Go Back   Team-BHP > Around the Corner > Shifting gears > Gadgets, Computers & Software


Reply
 
Thread Tools Search this Thread
Old 7th April 2009, 22:19   #16
Distinguished - BHPian
 
Thad E Ginathom's Avatar
 
Join Date: Jun 2007
Location: Chennai
Posts: 7,615
Thanked: 6,704 Times
Default

Is it all ok?

Does it work?

If so... Yes!

I just skimmed this thread, and I don't recall much mention of security. I'd be putting Zone Alarm (or equivalent choice) firewall and virus protection on each and every machine, and make sure it is configured to keep itself up-to-date.

But that would not satisfy me.

I'd want a separate, independent firewall between your users and the net.

There was a thread on just this subject recently!
Thad E Ginathom is offline   Reply With Quote
Old 8th April 2009, 04:31   #17
BHPian
 
Join Date: Oct 2007
Location: Pune
Posts: 213
Thanked: 0 Times
Default

I am typing all my replies in italics.

Quote:
Originally Posted by Red Liner View Post
Alright guys, I am back with an update now.

This is what has happened so far in my company. I got a couple of freelancers to come and do this much:

Server End
  • Formatted server and installed Windows Server 2008 .
  • Created required user id’s with roaming profile.
  • Created DNS [Domain naming Server ] and ADDS[Active Directory Domain Service ]
  • Created shared folders to respective user id folders , temp, dumps .
  • Created permission level security layer and assigned it to individual users .
--------------------------------------------------------------------
Okay, so did they create the users before they installed AD. If so, we have to work a lot on GPOs.

-> Did they create users' home drive using the profile settings & configure the folder redirection using Group Policies. I didn't see you use the Group Policies anywhere.

A nice friendly explanation and how-to for the job.
Windows Server 2008 IntelliMirror: Folder Redirection - MS Windows Vista Compatible Software

-> Are you going to be using DPM for backups. It's a nice tool but compared to Acronis, I don't know the cost of the software & ease of use as well. You could talk to your MS Partner / TAM for that.

-> If using DPM, I will suggest redirecting all the folders that can be, and then blocking the access to the C drive so as to retain the version control (or whatever you call it) and make the D drive use Shadow copy based backups and export that to the central repository. If you are looking to pursue this path, I can dig a little more for you.

-> Not sure what you mean by "permission level security layer". Can you elaborate here or on PM. I am working full time on MS servers so I would love to help you out with your installation. I know how some freelancers can do a half baked job and then you are left figuring yourself and blame MS for everything that screws up.

-> If you have selected for the volume licensing, you should get W2K8 R2. negotiate with your vendor to make sure you do get that later. Beside that, what is the system patching strategy. You could use the free WSUS (windows software update service) which does the job in most cases. I really don't see the need for SMS/SCCM here since yours is a small enterprise and it will be an unnecessary wastage of money.

-> What about Antivirus. I have heard that Symantec's latest version is super lightweight and is good with the firewall system integrated into the enterprise package. You could sure ask them for a demo, negotiate with them if you like and work out a deal.

--------------------------------------------------------------------

Printer End
  • Created dedicated printer server
  • Downloaded printer driver , installed it in server with Active Directory enabling .
  • Created shared folder for individual users to access printer driver and install it remotely.
--------------------------------------------------------------------

Make sure that you use the latest printer drivers. Windows 2008 printer driver model is far more robust than anything earlier and you really would love its users friendly deployment. Another thing I see here is that this freelancer doesn't know that Windows Printers can be published in AD and users can search for them from Windows Search program. Installing the driver is as easy as right-clicking and selecting Connect. You don't need a share for this.

Make sure that you have appropriate control over what is being printed. While not overlooking a genuine need, you don't want a fresher printing a 450 Page novel that he downloaded from somewhere on the net. That is the most al-cheapo misuse I have seen of company resources. Archive everything that is being printed and audit big print jobs regularly.


You can read more on this here.

Print Management Step-by-Step Guide
Print Management Step-by-Step Guide


--------------------------------------------------------------------

Workstation End
  • Formatted 10 desktops.
  • Installed VISTA in all desktops .
  • Added all systems to domain .
  • Configured Wireless Lan in once pc .
  • Installed Adobe in all systems
  • Installed Office 2007in all systems
  • Installed SEP in one system .
  • Worked on a particular system with low level formatting .
--------------------------------------------------------------------

-> Make sure that Vista is up-tp-date with SP1 and patches. You don't want to get unwanted viruses like conficker etc just because you didn't patch on time. A good date to remember is the Second Tuesday of the month when MS releases patches for the month.

-> Same goes for Office 2007. Last i remember that there was SP1 released for Office 2007 and SP2 is coming soon.

-> What is SEP. Whatever it is, make sure that all the PCs have Data Execution Prevention enabled (it is by default so, but make sure it is). It helps in Virus outburst control if someone does use those features while writing a virus.

you may want to read a bit on the standardisation of O/S being used using the following link. This is a proactive system management article and tells you how you can standardise your IT environment using industry best practices.

Capability: Desktop, Device and Server Management
Capability: Desktop, Device and Server Management

--------------------------------------------------------------------

Firstly your feedback on the above. All okay? I have complete access to fully legal software from Microsoft. See attached file.

The QC has not happened properly and some of the users complain of not being able to log on the first time around, but after a couple of times, they do it. I have asked these blokes to come back on this Sunday to complete the rest of the job without which they are not seeing any greenbacks.

What more in store?

1. Ensure all systems have basic utilities installed and in place. FF, Adobe PDF, Messenger, Gtalk, you name it. Am making an "essential" list right now.

Make sure that you allow all the softwares that are necessary for ultimate productivity of your colleagues, but have level of control on messenger usage. I've seen people being on google talk and orkut the whole day and it practically yields nothing for the company. I'm a pro user/human rights guy but also against these types of misuse of company time. So don't give anything you will regret later.

2. Ensure an adequate back up solution for everyone. I am gyrating between proper version control and just a basic back up where everyone's individual folders are backed up. Ensure a good back up for the server itself. Note to self: speak to Netfreakbombay for more on this back up to server bit.

Version control of document is something I'm not so familiar with. may be someone else can help you find this out. MS does offer Windows SharePoint Services but again, I'm not sure how to use them optimally.


3. A handbook from these guys as to how to add a new user, giving or taking away rights, different passwords, etc. I should be able to run this whole show without these guys apart from a IT audit now and then.

Not a big deal. Ask them to make a template user which you will always copy and create a new user. Make sure that this user is disabled i.e. it cannot login and noone knows its password.


Is there anything else I should add, that I may have missed out on? I am wearing a lot of hats now, and I would appreciate pointers!

Leading on from Bullet point 2 above...
The issue with independent folders being backed up is, there is not control over a *single* document which might have seen multiple alterations. In essence, the whole point of *sharing* is lost if you dont know what and where the final file is.

This is essentially an issue when you do not want to work directly on the server for two reasons:
-> The server is slow. The case with us.
-> The network cable that connects to your CPU could dislodge as you are working on something. Has happened to us, and is mighty frustrating at 3 am in the morning.

I did receive some points from another thread I created specifically for this purpose so have a look: http://www.team-bhp.com/forum/gadget...designers.html (Best Version Control Software for Designers?)

Though the thread above was begun only for my designers, I do understand that automated version control is a boon for everyone, and is a fantastic way of keeping documents updated at any point in time.

Some of them have talked about a process we can undertake. However, I found it a little tedious...though I will be confirming a naming convention and file hierarchy...maybe I should contact DerAlte directly and ask him what the heck he's talking about
I have so far included most of the links you will need to make you documentation for day to day management. Ping me for more if you have queries or documentation. My last question to you will be what is the backup strategy. How much space are we looking to use and how you will recycle this space. I'm not much of a backup-guru but I'm sure there could be someone else who could pick out the those nuts and bolts for you.

Besides all this, most of the things about Windows Server 2008 can be manager from Server Manager and that is one of the best I've seen from MS. If you use proper security for your environment and make sure backups are ready when the disaster strikes (& They do; That is why we have Disaster recovery modules), you are all set for the long race.
given2fly is offline   Reply With Quote
Old 24th April 2009, 12:16   #18
Senior - BHPian
 
Red Liner's Avatar
 
Join Date: Aug 2006
Location: Bangalore
Posts: 1,990
Thanked: 653 Times
Default

Thanks Fly. Superb response. Really good for a lazy layman like me.

Now between this Hiatus (thanks to a new car I got), I managed to study everything you guys have mentioned and have even figured out a Subversion - version control plan. This is what I have asked for my Sys Admin guys to do:

1. Have Windows + Office validated for all machines. I could manage just 3-4. Set up a control document detailing all installations, hardware + software, the user ID, person using the system, and the versions of software installed - so we have control on it. One person from my team will assist you with this.
2. Install new Hard Disk Drives into the two crashed machines and enable them for network access
3. Create one more new user ID + Access
4. Configure and install Endpoint anti-virus for all machines including server - and ensure daily automatic updates and weekly scans of the machines. I am talking to Symantec directly for an extended Trial version before we make any decisions.
5. Correct WI-FI access to network from Zia's computer. This computer is on Wireless access - and I want the same access rights as one would have using a network cable. At some point, I would want complete removal of cords and have everyone on secured high bandwidth Wi-Fi. Thats the plan for our next office.
6. Ensure Scanner + Printer utility access for everyone
7. Load all following utilities for access on the Server for right click access for users.
- Firefox
- Adobe Acrobat
- Google Talk
-MSN Messenger
- Any others you recommend for daily business use?
8. Configure and implement test version of Subversion (separate email sent on the same) - create user manual for the same.
9. Find out upgrade plans for all machines - create a document detailing current hardware - and install new hardware upgrades. See point 1.
10. Decide hardware configuration of Server and ensure it is reasonably upto Server class standards. Currently there is a space constraint on the PC class machine which we have adopted as a Server. Set up a Disaster Recovery Module.
11. Hand over all manuals + documentation to ensure hassle free transition and usability of now created network interface.
12. Set up an independent Firewall between users and Internet
13. Detail existing group policies
14. Set up a System patching strategy for all PC's.
15. Cant the printers be searched for using the Windows Search Program - rather than a share?
16. Archive all print jobs for audit. I want this system in place so I know how many prints are taking place from which User ID at what time.
17. Ensure all printer's default settings on users are set to *draft* and gray scale. User can then change the settings for every print job.
18. Ensure all PC's have Data Execution Prevention enabled for Virus outburst control.
19. Make a template user which I can copy and create a new user. Ensure this user is disabled and cannot log in.
20. I want all systems run from the Server using the Server Manager. I want to be taught how to use this myself.

Have I missed out on anything? I have pretty much tried to cover as much as possible from all the posts mentioned in response to this query. I will be posting my find on Sub version on this dedicated thread to it: http://www.team-bhp.com/forum/gadget...ml#post1247130 (Best Version Control Software for Designers?)
Red Liner is offline   Reply With Quote
Old 24th April 2009, 13:17   #19
Senior - BHPian
 
NetfreakBombay's Avatar
 
Join Date: Jan 2008
Location: Bombay
Posts: 1,375
Thanked: 315 Times
Default

Quote:
Originally Posted by Red Liner View Post
5. Correct WI-FI access to network from Zia's computer. This computer is on Wireless access - and I want the same access rights as one would have using a network cable. At some point, I would want complete removal of cords and have everyone on secured high bandwidth Wi-Fi. Thats the plan for our next office.

This is not recommended. That is because you are in Graphics / Animations business.

A PSD that is of Print quality (Hi Res/ High DPI) can easily go up to 100 MB+
Animation / Video files would be even larger.

With LAN, actual transfer speed would be approx 8 MBps. So if a designer needs 500 MB worth of files if would take 1 Minute to get files out of Subversion on Designer's PC.

WiFi would slow down your network with 8 - 9 users. In that case speed would be around 1 MBPS.

The same task would take ~ 10 Minutes with WiFi.

Reason is, each data packet needs to pass trough WiFi router. Router needs to Decrypt, Read, Encrypt and Forward the packet to Destination PC.

Router's processing power becomes the bottleneck here.

WiFi is fine as long as you are sharing just the net connection.

For using it as replacement of LAN, you would need to spend serious money on powerful routers.

Usual 5k router wont work in that case.


There is another thread (Connection between desktop and laptop) that discussed perfromance of WiFi as comared to LAN.
NetfreakBombay is offline   Reply With Quote
Old 24th April 2009, 13:35   #20
Senior - BHPian
 
Red Liner's Avatar
 
Join Date: Aug 2006
Location: Bangalore
Posts: 1,990
Thanked: 653 Times
Default

Quote:
Originally Posted by NetfreakBombay View Post
This is not recommended. That is because you are in Graphics / Animations business.

A PSD that is of Print quality (Hi Res/ High DPI) can easily go up to 100 MB+
Animation / Video files would be even larger.

With LAN, actual transfer speed would be approx 8 MBps. So if a designer needs 500 MB worth of files if would take 1 Minute to get files out of Subversion on Designer's PC.

WiFi would slow down your network with 8 - 9 users. In that case speed would be around 1 MBPS.

The same task would take ~ 10 Minutes with WiFi.

Reason is, each data packet needs to pass trough WiFi router. Router needs to Decrypt, Read, Encrypt and Forward the packet to Destination PC.

Router's processing power becomes the bottleneck here.

WiFi is fine as long as you are sharing just the net connection.

For using it as replacement of LAN, you would need to spend serious money on powerful routers.

Usual 5k router wont work in that case.


There is another thread (Connection between desktop and laptop) that discussed perfromance of WiFi as comared to LAN.
I agree with you now. Guess I will stick to network cables then. I will call you a bit later this evening if thats okay with you to discuss the server hardware bit a little. Thats worrying me because what we have is just a PC class machine acting as a server!
Red Liner is offline   Reply With Quote
Old 24th April 2009, 14:41   #21
Senior - BHPian
 
NetfreakBombay's Avatar
 
Join Date: Jan 2008
Location: Bombay
Posts: 1,375
Thanked: 315 Times
Default

Yes its good idea to have a server class PC. With Version Control / Windows AD / Shared FS, server being down might result into lost work hours.

Call me anytime after 7:30.
NetfreakBombay is offline   Reply With Quote
Old 10th August 2009, 12:08   #22
Senior - BHPian
 
Spitfire's Avatar
 
Join Date: Jul 2006
Location: Panaji - Goa/Bangalore - Karnataka
Posts: 3,240
Thanked: 600 Times
Default

How much did it cost? I am looking at something similiar.
Spitfire is offline   Reply With Quote
Old 3rd May 2010, 15:12   #23
BHPian
 
Prowler's Avatar
 
Join Date: Jul 2008
Location: Madras
Posts: 476
Thanked: 265 Times
Default Server Specs and Cost

Our office has decided to upgrade the development server and they got a quote from a major manufacturer. This is the configuration:

CPU - Xeon X3460 QuadCore
2 GB RAM with ECC
SAS 6/iR Controller Card
500GB 3.5-inch 7.2K RPM SATA II Hard Drive x 2

3 years onsite warranty

And the cost is Rs.84k

I checked the price locally and found that once can "build" the same system for less than 50k

What is the view of the experts here ?
Prowler is offline   Reply With Quote
Old 3rd May 2010, 17:23   #24
Senior - BHPian
 
Join Date: May 2007
Location: Bangalore
Posts: 3,652
Thanked: 242 Times
Default

Quote:
Originally Posted by Prowler View Post
Our office has decided to upgrade the development server and they got a quote from a major manufacturer. This is the configuration:

CPU - Xeon X3460 QuadCore
2 GB RAM with ECC
SAS 6/iR Controller Card
500GB 3.5-inch 7.2K RPM SATA II Hard Drive x 2

3 years onsite warranty

And the cost is Rs.84k

I checked the price locally and found that once can "build" the same system for less than 50k

What is the view of the experts here ?
Assuming that this is meeting your development specs.

Building this system yourself might not get you an onsite service.
Whats the support they are offering on part replacement under onsite warranty(i.e. in hours)

If the server needs to run 24x7, you cannot match the heat dissipating chasis and mechanism inside the box + their preemptive diagnostic mechanism built into the firmware and OS software to prevent total failure.

If the server isnt critical, build it by yourself. Else go with the branded manufacturer.

Last edited by dadu : 3rd May 2010 at 17:24.
dadu is offline   Reply With Quote
Old 3rd May 2010, 18:20   #25
Senior - BHPian
 
pranavt's Avatar
 
Join Date: May 2008
Location: Mumbai
Posts: 1,628
Thanked: 272 Times
Default

The extra money spent is worth the goodies and support that you get. Only build one yourself if you've built servers before, are good at it and know your way around various diagnostics software.
pranavt is offline   Reply With Quote
Old 4th May 2010, 13:30   #26
BHPian
 
Prowler's Avatar
 
Join Date: Jul 2008
Location: Madras
Posts: 476
Thanked: 265 Times
Default

Thanks dadu and pranavt. The present server was built by me which has been working well for the past 4 years. But to tell the truth, it was not easy to get any reliable server grade components. Even now it is hard to source hardware RAID cards in Madras.

I would take your suggestion and go for a branded product. I take it that the quotation is reasonable.
Prowler is offline   Reply With Quote
Old 5th May 2010, 10:31   #27
GTO
Team-BHP Support
 
GTO's Avatar
 
Join Date: Feb 2004
Location: Bombay
Posts: 46,577
Thanked: 80,476 Times
Default

Quote:
Originally Posted by Prowler View Post
3 years onsite warranty

And the cost is Rs.84k

I checked the price locally and found that once can "build" the same system for less than 50k

What is the view of the experts here ?
I'm no computer expert, but can tell you from experience that branded systems are the way to go. I've had a particularly good experience with Dell & IBM / Lenovo, though I'd say Dell has the edge here. Configure your system on the Dell website, then call them and ask for discounts. Depending on which sales rep you speak to, you'll probably get 10 - 20% off the price you see on their website.
GTO is offline   Reply With Quote
Old 5th May 2010, 10:49   #28
Senior - BHPian
 
Join Date: Apr 2008
Location: Dombivli/Gurgao
Posts: 2,603
Thanked: 1,121 Times
Default

Quote:
Originally Posted by Prowler View Post
Our office has decided to upgrade the development server and they got a quote from a major manufacturer. This is the configuration:
...

What is the view of the experts here ?
The choice largely depends on how the development server is going to be used. How many concurrent users will be accessing it, will it be multi-location access, will it need 24x7 backup, do you already have any server room/data centre in which the new server would be deployed, do you have hardware engineers capable of maintaining the servers and finally do you have easy access to the parts of the server.

What kind of a role will this development server play?
honeybee is offline   Reply With Quote
Old 5th May 2010, 10:55   #29
Senior - BHPian
 
aargee's Avatar
 
Join Date: Jan 2010
Location: KATN
Posts: 4,648
Thanked: 1,957 Times
Default

Just to give an idea on reliability of the branded products, I'm sharing the experience of our office with DELL.

We've bought about 80+ laptops (and still considering to buy more)from DELL last year end; model - Lattitude E6400. By about March this year few systems experience jittering on the LCD. So a service guy (very prompt service) shows up & changes the LCD. After few days again the jittering problem shows again. This time they change the mother board & LCD.

The reason that was being told is that the entire dispatch had some issue & several colleagues in our office had this jittering issue & by experiementing they found the real issue croping up from motherboard & then affecting the LCD. There're several such cases in our office where the laptops have changed mother board & LCD.

Again after few days the jittering appears & for the second time they change the mother board & LCD & finally for last 2-3 weeks the jittering issue has been arrested.

My point - Branded or unbranded, ensure that the service is good because electronics are prone to give problems & if the service is good, you'll have some peace of mind.
aargee is offline   Reply With Quote
Old 5th May 2010, 11:05   #30
Senior - BHPian
 
Join Date: Apr 2008
Location: Dombivli/Gurgao
Posts: 2,603
Thanked: 1,121 Times
Default

We had laptops from Acer and they were serviced by the Acer team (when the laptops were under warranty) and then by our local hardware team. The service was nothing great, and our company wasn't as keen to follow up on the niggles with our laptops as they were to follow up on our deliverables. I had a battery that only lasted half an hour, on a laptop that was hardly a year old. The battery replacement was done after about four months. The replaced battery worked fine, but had a cracked backside. This is just one example.

We also had a few servers locally on which development and testing was carried out. These were essentially souped up versions of desktop computers with lots of RAM and hard disk space. But for a performance testing team we set up an identical environment with identical servers as the production system.

So it depends a lot on what the company expects regarding the performance of the server.
honeybee is offline   Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search


Similar Threads
Thread Thread Starter Forum Replies Last Post
Design and implementation of a Tree House zenx Shifting gears 10 1st September 2010 10:41
BS-III implementation postponed by 6 months MileCruncher The Indian Car Scene 10 25th May 2010 17:13
Bs-iv Implementation-car Price Hike bullock-Car The Indian Car Scene 29 27th March 2010 12:15
ICE implementation query SRShrikanth In-Car Entertainment 8 31st December 2007 12:15


All times are GMT +5.5. The time now is 19:43.

Copyright 2000 - 2017, Team-BHP.com
Proudly powered by E2E Networks