This sample concept focuses on easy maintenance and independent systems for making future maintenance work much more intuitive and easier. The focus here is on virtualization, meaningful device names, and independent services. On-site maintenance (walking to a specific device) is not a good model for the future of an interconnected IT landscape.
Please also keep in mind the concept of a Navision that is simple and easy to learn and operate. In my 25 years of experience, I have seen many twisted and unnecessarily complicated Navision setups. My rule of thumb is that Navision is at its best when it is simple and fast.
To me, using a central application doesn't make any sense when it requires constant maintenance just to keep it running. A properly functioning Navision system, based on healthy hardware, can typically operate for a few weeks or months without needing an administrator or intervention from a systems provider, which I always consider the objective of any installation.
Legend:
(V) = Can be virtualized easily, but doesn't have to be.
V should absolutely be virtualized.
R cannot be virtualized.
1 (V) Server MS SQL database server (4 processors, 16 GB RAM, SSD) - Exclusively for a productive Navision database. The database and transaction logs should preferably run on separate logical SSDs; they offer the best possible performance at a low cost. If the current SAN does not offer SSDs, a small, exclusive NAS with iSCSI could be used. Naturally, both logical drives should be redundantly equipped, e.g., with RAID1.
1 (V) Server MS SQL
Database server for test and archive databases. 2 processors, 8 GB RAM. Regular, inexpensive hard drives, but lots of them. 2 or 4 TB. Adding more means more versions. It may make sense to install these servers (thanks to inexpensive hard drives) on regular servers. Not much is written to or read from these servers, so you can use generic hard drives, for example, in a RAID 5 cluster.
The reason for having a large amount of available disk space is that an executable copy can be automatically stored in the productive database on this system. There will be one copy for each day of the month, resulting in 31 copies. This allows you to refer back to the respective daily status for up to 31 days in the past at any time for testing purposes (e.g., to see what the program, customer, or G/L account looked like yesterday, the day before yesterday, or on the 15th).the (of last month). This could be expanded by also filing a separate copy for the respective first day of the month. However, this copy could only be opened as needed (a Navision server service must be available for every accessible database).
1 (V) Server Navision client services. (1 processor per 10 users, 2 GB RAM per 10 users + operating system). The server provides Navision services for the Windows Navision clients. Rule of thumb: When the productive SQL Navision database server is virtualized, the corresponding Navision server should also be virtualized, and vice versa.
1 (V) Server Navision App Server. 2 processors, 1 GB RAM + operating system. This server processes the task queues.
1 (V) Server Navision Web Client with IIS.
(1 processor per 10 users, 2 GB RAM per 10 users + operating system). The server provides Navision as an in-house web service (including branch offices connected via VPN). This allows simple workstations to work with Navision without client installation. This also works via Linux (e.g., with a cheap Raspbian or a simple fanless desktop computer) or tablets or Apple computers.
1 (V) Server Navision SOAP.
2 processors, 1 GB RAM + operating system. This access point is, for example, for partners who would like to access the server “from the outside.” This computer must be placed within a DMZ. In this scenario, you need to consult with the IT systems provider regarding whether to utilize an additional VM system or separate hardware, or if a virtual network should be established on the standard HyperV.
1 (V) Server Navision Web Client with IIS.
(1 processor per 10 users, 2 GB RAM per 10 users). This access point, for example, is for external partners. This computer must be placed in a DMZ. In this case, you need to consult with the hardware consultant to determine if an additional VM system should be used, or additional hardware, or if an additional network will be set up on the regular HyperV. This device can then be used to access Navision from anywhere in the world with a browser. Similar to the in-house devices, this can be a tablet, a simple desktop, or any computer belonging to a business partner, which can then be used to complete small tasks using very simple Navision interfaces. You may need to reconsider your filtering strategy for restricting users to implement this solution.
The important idea behind this is that Navision masks and processes must be so simple that they don't require any instructions or training. But that's also not a bad idea for Navision in general, by the way.
In my opinion, you need a two-step security concept for this purpose:
Certificate control: Only devices with a certificate (“ID”) are granted access to Navision (specifically, the associated IIS web server).
In addition, the user also has to enter a name and password to be accepted by Navision itself as a user.
1 V Server domain controller.
(2 processors, 4 GB RAM) The HyperV host is ideally suited in this case since it physically runs on hardware itself. In the past, Microsoft wanted you to never virtualize the DC since HyperV depends on it. Microsoft is no longer so strict about this. A virtualized primary DC (Yes, the PDC still exists at the moment!) that starts After The Hyper-V host always has lots of surprises in store. My suggestion is to run a PDC on the virtual host and an SDC as a virtual machine.
1 V Server HyperV Host This server must already be in place anyway since it runs HyperV. It should not cover any services except for primary domain controllers and HyperV.
1 V Server print server. Print servers often simply run on another server at the same time. However, you have to reboot the print server once in a while, e.g. when a printer installation fails. This will also interrupt all other server services running on the affected machine.
Please remember to enter descriptive printer names: (NY = New York, SA = Sales, BO = Boston)
“NySaInvoice1” or “NyFrontDesk” or “NyWarehouseOffice”, and even “NyMelanie” is better than „KyoceraDS2000-1“.
Rule of thumb: You rarely need information on a specific Printer model. Even then, a name like “Xerox23” isn't very helpful when you're dealing with 23 different Xerox printers. What you really need is information like “the printer that prints packing slips at the New York office.” “NyWarehouseBronx” is certainly easier to recognize as the correct printer than “Print300.”.
Scenario 1: An IT specialist wants to set up a computer for Ms. Smith. The printer needs the invoice printer, the warehouse printer in Frankfurt, the sticker printer at the Kassel warehouse office, the delivery slip printer in Düsseldorf, and the laser printer in Ms. Smith’s office. How will the employee find the printers faster? With HP12 or NYWarehouse?
Scenario two: Ms. Smith from Frankfurt calls the specialist and says her printer isn't printing. What's the fastest way to find this device on the printer server? With ”@Lexmark DX2000-2“ or with ”FrSmith"?
Recommended printer names (and for the same reason, computer names too!):
Place Department Name
Delivery Slip
FrSaSmith
Frontdesk
ThinkOffice
DusProdLabel
…
This way, the printers and PCs are automatically displayed sorted by location and department.
If an unstructured server infrastructure is in place, you can gradually switch over the PCs. You could give one PC a descriptive name each day or each week and then reconnect the printers to that PC at the same time. The old printer server will only be turned off when the last PC has been switched over. The same rules apply to PCs as to printers. Remember: Statistically, it is more likely that a user will get a new computer than a computer will get a new user. For this reason, employee names or extensions are better computer/printer names than the operating system version or model names.
The Navision server service is assigned the new printers from the start, for example, for the WebClients. Here, too, PCs can be gradually moved to the new Navision server; you can run as many Navision client servers as you want simultaneously.
Generally, ALL printers should be network printers, and no printers should be connected directly to a PC (e.g., via USB) and thus depend on that PC.
1 V Server WSUS. WindowsUpdateServer: Central update server for keeping Microsoft products up-to-date in a controlled and verifiable manner (e.g., Office, Exchange, Windows, MS SQL, Navision is not yet available!). This server can be used to download updates to a centralized location, freeing up the internet connection. Distributed WSUS servers can also be used for branches, avoiding the need to push every PC/Microsoft update individually through the company's internet connection. Statistics show which computers have which patch status for which programs. Updates can be postponed or restarted. Microsoft provides WSUS free of charge. WSUS requires a lot of hard disk space (plan for at least 300 GB, ideally 500 GB), but this does not have to be an expensive RAID hard disk.
RemoteAdminTool Is remote maintenance currently possible from a central location? This could start with, for example, a simple VNC on every client, allowing you to perform maintenance tasks like printer installations and permission changes centrally without having to be at each computer. However, there are also professional products like SolarWinds and QuasarRAT that can distribute entire software packages and settings. The purpose of distributing software, as described above, is to centrally manage computers and avoid on-site configurations. Coupled with WOL (Wake-on-LAN, a power-on command sent over the network), maintenance tasks can be performed much more efficiently. Food for thought: Are at least the printers distributed centrally via domain policies? This has been working very well and easily for over 10 years using Windows itself. This also makes it possible to distribute Office and Navision using this system without having to click “Setup.exe” every time.
The number of processors and amount of RAM will likely seem very low to many Navision users. In my experience, in these cases the configuration has not been carried out properly, and Navision has not been set up very well either. Navision “itself” is incredibly fast and saves resources. It is always the programmer’s fault when hardware gets gobbled up.