I am currently the only computer guy at a high school (small budget). Currently, there is no real infrastructure in place. There are just office computers connected to a consumer grade router that leads to the Internet via DSL.
The school will be setting up some new computer labs (~100 new computers) with a new broadband line for student use. The school is looking to have each student (hundreds) with his or her own account accessible from any computer, they want the labs firewalled, the Internet content filtered against inappropriate material, and everything else that would go with that.
This is the part where it gets a bit hectic for me. Originally, I'm just there to do basic troubleshooting for the office computers and staff laptops which isn't a problem for me. However, setting up and deploying a real network infrastructure is where I feel I'm a bit in over my head. The school understands this as they should probably have someone with more experience deploying and setting up a networked Windows environment but you make do with what you have.
I think this is a valuable opportunity to get some experience with Windows server and experience with possibly more advanced network hardware as my most advanced network experience lies at home with a bunch of Linux computers networked together. I don't have a more senior person for help so I'm pretty much on my own.
I have an idea of what I need to get done but I need help on the specifics.
What types of computers are robust enough to standup against abuse? I need a computer that has a lockable chassis to prevent people from opening up the system and mucking around. I also need a kensington lock to prevent people from just walking out with a computer. I've been looking into Dell Optiflex 360s and am hoping to get a good price via educational institute discount but I can't find specific details about a lockable chassis.
What types of ways can I utilize automation to reduce my maintenance overhead? I can imagine it'll be a nightmare managing ~100 computers if I go about it the same way I do with the office computers. I would like to remotely install OS, distribute applications, lockdown the computers against fiddling and virus, etc so that I don't have to physically go to every computer when I need to do something. I believe Windows Server can help with a lot of this via group policy but is there anything else I'm missing?
I've been looking into Cisco for network hardware as I'll need a switch for each lab and an edge router of some sort for the whole network. I'll also need a firewall in place protecting everything. As I have no specific experience in this I'm having trouble picking the right switch, router, firewall model to suit my needs but I'm guessing I'll need low end switches, routers, and firewalls.
How many servers will I need? I'm guessing so far 2: Windows Server for Active Directory and a backup server. Do I need another separate server for file serving user documents?
Are there any resources online that I can look at to help me in my situation? Forums, articles, people in similar situations, guides, etc?
It's also likely in the future the school is looking to have each teacher and staff be given a user account so they can go to any computer and access their documents. They'll also probably be looking to add an Exchange server so everyone has a school e-mail account and be able to access their own e-mails through Outlook on their accounts. I need to make sure anything I do now with regards to the network leaves room for future expansion and integration with the office. Are there any potential pitfalls I should be aware of?
Any other advice?
UPDATE 1 Well I've been researching a ton of information lately about all the various aspects of what I'll need to do and I sure am learning a lot. The answers to my questions have definitely pointed me in the right direction. As I dig deeper into things like picking the right hardware, remote management solutions, locking down systems, etc I'm finding I'll probably be asking more questions about more specific things later but for now I think I'm on the right track.
If I could I'd pick multiple posts as the "correct answer" as I felt more than 1 post here helped me.