
    (Focus-Microsoft)
  • Re: BSOD
    ... I've had tape drives do this to me ... incident on a server so these things don't always stick in your head. ... > indeed possible that these are corrupt, ... > I think you should first try an in-place upgrade reinstall of Windows ...
    (microsoft.public.win2000.general)
Loading