You Have Been Hired By Fixing Windows LLC To Develop A Tech ✓ Solved

Posted on December 14, 2025

You have been hired by Fixing Windows LLC to develop a techn

You have been hired by Fixing Windows LLC to develop a technology proposal for a three-site company (Los Angeles, Dallas, Houston). Current constraints: main staff at Dallas and Houston; data security is priority; Los Angeles sales need secure remote access to Houston; WAN bandwidth is adequate. Use Windows Server 2016 for all aspects. Cover DNS and DHCP: implement DHCP installation and authorization, scope design (lease times, number of scopes, address range), DHCP fault tolerance, DHCP reservations for servers, IPAM usage, IPv6 utilization, DNS implementation and security, DNS for second and third site, namespace, types of zones. Cover File Services, DFS, and BranchCache: securing shares, quotas, FSRM, DFS implementation. Cover Remote Services and NPS: technology for secure remote access and who should have access. Also discuss high performance network solutions and Software-Defined Networking (SDN). State any assumptions. Provide technical and business reasons for choices and cite resources.

Paper For Above Instructions

Executive Summary

This proposal defines a Windows Server 2016–based design for Fixing Windows LLC across three sites (Dallas, Houston, Los Angeles). It prioritizes data security for intellectual property, provides secure remote access for Los Angeles sales to Houston resources, and ensures scalable, high-performance networking as the company grows. The design covers DHCP/DNS (with IPAM and IPv6), File Services including DFS and BranchCache, Remote Access with NPS, and recommendations for high-performance networking and Software-Defined Networking (SDN). Technical choices are justified by business needs for security, availability, and scalability.

Assumptions

All sites have reliable WAN connectivity and ample bandwidth as stated.
Active Directory Domain Services (AD DS) will be deployed on Windows Server 2016 domain controllers in Dallas and Houston.
Public DNS-registered domain is available (example: fixingwindows.com).
Hardware supports 10GbE at datacenter sites; edge sites at least 1GbE.
LA users require remote access to Houston resources only; administrative access limited to IT staff.

DNS and DHCP Design (Windows Server 2016)

DHCP Installation & Authorization: DHCP servers will be Windows Server 2016 and installed on member servers in Dallas and Houston and authorized in AD DS to prevent rogue servers [1]. Authorize DHCP servers through Server Manager or PowerShell, and keep server roles on dedicated virtual machines for manageability.

DHCP Scope Design: Create separate scopes per site and per VLAN/subnet (e.g., Management, Servers, Workstations). Lease times: default 8–24 hours for workstations; longer for stable devices (24–168 hours). Address ranges sized to current needs plus growth (e.g., 10% annual growth planning). Use exclusion ranges for static server and network device addresses.

DHCP Fault Tolerance: Implement DHCP Failover in Windows Server 2016 using load-balanced or hot-standby modes between Dallas and Houston DHCP servers for critical scopes to ensure continuity [1]. For LA, configure local DHCP server in standby or use split-scope (80/20) that pairs with failover for resilience.

Reservations: Reserve IPs for servers, printers, and network appliances via DHCP reservations to centralize address tracking while keeping server interfaces static in DNS and management systems.

IPAM Usage: Deploy IP Address Management (IPAM) on Server 2016 to centralize DHCP/DNS inventory, auditing, and provisioning. IPAM helps automate scope reporting, discover unmanaged servers, and enforces address planning policies [3].

IPv6 Utilization: Design dual-stack addressing. Use ULA (Unique Local Addresses) for internal IPv6 segments and global unicast if public IPv6 is required. Use DHCPv6 for managed address assignment and prefix delegation where necessary, but rely on SLAAC where acceptable for clients; register IPv6 records in DNS for forward/reverse lookup consistency and future-proofing [9].

DNS Implementation and Security: Use Active Directory–integrated DNS zones stored within AD for secure replication and easy management. Implement primary namespace as corp.fixingwindows.com (subdomain of the registered public domain) to avoid split-brain issues. Use secure dynamic updates and RBAC for DNS administration. Enable DNSSEC for authoritative records where external resolution trust is required and implement DNS policy/response rate limiting and monitoring to mitigate DNS-based attacks [2][8].

DNS for Second and Third Sites: Deploy read-write AD-integrated DNS servers at Dallas and Houston and read-only (or read-write) DNS server at LA as appropriate. Use AD replication for zone data and, where latency is a concern, configure secondary zones or conditional forwarders between sites to control resolution paths. Use stub zones to minimize administrative overhead for resolving internal names across sites.

Zone Types: Use AD-integrated primary zones for internal authoritative zones, stub zones where only name server info is required, and standard forwarders to upstream resolvers for external DNS queries. Implement reverse PTR zones for each subnet.

File Services, DFS, and BranchCache

File share security: Host file shares on Windows Server 2016 file servers using NTFS permissions combined with share permissions, following the principle of least privilege and role-based access. Use Active Directory groups for permission assignment, and enable SMB encryption for sensitive shares in transit [4].

Quotas and FSRM: Implement File Server Resource Manager (FSRM) to enforce quotas, file screening, and storage reports on project and user folders to control storage growth and enforce IP protection policies [4]. Quotas help cost-control and intellectual property governance.

DFS Implementation: Deploy DFS Namespaces to present a unified namespace (\\corp\projects) and use DFS Replication (DFS-R) to synchronize critical content between Dallas and Houston. Keep primary authoritative copies in Houston for R&D/patent data and leverage read-only replicas for LA. DFS simplifies user experience and supports load distribution [4].

BranchCache: Use hosted cache mode in Houston to accelerate LA access to commonly used files and reduce WAN usage. BranchCache caches content at the branch (LA) and at a hosted cache server (Houston), providing faster access for sales personnel and reducing repeated WAN transfers [5].

Remote Services and Network Policy Server (NPS)

Secure Remote Access Technology: Use a site-to-site VPN for persistent secure intersite connectivity (already present) and implement user remote access via a centralized Remote Access solution: DirectAccess is available in Server 2016 but for remote sales staff who may be outside corporate networks, deploy SSTP or IKEv2 VPN services through Windows Server Remote Access role (VPN) with certificate-based authentication. Integrate NPS as the RADIUS server to apply granular connection policies and MFA where feasible (e.g., integrate with Azure MFA or a third-party MFA) [6].

Who Should Have Remote Access: Grant remote access to LA sales personnel requiring access to Houston systems, and to authorized administrators. Use AD group membership to control NPS policies, enforce conditional access by device compliance, and log all sessions for audit.

High Performance Network Solutions

To support growth and high throughput for manufacturing and R&D data, recommend: NIC teaming and multichannel SMB (SMB 3.0) for file servers, RDMA-enabled NICs for low-latency storage clusters, 10GbE uplinks between Dallas and Houston, VLAN segmentation for traffic isolation, and QoS to prioritize management and replication traffic. These measures provide measurable performance and reliability improvements for business-critical workflows [10].

Software-Defined Networking (SDN)

Evaluate Windows Server 2016 SDN components: Network Controller, Software Load Balancer, and Network Virtualization to enable policy-driven network automation and segmentation. SDN can simplify multi-tenant or multi-department isolation and make network changes programmatically, supporting rapid business growth and operational agility [7]. Start with pilot deployment for virtualized workloads; expand as operational maturity increases.

Implementation Roadmap & Business Justification

Phase 1: Deploy AD DS and DNS/DHCP with IPAM in Dallas and Houston; configure DHCP failover and AD-integrated DNS zones. Phase 2: Implement DFS replication, FSRM quotas, and BranchCache hosted cache in Houston. Phase 3: Deploy Remote Access VPN with NPS and MFA integration. Phase 4: Implement high-performance networking upgrades and pilot SDN. Each phase balances cost, risk, and business value: protecting IP via secured AD-integrated DNS and centralized file control reduces leakage risk; DHCP/IPAM reduces administrative errors; BranchCache and DFS reduce WAN costs; SDN and NIC-level enhancements increase throughput and scale.

Network Diagram: A detailed logical network diagram should be produced showing AD/DCs, DHCP/DNS servers, file servers, DFS replication topology, BranchCache hosted cache, VPN concentrator, and WAN links (Dallas-Houston primary, LA peering). (Diagram placeholder: Figure 1)

Conclusion

This Windows Server 2016–centric design provides a secure, scalable, and high-performance network for Fixing Windows LLC, protecting IP while enabling LA sales secure access to Houston resources and allowing rapid growth. The plan uses Windows-native services (DHCP failover, AD-integrated DNS, IPAM, DFS, FSRM, BranchCache, NPS, and SDN components) to minimize operational complexity and integrate security and manageability across sites.

References

[1] Microsoft. "DHCP Server Role in Windows Server 2016." Microsoft Docs. https://docs.microsoft.com/windows-server/networking/technologies/dhcp/dhcp-top
[2] Microsoft. "DNS Server Overview for Windows Server 2016." Microsoft Docs. https://docs.microsoft.com/windows-server/networking/dns/dns-top
[3] Microsoft. "IP Address Management (IPAM) Overview." Microsoft Docs. https://docs.microsoft.com/windows-server/networking/ipam/ipam-overview
[4] Microsoft. "File Server and DFS in Windows Server 2016." Microsoft Docs. https://docs.microsoft.com/windows-server/storage/file-server/file-server-overview
[5] Microsoft. "BranchCache Overview." Microsoft Docs. https://docs.microsoft.com/windows-server/storage/branchcache/branchcache-overview
[6] Microsoft. "Network Policy Server Overview." Microsoft Docs. https://docs.microsoft.com/windows-server/networking/technologies/nps/nps-top
[7] Microsoft. "Software-Defined Networking on Windows Server 2016." Microsoft Docs. https://docs.microsoft.com/windows-server/networking/sdn/sdn-overview
[8] Microsoft. "How to Secure DNS Server." Microsoft Security Guidance. https://docs.microsoft.com/windows-server/security/dns-security
[9] R. Hinden, S. Deering. "Internet Protocol, Version 6 (IPv6) Specification." RFC 8200. https://tools.ietf.org/html/rfc8200
[10] Cisco Systems. "High-Performance Network Design Best Practices." Cisco White Paper. https://www.cisco.com/c/en/us/solutions/enterprise-networks/

« Previous Next »

Hire Dr Jack for Homework & Academic Writing Help

Need personalised help with your homework, assignments, research papers, or dissertations? I would be happy to work with you one-to-one and support you from start to finish.

100% human-written work (no AI used) – if you ever detect AI content, I offer a full refund, no questions asked.
Zero plagiarism – I deliver original work, and if any plagiarism is found, you receive a 100% refund.
On-time delivery – your work is always completed within the agreed timeframe.
Available 24/7 – you can reach out whenever it is convenient for you.
Fixed Rate – $20 Per Page (Nothing Extra for Urgent, Title/Reference Page , Revision and many more.).

To discuss your requirements, please email me at drjack9650@gmail.com . I will respond as soon as possible.