Recommended Network Operating System
A network operating system is designed specifically to support a network. Windows Server 2008 Enterprise Edition network operating system will be appropriate for Ocper, Inc because it typically resides on a server and is designed specifically to support networks of all sizes including medium to large sized businesses and web servers. Shelly & Vermaat (2011) say that Windows Server 2008 system performs the same type of functions for the network as operating system software performs for a computer, such as memory and task management, and coordination of hardware. The Enterprise Edition provides Microsoft Meta- directory Services to facilitate multiple directory services to track and manage access to such resources as user account and shared folders.
The Windows Server 2008 Enterprise Edition is the most suitable network operating system for Ocper, Inc because it offers capabilities of improved web server management, enabling users to share data and enhanced server security (Shelly & Vermaat, 2011). The network operating system offers network access protection function that restricts computers that do not meet specified requirements, provides protection against malicious software attacks, and provides client support using windows, Mac OS, Unix, and Linux.
As a network operating system, Windows Server 2008 Enterprise Edition provides basic services leveraged by users in sharing and storage of data in the network. At Ocper Inc, the Windows Server 2008 Enterprise Edition, manages organizations Active Directory so as to provide centralized log on authentication and has the ability to have unlimited numbers of users remotely access a server (Palmer, 2010).
How to Incorporate the New Servers into the Environment
Ocper Inc can add four new servers to the network as the company expands to a multiple-server environment. Incorporation of four servers in the environment will allow management to offset common tasks, such as file sharing, to a dedicated environment. The most appropriate approach is for Ocper Inc to design network infrastructure so that multiple servers are incorporated in the network yet appear to users and applications as a single computing resource. Ciampa (2008) says that the company can achieve this through using a server cluster. A server cluster is a combination of two or more servers that are interconnected to appear as one.
To incorporate new servers, the network manager should utilize the Server Management tool available in Windows Server 2008. The server set up wizard from the server management tool offers easy and appropriate ways of adding new servers to a network environment. When adding new servers, the wizard should be followed. The network administrator should ensure that a static IP address and subnet masks are set aside and assigned for new servers (Palmer, 2010). DHCP addresses should also be assigned if the system prompts.
Incorporating a symmetric cluster ensures that "every server in the cluster performs its useful work" assigned by the network administrator. Ciampa (2008) says that through this arrangement, if one file "server fails, the remaining servers continue to perform their normal work as well as that of the failed server". Symmetric cluster are more cost-effective for Ocper Inc because they take advantage of the entire server and none sit idle if servers are not powerful enough in the event of a fail (Ciampa, 2008).
A symmetric cluster is a feature that is installed through server manager. After the feature is installed, the Network Load Balancing manager tool is available from administrative tools menu and as an MMC snap-in (Palmer, 2010).The symmetric cluster works particularly well for VPN servers that offer applications. Symmetric cluster is highly reliable, and it is relatively easy to add servers with server manager to scale up the network environment.
Four servers will use the same virtual network adapter. This will address all changes such that when a client wants to use an application on one of clustered servers, the request goes to the virtual network adapter, which sends that request to the appropriate server to retrieve the required data (Palmer, 2010).
The Best Option for VPN Access to Remotely Access the Ocper, Inc. Network
A remote site firewall option is the best choice for VPN access for employees to remotely access the Ocper, Inc network. This is because it allows one to provide secure remote access VPN solutions along with the added security of a firewall. Employees then can make a secure VPN connection into the Ocper, Inc corporate office. Dubrawsky & Grey (2003) note that apart from providing connection-state enforcement and detailed filtering for sessions that are initiated through the firewall, the firewall also provides secure IPSec connectivity between the firewall device itself and the VPN-enabled head-end device. The site-to-site IPSec VPN enables employees that are located on the remote site network to access Ocper, Inc network resources without the need of individual VPN software clients (Dubrawsky & Grey, 2003).
Control of access to corporate network and the Internet is performed within the configuration of both: the remote-site firewall and the VPN head-end device at Ocper, Inc corporate headquarters. Dubrawsky & Grey (2003) say that this mechanism is transparent for remote-site users, and after these devices authenticate and the LAN-to-LAN VPN is established, employees do not need to perform any form of user authentication to access corporate network.
The advantage of using remote-site firewall VPN is that it can be administered either locally, if the skills are present and security policy permits, or more likely, remotely through the use of a dedicated IPSec VPN (Dubrawsky & Grey, 2003). This VPON connection terminates directly onto public interface of firewall and then back to the Ocper, Inc. corporate headquarters and permits a centralized control of the remote firewall (Dubrawsky & Grey, 2003). The VPN connection also ensures that remote users are unable to alter remote site firewall’s configuration. The remote site firewall option supports the configuration of intrusion detection system (IDS), which provides another layer of security.