When your business is small and your budget is tight, you
may press consumer and/or open source/freeware solutions into service for
starting your network. If you only have a few systems and your security needs
aren’t great, you can get by with networking your Windows workstations in a
peer-to-peer configuration. You may even “cheat” a little by setting
up one Windows client computer as a file server so you can have the advantages
of centralized data storage and backup without the administrative requirements
and high software costs of implementing a Windows domain.

You might use a low-cost software firewall solution to
protect the LAN, such as a Linux machine running ipchains
(a simple packet filtering firewall), iptables/Netfilter
(a stateful firewall included in versions 2.4.x of
the Linux kernel), Firestarter (a “donationware” graphic firewall for Linux) or one of
many low-cost commercial Linux firewalls. Or you might use the Internet
Connection Firewall built into Windows XP (and upgraded to Windows Firewall by
Service Pack 2). Or you might use a relatively low-end and low-cost firewall
appliance such Cisco’s PIX 500 series, WatchGuard’s
SOHO series, or SonicWall’s TZ models.

But as the business begins to grow, you’re likely to want
and need the features provided by more robust “real server” operating
systems and more sophisticated application layer filtering firewalls. Then you
have a choice to make: should you go with lower cost alternatives designed for
(and possibly limited to) small business use, or should you invest more money
in software and/or hardware that can support growing far beyond your current

Small Business Server or “full fledged” Windows

There are two ways to run a Windows network: peer to peer
(where “all the computers are created equal” and there is no
centralized security accounts database) or Windows domain (where there is an
authentication server called a domain controller that provides centralized
security and management of the users and computers on the network). The peer to
peer model works for a few computers, but security is much lower and
administration becomes a nightmare as the number of computers increases.

If you’re ready to move from a peer to peer network to a
domain, you’ll need at least one computer running the Windows Server operating
system. The least expensive way to do this for a network of
fewer than 75 users is to purchase Microsoft’s Small Business Server (SBS)
2003. For only $599, you not only get the Windows Server 2003 operating
system with the IIS web server, remote access server and SharePoint
Services for web-based collaboration, you also get the Microsoft Exchange email
server. For a little more ($1499), you also get Microsoft’s SQL database server
and the Microsoft Internet Security and Acceleration (ISA) server firewall/web
caching solution.

This is quite a deal, since buying all these products as
standalones would cost far more:

  • Windows
    Server 2003 Standard Edition: $999 with 5 CALs
  • Microsoft
    Exchange Server 2003 Standard Edition: $699 (must also buy CALs for clients)
  • Microsoft
    SQL Server 2005 Standard Edition with 5 CALs:
  • Microsoft
    ISA Server 2004 Standard Edition: $1499 per processor

That’s a total of $5046! If you’re wondering “what’s
the catch?” well here it is: SBS is limited to 75 logged on users. That
means if/when your company grows beyond that level, you’ll probably need to
trade it in for the “real” Windows Server OS and separate server

[Note: There’s a
less expensive edition of Windows Server 2003, Web Edition, for $399 – but it’s
for use as a Web server only and cannot function as a domain controller.]

Standard vs Enterprise

The prices given above are for the Standard editions of each
product. However, if your business grows really large, you may need the features
of the Enterprise editions, which cost considerably more:

  • Windows
    Server 2003 Enterprise Edition: $3999 with 25 CALs
  • Microsoft
    Exchange Server 2003 Enterprise Edition: $3999 (must also buy CALs for clients)
  • Microsoft
    SQL Server 2005 Enterprise Edition: $24,999 with 25 CALs
  • Microsoft
    ISA Server 2004 Enterprise Edition: $5999 per processor

If you’re still looking at this from the perspective of a
small business, these big numbers may make you a little dizzy. And you’re
probably wondering what you should do: low-ball it and go with SBS (and then
perhaps have to shell out again soon for the separate products if your business
grows fast), go ahead and invest in the Standard Editions to begin with, or (if
your small business is one of those rare ones that has plenty of extra cash on
hand) spring for the Enterprise editions so you’ll be able to use them no
matter how big the company gets?

Balancing cost and scalability

There is no “one size fits all answer” for all
businesses. That’s why Microsoft gives you lots of options. If you anticipate
that it’ll be several years before your business reaches the 75 user level and
you don’t want to hire a full time IT administrator, and you’re operating on a
tight budget, SBS might be your best choice at this time. It will serve your
basic needs and comes with a lot of extra wizards to simplify the setup and administration

However, in addition to the limit on the number of users,
SBS has some other limitations and drawbacks. One of the biggest is security.
It’s a recognized best security practice not to run additional server services
(Web server, email server, database server, etc.) on a domain controller.
That’s because the DC holds the Active Directory with all the
domain’s security accounts information–if a domain controller is compromised,
you have a real problem. And every server service that you run on a machine
makes it more vulnerable to attacks and intrusions.

Yet SBS is designed to run all these services on a single
computer. That saves you money on both the software and hardware – but that
savings comes at the price of security.

In fact, another of SBS 2003’s limitations came about for
security reasons: you can’t run Windows Terminal Services as an application
server on the SBS machine. It’s supported by Windows Server 2003 Standard and
Enterprise editions.

Because of SBS’s limitations, many
small businesses bypass it altogether and start with the Standard Edition
server products. While this may be the smartest way to go, especially if your
business shows signs of growing quickly, going it one better and buying the
Enterprise editions while the business is small may not be such a good idea. Although
it’s definitely the most scalable of the three, we’re talking about tens of
thousands of extra dollars here, and even if the company grows very large, you
may not ever need the extra features that the Enterprise editions provide. And
even if you do, you will probably still need additional servers on the network
that don’t require Enterprise features, so you’d still be able to use your
Standard Edition servers along with new Enterprise edition machines.

And you have to remember that software is constantly being
replaced with new versions. By the time you’re ready for Enterprise features,
the next generation of Windows Server (now code named Longhorn Server) may be
on the market, with desirable features that Server 2003 doesn’t have.