The recent introduction of government restrictions and social distancing measures as a result of the COVID-19 pandemic is very likely to have had an impact on your ability to effectively manage your datacentres and branch or edge server rooms.
With that in mind, we’ve created a list of ten simple suggestions for remotely managing these facilities to help you keep on top of things, even when faced with the unexpected.
Many of our customers already follow some or all of these practices, lockdown or not, since less time in server rooms equates to better operational efficiencies and savings on overheads.
1. Server service processor
Most servers now come with a service processor, a piece of hardware that sits on the server motherboard that allows administrators to update and manage systems, even when the server is turned off. The ability to turn the power off and on, use a remote virtual KVM and virtual USB, or a CDROM reduces the need to be at the physical console.
Most converged systems, backup storage appliances, and security appliances often use a standard server chassis from a manufacturer such as Dell or SuperMicro which will have a service processor that can be enabled. Most manufacturers will have their own version of a service processor, which is often a chargeable extra, albeit the cost is usually modest. Interestingly, HPE users may be pleased to know they are currently offering an Integrated Lights Out (iLO) Advanced Trial License free until the end of 2020.
If you only change one thing during lockdown, make sure it’s this one.
2. KVM over IP
For servers that have no service processor, or when it is not economical to license hundreds of servers, KVM over IP is a good alternative. Many provide serial connectivity to allow switches, routers, PBXs, and more to be controlled at the BIOS or root level.
3. Out of band
Most remote solutions need Transmission Control Protocol/Internet Protocol (TCP/IP) routing to be working in order to connect. If a bad firmware update has bricked your core switch or firewall, a connection will simply not be possible. The good news is that out of band solutions can give you a back door, usually using a different WAN carrier such as 4G cellular. Importantly, if your network is down but you still have power, you will be able to connect to your network console to triage the issue.
If an engineer is working alone, CCTV makes it possible to track their movements throughout the site for their own personal safety. Crucially, when more people are coming and going across your site, CCTV enables you to capture any unusual movements and act on them without delay.
Ideally, your CCTV system should be IP-based and offer the option for remote viewing. The Power over Ethernet (PoE) switches that power the cameras and the recorder appliance or NAS should also all run from uninterruptable power supply (UPS) power, ensuring you’re able to capture and avoid any potentially disruptive events.
Cloud-based CCTV solutions are emerging that take some of the headache of this away. Take a look at our eBook on Cisco Meraki CCTV for more insight.
5. Intelligent PDU
Sometimes, for such applications as building facilities maintenance, you need to power down, and later, power up the whole server room. A power down typically needs to be done in an exact sequence.
Intelligent power distribution units (PDUs) allow you to remotely control the power that is allocated to each individual power socket. This is ideal for devices that do not have a service processor or a virtual power-up function.
6. Intelligent UPS
Many uninterruptable power supply units now come with remote or cloud-connected management that allows you to monitor your UPS online, anytime, anywhere, using any device with an Internet connection. The majority of UPSs can accept basic monitoring sensors like temperature, but for a broader range it is often better to use dedicated rack and room monitoring appliances. Sizing your UPS for the maximum runtime you can accommodate also means you gain the reassurance of extra time when getting an electrician or engineer to site takes longer than planned.
7. Rack and room monitoring
As previously discussed, dedicated rack and room monitoring appliances accept a wide range of environmental sensors, including temperature, humidity, water leak, air pressure, and CCTV or webcam support. The CCTV functionality will never be as comprehensive and feature-rich as a dedicated CCTV solution but is ideal for many situations.
If you have several racks and sites, adding DCIM software allows you to have visibility and control over your entire organisation. You can even integrate some DCIM power controls with ITSM tools such as Service Now, giving you the ability to add ITIL Change Control over when the power of key systems is disrupted, and by whom.
8. Backup tape autoloaders
If you require backup to tape for legal, regulatory compliance, or to mitigate your cyberattack airgap, look at how often you are changing tapes and where this is happening.
If you are following the best practice of a 3-2-1 backup strategy you will want one copy of the data to always be offsite. If you have multiple sites, consider placing your tape autoloader at a remote site and use D2D2T with dedupe. The final tape copy will already be offsite and with enough slots in your autoloader you may not need to physically change a tape ever again, or at least not for a while.
If your compliance requires that the tapes are ejected and vaulted, consider placing the tape library at a co-lo facility, with a “remote-hands” service.
9. Mechanical helping hands
Sometimes you just need a second pair of hands. Consider renting or buying a mechanical server lifter. For installing firewalls, switches, patch boxes and other smaller devices that do not have their own rails, a third hand is all you need. The Patchbox Setup tool in particular is great for this. It can either be used facing into the rack to help fit the device or facing outwards as an ad hoc laptop shelf.
10. Think outside of the box
Fewer individual components means fewer individual hardware and software parts from different manufacturers to have to manage. Converged and hyperconverged systems can drastically reduce your IT footprint. Do you even need a branch office server room when the Lenovo SE350 edge server has Wi-Fi and 4G WAN connectivity built in and can be mounted almost anywhere? Try to look at things differently, and be radical in your thinking.
Lessons that extend beyond lockdown
Clearly, some of these measures can only be implemented after lockdown has relaxed but it is never too soon to start planning for change. Servium is here to help discuss any of these topics and can provide demos for some of the key technologies highlighted in this blog.
If you would like to arrange a demo with us, or learn more about how you can better manage your server room, please get in touch.
You may also be interested in
As easy as ATP – which Microsoft protection product do I need?
With several different variants of Microsoft Advanced Threat Protection (ATP) available on the market, knowing which one is the right option for your business can be tricky. We break each one down to help you identify which is the best fit for you.