Best Practices for Data Center Relocation and Migration

Article by Nilesh Rane

DC consolidation and migration journey is a rocky one with challenges such as operational disruption, etc. Mandar Kulkarni, Senior Vice President, Netmagic Solutions shares some best practices to follow for a successful DC relocation and migration project.DC migration and consolidation is an uncomfortable truth for most of these Data Center Managers or CIOs.

An optimally functioning Data Center is business critical. But chances are that your organizations data center is not adequate in some way. Either it is growing out-of-capacity, compute requirements, operationally exorbitant, outdated or simply doesn’t match up to the growth of the organization.

According to a recently published Data Center survey report, over 30% of organizations across the globe plan to migrate or expand their data centers within the next 3 years. Most DCs in India are over 5-7 years old and are not designed for power and cooling needs of today, are running out of space or performance, and their total cost of ownership is almost surpassing the growth in business revenues.

Unplanned DC relocation and migration exercise, done without help of experts run into risky waters resulting in cost issues to downtimes and business loss or complete blackout. Here are some best practices to ensure that DC migration project is successful.

Best Practices For DC Migration

Solution to mitigate challenges of DC relocation and migration is pretty simple. It is important to create a design and migration plan keeping in mind all the common pitfalls and crating contingencies for them. Some of the best practices for successful DC migration are as follows:

Start at the very beginning

Start the migration process as you would build a data center. Look at the migration exercise to ensure the new DC will have planned for at least 2 lifecycles of infrastructure.

Identify and detail the starting point

It is important to do a comprehensive review of the current DC. Identify and document your organizations technology and business requirements, priorities and processes. Then do a detailed review of the costs involved in various methods of DC migration and consolidation.

Design the migration strategy

It is important to establish business downtime, determine hardware, application and other technology requirements, and prioritize business processes. Identify at least 2 migration methodologies and create plan for both. Bring in all vendors and utility providers into the migration strategies and take them along.

Plan the layout – space planning

It is important to plan the new DC layout before you plan the migration plan. Think about white spaces, creating enough to allow for future growth – it is important to plan the space judiciously, and take help of DC architects to successfully design this part.

Plan the DC migration

Putting relocation design into action plan – detailed floor plan, responsibility chart and checklists, migration priorities, map interdependencies, etc. Take into the plan inputs from telecom and power providers, technology vendors, and specialists.

Inventory everything

Start with a detailed inventory of everything – from applications to business needs to infrastructure including each cable and device to network including every link and port. It all needs to go into a database similar to CMDB.

Create a baseline

It is critical to know the current DC performance and TCO ratings. Basically, it is important to know your DC well before migration and clear understanding of all aspects of it. Create a baseline for your DC so that it is easy to measure and tweak performance and efficiencies post migration.

Identify and create a risk management plan

Organizations should simply assume that things would go wrong and create adequate contingency plan. Detailing and drafting a fully documented risk mitigation and management plan is essential. Then assess, classify, and prioritize them for the purposes of mitigation.

Take users and business owners along

It is important to inform all users of the migration plan, from end users to support teams and business owners. The key is to plan to the last T and go through the plan to the minutest detail. Make sure to bring all the critical people to the planning events – facilities staff, project management teams, etc.

Identifying the right time for migration

It is important to select the right time for migration – such as choosing non-month-end and year-end, not coinciding with public events such as elections, festivals, etc.

Logistics arrangements

Arrangement of logistics arrangement needs some looking into – who is going to pack and number, name all equipment, who is going to move the equipment to the destination, is there a backup vehicle in case of break down, is there a need for armed guards for the transportation of equipment, etc.

Upgrading systems during the migration

Old servers, switches, and storage devices that are out of warranty or considered a risk when subjected to strains and stress of migration should be identified and considered while planning to replace with new. It is an opportunity for you to consider reducing the overall footprint through consolidation in quest to improve reliability, performance, and efficiency of your DC. It is a popular practice to use data center move to consolidate the DC through virtualization.

Do pre and post migration testing

It is important to create a baseline on infrastructure, network and applications before executing the migration plan. It is important to exactly know how things work – creating the baseline. Document and repeat the tests – a full-fledged success plan.

Rely on experience

DC relocation and migration is not a regular occurrence for any single IT professional to have substantial experience. It is highly recommended to entrust the DC relocation and migration exercise in the hands of an experienced organization who have proven capabilities.

Consider Experts

If it is only a data center move from one location to the other you should consider a reputable third party to support the move – professional IT mover who will use specialized packing materials, etc. It is recommended to use a professional DC provider with expertise in DC migration and relocation – these establishments will have proven data center relocation methodology and best practices that they can leverage for better results and success.

Contingency planning

Finally, even superior planning cannot offset unexpected failures. Contingency planning is critical even after the migration plan has taken into consideration all the common pitfalls. Planning for a failure is better than running pillar to post when it occurs.

Standby Equipment

If during transportation equipment is damaged or does not function at the destination, it amounts to delays or disruptions in setting up the new DC. It is important for the DC migration expert helping you to have standby equipment in cases such as these.


It is important for insuring all equipment in case of any major disasters occur during the whole migration process. If you are using a professional DataCenter provider, it is important to add insurance to the checklist of requirements.

Identify and Plan for External Dependencies

It is critical to identify all external dependencies such as network service providers, etc. and their availability at the destination.

In Conclusion

In today’s dynamically changing marketplace and unpredictable economic climate, it is critical that data centers facilitate current business operations as well as provide for the future growth of the business. Following the best practices will ensure success of the DC relocation and migration – a good way to prevent disaster.

link source:


relo-life-cycle6(An Actual Customer Call)
By Larry Smith, President, ABR Consulting Group, Inc.


The draft budget below is the result of an actual call by a person visiting our website.  We produced this draft budget as the result of a 5-minute phone call and not seeing the data center.  The $720,000 budget is very real for planning and relocating a large data center containing IBM mainframes and peripheral equipment.  70% of the costs are directly related to acquiring special cables and components for the IBM system, voice and data cabling of the computer room and the costs for IBM and other large vendors to relocate their own equipment.  As a comparison, planning and relocating a 4,000-6,000 sq.ft. data center containing only servers, routers, etc. would be approximately $200,000 with half the cost being for cabling, components and relocation expense.  The remainder is for planning and project management.

This draft budget was done quickly and without seeing the site.  Ultimately, it could vary either way dramatically.  We must see the site in order to provide an accurate budget.  The importance of the exercise is to get a detailed list of what items are involved in planning and relocating a data center in front of the customer.

Have a data center project on the horizon?  Need help in finalizing your project budget?  The one thing you absolutely do not want to do is come in too low (see our newsletter on this subject).  ABR can help.  We invite you to go to our contact page (Contact Us) and either send us an email or call us directly.



On Thursday, July 5, 2001, we received a call from an operations manager of a data center in the mid-west that went something like this on our voice mail:  “This is (name withheld) from (name of organization withheld) and I need to know how much its going to cost to move my data center.  Could someone from your office come out here today or tomorrow to meet with us?”

I made contact with this individual a short time later and had a very brief 5-minute conversation.  In that conversation, I learned that this individual was a manager of a large data center containing an IBM mainframe and other IBM systems.  I asked for the size of the data center and she didn’t know.  I told her that I was not able to travel immediately but I would have something for her by the next morning.  I was able to get her email ID and the conversation ended.

Equipped with vast experience in planning and relocating IBM-based data centers I made the following assumptions and prepared the draft budget below:

  1. We were recently involved with two IBM-based data centers in similar organizations (same industry) and simply estimated the size of the data center to be approximately 10,000 sq.ft. for budgeting purposes.
  2. Learning that this was a very Blue shop, we were certain that IBM Global Services was hovering around this project somewhere and that the customer probably had a quote from IBM in hand.  We think that the sticker shock prompted the management of this organization to seek alternate solutions.
  3. A project of this size and scope will need 5,000-6,000 hours to plan and manage from beginning to end.  Note that the entire 6,000 hour total is over and above the normal day-to-day workload.
  4. Of the 6,000 hour total, we would suggest 2,500 hours for outside consulting and project management resources (such as ABR).  The remaining 3,500 hours will come by increasing the workload of existing staff.


The draft budget below was emailed by 10:00am PST on the following day (Friday 6, 2001).  Two hours later, I contacted the caller to discuss the draft budget.  First, she was quite surprised that we could provide such a good estimate of her data center inventory without seeing the room and without her naming one piece of equipment in the room.  Second, her organization had indeed asked for a quote from IBM Global Services and was attempting to find a less expensive solution.  Third, from her questions and comments, our draft quote had to be much lower than what she saw from IBM.  She did not reveal IBM’s quote but we know they cannot outbid ABR given that we both bid on the same specification and given that they bid using their normal labor rates.  Our labor costs are up to $100/hr. less depending on the resource category.  Plus, our quotes include all consulting and project management to relocate every piece of IT equipment in your data center.  The key word is EVERYTHING.  Our competition excludes many items that you will find in the draft budget below.

Draft Relocation Budget

Our immediate objective was to answer her question “How much does it cost to move my data center?”  The following draft budget is very similar to what the caller saw on her email 24 hours after her initial call.  It has been modified slightly for viewing by our website visitors.


Thank you so much for contacting the ABR Consulting Group, Inc. with regards to relocating your data center. It sounds like you need to come up with something quick so let me be brief, make an enormous amount of assumptions based on our five minute phone call and provide you with a number. I’ll call you shortly and we can modify the assumptions as necessary.

Assumptions: (All of this is a pure guess based on previous experience)

1.   You have a data center that is approximately 10,000 square feet in size

  1. The following is included in your construction budget and is not needed here:
  • Building construction (including the raised floor)
  • UPS/Generator, switchgear, etc
  • Voice/data cabling for the general building (all but the data center)
  • Underfloor electrical (not final placement, however)
  • All HVAC, fire safety, security, etc.)

3.  The following is not included as part of the construction and you will need to
budget for it.

  • All voice/data cabling to equipment, racks, cabinets and remainder of computer room
  • All pre-wiring for the PBX
  • Bus & Tag cables for approx. 40 channels
  • 20 data cabinets
  • Furniture for server lab area
  • KVM systems for 80 servers
  • Planning for relocation of all IT equipment
  • Final identification of electrical receptacles and their locations
  1. Equipment – Mainframe & Peripherals
  • One 2-3 cabinet IBM 9672 RXX.     If you have an IBM 3090, we need to talk.
  • 4-6 strings of IBM (or equivalent) DASD with controllers
  • 10,000-15,000 tape cartridge systems and a tape storage area
  • 1 IBM 3745/46
  • 4-6 IBM 3274 controllers
  • 20 operating and network consoles
  • Possible IBM 9700 printer
  • Tables, chairs, bookcases, storage cabinets, etc.
  1. Equipment – Mid Frames
  • 6-8 large Sun systems, DEC 7000 with Storage Works, etc.

6.  Equipment – Servers

  • 40-60 NT servers
  • 80-100 Unix servers
  • 80 CRTs
  • 60% of these servers are in cabinets.  40% are on lab-type furniture systems
  1. Equipment – Network
  • 2-3 routers
  • 4-6 switches (Cisco 6509, 5000)
  • 4 cabinets full of modems, other comm.  Other stuff
  • 8 relay racks full of other network equipment
  1. Voice/Data Circuits
  • 60 dial-in circuits with rotor system for students, etc.
  • 15 T1 lines from other buildings and to web
  1. Workstations for Staff
  • 40 workstations for staff


In planning the budget, note that for a 12,000 to 15,000 sq.ft. data center with IBM mainframes, you will need approximately 2,500 hours of consulting and project management assistance to design all equipment layouts, produce the entire equipment migration plan and be onsite to supervise the entire migration event. Note that the labor rates that we quote below are our labor rates. IBM Global Services rates are about $180/hr.-$225/hr. You will also need to budget for components that are not normally part of the construction budget.  They are included here.

Completing the Data Center and Pre-Move Installs

Note:   This section does not include costs for new network hardware

1. Voice/data cabling for computer room (includes 12 relay racks $    45,000
2. 10 KVMs $    24,000
3. 20 new data cabinets $    44,000
4. Shelves for cabinets $      6,000
5. New bus & tag cables (plenum-rated) (includes installation) $    50,000
6. New LIC cables for 3745/46 (plenum-rated) (includes install) $    12,000
7. New ESCON cables (includes installation) $    16,000
8. New RS232 and V.35 cables (includes installation) $      8,000
9. New furniture systems for NOC, servers, etc. $    40,000
10. Power strips $      6,000
11. 3X74 Controller racks $      2,000
11. Baluns, patch cords, coax cables, etc. $      8,000
12. Additional PBX cards, components, etc. $    16,000
13. Seed modems, CSUs, etc. $    24,000
14. Contingency $    20,000
Total Components $  321,000*

*  This amount can increase dramatically if you must acquire “seed” equipment to be
be pre-installed to reduce downtime (i.e. data center must move in 12 hours but
certain operations must be online within 4-6 hours).  I do not detect a serious
need here unless you have an IBM 3495 tape system which takes 8-10 days
to relocate.

Contracted Relocation Expense

We are assuming that you are relocating to either another floor in the same building or to another building in your multi-building campus.

Note:  The costs below do not include re-configuring your fiber/copper backbone
to other buildings in your campus should you move to a different building.
We can make this estimate but we need to see the site.

1. Contracting with IBM to relocate all IBM equipment $    60,000 **
2. Contracting with other vendors to relocate the large, free-standing equipment $    18,000
3. Relocate the tape library $    10,000
4. Relocate servers, printers, CRTs, etc. in computer room $    20,000
5. Relocate staff PC workstations $      8,000
6. Mover expense $      6,000
Total Relocation Expense $  122,000 ***

**  This projected expense does not include IBM’s special equipment replacement
insurance that guarantees replacement equipment within a specified amount
of hours should your equipment be damaged during the move.

*** The relocation expense could be as low as $50,000 depending on actual inventory

Consulting and Project Management

For more detail on consulting and project management, see our article on Equipment Planning and Migration

1.  Early Project Planning and Management

Working with the architect and engineers.  Equipment layouts, drawings, equipment inventory, coordinating activities for final construction and pre-install. Includes cabling RFP.  Includes PBX inventory.

Consulting & Project Mgt 500 hrs $125/hr. $    62,500
Other Technical Labor 300 hrs $90/hr $    27,000
Sub Total Consulting & Proj. Mgt. $    89,500
  1. Equipment Migration Planning

Complete planning for the teardown, movement and reinstall of all equipment.  Includes drawings, project plan, data circuit cutovers, team meetings, vendor meetings and other activities

Consulting & Project Management 900 hrs $125/hr. $  112,500
Other Technical Labor 500 hrs $90/hr. $    45,000
Sub-Total Equip. Migration & Plan $   157,500
  1. Actual Move Events

Onsite presence to manage all technical relocation events

Consulting & Project Management 100 hrs. $125/hr. $    12,500
Other Technical Labor 200 hrs. $90/hr. $    18,000
$    30,500


Total Cost for Consulting and Project Management $   277,500

TOTAL COSTS FOR PROJECT                                 $ 720,500

This is the estimated expense that will be needed to relocate your entire data center. I’ve assumed that you have a 10,000 sq.ft. data center and lots of equipment.  We have only two exclusions:

  1. This budget does not include any expense for any type of software engineering.
  2. This budget does not include any expense for network or server “seed” equipment.
  3. This budget does not include any expense for re-engineering you copper and fiber voice/data backbone cabling system as a result of relocating to another building on your multi-building campus.

Many customers overlook two major areas of expense; (1) the cost of preparing the new computer room for the move (Customer fit-up) and, (2) the cost of the extra consulting and project management. These are huge expenses. If I have over estimated the size of your computer room and operations, this number can be reduced significantly but you won’t escape most of it.

Thank you once again for contacting the ABR Consulting Group, Inc.

IT Service Management

Service Portfolio vs Service Catalog: 5 Reasons You Should Know the Differences

At first glance, the service portfolio and service catalog almost seem like the same thing. After all, both contain details of IT services. However, there are important differences when you’re talking about service portfolio vs. service catalog.

two hammers
To the casual observer, these may look similar, but use the wrong one for the job, and the differences become obvious.

service portfolio is an overarching document used in the management of the life cycles of all services: including those no longer offered, those currently offered, and those in the pipeline. The service portfolio is more of a living historical document of service-related activities.

service catalog, on the other hand, details the currently-active IT services and may include information on those that will be deployed soon. The service catalog is an “outward facing” document for your end users.

To use an analogy, suppose you’re an architect. Your portfolio contains examples of work you have completed for your clients, work representative of what you’re doing now, and information about where you want to take your expertise in the future. If you as an architect were to create the equivalent of the “service catalog,” it would contain information about exact services you provide, how the services are performed, how long they take to complete, and how much you charge.

There are several reasons you should understand the service portfolio vs service catalog differences. Here are 5 of them.

1. To Remain Consistent with ITIL Framework

This is a matter of good corporate IT hygiene. When you bring in a new IT service manager, collaborate with another company on an IT initiative, bring in a consultant, or take on the task of creating a service catalog and portfolio, knowing the difference between the service portfolio and the service catalog keeps everyone on the same page and makes communication easier.

2. To Prioritize Your Efforts

There are varying opinions on which should come first: the service catalog or the service portfolio. The choice may depend on many factors, including how well-documented past IT services were and what your resources allow. The service catalog is a more focused document, and many people think that this is where your initial efforts should be focused, followed by use of the information in the service catalog as a springboard to creating a service portfolio. The “right” answer about which to tackle first depends on your particular organization’s priorities and resources.

3. To Know Where to Place Your “Marketing” Efforts

The service portfolio is usually an internal document that the IT help desk and management use to gain a historical overview of IT services, assess what worked and what didn’t, and try to lay out long-term plans. It doesn’t “market” services, per se. Your service catalog, however, being an outward-facing document primarily directed at end users, really is like a catalog: here is a service you may be interested in, what this service does, how it’s done, and how long you can expect it to take. It should be written with less “IT-speak” so that end-users understand and appreciate it.

4. To View ITSM Both Long Term and Short Term

Service portfolio vs. service catalog is also about long-term versus short-term. The service portfolio gives the long view and helps you determine how to play the long game, with fewer specifics. Technology changes so rapidly that trying to nail down specific future services using just the information in your service portfolio may be an exercise in futility. Your service catalog, on the other hand, is about here and now, and the near future.

5. To Prepare End Users for Upcoming Changes

Just as your local game store gives you release dates so you’ll know when to expect an anticipated product, your service catalog can tell end users: “Our social help desk app is scheduled to launch September 1” (or whatever). Service catalog users generally have less interest in long-term plans with unknown effects (like when your new data center is expected to be complete), and are more interested in finding out things like, “When does the help desk integration with Salesforce Chatter go live?” or “When will the IT help desk start using remote desktop support so I don’t have to wait for someone to show up or walk me through a fix?”

The service portfolio and service catalog are both important, living documents that make planning and delivery of IT services better. Samanage, a leading cloud IT service management software provider, gives you the tools you need for creating and managing your IT service catalog and developing a service portfolio that can help your organization map out where it’s been and where it needs to go.

Source from:

ITSM vs. ITIL: What’s the Difference?

If you’re not sure whether you need ITSM or ITIL®, then I’m pretty sure you’re asking the wrong question. It’s not an “either/or” decision. IT service management (ITSM) is what you do to manage the services you deliver to your customers, even if you don’t actually use that term. ITIL is a best practice framework for ITSM, and you should think about adopting some ideas from ITIL to help you work more effectively.

ITSM or ITIL: What's the Difference?

Here’s what you need to know about ITSM and ITIL, and how each can contribute to the success of your IT organization.

What’s the Difference?
Let’s start with a quick overview of what these terms stand for:

  • ITSM is an acronym for IT service management. It simply means how you manage the information systems that deliver value to your customers. Even if you’ve never heard the term ITSM, if you’re running IT systems, then you are doing ITSM. ITSM could include activities like planning and managing changes so they don’t cause disruption to the business, fixing things when they go wrong, or managing a budget to ensure you can pay the bills when they arrive. People who use the term ITSM tend to think of IT as a means of delivering valuable services to their customers, rather than as a way to manage technology—but even if you have a completely technical focus, your work still needs to be managed, and that’s what we call ITSM.
  • ITIL is the name of the world’s most widely recognized framework for ITSM. ITIL is a registered trademark of AXELOS, which owns a range of best practice solutions and their corresponding publications and exams. ITIL has been adopted by many organizations, and there are millions of certified ITIL practitioners worldwide.

Benefits of ITIL
It is likely that some—probably many—of the ITIL best practices would prove beneficial to your organization. Organizations that adopt ITIL often find that they:

  • Improve the alignment of IT to their business, providing services that better meet the needs of their customers.
  • Improve the quality of the IT services they deliver by understanding the required levels of availability, security, capacity, and continuity, and then planning solutions that are able to deliver these.
  • Lower the cost of delivering IT by reducing wasted effort and focusing on getting things right the first time.

You don’t have to adopt ITIL to manage your IT services effectively and efficiently, but it can certainly help. Some organizations simply create their own set of processes for running IT, and this can work. But it’s hard to develop something original that matches the years of experience that have gone into the development of the ITIL best practice framework that has now been adopted by many thousands of organizations.

Adopt and Adapt to Fit Your Needs
IT organizations that make use of ITIL decide for themselves which aspects to adopt. Many IT organizations choose to adopt only the operational processes, such as incident management and change management. On their own, these do provide some value, of course, but they are only a small part of the whole ITIL framework. However, you’ll get the best value from ITIL by taking a lifecycle approach to ITSM. This covers everything from your overall IT strategy through the design, transition, and operation of services; and it incorporates continual improvement into everything you do.

When your organization has made the decision to adopt a best practice framework, a smart strategy is to understand which approach will be a good fit for your organizational culture and to incorporate it into your own management system in a sympathetic way. I have worked with many organizations that start our relationship by telling me they tried ITIL a few years ago, but it didn’t deliver any value. When I investigate what happened, I usually discover they attempted to adopt a rigid set of processes, with no understanding of how they would fit within the culture of their organization. As a result, people would ignore the new processes—so the money spent on the project ended up being wasted. The right way to use ITIL is summarized in the phrase “adopt and adapt.” You only adopt the parts that you need, and you adapt the ideas to fit your environment rather than slavishly following the guidance.

Additional Frameworks to Explore
The smartest organizations tend to use other standards or best practice frameworks in combination with ITIL. This can be very effective as each approach brings something different to the mix. For example:

  • COBIT is a very good framework for governance, audit, and compliance. It is much stronger than ITIL in these areas, and the two work very well together.
  • Agile and DevOps help to ensure the IT organization quickly delivers new business functionality. They often conflict with ITIL because of cultural differences between the people who adopt them, but they can fit together very well if the organization understands the value provided by each.
  • Lean can be used to drive continual improvement and elimination of wasted effort. It is a great fit with ITIL continual improvement.

If you run IT services, you owe it to your customers to adopt ideas that will make you effective, efficient, and agile. So maybe it’s time you had another look at ITIL to see what it has to offer.

source from:

TOGAF™ 9 and ITIL® Two Frameworks Whitepaper


TOGAF and ITIL are both frameworks that follow a process approach. They are both based upon best practice and are supported by a large community of users. However, whereas TOGAF is focused on Enterprise Architecture, ITIL focuses on Service Management. In the years of development of these frameworks, they have described an ever-growing change of domain, from IT to business processes. In their final versions they appear to have entered into each other’s domains. In this paper we try to explain that it is not a question of whether these models describe similar processes and that one has to make a choice between them. It is more important that the people who are concerned with Service Management understand TOGAF and that Enterprise Architects understand ITIL – because in most large companies worldwide, both will be used next to each other. As most IT architects and IT Service Managers probably have more knowledge of TOGAF than ITIL, and vice versa, this white paper will help them see and understand how these two frameworks are interrelated. Maybe even more important is how the ‘other’ framework can enhance the value of your ‘own’ framework.

Although these frameworks describe areas of common interest, it is not necessarily the case that they do that from the same perspective. Basically, ITIL was developed to support Service Management and TOGAF was developed to support organizations in the development of Enterprise Architecture. The focus of ITIL is therefore on services, whereas TOGAF is focused on architecture. However, since services have become part of fast-changing organizations, the prediction of what will be needed tomorrow is of growing interest to the people that deliver these services. Conversely, architecture has changed from a rather static design discipline to an organization- encompassing discipline, and is only useful if the rest of the organization is using it to enable all developments to be aligned to each other.

Enterprise Network Monitoring – Know What Goes Into Your Spend


Organizations (large, medium, and small) are starting to recognize the hefty costs they are paying for network management tools. No doubt the tools have essential, functionality, but is it justifiable to spend so much on them? Traditional enterprise solutions, such as those from the Big 4 (HP®, IBM®, Cisco®, CA® Technologies), are typically packaged and priced so ambiguously that you often don’t realize the amount of money you’re shelling out to purchase them. IT budgets are Getting leaner so network administration teams are looking for more economical solutions. It’s definitely not resourceful to purchase “enterprise solutions” that charge you for more than what you really need.

Rightsizing Your Network Performance Management Solution: Four Case Studies

Solarwinds for DC

As networking has matured, the focus of engineering and operations has shifted from connectivity to optimization, and from availability to performance. Rising interest in understanding the broader operations picture, spanning network, servers, and applications, has also transformed the demands of management tools and technologies. In parallel, there has been no break in the long-standing mantra for doing more with less – both in terms of monetary and human resources. These shifts are prompting reevaluations of monitoring strategies and products in organizations of all sizes, but particularly in larger enterprises, where effective management can have a dramatic impact on IT’s ability to fulfill its critical business-enabling role. This ENTERPRISE MANAGEMENT ASSOCIATES® (EMA™) white paper examines the importance of finding extensible, cost-effective network performance management solutions that fit deployment needs beyond the NOC to extend value into the datacenter, and thus deliver greater Total Cost of Ownership (TCO) benefits. Included is a detailed analysis of four use case examples from organizations that have deployed SolarWinds Network Performance Monitor (NPM) to monitor and manage their production environments based on such goals and objectives

Xu hướng BYOD : Giải pháp bảo mật nào cho doanh nghiệp?

Cùng với máy tính xách tay, máy tính bảng, điện thoại thông minh đang tạo nên xu hướng BYOD (Brings Your Own Device), tạm dịch sử dụng thiết bị cá nhân giải quyết công việc. 

Đằng sau sự năng động, xu hướng BYOD đang trở thành mối nguy hại hàng đầu cho chính sách bảo mật và an toàn thông tin của bất cứ doanh nghiệp nào. Trong đó, máy tính bảng, điện thoại thông minh là những cái tên đứng đầu trong danh sách cần được “chăm sóc đặc biệt”. 

Nguy hiểm đến mức nào

Có thế nói mối nguy hại từ các thiết bị ngoại vi đã được cảnh báo từ thời USB có mặt trên thị trường. Nay, với sự xuất hiện các thiết bị di động thông minh – một dạng thiết bị ngoại vi có nhiều chức năng hơn – thì hồi chuông cảnh báo lại được gióng lên lần nữa với mức độ cấp bách hơn do sự phổ biến của các thiết bị này, nhất là điện thoại thông minh.

Trong dự án “Bẫy mật ong” ở khu vực Bắc Mỹ, Symantec đã quan sát xem những chiếc điện thoại thông minh bị mất sẽ được sử dụng vào mục đích gì.

Kết quả được công bố vào tháng 3 – 2012 của dự án này khiến không ít quan ngại. Theo đó khoảng 83% thiết bị đã cố gắng truy cập vào các ứng dụng hay dữ liệu kinh doanh; 45% thiết bị cố gắng truy cập vào hộp thư điện tử (email) của công ty,…  Điều này có thể xuất phát từ động cơ muốn liên hệ với người chủ thiết bị, và những thông tin nhạy cảm cũng có thể bị rò rỉ từ đây.

Để tăng thêm tính “hấp dẫn”, hãng Symantec đã cố tình cài đặt hai tập tin là “HR Salaries” ( Bảng lương nhân viên) và “HR Cases” (Các vụ việc cần xử lý của bộ phận nhân sự). Kết quả có tới 53% thiết bị truy nhập vào tập tin “HR Salaries” và 40% “ghé” xem “HR Cases”.Kết quả khảo sát cũng cho thấy hơn 49% thiết bị cố gắng truy cập vào ứng dụng “Remote Admin” (Quản trị từ xa).

Theo ông Alxe Ong, Giám đốc Symantec Việt Nam, dù là do thất lạc hay bị mất cắp, một thiết bị di động thông minh có thể gây ra những tổn thất cho doanh nghiệp hoặc cho cá nhân người sử dụng về dữ liệu lưu trữ cũng như những dữ liệu nằm trong các hệ thống kết nối của doanh nghiệp, hoặc các ứng dụng trên công nghệ điện toán đám mây.

“Ứng dụng thiết bị di động thông minh trong môi trường doanh nghiệp khiến cho vấn đề bảo vệ dữ liệu trở nên phức tạp hơn bởi thông tin có thể dịch chuyển thông qua các thiết bị mà không được doanh nghiệp kiểm soát hoàn toàn.”, ông Ong nói.

Về mức độ thiệt hại, theo ông Ong, tổn thất trung bình của những vụ việc liên quan đến ứng dụng di động xảy ra trong vòng 12 tháng qua (bao gồm cả việc mất mát dữ liệu, tổn hại cho thương hiệu doanh nghiệp, giảm năng suất lao động và mất niềm tin của khách hàng) là hơn 5,1 tỉ đô la Mỹ trên toàn cầu và xấp xỉ 3,2 tyỉ đồng đối với Việt Nam.

Vào cuộc 

Theo kết quả cuộc khảo sát thực trạng ứng dụng di động tại Việt Nam năm 2011 của Symantec, có hơn một nửa đơn vị tham gia khảo sát nhìn nhận rằng xu hướng BYOD là một trong ba rủi ro lớn nhất về CNTT, tuy nhiên chưa có tới nửa số đó triển khai các biện pháp an toàn và an ninh thông tin cho các thiết bị di động thông minh.

Chính vì thế, nhìn nhận về thị trường giải pháp BYOD, các hãng bảo mật tại Việt Nam cho rằng tiềm năng phát triển vẫn còn ở thì tương lai. Mặc dù vậy, các hãng vẫn giới thiệu các sản phẩm mới, giải pháp tích hợp sẵn nhằm đem lại những giá trị gia tăng cho khách hàng của mình.

Vừa qua, Symantec đã giới thiệu những giải pháp hỗ trợ doanh nghiệp trước những rủi ro mà xu hướng BYOD đem lại, bao gồm: Bảo mật cho thiết bị di động Android, Quản lý cấu hình di động, Quản lý thiết bị di động, Symantec PGP Viewer và ứng dụng Nokuna App Center.

Trong đó, phần mềm Quản lý cấu hình di động (Symantec Mobile Management for Configuration Manager) cho phép triển khai giải pháp quản lý di động (Moblie Device Management –MDM) với 3 mức độ khác nhau: giải pháp MDM độc lập, MDM kết hợp với giải pháp quản lý CNTT Altiris của Symantec hoặc tích hợp với phần mềm quản lý cấu hình của Microsoft.

Còn phần mềm Quản lý thiết bị di động ( Symantec Mobile Management) là giải pháp bảo mật e-mail cho các thiết bị Android, iOS, Window Phone… tích hợp công nghệ NitroDesk TouchDown. Ngoài ra, PGP Viewer là giải pháp hỗ trợ mã hóa e-mail từ các máy chủ sử dụng tính năng mã hóa PGP (Pretty Good Privacy – tạm dịch là những chính sách riêng tư tốt ) Universal tới các thiết bị Android, iOS.

Cuối cùng, Nokuna App Center là ứng dụng bảo vệ dữ liệu trên các thiết bị iOS với công nghệ mã hóa đã được cấp chứng nhận FIPS 140-2.

Còn đối với Kaspersky Lab, đế ứng phó với xu hướng BYOD, bên cạnh phần mềm dành cho thiết bị Android, thì  Kaspersky Endpoint Security là một giải pháp phù hợp với các doanh nghiệp vừa và nhỏ.

Theo ông Ngô Trần Vũ, Giám đốc điểu hành NTS Security, đơn vị phân phối độc quyền phần mềm Kaspersky Lab tại Việt Nam, Endpoint Security sẽ được cài ở máy chủ và máy trạm. Các thiết bị di động thông minh được xem là các thiết bị ngoại vi. Khi các thiết bị này kết nối trực tiếp hoặc truy cập thông qua mạng nội bộ công ty đến các máy con, chúng sẽ chịu sự kiểm soát chặt chẽ của máy chủ từ việc truy cập những tài nguyên nào đến việc ngắt kết nối nếu có dấu hiệu lan truyền virus.

“Kiểm soát các thiết bị ngoại vi là yêu cầu cơ bản của bất kỳ phần mềm diệt virus nào. Do đó, những khó khăn khi đối phó với xu hướng BYOD không nằm ở yếu tố công nghệ, mà ở người quản trị, vì công cụ đã có sẵn, điều cần thiết là sự linh hoạt trong các chính sách bảo mật.”, ông Vũ nói.

Lợi thế của giải pháp này là không quan tâm các thiết bị ngoại vi sử dụng hệ điều hành gì. Bên cạnh đó, với công nghệ phân tích và quan sát hành vi tấn công của virus, Endpoint Security có thể phát hiện và cách ly những tập tin có khả năng là virus. Tuy nhiên, điểm bất lợi của giải pháp này là không có khả năng quét virus từ xa, do đó mặc nhiên virus trên các thiết bị di động thông minh vẫn “sống” tốt.

Theo ông Vũ, có nhiều khả năng cuối năm nay NTS sẽ giới thiệu phiên bản Kaspersky Endpoint Security hỗ trợ mã hóa dữ liệu. Theo đó, các khách hàng đã mua Endpoint trong trong năm nay sẽ được hỗ trợ cập nhật miễn phí.

Còn Sophos, hãng bảo mật vừa mới tiếp cận thị trường Việt Nam thông qua đối tác là Công ty EXA cũng giới thiệu giải pháp bảo vệ trước xu hướng BYOD: Sophos EP2 SaaS. Ngoài các tính năng chống virus truyền thống, giải pháp này còn cho phép thiết lập các chính sách như kiểm soát ứng dụng, kiểm soát các thiết bị ngoại vi….

Theo ông Vũ Thái Hà, Giám đốc công ty EXA, thế mạnh của Sophos EP2 SaaS là phần mềm được cung cấp như dịch vụ (Software-as-a- Service) trên nền tảng điện toán đám mây, chính vì thế chi phí triển khai sẽ rất cạnh tranh đồng thời việc cài đặt, vận hành cũng dễ dàng hơn.

Theo ông Vũ Thái Hà, Giám đốc Công ty EXA, thế mạnh của Sophos EP2 SaaS là phần mềm được cung cấp như dịch vụ (Software-as-a-Service) trên nền tảng điện toán đám mây, chính vì thế chi phí triển khai sẽ rất cạnh tranh đồng thời việc cài đặt, vận hành cũng dễ dàng hơn.



Theo kết quả cuộc khảo sát mức độ phổ biến của điện thoại thông minh tại khu vực Châu Á – Thái Bình Dương mới đây, số lượng điện thoại thông minh đã vượt mặt điện thoại thông thường ở nhiều quốc gia là lãnh thổ như Singapore, Hàn Quốc, Hong Kong và Đài Loan. Tại Việt Nam, tuy 70% người tiêu dùng vẫn chủ yếu sử dụng điện thoại thông thường nhưng có đến 42% số người đó muốn chuyển sang điện thoại thông minh trong vòng 6 tháng tới. Cuộc nghiên cứu cũng chỉ ra mối liên hệ giữa việc dùng điện thoại thông minh và dùng máy tính bảng. Tại những thị trường như Trung Quốc, Thái Lan và Malaysia, gần 1/3 người dùng điện thoại thông minh sở hữu thêm máy tính bảng (lần lượt 39%, 32% và 30%).

Nguồn: Nielsen Việt Nam


Công Sang

Nguồn: Thời báo Vi tính

Các tin khác
Theo nghiên cứu về an toàn máy tính của Microsoft công bố hôm 27-2, Việt Nam có tỉ lệ nhiễm mã độc cao nhất trong khu vực Đông Nam Á.
Như đã từng dự báo cuối năm về xu hướng an ninh bảo mật trong năm nay, Symantec một lần nữa lại cảnh báo về các phần mềm tống tiền hoạt động ngày càng táo bạo hơn trong năm 2013.
Những vụ tấn công mạng ngày càng tinh vi, xảo quyệt và không hề che giấu ý đồ công phá trực diện vào những trụ cột kinh tế trọng yếu của nước Mỹ, hãng bảo mật McAfee cảnh báo.
Cuộc tấn công mới của tin tặc nhằm vào hai tên tuổi lớn của làng công nghệ, tiếp sau hàng loạt vụ xâm nhập vào các trang báo lớn ở Mỹ, một lần nữa cho thấy không công ty nào trên thế giới an toàn trước mã độc.
Sau hơn 3 năm theo dõi, Symantec vừa công bố đã hợp sức với Microsoft đánh sập cụm máy chủ kiểm soát và điều khiển (C&C Servers) được điều khiển bởi một mối đe dọa bảo mật mang tên Trojan.Bamital.

What is SDN ? Không phải chỉ một mầu hồng

Tổng kết lại vài ý về giải pháp SDN, cần cân nhắc thật kỹ trước khi đầu tư để đạt được hiệu quả như mong đợi.

SDN is a solution for
– High demand on resources
– Unpredictable traffic patterns
– Rapid network reconfiguration
– Incorporating business rules

SDN is ideal for
– Rapidly changing traffic patterns
– Large data Centers

The Cost of SDN
– Replace network infrastucture
– Reconfigure the network
– Retrain staff
– New tools