Friday, August 29, 2008

Week updates

  1. Been working on a F5 which is having issues. I was going to reload the OS, but I think I can fix it. Still working on it. Waiting for a reply from support.
  2. Finally figured out a way to export from sharepoint collection, and import them into the root collection. Something I'll need to do before we can reorganize the structure of our sharepoint here. I should have this finished early next week. Have to schedule some downtime to do the export/import.
  3. Got my first ESXi machine, with the embedded hypervisor. Me and Jamie will rack it up and get it running on Monday, they we should be good to start loading the backlog of about 5 VMs to start.
  4. Should be making a decision on NAS and Firewalls next week. Have to nail down the specific configs and pricing.
  5. Threw SQL 2008 (DB, SSAS, Report server) on my development box, seems pretty cool so far.
  6. Completed the implementation of DB monitoring and machine monitoring on production and enterprise hosts.

I think that covers this week's major project work. Still also doing some of day-to-day work, fixing things as needed.

Wednesday, August 20, 2008

Wireless networks using certificates painful

Another project which is being annoying is hooking up a few hacked dd-wrt boxes to my Active Directory CA by using IAS. Still doing some testing, and I'll post my findings and details once the team figures out why Windows XP doesn't seem to want to work (we are trying SP3 now). Works like a charm on Vista J


 

Love Vista.

Sharepoint annoyances

Have a bit of a time trying to fix up this mess of a sharepoint site. First thing we got our 3GB database off SQL express. Now we are on standard, I need to fix up the database itself. Myself and a co-worker (Steve) are having a tuff time figuring out how to restructure the site, since it was setup in a very odd manner. I think we have some good ideas, so lets hope we can get a good structure to it. I would post the hierarchy we are moving towards here, but I probably shouldn't J

Storage/NAS Evals

We are looking for a strong NAS system, I'm leaning towards a clustered scale up/out system versus buying a box that I have to replace every 4 years. I think Isilon is the proven leader in this space, and we've selected them to go up against the king (Netapp). Here are the criteria we used to get it down to these two. We are looking into them in depth now.


 

Requirement

Sub-Feature

Weight

Architecture

  

  

  

Centralized Management

6

  

Clustered Device (NAS, Controller, and Power)

10

  

Appliance Model

8

  

Add storage with no downtime

10

  

Add bandwidth and nodes without downtime

10

  

Add cache without downtime (increase IO)

8

  

Auto balance IO across disks and connections

10

Security

  

  

  

AD Integration

10

Data Management

  

  

  

Tiered design 2 or 3 tier

8

  

Migration of data based on usage and other vars

8

  

Content aware

5

  

Ability to snapshot multiple times, and replicate a snap

10

  

Rapid snapshot

6

  

NDMP support

5

  

Backup Exec Support

10

Connectivity

  

  

  

CIFS

10

  

NFS

10

  

Replication at file/block

8

  

Optimization for WAN replication

10

  

Namespace virtualization and migration of namespaces

7

Management

  

  

  

Reporting via Web

8

  

Email reporting

6

  

Usage/compliance reporting per user (AD integration)

6

  

Monitoring and alerting of issues

8

  

Thin provisioning

5

General

  

  

  

Ease of administration

10

  

Ease of use

10

  

Configuration and setup

8

  

Documentation quality

5

  

Speed of client

8

  

Resources used by client

8

Company

  

  

  

Viability

10

  

Support

8

  

Price

10

Total Score

  

  

Things happening - Firewalls

We decided to evaluate Sonicwall and Cisco based on our assessment. We are digging into depth in the next week or so. Here is the criteria. These are needed for both hosting/collocation and for our 3 major offices:


 

Requirement

Sub-Feature

Weight

Architecture

  

  

  

Centralized Management

10

  

Clustered Device

8

  

Appliance Model

8

  

QOS management

6

  

Appliance must support up to 2G (external) and 3G (internal)

10

Security

  

  

  

Stateful Firewall

10

  

Full packet inspection and content filtering

10

  

IPSEC VPN Support

10

  

SSL VPN Support

8

  

OpenVPN Support

8

  

PTPP Support

9

  

AD integration for authentication

6

  

Anti virus/Auti Spam/Anti spyware

4

  

IDS/IPS

9

  

Enforce desktop patchlevel and AV, Quarantine user

4

  

Wireless security

4

  

Behavioral analysis

7

Management

  

  

  

Reporting via Web

8

  

Email reporting/Monitoring and alerting of issues

8

  

Usage/compliance reporting per user (AD integration)

6

  

Backup/Restore

8

  

Upgrades

8

General

  

  

  

Ease of administration

10

  

Ease of use

10

  

Configuration and setup

8

  

Documentation quality

5

  

Speed of client

8

  

Resources used by client

8

Company

  

  

  

Viability

10

  

Support

8

  

Price

10

Total Score

  

  

Wednesday, August 13, 2008

Missed a couple things

I'm moving us onto SQL Standard from SQL Express which is what the corporate intranet site is running. That upgrade was tested, and I'm doing production today. I've also setup some proper backup jobs for the database.

Starting tomorrow, I (and another engineer here) are redoing the Sharepoint structure, permissions, etc. It should be a lot more clear, and easier to understand what people are up to.

I haven't done a lot of Sharepoint administration, so it should be a good learning experience!

Recap of week 1.25 :)

So first week on the new job, and making some good progress. I am learning the infrastructure and some issues that have been bothering us. We have done the following items:

  1. Monitoring
    1. Redid the Coradiant Truesight setup to better catch items and view backend information. Got visibility to additional network areas.
    2. Implemented Solarwinds IPMonitor. We are installing it at the colo and at our enterprise office.
    3. Testing Idera DM, deciding if it will work for us. We need better DB monitoring and diagnostics.
  2. Infrastructure planning
    1. Did initial grading of clustered scale up/out NAS solutions. I will post more details as the project progresses.
    2. Did requirements for new firewall solutions, still have yet to nail this down and grade them.
    3. Built plan around fixing exchange, and moving to a multi-site international infrastructure on Windows 2008 and Exchange 2007.
    4. Started planning a DNS revamp, and proper split domain configurations.
    5. Working on a new wireless implementation as we speak, using dd-wrt and integration into AD with WPA.
  3. Ops
    1. Debugged issues going on with production website.
    2. Reviewed and did some updates on the Akamai configuration.
    3. Implemented VMware environment for HP Quality Center testing, have yet to have QA fully test the buildout.

I learned about the platform, and the upcoming new version of the platform. We also started looking at NBA/IDS systems such at Mazu and Q1Labs. Its not high priority, but it would help a lot with security, and the ability to diagnose network issues, and non-http issues. I really wish Coradiant would view SQL response time…. One can dream.

Tuesday, August 5, 2008

The fun begins

I had a smooth 15.5 hour drive down to Atlanta from Boston on Saturday. I have to do it again with my girl, cats, and other car in a couple weeks. Just working on renting my place in Boston, should be done in a couple days.

I got my place on Sunday, which is awesome. It's on Grant Park, and It's huge and empty. The city is great, and I'm doing a reverse commute.

I've been digging in on some things (yes its only day 2)

  1. Looked at some network issues, but I haven't determined anything really yet.
  2. Sharepoint migration plan from SQL Express to SQL Standard.
    1. Temporary VM setup for testing
    2. Purchasing a proper VMware box for real dev VM
  3. Looking at some NAS vendors, and putting together a requirements plan. I will post that once we nail it down today or tomorrow.
    1. Support for Virtualization (ESX clusters)
    2. Exchange clustering
    3. SQL clustering
    4. Located in Geneva development, Colocation, and Corporate office for DR/replication of data.
  4. Looking at deploying www.dd-wrt.com and integrating our wireless into AD with enterprise WPA. Should be fun and easy to do.