Cloud Domain Controller

VPPrior to the cloud-computing revolution the professional environment of the corporate offices was built around non- Cloud Domain Controllers typically running a Windows Server product on premises. For roughly 20 years corporations have relied on large domain networks of servers and workstations orchestrated by Active Directory services to provide a centrally managed solution. SMB's typically settled with one or two servers, frequently choosing Microsoft's Small Business Server (SBS) product. SBS came with a reasonable price tag and contained most of the features available to larger corporate environments. In later years the clouds brought an array of very attractive features for businesses with 5-100 employees:

  • option to run office networks without a server
    • it lowers the cost to roll-out the network (capital investment)
    • server administrator role is outsourced as the "server administrator" is hidden in the cloud which diminishes the cost of staff
  • the burden of backups and stress of dealing with malfunctions is outsourced
    • As a side note, the issue here is that in the case of an outage with a cloud service providerone has zero options to find a remedy. It all hinges on the cloud provider’s ability to restore service with may or may not be something they transparently communicate.
  • Better accessibility, for example: Dropbox or Google Drive files can be accessed on desktops, mobile devices or via web
  • Monthly billing arrangement and options to migrate away vs a commitment for 4-7 years (typical life-span of a server)
  • Multi-branch deployments

Now, what would you lose if there is no Domain Controller?

  • Active Directory: one pair of Username-Password (or one set of login credentials) for each staff member that administrators use to maintain order in Data and Infrastructure of the organization:
    • Orchestrate permissions to access / write files
    • Manage rights to access computers and equipment
    • Read and add to other folks' calendar events 
    • Remote access to Email (Hosted Exchange) or Remote Desktop
    • Email synchronization with mobile devices
    • track security
  • Local fast access to shared files for collaboration
    • (Cloud file synchronization can become a real burden for the network and Internet access because, let's say, 20 computers would essentially act as 20 file servers and even normal rate of file changes can congest an otherwise healthy network. Dropbox LAN-sync helps but it's not a complete remedy)
  • PRIVACY: A huge factor for a lot of people. Nobody enjoys seeing Google Ads on a pet shampoo right after a Gmail email was sent about washing a dog tonight. Sergey Brin and Larry Page would swear that no human would read private messages but Edward Snowden just might beat that naive promise with some factual data. Nation-wide clouds provide ZERO-control on who can access your data and how. A large number of people would argue that the new phenomenon of a so-called "Orwellian state" and giant national Clouds services are bonded very tightly.

Considering the aforementioned points brought above have resulted in development of our hybrid solution:

Cloud Based Domain Controller

Without getting overly technical, we'd like to outline the main principle of our IT solution based on a Private Cloud Server, VPN and onsite Network Attached Storage. Additionally, we would also illustrate how the Cloud Active Directory technology managed to preserve all key advantages of an Onsite Domain Controller while gaining the robust features of the private cloud technologies and dodging aspects that plagued this approach for some organizations due to reasons discussed earlier.

Cloud DC controller

  1.  Local file access is preserved via Local Network Storage which is synchronized with its counterpart - Cloud DC. To provide redundancy and backup functionality, each file can be accessed locally or via the cloud.
  2. All maintenance for the most complex component of the network - Cloud DC Controller - is handled by Allora. In the background our engineers handle Cloud Active Directory Server's monitoring, inspections, updates, maintenance, backup therefore the need to have a highly capable system administrator onsite is greatly reduced. 
  3. Cloud DC hosting in our data-center boasts triple redundancy for Internet connection and more than a week of autonomous power via battery backups and diesel generator. Regular office environment would never have this level of protection against power outages or failures on part of Internet Providers.
  4. Mobile users still have the same remote access to files, emails, groupware systems
  5. Advanced capabilities of the Active Directory in private cloud are 100 percent preserved - user groups, advanced access rights, security permissions, etc.
  6. Cloud file services (Google Drive, OneDrive, etc) turn each workstations into a miniature file server and heavily employ the office's internet connection to upload and download all file changes on ALL workstations. To illustrate: Computer-1 creates a 20MB file on a "cloud drive" and this file is soon uploaded to the cloud and distributed back to "cloud drives" among Computer-2, Computer-3... Computer-20. This approach consumes: 21 x 20MB ~ 0.5GB of storage across the network and consumes just as much bandwidth. The same scenario in case of Cloud DC would result in one Save operation of 20MB to the Local Network Storage on the local network and one Upload operation to Cloud DC. The result is the same: Each local computer and mobile user have access to the file just created by Computer-1 however the consumed space and bandwidth are 20 times less (in case of 20 computer network).
  7. Our Private cloud eliminates the risk of a faceless Microsoft or Google bot snooping through your data or email just to display more relevant Ads. Another good point revolves around a risk of a mass-hacking, just like in recent cases of bulk-theft: credit cards from Target, SSN numbers from the government, etc.
  8. Just like with cloud services the customer can choose to stop the service of Cloud DC controller and this won't result in losing the value of the server which was originally a big capital investment. 

To be fair there are scenarios where a local DC controller might be a necessity:

  •  Organization policy might absolutely insist on having all data stored onsite.
  • There might be legacy server-based products like a QuickBooks server which would only function well over a gigabit LAN. 

After all technical consideration the critical question is the cost. If you to choose to consider Allora's service of providing a Cloud DC for your company our engineers would gladly run a quick comparison between the scenario of a local server and Cloud Domain Controller over the span of 4-7 years.