RCM Capital Management LLC, as a global investment organization, operates a distributed global network of six offices: one in San Francisco, London, Frankfurt, Hong Kong, Sydney, and Tokyo. The San Francisco office has approximately 250 users, 350 Windows®-based workstations, and 100 Windows-based servers. Windows® XP Service Pack 2 (SP2) is the current standard operating system for desktop computers and laptops, and Windows® 2000 Server and Windows Server® 2003 are the standard server operating systems. In addition, Active Directory® directory service provides the core directory and network authentication services, Microsoft® Exchange Server 2003 provides the messaging platform, Microsoft® Office Live Communications Server 2005 provides a real-time communication platform, and Microsoft®
Office SharePoint® Portal Server 2003 provides portal and collaboration services. The office uses Cisco Technologies for the core router and switch infrastructure.
Because RCM’s business area is financial services, security is of the utmost importance and affects all employees. Providing both wired and wireless network authentication access, and client health evaluation and validation has been a priority for the company in order to decrease threats of unauthorized access to the network.
For example, RCM needs to make sure that mobile devices stay compliant with security guidelines while users are traveling. It also needs a way to remediate noncompliant devices so that users can access important network resources. In addition, outside users—such as partners, vendors, and suppliers—need to access some of the company’s network resources without compromising network security by propagating viruses and other malicious software.
RCM currently uses McAfee Antivirus software. However, the company needed a solution for ensuring that endpoints are healthy enough to connect to the network.
RCM evaluated McAfee Network Access Control (NAC) and Windows Server 2008 NAP as a solution. Based on a combination of factors—cost of software, cost of third-party skills, interoperability capability, and performance—the company chose Windows Server 2008.
Cost, however, was the greatest determining factor. “With NAP built in to the Windows Server 2008 platforms the cost of deploying and supporting the solution will be significantly less than using a third-party ISV,” says Mike Carollo, Chief Engineer at RCM Capital Management LLC.
RCM manually installed Windows Server 2008 Enterprise on three new servers to create a NAP infrastructure. The company’s technology partner, Allin Consulting, assisted with the design and implementation of the infrastructure.
The primary benefits to deploying Windows Server 2008 NAP at RCM are increased security and reduced costs.
Detailed benefits include:
* Decreased need for IT staff to manage and recover from network attacks
* Increased potential for sales through more clear communication with partners
* Improved productivity through successful remediation efforts to maintain network access and connectivity for devices
Windows Server 2008
Windows Server 2008, with built-in Web and virtualization technologies, enables you to increase the reliability and flexibility of your server infrastructure. New virtualization tools, Web resources, and security enhancements help you save time, reduce costs, and provide a platform for a dynamic and optimized datacenter. Powerful new tools like IIS 7.0, Server Manager, and Windows® PowerShell, allow you to have more control over your servers and streamline Web, configuration, and management tasks. Advanced security and reliability enhancements like Network Access Protection and the Read-Only Domain Controller option for Active Directory Domain Services harden the operating system and help protect your server environment to ensure you have a solid foundation on which to build your business.
For more information, go to:
This case study is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.
Document published March 2008