Branch Office Infrastructure

Solution
Getting Started

Version 3.0

Published: February 2008

Revised: September 2008
For the latest information, please see
microsoft.com/ BranchOffice
Copyright © 2008 Microsoft Corporation. All rights reserved. Complying with the applicable copyright laws is
your responsibility. By using or providing feedback on this documentation, you agree to the license agreement
below.

If you are using this documentation solely for non-commercial purposes internally within YOUR company or
organization, then this documentation is licensed to you under the Creative Commons Attribution-
NonCommercial License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/2.5/ or
send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.

This documentation is provided to you for informational purposes only, and is provided to you entirely "AS IS".
Your use of the documentation cannot be understood as substituting for customized service and information
that might be developed by Microsoft Corporation for a particular user based upon that user’s particular
environment. To the extent permitted by law, MICROSOFT MAKES NO WARRANTY OF ANY KIND, DISCLAIMS
ALL EXPRESS, IMPLIED AND STATUTORY WARRANTIES, AND ASSUMES NO LIABILITY TO YOU FOR ANY
DAMAGES OF ANY TYPE IN CONNECTION WITH THESE MATERIALS OR ANY INTELLECTUAL PROPERTY IN THEM.

Microsoft may have patents, patent applications, trademarks, or other intellectual property rights covering
subject matter within this documentation. Except as provided in a separate agreement from Microsoft, your
use of this document does not give you any license to these patents, trademarks or other intellectual property.

Information in this document, including URL and other Internet Web site references, is subject to change
without notice. Unless otherwise noted, the example companies, organizations, products, domain names, e-
mail addresses, logos, people, places and events depicted herein are fictitious.

Microsoft, BitLocker, Hyper-V, Windows Server 2003, Windows Server 2008, and Windows Vista are either
registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.

The names of actual companies and products mentioned herein may be the trademarks of their respective
owners.

You have no obligation to give Microsoft any suggestions, comments or other feedback ("Feedback") relating to
the documentation. However, if you do provide any Feedback to Microsoft then you provide to Microsoft,
without charge, the right to use, share and commercialize your Feedback in any way and for any purpose. You
also give to third parties, without charge, any patent rights needed for their products, technologies and services
to use or interface with any specific parts of a Microsoft software or service that includes the Feedback. You will
not give Feedback that is subject to a license that requires Microsoft to license its software or documentation to
third parties because we include your Feedback in them.

Solution Accelerators microsoft.com/technet/SolutionAccelerators

Contents

Solution Accelerators microsoft.com/technet/SolutionAccelerators

iv Guide Title (for single guide/doc accelerator or accelerator title (for multi-guide/doc accelerator)

Solution Accelerators microsoft.com/technet/SolutionAccelerators

Introduction
The Branch Office Infrastructure Solution (BOIS) v3.0 for the Windows® Server® 2008
operating system provides detailed guidance to help medium-sized to large organizations
to design remote office infrastructures into their environments. The goal of this effort is to
minimize the total cost of ownership (TCO) and provide the most efficient and effective
management possible, while still providing the optimal user experience for staff in branch
offices. This Getting Started guide is the BOIS starting point for optimizing branch office
infrastructure and is intended to provide technical decision makers with the information
that is required to meet the needs of their organizations.
BOIS updates and builds on the approach that was taken in the “Branch Office
Infrastructure Solution for Microsoft Windows Server 2003 Release 2” guide and
specifically deals with the changes that have been introduced by the Windows Vista®
operating system and Windows Server 2008. Although the fundamental architectural
principles in this guide remain the same, the implementation details have moved on. This
guide provides the necessary updates to ensure that your remote infrastructure designs
take advantage of the latest architectural approaches and enhancements that the
Windows Vista and Windows Server 2008 have to offer.

Goals and Objectives

This guide introduces the latest guides that have been created by Microsoft to help
customers to use the Windows Server platform in remote office infrastructures. Windows
Server 2008 introduces roles and features that help IT Professionals to support their
remote sites by making it easier for them to deploy and support their server infrastructure
across the organization. This guide describes how to look at the specific requirements of
the remote office in the larger context of the organization's IT services.

Audience
The primary audience for BOIS is the Infrastructure Architect or IT professional who is
responsible for designing one or more of the services that are included in a branch
infrastructure. However this getting started guide can be used by anyone who is
interested in understanding how branch office IT infrastructure design can be approached
and enhanced using Windows Server 2008 and Windows Vista.

Executive Overview
The overall goal of the branch office infrastructure design is to provide a good branch
user experience in a secure, efficient, and affordable manner with the minimum ongoing
management and support overheads. Additionally, BOIS is intended to help system
designers to achieve an optimal balance in their designs so that the solution delivers cost
savings and at the same time provides flexibility to meet the changing needs of the
organization. BOIS supports planning and implementation of a consolidated solution that
is based on standardized branch servers or appliances including those that use the
features of Windows Server 2008 and Hyper-V virtualization.
The BOIS guide presents design information to help you to define and deploy an efficient
branch office infrastructure solution that provides a comprehensive set of core IT
infrastructure services that are based on Windows Server 2008. By using the
technologies that are available in Windows Server 2008, a branch office solution can
provide substantial benefits for organizations of all sizes, especially large enterprises.
Using BOIS to streamline and standardize the branch offices, instead of traditional less
structured solutions offers the following improvements:

Solution Accelerators microsoft.com/technet/SolutionAccelerators

2 BOIS Getting Started

• Better utilization of server capacity

• More efficient systems administration and management
• Faster and more complete recovery of data in the event of a disaster
• Higher degree of standardization and automation
BOIS includes updated service design reference diagrams that provide a constant and
repeatable reference to help create a solution's design. With their in-depth understanding
of the requirements of the site and network infrastructure of your organization, systems
designers can use the service design reference diagrams to create a design model and
other BOIS guidance to evaluate and streamline your IT infrastructure.

What is BOIS?
The original BOIS 1.0 guidance provided cross-solution conceptual guidance for a branch
office environment and guidance for producing a complete implementation for a single-
server solution. For BOIS 2.0, the focus was to provide concise planning guidance for the
services in a typical branch office design that takes advantage of the additional features
that were included in Microsoft® Windows Server™ 2003 R2.
For version 3.0 of this guidance, the focus is on updating the guidance to include the
features and capabilities of Windows Server 2008 and to provide a more modular
approach to how the server design guides are delivered. The modular approach will
enable Microsoft to build up a larger library of services as part of this solution and to
update the guides more easily when required.
The following figure shows the guides that make up BOIS.

Figure 1. BOISv3 Roadmap

The BOIS guides can be grouped into three main collections:

Solution Accelerators microsoft.com/technet/SolutionAccelerators

BOIS Getting Started 3

The First Stop Guides

This collection is the introduction to both the BOIS guides and its architecture design
approach. This collection is comprised of the following guides:
• The Getting Started guide (this guide) provides the first entry point into the BOIS
guidance; it can be used to gain an understanding of the goals and scope of BOIS
and to introduce the technologies and features that Windows Server 2008 introduces
to help address the branch office balancing act.
• The Architecture guide introduces a method of designing a service-based
infrastructure design. A branch infrastructure environment is typically part of a larger
network that supports the organization's main sites and data centers. However, the
addition of branch offices introduces a number of significant constraints that modify
the options that are available to solution designers. This guide discusses how to look
at the specific requirements of the branch in the larger context of the organization's IT
services.

The Vertical Solutions Guides

The Vertical Solutions Guides provide a rapid access point for designers and IT
Professionals who are responsible for working on branch infrastructure designs in
specific vertical markets. Initial two guides are to be included in this area:
• The BOIS Retail Guide provides information on using various Microsoft products
and services in a retail branch environment.
• The BOIS Banking Guide details an example of a branch IT infrastructure in a
banking environment along guidance and information pertinent to banking and
financial institutions. …
From these guides you can then identify and work with the relevant service guides from
the Server Guide Library. More Vertical Solutions Guides are planned in the future so
check back with the BOIS Web site for regular updates.

The Service Guide Library

The BOIS Service Guide Library provides a collection of Service Design Guides that use
a common design methodology called Service Design References to present the major
decisions that are required to create a complete design for the identified service.
The first Service Design Guides in this library focus on a number of key IT services that
are provides as part of the Windows Server 2008 operating system. These services are
referred to as base services because they provide the base infrastructure for the branch
environment. You can then enhance or extend the base infrastructure to increase the
features of the branch office solution. The initial base services are:
• Directory Services.
• DHCP Services
• Name Resolution Services.
• File Services.
• Print Services.
• Base Client Services.
• Base Management Services.
These guides discuss each of their services and present a design model for each in the
context of the BOIS. Then, the design reference presents typical design considerations to
illustrate the key design choices that you will need to make to help you modify the model
to best fit the requirements of your organization.
The second set of Service Design Guides in this library focus on extending these base
services with additional Microsoft products and technologies. These services are referred
Solution Accelerators microsoft.com/technet/SolutionAccelerators
4 BOIS Getting Started

to as extended services because they build on the basic infrastructure for the branch
environment and provide enhanced capabilities to the branch infrastructure.

What Is New?
The BOIS service guides provide information about the capabilities and features of
Windows Server 2008 that can directly benefit a branch office design and improve the
performance and manageability of the Windows Server platform in your organization.
Examples of some of the enhanced capabilities for Windows Server 2008 that have a
direct effect on branch infrastructure design are:
• Read Only Domain Controller. The Read Only Domain Controller (RODC) role
service provides a more secure method for local authentication of users in branch
locations by using a read-only replica of your domain controller database.
• Server-based BitLocker Drive Encryption. With Windows Server 2008 the
Microsoft BitLocker™ drive encryption feature provides enhanced protection against
data theft and exposure of server hardware if the server is lost or stolen. This helps to
protect valuable server data that is based at a branch site.
• Server Core installation option. The componentized Server Core installation option
enables minimal installations where only the server roles and features you require
are installed, which reduces maintenance and decreases the available attack surface
of the server. This option provides an excellent small footprint operating system for a
branch site server.
• Windows Server 2008 Hyper-V™ technology. The Windows Server 2008 Hyper-V
server role is the next-generation hypervisor-based server virtualization technology
and enables you to virtualize server roles as separate virtual machines (VMs) running
on a single physical computer, without the need to buy third-party software. This role
enables you to consolidate servers and use hardware more efficiently across your
branch infrastructure.
• Terminal Services. The new Terminal Services (TS) RemoteApp and TS Web
Access roles in Windows Server 2008 enable programs that are accessed remotely
to be opened with just one click and appear as if they are running seamlessly on the
end user's local computer. This can provide an excellent user experience for branch
based users. Additionally the new TS Gateway role service helps to provide secure
remote access to Windows-based programs through firewalls, without the need for a
virtual private network.
• Networking Enhancements. Windows Server 2008 has a new TCP/IP stack that
includes features such as auto tuning and compounding to better utilize a network
with low bandwidth and high latency. Additionally Windows Server 2008 includes a
new version of the file copy protocol SMB which in turn provides optimizations for a
much richer user experience even in locations that are often connected by unreliable,
low bandwidth, and high latency links.
Where applicable, these features have been introduced into the BOIS service design
guides to enable you to enhance the service designs that are based on the BOIS
infrastructure guidance.
Note Windows Server 2008 includes many enhancements for other roles. However because
these enhancements have less impact on the branch infrastructure design, they have not been
included in this list. For more information about these and the other new features in Windows
Server 2008, see "Windows Server 2008," at
http://www.microsoft.com/windowsserver2008/en/us/whats-new.aspx

The Branch Balancing Act

Designing branch solutions that meet the requirements of the branch site-based users
without excessive cost to the organization's IT infrastructure is challenging.

Solution Accelerators microsoft.com/technet/SolutionAccelerators

BOIS Getting Started 5

Figure 2. The branch balancing act.

As Figure 2 shows, the designer is trying to balance two basic approaches to branch
design. Centralizing services typically lowers costs but increases the problems that are
typically associated with wide area network (WAN) links namely, utilization, performance
(latency) and availability.
Providing more services at the branch to improve the branch users' experience can
increase the setup and maintenance costs and degrades performance
A distributed approach typically provides the best branch user experience but also has a
significant impact on both the complexity and cost of implementing and maintaining the
branch infrastructure in these situations. So a balancing act is required, the designer
must consider the requirements of the branch applications and users, and balance those
requirements against the budget and WAN capabilities of the branch sites.
There are three key elements that lead to three questions, which the developer can use
to help with this balancing act, and these are:
• Service centralization. Which services can I centralize to help lower the costs of
managing the branch sites?
• Server standardization. Can I create a small number of standard server builds that
will support the requirements of the organization?
• Server consolidation. What services can I consolidate onto which physical servers?
Taken together, service centralization, server standardization, and server consolidation
represent a realistic way to streamline branch site design. The balancing acts required to
deliver the most appropriate solution can be challenging, but the solution can provide
sizable returns to the business and significantly improve the user experience at these
branch sites.

Service Centralization
Determining which services can be centralized requires an understanding of all the
impacts of centralization on branch services, especially effects on the users and any
customers of the branch sites that depend on those services. A single factor can have
both positive and negative impacts. For example, upgrading WANs to facilitate
centralization of services can improve user productivity if it reduces the time that is
required to access centralized services that already reside in the hub site. However, the

Solution Accelerators microsoft.com/technet/SolutionAccelerators

6 BOIS Getting Started

productivity impacts related to centralizing services that previously resided at the branch
site could negate the productivity gains.
To understand all of the impacts, you must analyze the effects of centralizing each
service, especially the following:
• The negative impacts to productivity caused by low-bandwidth and high-latency
network links (compared to local area network).
• The negative impacts on the core business of the branch site caused by the lack of
network availability and reliability for the services that require it.
These impacts must then be balanced against the TCO and other business factors that
are driving the streamlining effort, as well as against any productivity gains that might be
realized in other areas that are related to the streamlining of this service. This balancing
act is an ongoing part of the design and planning processes. The result of your
assessment may be that some services must continue to run in the branch office. As new
technologies become available that facilitate centralization by reducing the impacts on
productivity and other aspects of the user experience, the number of services that must
reside in the branch office can be reduced. For example, the read only domain controller
feature in Windows Server 2008 enables users at the branch site to authenticate to a
local server. RODCs prevent changes made at branch locations from potentially polluting
or corrupting your AD DS forest via replication.

Server Standardization
Each server that is added to an environment has an initial purchase cost and an ongoing
management cost. If a branch office environment grows organically, each server is likely
to have a significant number of hardware, software, and configuration requirements that
are unique to that site. This places a significant burden (and cost) on the IT department to
manage. By designing standards into the solution, an IT department can help to reduce
this burden and therefore reduce its ongoing support costs.
BOIS provides a standard service design methodology that helps you to evaluate the
requirements of different branch offices in the same way and therefore helps you to
identify which sites can be supported with the same server configurations.

Server Consolidation
Server consolidation is one of the most effective methods of streamlining branch
services. Consolidating services on fewer servers can make it easier, faster, and more
cost effective to deploy hardware and software, as well as making it possible to
significantly reduce ongoing management costs for branch office infrastructures.
Consolidation of services can require a significant investment in new hardware and
software, as well as time and effort to make the changes that are required to enable
some services to coexist with other services on a single server.
Server consolidation through virtualization is an important consideration for organizations
that have constrained budgets and limited administrative resources in the branch.
Windows Server 2008 is available with Hyper-V, the next-generation hypervisor-based
virtualization technology from Microsoft. Hyper-V helps organizations to meet several
business challenges and provides the following benefits for the branch infrastructure
design:
• Virtualization and consolidation of server roles as separate VMs that run on a
single physical machine, without the need to buy third-party software
• Support for different operating systems, such as Windows, and Linux
• Simple virtual system migration from one physical host server to another

Solution Accelerators microsoft.com/technet/SolutionAccelerators

BOIS Getting Started 7

• Clustering of Windows Server virtualization (WSv) hosts or VMs that run on WSv
hosts, and backup of VMs while they are running, to keep your virtualized servers
highly available
• New management tools and performance counters make virtualized
environments easier to manage and monitor
• Virtual Machine Snapshot support to easily revert back to a previous state
• Enhanced performance and security over previous server virtualization products
• Improved storage access with support for storage area networks (SANs) and
internal disk access
For more information about server virtualization and consolidation, see the Server
Virtualization and Consolidation page.
As with service centralization and server standardization, server consolidation is a
balancing act—in this instance, though, it is more a matter of balancing initial costs
against long term gains, not just cost versus impacts.

Summary
This guide provides an introduction to the foundation on which BOIS is built and
describes the guides that will help you to determine how best to approach the design of
the individual services in your branch infrastructure implementation. The technologies
introduced by Windows Server 2008 have a significant benefit to the various services and
components of a branch office solution. Helping you to understand how these
technologies will influence the design of each service in your branch infrastructure is the
major goal of BOIS.
The information provided in this guide is the starting point for the design of your Windows
Server 2008-based branch office infrastructure solution. Check back with the BOIS Web
site often to receive additional news, guidance, and information about branch office
design.

Additional Resources
For more information about the topics and technologies described in this guide, see the
following resources:
For more information and guidance about BOIS, see:
www.microsoft.com/branchoffice

For more information about the features that are available in Windows Server 2008, see
the Windows Server 2008 TechCenter at:
http://technet.microsoft.com/en-us/windowsserver/2008/

For more information about reduced profile server core installations, see the Server Core
Installation Option for Windows Server 2008 Step-by-Step Guide at
http://go.microsoft.com/fwlink/?LinkID=105293

For more information about server virtualization in Windows Server 2008, see the
Windows Server 2008 Hyper-V TechCenter at
http://go.microsoft.com/fwlink/?LinkId=101268

Solution Accelerators microsoft.com/technet/SolutionAccelerators

8 BOIS Getting Started

Feedback
Please direct questions and comments about this guide to satfdbk@microsoft.com.

Solution Accelerators microsoft.com/technet/SolutionAccelerators