Retailer Expects to Improve Network Security

Comments

Transcription

Retailer Expects to Improve Network Security
Retailer Expects to Improve Network Security
and Cut Both Costs and Carbon Emissions
Overview
Country or Region: United Kingdom
Industry: Retail
Customer Profile
The John Lewis Partnership includes
department stores and supermarkets.
With more than 68,000 employees, the
company had consolidated revenue of
£5.7 billion (U.S.$11.4 billion) in fiscal
year 2006.
Business Situation
The John Lewis Partnership wanted to
continue the improvement of its IT
operations by enhancing security,
increasing productivity, and cutting costs.
Solution
The company deployed Windows Server®
2008 and plans to take advantage of the
new Read-Only Domain Controller
feature.
Benefits
 Reduces costs
 Supports company initiative to reduce
carbon emissions
 Increases productivity and security
 Enhances disaster prevention
 Optimizes foundation
“Windows Server 2008 will help us save money and
improve the security and manageability of our
infrastructure now and in the future.”
Tony Godwin, PC Systems Architect, John Lewis Partnership
The John Lewis Partnership was founded in London 143 years
ago. The company, which operates John Lewis department
stores and Waitrose supermarkets, had consolidated its diverse
IT infrastructure over several years, which included installing
Windows Server® 2003. It wanted to take the next step to
improve its network operations. In 2007, the company evaluated
Windows Server 2008 features, including new security
enhancements. It plans to deploy the Read-Only Domain
Controller option to more than 200 remote sites. With the new
solution, the John Lewis Partnership anticipates that it will be
able to remove at least one server from each remote site. The
company expects to improve security, increase productivity, and
reduce energy consumption and costs.
“We gained significant
benefits from an early
Windows Server 2003
deployment and
wanted to establish
whether an early
adoption of Windows
Server 2008 offered
similar advantages.”
Tony Godwin, PC Systems Architect,
John Lewis Partnership
Situation
The John Lewis Partnership was founded by
John Spedan Lewis, who believed that his
company’s unique ownership structure,
which makes each employee a business
partner, is the foundation for success. From
a single small shop that opened on Oxford
Street in London in 1864, the partnership
has grown to include 26 John Lewis
department stores and 187 Waitrose
supermarkets. As one of the United
Kingdom’s top 10 retailers, the John Lewis
Partnership has two head offices, several
distribution sites, and more than 68,000
employees. In fiscal year 2006, the
company’s consolidated revenue was £5.7
billion (U.S.$11.4 billion).
Prior to 2006, the John Lewis Partnership IT
infrastructure included a workgroup in each
of its 187 supermarkets. The company
consolidated this infrastructure by adding
its supermarkets to its existing Windows
Server® 2003 Active Directory® domain,
which was already deployed at its
headquarters and department store
branches. This single forest now contains
2,000 server computers running the
Windows Server 2003 operating system
and 17,000 workstations running the
Windows® XP operating system. The
Windows XP Embedded operating system
was installed on an additional 5,500 devices
for point-of-sale applications in the
retailer’s branches.
The John Lewis Partnership also turned to
Microsoft® Operations Manager 2005 to
monitor all remote domain controllers,
which now number more than 250. The
company was pleased that Operations
Manager 2005 identified potential
problems and helped IT staff resolve issues
before they affected users.
In 2007, as the company analyzed its
operations, IT staff recognized that domain
security and disaster prevention techniques
were areas that could be enhanced. IT staff
also wanted to find ways to conserve power
usage and save money as part of the
company’s initiative to reduce carbon
emissions.
Solution
The John Lewis Partnership decided to
participate in the Microsoft Rapid
Deployment Program for Windows Server
2008. “We have a commitment to Microsoft
products, so we set out early to look at
what Windows Server 2008 could give us,”
explains Tony Godwin, PC Systems
Architect at the John Lewis Partnership.
“We gained significant benefits from an
early Windows Server 2003 deployment
and wanted to establish whether an early
adoption of Windows Server 2008 offered
similar advantages.”
In August 2007, the company deployed
Windows Server 2008 Standard in a test
environment that replicated its production
infrastructure. The IT staff tested Windows
Server 2008 over several months in a
reference branch that mirrored a retail
store and made plans to move it gradually
into production.
The John Lewis Partnership was particularly
interested in the Read-Only Domain
Controller (RODC) feature of Windows
Server 2008. It planned to install an RODC
in the first of the company’s live branch
offices in early 2008. An RODC hosts readonly partitions of the Active Directory
Domain Services database and will cache
only the passwords that have been
configured, which makes it ideal for remote
John Lewis Partnership locations where
physical security cannot be guaranteed.
RODCs also meet the company’s criteria for
enhancing disaster prevention.
“We want the agility,
flexibility, and security
that we will get from
Windows Server 2008
and System Center
products. That is very
important to us.”
Tony Godwin, PC Systems Architect,
John Lewis Partnership
The company will maximize the potential of
the RODC by consolidating it with an
existing branch infrastructure server
providing the Dynamic Host Configuration
Protocol service, a client and server
deployment mechanism, and Microsoft
Systems Management Server 2003
functions. This will be made possible by
delegating management of the RODC to
nonadministrator accounts and ultimately
will allow the John Lewis Partnership to
remove one server from each of the
company’s branches.
In March 2008, the company will begin
installing products in the Microsoft System
Center family, including Microsoft System
Center Configuration Manager 2007 to
simplify system deployment, task
automation, and compliance automation,
and System Center Operations Manager
2007 to improve IT monitoring and
reporting.
Benefits
By deploying Windows Server 2008, the
John Lewis Partnership expects to see
benefits that include reduced costs,
increased productivity, improved security,
and enhanced disaster prevention. The
company also anticipates that the new
solution will easily accommodate future
enhancements.
Reduced Costs
With Windows Server 2008 and the RODC
option, the John Lewis Partnership can
streamline its Active Directory
infrastructure. Windows Server 2008
supports hardware advancements including
64-bit processing and addressing,
multicore processors, and larger caches. As
a result, the company expects to reduce the
number of data center domain controllers
from 16 to eight.
IT staff expect branch domain controller
and infrastructure server consolidation will
allow the removal of at least one server
from each remote site. This will save
approximately £40,000 annually
(U.S.$79,881) in maintenance costs alone.
Additionally, the company plans to double
in size over the next 10 years. The ability to
deploy a smaller number of servers in each
branch could save £500,000 (U.S.$980,392)
in hardware costs. Finally, because IT staff
will be able to modify power management
settings and build a custom power plan
using Group Policy in Windows Server
2008, the company also will be able to
more efficiently control its clients and
servers, which will help it reduce power
bills.
Increased Productivity
Windows Server 2008 improves the
productivity of IT engineers at the John
Lewis Partnership, who have been required
to build new domain controllers as newly
acquired branches are established. The
company expects to use the RODC feature
to reduce by one day the amount of time it
takes IT staff to add a new branch to the
network.
IT administrators also expect to increase
productivity because the RODC includes a
feature that allows domain controller
installation and management to be
delegated to nonadministrative personnel
at a branch office.
Enhanced Security and Disaster
Prevention
The John Lewis Partnership was concerned
about the risks of running writeable
domain controllers in branches. Installing
the RODC option on its branch domain
controllers allows an authorized branch
user to effectively manage the RODC while
reducing the security risk to the company’s
Active Directory forest. An RODC does not
cache any passwords by default, but it may
be configured to cache certain passwords
to ensure it can service authentication
requests in the event of a network outage.
In such cases, an RODC can be configured
to store only the passwords of the users
and computers in a particular branch, so
only those passwords are at risk should the
RODC be compromised.
By deploying Windows Server 2008 RODCs,
the John Lewis Partnership also reduces the
risk of unplanned updates to or malicious
corruption of Active Directory replicating
throughout the forest.
Optimized Foundation for the Future
The John Lewis Partnership plans to use
Windows Server 2008 and System Center
products as the foundation for optimizing
its IT infrastructure. “We want the agility,
flexibility, and security that we will get from
Windows Server 2008 and System Center
products,” says Godwin. “That is very
important to us.”
The company is also evaluating the Server
Core installation option of Windows Server
2008 to reduce server maintenance and
management requirements.
“Windows Server 2008 will help us save
money and improve the security and
manageability of our infrastructure now
and in the future,” says Godwin.
For More Information
Windows Server 2008
For more information about Microsoft
products and services, call the Microsoft
Sales Information Center at (800) 4269400. In Canada, call the Microsoft
Canada Information Centre at (877) 5682495. Customers who are deaf or hardof-hearing can reach Microsoft text
telephone (TTY/TDD) services at (800)
892-5234 in the United States or (905)
568-9641 in Canada. Outside the 50
United States and Canada, please contact
your local Microsoft subsidiary. To access
information using the World Wide Web,
go to:
www.microsoft.com
Windows Server 2008, with built-in Web
and virtualization technologies, enables you
to increase the reliability and flexibility of
your server infrastructure. New
virtualization tools, Web resources, and
security enhancements help you save time,
reduce costs, and provide a platform for a
dynamic and optimized datacenter.
Powerful new tools like IIS 7.0, Server
Manager, and Windows PowerShell™, allow
you to have more control over your servers
and streamline Web, configuration, and
management tasks. Advanced security and
reliability enhancements like Network
Access Protection and the Read-Only
Domain Controller option for Active
Directory Domain Services harden the
operating system and help protect your
server environment to ensure you have a
solid foundation on which to build your
business.
For more information about the John
Lewis Partnership, call 020 7592 6110 or
visit the Web site at:
www.johnlewispartnership.co.uk
For more information, go to:
www.microsoft.com/windowsserver2008
Software and Services

This case study is for informational purposes only.
MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED,
IN THIS SUMMARY.
Document published February 2008
Microsoft Server Product Portfolio
− Windows Server 2008 Standard
− Microsoft Operations Manager 2005
− Microsoft System Center
Configuration Manager 2007
− Microsoft System Center Operations
Manager 2007
− Microsoft Systems Management
Server 2003

Technologies
− Active Directory
Hardware

IBM System x server computers

Similar documents