For Everyone
Simply stated, any well-built network should offer the following at a minimum:
-
Business critical data is protected from all likely failures. This means that in a worst-case scenario like a complete site failure, the recovery time will be based more on finding an alternate site and getting compensation from your insurance company than it will on any network-related issue. Once you’ve ordered replacement computers and equipment, you should be able to boot the new server, restore from the most recent backup tape, and then boot the individual PC’s and find yourself exactly where you were the day before the site failure, down to users’ desktop preferences and a record of the last e-mail sent.
-
Users are no longer dependent on their individual workstation to accomplish their job. If their PC dies, replacement should be as simple as booting the replacement PC and having it configure itself automatically. If a user decides to use a different desk for a day, the network should make all of her applications available (including e-mail and word-processing documents), and should go so far as to install applications that aren’t already available on the replacement machine. Naturally, for licensing reasons, the installed software should be uninstalled as soon as another user logs in.
-
The addition of new users or new hardware is simple, and the network is built to allow for unanticipated expansion. Simple designs tend to have the least flaws, and the network is designed to retain its simplicity as your business grows.
-
Internet access is provided, but users are protected from malicious software. Likewise, should a machine inside your network become infected, the internet at large should be protected from your network.
-
You may offer services to the Internet at large, but your local network is protected from your Internet servers on the off chance they they become controlled by another party. Even the best systems eventually become vulnerable to a new exploit; isolation of publicly available servers is mandatory.
-
Communications between sites are seamless, and all traffic passed over outside networks is encrypted transparently.
This is a standard that most companies rarely reach, but it is one that’s very achievable (and surprisingly affordable) using today’s technology. Windows networks can achieve this standard if the network designer makes use of the tools that come standard with Windows Servers. Linux (and all Unix) networks can achieve this standard using tools that are well-tested and mature.
While all the goals listed above are laudable, a network design that can deliver on those features offers other benefits:
-
Reliability. Removing the complexity from your network makes problems less likely to occur, and makes them faster to diagnose and correct when they appear. If something corrupts the operating system on a workstation, it is significantly faster to reinstall the workstation from a standard image than to diagnose some obscure Windows Registry problem.
-
Flexibility. When your main client informs you that you need to set up VPN software on three of your workstations in order to access their systems, it should be an easy addition. If you decide to open another office, you should be able to securely tie it together with your main office using inexpensive Internet connections in each office, via VPN technology. If you need to deploy new software to each machine, you can configure it to happen automatically the first time they use the software, rather than spending the time to visit each workstation individually.
-
Productivity. Users can now spend more time working, instead of responding to problems with their workstations, or (worse) trying to diagnose and correct problems. Rebooting multiple times per day is something that should never happen.
-
Reduced costs. Less problems translates directly into less time paid to experts to fix problems. I have seen clients go from requiring 10-12 hours of my time per month to going months between calls after implementing a good network design.
If you have a network that does not meet this standard, you should think carefully before making your next set of upgrades. Are the upgrades you are about to implement going to move you in this direction, or are they another layer of complexity you are piling on an aging network that was never designed to deal with the amount of complexity you’ve already implemented? Eventually, it becomes cost effective to replace an inadequate system with one that is designed to take a greater load, and is built so that it can be expanded easily. It might be time for a well-built network.