Embed Size (px)
Citation preview
T. 212.812.9450 www.traxitech.com
Traxi Technologies, LLCCopyrighted 2007. All Rights Reserved .
474 Seventh Avenue, NY, NY 10018
Traxi Technologies, LLCIT Infrastructure Stack
PG. 1
WWW.TRAXITECH.COMWWW.TRAXITECH.COMAbout Traxi Technologies
• Traxi Technologies was founded in 2000.• We are a Managed Services provider, as such, we use a
managed services platform to deliver reliable, cost effective and consistent service.
• We have a focus on healthcare, servicing organizations such as Morris Heights, Urban Health Plans, Odyssey House.
• We are Microsoft Gold Certified, focusing on Infrastructure, VoIP and Unified Communications.
PG. 2
WWW.TRAXITECH.COMWWW.TRAXITECH.COMPresentation Overview
• The Information Technology (IT) Infrastructure Stack refers to all the technology components, when taken as a whole, represent a single platform. All components of the IT Infrastructure Stack should be tightly integrated together to yield an easy to manage, highly reliable, scalable and secure computing environment. Once the stack is in place, adding applications and new technologies, such as Practice Management, EMR, VoIP, will be seamless.
• This presentation may educate, but it may also provide a baseline to help you determine how effectively your organization has/is planning on deploying technology.
PG. 3
WWW.TRAXITECH.COMWWW.TRAXITECH.COMThe IT Infrastructure Stack
• Be very selective when choosing technology and vendors. Mistakes can be crippling, waste time and money.
• Make sure all technology and vendors can interoperate.• Have a strategy. Formulate a 3-4 year plan and ensure your infrastructure
can scale to meet your growth.• Don’t consume all at once, add as you go.• All technology vendors are offering an alternative service model where
you pay a monthly fee for the services you use as opposed to owning outright.
• Always keep your warranty up to date so you can upgrade key components of your infrastructure and have access to vendor support.
• Don’t reinvent the wheel, learn from each other, repeat successes, avoid mistakes.
PG. 4
WWW.TRAXITECH.COMWWW.TRAXITECH.COMComponents of the Stack
• WAN• Edge Security (firewalls)• LAN (network switches)• Servers• Desktops• Anti-virus• Messaging/Unified Communications• Storage• VoIP• Backup• Disaster Recovery/Business Continuity• Monitoring• Help Desk
PG. 5
WWW.TRAXITECH.COMWWW.TRAXITECH.COMWAN (Wide Area Network)
Technology Uses NotesDial Up Out of band
managementNo longer used in production
Frame Relay Internet connectivity, Internet VPN for WAN, point to point for Wan, separate circuit for voice
Decreasing adoption
MPLS (Multi Protocol Layer Switching)
Internet, WAN, Voice through same connection
Significant adoption
Metro Ethernet Direct Ethernet Handoff EmergingCarriers Verizon, Paetec, AT&T,
Broadview, Level 3, others
Be careful when selecting your carrier, cheapest is not best!
PG. 6
WWW.TRAXITECH.COMWWW.TRAXITECH.COMEdge Security
• A firewall should be in place at each location.• Internet traffic can flow from each location or be routed
through a single location.• Edge device should do content filtering (spam, virus,
content control).• Third parties should be used to filter email before it
arrives at your site (Microsoft Hosted Exchange, SpamSoap, Postini). These provides can also store and forward email, while allowing access to email, while the site is down (more on this under DR/BC).
• Edge security can be managed by your provider, or internally. Solution includes equipment and proactive monitoring.
• Hardware manufacturers include Sonicwall, Cisco, Juniper, Checkpoint as well as others.
PG. 7
WWW.TRAXITECH.COMWWW.TRAXITECH.COMLAN (Local Area Network)
• LAN switches provide Ethernet network to desktops and now phones.• Design considerations should include backbone core and redundancy of
core. End points connect to edge switches, which then uplink to the core.• Consider 10/100 switches for end points and 10/100/1000 switches for
servers. Backbone (uplink) speeds should be even higher. • If VoIP is being considered, LAN switches should support Power Over
Ethernet (POE).• LAN switches should be setup to support VLAN’s and QoS depending on
the size of the organization and applications running.• LAN switches should be constantly monitored for anomalies on the network.• Cisco and HP are top tier, Netgear is cost-effective, but doesn’t offer the
same reliability. HP Procurve switches with lifetime warranty, offer the most value relative to price.
PG. 8
WWW.TRAXITECH.COMWWW.TRAXITECH.COMServers
• Standardize on one manufacturer.• Ensure warranty is kept up to date.• Always procure servers with BIOS level remote control (such as Dell
DRAC’s).• Multihome server NIC’s to multiple gigabit switches, Multihome power
supplies to multiple UPS’.• If you are running a Windows network across multiple sites, deploy remote
Windows servers at each location (Domain Controller, DHCP, Distributed Files, DNS, other support services). This will ensure processing is closest to the end user and won’t have to traverse the Wan.
• Servers should be constantly monitored.• Ensure a patch management/maintenance strategy is in place.• Now is a good time to purchase Microsoft’s Software Assurance with each
license because new release is coming out in less than 2 years.
PG. 9
WWW.TRAXITECH.COMWWW.TRAXITECH.COMServers (con’t)
• Servers should be constantly imaged for Backup and DR purposes (more on this in later slide).
• As the organization grows, moving storage outside of the server onto a san/nas will yield higher reliability and performance.
• Ensure a strong Windows Architecture is in place with good Active Directory Design.
• Latest release of Windows is 2003 R2, 2008 is coming, but wait until 2009 at least to deploy.
• Linux has it’s uses, but Microsoft is neutralizing the biggest advantage –cost savings.
PG. 10
WWW.TRAXITECH.COMWWW.TRAXITECH.COMDesktops/Laptops
• Try to standardize on one manufacturer.• Desktops should be thought of as “throw away”. At anytime, a desktop
can be lost without any data loss.• Redirect all user data (my documents) to the network.• Be careful with the use of roaming profiles, use them sparingly.• A standard desktop image should be made and new desktops will have
this image deployed to it. Multiple images may need to be maintained based on functional group. If a PC becomes corrupted, simply redeploy the image instead of remediating problem (driver issue, virus, spyware, os corruption, etc). Symantec Ghost is a good imaging platform.
• “Generations” of user by user images can be taken so an image can be redeployed for a user as of a specific point in time. This adds a layer of complexity which isn’t recommended.
• Desktops should be monitored for key events, such as viruses, hardware failures, etc.
PG. 11
WWW.TRAXITECH.COMWWW.TRAXITECH.COMAnti-Virus
• Anti-virus and Anti-spyware should obviously be deployed on all desktops and servers.
• The market is changing. Symantec, for example, is consolidating all offerings under one “end point security” management platform.
• Protection should allow for protection from attack and malicious code, while simultaneously ensuring continual compliance with IT policies.
• End point security system should log and alert.• Management interface should be in place to manage the system.
PG. 12
WWW.TRAXITECH.COMWWW.TRAXITECH.COMMessaging/Unified Communications
• There are many messaging platforms on the market, ranging from POP, Notes, Microsoft Exchange. We focus on Exchange.
• Latest release of Exchange is 2007, but first major service pack has not yet been released.
• Buy Exchange through the open License program so you can purchase 2007, but have the downgrade right to install 2003, then upgrade to 2007 when you are ready.
• Exchange 2007 is role based (Client Access, Edge Transport, Hub Transport, Mailbox, Unified Messaging), each with layered security.
• Unified Messaging: Voice Messaging, Fax Messaging, Speech-Enabled Automated Attendant, Self-Service Voice Mail Support, Outlook Voice Access, Play on Phone
PG. 13
WWW.TRAXITECH.COMWWW.TRAXITECH.COMMessaging/Unified Communications
Voice Messaging System Voice mail can now be stored in the mailbox and accessed from a unified inbox in Outlook, Outlook Web Access, on a mobile device, or from a standard telephone. This unification improves employee productivity by simplifying access to the most common types of communications. It also dramatically reduces cost by removing the need for a standalone voice mail system and by taking advantage of any existing investments in Active Directory. Exchange Server 2007 Unified Messaging can be connected with a legacy private branch exchange (PBX) infrastructure through an IP gateway, or can be directly connected with certain IP PBX installations.
Fax Messaging System Faxes can now be stored in the mailbox and accessed from the user’s unified inbox in Outlook, Outlook Web Access, or their mobile device. Unified Messaging centralizes the management of inbound fax services within the Exchange infrastructure.
Speech-Enabled Automated Attendant The Attendant answers calls using an automated operator, with customizable menus (e.g. “press 1 for sales”), and global address list directory lookups (e.g. “who would you like to contact?”). Callers can interact with the Automated Attendant through touch tone menus or their voice using speech recognition.
Self-Service Voice Mail Support Using Outlook Web Access, users can request a reset of their voice mail PIN, set their voice mail greeting, record their out-of-office voice message, and specify mailbox folders to access when calling in by phone to hear e-mail messages through text-to-speech translation.
Outlook Voice Access Users can access their Exchange mailbox using a standard telephone, available anywhere. Through touch tone or speech-enabled menus, they can hear and act on their calendar, listen to e-mail messages (translated from text to speech), listen to voice mail messages, call their contacts, or call users listed in the directory.
Play on Phone Exchange Unified Messaging allows users to playback voice messages received in their Exchange inbox on a designated phone. This feature is useful when a user is in a public place and does not want to play the voice mail over their computer speakers. Play on Phone routes the voice mail to a cell phone, desk phone, or other number specified by the user.
PG. 14
WWW.TRAXITECH.COMWWW.TRAXITECH.COMStorage
• For smaller organizations, storage can reside as RAID on the servers.• Storage can also be centralized on Storage Area Networks (SANs) or
Network Attached Storage (NAS).• NAS relies on the network, but has the lowest cost.• A SAN can be implemented using either iSCSI or Fiber channel. Fiber
channel requires expensive fiber switches and host bus adapters (HBA).• A good migration path would be to start a SAN using iSCSI then migrate
into Fiber channel.• Servers would boot from the SAN, they would not require any disks. This
increases performance and reliability.• StoreVault by NetApp can scale from 1TB to 6TB. EMC, Hitachi, Xiotech,
etc manufacturer SANS with larger capacity.
PG. 15
WWW.TRAXITECH.COMWWW.TRAXITECH.COM
LegacyPBX
Legacyvoice mail
PSTN
Regional Office
Remote User
IP
ShoreGear-T1
Headquarters Office
Branch Office
VoiceApplications
Voice Applications
- voice mail- AutoAttendant- Contact Center- Management
Conference Bridge
IPShoreTel
Call Manager
IP
ShoreWareDirector
PSTN
Analog
PSTN
VoIP
• Unique distributed architecture with no single point of failure and seamless scale
• Best in class multi-site management reducing costs
• Easiest to use applications driving end user productivity
Analog
ShoreGear-T1
ShoreGear-120/24
ShoreGear-60/12
IPWAN
PG. 16
WWW.TRAXITECH.COMWWW.TRAXITECH.COMBackup/Disaster Recovery
• When thinking of Backup, Disaster Recovery and Business Continuity, there are two key factors – RPO (Recovery Point Objective), which indicates how far back you need to go in the event of a failure and RTO (Recovery Time Objective), how long it will take to recover.
• Traditionally, tapes have been used with backup software such as Veritas.• The RPO for tape is as of the last good backup. The RTO for tape is 12-72
hours.• Full system restores should be performed against the tapes, in addition to
file level restores.• Tapes are not reliable, should be considered secondary or tertiary
mechanisms for backup. Tape drives themselves have many moving parts that are prone to failure.
PG. 17
WWW.TRAXITECH.COMWWW.TRAXITECH.COMBackup/Disaster Recovery
• Every system should be imaged to a local NAS at the block level (lowest level of data stored on a hard drive). A number of snapshots should be taken throughout the day and stored on the NAS so “generations” of the data exist.
• Frame based replication of the NAS should then be sent to an offsite data center.
• In the event of a failure, the image will be sent back to the production site and the server will boot from the NAS containing the image. This will allow for “bare metal restores”.
• Other solutions, such as Double Take and XoSoft create mirror images of servers and applications so a server is available on a “hot standby” basis.
• Third party email filtering/store and forward services, such as Microsoft Hosted Exchange, Postini and Spam soap should be considered. Not only will these services filter emails, but they will store them if the primary site goes down (backup mx) and even allow users to access the emails.
PG. 18
WWW.TRAXITECH.COMWWW.TRAXITECH.COMMonitoring
• All systems should constantly be monitored for reactive events, as well as proactive actions.
• Key monitoring includes disk space, viruses, security, etc.• Event log filtering for key events.• SNMP traps of key hardware.• A console should exist so events can be cleared and status can be
checked.• Console should be monitored by a live person, can be done remotely, via
email, etc.
PG. 19
WWW.TRAXITECH.COMWWW.TRAXITECH.COMHelp Desk
• A good help desk yields outstanding end user support.• End users are the most important asset of the computing environment.• A help desk should be staffed and a trouble ticketing system should be
implemented to track issues.• User feedback (surveys) should be sought for closed tickets.• Engineers should be segregated by function. Level 1 engineers should be
the first line, Level 2 engineers will have additional skill sets and handle escalations.
PG. 20
WWW.TRAXITECH.COMWWW.TRAXITECH.COMContact Information
TRAXI Technologies, LLC
474 7th Avenue, 5th Floor
New York, NY 10018
T 212.812.9450
F 212.465.1919
WWW.TRAXITECH.COM
