The infrastructure which encompasses the network solution and security considerations

are a major consideration for SLC technologies. Considering that the company will be expanding

from one (1) floor to three (3) floors in the very near future, I am responsible for the design of

the infrastructure and security protocols. I have been tasked with designing a network that is

stable, redundant, and scalable. The network solution that is chosen should support the conceived

information system and allow for scalability. The network infrastructure will support

organizational operations; therefore, a pictorial view of workstations, servers, routers, bridges,

gateways, and access points will be attached. In addition, access paths for Internet access will be

depicted.

Network architecture is the high-level, end-to-end structure for the network. This includes

the relationships within and between major architectural components of the network, such as

addressing and routing, network management, performance, and security. Determining the

network architecture is the next part of the process of developing our network, and is, as we will

see, key in integrating requirements and flows into the structure of a network.

SLC Technologies presently employs 20 personnel with 4 of us performing as the

dedicated IT staff. The 20 users have terminals with Windows 10 professional and are set up in a

workgroup all on the same subnet. This was manageable for a small group, but this will need to

be revamped with the expansion. The company plans to expand from one floor to three in the

upcoming months. . Since this is a relatively new company, there is currently limited technology

infrastructure to support the business. All information technology (hardware and software) must

be redesigned to meet organizational needs

Our current infrastructure is based on a hybrid topology with a server based network. We

have three server racks in our server room on the first floor each with 10 TB of storage. This is
not enough to sustain at our current rate of growth .The suggested increase is about 20% per

year, therefore to sustain for the next 5 years we will need an increase of at least 100TB. At the

main site, we currently have 1 physical Hyper-V hosts that can host approximately one hundred

twenty (120) virtual machines. The virtual machines are running Windows Server 2012 R2 and

Windows 10 Enterprise. The servers are needed to host email, various databases, file services,

print services, and our business intelligence application. The virtual machines are stored in the

server room and use a redundant array of independent disks (RAID).We utilize remote desktop to

configure and maintain them from our Corporate office. To avoid slowdowns or loss of systems

resources we can use a failover cluster with Network Load Balancing to implement a high

availability technology on a managed budget. The Windows Server 2012 failover clustering

feature is designed to minimize the amount of downtime of critical backend services and

applications. We can take the virtual machines, or VMs, themselves and put them into a failover

cluster. This is known as guest clustering and this makes the VM services even more available.

Since speed and reliability are important considerations we will stack the clusters in layers so we

can create a level of high-availability and resilience. Each essential application can be clustered

into four nodes adding better performance along with fault tolerance to our infrastructure. A

failover cluster requires at least two networked physical servers, or one physical server for each

node you want in the cluster up to a maximum of 64. For clustering, the hardware needs to be

certified to work with Windows Server and it is recommended that the hardware for each one of

the servers is identical

With Security as one of our top initiatives, we will implement a defense in depth concept

that adds a layer of protection at every level. We will add a Domain Controller (DC) and lock

down the terminals on the domain with strict group policy settings. The user accounts in a
domain will be easier to manage with a centralized server. The DC performs authentication of all

users who log on to a domain. We will use the principle of least privilege to ensure the users only

have access to what they need. We will create groups for each department to allow access by job

duties. Our windows server update services will check and update critical updates and patches

like antivirus on a regular. They are secured by an all in one unified threat management

appliance, which combines the roles of an intrusion detection system, intrusion prevention

system, firewall and Network Access Controls. This in addition to multi-factor authentications,

strong password policies and security awareness training will help harden our system against

threats. We may want to consider upgrading our current Windows 10 professional editions to an

enterprise license in order to take advantage of the built in security features like Bit locker,

AppLocker, and managing windows store access[GTSon]

Our Data warehouse application and technical architecture will consist of a QNAP TS-

EC2480-RP 100 TB 24-BAY 4U Rackmount NAS with 20 5TB HD attached. Hardware cost for

this is 11,066.00 (eAegis, 2017).

Software as a service is a different model of providing software applications. Instead of

purchasing software licenses for a given number of seats, a business would access software

hosted on a supplier's servers on a pay-as-you-go or lease arrangement. This means the

applications can be developed and tested within the cloud without the need to test and deploy on

client computers. Implementing this solution would cut down cost of workstations. We could use

thin client machines with virtual desktop solutions and then use the software as a service for the

analysis of our data[GTSon].

 The estimated cost of this project will average about $50,000 for initial setup and about

5,000 a year to maintain.