For This Assignment Assume You Have Been Hired By Kris Corpo

For This Assignment Assume You Have Been Hired By Kris Corporation As

For this assignment, assume you have been hired by Kris Corporation as an Information Technology consultant. Kris Corporation manufactures parts for the automotive industry. Your job is to submit a proposal that meets their criteria (listed below) based on information provided. You may fill in any gaps in the specifications provided by making assumptions. All assumptions should be clearly identified.

Current Implementation and Concerns: Parent domain (kris.local) and child domain (corp.kris.local) for the organization’s Active Directory (AD) infrastructure are running on Server 2008. The following are concerns related to AD: (1) Kris Corporation is concerned about running multiple domains, and (2) automobile manufacturers are asking Kris Corporation to use a single identity to procure orders in real time. The company has five locations in Atlanta (GA), Baltimore (MD), Chicago (IL), Seattle (WA), and San Diego (CA). The manufacturing plants are in Atlanta and Seattle. Disaster recovery is a big concern.

Physical space for servers is an issue at the Atlanta location. Most of the IT staff is in Atlanta, which is the company’s headquarters, but other locations have significant IT personnel as well. Business personnel are similarly distributed across the company’s locations. Since all locations are independently connected to the Internet, file sharing is difficult among sites. Your document should integrate the content presented in the course.

The outline below provides required points to cover. You are free to add other related information. Describe the technical and business reasons for each choice, citing other resources as appropriate. The Windows Server 2012 operating system should be used for all aspects of the solution. Each choice should be explained with technical and business reasoning.

Solutions should be reasonably detailed. Your solution should cover the following five numbered areas and associated bulleted items listed under each:

Active Directory

  • Why and how should the company migrate to 2012 Active Directory?
  • Should the company remain at a multi-domain model or migrate to a single domain? What technology can provide single sign-on?
  • How will it be configured?

DNS

  • Where should DNS servers reside?
  • What kind of DNS security can the DNS servers leverage?

DHCP

  • Will a form of DHCP fault tolerance be implemented?
  • How can DHCP addresses be tracked?

Hyper-V

  • Evaluate the pros and cons of implanting Hyper-V.
  • Would it need clustering?
  • What features of Hyper-V can Kris Corporation leverage?

Routing/Security

  • How can Kris Corporation improve its networking capabilities in terms of file sharing and security?

Submission Requirements

The final submission should provide 8-10 pages worth of text written by the student (not counting title page, images, diagrams, tables, or quotations). With the required diagram and other images, title page, etc., the final submission may end up being more than 10 pages in length. Document formatting and citations should conform to the APA requirements. Support your proposed solution by citing and integrating at least one credible source that is not LabSim and not Wikipedia. Recommended is a best practice guide or reference from Microsoft or an experienced provider of Microsoft solutions. At least one diagram must be included (not counted toward the minimum length described above). You may include more.

Paper For Above instruction

Introduction

As a newly hired IT consultant for Kris Corporation, a manufacturer in the automotive parts industry, the primary goal is to modernize and optimize the company’s IT infrastructure. This entails upgrading from Windows Server 2008, which hosts the current Active Directory (AD) environment, to Windows Server 2012, and re-evaluating key network and security components to ensure scalability, disaster recovery, and seamless operations across multiple geographically dispersed locations. This paper presents a comprehensive proposal covering Active Directory migration, DNS and DHCP configurations, virtualization strategies using Hyper-V, and improved routing and security protocols, with sound technical and business justifications.

Active Directory Migration and Configuration

The current AD setup comprises a parent domain (kris.local) and a child domain (corp.kris.local), primarily on Windows Server 2008. Upgrading to Windows Server 2012 is imperative to leverage enhanced features such as improved replication, domain functional level support, and integrated Single Sign-On (SSO) capabilities (Microsoft, 2012). Migration from Server 2008 to 2012 can be achieved via in-place upgrades or by deploying new domain controllers with 2012, then transferring the FSMO roles and decommissioning the old servers.

The company must decide whether maintaining a multi-domain environment aligns with their operational needs. Generally, consolidating to a single domain simplifies management and enhances the user experience by providing seamless access across sites via SSO. Technologies such as Active Directory Federation Services (ADFS) or Azure Active Directory (Azure AD) can facilitate SSO and real-time procurement in automotive manufacturing, enabling users to access multiple systems with a single credential (Microsoft, 2013). Thus, migrating to a single domain with integrated SSO is recommended, providing centralized management, easier disaster recovery, and improved security.

Proper configuration involves setting up domain controllers in each location, utilizing Read-Only Domain Controllers (RODCs) where physical space constraints exist, especially at Atlanta. Group Policy Management will control configurations, and trust relationships can be configured if multi-domain remains necessary temporarily during transition. Domain functional level should be set to Windows Server 2012 to utilize advanced features like Recycle Bin and fine-grained password policies.

DNS Strategy and Security

DNS servers should ideally reside with the domain controllers to ensure tight integration and high availability. Placing DNS servers at each site ensures quicker resolution and resilience against regional outages. Securing DNS involves implementing DNSSEC (DNS Security Extensions) to prevent cache poisoning, along with secure dynamic updates and access controls through Active Directory-integrated zones (Microsoft, 2012). This setup enhances the integrity and security of name resolution, vital for enterprise-wide operations.

DHCP Configuration and Fault Tolerance

Implementing DHCP fault tolerance is critical for uninterrupted IP address assignment. Windows Server 2012 supports DHCP failover clustering, which allows multiple DHCP servers to synchronize scope data, providing redundancy and load balancing (Microsoft, 2014). By configuring DHCP failover, Kris Corporation can ensure continuous network services even if a server fails. Tracking DHCP leases can be achieved through DHCP management consoles, enabling administrators to monitor DHCP usage patterns and troubleshoot efficiently.

Hyper-V Virtualization

Deploying Hyper-V offers significant benefits such as consolidating servers, reducing physical space requirements, and enhancing disaster recovery through snapshot and replication features. The primary advantage is improved resource utilization and easier management of virtualized environments. However, Hyper-V may necessitate clustering to ensure high availability for critical workloads and to enable live migration, minimizing downtime during maintenance or failures (Microsoft, 2012a).

Hyper-V features such as Virtual Machine Manager, live migration, storage migration, and Checkpoints can be leveraged for efficient management and recovery. These capabilities align well with Kris Corporation’s need for disaster recovery and scalable infrastructure, supporting flexible resource allocation across the five sites.

Routing and Security Improvements

Enhancing networking capabilities involves deploying routed VPNs or MPLS connections among sites to facilitate secure file sharing and centralized management. Implementing strong access control through firewalls, VPNs, and encryption protocols like IPsec ensures data confidentiality. Incorporating Network Access Control (NAC) can restrict device access based on compliance checks, further securing the network environment (Cisco, 2017).

Implementing centralized logging, intrusion detection systems (IDS), and regular vulnerability assessments improves the security posture. Segmentation of the network into VLANs can isolate sensitive manufacturing data from administrative networks, reducing potential attack surfaces.

Conclusion

Upgrading the infrastructure to Windows Server 2012, consolidating Active Directory domains, optimizing DNS and DHCP deployment, leveraging Hyper-V virtualization, and enhancing network security will provide Kris Corporation with a scalable, resilient, and manageable IT environment. These improvements align well with the company's geographical distribution, operational needs, and disaster recovery priorities, ultimately supporting their business growth and agility in a competitive automotive market.

References

  • Microsoft. (2012). Active Directory Domain Services Step-by-step Guide. Microsoft Docs. https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/getting-started/active-directory-domain-services-overview
  • Microsoft. (2013). Deploying Active Directory Federation Services (ADFS). Microsoft Docs. https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/deploy/deploying-ad-fs
  • Microsoft. (2012a). Hyper-V Overview. Microsoft Docs. https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/quick-start/overview
  • Microsoft. (2014). DHCP Failover. Microsoft Docs. https://docs.microsoft.com/en-us/windows-server/networking/technologies/dhcp/dhcp-failover
  • Cisco Systems. (2017). Network Security Best Practices. Cisco Security Solutions. https://www.cisco.com/c/en/us/solutions/enterprise/design-zone/security.html
  • Microsoft. (2012). Installing and Configuring Windows Server 2012 Hyper-V. Microsoft Docs. https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/quick-start/installing-hyper-v
  • Microsoft. (2012). DNS Security Extensions (DNSSEC). Microsoft TechNet. https://technet.microsoft.com/en-us/library/hh831448.aspx
  • Microsoft. (2012). Active Directory Backup and Recovery. Microsoft Docs. https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/manage/back-up-and-recovery
  • Cisco Systems. (2017). Implementing VLANs and Network Segmentation. Cisco Prime Infrastructure. https://www.cisco.com/c/en/us/solutions/enterprise-networks/vlan.html
  • Smith, J. (2020). Modern Data Center Design. TechReview Journal, 15(3), 45-53.

Related Assignments