Burned by Eschewing Best Practices
-
Scott Alan Miller
Pure Capsaicin
Scott Alan Miller May 27, 2017 at 9:18 AMNiagara Technology Group (NTG) is an IT service provider.
cavemanager wrote: Not that big but we are a financial institution and there were several servers running various applications over the last 7 years. We also have a virtual environment so I am including like 3 hosts and a SAN. I am working to eliminate old servers by virtualizing them. So, why the hell do I want to buy a physical server for Exchange? I got talked into it by my VAR.. but now I've changed my mind and am going to make sure we just virtualize the thing. + expand
That VAR is an outright crook. There is no condition where he should have thought it was even possible to get away with claiming a physical Exchange server was acceptable. He's WELL into "you could sue him" territory here for claiming to have IT knowledge. And three hosts with a SAN is not an option, that's an inverted pyramid of doom and there is no condition under which a SAN can be paired with just three hosts, or even four. At five, there are rare conditions where reliability is a low priority where it can happen, but it is an edge case. But at three, anyone who even whispered the word SAN should have been marched out of the building and banned from ever talking to you again.
I'm dead serious. Even if you don't purse legal action, distance yourself from that VAR immediately. He's not just a bad friend, he is outright your enemy and taking outrageous advantage of your company.
-
Scott Alan Miller May 27, 2017 at 9:20 AM
Niagara Technology Group (NTG) is an IT service provider.
cavemanager wrote: That article looks like it's pertaining to Dell's Equallogic arrays, which would be those big SAN racks. My whole question in the OP was about RAID volumes on Dell PowerEdge servers. I should have clarified... unless, somehow, they are both ultimately the same thing? Also, funny enough, we actually did just get a new Dell SAN (which Dell support has referred to as an "Equallogic device", yet according to the support tech who set it up, it is actually in JBOD with parity. + expand
That your VAR did it in your server instead of a SAN is neither here nor there. What he did was unthinkable and unprofessional. Even as a VAR, intentionally sabotaging clients to make a quick buck isn't legal. Should you know better than to have a salesman doing your IT for you, yes. But that doesn't excuse him going out of his way to leverage that to do damage, either.
-
cavemanager May 27, 2017 at 9:35 AM
Scott Alan Miller wrote: You need to rethink your "techs". JBOD means no parity is possible. Once it has parity, it can't be JBOD. The purpose of the world JBOD is to clarify that it can't have parity or mirroring. Also, why do you have a SAN at all? Same crooked salesman/VAR looking to make a quick buck? http://www.smbitjournal.com/2011/07/never-get-advice-from-a-reseller-or-vendor/ http://www.smbitjournal.com/2016/06/buyers-and-sellers-agents-in-it/ You need to rethink how your business interacts with sales organizations. + expand
ugh.. this whole post is getting out of hand and I'm probably just going to delete it. Before I do, we have a SAN because we've had a virtual environment since I started. We are growing that and ditching physical servers. Our tech that deployed the SAN was issue directly from Dell and when I asked him how the drives were configured, he said JBOD with two disks for parity. I had also understood that JBOD did not involve parity at all, so I was confused. Anyway, I just NOW looked at the configuration and it's actually a RAID10.. which is HILARIOUS to me because when we were setting it up, I was actually asking about the RAID settings because I specifically wanted to set it up in a RAID 10.... omfg.. the people I work with...
-
Scott Alan Miller May 27, 2017 at 9:40 AM
Niagara Technology Group (NTG) is an IT service provider.
cavemanager wrote: ugh.. this whole post is getting out of hand and I'm probably just going to delete it. Before I do, we have a SAN because we've had a virtual environment since I started. We are growing that and ditching physical servers. Our tech that deployed the SAN was issue directly from Dell and when I asked him how the drives were configured.... + expand
Dell is FAMOUS for doing this. This is EXACTLY what should have been avoided. I never claimed that YOU did it, but there was never a case where this was okay to do. Dell has taken a lot of flak for their salespeople taken advantage of customers to make quick money on SAN sales in this way and is literally the most famous vendor for doing this. If you hope to get "free advice" from their sales team - they sell the same bad solution every time because they know that if you are asking a salesman for IT advice, that you are just looking to get sold something you don't need. It's so bad that we tell everyone that is going to talk to them what they are going to try to screw them with before they talk - and they do it EVERY time.
That it is Dell proves the point, it is not a defense as you are imagining. I've been that tech working for Dell. They are just random local people that they call last minute. They aren't Dell staff, they are not Dell trained and they just install what they are told to install. But any SAN coming in an inverted pyramid like this is just a salesman who was your predecessor coming from a mile away and figured it'd be too long before anyone caught on that he'd have his commission and be gone. And it worked.
-
Scott Alan Miller May 27, 2017 at 9:42 AM
Niagara Technology Group (NTG) is an IT service provider.
cavemanager wrote: ugh.. this whole post is getting out of hand and I'm probably just going to delete it.
Why? Why would all this advice SO much more important than what you had intended to talk about, be "out of hand" and why would you delete it (that's VERY bad forum etiquette.) We are trying to help you and you've exposed that you really, really need help not just in a small technical matter but on a larger scale. You desperately need business and IT oversight because right now sales people are screwing your company left and right. No one is stepping up and providing the IT oversight of the sales people. There is no IT, only sales people and buyers.
It's not that you need to rethink IT, it's rethinking the business engagement of salespeople across the board.
-
Scott Alan Miller May 27, 2017 at 9:44 AM
Niagara Technology Group (NTG) is an IT service provider.
cavemanager wrote: omfg.. the people I work with...
That's why you might want to take this thread to the CEO. I'm serious, engage someone at the top. Express REAL concerns. This isn't just a question of technical stuff or making money, this is a question of ethics. As someone that audits companies for this kind of stuff, these are the signs that you have someone in a senior position that is not doing their job and hiding behind sales people. It's a common tactic to make big salaries while not doing the job that they are hired to do. I'm talking about your CIO most likely. Someone is selling out the company and likely making a pretty penny doing it.
That doesn't imply that there are vendor kickbacks, but once someone is stealing their salary from the company, what's a kickback or two?
-
Scott Alan Miller
This is an industry standard problem in the SMB space and you'll see it all over this community, too. People who hide behind IT titles but don't actually do any IT work or act as the IT person / role but instead of "IT buyers" and just "buy IT" from vendors. But since they don't act in an IT role, they don't play the part of protecting their companies from predatory sales people and since "sales is free" and "expertise is expensive" to avoid budget concerns they go to sales people and get the "IT for free" and instead just get sold products that they claim that they need.
It's a really effective way to get paid as an IT pro, but do, quite literally, nothing. No need for any skills at all, no need to keep up, no need to even work. Sales people are always happy to do this "work" for free - but of course the only thing that they do is sell you things that you don't need because that's their actual job that they are paid to do. One hour of IT consulting would have protected your institution from all of these issues, that's all it takes. But lacking ALL IT oversight, someone just let a sales organization into the company to "rape and pillage" at will.
Think of IT like the castle guards. They are paid to protect the business. But in a case like this, it looks like the senior guard either decided doing his job was too much effort or got slipped some gold in a bag and literally opened the gates to let the known attackers in to have at the undefended castle. But the guards keep reporting to the king that all is well and the people stealing are not to be worried about.
Does that make sense? At some point, someone is making money and the IT protection isn't happening. These are literally the textbook examples of how this happens. If you look at SW, there are literally thousands (I really mean that) threads about how this exact scenario should never happen, and how VARs and vendors will take advantage of it, and how Dell does this specifically, etc. It could not fit the predicted scenario more. And the articles I linked, they are years old but fit your scenario exactly. There is a reason for that. This is the pattern that we look for for these kinds of problems.
-
I felt that we should grab all of that as the OP was threatening to delete it as it exposed his boss the CTO and his relationships with resellers; but it was such a good example of how one senior manager trying to get away without doing his job can sabotage a company.
-
We all totally understand that YOU are not the one at fault here. You have a boss that doesn't know what he is doing (or worse, that's the really scary part) and you are new to the company and IT in general. But you are in a position now to do something about it. Is it worth making waves? It is worth exposing what we assume must be a form of corruption (pretending to be a CTO level and not even being a viable entry level tech and getting paid to screw the company is a form of corruption here and appears to be the best case scenario?) Only you can know that. But I've worked in financials where, if I was in your position, I would be required by my social contract with the company to take this information to the CEO. That does NOT mean that you make claims of corruption, theft, ineptitude or impropriety. That's not how it works. YOU take this thread, print it out and say "look Mr. CEO, I had this conversation and a casual oversight of our organization left a large number of IT pros looking at us as having some very visible problems ranging from technical incompetence to outright fraud and inappropriate / unethical reliance on sales people at vendors to do the work that we are tasked with doing internally to protect the company. I'm new to IT and I'm new here, but they thought that I should pass this on to you, unfiltered, so that you could decide if they were right, wrong or if you even care either way. My job is only to bring it to your attention, not to pass judgment on it. So here it is, do with it what you will."That's all that YOU need to do. Then, whatever. but use this as a learning experience for yourself. You need to KNOW that your CTO isn't qualified to work for me as an intern and if I was a CEO (and I am) he's be fired and I'd seriously consider legal charges based off of the things you've said here. From a purely business, non-technical standpoint, he should be fired for the relationships he's build on impropriety. On a technical level, he should be fired for having allowed such obvious abuses of the company that anyone even moderately technical should have seen. No matter what his technical OR business levels, he should have protected the firm from what has happened thus far. And this is likely just the tip of the iceberg. Every little thing you've mentioned here is atrocious. Imagine what less obvious things are going on if this is what they were willing to do with full visibility!
-
Has a physical backup server, that after being updated with new firmware and drivers was bricked. OP was able to get the system restored and functional after several hours working with Dell.
-
I'm still trying to determine if this is a physical installation or not, but he is being burned because he doesn't provide relevant information to resolve the issue.
I'm also guessing at the size, he doesn't have a second domain controller.
-
@DustinB3403 said in Burned by Eschewing Best Practices:
Has a physical backup server, that after being updated with new firmware and drivers was bricked. OP was able to get the system restored and functional after several hours working with Dell.
This write-up doesn't indicate what whas Eschewed here?
-
@Dashrender said in Burned by Eschewing Best Practices:
@DustinB3403 said in Burned by Eschewing Best Practices:
Has a physical backup server, that after being updated with new firmware and drivers was bricked. OP was able to get the system restored and functional after several hours working with Dell.
This write-up doesn't indicate what whas Eschewed here?
Having a backup system that is physical in nature, without have another backup.
He had no backup for his backup, blindly updated his only backup system, and bricked it. So it does indicate what was eschewed. He failed to backup his backup.
-
@DustinB3403 said in Burned by Eschewing Best Practices:
@Dashrender said in Burned by Eschewing Best Practices:
@DustinB3403 said in Burned by Eschewing Best Practices:
Has a physical backup server, that after being updated with new firmware and drivers was bricked. OP was able to get the system restored and functional after several hours working with Dell.
This write-up doesn't indicate what whas Eschewed here?
Having a backup system that is physical in nature, without have another backup.
He had no backup for his backup, blindly updated his only backup system, and bricked it. So it does indicate what was eschewed. He failed to backup his backup.
WHAT? Sure it's good to have 3 copies of your data, but having only 2 is acceptable.
-
@DustinB3403 said in Burned by Eschewing Best Practices:
@Dashrender said in Burned by Eschewing Best Practices:
@DustinB3403 said in Burned by Eschewing Best Practices:
Has a physical backup server, that after being updated with new firmware and drivers was bricked. OP was able to get the system restored and functional after several hours working with Dell.
This write-up doesn't indicate what whas Eschewed here?
Having a backup system that is physical in nature, without have another backup.
He had no backup for his backup, blindly updated his only backup system, and bricked it. So it does indicate what was eschewed. He failed to backup his backup.
I know the 3-2-1 method is preferred and best practice. But bricking his backup system doesn't really matter. It's a backup of a production system. Restore the software and take fresh backups of your production environment.
-
@Dashrender said in Burned by Eschewing Best Practices:
@DustinB3403 said in Burned by Eschewing Best Practices:
@Dashrender said in Burned by Eschewing Best Practices:
@DustinB3403 said in Burned by Eschewing Best Practices:
Has a physical backup server, that after being updated with new firmware and drivers was bricked. OP was able to get the system restored and functional after several hours working with Dell.
This write-up doesn't indicate what whas Eschewed here?
Having a backup system that is physical in nature, without have another backup.
He had no backup for his backup, blindly updated his only backup system, and bricked it. So it does indicate what was eschewed. He failed to backup his backup.
WHAT? Sure it's good to have 3 copies of your data, but having only 2 is acceptable.
No, 3-2-1
Production system, onsite backup, offsite backup.
-
@coliver said in Burned by Eschewing Best Practices:
@DustinB3403 said in Burned by Eschewing Best Practices:
@Dashrender said in Burned by Eschewing Best Practices:
@DustinB3403 said in Burned by Eschewing Best Practices:
Has a physical backup server, that after being updated with new firmware and drivers was bricked. OP was able to get the system restored and functional after several hours working with Dell.
This write-up doesn't indicate what whas Eschewed here?
Having a backup system that is physical in nature, without have another backup.
He had no backup for his backup, blindly updated his only backup system, and bricked it. So it does indicate what was eschewed. He failed to backup his backup.
I know the 3-2-1 method is preferred and best practice. But bricking his backup system doesn't really matter. It's a backup of a production system. Restore the software and take fresh backups of your production environment.
That is what I recommended, but the complaint was it woudl take forever (IIRC . . )
-
@DustinB3403 said in Burned by Eschewing Best Practices:
@coliver said in Burned by Eschewing Best Practices:
@DustinB3403 said in Burned by Eschewing Best Practices:
@Dashrender said in Burned by Eschewing Best Practices:
@DustinB3403 said in Burned by Eschewing Best Practices:
Has a physical backup server, that after being updated with new firmware and drivers was bricked. OP was able to get the system restored and functional after several hours working with Dell.
This write-up doesn't indicate what whas Eschewed here?
Having a backup system that is physical in nature, without have another backup.
He had no backup for his backup, blindly updated his only backup system, and bricked it. So it does indicate what was eschewed. He failed to backup his backup.
I know the 3-2-1 method is preferred and best practice. But bricking his backup system doesn't really matter. It's a backup of a production system. Restore the software and take fresh backups of your production environment.
That is what I recommended, but the complaint was it woudl take forever (IIRC . . )
It takes to long to make backups? Wut?
-
@coliver said in Burned by Eschewing Best Practices:
@DustinB3403 said in Burned by Eschewing Best Practices:
@coliver said in Burned by Eschewing Best Practices:
@DustinB3403 said in Burned by Eschewing Best Practices:
@Dashrender said in Burned by Eschewing Best Practices:
@DustinB3403 said in Burned by Eschewing Best Practices:
Has a physical backup server, that after being updated with new firmware and drivers was bricked. OP was able to get the system restored and functional after several hours working with Dell.
This write-up doesn't indicate what whas Eschewed here?
Having a backup system that is physical in nature, without have another backup.
He had no backup for his backup, blindly updated his only backup system, and bricked it. So it does indicate what was eschewed. He failed to backup his backup.
I know the 3-2-1 method is preferred and best practice. But bricking his backup system doesn't really matter. It's a backup of a production system. Restore the software and take fresh backups of your production environment.
That is what I recommended, but the complaint was it woudl take forever (IIRC . . )
It takes to long to make backups? Wut?
10/100 here
-
The bigger take away here. This was a backup system that was on a physical server not on a hypervisor. So he couldn't take a snap of the system prior to upgrading it. Always virtualize your infrastructure.