Retailer Expects to Improve Network Security and Cut Both Costs and Carbon Emissions
Overview
Country or Region: United Kingdom
Industry: Retail
Customer Profile
The John Lewis Partnership includes department stores and supermarkets. With more than 68,000 employees, the company had consolidated revenue of £5.7 billion (U.S.$11.4 billion) in fiscal year 2006.
Business Situation
The John Lewis Partnership wanted to continue the improvement of its IT operations by enhancing security, increasing productivity, and cutting costs.
Solution
The company deployed Windows Server® 2008 and plans to take advantage of the new Read-Only Domain Controller feature.
Benefits
n Reduces costs
n Supports company initiative to reduce carbon emissions
n Increases productivity and security
n Enhances disaster prevention
n Optimizes foundation / “Windows Server 2008 will help us save money and improve the security and manageability of our infrastructure now and in the future.”
Tony Godwin, PC Systems Architect, John Lewis Partnership
The John Lewis Partnership was founded in London 143 years ago. The company, which operates John Lewis department stores and Waitrose supermarkets, had consolidated its diverse IT infrastructure over several years, which included installing Windows Server® 2003. It wanted to take the next step to improve its network operations. In 2007, the company evaluated Windows Server 2008 features, including new security enhancements. It plans to deploy the Read-Only Domain Controller option to more than 200 remote sites. With the new solution, the John Lewis Partnership anticipates that it will be able to remove at least one server from each remote site. The company expects to improve security, increase productivity, and reduce energy consumption and costs.
Situation
The John Lewis Partnership was founded by John Spedan Lewis, who believed that his company’s unique ownership structure, which makes each employee a business partner, is the foundation for success. From a single small shop that opened on Oxford Street in London in 1864, the partnership has grown to include 26 John Lewis department stores and 187 Waitrose supermarkets. As one of the United Kingdom’s top 10 retailers, the John Lewis Partnership has two head offices, several distribution sites, and more than 68,000 employees. In fiscal year 2006, the company’s consolidated revenue was £5.7 billion (U.S.$11.4 billion).
Prior to 2006, the John Lewis Partnership IT infrastructure included a workgroup in each of its 187 supermarkets. The company consolidated this infrastructure by adding its supermarkets to its existing Windows Server® 2003 Active Directory® domain, which was already deployed at its headquarters and department store branches. This single forest now contains 2,000 server computers running the Windows Server 2003 operating system and 17,000 workstations running the Windows® XP operating system. The Windows XP Embedded operating system was installed on an additional 5,500 devices for point-of-sale applications in the retailer’s branches.
The John Lewis Partnership also turned to Microsoft® Operations Manager 2005 to monitor all remote domain controllers, which now number more than 250. The company was pleased that Operations Manager 2005 identified potential problems and helped IT staff resolve issues before they affected users.
In 2007, as the company analyzed its operations, IT staff recognized that domain security and disaster prevention techniques were areas that could be enhanced. IT staff also wanted to find ways to conserve power usage and save money as part of the company’s initiative to reduce carbon emissions.
Solution
The John Lewis Partnership decided to participate in the Microsoft Rapid Deployment Program for Windows Server 2008. “We have a commitment to Microsoft products, so we set out early to look at what Windows Server 2008 could give us,” explains Tony Godwin, PC Systems Architect at the John Lewis Partnership. “We gained significant benefits from an early Windows Server 2003 deployment and wanted to establish whether an early adoption of Windows Server 2008 offered similar advantages.”
In August 2007, the company deployed Windows Server 2008 Standard in a test environment that replicated its production infrastructure. The IT staff tested Windows Server 2008 over several months in a reference branch that mirrored a retail store and made plans to move it gradually into production.
The John Lewis Partnership was particularly interested in the Read-Only Domain Controller (RODC) feature of Windows Server 2008. It planned to install an RODC in the first of the company’s live branch offices in early 2008. An RODC hosts read-only partitions of the Active Directory Domain Services database and will cache only the passwords that have been configured, which makes it ideal for remote John Lewis Partnership locations where physical security cannot be guaranteed. RODCs also meet the company’s criteria for enhancing disaster prevention.
The company will maximize the potential of the RODC by consolidating it with an existing branch infrastructure server providing the Dynamic Host Configuration Protocol service, a client and server deployment mechanism, and Microsoft Systems Management Server 2003 functions. This will be made possible by delegating management of the RODC to nonadministrator accounts and ultimately will allow the John Lewis Partnership to remove one server from each of the company’s branches.
In March 2008, the company will begin installing products in the Microsoft System Center family, including Microsoft System Center Configuration Manager 2007 to simplify system deployment, task automation, and compliance automation, and System Center Operations Manager 2007 to improve IT monitoring and reporting.
Benefits
By deploying Windows Server 2008, the John Lewis Partnership expects to see benefits that include reduced costs, increased productivity, improved security, and enhanced disaster prevention. The company also anticipates that the new solution will easily accommodate future enhancements.
Reduced Costs
With Windows Server 2008 and the RODC option, the John Lewis Partnership can streamline its Active Directory infrastructure. Windows Server 2008 supports hardware advancements including 64-bit processing and addressing, multicore processors, and larger caches. As a result, the company expects to reduce the number of data center domain controllers from 16 to eight.
IT staff expect branch domain controller and infrastructure server consolidation will allow the removal of at least one server from each remote site. This will save approximately £40,000 annually (U.S.$79,881) in maintenance costs alone.
Additionally, the company plans to double in size over the next 10 years. The ability to deploy a smaller number of servers in each branch could save £500,000 (U.S.$980,392) in hardware costs. Finally, because IT staff will be able to modify power management settings and build a custom power plan using Group Policy in Windows Server 2008, the company also will be able to more efficiently control its clients and servers, which will help it reduce power bills.
Increased Productivity
Windows Server 2008 improves the productivity of IT engineers at the John Lewis Partnership, who have been required to build new domain controllers as newly acquired branches are established. The company expects to use the RODC feature to reduce by one day the amount of time it takes IT staff to add a new branch to the network.
IT administrators also expect to increase productivity because the RODC includes a feature that allows domain controller installation and management to be delegated to nonadministrative personnel at a branch office.
Enhanced Security and Disaster Prevention
The John Lewis Partnership was concerned about the risks of running writeable domain controllers in branches. Installing the RODC option on its branch domain controllers allows an authorized branch user to effectively manage the RODC while reducing the security risk to the company’s Active Directory forest. An RODC does not cache any passwords by default, but it may be configured to cache certain passwords to ensure it can service authentication requests in the event of a network outage. In such cases, an RODC can be configured to store only the passwords of the users and computers in a particular branch, so only those passwords are at risk should the RODC be compromised.
By deploying Windows Server 2008 RODCs, the John Lewis Partnership also reduces the risk of unplanned updates to or malicious corruption of Active Directory replicating throughout the forest.
Optimized Foundation for the Future
The John Lewis Partnership plans to use Windows Server 2008 and System Center products as the foundation for optimizing its IT infrastructure. “We want the agility, flexibility, and security that we will get from Windows Server 2008 and System Center products,” says Godwin. “That is very important to us.”
The company is also evaluating the Server Core installation option of Windows Server 2008 to reduce server maintenance and management requirements.
“Windows Server 2008 will help us save money and improve the security and manageability of our infrastructure now and in the future,” says Godwin.
Windows Server 2008
Windows Server 2008, with built-in Web and virtualization technologies, enables you to increase the reliability and flexibility of your server infrastructure. New virtualization tools, Web resources, and security enhancements help you save time, reduce costs, and provide a platform for a dynamic and optimized datacenter. Powerful new tools like IIS 7.0, Server Manager, and Windows PowerShell™, allow you to have more control over your servers and streamline Web, configuration, and management tasks. Advanced security and reliability enhancements like Network Access Protection and the Read-Only Domain Controller option for Active Directory Domain Services harden the operating system and help protect your server environment to ensure you have a solid foundation on which to build your business.
For more information, go to:
www.microsoft.com/windowsserver2008