Slashdot Mirror
Best IT-infrastructure For a Small Company?
DiniZuli writes "I've been employed by a small NGO to remake their entire IT-infrastructure from scratch. It's a small company with 20 employees.
I would like to ask the /.-crowd what worked out best for you and why? I came up with a small list:
Are there any must have books on building the IT infrastructure?
New desktops: should it be laptops (with dockingstations), regular desktop machines or thin clients? A special brand?
Servers: We need a server for authentication and user management. We also need an internal media server (we have thousands of big image and video files, and the archive grows bigger every year). Finally we would like to have our web server in house. Which hardware is good? Which setup, software and OS'es have worked the best for you?
Since we are remaking everything, this list is not exhaustive, so feel free to comment on anything important not on the list."
Can someone else please make the first post for me?
Media server? How about S3. Web server? How about EC2. Seriously, why spend time and $ on procuring, powering, cooling, backing up, and upgrading all that gear? Give everyone a laptop and a gmail account. Put the rest in a public cloud.
Maybe that's indeed what he should do since he already doesn't know enough to do it himself, have other people do everything.
If you want to completely abdicate responsability for it all than that's the way to go.
Then you can concentrate full time on keeping your internet connection working because you'll be screwed without it
I tend to shy away from using laptops (even with docking stations and such) for primary machines. I'd go with regular desktops. The costs of upkeep and such will be more predictable that way. I don't prefer any one brand over another, but I typically tell my clients to stay away from Dells (because of all the issues with capacitors on motherboards over the last several years). My clients tend to go local, even if it costs a tad more, and those that do tend to be happier with their purchases.
Earn a % of cash back from Newegg, Tiger Direct, Walmart.com, and more: http://www.mrrebates.com?refid=458505
Media server? How about S3. Web server? How about EC2. Seriously, why spend time and $ on procuring, powering, cooling, backing up, and upgrading all that gear? Give everyone a laptop and a gmail account. Put the rest in a public cloud.
Kinda like instead of hiring an IT guy to redesign the infrastructure, you can just post the question to /.
And the CLOUD is so in right now. Everyone is using the CLOUD. Just say "CLOUD" and you'll be swamped with job offers. Women will be... ok never mind.
Yup, agreed. You could have your webserver in-house. You'll need a safe room to lock it away in, ideally with some aircon, maybe a halon fire suppression system. Plus an UPS, obviously. And you'll probably want to hire another cupboard, with the same systems, a few hundred miles away, for an off-site backup. Oh, and make sure your ISP provides you with a sufficiently fast uplink.
Alternatively, pay someone $50-$500 dollars a year for the same. It's a no-brainer unless you've got some really, really pressing reason.
Please consider this account deleted, I just can't be bothered with the spam anymore.
Keep the whole thing simple, the next person who comes in will thank you for it. Don't introduce any weird convoluted things into the system and make sure to make it so that the whole system is modular, easily upgradeable, and when the time comes and they need to expand that it's expansion friendly.
The way most people work today, that's the case whether the server is in your building or not.
It's hard to believe that's how Micronians are made. Why don't we see it right now by having you both kiss one another?
For servers: Use Supermicro-based servers with LSI hardware RAID cards. Run CentOS with SMB so that you can get domain support in place for the Windows workstations, but avoid having to pay obnoxious per-seat/per-connection licensing ON TOP OF server licensing as you would have to do with Microsoft's solutions. If you need a full feature alternative to Exchange, check out Scalix or Zimbra (both are very inexpensive compared to Exchange) and run either one on CentOS. For backups, I've become partial to just writing bash scripts to back up to external drives. Get three or more external hard drives and rotate through them day by day. If Windows is required for your server, I would recommend the same hardware, but be aware that the total costs are much, much higher when you factor in Server+client access licensing + groupware solution + realtime antivirus (annual subscription) + email gateway antivirus (annual subscription unless you want to wrestle with perl to get ASSP running on 64-bit Windows) = your new server is incredibly expensive. Another problem with Windows licensing is eventually Microsoft will pull the plug on client access licenses for your installed version, which means that you will be forced into an OS upgrade if the current OS would otherwise be perfectly adequate for your purposes.
For workstations: to decrease total cost of ownership (the pain of maintenance. If you are not married to Windows, consider using Macintoshes instead. Mac Minis offer pretty decent performance and take up a lot desk estate than PCs of comparable quality, plus you can also run Windows and Linux on Mac hardware if you need to. Why OS X? You can escape the insanity of malware/virus/trojan horse breakouts, maintenance is a heck of a lot easier, and backup and restore is far easier on a Mac than it is on Windows.
For laptops if maximum reliability and desktop-like performance are the priority: I would recommend Macbook Pro, or if you want real mobile workstations and if the budget allows it, Dell Precision M6500. I have a Dell Precision M6400 and it's great- they cram a desktop chipset into the laptop form factor and performance is excellent, plus if I enable all the power saving features I can still manage to get 3-4 hours of use on a charge (about an hour if I turn off power management for max performance). The M6500 is far better than my M6400 performance-wise as it uses Core i5/i7 processors and a newer generation nVidia chipset. If portability is a concern I would still go with the Dell Precision line, but the M4500. If budget is a concern and rules out the precisions, some of the Latitudes are pretty good as well, but I would stay far away from any of Dell's other laptop lines as the other lines are not built nearly as well (their netbooks are okay though).
The Christian Right is Neither (Christian nor right). See: Matthew 23, Matthew 25, Ezekiel 16:48-50
First off is keep it simple. The simpler the better. This is not an enterprise, they don't have a lot of people to call on for support. So don't build anything complex.
I probably wouldn't bother with central authentication unless there's a reason, just do it per computer. Ask yourself what it gains you to have. If the answer is just "simpler administration" then don't use it. 20 computers is not a problem to administer without it, particularly since not everyone logs in to all computers. However the central servers are a point of failure, a place for problems.
Also have someone else host all your servers unless a file server is needed. There are plenty of good server hosts out there. For the web, depends on what you want. Pair is a top notch web host I used for many years. Top flight quality in every regard. Hostgator is who I use now to save some money and I'm perfectly satisfied. It works well, is reasonably fast, and they don't bitch that I do like 100GB of traffic a month.
For an internal file server, something simple and reliable. A computer with RAID-5 or RAID-10. Make sure to do offsite backups. An easy option for that is Acronis Trueimage. Great backup program and they will do network backups for a fee. It can encrypt the backup so no security issues. If their service is too expensive, use the software to backup to external HDDs and lock them in a safe or something.
Thin clients: You must be joking. Don't do thin clients unless you understand it well and are willing out lay out a lot of cash to make it reliable. Remember that if a desktop crashes, gets corrupted, whatever one person can't work. If the tin client server goes down EVERYONE can't work. There are some situation where they make sense. If you aren't experienced enough to know when don't use them (yours isn't one BTW).
As for computers, get something from a major supplier. Dell or Lenovo are my recommendations. They don't have an in house IT department they can't really be faffing about with repairs. Get them from someone that'll do onsite service and get a nice long warranty (unless you are sure they'll be replaced sooner). Make sure that there is a company out there that backs up the hardware that people can just call to have shit fixed.
Desktops vs laptops depends on the usage. If the intent is that these are used in the office, then desktops. They are cheaper to purchase, cheaper to find repairs for out of warranty, and harder for someone to walk off with. Don't get a laptop unless there's a real need to get a laptop. If people are going to be walking around with them for work reasons then fine, though it still might be good to have a desktops as well in case they forget their laptops at home or lose them or something.
For OSes, depends on your needs. I'd say Windows unless you have a reason not to. Yes, yes I know MS evil and MS tax and all that jazz. Forget all that. These computers are tools to get a job done, the users don't care past that. Get them the best tools for the job. That will probably mean Windows for running MS Office, and for working with media since Linux tends to fall down in that department. Only do Linux if you are sure it will meet their needs (and by sure I mean you've tested it) and they can get the support they need.
In general I'd stay away from Macs. They cost more per unit, and they are not good with business support. Their idea of support is generally "Take the system to a store, we'll look at it and get it back to you." Fine for a consumer, not for a business. For a business you want "I call you and a tech shows up tomorrow with all the parts to fix it." Only go with Macs if you have a real reason and if you can't think of one, then you don't have one.
Remember to keep pragmatism in mind above all else. Get people the tools that do the job they need. That is all computers are to non computer people is tools. You are just being asked about expensive hammers or saws or the like. Your job is to figure out what they need, what will do the job the best, what can be th
Ask Slashdot: Why do your job when you can ask others to do it for you?
Why indeed?What reasonable motivation could he have to poll a well-established base of computer experts for advise? Could it be that an infrastructure is a hard thing to get perfectly right? Maybe up-front decisions made right will negate hours of work and wasted productivity down the line? Remember those security and infrastructure failings we've been so critical about all these years? Those clueless IT guys who screwed up royally and condemned employees and management to countless hardships? Maybe he doesn't want to end up in that position... maybe he wants to do things right?
That lazy bastard!
I did exactly this when building out my recent company. Google mail service is fairly good, but hosted exchange is far better in terms of operating like a normal company with blackberries, etc. We outsource our web serving also. We basically have a fileserver and a pair of ADS boxes for inside services, and a redundant Internet connection.
A year spent in artificial intelligence is enough to make one believe in God.
I get the whole "he should do his job thing," but I'd agrue that he is. His job is to improve/develop that company's infrastructure. It doesn't matter that he doesn't have ALL the knowledge in his brain to do this from scratch. He's researching using the tools he has avaiable and one of those tools is the knowledge base at slashdot. Except unfortunately it seems everytime someone asks the slashdot "community" for help with anything. They immediately get thrown under the bus for asking the question in the first place. So much for the "community" and helping colleagues in the field.
Do my job for me?
"I've been hired by a small NGO. They have about 20 employees. I do not yet know enough about what I have been hired to do, so I am turning to Slashdot. Please, do my job for me and help me look good."
No. but that's only because I'm not afraid of other people's opinions. I actually like trying to see things from others' point of view. It makes me better at my job.
Crumb's Corollary: Never bring a knife to a bun fight.
Great idea, except:
1) S3 performance is poor. You've got to pay a LOT for performance.
2) Non-hardware (administration) costs are still going to be the same.
3) Cloud services are dependent upon connectivity. Which do you trust more: no link failure in thousands of miles of cables, fiber, and networking equipment, -or- the volatility of your local network and attached storage systems? You will need at least 2Mbit of low-latency throughput for something like this.
4) You will need redundant outside-network links. This may not even be possible in his locale, and if it is, there's no guarantee something upstream won't die (and in many places, the certainty of something failing upstream is fairly high due to shared carrier).
5) Are connections of sufficient throughput and latency even locally available? There's no mention of things like: mail use, type of work performed, etc. What if they do CAD work? What if they do a lot of email with attached documents? Graphic or sound work? These are use cases which are horrible for cloud computing.
That's just a starter list. It's suitable for some purposes, but for most day-in and day-out stuff, it is not good as a primary source of IT infrastructure.
For general purpose daily cloud computing, S3 isn't even a good/best option.
As for the OP... this guy should obviously not be in IT. The most notable thing missing from his list is: competent and experienced IT personnel. Obviously this was not considered as a requirement by those paying the bills, but it is important.
Hint: use requirements are the first thing to consider. Everything is based off of that. The vendors picked depend on experience and available purchase agreements. What I do for 90% of my customers will likely be a poor fit for many of your customers. And so on.
Fucking amateurs. They make us MSPs look bad.
~/ssh slashdot.org ssh: connect to host slashdot.org port 22: too many beers
Agreed. Laptops only when needed. Do people need to be mobile during the day, moving from place to place taking their computer with them? At a 20 person company having one person visit the office of the person with the computer in question does not seem prohibitive. Taking your computer to meetings and such, vastly overrated and usually a distraction.
...
If you like the idea of people taking their work home do you accept the increased costs of lost and stolen laptops and the decreased lifespan that frequent travel brings? Is your data secured on an encrypted volume? Even if IT creates an encrypted volume are users actually using it rather than saving files to the unencrypted desktop? Have you planned training to address this sort of issue?
When traveling overseas these lost/stolen concerns magnify. Furthermore is there anything on the laptop that your country does not allow to be exported or anything that the visited country does not allow to be imported? Perhaps even that state-of-the-art encryption software you normally use has export/import issues. Not to mention the "personal" folders where porn was downloaded. Have you planned training to address these issues? Even when a laptop is clean customs may hang on to it for some reason, its fully within their power to do so. Will having a person lose their day-to-day computer be an issue?
When a person takes work home are they on the clock? Do you live in a jurisdiction where unpaid overtime is becoming more and more of an issue even with salaried people? You may be setting your company up for an unpaid overtime lawsuit once someone becomes unhappy and quits. I've seen it happen. I've seen companies in California switch all their engineers and lower level of management from salary to hourly due to this sort of thing.
The list goes on
Laptops can be great and they can be required while traveling. Perhaps have a few than can be checked out on rare occasions when people *must* work at home or travel. Have them copy only what they need for that day or trip, and wipe the laptop when returned.
With very few specific exceptions, I would never put my business "on the cloud".
GMail? Nothing wrong with that... as long as you don't mind all your internal memos being examined by data-mining software.
S3? Cool. Let's just put the video about our upcoming IPO on somebody else's servers, where others can have access to it.
EC2? Yep. All of your financial reports and graphs will look just great coming from somebody else's data store.
Okay, so I'm being a bit sarcastic. But not much. I wouldn't care much if it weren't for the fact that we know they actually do mine data.
Baloney. Use SME Server or Zentyal. I run a nearly identical organisation and my headaches have been significantly reduced since we stopped relying on Windows servers.
And to all those who derided the OP for asking others to do his job for him: This is why you ask others' opinions: because sometimes what you think you know isn't always true.
Crumb's Corollary: Never bring a knife to a bun fight.
OK, seriously, I've done a couple dozen of these 10 to 50 user installations. Half the time is spent at the beginning to determine what the customer needs and wants, and what the budgeting will be. Things invariably cost a lot more than the customer anticipated so your goal is to manage expectations. If you don't do that, your life will either become a living hell (if you will be providing long-term support) or you will leave behind an unhappy customer.
Some of the basic things that were not considered when customers brought me on:
Are there remote employees? Will they need VPN access? What platforms are they using to connect? Can you verify that the endpoints are secure?
What is the anticipated volume of mail? In this day, it's often much cheaper to outsource to Google for smaller installations, but in some cases it makes a lot of sense to keep in-house.
When hosting your own web server how much downtime is acceptable? Do you need 24/7 uptime or will you have maintenance windows? What if your primary site burns to the ground? Do you have the floor space and adequate cooling? How much traffic is anticipated at the beginning of the project? How much do you expect to grow?
What applications do you need in-house? Accounting packages? Company intranet? Database? How will you separate your LAN for security purposes? Do you take credit cards as part of business?
What infrastructure applications do you need? Can you afford downtime on these? How many ports/switches do you need? Wireless? Separate backup LAN? OOB management for your servers?
Before you even start pricing hardware, find out what your customer needs and wants and willing to pay for.
Why indeed?What reasonable motivation could he have to poll a well-established base of computer experts for advise?
Maybe they should just hire one of these "computer experts" who knows the answer instead of someone who can't even seem to use Google?
Seriously, they're paying him to get the job done. If he doesn't know how to find this information for himself and make an informed decision, he should not have accepted the job in the first place.
Let someone who has the requisite knowledge have the job (or contract) and get the job done using well established procedure and expertise.
Even if he does know, he should come to the table with options and ideas and ask (say, on a forum) for some expert opinions about specific products (or at least brand names/vendors!) This shows that you have at least done some homework.
Why spend twice as much as you need to? If you're halfway competent at your job, you will have Linux machines (definitely not MS if you want to manage cost). Open Office for your basic office work (regardless of whether the individual workstations are Windows or Linux). MySQL or PostgreSQL controlling your database(s). Apache as your web server. Today, this is all simple, cheap to implement, there is plenty of support FREELY available (unlike Dell or Oracle or any company that uses MS-based solutions), and it all works, just fine.
These days, bloated Microsoft solutions, Oracle, long-term service contracts, etc. are just plain foolish, unless you have lots of money to just toss around.
For 20 people, you only need 1 good server for all your internal needs, unless it's a software development house and the server gets hit heavily. 20 people? No need for video streaming. Just link to the video file.
Of course for serving web pages OUTWARD, to the public, you should have a separate server. That's another matter and has as much to do with security as anything else. But it can still be set up with Apache, which is relatively simple and is the most used server software in the world. Yes, even counting Microsoft.
This is a public forum, we're all volunteers here.
Personally, I'm okay with the occasional "Help me with best practices" post. I wouldn't want to read that stuff all the time, but it adds to the mix, when taken in small measures. Keeps me in touch with developments outside my immediate interests. Sometimes generates lively debate. Maybe helps other readers in the process, benefits the general welfare.
If you want to blame anyone, blame Slashdot editors for publishing this kind of thing.
-kgj
I hear people throwing around "Linux + Openoffice" as if you can just walk in one day and announce to the legal and finance departments, "Good news! We're turning your world upside down" and make it happen. Having tried OpenOffice in a few places (didnt have MSOffice available at the time), and the employees gave it a shot. Checking in with them a few weeks later, looks like they went out and got MSOffice. When asked why, they said, no lie, "OpenOffice sucks. Its hard to use, and its ugly".
/.. We dont know what this guys company does, or if they have other vendors that provide web interfaces requiring IE-- they DO exist, and you DONT want to have to explain why the entire network needs to be redone on week3 because you knew better than those stupid backwards vendors and now they cant run payroll in the morning.
And tbqh having used Calc, I tend to agree-- Calc really is no replacement for Excel for serious usage (though I use it for my once-a-week time accounting). There are times to avoid MS, but I would be INCREDIBLY cautious about thinking you can install Linux+OOO everywhere and have everyone be OK with it. You may find your solution replaced just as quickly as you are.
And lets keep in mind this is ask
Except SME Server has issues with Win 7.
Fixed in 8.0. I'm running it right now.
Great way to start off with headaches. Not to mention how unstable the product and company are.
Yeah, only 11 years of solid, steady progress. Best to wait another decade or so before it's ready, huh?
I wouldn't want to place a bet on that pony, even if it was someone else's money.
I did and I do. I work in the developing world, where the cost of failure is measured in people's livelihoods - and occasionally their lives. Even $1000 dollars can keep a family going for months. Getting basic infrastructure working matters a lot here, so I don't recommend things lightly.
SME Server was first used in production after the desolation of East Timor by the Indonesians. Dili, the capital, had been ruined. 80% of the existing infrastructure was damaged or destroyed. Oxfam Australia needed some way to keep their office running, and they chose the SME Server. It ran 3 offices, connecting them and managing their email using tiny bandwidth volumes and with NO local IT support.
Here in the developing country where I work, reliability and robustness matter. I've seen SME Servers left untended for periods as long as 18 months without incident. I don't base my recommendations on purest speculation. I actually profile things.
Crumb's Corollary: Never bring a knife to a bun fight.
far better in terms of operating like a normal company with blackberries, etc.
How Smartphone Users See Each Other
His question begs more questions -- do his employees travel? Do they stream video? Do they do heavy processing? What OSes do their applications run best on? Can you virtualize OSes or will that overhead affect the heavy-duty nature of the applications? Do you have the know-how to build your own central authentication service using LDAP, Kerberos, etc? Or would you better served with an Active Directory? And would it make more sense to pay for Cloud-based AD from Microsoft rather than maintaining in-house servers? How much people-power do you have for IT?
You just have to know the right questions to ask, then your infrastructure defines itself.
You make a great point. If I am hiring someone to achieve a goal for me, the absolute last thing I want them to do is research the possibilities and find out what experiences and approaches others have taken in the past. I want someone like the people posting in this sub-thread. I want the kind of person who knows that research and due diligence are a complete waste of time. I mean what is there to know? Just do it, and worry about what "it" is, and whether the approach was a good idea later, after you've done the first 90% and it is time to do the other 90%.
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun