HONORABLE MENTIONS Large Business
Vlad Friedman,
CEO, Edge Web Hosting
vlad@edgewebhosting.net, http://www.edgeweb hosting.net
Edge Web Hosting (EWH) provides managed application-and Webhosting services for midsized and enterprise corporations that require 100 percent uptime and hosts hundreds of servers for 20,000-plus domains. As you might expect, staying abreast of Internet security threats is a top priority and a never-ending job for CEO Vlad Friedman and his IT staff. "We take all the usual steps that a high-end infrastructure would.... We have antivirus software and firewalls. You hope that the antivirus software makers can keep up with the threats, but unfortunately, they can't," Vlad says.
Because of the company's 100-percent-uptime requirement, IT needs to ensure that it can restore downed systems quickly when a system is corrupted or disabled by a virus or worm. Several months ago, an Internet worm that actually disabled virus-scanning software was rapidly propagating across the Internet and threatened EWH's network of servers, which run a mix of OSs including Windows Server 2003 and Windows 2000 Server. "The only way to prevent our systems from being infected was to install the Windows 2000 [Service Pack 4] SP4 rollup, which had been released a few days prior," Vlad says. EWH quickly applied the service pack to the affected systems, but because the worm was spreading so fast, the company didn't have time to follow its usual procedure of applying a service pack on a test system and working out any problems before rolling it out on production machines.
Not surprisingly, installing the patches caused some of EWH's servers to crash, which could have been dire for the company and its customers. "As we started installing [the service pack] on our servers, we found an incompatibility with the new SCSI driver used in the rollup with probably about 20 of our systems. On the first system that crashed, we tried running the [Windows recovery] tools to perform the repair on the OS, which took about 4 hours."
EWH couldn't afford even 1 hour more of downtime, let alone 4 hours per server, and Vlad had to quickly find another way to repair the damaged servers. "We had just bought Winternals' ERD Commander and had recently used it to handle another issue," says Vlad. So the EWH IT staff ran ERD Commander, first using the product's Hotfix Uninstall feature to roll back the service pack upgrade and determine which file was causing the systems to crash. Next, they replaced the new SCSI driver with an older version on the downed servers and rebooted them successfully.
Sometimes creative IT solutions come from quick thinking and using the best tools for the job. Neither EWH nor its customers could have tolerated hours of downtime. By using ERD Commander, EWH averted a potential business catastrophe and cut downtime from hours to minutes, recovering the other 19 systems in about 5 minutes each.
Valerie Wampler,
Enterprise Messaging and Infrastructure Branch/EMIB, Infrastructure Lead, National Institutes of Health (NIH)
wamplerv@mail.nih.gov
Valerie Wampler plays a key role in overseeing an extensive network for NIH, a major U.S. diseaseresearch facility. Because NIH comprises many research sites and supports researchers at thousands of institutions worldwide, many scientists who aren't NIH employees need to access the NIH network. Additionally, NIH's far-flung sites have different local network administrators who support their own domains and directories. Valerie faced the dual challenge of granting network access to non-NIH researchers and keeping up with numerous configuration changes. "NIH needed a way to support a very distributed network of individuals and sites while maintaining security and a high level of access to central databases and applications," she says.
NIH took three main steps to improve network security and performance and reduce the impact of configuration changes remote network administrators made. First, the network administration team responsible for AD established a root domain and forest for all of NIH and standardized on one destination for data repositories and research. Second, the team deployed two software products, NetPro DirectoryAnalyzer and NetPro Directory-Troubleshooter, to monitor system performance in real time and more quickly identify and resolve AD problems. Finally, NIH deployed NetPro DirectoryLockdown to support monitoring the AD configuration for unauthorized changes and to protect the network against Denial of Service (DoS) attacks, security breaches, and reliability and service interruptions.
The combination of establishing a centralized AD structure and repository locationand using third-party products to monitor AD problems and configuration changes has greatly improved the efficiency of NIH's IT staff and researchers' access to applications and data, Valerie says. IT staff "spends far less time on troubleshooting and data restoration. Scientists at remote locations have consistent access to applications, and all researchers now make better use of the knowledge base and data repositories within NIH." Valerie gauges that the overall cost savings from the solution amount to $2,028,846. "Now that [NIH] realizes the time savings resulting from more standardization and consistency in [AD], we regret not having deployed some kind of standardization earlier," she says.
)
)
Register
Chet December 08, 2005 (Article Rating: