Re: Choosing a server configuration for a small office
- From: "Lanwench [MVP - Exchange]" <lanwench@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Sun, 13 Jul 2008 15:53:13 -0400
Dan24 <dliberty@xxxxxxxxx> wrote:
On Jul 13, 5:07 pm, "Lanwench [MVP - Exchange]"
<lanwe...@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
Dan24 <dlibe...@xxxxxxxxx> wrote:
On Jul 12, 4:18 am, Susan Bradley <sbrad...@xxxxxxxxxxx> wrote:
I'd probably pull that Lob app onto a second server.
Even if you virtualize the heck, you are still on one hardware.
If you have good backups, good hardware, I do exactly as you do
with one exception. That is anything big and database-y is on that
second server.
Clusters IMHO are only for the datacenters and add more complexity
for our space.
Dan24 wrote:
Hello Experts,
We are a small office with about 15 users. We're currently using
only a single server - an SBS server (standard 2003). Since we're
using third party applications which require installations on a
server, over time this server has been added more tasks and
services now making it our:
1. Mail server (exchange)
2. Domain controller
3. Web server (Sharepoint, OWA, etc. Not including our company
website which is hosted at GoDaddy).
4. WSUS server
5. Anti-virus admin server
6. Fax server
7. Multiple instances of MSDE and other third party services...
8. Oracle database (again - for third party software. Using 500MB+
of memory!)
9. Voicemail server (for PBX)
10. Backup software (BackupExec & BE System Recovery)
11. File server
The fact that our entire business depends solely on this server
greatly disturbs me. Security-wise this is also an issue since I
need to allow software vendors admin access to this server for
maintenance (software upgrades, solving issues with their
software, etc) so instead of isolating them only to their
software they get full permissions to the SBS server and hence
our entire network. Not to mention the server is overloaded with
software and has become sluggish (it's an old Pentium 4 machine).
Some of these third party services are poorly written and cpu
usage is now always at 50% or higher (with peaks of 90% and
100%). Unfortunately this software is un-replaceable and is
critical to our business.
On the other hand, we don't have the budget to go out and buy
multiple servers. Adding more machines will also add additional
points of failure to our business and since there is no IT admin
on site (I am an outsource and do most of the work remotely) this
can also be a burden to manage and maintain (instead of watching
over 1 server I'll have to watch and support multiple servers).
So my question to you is: How do I find the right balance here?
The way I see it, I can either buy an additional 1 or 2 servers
and somehow distribute the tasks and applications between those
OR I can purchase a new high-performance server which has
redundant components and then use Virtual Server to run multiple
instances of virtual servers. Some of these third party
applications may even work with Windows XP so I could also save
some money on licenses.
A third option I was thinking of is to somehow implement a cluster
so that when the server goes down a backup server immediately
comes up but I'm not sure how easy / cost-effective this is to
implement. Like most organizations our server is
business-critical so I need to be able to bring it back up asap
when something goes wrong (this is one of the reasons we've
purchased BackupExec System Recovery). Or perhaps there are some
other options I've completely missed....
Please share your thoughts and opinion on this subject, I greatly
appreciate your help!
Thanks in advance,
Danny
So you think staying with a single server solution is a wise choice?
Susan mentioned getting another one for your LOB app.
What about the security consideration? Employees of other software
companies have my SBS admin password!
Heaven forfend. Why would they have that? Nobody should, except you.
No vendors should be logging into anything remotely, either, if you
ask me. And if they must, it ain't to a domain controller and it
ain't with an admin account in the domain.
That gives them access to all
files stored on my server including financial information,
employee's personal contracts, etc. I need to isolate them somehow
to machines with restricted accounts on the network (but with local
admin privileges so they can install their software). That's why I
was kinda hopin' you'd recommend the virtualization solution.
You can do that, sure. I like virtualization. But you then have all
your eggs in one basket, hardware-wise....and from a performance
standpoint, it may not suffice. I'd probably go for two servers in
your situation.
We should be able
to afford a new quad-core server with a RAID array and redundant
power supply. These also come with 3 years on-site tech support
(hardware issues only of course). This machine should be able to
run an additional server or two under virtual server running on the
SBS itself. Do you see any downside here or specific reason to
split this into physical servers?
The main downside is mentioned above.
Thanks. Forgive me for asking, but what is LOB?
"Line of Business"
The software vendors have access to my SBS because currently all their
apps are installed on this server so they need local admin access to
make changes which means they also have access to my DC.
That's definitely not good.
Unfortunately
this requirement is a must since their systems are undocumented and
cannot be maintained by anyone else.
I would *definitely* put this stuff on its own dedicated hardware, then. Set
up a user account on a member server that has *local* admin rights. In fact,
if you can get away with it, make it a local account instead of a domain
account. They shouldn't be able to log into any other server or workstation.
Regarding having all eggs in one basket - I agree with you on that
one, but the way I see it the server running these 3rd party apps
(which we use all the time) remains business critical and even with
the SBS server up we probably won't be able to get anything done if
that servers fails. That is also partially true for the SBS server
(correct me if I'm wrong here) - if it fails users won't be able to
authenticate to the domain and the app server, DNS won't function so
internet connectivity will not be available and god knows what else...
Correct.
So assuming all this is true I'm better off babysitting a single
hardware platform than 2.
No, I don't think that's indicated at all! If your AD & Exchange gets hosed,
it's a lot more difficult to recover from than an application server failure
would be.
This is obviously also the cheaper solution.
Not by much. You still have to buy a license for Windows server even if
you're running it in a VM. Hardware is pretty cheap these days.
I'm not trying to convince myself here I just want to get an
understanding of how we can benefit from using an additional server in
this scenario.
Virtualizing is one option, but esp. given that the vendors will be
connecting in, I would personally go with two servers. best not to be
pennywise and pound foolish.
.
- Follow-Ups:
- References:
- Choosing a server configuration for a small office
- From: Dan24
- Re: Choosing a server configuration for a small office
- From: Susan Bradley
- Re: Choosing a server configuration for a small office
- From: Dan24
- Re: Choosing a server configuration for a small office
- From: Lanwench [MVP - Exchange]
- Re: Choosing a server configuration for a small office
- From: Dan24
- Choosing a server configuration for a small office
- Prev by Date: Re: Connecting a remote workstation to a domain
- Next by Date: Re: Connecting a remote workstation to a domain
- Previous by thread: Re: Choosing a server configuration for a small office
- Next by thread: Re: Choosing a server configuration for a small office
- Index(es):
Relevant Pages
|
Loading
