Network / System Tech Thread

[RobH]

We started a cool topic in another thread and I wanted to bring it over here.

We were basically talking corporate computer upgrades. When the current software / hardware can't keep up with the times, you have to swap it out. The company I work for is too cheap to buy 50 desktops and 40 laptops all at once. We, therefore, have to buy them a few at a time. When you do that you get a different computer every time you buy a new PC. This sucks when you have to whipe out the system and start your own template setup from scratch. Anyway, this is kinda where we were.

Originally posted by Çh®i§tiªñ
and as the I.T. Vice President of one of the largest tele-servicing corporations in the world, achieving consistent hardware platforms and taking advantage of forthcoming technology, it becomes a futile effort! Just think, I could have upgraded all the P.C.'s in the Buffalo office (AGAIN!) for a mere $ 340,000 (and maintain fluidity of hardware). The flip-side of that was to invest in the latest MS Server technology, convert our existing workstations to RDP clients, have twice the performance of ANY workstation and be able to deploy server resource and applications faster than any other method available for the low low low price of $ 180,000. You decide!

I was thinking about terminal services. I could use one terminal server per office. I could then strip down each computer in the office to a barebones OS + terminal services client. It would have to startup automatically so they can't access the real PC. Then I could lock down access to the terminal services machine and hence it would never get boogered up. This would allow me to deploy applications and updates in a snap. But I'd have to have the com ports mapped back to the physical ports on the real desktop. I don't think terminal services does that.

If it does what you say, I think, I need to find out what RDP is.

You have one location with many computers. I have many locations with few computers (less that 5 typically). That can complicate most solutions because WAN connections are slow.

Buying a new computer everytime one of the old ones no longer cuts the mustard sucks. I would guess that 80% of my time here is spent erasing hard drives, installing the OS, drivers & software, making images on CD, etc, etc. I never have time for the long term projects that just sit here and pile up.

Any tech heads out there have a solution to ease the workload?

-Rob

 

[WoodiE]

I know how to double click the mouse - thats about it when it comes to computers. :\

-Michael

 

[mcvickj]

I kind of know the idea behind Terminal Services but does it really breath new life in older machines? Do you need a speedy LAN/WAN connection for terminal services to really be effective? Do you have to purchase 50 copies of OfficeXP or can you purchase just one license for the terminal server? How well does a terminal server play with Netware?

Where I work we are strictly a Linux/BSD house. We also have one Netware 6 box for user file storage. We also have an NT4.0 server that we received from the Gates Foundation along with a lab.

EDIT: What is RDP?

 

[Error401]

Rob, if you're gonna go the terminal server route, why upgrade the PC's on the client side? I know this is gonna soud goofy, but I know a network admin that used donated 486's that were running win 3.11 with the TS client. They would boot up and log into the term server and look like they were running win 2K. I saw it. That's a bit extreme, but it can be done.

Also, it's a pain to get the system to let you use the local drives (ie floppy and cdrom) when you're logged into the server. And don't forget about LAN bandwidth useage. I can elaborate on my experience these if you want, but not right now.

Whitt....

 

[RobH]

terminal services is a possible alternative to upgrading the clients. being able to use old machines would be the main draw for terminal services

in order to do it right, i think linux would be the best client platform. The video driver would be the only thing to change from client to client. doesn't that company citrix or whatever make a *nix client?

yeah it gets really sticky with the local access to the floppy, cdrom, etc. What about a CD burner? that surely wouldn't work over terminal services. Unless they are making network CDRs now. It would be cool though. have the cdr someplace on the network and if you want to use it, just walk up and pop a cd in. You could do the same thing with a floppy drive and com ports. I'm just talking out of my ass though cause I dont' know if those technologies exist.

The network would have to be beffy. You'd need a good switch on one end and gigabit network cards attached to your servers on the other end. The CPU / mememory on the server would have to be pretty insane too.

Terminal services would be a sweet way to go. As the times change, you could upgrade to a new version of the terminal services server (assuming you can still run the client)

On the licenses, I know Microsoft has a special terminal services license agreement you can buy for many of their products. It's typically cheaper that way. You currently have to buy terminal services license for win2k on the machines that connect to the server.

 

[Çh®i§tiªñ]

The RDP client was free for us. I will find out why (prob the version we used) so there was nothing additional on the client side. We used 98 since all the registry hacks we needed were readily available. The servers are running Pro. We also purchased licenses that are server based so we do not have to worry about the number of clients. Love the choices there.

What do you need to map serial ports for? Precisely. Then I may be able to lend some input.

Local drive mappings do not work in a 98/2kPro/RDP environment properly. But for us, that worked out well. I dont want them using them to begin with. Any devices that require use are shared as a network resource. And yes, it does work. From printers, burners and scanners to I.R. scanners, barcode scanner etc. Some of them are just input devices and can be used in-line with a keyboard, therefore require no additional drivers to make the hardware work. Just the application to use it.

You can lock down the workstations pretty good. Helping to prevent people from trashing apps etc. Same with Internet access then at that point. I gave all the users only a handful of sites to access. Thats it! (again was easier to manage since I only have to key in the firewall entries for the TermServers - 6 of them)

Bandwidth was minimal. I have WinTerm's on some desktops now and as p.c.'s die, this is what I replace them with. You can buy a couple flavors today. Think of a P.C. anywhere remote host session. Thats all you need the terminal to do is draw the screen to its output device. Sounds easy, but hopefully you dont have a majority of the users on a 17 inch monitor and have to have a couple on a 15. The resolution can be a bear to get assigned to each individual.

Now mind you, we use RDP client by MS. There are better ones out. Citrix Gold is the first that comes to mind. If you need it to accommodate the needs that RDP will not meet, then get it. I think the cost is somewhere around 110$ per seat if memory serves me right. I just dont want you thinking that RDP is the ONNLY way to go because it is not. Its the entry level way to go. And inexpensive.

What are you using for WAN connections? Are all the data servers at the same location? Keeping the core components in one location will make your setup that much faster. Since you could put in a GB backbones for your servers and a 100mb connect for your terminals. Then you get into network teaming resources such as the Nic's.

Ill tell you what, I have 3 MCSE's working for me that work on this on a daily basis. One of them would be able to help you plan what you will need to migrate over. All I will need is a brief network overview (we use Visio) of what is current and what you would like. No I.P. addresses or anything, just servers, stations, printers, shared hardware, routers, hubs, switches, CSU/DSU's and Firewall. We can design it from there.

Keep in mind, the reason our network screams faster (or from a workstation point of view) is because all of the resources are now dependent on the servers, not the workstations. We are running hardware raid, GB backbone, dual/teamed NIC's on all servers, and a true cluster. I can swing resources around like a porn star!

For those of you who come to Buffalo, I will setup an 'open-house' for Sunday the 10th if anyone is interested. You can come in and see everything from the cluster to our HP Superdome, OC98, SonnetRing and Digital Telco System (Aviya). And everything else.... Woodie seen it, and its changed even more since them. FM200 firesupression system, LongTerm Generator and DigitalSecurityRecording equipment are 3 projects I'm on now.

All the while I also run the production side of the business. Dang!

Anyhow, if you are interested, let me know.

 

[mcvickj]

I would love to see your setup Christian. You have an OC98 connection? What does your company do that requires that kind of bandwidth?

 

[Çh®i§tiªñ]

We provide the Telco backbone to multiple sites. The buffalo site alone uses 33 T-1's for voice. We have 2 DS3 multiplexers in-house just for voice alone.

Sitel (www.sitel.com) is our parent company. We are a tele-servicing company. For instance, when you call on-star, its our company you talk to. We also do technical support for companies like HP and IBM. My division is the 'Collections' divsion, otherwise known as accounts receivables managment team. So its all phones all the time.

Here is a link to summarize my division:
http://www.sitel.com/enu/RiskManagement.stm

 

[Error401]

Originally posted by Çh®i§tiªñ

You can lock down the workstations pretty good. Helping to prevent people from trashing apps etc. Same with Internet access then at that point. I gave all the users only a handful of sites to access. Thats it! (again was easier to manage since I only have to key in the firewall entries for the TermServers - 6 of them)

That's just plain mean Chris. Only site accessable being google.com, and everything else filtered. lol, I like that one.

The rest of what you described sent me into a drooling fit.

And, I bet that setup rocks for LAN partys.

 

[Çh®i§tiªñ]

Well I just ran GB switched traffic to my office along with a couple other guys that work for me. Needless to say, Tribes, Quake and anything else will run MUCH better. My goal, 0% lag! lol

Whenever we do huge implementations, whether it be telco, database or server, we usually spend the whole night eating pizza and playing on the LAN.

Like I said, you guys are more than welcome to pop in the office when you are in town.

 

[robriguez]

Hey Chris, i'd really be interested in hearing more about your Generator backup system/plans.

We run a small Windows 2000 and NT4 Terminal Services server farm (5 to be exact) to access seperate databases being hosted on about 15 inhouse database servers. All databases are accessed over the net 24hrs/day 7 days/week through 4 T1 lines by users all over the world. Thanks to RDP were typically only running 50-60% on each of the 4 lines.

My penny wise and pound foolish company is still running each server on seperate APC UPS 1500s. We just add another UPS as we add another server. I've been leading the fight to put the entire server room on some type of generator backup system but so far they havent bitten. Were moving to our own building in the next 2 years and I want this included in the plans before we finalize building plans.
------------------------------------------------------------------------------------

Aside from that, As Chris said, there are many many other options available to you other than a PC running RDP. Citrix makes a very very nice product (mapping drives, com ports, printers all very easy) and it uses a lot less bandwidth than RDP. We find that a typical RDP connection needs about 32K to keep things moving nicely. We have tested the ICA protocol (Citrix) and found it stable down to about 12K. One of the biggest reasons for this is that ICA only uses 9 channels (or ports) where RDP uses 64000 by default. BIG difference there. Of the 64000 channels your really only using about 100 of them. The others are there "for future use".... mainly multimedia options MS is exploring and hoping to deliver via RDP.... only problem with Citrix is that you not only have to buy NTCALs & TSCALs...but you also have to buy Citrix licenses on top of all that.

As for security, we ave found it soooo much easier to maintain and administer by making end users (monkeys behind keyboards) use what is called a WYSE Winterm (ICA&RDP) or NCD ThinClient (RDP Only). Both are netork devices (no HDD, FDD, orCDROM) with onboard video, NIC, COM, LPT, PS2, and audio ports. Depending on need, when they turn their "terminals" on it takes them directly to the applications they need to run. NOTHING ELSE. No internet, no access to HDD, no nothing. For more adcanced users you can have them autolog into a desktop with only the apps you wish to authorize. We now have over half our users on these "windows terminals" and it has made my life a dream.

Chris.....how the hell did you get licensing for free on 9x machines????? 2000Pro & XP Pro boxes come with integrated TS licenses so you dont have to buy anything additional for those. but the 9Xs only get a 90 day temp license I thought.

 

[DarthRacer]

Man, you guys get to play with all the cool toys.

My day consists of remotely logging onto Sun Enterprise 250s and 450s with exceed. Yay. Remote support roles get boring fast.
I've learned all there is to learn in my current position. I need toys man! I need to play with the technology!! That is how I learn, buy doing.

Chris, are those clients WinCE boxes?
I've installed a small network of boxes like that at a mortgage office in Rochester once. They only needed internet, email, and client access. Sweet setup. Low TCO, low smount of support needed.