For a complete guide to security, check out 'Security+ Study Guide and DVD Training System' from Amazon.com
Please read Planning your Server Farm (Part 1)
Now that you have initially figured out where you want to place your server farm, we need to get to the nuts and bolts of actually planning it. To have a good server farm deployment you will need to carefully plan. Note – not planning may cause you a lot of problems which could lead to the server farm never becoming a reality. You will also need to put some time and thought into the size of the deployment – its complexity, how much equipment you are going to deploy and so on. In part 1, we covered placement and the bare essentials, gathering your team and so on. Now, a detailed plan of the installation should be your first step. This should happen no matter what, every time you plan, regardless of the size and complexity. Why? Simple – because if you do not plan then you will spend time you don’t have (I know) fixing very stupid oversights and errors that you could have avoided completely had you spent the time up front doing a little planning.
Eliminating any time spent correcting oversights and fixing compatibility errors should be your goal. In the next few sections we will look at some of the things that you can incorporate into your plan, although – this is by no means a definitive list. All network environments are unique in their own ways. Because of this fact, you will need to adjust your plan. Use this article as a start and make sure that you build on to this list and append any special additions to your plan.
Building a Project Plan
You can build a project plan with a simple Gantt chart. You can use a fancy program like Microsoft Project, or you can use a simple Spreadsheet or bulleted Word Document. A project plan can help you plan, it’s that simple. It helps you to track your resources and make sure you have a viewable way to track a project and its deliverables. In the illustration below, you can see a sample worksheet in Excel that I was able to download from Microsoft to help me plan a DFS deployment. Hey, it's free and already done – you only need to fill in the blanks and it's easy to add to it too.
There is a Job Aids section on the Microsoft site that I left a link to in the Reference and Links section at the end of this article. Remember, the plan is only there to help you to deploy a server farm and how to keep track of it. It's up to you if you want to make one or not, although it's highly recommended so that you do not waste your time. Deploying Server farms are almost always costly, and almost always time consuming so a good plan will hopefully eliminate any waste in both areas.
Hardware and OS Compatibility
Now that you have the plan in place, you need to consider a few things about the individual systems, the servers themselves. All hardware that you will use will most likely need to be checked for updates. As well, any software you install will also need to be updated. Every driver installed … most likely needs an update. My point here is – get in the habit of just checking and updating everything every time. If you stick to this method, you will never forget to update anything, and because you are ‘checking’ first, you will never ruin anything by accident. The next point is – you never want to install a driver or any other patch on a live system without doing it first on a test system. If you do not have an SLA in place and are not concerned about downtime then it's your prerogative to update away, but it's a good idea to test software updates first before you install them. Over the years, driver and software updates have gotten much better, but if you are deploying 15 Windows Server 2003 systems in a preexisting Server farm… it may be wise to test the updates first.
If you are going to update hardware chips, make sure that you do not power off the system for any reason during the update. Any interruption to the process will render the device inoperable. Before installing a new operating system, or upgrading an existing one, it's important for you to verify that compatibility exists between all internal and external hardware, and any associated add-on components, peripherals and so on - planned for the network. One of the most common ways to ensure this necessary compatibility is to check the OS manufacturer’s Hardware Compatibility List (HCL).
The HCL is basically a list, supplied by the manufacturers of major operating systems, of hardware that has been tested and verified to work with their Network Operating Systems – of NOS for short. Checking the HCL is an important consideration when purchasing server hardware because it will determine what hardware you want to choose, as well, you can check to see if there have been any compatibility issues so you can avoid them entirely. Keep in mind that while Microsoft used to rely heavily on a hardware compatibility list in identifying which equipment was known to be compatible with their various operating systems, the comprehensive reference is now called the Windows Catalog.
If you are not compatible, you must check to see if you have enough hardware in your system to support the NOS. The NOS will require a very specific recommendation. Make sure that you meet this recommendation and exceed it based on a true estimation of your current and future workload. This would require that a baseline of system performance be done so that you know. Since it's impossible to test a system you are planning to buy, this is why there are minimum requirements also tied into the add ons that you will run, such as if you were to install an e-mail system on one of your servers – this of course would mean that you would need 'more' disk space, CPU power, Memory and so on to run the new service. All this must be taken into consideration before you plan your server farm. Windows Server 2003's specific requirements are listed in the Reference and Links section of this article.
Driver and BIOS Updates
Now that you have installed hardware that is compatible, you must update it. Update your BIOS, your hardware (such as SCSI controller cards), and all your hardware you have installed on the Server. Once these devices are installed and running properly on your server, it should be no problem to download any other necessary drivers and install them (or update them). Just be careful when downloading and verify your source so as not to download a Trojan or some other form of malware.
Make sure that you update everything that can be updated. When conducting an installation, the technician should always use the latest drivers for the system's devices and again if this is a system already in use, make sure that you test the drivers first on another system before you do the upgrade. You may update the Video drivers and then not be able to access the system because you can't see the console anymore.
Make sure that you match all your hardware. I suggest always using a vendor when buying a server; home built PCs can serve a purpose, but they usually lack many of the hardware enhancements that a server class system will bring you. In any case, if you go with a vendor, try to make a partnership with that vendor and try to keep all your hardware updated. For instance, when planning a server, hard drive controllers must be matched properly with the types of drives they support. The SCSI host adapter or the IDE/ATA controller normally interfaces between the system and the hard disk drives. ATA controllers are designed to work with IDE drives and SCSI controllers are designed to work with SCSI drives. This is how they are laid out and they usually do not mix well, problems usually occur.
Checking and Verifying Power
Make sure that you plan your power requirements very carefully. When working in the enterprise, it's always easy to overlook what is always there… power. You must have power, always. There is no way you can survive without it so you have to plan for it. If power goes away, then the Server turns off. It's that easy. There are also varying levels of 'losing power'. You can have sags, surges, spikes and so on. Power variations can be the source of many server problems and power fluctuations are common. This should pretty much tell you that you really should use some form of power protection on your systems – too many surges to a power supply in your server may render the system dead when you least expect it. Some variations can cause the computers to shut down and reboot, causing loss of data not saved to disk or worse, leave your system unrecoverable. There are articles in the Reference and Links section of this article that help you plan for recovering from that happening.
The power in a new server farm room should be tested extensively, thoroughly, completely and reengineered if needed before any computer equipment is installed. As well, an electrician should be contracted to do the job, one with experience testing systems to their faults. The AC voltage level should be tested and monitored to determine whether it is stable under no load conditions. In the United States the AC voltage level should be 120 volts. In Europe the AC voltage level is 230 volts. Check your country for your specifics and ensure that you apply the same rule. The ground connections of the power system should also be checked for continuity back to the facility's main ground connection and ensure that it's a true ground. These are some guidelines and tips you can follow, but in sum, make sure that your server farm is placed in power protected environment. You can use a surge protector, but this is not recommended. I personally wouldn't even use one on my home PC. Most surge protectors are made so that if they take a surge, they pop, but break in a way so that the power strip can still be used although there is no more protection. Since I don't get an email from my surge protector telling me it has been tripped, I don't know and therefore the next surge that comes may damage my PC.
As well, some that are even more high tech still allow failure. Surge protectors will not protect the computer from small surges, which are very dangerous to computer equipment. They will only protect it from very large spikes in power, and may fail to cut power fast enough to protect the electronic system. An Uninterruptible Power Supplies (UPS) will provide surge protection and supply power in an emergency (such as a complete loss of power) - It will also be there for you in emergencies to prevent data loss when the power goes out, data in memory, etc will be protected.
Uninterruptible Power Supplies (UPS)
In the typical Uninterruptible Power Supply (UPS), operation is very simple. Power comes in and power goes out. Servers are all connected to the UPS and the UPS is plugged into the wall. The UPS will supply power to the Servers, the UPS will receive power from the commercial power source. Now, if the UPS has been tested and is operational, charged and ready – if you unplug the UPS from the wall, then the servers should all stay running because the battery inside the UPS is maintaining power to the servers. Albeit, only for a short time, but they are still running. Running long enough for the automated shutdown process you can configure on some UPS system to take place – or, to shut down manually. Either way, the server (and its data) is safe from power hazards. This type of UPS is simply a battery backup system that will keep the system running and permit the system to shutdown normally in case of a power failure. This type of UPS serves only one purpose: to stop the loss of data if there were a major power failure to take place.
If there are blackouts where the power goes out for extended periods of time, a backup generator will be needed to keep power running to your server systems. If you do not have a backup generator, you are only going to be able to survive for as long as you have UPS battery life and that is not meant to be long. A UPS system is meant to 'protect', whereas a backup generator is meant to be able to sustain the load of the network and its systems during a continuous power outage. Many are operated on gasoline or diesel fuel so it's very easy to get and use. Of course, enterprise systems will have much larger (and much more complex) generation systems (like a Hospital for instance).
That wraps up our two part article on Server Farm Planning. I hope that this served you well and helped to alert you to things that you may want to consider when planning your server farm. Please use the following articles to help in your planning as well.
Links and Reference Material
Planning your Server Farm (Part 1)
High Availability Planning
Planning for High Availability: Attempt to Eliminate Downtime
Planning for High Availability: Disaster Recovery Planning
Security Posture Assessment
Threats and your Assets – What is really at Risk?
How to Plan for a Possible Network Attack
Windows Server Specific
Windows Server 2003 Disaster Recovery Planning (Part 1)
Windows Server 2003 Disaster Recovery Planning (Part 2)
Windows 2000 and 2003 DMZ Design
Deploy Windows Server 2003: Considerations for Planning Network Bandwidth
Microsoft Windows Sever 2003 Deployment Kit (includes many resources to help plan)
Deploy Server 2003: Job Aids (downloadable workbooks)
Hardware Compatibility List
System Requirements (Windows Server 2003)
American Power Conversion