A Clean Sheet for our Network - What Can We Get?

[DJCopa]

Hello All!

Aplogies if this is in the wrong area, but not sure where else to put it.
I have been tasked with putting together a report to see where we can improve functionality on our network. This is to include servers,telephony,Disaster Recovery,VPN's,etc. (basically, everything related to ICT, in the view that the company will be expanding, and the management want to know if we need to spend some money).

I'm really just after what is current in the market place, with regards to servers,comms,DR and if the costings will outweigh the benefit.

For instance, we currently have 10 servers running Exchange 2003, Server 2003, SQL 2003 & 2000, Terminal Server,etc. Is there a solution that could put all this together (Blade Server?). We use VPN's for homeworkers - Has anyone used a newer form of secure connection with added benefit?

I know this may be vague, but I'm sure there is a welath of knowledge out there, and I thought I'd try and tap into some of it.

Thansk for any advice in advance.

 

[Sympology]

You'll need to state how many people, how many offices. Type of work you do (banks have different requirements to Sales for example). The more info the better.

Only the truly stupid believe they know everything.
Stu.. 2004

 

[DJCopa]

No problem - 3 sites. Main site has about 50 staff, other 2 sites have a maximum of 10 staff. Main site has 10 servers, with VPN's running from a Sonic Firewall, to allow access to 100 Home Workers. The other 2 sites have a local server, used just to auntenticate login, and local file/print.

We also have an SSL box, which allows secure connections from any PC - This links in a Terminal Server session allowing full network access.

Telephony is Avaya Index System.

Business type is Business Support (Goverment Contract).

Thanks.

 

[burtsbees]

What kind of problems are you having, if any? Is this to improve functionality (like VPN security, for example), or to save the company money, where there are unnecessary costs?
Cisco VPN concentrators and PIX firewalls are top of the line. Linux is mostly free (except for Enterprise Red Hat).

Burt

 

[DJCopa]

Hello.

No problems as such - It is more a process of us creating a report of the best use of technology available, and seeing if the Board members are happy with it. The company is taking on more projects, and this will mean more support using VPN's, and possibly VOIP. I've looked into Bonded SDSL lines for this, but this is just one part. It is probably a pointless exercise, but I have been tasked with producing a report regardless. Just wondered what systems people had in place that may not be obvious, but are highly sucessful.

My example of Blade servers is case in point - I know they are good for Hungry Apps and space,etc. but I've never used them - Just after peoples own experiences.

Thanks.

 

[jrbarnett]

In order to make the content of this report useful, you need to ask yourself the following questions:

1. What have we got at the moment. A complete list of computer systems, which departments use them. Against those, identify those that:
a) Work well
b) Don't work well

2. Of those identified in 1b, prioritise those for improvement - eg running on old hardware not covered by warranty or getting spares difficult.
Use the "If the server(s) died what would cause the company or critical parts of it to stop working if they were not reactivated in a short period"
(eg ecommerce website, external handling email and external telephony for customer services etc).

3. Of the total systems identified in q1, what is required for every part of the business to operate at a minimal level (for DR purposes).

4. What DR facilities/procedures are in place at the moment? Are they adequate for those identified in Q1 above or do they themselves need improvement.

John

 

[jmd0252]

One idea I would put forth, especially when you talk about DR, is the idea of VMWare. We have 2 large 4 way dual core machines, hooked to a SAN. We have a total of 9 different servers running on these 2 machines. From a Domino mail server, to a SQL 2005 Database, and they are a mix of W 2003 servers, and W2000 servers. I have noticed that sometimes the W2000 machines "have problems" talking to the W2003 machines. This will be address as we are implementing active directory in the next 6 months. We will be upgrading to the newer VMWare, and taking the machines to the W64 byte version here this month. I know if a physicaly machine "breaks", the VM-machine can be moved on the fly over to another physical machine with 0 downtime. That is one reason we liked the idea of VM Machines.

 

[Cstorms]

Actually thats the direction we are heading as well, migrating about 16 servers into 2 dual quad core dl385 g5's (i think thats the model), attached to a local SAN, for future DR we are going to implement an offsite SAN and a few po-dunk servers to take over the images if something insane happens in our server room, we will replicate data to the other SAN and this will allow us complete ease of mind in the event of an oopsie.

This is super expensive if you are starting from scratch, but if you start with just the SAN and work your way up to VMWare it isnt to scary.

I heard some insane numbers about it like 80+% of all fortune 100 companies use it, and Intel just bought a 218 million dollar stake in it.

 

[DJCopa]

Cheers for the comments so gents far(and ladies). Looking into the SAN solution, as it's something we've discussed before. The VMWare solution sounds interesting - Palyed around with it before but nothing heavy. I think yo can download a trial version, so may give that a go.

Again thanks for the commenets and ideas - Really is invaluable!

 

[lgarner]

VMWare servers + SAN at each location = high availability.
Add the same plus SAN replication to another location, you've a good start toward DR.

Blade servers are good for light loads. I'd get 2 or 3 4x4CPU systems with plenty of RAM for VMWare. Little local storage, all VMDK's are on the SAN.

Ignore VMware Server for this purpose. I don't think there's a working trial of ESX, but I could be wrong.

 

[Sympology]

Don't forget yor network infrastructure. You'll want team cards in each server on seperate switches running off seperate feeds. Your incomming lines at opposite ends of buildings, ideally with different carriers at different exchanges.
We have a wonderful network apart from if the exchange has a fault, it can take down a site, because despite having seperate feeds and carriers, they go to the same exchange...Grrrrr

Only the truly stupid believe they know everything.
Stu.. 2004

 

[gb0mb]

Going the VMWare route is what I feel to be the future.

You can make VM clusters so that if a machine goes down the VMs start on another server in the group helping with downtime.

Want to test a new patch on a server? Clone the VM install the patch and test it.

Backing up your servers simple as copying the vms off to a storage server.

Need a server deployed at another site. Build the VM onsight and ship it to remote site.

I have only seen one large scale production built this way and it worked well.

I assume the future will bring nothing but imnprovements.

Gb0mb

........99.9% User Error........