Ask HN: The perfect 20-50 people office network setup?

19 点作者 perssontm超过 13 年前

Lets consider this situation: A business with between 20 to 50 employees all heavily using email, calendar, documents and working with general office work.What is the perfect office network setup for this? Keeping in mind that the following points are important:- minimal onsite hardware- convenient fileshareing through a network drive- calendar shareing- webbmail/imap access- some central point of administering users- support for windows, osx and different linux flavours- all machines must be fully usable outside the office- bonus for beeing able to monitor clients for patches software/updates- bonus for pushing updates/software to themIs this business network utopia?Current situation is using google apps, but that fails miserably on the network filesharing point.What else is there? A large IT company pitched me a full windows setup(Active directory, exchange, sharepoint and the whole shabang), but that feels like vendor lockin-mania(and at least 2 servers onsite), we will probably never get another chance of doing this right.All my google-findings seems to solve parts of the problem but not all.Thanks in advance, I'll summarize results and report back. [edit: formatting]

10 条评论

TomOfTTB超过 13 年前

I'll give you my suggestions based on a mini version of the configuration I've been using for a couple years (except for the dropbox part which I just started using this year). This is only for Windows but most works on Mac and Linux...1 Windows Server for Authentication, DHCP and DNS. Unless your users will be off campus for extended periods of time (30+ days) you don't need to worry about a VPN (since the local system will authenticate their account disconnected)Dropbox for Teams on all systems. On Windows systems you can move the Desktop, Pictures, and Documents folders right into the Dropbox folder to sync and backup all files (Box.Net is an option with more features but I had massive problems with it to the tune of 80% of users and the company didn't seem to care)Faronics DeepFreeze is a program that freezes the system files for Windows systems. By creating a separate partition for files you can freeze the whole system and avoid problems (just create a files partition and move dropbox and the users files to there). You can also set times for unfreezing for updates (I set it for Sunday at 1am and have the auto updates run at the same time). Macs and Linux can ususally take care of themselves on the security frontPatch Management with GFI Languard is cheap and doesn't require a whole infrastructure to work with. For updating software you can used a Powershell script and a shared "Updates" folder in dropbox to distribute MSI filesOn E-mail I use Rackspace's hosted exchange because my users were used to an Exchange server. But you could just as easily get by with Google Apps.AntiVirus I just use Trend Micro's corporate version but it does have a fairly small server footprint. It could easily run on the one Windows server you have.Hope it helps. Feel free to e-mail if you have questions

评论 #3347310 未加载

bungle超过 13 年前

1. Google Apps for Business - No onsite hardware - Calendars with sharing - Webmail / imap access - Can be a central point of administering users, if the other apps integrate to Google Apps (e.g. the Apps from Apps Marketplace) - Supports Windows, OS X and Linux - All machines are fully usable outside the officeNow you are almost there. Forget that MS stack. It's costly, vendor-lockin, and feels like a thing from a past.2. Central Management of Users with Single Sign-on capabilities. - Look at <a href="http://www.okta.com/" rel="nofollow">http://www.okta.com/</a> and <a href="http://www.symplified.com/" rel="nofollow">http://www.symplified.com/</a>3. Network File Sharing - Google Docs (and there is a change that Google finally introduces Google Drive / Google Files)If that is not enough, then look at:- Egnyte: <a href="http://www.egnyte.com/" rel="nofollow">http://www.egnyte.com/</a> (Hybrid solution, Dropbox-like sync-client, Client Backup, Local office sync server / NAS, FTP (includes secure connection) access, WebDAV access with Drive mapping capability, browser access etc.) - Box: <a href="http://box.com/" rel="nofollow">http://box.com/</a> - Dropbox for Teams: <a href="http://www.dropbox.com/teams" rel="nofollow">http://www.dropbox.com/teams</a>If you are interested in backups, look at: - Backblaze: <a href="http://www.backblaze.com/" rel="nofollow">http://www.backblaze.com/</a>Remember that with Google Apps, you already get very nice features, like: - Single sign-on on every Google's service (for example: Google+, Google Voice, and you get services like Postini, Mobile synchronization with support for Active Sync, etc.)If you are going to MS stack, you are going to tie your hands. It's easy to implement MS stack, but it's damn hard to exit their system.

评论 #3344362 未加载

Spearchucker超过 13 年前

You don't mention security (1) or compliance. I'm guessing these don't feature? What does "file sharing" mean to you (could SkyDrive do it, or cloud-based SharePoint)? Speaking of SharePoint, have you considered Office 365?I know it's fashionable to do everything in the cloud these days, but my personal preference is to have control over my digital assets, so I like to keep everything(!) in-house. For 20-50 -strong team, AD/Exchange/SharePoint/ForeFront setup would be mostly accepting defaults (2), and keeping everything running won't take much effort.1). An AD is not neccessarily a bad thing. You could create accounts locally and push them into Office 365 automatically (ditto for Exchange accounts). You could use DirectAccess to meet the remote use requirement, although someone who knows more about the Linux/Mac world would need to comment on whether that will with DirectAccess.2). Depends on how far you want to go with your file share - you could spend ages on an information architecture, if you're so inclined/have compliance requirements.

评论 #3341255 未加载

caw超过 13 年前

You probably want to get a real live sysadmin to set this up, rather than DIY. Best practices go a real long way in getting the environment healthy and compatible with whatever stuff you want to add later (been there, done that...)With 20+ people you definitely want centralized authentication.I'd go with Windows for this setup. - Relatively few boxes needed. 2 for AD, it does your DNS and DHCP stuff. A 3rd box for your Exchange (I have 0 experience with Exchange, I suppose you can always keep your google apps), and if you want to do file serving in house, 1-2 boxes.- Monitor clients with WSUS. It's easy to set up, and it'll tell you which clients aren't up to date. There are other paid solutions available, but this one is free.- Push software with GPO so long as you like your .msi's or .bat scripts.- Permissions get messy with shared Windows and Unix files. Separate the shares, or get some other service to handle it for you (the previously mentioned Dropbox)- Lots of Windows consultants available if stuff breaks.You can always separate out services later to Unix hosts if needed. DNS is kind of tricky because you'll either have to manually add all your Linux boxes, add certificates to the machines, or turn off secure updates in AD. Or you're stuck running SMB on all your hosts to get them in to the domain.Frankly I think the easiest solution is all *Nix or all Windows. Anything else eventually runs in to compatibility issues because whatever tool you're running just isn't cut out for multiplatform. Or if it is multiplatform, it probably doesn't integrate as well as the single platform solutions.Using machines outside the office - I'd guess remote desktop or something through a VPN. I'm not familiar with this because at my last job all the Linux hosts were on public IP space, so you could SSH in to it so long as you were in the allowed hosts.

评论 #3344372 未加载

dholowiski超过 13 年前

I am the IT guy for an office right in the middle - 30 users. As much as most people don't want to admit it, Microsoft owns this space, and Microsoft small business server paired with Office is an excellent solution here. Sure, you need a dedicated server, but SBS is very wizard based almost to the point where a receptionist can administer it. Sharepoint is the logical next step, a step we're going to take this year, probably.Specifically, look at MS Small Business server, which includes about 30 user licenses, exchange server, file server, dns active directory and just about anything else you need, and is made to run on one server (most versions include a second server license too, for virtualization or backup).

Mamady超过 13 年前

The microsoft stack does work quite well, but usually for 50+ staff. For less than 50 the cost of administration becomes a disproportional overhead.I take vendor lock-in with a grain of salt... if the solution works well, the lock-in (almost) doesn't matter. When it comes to mission critical business systems, most companies have vendor lock-in, whether it's with Microsoft, Google or some other company.I think most startups stick with Google Apps. For network filesharing have you tried Dropbox? If large files are an issue - you will need to setup a fileserver in your office something as simple as a samba server could do the trick.You could also trying to get an invite for AeroFS.

评论 #3341260 未加载

rhizome超过 13 年前

There's nothing inherently wrong with Windows Server and Exchange, which will give you just about everything you ask for. You probably wouldn't need Sharepoint, which is a cash cow for implementers.

评论 #3341239 未加载

toomuchtodo超过 13 年前

Google Apps and either Dropbox/Box.net (Dropbox is cheaper, Box.net has more features). I have this setup in production for ~68 users, some who are in the office, but most who are mobile.

tommi超过 13 年前

Seems like with network filesharing you'd be happy with Google Apps. So what's keeping you from just buying filesharing from another vendor?

评论 #3341247 未加载

protomyth超过 13 年前

What OS are you using for the clients?