4-page Case Study - Posted 6/3/2008
Views: 239
Rate This Evidence:
Financial Services Company Improves Remote Operations with New IT System
Macquarie Group Limited provides retail banking, investment advice, loans, and other financial services on multiple continents. The Australia-based firm has more than 12,000 employees spread across more than 80 offices worldwide. To stay agile as it moves into new markets, Macquarie Group Limited became an early adopter of Windows Server® 2008. By using the new Read-Only Domain Controller (RODC) feature, Macquarie Group Limited expects to allow employees in remote offices to perform routine administration tasks without exposing critical domain functions. Macquarie Group Limited anticipates that Windows Server 2008 will help enhance security at remote locations, simplify tasks associated with maintaining a highly dispersed corporate IT system, and improve the availability of data. The solution is also expected to streamline the incorporation of acquired companies into the corporate network.
 |
Windows Server 2008 helps Macquarie operate … our remote offices more securely and efficiently than we could in the past.  |
|
|
Phillip Dundas
Technical Team Lead, Windows Server Group, Information Technology Group
Macquarie Group Limited |
|
|
Situation
Based in Sydney, Australia, Macquarie Group Limited is the parent company for diversified businesses offering different types of financial services, including investment and advisory services, commercial and retail banking, loans and credit services, , and custom banking solutions and products for businesses. The company employs more than 12,000 people working in more than 80 locations in Australia, New Zealand, Asia, Europe, the Middle East, Africa, and the Americas. More than 30 percent of the company’s employees work outside its main offices, which are located in Sydney, Hong Kong, London, and New York.
Macquarie Group Limited has adopted a growth strategy of gradually expanding into markets where its particular skills and expertise can attract long-term clients. Through this approach, the company has the flexibility to enter new sectors and regions as opportunities arise and to respond to the needs of individual customer segments.
This strategy requires Macquarie Group Limited to maintain a highly stable and secure IT infrastructure for its remote offices. To serve its customers and connect its dispersed offices and employees, the company has about 16,000 workstations and portable computers running the Windows® XP operating system, 1,600 server computers running the Windows Server® 2003 operating system, and regional data centers in Sydney, New York, Hong Kong, and London.
Although the infrastructure has served Macquarie Group Limited well, upper management and IT staff sought technology enhancements that would support the agility needed to advance into new markets and quickly incorporate new businesses. At the same time, the IT department wanted to boost the overall performance of its remote office technology. In particular, it wanted to enhance the security and availability of remote office data.
“Securing and managing remote office technology has always been a challenge,” says Phillip Dundas, Technical Team Lead for the Windows Server Group in the company’s Information Technology Group. “For example, we currently maintain two different servers at each location, one as a domain controller and one for other services such as file and print. While this design provides good redundancy, it also adds a layer of cost and complexity to managing the remote offices. Additionally, we wanted to improve procedures for replicating data in the event that a remote office server is physically compromised.”
Solution
To improve its strategic position in various markets and provide its remote offices with better technology, Macquarie Group Limited deployed Windows Server 2008 Standard in a pilot program.
The company is using the software’s new features, particularly the Read-Only Domain Controller (RODC) option for Active Directory® Domain Services. The RODC feature is expected to help Macquarie Group Limited deploy domain controllers more securely in locations where physical security may be less than what it is in a data center.
|
We wanted to improve procedures for replicating data in the event that a remote office server is physically compromised. |
|
|
Phillip Dundas
Technical Team Lead, Windows Server Group, Information Technology Group
Macquarie Group Limited |
|
|
An RODC allows the company to assign a local administrator role to remote office employees without having to grant them user rights for the domain or forest.
By using the RODC option, the headquarters IT staff can allow a local user to log on to and perform maintenance work on the server—such as upgrading a driver—without exposing other administrative functions in the domain. This helps to provide a flexible administration model while enhancing security, especially in remote offices where some local control or maintenance may be needed while the central network and servers are protected.
The company’s IT department in Sydney began planning for the deployment of Windows Server 2008 in early 2007, and it started initial deployment of the prerelease software in September 2007. Macquarie Group Limited plans to upgrade servers to Windows Server 2008 wherever possible, a process that will depend on factors such as the availability of supporting utilities and the support of independent software vendors across the various regions.
Benefits
Macquarie Group Limited IT administrators expect that Windows Server 2008 will help them enhance security while simplifying deployment of servers to remote offices. They also anticipate that the availability of data at remote offices will be improved. In addition, the IT department expects that the features of Windows Server 2008 will help the company incorporate new acquisitions into the IT infrastructure faster than it could in the past.
Enhanced Security for Remote Offices
Macquarie Group Limited plans to use the RODC feature in Windows Server 2008 to enhance security in its remote offices. “We believe the Read-Only Domain Controller feature in Windows Server 2008 should deliver a clear benefit for running our remote operations,” says Dave Page, Windows Architect in the Windows Server Group at the company’s Infrastructure Technology Group. “The RODC feature allows us to give someone in a remote office the right to log on to a domain controller without giving that person access to the writable domain controller. That should help us minimize the security risk to our Active Directory forest, while providing us with more peace of mind in the event that there is a security breach involving our servers.”
Faster Deployment of Servers
The RODC feature should also help reduce the administrative work involved in deploying new servers to the remote offices. “With Windows Server 2003, you have to be a domain administrator to join a server to the Active Directory domain. That limits the number of people who can be involved in a deployment,” says Page. “Now we anticipate establishing accounts with fewer privileges, which would allow us to outsource the setup of new servers to locally based third-party vendors. The Read-Only Domain Controller feature in Windows Server 2008 should allow us to save on shipping and flights to remote offices during deployments, and should make it possible for us to deploy new servers in days instead of weeks.”
Improved Availability of Data
The IT department chose Windows Server 2008, in part, to take advantage of the gains in reliability and availability of data at remote offices. “There is still a perception in the financial services industry that UNIX is the only operating system that can provide the kind of system reliability and data availability demanded by the industry,” says Dundas. “We use Windows-based systems extensively at Macquarie, and we’ve found that with every new edition of Windows Server, there is a considerable jump in stability and performance.”
He continues, “With Windows Server 2008, we expect to see extremely strong reliability and the kind of availability for data that our remote offices and their customers need. In our initial deployment work, we’ve experienced zero downtime. The overall performance and availability features in Windows Server 2008 are inspiring a lot of confidence in both the IT staff and senior managers, many of whom have strong backgrounds in UNIX, midrange, and mainframe computing.”
Easier Integration of Acquired Companies
Macquarie Group Limited is expanding quickly, with a good portion of its growth occurring through acquisitions of other companies. Integrating these businesses and their remote offices into the parent company’s corporate infrastructure will be easier with Windows Server 2008.
“Every time we acquire a company and start to incorporate its remote offices into Macquarie, there is a long process to go through involving establishment of file and print services, e-mail, and domain controller authentication,” says Dundas. “With Windows Server 2008, the security provided by features such as the Read-Only Domain Controller should help us set up new offices more quickly and easily than before.”
Macquarie Group Limited expects Windows Server 2008 to help the company in its goal of growing new markets while keeping its IT infrastructure lean. “With Windows Server 2008, the performance and functionality of security features and basic services such as file and print sharing are all enhanced,” Dundas says. “Windows Server 2008 should be able to help Macquarie operate our remote offices more efficiently and securely than we could in the past.”
For More Information
For more information about Microsoft products and services, call the Microsoft Sales Information Center at (800) 426-9400. In Canada, call the Microsoft Canada Information Centre at (877) 568-2495. Customers who are deaf or hard-of-hearing can reach Microsoft text telephone (TTY/TDD) services at (800) 892-5234 in the United States or (905) 568-9641 in Canada. Outside the 50 United States and Canada, please contact your local Microsoft subsidiary. To access information using the World Wide Web, go to:
http://www.microsoft.com/
For more information about Macquarie Group Limited products and services, call (61) 2 8232 3333 or visit the Web site at:
http://www.macquarie.com.au/
Windows Server 2008
Windows Server 2008, with built-in Web and virtualization technologies, enables you to increase the reliability and flexibility of your server infrastructure. New virtualization tools, Web resources, and security enhancements help you save time, reduce costs, and provide a platform for a dynamic and optimized datacenter. Powerful new tools like IIS 7.0, Server Manager, and Windows PowerShell™, allow you to have more control over your servers and streamline Web, configuration, and management tasks. Advanced security and reliability enhancements like Network Access Protection and the Read-Only Domain Controller option for Active Directory Domain Services harden the operating system and help protect your server environment to ensure you have a solid foundation on which to build your business.
For more information, go to:
www.microsoft.com/windowsserver2008
This case study is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.
Document published February 2008
