When your business is small and your budget is tight, you may press consumer and/or open source/freeware solutions into service for starting your network. If you only have a few systems and your security needs aren't great, you can get by with networking your Windows workstations in a peer-to-peer configuration. You may even "cheat" a little by setting up one Windows client computer as a file server so you can have the advantages of centralised data storage and backup without the administrative requirements and high software costs of implementing a Windows domain.
You might use a low-cost software firewall solution to protect the LAN, such as a Linux machine running ipchains (a simple packet filtering firewall), iptables/Netfilter (a stateful firewall included in versions 2.4.x of the Linux kernel), Firestarter (a "donationware" graphic firewall for Linux) or one of many low-cost commercial Linux firewalls. Or you might use the Internet Connection Firewall built into Windows XP (and upgraded to Windows Firewall by Service Pack 2). Or you might use a relatively low-end and low-cost firewall appliance such Cisco's PIX 500 series, WatchGuard's SOHO series, or SonicWall's TZ models.
But as the business begins to grow, you're likely to want and need the features provided by more robust "real server" operating systems and more sophisticated application layer filtering firewalls. Then you have a choice to make: should you go with lower cost alternatives designed for (and possibly limited to) small business use, or should you invest more money in software and/or hardware that can support growing far beyond your current needs?
Small Business Server or "full fledged" Windows Server?
There are two ways to run a Windows network: peer to peer (where "all the computers are created equal" and there is no centralised security accounts database) or Windows domain (where there is an authentication server called a domain controller that provides centralised security and management of the users and computers on the network). The peer to peer model works for a few computers, but security is much lower and administration becomes a nightmare as the number of computers increases.
If you're ready to move from a peer to peer network to a domain, you'll need at least one computer running the Windows Server operating system. The least expensive way to do this for a network of fewer than 75 users is to purchase Microsoft's Small Business Server (SBS) 2003. For only $599 (£324), you not only get the Windows Server 2003 operating system with the IIS Web server, remote access server and SharePoint Services for Web-based collaboration, you also get the Microsoft Exchange email server. For a little more ($1499), you also get Microsoft's SQL database server and the Microsoft Internet Security and Acceleration (ISA) server firewall/Web caching solution.
This is quite a deal, since buying all these products as standalones would cost far more:
- Windows Server 2003 Standard Edition: $999 with 5 CALs Microsoft Exchange Server 2003 Standard Edition: $699 (must also buy CALs for clients) Microsoft SQL Server 2005 Standard Edition with 5 CALs: $1,849 Microsoft ISA Server 2004 Standard Edition: $1,499 per processor
That's a total of $5,046! If you're wondering "what's the catch?" well here it is: SBS is limited to 75 logged-on users. That means if/when your company grows beyond that level, you'll probably need to trade it in for the "real" Windows Server OS and separate server products.
[Note: There's a less expensive edition of Windows Server 2003, Web Edition, for $399 — but it's for use as a Web server only and cannot function as a domain controller.]
Standard vs Enterprise
The prices given above are for the Standard editions of each product. However, if your business grows really large, you may need the features of the Enterprise editions, which cost considerably more:
- Windows Server 2003 Enterprise Edition: $3,999 with 25 CALs Microsoft Exchange Server 2003 Enterprise Edition: $3,999 (must also buy CALs for clients) Microsoft SQL Server 2005 Enterprise Edition: $24,999 with 25 CALs Microsoft ISA Server 2004 Enterprise Edition: $5,999 per processor
If you're still looking at this from the perspective of a small business, these big numbers may make you a little dizzy. And you're probably wondering what you should do: low-ball it and go with SBS (and then perhaps have to shell out again soon for the separate products if your business grows fast), go ahead and invest in the Standard Editions to begin with, or (if your small business is one of those rare ones that has plenty of extra cash on hand) spring for the Enterprise editions so you'll be able to use them no matter how big the company gets?
Balancing cost and scalability
There is no "one size fits all answer" for all businesses. That's why Microsoft gives you lots of options. If you anticipate that it'll be several years before your business reaches the 75 user level and you don't want to hire a full time IT administrator, and you're operating on a tight budget, SBS might be your best choice at this time. It will serve your basic needs and comes with a lot of extra wizards to simplify the setup and administration processes.
However, in addition to the limit on the number of users, SBS has some other limitations and drawbacks. One of the biggest is security. It's a recognised best security practice not to run additional server services (Web server, email server, database server, etc.) on a domain controller. That's because the DC holds the Active Directory with all the domain's security accounts information — if a domain controller is compromised, you have a real problem. And every server service that you run on a machine makes it more vulnerable to attacks and intrusions.
Yet SBS is designed to run all these services on a single computer. That saves you money on both the software and hardware — but that savings comes at the price of security.
In fact, another of SBS 2003's limitations came about for security reasons: you can't run Windows Terminal Services as an application server on the SBS machine. It's supported by Windows Server 2003 Standard and Enterprise editions.
Because of SBS's limitations, many small businesses bypass it altogether and start with the Standard Edition server products. While this may be the smartest way to go, especially if your business shows signs of growing quickly, going it one better and buying the Enterprise editions while the business is small may not be such a good idea. Although it's definitely the most scalable of the three, we're talking about tens of thousands of extra dollars here, and even if the company grows very large, you may not ever need the extra features that the Enterprise editions provide. And even if you do, you will probably still need additional servers on the network that don't require Enterprise features, so you'd still be able to use your Standard Edition servers along with new Enterprise edition machines.
And you have to remember that software is constantly being replaced with new versions. By the time you're ready for Enterprise features, the next generation of Windows Server (now code named Longhorn Server) may be on the market, with desirable features that Server 2003 doesn't have.
Talkback
By advocating that a small company purchase Windows 2003 Standard server over SBS, you've doomed them to continued struggle with inferior tools. Exchange, OWA, Remote Web Workplace, Fax Server, Shared Calendar and Contact lists, and the other great tools in SBS can set a small business on an even playing field with their big business competitors.
Whereas if they install a Windows Standard server all they get is fancy file storage and who wants to pay for that? Small businesses need a server that will actual provide services to them. If the small business grows beyond 75 users, then there is a transition pack that allows the servers to be seperated and life goes on.
Why not compare this with the cost of implementing Free and Open alternatives? A system like Karoshi (http://www.karoshi.org.uk) is much cheaper. Karoshi is designed for schools, but could easily be implemented by small businesses.
Yet another advertising blurb for Microsoft. She even specifies Microsoft product configs and prices, making the whole thing sound like a vendor quote!
I wonder if Shinder realizes that Microsoft is not the only name out there in enterprise class server systems. Linux has steadily been making inroads into the server space, with even IBM mainframes running it. Oracle - *the* enterprise RDBMS - is even thinking of creating their own Linux distro! The article is also full of disinformation - for example, ipchains has not been a current Linux packet filtering technology since 2001, with the advent of the 2.4 kernel. And yes, Linux offers enough filtering capabilities, right up to Layer 7, that the only advantage "enterprise class" firewalls offer is the possibility of higher throughput because of hardware based packet inspection, which is a valid point only in the very largest installations. I also wonder how many of these "enterprise class" boxes costing small fortunes offer features such as policy routing ,QoS and other advanced IP techniques. Maybe Shinder should spend some time reading the Linux Advanced Routing and Traffic Control documentation (http://lartc.org).
A typical example of the reliability, economy and scalability of FOSS (free and open source solutions) is my mail server, which serves over 50 users, and provides comprehensive and very effective antivirus (Amavis/ F-Prot) and antispam (dspam) services. This machine is a Celeron 2.4 system which has a current uptime of 259 days. I now need to scale the system upwards because of rapid growth. All I've had to do is to spend $1500 on purchase of a new server with a dual core CPU, and presto - I'm good for upto a thousand or so users. I wonder how many Microsoft based mail systems can manage this.
Apart from FOSS, Shinder conveniently ignores the big boys of the enterprise world - IBM, Sun and HP. Nothing Microsoft offers is any kind of a match for the reliability, scalability and power of enterprise UNIX systems.
The only place where Microsoft continues to make sense is the desktop. I believe this too will cease to be an issue with the rapid development of FOSS desktop and GUI technologies.