separate namespace for internal access to resources . This means that the tree name ( WWTC . org ) is consistent for the private and public ( Internet ) allowing users to logon with the same credentials internally and externally . This requires a separate zone outside the firewall to provide name resolution for public resources and does create security concerns to ensure that clients accessing resources from outside the organization do not have access to internal company resources . This also creates the requirement for maintaining the records on both the internal and external DNS servers simultaneously . The attached illustration shows this configuration . Application Services : Windows Server 2012 is installed on the network and the following Active Directory features will be implemented . Windows Deployment Services ( WDS ) will be implemented to allows network-based installation of Windows Operating Systems ( OS ) to reduce the complexity and cost of manual installation . This will require a WDS Server as a member of the Active Directory Domain Services ( AD DS ) domain . This also requires a Dynamic Host Configuration Protocol ( DHCP ) server with an active scope sine PXE relies on DHCP for IP addressing . Smart Card Authentication will require valid user principal names ( UPNs ) since they are required fo smart card login . Since a certificate authority