• 2

Network report – Whitepaper



Network Report and Recommendations
Cloud9 IT Services
Paul McCherry


Introduction. 3

Centralised Administration. 4

Domain Controllers. 4

DNS. 5


File & Print Services. 7

Email 8

POP. 8



Mail Servers. 9

Web. 10

DHCP Service. 12

Conclusion. 14

Appendices. 15

Appendix A.1. 15

Simplified Network Layout. 15

Appendix A.2. 16

Domain. 16

Appendix A.3. 17

Network Layout. 17

Appendix A.4. 18

DHCP Dependencies. 18

TCPIP Protocol Driver. 18

Appendix A.5. 19

Office and Google Comparison. 19

References. 20

Bibliography. 25





Some businesses have a tendency to underestimate the importance of identity and access management (IAM) and centralised administration which provides users with seamless authorization and authentication processes. Implementing convoluted, disparate and legacy business processes leads to user dissatisfaction and confusion. (Cser, 2013)

The purpose of this report is to design an appropriate server infrastructure to deal with the anticipated extra load produced by the company’s growth over the next three years.

The company requires a centralised administration solution, Domain Name Services (DNS) and Domain Host Configuration Protocol  (DHCP) to be available on the network. These last two services should be additionally configured to provide a level of redundancy in the event of system failure.

Solutions will also be provided to support additional requirements. These solutions include File and Print Services, Email and an Intranet based web server.

Finally the report will provide a detailed dialogue of the dependencies and system components necessary for the running of the DHCP service.


Centralised Administration

Domain Controllers


Microsoft Windows Active Directory Domain Services  (ADDS) provides authorisation, authentication and accounting (AAA) to servers, services, clients and users throughout the business infrastructure. (Microsoft, 2012)

When multiple domain controllers exist in an active directory domain structure they work together and hold copies of the domain data store including users, computers, printers and other network resources. The process which keeps the copies of the data store updated is known as replication. (See Appendix A.2) (Ruest, et al., 2011, p. 3).

Two domain controllers (DC) will provide ADDS to the network as shown in Appendix A.1.  In the event of a failure of one of the domain controllers users will still be able to login and access their resources. This also ensures Microsoft best practices are followed. (Microsoft, 2009).

ADDS provides administrators with the management interfaces necessary to allow them to add additional server roles, such as DNS and DHCP, and manage computers, services and servers. It provides a distributed database in which hierarchical information is stored about the forest and domain. (Microsoft, 2007)





Active Directory Domain Services (ADDS) relies heavily on the Domain Name System (DNS) that matches IP addresses to system names and supports the identification of service locations.  ADDS would be unable to function without DNS. (Ruest, et al., 2011, p. 444).

DNS Services must be installed on the first Domain Controller (DC) and therefore DNS is automatically selected by default. (Ruest, et al., 2011, p. 21).

During the installation of the first Domain Controller (DC1) See Appendix A.1, DNS is configured and the domain is created, DNS will store all client pc’s and server names that are installed to this domain within this domain tree structure. (Microsoft, 2014)

Microsoft continues to explain that upon installing the second Domain Controller (DC2), it will be added to the domain and DNS will be selected as an additional option for this second server. Replication will then occur between the two servers providing the infrastructure with DNS redundancy. (Microsoft, 2014)

In respect to the proposed network structure the two Domain Controllers will be installed within the internal demilitarised zone (DMZ) (See Appendix A.3) Internal DNS servers should be secured as much as possible. Microsoft DNS servers have been specifically secured to prevent the most prevalent DNS issues such as, Denial of Service (DOS), spoofing, man-in-the-middle and cache poisoning attacks. (Ruest, et al., 2011, pp. 464-470)

The removal of Root hints and forwarding all external DNS requests to a server in the external DMZ (See Appendix A.3) means that these internal DNS servers cannot be accessed externally. Only the external DNS server (WEB-DNS-EXT) has a public facing internet connection and this server does not have any access to the rest of the domain. The Internal DNS servers simply serve DNS requests for internal systems and forward all other requests to the external DNS server. (Microsoft, 2014)

DNS zone transfers effectively allow a server to download the entire structure of the network. This is a security issue because DNS data can be used for many major attacks. The External Primary DNS server should be configured to only allow zone transfers to the internet service provider (ISP). (SANS Institute, 2003, p. 4)





Dynamic Host Configuration protocol (DHCP) is necessary in order to automatically assign Internet Protocol (IP) addresses, subnet masks and other configuration information to computers on the network. (Droms, 1997, pp. 1, RFC 2131)  IP addresses could be configured manually however this would increase administration and fault diagnosis tasks to a much greater and unnecessary level. (Ruest, et al., 2011, pp. 253-258).

Unfortunately in 2008 R2 servers and earlier versions DNS does not use the database replication facilities provided by ADDS.  The best practices for Microsoft DHCP 2008 R2 servers is to run them using the 80/20 rule which allow for two DHCP servers, one allocates 80% of the IP addresses, the second allocates 20% of the IP addresses. (Microsoft, 2005). This source is quite old and actually refers to 2003 servers however it is still valid and in 2008 R2 servers, the DHCP management software has been enhanced with a split scope wizard. (Microsoft, 2014)

Both servers allocate from separate address ranges but in the same subnet – called a superscope. Each server excludes the address range of the other achieving redundancy at the cost of address space usage. (Mockeptris, 2003)

Microsoft 2012 servers have now overcome the 80/20 rule by providing the capability of adding DHCP services to a failover cluster. Upgrades to Microsoft 2012 Server should be considered for future upgrades. (Microsoft, 2012)

With regard to the proposed Microsoft Server 2008 R2 infrastructure, in the event of a server failure, pc’s on the network will only begin trying to renew their IP addresses after four days. After eight days they will then try a different server. (Microsoft, 2005)

Northrup and Mackin state that the client will fail if it is unable to renew a lease from the working server due to capacity limits reached. This means the DHCP default wired configuration would give an engineer, up to eight days to resolve the problem on the failed server. The default figure can and should be increased on larger networks to reduce DHCP traffic. (Northrup & Mackin, 2011, pp. 260-264)

The diagram at Appendix A.3 shows the intended separation of the servers onto a separate subnet. This means that the DHCP server will need to provide IP addresses to pc’s on a different subnet. The DHCP client uses network broadcasts to find their nearest DHCP server and network broadcast are unable to cross routers. (Microsoft, 2014)

Therefore the router will need to run the DHCP Relay Agent. The DHCP relay agent relays DHCP messages between the clients and the DHCP server where the server and clients are not connected to the same subnet.  All Cisco routers include a relay agent. (Cisco, 2014, pp. 109-110)






File & Print Services


One additional server will be configured to provide both file and print sharing. It will not run ADDS and so will not be a domain controller however it will be added to the domain as a member server. Being a member of the domain ensures that it benefits from Single Sign ON. (SSO) This means that all authorisation and authentication is carried out by the domain controllers. If this server was not a member of the domain it would have to have each individual user added to it manually. (Samba.org, 2003)

Users need access to many types of documents. To save on duplicating work they need to be able to share them with other users. These documents need to be easily shared with authorised users whilst being protected from unauthorized access. (Northrup & Mackin, 2011, pp. 569-572)

Shared folders is the most common way for authorised users to collaborate and have access to shared documents where they can be easily managed. If documents were stored on each client PC centralised management would be very difficult on small networks and almost impossible on larger networks. (Northrup & Mackin, 2011, p. 285)

The File Services role is not absolutely necessary for the sharing of files however it has many useful management tools. Tools such as user quota management, storage reporting, and the ability to participate in Distributed File System (DFS) namespaces. DFS allows for the replication of files to other servers providing file redundancy of company documents. DFS should be considered for future expansion. (Microsoft, 2014)

Microsoft goes on to reveal that Quota management allows the administrator to allocate specific storage amongst users to ensure any one user does not take up all of the available storage. (Microsoft, 2014)

The Print Management role again is not totally necessary as printers can be added and shared from the control panel however this role adds a fully featured interface. This provides for a far more effective centralised management of printers where it will be possible to prioritise users and provide authentication and authorization to printers. (Northrup & Mackin, 2011, p. 632).

Northrup & Mackin continue that this will ensure that printers are only accessible by relevant authorised users. Any users who are considered a high priority will have their documents moved to the front of the queue ensuring they are printed first. (Northrup & Mackin, 2011, pp. 642-655).

Another useful feature of Print Management is that  Print Pooling can be set up which allows multiple printers to access a single queue, this means that any printer which is part of the pool and is not busy can begin printing documents sent to that queue. (Microsoft, 2014)






A mail server (or e-mail server) handles and delivers e-mail from internal and external sources and makes the email available to users on the local network.  It can also receive emails from clients and deliver them to other mail servers for forwarding on or delivering to their clients. (SamLogic, 2014)

Mail servers use three different protocols; these are the Post Office Protocol, the Internet Message Access Protocol (IMAP) and the Simple Mail Transfer Protocol (SMTP) (Microsoft, 2014)


Microsoft describes the Post Office Protocol version 3 (POP3)  as the most common type of email account, mainly used by home and  personal users. (Microsoft, 2014)

The Internet Engineering task Force’s (IETF) publication, Request for Comments (RFC) 1939 states POP3 does not support extensive manipulation operations and is designed to download mail to the client and then it is deleted. (Internet Engineering Task Force, 1996)

Pop collects mail using TCP/IP port 110 (Internet Assigned Numbers Authority, 2014)


IMAP is used more by business users and emails are stored on the server where they can be previewed deleted and organised. (Microsoft, 2014)

The IETF publication, RFC 3501 states that IMAP includes many more facilities to manipulate the emails including creating, deleting, searching and selective fetching of messages depending on their attributes. (Internet Engineering Task Force, 2003)

IMAP collect mail using TCP/IP port 220  (Internet Assigned Numbers Authority, 2014)


SMTP is used for outgoing email messages and is used along with POP or IMAP. (Microsoft, 2014)

The IETF publication, RFC 5321, states that the Simple Mail Transfer Protocols main objective is to transfer mail reliably and efficiently. (Internet Engineering task Force, 2008, p. 5)

The IETF goes onto state that  SMTP is independent of the transmission medium and the capability to transfer emails across multiple networks, referred to as “SMTP mail relaying” is an important feature. (Internet Engineering task Force, 2008, p. 5)

SMTP delivers mail using TCP/IP port 25 (Internet Assigned Numbers Authority, 2014)



Mail Servers


Many companies provide Email server solutions. Companies such as Novell with their Groupwise solution, Microsoft who supply Exchange, Google with Google Apps and other companies that offer free email clients. See Appendix A.5 for a cost comparison of the main solutions.

Of these, Microsoft’s Exchange is the most established and is recommended by Oxford University as it can be accessed from all operating system platforms, it can also be accessed from the web and has additional useful features. (University of Oxford, 2008)

Costs in redundancy, initial capital costs, support and upgrades are now making the case for Office 365 and Exchange online a very agreeable alternative to Exchange running on site. (techsolvers, 2014).

It is therefore recommended that an Office 365 Solution Provider be utilised. Outlook on each PC client should be configured to utilise IMAP for incoming mail and SMTP for outgoing mail to the Online Exchange Server.

The ports that must be opened on the external and internet firewalls for Outlook clients will be the IMAP port 220 tcp/udp for incoming mail and Port 25 SMTP for outgoing mail. (Internet Assigned Numbers Authority, 2014)




The Microsoft windows 2008 R2 server operating system includes a web server within its server roles. This application is named the Microsoft Internet Information Server (IIS).  An Intranet based web server is required and as this role is free with Windows Server 2008 R2, IIS is recommended. The server role, IIS is installed and configured from within server manager.

The Internet information services role (IIS) will be installed on a separate windows server to provide user’s access to LAN based web pages. This server will also be a domain member server as described in File & Print Services.

An Intranet based web server is accessible to all users on the local area network (LAN) but is not made available to external internet users. If external users need access to  a company web site then an Internet based web server accessible to external users should additionally be placed beyond a firewall into an area known as an external demilitarized zone (DMZ). (See Appendix A.3) (Sun Microsytems, 2004)

Depending on network size, Oracle goes on to recommend to separate the private internal services such as an Intranet web server into an internal DMZ.  (See Appendix A.3) all incoming ports on the External DMZ firewall will be blocked so outside users will be unable to access the LAN.  Furthermore another layer of protection is provided by an internal DMZ which has its own firewall and will ensure that only frames from the authorised users subnet are allowed through to the Internal DMZ. (Sun Microsytems, 2004)

Firewall ports will be opened on the Internal DMZ firewall (1. see Appendix A.3) to allow the services running on the servers within the internal DMZ to operate. However the firewall will be configured to only allow the packets from the user’s subnet through.

These ports are, and provide the following Services:-

80 & 443               TCP                                        HTTP, HTTPS to allow web browsing

389                         TCP/UDP                             LDAP to allow ADDS

3268                       TCP                                        LDAP GC, to allow ADDS

88                           TCP/UDP                             Kerberos to allow ADDS

53                           TCP/UDP                             DNS, to allow DNS

135                         TCP                                        RPC netlogon

67 & 68                 UDP                                       BootP used by DHCP

139 & 445           TCP/UDP                               File & print Services

Incoming Ports will be opened on the Internet Firewall (3. see Appendix A.3) will allow:-


80 & 443  TCP                     Allowing External users to browse INTERNET web server in the external DMZ

53               TCP/UDP         Allowing External users access to the external DNS server


Incoming  ports will be opened on both the Internet Firewall (3. see Appendix A.3) and the External DMZ firewall (2. see Appendix A.3) to allow:-


220         TCP/UDP             Allowing Outlook to connect via IMAP to Exchange server


Outgoing Ports on the Internal and External DMZ Firewalls (2 & 3. see Appendix A.3) will be opened to allow:-


25           TCP                        Allow Outlook to send email via SMTP

53           TCP/UDP             Allow Internal DNS servers to forward requests to external DNS servers.


Ports Source (IANA, 2014)

DHCP Service


When roles are installed on a server, other services may be required and must be running before the required roles can run. These services are classed as dependencies or system components. (Thomas & McLean, 2011)

To view the dependencies of a role or service on a windows server, run the services application from the control panel.

As can be seen from Appendix A.4  the DHCP Server service has 5 main dependencies, these are:-

  • Com+ Event System
  • Remote Procedure Call (RPC)
  • Security Accounts Manager
  • TCP/IP Protocol Driver
  • Windows Event Log

The DHCP service relies directly on the Remote Procedure Call Component which in turn relies upon the Dcom Server Launcher and the RPC Endpoint Mapper. IE:-

  • Remote Procedure Call
    • Dcom Server Launcher
    • RPC Endpoint Mapper

Each of the other four dependencies also relies upon the Remote Procedure Call (RPC) and its secondary components. An RPC is used by Software developers to allow different processes running on the local pc or another networked PC to interact. RPC’s make the software developers job easier in that they do not have to be concerned with the underlying physical and logical networks. (Marshall, 1999)

One of the secondary components of RPC is the Dcom Server Launcher which allows processes to be distributed to other networked computers in an efficient manner. (Microsoft, 2014)

The other secondary component is the RPC endpoint mapper. This component is responsible for responding to requests by client to resolve dynamic endpoints, ie where to find a specific process. It can also be responsible for assigning those endpoints. (Microsoft, 2007)

The Com+ Event System provides software developers with a means to communicate with Windows services on a local computer, allowing them to create reusable software components.. The Com+ Event System also relies on the RPC and its subcomponents as described above. (Microsoft, 2008)

The Security Accounts Manager (SAM) stores users accounts and passwords to ensure processes are properly authorised and authenticated. The SAM also relies on the RPC and its subcomponents as described above. (Microsoft, 2014)


The TCP/IP Protocol Driver See (Appendix A.4) provides the underlying communication, such as error checking, segmentation, addressing, packaging, sequencing, acknowledgments and routing and interfaces with the network card and network media to allow local processes to communicate across the network . The TCP/IP protocol driver also relies on the RPC and its subcomponents as described above. (Microsoft, 2014)

The Windows Event Log manages event and event logs supporting logging, querying and subscribing to events and additionally it manages event metadata. Most if not all processes provide information which is logged in the event log for administrators to be able to view, helping in fault diagnosis. The Event Log also relies on the RPC and its subcomponents as described above. (microsoft, 2014)





The Microsoft services described above are scalable from just a few users up to thousands of users and can include additional departments, companies or sites. (Thomas & McLean, 2011, pp. 4-8)

This report requires the installation of two domain controllers (DC) incorporating Active Directory Domain Services (ADDS) to provide centalised administration. Each DC will additionally have Domain Name Services (DNS) and Dynamic Host Configuration protocol (DHCP) installed providing redundancy for all three services. Should one server fail the other server will still be able to provide these three required core services. (Microsoft, 2012)

Security can be maximized by installing firewalls at various points throughout the network. These will ensure only authorized users are able to access the services provided by the servers. Active Directory Domain Services will add a further layer of protection ensuring that only authenticated users are able to access the services that they are authorised for. (Shinder, 2003)

The Cloud based email service solution removes many administration tasks that would be necessary if it was an on premise solution. Tasks such as Redundancy planning, Archiving, Fault Finding and Backup are all taken care off by a third party. This leaves the simpler tasks of adding and removing users and providing permissions.  (Microsoft, 2014)

However it should be noted that this solution makes a fast and stable internet connection an absolute priority and care should be taken in selecting a communications provider and an Internet Service provider (ISP). (ITLAB, 2013, p. 8)





Appendix A.1

Simplified Network Layout




simplified network diagram

simplified network diagram

Appendix A.2






Appendix A.3

Network Layout

Network Layout

Network Layout


Appendix A.4

DHCP Dependencies

DHCP Dependencies

DHCP Dependencies


TCPIP Protocol Driver


TCPIP Protocol Driver

TCPIP Protocol Driver


Appendix A.5

Office and Google Comparison


Users = 50
Product Office Software Monthly Licencing per user Server Hardware Server Software Installation Costs Support 1st year 2nd year 3rd year 4th year TCO for 4 years
Pc Based Office  £          170.00  £       2,000.00  £       2,000.00  £       2,000.00  £       1,200.00  £    15,700.00  £       1,200.00  £       1,200.00  £       1,200.00  £    19,300.00
Exchange Online  £          170.00  £             30.00  £          500.00  £    10,500.00  £       1,500.00  £       1,500.00  £       1,500.00  £    15,000.00
Office 365  £             84.00  £          500.00  £       4,700.00  £       4,200.00  £       4,200.00  £       4,200.00  £    17,300.00
Google Apps  £          170.00  £             33.00  £          500.00  £    10,650.00  £       1,650.00  £       1,650.00  £       1,650.00  £    15,600.00
Note Hardware Software, Installation and Support Costs are estimated for 50 users










Cisco, 2014. Configuring the Cisco IOS DHCP Relay Agent. In: IP Addressing: DHCP Configuration Guide, Cisco IOS Release 15.1SY. San Jose: Cisco, p. 55.

Cser, A., 2013. Manage identity and access to improve business processes. Computer Weekly, 11 June, pp. 15-17.

Droms, R., 1997. Dynamic Host Configuration Protocol, Bucknel University: The Internet Engineering Task Force (IETF®).

IANA, 2014. Service Name and Transport Protocol Port Number Registry. [Online]
Available at: http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml
[Accessed 15th November 2014].

Internet Assigned Numbers Authority, 2014. Service Name and Transport Protocol Port Number Registry. [Online]
Available at: http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml
[Accessed 29th November 2014].

Internet Engineering Task Force, 1996. RFC 1939. [Online]
Available at: https://datatracker.ietf.org/doc/rfc1939/?include_text=1
[Accessed 29th November 2014].

Internet Engineering Task Force, 2003. RFC 3501. [Online]
Available at: https://datatracker.ietf.org/doc/rfc3501/?include_text=1
[Accessed 29th November 2014].

Internet Engineering task Force, 2008. RFC 5321. [Online]
Available at: https://datatracker.ietf.org/doc/rfc5321/?include_text=1
[Accessed 29th November 2014].

ITLAB, 2013. Cloud Migration Guide. [Online]
Available at: http://www.itlab.com/wp-content/uploads/2013/08/ITLab-Cloud-Migration-Guide.pdf
[Accessed 29th November 2014].

Marshall, P. D., 1999. Remote Procedure Calls (RPC). [Online]
Available at: http://www.cs.cf.ac.uk/Dave/C/node33.html
[Accessed 17th November 2014].

Microsoft, 2005. DHCP Best Practices. [Online]
Available at: http://technet.microsoft.com/en-us/library/cc780311(v=ws.10).aspx
[Accessed 4th Nov 2014].

Microsoft, 2007. Active Directory Domain Services Overview. [Online]
Available at: http://technet.microsoft.com/en-us/library/9a5cba91-7153-4265-adda-c70df2321982
[Accessed 22nd November 2014].

Microsoft, 2007. How IT Works, Troubleshooting RPC Errors. [Online]
Available at: http://technet.microsoft.com/en-us/magazine/2007.07.howitworks.aspx
[Accessed 17th November 2014].

Microsoft, 2008. COM +. [Online]
Available at: http://technet.microsoft.com/en-us/library/cc774178(v=ws.10).aspx
[Accessed 17th November 2014].

Microsoft, 2009. AD DS: All domains should have at least two functioning domain controllers for redundancy. [Online]
Available at: http://technet.microsoft.com/en-us/library/dd378865%28v=ws.10%29.aspx
[Accessed 3rd Nov 2014].

Microsoft, 2012. Active Directory Domain Services Overview. [Online]
Available at: http://technet.microsoft.com/en-gb/library/hh831484.aspx
[Accessed 14th November 2014].

Microsoft, 2012. AD DS: All domains should have at least two functioning domain controllers for redundancy. [Online]
Available at: http://technet.microsoft.com/en-us/library/dd378865%28v=ws.10%29.aspx
[Accessed 29th Novemebr 2014].

Microsoft, 2012. Step-by-Step: Configure DHCP for Failover. [Online]
Available at: http://technet.microsoft.com/en-gb/library/hh831385.aspx
[Accessed 22nd November 2014].

Microsoft, 2014. Configure the IPv4 DHCP Relay Agent. [Online]
Available at: http://technet.microsoft.com/en-us/library/dd469685.aspx
[Accessed 14th November 2014].

Microsoft, 2014. DHCP Step-by-Step Guide:. [Online]
Available at: http://technet.microsoft.com/library/ee405264(WS.10).aspx
[Accessed 14th November 2014].

Microsoft, 2014. Distributed Component Object Mode. [Online]
Available at: http://technet.microsoft.com/en-us/library/cc958799.aspx
[Accessed 17th November 2014].

Microsoft, 2014. Exchange Online. [Online]
Available at: http://products.office.com/en-us/exchange/exchange-online
[Accessed 29th November 2014].

Microsoft, 2014. Overview of Share and Storage Management. [Online]
Available at: http://technet.microsoft.com/en-us/library/cc753175.aspx
[Accessed 9th November 2014].

Microsoft, 2014. POP3, SMTP, and other e‑mail server types. [Online]
Available at: http://windows.microsoft.com/en-gb/windows-vista/pop3-smtp-and-other-e-mail-server-types
[Accessed 29th November 2014].

Microsoft, 2014. Printing. [Online]
Available at: http://technet.microsoft.com/en-us/library/cc958172.aspx
[Accessed 15th November 2014].

Microsoft, 2014. Security Account Manager (SAM). [Online]
Available at: http://technet.microsoft.com/en-us/library/cc756748(v=WS.10).aspx
[Accessed 17th November 2014].

Microsoft, 2014. TCP/IP Protocol Architecture. [Online]
Available at: http://technet.microsoft.com/en-gb/library/cc958821.aspx
[Accessed 17th November 2014].

Microsoft, 2014. Understanding Active Directory Domain Services Integration. [Online]
Available at: http://technet.microsoft.com/en-us/library/cc726034.aspx
[Accessed 4th Nov 2014].

Microsoft, 2014. Understanding forwarders. [Online]
Available at: http://technet.microsoft.com/en-us/library/cc782142%28WS.10%29.aspx
[Accessed November 14 2014].

microsoft, 2014. What information appears in event logs?. [Online]
Available at: http://windows.microsoft.com/en-gb/windows/what-information-event-logs-event-viewer#1TC=windows-7
[Accessed 17th November 2014].

Mockeptris, P. V., 2003. Best practices for reliable DNS and DHCP. [Online]
Available at: http://www.computerworld.com/article/2570121/security0/defending-your-dns–best-practices-for-reliable-dns-and-dhcp.html
[Accessed 4th Nov 2014].

Northrup, T. & Mackin, J. C., 2011. Configuring Windows Server 2008 Network Infrastructure. 2nd ed. Washington: Microsoft Press.

Ruest, D., Holme, D., Ruest, N. & Kellington, J., 2011. Configuring Windows Server 2008 Active Directory. 2nd ed. Washington: Microsoft Press.

Samba.org, 2003. Chapter 6. Domain Membership. [Online]
Available at: https://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/domain-member.html
[Accessed 15 November 2014].

SamLogic, 2014. What is a Mail Server and How Does it Work?. [Online]
Available at: http://www.samlogic.net/articles/mail-server.htm
[Accessed 29th November 2014].

SANS Institute, 2003. Why is securing DNS zone transfer necessary ?. [Online]
Available at: http://www.sans.org/reading-room/whitepapers/dns/securing-dns-zone-transfer-868
[Accessed 29th November 2014].

Shinder, W. T., 2003. Microsoft Internet Security. [Online]
Available at: http://www.isaserver.org/img/upl/spskit/9dnsinfrastructure/9dnsinfrastructure.htm
[Accessed 29th November 2014].

Sun Microsytems, 2004. Determining Your Network Infrastructure Needs. [Online]
Available at: https://docs.oracle.com/cd/E19263-01/817-6440/infrastrc.html
[Accessed 10 November 2014].

techsolvers, 2014. Top 10 Reasons for Using Hosted Exchange. [Online]
Available at: http://www.itsupportlondon.org.uk/articles/top-10-reasons-for-using-hosted-exchange.html
[Accessed 9th November 2014].

Thomas, O. & McLean, I., 2011. Windows Server 2008 Server Administrator. 2nd ed. Washington: Microsoft Press.

University of Oxford, 2008. Email Systems. [Online]
Available at: http://www.physics.ox.ac.uk/it/email/#
[Accessed 9th November 2014].





CoastalSoftware, 2014. Microsoft Office 2010 Home and Business. [Online]
Available at: http://www.coastalsoftware.co.uk/microsoft-office/2010-suites/home-business-1-install
[Accessed 15th November 2014].

Concentra, 2011. ROI for Microsoft Exchange Online. [Online]
Available at: http://blog.concentra.co.uk/2011/08/02/roi-for-microsoft-exchange-in-the-cloud/
[Accessed 15th November 2014].

Google, 2014. Choose a Plan. [Online]
Available at: https://www.google.com/intx/en_uk/work/apps/business/pricing.html?utm_campaign=emea-smb-apps-bkws-gb&utm_medium=cpc&utm_source=google&utm_term=%2Bbuy%2B%2Bgoogle%2B%2Bapps
[Accessed 15th Novemeber 2014].

Leonhard, W., 2014. Review: Microsoft Office 365 vs. Google Apps. [Online]
Available at: http://www.infoworld.com/article/2609136/cloud-computing/review–microsoft-office-365-vs–google-apps.html?page=8
[Accessed 15th November 2014].

Microsoft, 2014. Build and Deploy the Second Domain Controller. [Online]
Available at: http://technet.microsoft.com/en-us/library/cc526434.aspx
[Accessed 14th November 2014].

Microsoft, 2014. Firewall Settings for your network. [Online]
Available at: http://technet.microsoft.com/en-gb/library/cc747535(v=ws.10).aspx
[Accessed 10th November 2014].

Microsoft, 2012. How Active Directory Replication Topology Works. [Online]
Available at: http://technet.microsoft.com/en-us/library/cc755994(v=ws.10).aspx
[Accessed 4th November 2014].

Microsoft, 2014. Compare Exchange Online plans. [Online]
Available at: http://office.microsoft.com/en-gb/exchange/compare-microsoft-exchange-online-plans-FX103764022.aspx
[Accessed 9th November 2014].

Microsoft, 2014. Firewall Settings for your network. [Online]
Available at: http://technet.microsoft.com/en-gb/library/cc747535(v=ws.10).aspx
[Accessed 10th November 2014].

Microsoft, 2014. Office 365 Select a plan. [Online]
Available at: http://office.microsoft.com/en-gb/business/compare-office-365-for-business-plans-FX102918419.aspx
[Accessed 9th November 2014].